Merge branch '360482-encode-policy-names-for-url' into 'master'

Fix bug by encoding security policy URIs See merge request !86082

Merge branch '360482-encode-policy-names-for-url' into 'master'
c1cef624 · Alexander Turinske · 604c84fc · b8591e7d · c1cef624 · c1cef624
Commit c1cef624 authored 2 years ago by Alexander Turinske
--- a/ee/app/assets/javascripts/approvals/components/security_orchestration/policy_details.vue
+++ b/ee/app/assets/javascripts/approvals/components/security_orchestration/policy_details.vue
@@ -31,7 +31,9 @@ export default {
      return humanizeAction(this.policyAction);
    },
    policyEditPath() {
-      return `${this.securityPoliciesPath}/${this.policy.name}/edit?type=scan_result_policy`;
+      return `${this.securityPoliciesPath}/${encodeURIComponent(
+        this.policy.name,
+      )}/edit?type=scan_result_policy`;
    },
  },
 };

--- a/ee/app/assets/javascripts/threat_monitoring/components/policies/policies_list.vue
+++ b/ee/app/assets/javascripts/threat_monitoring/components/policies/policies_list.vue
@@ -129,7 +129,7 @@ export default {
        };
        return mergeUrlParams(
          parameters,
-          this.newPolicyPath.replace('new', `${this.selectedPolicy.name}/edit`),
+          this.newPolicyPath.replace('new', `${encodeURIComponent(this.selectedPolicy.name)}/edit`),
        );
      }


--- a/ee/spec/frontend/approvals/components/security_orchestration/policy_details_spec.js
+++ b/ee/spec/frontend/approvals/components/security_orchestration/policy_details_spec.js
@@ -8,7 +8,7 @@ describe('PolicyDetails', () => {
  let wrapper;

  const initialPolicy = {
-    name: 'test policy',
+    name: 'test policy/test approval',
    isSelected: true,
    rules: [
      {
@@ -54,7 +54,9 @@ describe('PolicyDetails', () => {
    });

    it('renders a link to policy path', () => {
-      const policyPath = 'policy/path/test policy/edit?type=scan_result_policy';
+      const policyPath = `policy/path/${encodeURIComponent(
+        initialPolicy.name,
+      )}/edit?type=scan_result_policy`;

      expect(findLink().attributes('href')).toBe(policyPath);
    });

--- a/ee/spec/frontend/threat_monitoring/components/policies/policies_list_spec.js
+++ b/ee/spec/frontend/threat_monitoring/components/policies/policies_list_spec.js
@@ -48,12 +48,11 @@ describe('PoliciesList component', () => {
        {
          propsData: {
            documentationPath: 'documentation_path',
-            newPolicyPath: '/policies/new',
          },
          provide: {
            documentationPath: 'path/to/docs',
            namespaceType: NAMESPACE_TYPES.PROJECT,
-            newPolicyPath: 'path/to/policy',
+            newPolicyPath: `${projectFullPath}/-/security/policies/new`,
            groupPath: undefined,
            projectPath: projectFullPath,
          },
@@ -219,8 +218,8 @@ describe('PoliciesList component', () => {

  describe.each`
    description         | policy                                  | policyType         | editPolicyPath
-    ${'scan execution'} | ${mockScanExecutionPoliciesResponse[0]} | ${'scanExecution'} | ${'path/to/policy?type=scan_execution_policy'}
-    ${'scan result'}    | ${mockScanResultPoliciesResponse[0]}    | ${'scanResult'}    | ${'path/to/policy?type=scan_result_policy'}
+    ${'scan execution'} | ${mockScanExecutionPoliciesResponse[0]} | ${'scanExecution'} | ${`${projectFullPath}/-/security/policies/${encodeURIComponent(mockScanExecutionPoliciesResponse[0].name)}/edit?type=scan_execution_policy`}
+    ${'scan result'}    | ${mockScanResultPoliciesResponse[0]}    | ${'scanResult'}    | ${`${projectFullPath}/-/security/policies/${encodeURIComponent(mockScanResultPoliciesResponse[0].name)}/edit?type=scan_result_policy`}
  `('given there is a $description policy selected', ({ policy, policyType, editPolicyPath }) => {
    beforeEach(() => {
      mountShallowWrapper();

--- a/ee/spec/frontend/threat_monitoring/mocks/mock_data.js
+++ b/ee/spec/frontend/threat_monitoring/mocks/mock_data.js
@@ -61,7 +61,7 @@ actions: []
 `;

 export const mockDastScanExecutionManifest = `type: scan_execution_policy
-name: Test Dast
+name: Scheduled Dast/SAST scan
 description: This policy enforces pipeline configuration to have a job with DAST scan
 enabled: false
 rules:
@@ -90,7 +90,7 @@ actions:

 export const mockDastScanExecutionObject = {
  type: 'scan_execution_policy',
-  name: 'Test Dast',
+  name: 'Scheduled Dast/SAST scan',
  description: 'This policy enforces pipeline configuration to have a job with DAST scan',
  enabled: false,
  rules: [{ type: 'pipeline', branches: ['main'] }],
@@ -218,7 +218,7 @@ export const mockNetworkPoliciesResponse = [

 export const mockScanExecutionPolicy = {
  __typename: 'ScanExecutionPolicy',
-  name: 'Scheduled DAST scan',
+  name: 'Scheduled DAST/SAST scan',
  updatedAt: new Date('2021-06-07T00:00:00.000Z'),
  yaml: mockDastScanExecutionManifest,
  enabled: true,