occurrence_entity.rb 1.62 KB
Newer Older
1 2 3 4 5 6 7 8 9
# frozen_string_literal: true

class Vulnerabilities::OccurrenceEntity < Grape::Entity
  include RequestAwareEntity

  expose :id, :report_type, :name, :severity, :confidence
  expose :scanner, using: Vulnerabilities::ScannerEntity
  expose :identifiers, using: Vulnerabilities::IdentifierEntity
  expose :project_fingerprint
10 11 12
  expose :vulnerability_feedback_path, as: :create_vulnerability_feedback_issue_path, if: ->(_, _) { can_create_feedback?(:issue) }
  expose :vulnerability_feedback_path, as: :create_vulnerability_feedback_merge_request_path, if: ->(_, _) { can_create_feedback?(:merge_request) }
  expose :vulnerability_feedback_path, as: :create_vulnerability_feedback_dismissal_path, if: ->(_, _) { can_create_feedback?(:dismissal) }
13
  expose :project, using: ::ProjectEntity
14 15
  expose :dismissal_feedback, using: Vulnerabilities::FeedbackEntity
  expose :issue_feedback, using: Vulnerabilities::FeedbackEntity
16
  expose :merge_request_feedback, using: Vulnerabilities::FeedbackEntity
17 18 19

  expose :metadata, merge: true, if: ->(occurrence, _) { occurrence.raw_metadata } do
    expose :description
20
    expose :links
21 22 23
    expose :location
    expose :remediations
    expose :solution
24 25
  end

26 27 28 29
  expose :blob_path do |occurrence|
    occurrence.present.blob_path
  end

30 31 32 33
  alias_method :occurrence, :object

  private

34 35
  def vulnerability_feedback_path
    project_vulnerability_feedback_index_path(occurrence.project)
36 37
  end

38 39 40
  def can_create_feedback?(feedback_type)
    feedback = Vulnerabilities::Feedback.new(project: occurrence.project, feedback_type: feedback_type)
    can?(request.current_user, :create_vulnerability_feedback, feedback)
41
  end
42
end