Commit 40e7e5a2 authored by Victor Zagorodny's avatar Victor Zagorodny

Refactor VulnerabilityFindingsFinder specs

parent 3b1dbd53
......@@ -4,16 +4,16 @@ require 'spec_helper'
describe Security::VulnerabilityFindingsFinder do
describe '#execute' do
set(:group) { create(:group) }
set(:project1) { create(:project, :private, :repository, group: group) }
set(:project2) { create(:project, :private, :repository, group: group) }
set(:pipeline1) { create(:ci_pipeline, :success, project: project1) }
set(:pipeline2) { create(:ci_pipeline, :success, project: project2) }
let_it_be(:group) { create(:group) }
let_it_be(:project1) { create(:project, :private, :repository, group: group) }
let_it_be(:project2) { create(:project, :private, :repository, group: group) }
let_it_be(:pipeline1) { create(:ci_pipeline, :success, project: project1) }
let_it_be(:pipeline2) { create(:ci_pipeline, :success, project: project2) }
set(:vulnerability1) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :high, confidence: :high, pipelines: [pipeline1], project: project1) }
set(:vulnerability2) { create(:vulnerabilities_occurrence, report_type: :dependency_scanning, severity: :medium, confidence: :low, pipelines: [pipeline2], project: project2) }
set(:vulnerability3) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :low, pipelines: [pipeline2], project: project2) }
set(:vulnerability4) { create(:vulnerabilities_occurrence, report_type: :dast, severity: :medium, pipelines: [pipeline1], project: project1) }
let_it_be(:finding1) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :high, confidence: :high, pipelines: [pipeline1], project: project1) }
let_it_be(:finding2) { create(:vulnerabilities_occurrence, report_type: :dependency_scanning, severity: :medium, confidence: :low, pipelines: [pipeline2], project: project2) }
let_it_be(:finding3) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :low, pipelines: [pipeline2], project: project2) }
let_it_be(:finding4) { create(:vulnerabilities_occurrence, report_type: :dast, severity: :medium, pipelines: [pipeline1], project: project1) }
subject { described_class.new(group, params: params).execute }
......@@ -22,7 +22,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { report_type: %w[sast] } }
it 'includes only sast' do
is_expected.to contain_exactly(vulnerability1, vulnerability3)
is_expected.to contain_exactly(finding1, finding3)
end
end
......@@ -30,7 +30,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { report_type: %w[dependency_scanning] } }
it 'includes only depscan' do
is_expected.to contain_exactly(vulnerability2)
is_expected.to contain_exactly(finding2)
end
end
end
......@@ -40,7 +40,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { severity: %w[high] } }
it 'includes only high' do
is_expected.to contain_exactly(vulnerability1)
is_expected.to contain_exactly(finding1)
end
end
......@@ -48,7 +48,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { severity: %w[medium] } }
it 'includes only medium' do
is_expected.to contain_exactly(vulnerability2, vulnerability4)
is_expected.to contain_exactly(finding2, finding4)
end
end
end
......@@ -58,7 +58,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { confidence: %w[high] } }
it 'includes only high confidence vulnerabilities' do
is_expected.to contain_exactly(vulnerability1)
is_expected.to contain_exactly(finding1)
end
end
......@@ -66,7 +66,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { confidence: %w[low] } }
it 'includes only low confidence vulnerabilities' do
is_expected.to contain_exactly(vulnerability2)
is_expected.to contain_exactly(finding2)
end
end
end
......@@ -75,7 +75,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { project_id: [project2.id] } }
it 'includes only vulnerabilities for one project' do
is_expected.to contain_exactly(vulnerability2, vulnerability3)
is_expected.to contain_exactly(finding2, finding3)
end
end
......@@ -85,13 +85,13 @@ describe Security::VulnerabilityFindingsFinder do
create(:vulnerability_feedback, :sast, :dismissal,
pipeline: pipeline1,
project: project1,
project_fingerprint: vulnerability1.project_fingerprint)
project_fingerprint: finding1.project_fingerprint)
end
let(:params) { { hide_dismissed: true } }
skip 'exclude dismissal' do
is_expected.to contain_exactly(vulnerability2, vulnerability3, vulnerability4)
is_expected.to contain_exactly(finding2, finding3, finding4)
end
end
......@@ -100,7 +100,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { severity: %w[high medium low], project_id: [project1.id, project2.id], report_type: %w[sast dast] } }
it 'filters by all params' do
is_expected.to contain_exactly(vulnerability1, vulnerability3, vulnerability4)
is_expected.to contain_exactly(finding1, finding3, finding4)
end
end
......@@ -118,7 +118,7 @@ describe Security::VulnerabilityFindingsFinder do
let(:params) { { project_id: [project2.id], severity: %w[medium low] } }
it 'filters by all params' do
is_expected.to contain_exactly(vulnerability2, vulnerability3)
is_expected.to contain_exactly(finding2, finding3)
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment