Commit 23216ee8 authored by Shinya Maeda's avatar Shinya Maeda

Merge branch 'align-vuln-states' into 'master'

Align state of Vulnerability and Finding

See merge request gitlab-org/gitlab!23716
parents cee39799 0f400f7b
...@@ -136,13 +136,13 @@ module Vulnerabilities ...@@ -136,13 +136,13 @@ module Vulnerabilities
def state def state
return 'dismissed' if dismissal_feedback.present? return 'dismissed' if dismissal_feedback.present?
return 'opened' unless Feature.enabled?(:first_class_vulnerabilities, project) return 'detected' unless Feature.enabled?(:first_class_vulnerabilities, project)
if vulnerability.nil? if vulnerability.nil?
'opened' 'detected'
elsif vulnerability.resolved? elsif vulnerability.resolved?
'resolved' 'resolved'
elsif vulnerability.closed? # fail-safe check for cases when dismissal feedback was lost or was not created elsif vulnerability.dismissed? # fail-safe check for cases when dismissal feedback was lost or was not created
'dismissed' 'dismissed'
else else
'confirmed' 'confirmed'
......
...@@ -31,7 +31,7 @@ class Vulnerability < ApplicationRecord ...@@ -31,7 +31,7 @@ class Vulnerability < ApplicationRecord
end end
end end
enum state: { opened: 1, closed: 2, resolved: 3 } enum state: { detected: 1, dismissed: 2, resolved: 3 }
enum severity: Vulnerabilities::Occurrence::SEVERITY_LEVELS, _prefix: :severity enum severity: Vulnerabilities::Occurrence::SEVERITY_LEVELS, _prefix: :severity
enum confidence: Vulnerabilities::Occurrence::CONFIDENCE_LEVELS, _prefix: :confidence enum confidence: Vulnerabilities::Occurrence::CONFIDENCE_LEVELS, _prefix: :confidence
enum report_type: Vulnerabilities::Occurrence::REPORT_TYPES enum report_type: Vulnerabilities::Occurrence::REPORT_TYPES
......
...@@ -35,7 +35,7 @@ module Vulnerabilities ...@@ -35,7 +35,7 @@ module Vulnerabilities
author: @author, author: @author,
project: @project, project: @project,
title: finding.name, title: finding.name,
state: :opened, state: :detected,
severity: finding.severity, severity: finding.severity,
severity_overridden: false, severity_overridden: false,
confidence: finding.confidence, confidence: finding.confidence,
......
...@@ -23,7 +23,7 @@ module Vulnerabilities ...@@ -23,7 +23,7 @@ module Vulnerabilities
raise ActiveRecord::Rollback raise ActiveRecord::Rollback
end end
@vulnerability.update(state: :closed, closed_by: @user, closed_at: Time.current) @vulnerability.update(state: :dismissed, closed_by: @user, closed_at: Time.current)
end end
@vulnerability @vulnerability
......
...@@ -54,7 +54,7 @@ module API ...@@ -54,7 +54,7 @@ module API
end end
post ':id/dismiss' do post ':id/dismiss' do
vulnerability = find_and_authorize_vulnerability!(:admin_vulnerability) vulnerability = find_and_authorize_vulnerability!(:admin_vulnerability)
break not_modified! if vulnerability.closed? break not_modified! if vulnerability.dismissed?
vulnerability = ::Vulnerabilities::DismissService.new(current_user, vulnerability).execute vulnerability = ::Vulnerabilities::DismissService.new(current_user, vulnerability).execute
render_vulnerability(vulnerability) render_vulnerability(vulnerability)
......
...@@ -88,7 +88,7 @@ FactoryBot.modify do ...@@ -88,7 +88,7 @@ FactoryBot.modify do
trait :with_vulnerabilities do trait :with_vulnerabilities do
after(:create) do |project| after(:create) do |project|
create_list(:vulnerability, 2, :opened, project: project) create_list(:vulnerability, 2, :detected, project: project)
end end
end end
end end
......
...@@ -10,8 +10,8 @@ FactoryBot.define do ...@@ -10,8 +10,8 @@ FactoryBot.define do
confidence { :medium } confidence { :medium }
report_type { :sast } report_type { :sast }
trait :opened do trait :detected do
state { :opened } state { :detected }
end end
trait :resolved do trait :resolved do
...@@ -19,8 +19,8 @@ FactoryBot.define do ...@@ -19,8 +19,8 @@ FactoryBot.define do
resolved_at { Time.current } resolved_at { Time.current }
end end
trait :closed do trait :dismissed do
state { :closed } state { :dismissed }
closed_at { Time.current } closed_at { Time.current }
end end
......
...@@ -39,7 +39,7 @@ FactoryBot.define do ...@@ -39,7 +39,7 @@ FactoryBot.define do
trait :confirmed do trait :confirmed do
after(:create) do |finding| after(:create) do |finding|
create(:vulnerability, :opened, project: finding.project, findings: [finding]) create(:vulnerability, :detected, project: finding.project, findings: [finding])
end end
end end
......
...@@ -289,7 +289,7 @@ describe Security::PipelineVulnerabilitiesFinder do ...@@ -289,7 +289,7 @@ describe Security::PipelineVulnerabilitiesFinder do
expect(confirmed.state).to eq 'confirmed' expect(confirmed.state).to eq 'confirmed'
expect(resolved.state).to eq 'resolved' expect(resolved.state).to eq 'resolved'
expect(dismissed.state).to eq 'dismissed' expect(dismissed.state).to eq 'dismissed'
expect(subject.occurrences - [confirmed, resolved, dismissed]).to all(have_attributes(state: 'opened')) expect(subject.occurrences - [confirmed, resolved, dismissed]).to all(have_attributes(state: 'detected'))
end end
end end
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
"type": "string" "type": "string"
}, },
"description": { "type": ["string", "null"] }, "description": { "type": ["string", "null"] },
"state": { "type": "string", "enum": ["opened", "resolved", "closed"] }, "state": { "type": "string", "enum": ["detected", "resolved", "dismissed"] },
"severity": { "severity": {
"type": "string", "type": "string",
"enum": ["undefined", "info", "unknown", "low", "medium", "high", "critical"] "enum": ["undefined", "info", "unknown", "low", "medium", "high", "critical"]
......
...@@ -57,7 +57,7 @@ ...@@ -57,7 +57,7 @@
]}, ]},
"state" : { "state" : {
"type": "string", "type": "string",
"enum": ["opened", "confirmed", "resolved", "dismissed"] "enum": ["detected", "confirmed", "resolved", "dismissed"]
}, },
"description": { "type": ["string", "null"] }, "description": { "type": ["string", "null"] },
"solution": { "type": ["string", "null"] }, "solution": { "type": ["string", "null"] },
......
...@@ -497,7 +497,7 @@ describe Vulnerabilities::Occurrence do ...@@ -497,7 +497,7 @@ describe Vulnerabilities::Occurrence do
describe '#state' do describe '#state' do
before do before do
create(:vulnerability, :closed, project: finding_with_issue.project, findings: [finding_with_issue]) create(:vulnerability, :dismissed, project: finding_with_issue.project, findings: [finding_with_issue])
end end
let(:unresolved_finding) { create(:vulnerabilities_finding) } let(:unresolved_finding) { create(:vulnerabilities_finding) }
...@@ -507,7 +507,7 @@ describe Vulnerabilities::Occurrence do ...@@ -507,7 +507,7 @@ describe Vulnerabilities::Occurrence do
let(:finding_with_issue) { create(:vulnerabilities_finding, :with_issue_feedback) } let(:finding_with_issue) { create(:vulnerabilities_finding, :with_issue_feedback) }
it 'returns the expected state for a unresolved finding' do it 'returns the expected state for a unresolved finding' do
expect(unresolved_finding.state).to eq 'opened' expect(unresolved_finding.state).to eq 'detected'
end end
it 'returns the expected state for a confirmed finding' do it 'returns the expected state for a confirmed finding' do
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'spec_helper' require 'spec_helper'
describe Vulnerability do describe Vulnerability do
let(:state_values) { { opened: 1, closed: 2, resolved: 3 } } let(:state_values) { { detected: 1, dismissed: 2, resolved: 3 } }
let(:severity_values) { { undefined: 0, info: 1, unknown: 2, low: 4, medium: 5, high: 6, critical: 7 } } let(:severity_values) { { undefined: 0, info: 1, unknown: 2, low: 4, medium: 5, high: 6, critical: 7 } }
let(:confidence_values) do let(:confidence_values) do
......
...@@ -123,7 +123,7 @@ describe API::Vulnerabilities do ...@@ -123,7 +123,7 @@ describe API::Vulnerabilities do
have_attributes( have_attributes(
author: user, author: user,
title: finding.name, title: finding.name,
state: 'opened', state: 'detected',
severity: finding.severity, severity: finding.severity,
severity_overridden: false, severity_overridden: false,
confidence: finding.confidence, confidence: finding.confidence,
...@@ -199,7 +199,7 @@ describe API::Vulnerabilities do ...@@ -199,7 +199,7 @@ describe API::Vulnerabilities do
expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee') expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
expect(vulnerability.reload).to( expect(vulnerability.reload).to(
have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.current))) have_attributes(state: 'dismissed', closed_by: user, closed_at: be_like_time(Time.current)))
expect(vulnerability.findings).to all have_vulnerability_dismissal_feedback expect(vulnerability.findings).to all have_vulnerability_dismissal_feedback
end end
end end
...@@ -237,7 +237,7 @@ describe API::Vulnerabilities do ...@@ -237,7 +237,7 @@ describe API::Vulnerabilities do
end end
context 'if a vulnerability is already dismissed' do context 'if a vulnerability is already dismissed' do
let(:vulnerability) { create(:vulnerability, :closed, project: project) } let(:vulnerability) { create(:vulnerability, :dismissed, project: project) }
it 'responds with 304 Not Modified' do it 'responds with 304 Not Modified' do
dismiss_vulnerability dismiss_vulnerability
......
...@@ -26,7 +26,7 @@ describe Vulnerabilities::CreateService do ...@@ -26,7 +26,7 @@ describe Vulnerabilities::CreateService do
have_attributes( have_attributes(
author: user, author: user,
title: finding.name, title: finding.name,
state: 'opened', state: 'detected',
severity: finding.severity, severity: finding.severity,
severity_overridden: false, severity_overridden: false,
confidence: finding.confidence, confidence: finding.confidence,
......
...@@ -26,7 +26,7 @@ describe Vulnerabilities::DismissService do ...@@ -26,7 +26,7 @@ describe Vulnerabilities::DismissService do
dismiss_vulnerability dismiss_vulnerability
expect(vulnerability.reload).to( expect(vulnerability.reload).to(
have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.current))) have_attributes(state: 'dismissed', closed_by: user, closed_at: be_like_time(Time.current)))
expect(vulnerability.findings).to all have_vulnerability_dismissal_feedback expect(vulnerability.findings).to all have_vulnerability_dismissal_feedback
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment