Skip to content

G
gitlab-ce
Commit 40e7e5a2 authored by Victor Zagorodny's avatar Victor Zagorodny
Browse files
Options

Refactor VulnerabilityFindingsFinder specs

parent 3b1dbd53
Show whitespace changes
Inline Side-by-side
Showing with 20 additions and 20 deletions
ee/spec/finders/security/vulnerability_findings_finder_spec.rb
View file @ 40e7e5a2
...@@ -4,16 +4,16 @@ require 'spec_helper' ...@@ -4,16 +4,16 @@ require 'spec_helper'
describe Security::VulnerabilityFindingsFinder do describe Security::VulnerabilityFindingsFinder do
describe '#execute' do describe '#execute' do
set(:group) { create(:group) } let_it_be(:group) { create(:group) }
set(:project1) { create(:project, :private, :repository, group: group) } let_it_be(:project1) { create(:project, :private, :repository, group: group) }
set(:project2) { create(:project, :private, :repository, group: group) } let_it_be(:project2) { create(:project, :private, :repository, group: group) }
set(:pipeline1) { create(:ci_pipeline, :success, project: project1) } let_it_be(:pipeline1) { create(:ci_pipeline, :success, project: project1) }
set(:pipeline2) { create(:ci_pipeline, :success, project: project2) } let_it_be(:pipeline2) { create(:ci_pipeline, :success, project: project2) }
set(:vulnerability1) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :high, confidence: :high, pipelines: [pipeline1], project: project1) } let_it_be(:finding1) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :high, confidence: :high, pipelines: [pipeline1], project: project1) }
set(:vulnerability2) { create(:vulnerabilities_occurrence, report_type: :dependency_scanning, severity: :medium, confidence: :low, pipelines: [pipeline2], project: project2) } let_it_be(:finding2) { create(:vulnerabilities_occurrence, report_type: :dependency_scanning, severity: :medium, confidence: :low, pipelines: [pipeline2], project: project2) }
set(:vulnerability3) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :low, pipelines: [pipeline2], project: project2) } let_it_be(:finding3) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :low, pipelines: [pipeline2], project: project2) }
set(:vulnerability4) { create(:vulnerabilities_occurrence, report_type: :dast, severity: :medium, pipelines: [pipeline1], project: project1) } let_it_be(:finding4) { create(:vulnerabilities_occurrence, report_type: :dast, severity: :medium, pipelines: [pipeline1], project: project1) }
subject { described_class.new(group, params: params).execute } subject { described_class.new(group, params: params).execute }
...@@ -22,7 +22,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -22,7 +22,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { report_type: %w[sast] } } let(:params) { { report_type: %w[sast] } }
it 'includes only sast' do it 'includes only sast' do
is_expected.to contain_exactly(vulnerability1, vulnerability3) is_expected.to contain_exactly(finding1, finding3)
end end
end end
...@@ -30,7 +30,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -30,7 +30,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { report_type: %w[dependency_scanning] } } let(:params) { { report_type: %w[dependency_scanning] } }
it 'includes only depscan' do it 'includes only depscan' do
is_expected.to contain_exactly(vulnerability2) is_expected.to contain_exactly(finding2)
end end
end end
end end
...@@ -40,7 +40,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -40,7 +40,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { severity: %w[high] } } let(:params) { { severity: %w[high] } }
it 'includes only high' do it 'includes only high' do
is_expected.to contain_exactly(vulnerability1) is_expected.to contain_exactly(finding1)
end end
end end
...@@ -48,7 +48,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -48,7 +48,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { severity: %w[medium] } } let(:params) { { severity: %w[medium] } }
it 'includes only medium' do it 'includes only medium' do
is_expected.to contain_exactly(vulnerability2, vulnerability4) is_expected.to contain_exactly(finding2, finding4)
end end
end end
end end
...@@ -58,7 +58,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -58,7 +58,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { confidence: %w[high] } } let(:params) { { confidence: %w[high] } }
it 'includes only high confidence vulnerabilities' do it 'includes only high confidence vulnerabilities' do
is_expected.to contain_exactly(vulnerability1) is_expected.to contain_exactly(finding1)
end end
end end
...@@ -66,7 +66,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -66,7 +66,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { confidence: %w[low] } } let(:params) { { confidence: %w[low] } }
it 'includes only low confidence vulnerabilities' do it 'includes only low confidence vulnerabilities' do
is_expected.to contain_exactly(vulnerability2) is_expected.to contain_exactly(finding2)
end end
end end
end end
...@@ -75,7 +75,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -75,7 +75,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { project_id: [project2.id] } } let(:params) { { project_id: [project2.id] } }
it 'includes only vulnerabilities for one project' do it 'includes only vulnerabilities for one project' do
is_expected.to contain_exactly(vulnerability2, vulnerability3) is_expected.to contain_exactly(finding2, finding3)
end end
end end
...@@ -85,13 +85,13 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -85,13 +85,13 @@ describe Security::VulnerabilityFindingsFinder do
create(:vulnerability_feedback, :sast, :dismissal, create(:vulnerability_feedback, :sast, :dismissal,
pipeline: pipeline1, pipeline: pipeline1,
project: project1, project: project1,
project_fingerprint: vulnerability1.project_fingerprint) project_fingerprint: finding1.project_fingerprint)
end end
let(:params) { { hide_dismissed: true } } let(:params) { { hide_dismissed: true } }
skip 'exclude dismissal' do skip 'exclude dismissal' do
is_expected.to contain_exactly(vulnerability2, vulnerability3, vulnerability4) is_expected.to contain_exactly(finding2, finding3, finding4)
end end
end end
...@@ -100,7 +100,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -100,7 +100,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { severity: %w[high medium low], project_id: [project1.id, project2.id], report_type: %w[sast dast] } } let(:params) { { severity: %w[high medium low], project_id: [project1.id, project2.id], report_type: %w[sast dast] } }
it 'filters by all params' do it 'filters by all params' do
is_expected.to contain_exactly(vulnerability1, vulnerability3, vulnerability4) is_expected.to contain_exactly(finding1, finding3, finding4)
end end
end end
...@@ -118,7 +118,7 @@ describe Security::VulnerabilityFindingsFinder do ...@@ -118,7 +118,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { project_id: [project2.id], severity: %w[medium low] } } let(:params) { { project_id: [project2.id], severity: %w[medium low] } }
it 'filters by all params' do it 'filters by all params' do
is_expected.to contain_exactly(vulnerability2, vulnerability3) is_expected.to contain_exactly(finding2, finding3)
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7