Skip to content

Change compliance center to use `projectPath` instead of `projectId` for project focus

Illya Klymov requested to merge xanf-swap-project-id-with-project-path into master

What does this MR do and why?

Our previous attempt of implementing project compliance center in Allow passing global project ID to compliance c... (!156281 - merged) never went live, because of permission issues (user might have access to project as owner, but not to group)

Now we are using new project graphql fields, so we need to switch from passing project id to project full path instead

Related issue: #441350 (closed)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

output

How to set up and validate locally

  • Apply this diff
diff --git a/ee/app/assets/javascripts/compliance_dashboard/compliance_dashboard_bundle.js b/ee/app/assets/javascripts/compliance_dashboard/compliance_dashboard_bundle.js
index 9a5fd46ef5f4..173e1b51796d 100644
--- a/ee/app/assets/javascripts/compliance_dashboard/compliance_dashboard_bundle.js
+++ b/ee/app/assets/javascripts/compliance_dashboard/compliance_dashboard_bundle.js
@@ -24,7 +24,7 @@ export default () => {
     adherencesCsvExportPath,
     frameworksCsvExportPath,
     groupPath,
-    projectPath,
+    projectPath = new URLSearchParams(window.location.search).get('project_path'),
     rootAncestorPath,
     rootAncestorName,
     rootAncestorComplianceCenterPath,
@@ -62,7 +62,7 @@ export default () => {
   const router = createRouter(basePath, {
     mergeCommitsCsvExportPath,
     projectPath,
-    groupPath,
+    groupPath: projectPath ? null : groupPath,
     rootAncestorPath,
     rootAncestorName,
     rootAncestorComplianceCenterPath,

This will allow to test upcoming behavior, project path will be received in HAML in future MRs

Also, you might want to seed violations for your group. You can use following snippet, ran from rails console: (do not forget to replace 29 with group you're testing)

group = Group.find_by_id(29)

type = [:approved_by_insufficient_users, :approved_by_committer, :approved_by_merge_request_author]
levels = [:high, :low, :medium, :critical]

violations = 50.times.map {
  project = group.projects.sample
  merge_request = FactoryBot.create(:merge_request, source_project: project, target_project: project, state: :merged)
  merge_request.metrics.update!(merged_at: rand(1..30).days.ago)
  FactoryBot.create(:compliance_violation, type.sample, severity_level: levels.sample, merge_request: merge_request, violating_user: project.members.sample.user)
}
  • Open compliance center for specific group (lets assume it is Commit451)
  • Observe that on tabs Standards adherence and Violations you can see entries for all projects
  • Append ?project_path=Commit451/lab-coat for example (make sure project exists)
  • Observe behavior for project:
    • for Standards adherence tab
      • only violations for selected project are shown
      • Group by does not have Projects mode
      • Filter by does not have Project token
    • for Violations tab
      • only violations for selected project are shown
      • Projects dropdown is missing

Note: non-working tabs Frameworks and Projects are intended - they will be hidden via HAML-passed configuration, when project compliance center will be presented to user

Edited by Illya Klymov

Merge request reports