Merge branch 'philipcunningham-find-by-global-id-321205' into 'master'

Deprecate fullPath from DAST on-demand mutations

See merge request gitlab-org/gitlab!72478

doc/api/graphql/reference/index.md

@@ -1598,7 +1598,7 @@ Input type: `DastProfileRunInput`
 | Name | Type | Description |
 | ---- | ---- | ----------- |
 | <a id="mutationdastprofilerunclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationdastprofilerunfullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. |
+| <a id="mutationdastprofilerunfullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
 | <a id="mutationdastprofilerunid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be used for the scan. |
 
 #### Fields
@@ -1623,7 +1623,7 @@ Input type: `DastProfileUpdateInput`
 | <a id="mutationdastprofileupdatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile to be associated. |
 | <a id="mutationdastprofileupdatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile to be associated. |
 | <a id="mutationdastprofileupdatedescription"></a>`description` | [`String`](#string) | Description of the profile. Defaults to an empty string. |
-| <a id="mutationdastprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the profile belongs to. |
+| <a id="mutationdastprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
 | <a id="mutationdastprofileupdateid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be deleted. |
 | <a id="mutationdastprofileupdatename"></a>`name` | [`String`](#string) | Name of the profile. |
 | <a id="mutationdastprofileupdaterunafterupdate"></a>`runAfterUpdate` | [`Boolean`](#boolean) | Run scan using profile after update. Defaults to false. |
@@ -1671,7 +1671,7 @@ Input type: `DastScannerProfileDeleteInput`
 | Name | Type | Description |
 | ---- | ---- | ----------- |
 | <a id="mutationdastscannerprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. |
+| <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
 | <a id="mutationdastscannerprofiledeleteid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be deleted. |
 
 #### Fields
@@ -1690,7 +1690,7 @@ Input type: `DastScannerProfileUpdateInput`
 | Name | Type | Description |
 | ---- | ---- | ----------- |
 | <a id="mutationdastscannerprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the scanner profile belongs to. |
+| <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
 | <a id="mutationdastscannerprofileupdateid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be updated. |
 | <a id="mutationdastscannerprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the scanner profile. |
 | <a id="mutationdastscannerprofileupdatescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. |
@@ -1741,7 +1741,7 @@ Input type: `DastSiteProfileDeleteInput`
 | Name | Type | Description |
 | ---- | ---- | ----------- |
 | <a id="mutationdastsiteprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. |
+| <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
 | <a id="mutationdastsiteprofiledeleteid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be deleted. |
 
 #### Fields
@@ -1762,7 +1762,7 @@ Input type: `DastSiteProfileUpdateInput`
 | <a id="mutationdastsiteprofileupdateauth"></a>`auth` | [`DastSiteProfileAuthInput`](#dastsiteprofileauthinput) | Parameters for authentication. |
 | <a id="mutationdastsiteprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
 | <a id="mutationdastsiteprofileupdateexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | URLs to skip during an authenticated scan. |
-| <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. |
+| <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
 | <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be updated. |
 | <a id="mutationdastsiteprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the site profile. |
 | <a id="mutationdastsiteprofileupdaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. |

ee/app/graphql/mutations/app_sec/dast/site_profiles/shared_arguments.rb

@@ -10,10 +10,6 @@ module Mutations
           SiteProfileID = ::Types::GlobalIDType[::DastSiteProfile]
 
           included do
-            argument :full_path, GraphQL::Types::ID,
-                     required: true,
-                     description: 'Project the site profile belongs to.'
-
             argument :profile_name, GraphQL::Types::String,
                      required: true,
                      description: 'Name of the site profile.'

ee/app/graphql/mutations/dast/profiles/run.rb

@@ -15,7 +15,8 @@ module Mutations
               description: 'URL of the pipeline that was created.'
 
         argument :full_path, GraphQL::Types::ID,
-                 required: true,
+                 required: false,
+                 deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
                  description: 'Full path for the project the scanner profile belongs to.'
 
         argument :id, ProfileID,
@@ -24,17 +25,10 @@ module Mutations
 
         authorize :create_on_demand_dast_scan
 
-        def resolve(full_path:, id:)
-          project = authorized_find!(full_path)
-
-          # TODO: remove this line once the compatibility layer is removed
-          # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
-          id = ProfileID.coerce_isolated_input(id).model_id
-
-          dast_profile = find_dast_profile(project, id)
-          return { errors: ['Profile not found for given parameters'] } unless dast_profile
+        def resolve(id:, full_path: nil)
+          dast_profile = authorized_find!(id)
 
-          response = create_on_demand_dast_scan(project, dast_profile)
+          response = create_on_demand_dast_scan(dast_profile)
 
           return { errors: response.errors } if response.error?
 
@@ -43,15 +37,17 @@ module Mutations
 
         private
 
-        def find_dast_profile(project, id)
-          ::Dast::ProfilesFinder.new(project_id: project.id, id: id)
-            .execute
-            .first
+        def find_object(id)
+          # TODO: remove this line when the compatibility layer is removed
+          # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
+          id = ProfileID.coerce_isolated_input(id)
+
+          GitlabSchema.find_by_gid(id)
         end
 
-        def create_on_demand_dast_scan(project, dast_profile)
+        def create_on_demand_dast_scan(dast_profile)
           ::AppSec::Dast::Scans::CreateService.new(
-            container: project,
+            container: dast_profile.project,
             current_user: current_user,
             params: { dast_profile: dast_profile }
           ).execute

ee/app/graphql/mutations/dast/profiles/update.rb

@@ -27,7 +27,8 @@ module Mutations
                  description: 'ID of the profile to be deleted.'
 
         argument :full_path, GraphQL::Types::ID,
-                 required: true,
+                 required: false,
+                 deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
                  description: 'Project the profile belongs to.'
 
         argument :dast_profile_schedule, ::Types::Dast::ProfileScheduleInputType,
@@ -62,12 +63,9 @@ module Mutations
 
         authorize :create_on_demand_dast_scan
 
-        def resolve(full_path:, id:, name:, description:, branch_name: nil, dast_scanner_profile_id: nil, run_after_update: false, **args)
-          project = authorized_find!(full_path)
-          raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(args[:dast_profile_schedule], project)
-
-          dast_profile = find_dast_profile(project.id, id)
-          authorize!(dast_profile)
+        def resolve(id:, name:, description:, full_path: nil, branch_name: nil, dast_scanner_profile_id: nil, run_after_update: false, **args)
+          dast_profile = authorized_find!(id)
+          raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(args[:dast_profile_schedule], dast_profile.project)
 
           params = {
             dast_profile: dast_profile,
@@ -81,7 +79,7 @@ module Mutations
           }.compact
 
           response = ::AppSec::Dast::Profiles::UpdateService.new(
-            container: project,
+            container: dast_profile.project,
             current_user: current_user,
             params: params
           ).execute
@@ -109,14 +107,12 @@ module Mutations
           klass.coerce_isolated_input(value).model_id
         end
 
-        def find_dast_profile(project_id, id)
-          # TODO: remove this line once the compatibility layer is removed
+        def find_object(id)
+          # TODO: remove this line when the compatibility layer is removed
           # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
-          id = ProfileID.coerce_isolated_input(id).model_id
+          id = ProfileID.coerce_isolated_input(id)
 
-          ::Dast::ProfilesFinder.new(project_id: project_id, id: id)
-            .execute
-            .first
+          GitlabSchema.find_by_gid(id)
         end
       end
     end

ee/app/graphql/mutations/dast_scanner_profiles/delete.rb

@@ -10,7 +10,8 @@ module Mutations
       ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile]
 
       argument :full_path, GraphQL::Types::ID,
-                required: true,
+               required: false,
+               deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
                description: 'Full path for the project the scanner profile belongs to.'
 
       argument :id, ScannerProfileID,
@@ -19,15 +20,11 @@ module Mutations
 
       authorize :create_on_demand_dast_scan
 
-      def resolve(full_path:, id:)
-        # TODO: remove this line once the compatibility layer is removed
-        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
-        id = ScannerProfileID.coerce_isolated_input(id)
+      def resolve(id:, full_path: nil)
+        dast_scanner_profile = authorized_find!(id)
 
-        project = authorized_find!(full_path)
-
-        service = ::AppSec::Dast::ScannerProfiles::DestroyService.new(project, current_user)
-        result = service.execute(id: id.model_id)
+        service = ::AppSec::Dast::ScannerProfiles::DestroyService.new(dast_scanner_profile.project, current_user)
+        result = service.execute(id: dast_scanner_profile.id)
 
         if result.success?
           { errors: [] }
@@ -35,6 +32,16 @@ module Mutations
           { errors: result.errors }
         end
       end
+
+      private
+
+      def find_object(id)
+        # TODO: remove this line when the compatibility layer is removed
+        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
+        id = ScannerProfileID.coerce_isolated_input(id)
+
+        GitlabSchema.find_by_gid(id)
+      end
     end
   end
 end

ee/app/graphql/mutations/dast_scanner_profiles/update.rb

@@ -7,12 +7,15 @@ module Mutations
 
       graphql_name 'DastScannerProfileUpdate'
 
-      field :id, ::Types::GlobalIDType[::DastScannerProfile],
+      ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile]
+
+      field :id, ScannerProfileID,
             null: true,
             description: 'ID of the scanner profile.'
 
       argument :full_path, GraphQL::Types::ID,
-                required: true,
+               required: false,
+               deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
                description: 'Project the scanner profile belongs to.'
 
       argument :id, ::Types::GlobalIDType[::DastScannerProfile],
@@ -48,15 +51,11 @@ module Mutations
 
       authorize :create_on_demand_dast_scan
 
-      def resolve(full_path:, **service_args)
-        # TODO: remove this explicit coercion once the compatibility layer is removed
-        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
-        gid = ::Types::GlobalIDType[::DastScannerProfile].coerce_isolated_input(service_args[:id])
-
-        project = authorized_find!(full_path)
+      def resolve(id:, full_path: nil, **service_args)
+        dast_scanner_profile = authorized_find!(id)
 
-        service = ::AppSec::Dast::ScannerProfiles::UpdateService.new(project, current_user)
-        result = service.execute(**service_args, id: gid.model_id)
+        service = ::AppSec::Dast::ScannerProfiles::UpdateService.new(dast_scanner_profile.project, current_user)
+        result = service.execute(**service_args, id: dast_scanner_profile.id)
 
         if result.success?
           { id: result.payload.to_global_id, errors: [] }
@@ -64,6 +63,16 @@ module Mutations
           { errors: result.errors }
         end
       end
+
+      private
+
+      def find_object(id)
+        # TODO: remove this line when the compatibility layer is removed
+        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
+        id = ScannerProfileID.coerce_isolated_input(id)
+
+        GitlabSchema.find_by_gid(id)
+      end
     end
   end
 end

ee/app/graphql/mutations/dast_site_profiles/create.rb

@@ -12,6 +12,10 @@ module Mutations
             null: true,
             description: 'ID of the site profile.'
 
+      argument :full_path, GraphQL::Types::ID,
+               required: true,
+               description: 'Project the site profile belongs to.'
+
       argument :excluded_urls, [GraphQL::Types::String],
                required: false,
                default_value: [],

ee/app/graphql/mutations/dast_site_profiles/delete.rb

@@ -5,24 +5,24 @@ module Mutations
     class Delete < BaseMutation
       graphql_name 'DastSiteProfileDelete'
 
+      ProfileID = ::Types::GlobalIDType[::DastSiteProfile]
+
       argument :full_path, GraphQL::Types::ID,
-               required: true,
+               required: false,
+               deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
                description: 'Project the site profile belongs to.'
 
-      argument :id, Mutations::AppSec::Dast::SiteProfiles::SharedArguments::SiteProfileID,
+      argument :id, ProfileID,
                required: true,
                description: 'ID of the site profile to be deleted.'
 
       authorize :create_on_demand_dast_scan
 
-      def resolve(full_path:, id:)
-        project = authorized_find!(full_path)
-        # TODO: remove explicit coercion once compatibility layer is removed
-        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
-        id = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id)
+      def resolve(id:, full_path: nil)
+        dast_site_profile = authorized_find!(id)
 
-        service = ::AppSec::Dast::SiteProfiles::DestroyService.new(project, current_user)
-        result = service.execute(id: id.model_id)
+        service = ::AppSec::Dast::SiteProfiles::DestroyService.new(dast_site_profile.project, current_user)
+        result = service.execute(id: dast_site_profile.id)
 
         return { errors: result.errors } unless result.success?
 
@@ -31,8 +31,12 @@ module Mutations
 
       private
 
-      def find_object(full_path)
-        Project.find_by_full_path(full_path)
+      def find_object(id)
+        # TODO: remove this line when the compatibility layer is removed
+        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
+        id = ProfileID.coerce_isolated_input(id)
+
+        GitlabSchema.find_by_gid(id)
       end
     end
   end

ee/app/graphql/mutations/dast_site_profiles/update.rb

@@ -12,6 +12,11 @@ module Mutations
             null: true,
             description: 'ID of the site profile.'
 
+      argument :full_path, GraphQL::Types::ID,
+               required: false,
+               deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
+               description: 'Project the site profile belongs to.'
+
       argument :id, SiteProfileID,
                required: true,
                description: 'ID of the site profile to be updated.'
@@ -22,15 +27,15 @@ module Mutations
 
       authorize :create_on_demand_dast_scan
 
-      def resolve(full_path:, id:, profile_name:, target_url: nil, **params)
-        project = authorized_find!(full_path)
+      def resolve(id:, full_path: nil, profile_name:, target_url: nil, **params)
+        dast_site_profile = authorized_find!(id)
 
         auth_params = params[:auth] || {}
 
         # TODO: remove explicit coercion once compatibility layer has been removed
         # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
         dast_site_profile_params = {
-          id: SiteProfileID.coerce_isolated_input(id).model_id,
+          id: dast_site_profile.id,
           name: profile_name,
           target_url: target_url,
           target_type: params[:target_type],
@@ -44,10 +49,20 @@ module Mutations
           auth_password: auth_params[:password]
         }.compact
 
-        result = ::AppSec::Dast::SiteProfiles::UpdateService.new(project, current_user).execute(**dast_site_profile_params)
+        result = ::AppSec::Dast::SiteProfiles::UpdateService.new(dast_site_profile.project, current_user).execute(**dast_site_profile_params)
 
         { id: result.payload.try(:to_global_id), errors: result.errors }
       end
+
+      private
+
+      def find_object(id)
+        # TODO: remove this line when the compatibility layer is removed
+        # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
+        id = SiteProfileID.coerce_isolated_input(id)
+
+        GitlabSchema.find_by_gid(id)
+      end
     end
   end
 end

ee/spec/graphql/mutations/dast/profiles/run_spec.rb

@@ -8,7 +8,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
   let_it_be(:user) { create(:user) }
   let_it_be(:dast_profile) { create(:dast_profile, project: project, branch_name: project.default_branch) }
 
-  let(:full_path) { project.full_path }
   let(:dast_profile_id) { dast_profile.to_global_id }
 
   subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
@@ -17,10 +16,7 @@ RSpec.describe Mutations::Dast::Profiles::Run do
 
   describe '#resolve' do
     subject do
-      mutation.resolve(
-        full_path: full_path,
-        id: dast_profile_id
-      )
+      mutation.resolve(id: dast_profile_id)
     end
 
     context 'when on demand scan licensed feature is not available' do
@@ -35,14 +31,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
         stub_licensed_features(security_on_demand_scans: true)
       end
 
-      context 'when the project does not exist' do
-        let(:full_path) { SecureRandom.hex }
-
-        it 'raises an exception' do
-          expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-        end
-      end
-
       context 'when the user can run a dast scan' do
         before do
           project.add_developer(user)
@@ -74,8 +62,8 @@ RSpec.describe Mutations::Dast::Profiles::Run do
         context 'when the dast_profile does not exist' do
           let(:dast_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'Dast::Profile', id: 'does_not_exist') }
 
-          it 'communicates failure' do
-            expect(subject[:errors]).to include('Profile not found for given parameters')
+          it 'raises an exception' do
+            expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
           end
         end
 

ee/spec/graphql/mutations/dast/profiles/update_spec.rb

@@ -38,7 +38,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do
   specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
 
   describe '#resolve' do
-    subject { mutation.resolve(**params.merge(full_path: project.full_path)) }
+    subject { mutation.resolve(**params) }
 
     shared_examples 'an unrecoverable failure' do |parameter|
       it 'raises an exception' do
@@ -93,10 +93,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do
             let(:new_dast_profile_schedule) { attributes_for(:dast_profile_schedule) }
 
             subject do
-              mutation.resolve(**params.merge(
-                full_path: project.full_path,
-                dast_profile_schedule: new_dast_profile_schedule
-              ))
+              mutation.resolve(**params.merge(dast_profile_schedule: new_dast_profile_schedule))
             end
 
             context 'when dast_on_demand_scans_scheduler feature is enabled' do

ee/spec/graphql/mutations/dast_scanner_profiles/delete_spec.rb

@@ -5,7 +5,6 @@ require 'spec_helper'
 RSpec.describe Mutations::DastScannerProfiles::Delete do
   let_it_be(:project) { create(:project) }
   let_it_be(:user) { create(:user) }
-  let_it_be(:full_path) { project.full_path }
   let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
 
   let(:dast_scanner_profile_id) { dast_scanner_profile.to_global_id }
@@ -20,18 +19,7 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
 
   describe '#resolve' do
     subject do
-      mutation.resolve(
-        full_path: full_path,
-        id: dast_scanner_profile_id
-      )
-    end
-
-    context 'when the project does not exist' do
-      let(:full_path) { SecureRandom.hex }
-
-      it 'raises an exception' do
-        expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-      end
+      mutation.resolve(id: dast_scanner_profile_id)
     end
 
     context 'when the user is not associated with the project' do
@@ -52,8 +40,8 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
       context 'when the dast_scanner_profile does not exist' do
         let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') }
 
-        it 'returns an error' do
-          expect(subject[:errors]).to include('Scanner profile not found for given parameters')
+        it 'raises an exception' do
+          expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
         end
       end
 

ee/spec/graphql/mutations/dast_scanner_profiles/update_spec.rb

@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
   let_it_be(:group) { create(:group) }
   let_it_be(:project) { create(:project, group: group) }
   let_it_be(:user) { create(:user) }
-  let_it_be(:full_path) { project.full_path }
   let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) }
 
   let_it_be(:new_profile_name) { SecureRandom.hex }
@@ -27,7 +26,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
   describe '#resolve' do
     subject do
       mutation.resolve(
-        full_path: full_path,
         id: scanner_profile_id,
         profile_name: new_profile_name,
         target_timeout: new_target_timeout,
@@ -41,14 +39,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
     let(:scanner_profile_id) { dast_scanner_profile.to_global_id }
 
     context 'when on demand scan feature is enabled' do
-      context 'when the project does not exist' do
-        let(:full_path) { SecureRandom.hex }
-
-        it 'raises an exception' do
-          expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-        end
-      end
-
       context 'when the user can run a DAST scan' do
         before do
           project.add_developer(user)
@@ -57,7 +47,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
         context 'when the user omits unrequired elements' do
           subject do
             mutation.resolve(
-              full_path: full_path,
               id: scanner_profile_id,
               profile_name: new_profile_name,
               target_timeout: new_target_timeout,
@@ -93,7 +82,7 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
           let(:scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') }
 
           it 'raises an exception' do
-            expect(subject[:errors]).to include('Scanner profile not found for given parameters')
+            expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
           end
         end
       end

ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb

@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
   let(:group) { create(:group) }
   let(:project) { create(:project, group: group) }
   let(:user) { create(:user) }
-  let(:full_path) { project.full_path }
   let!(:dast_site_profile) { create(:dast_site_profile, project: project) }
 
   subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
@@ -19,21 +18,10 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
 
   describe '#resolve' do
     subject do
-      mutation.resolve(
-        full_path: full_path,
-        id: dast_site_profile.to_global_id
-      )
+      mutation.resolve(id: dast_site_profile.to_global_id)
     end
 
     context 'when on demand scan feature is enabled' do
-      context 'when the project does not exist' do
-        let(:full_path) { SecureRandom.hex }
-
-        it 'raises an exception' do
-          expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-        end
-      end
-
       context 'when the user can run a dast scan' do
         before do
           project.add_developer(user)

ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb

@@ -8,7 +8,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
   let_it_be(:user) { create(:user) }
   let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
 
-  let(:full_path) { project.full_path }
   let(:new_profile_name) { SecureRandom.hex }
   let(:new_target_url) { generate(:url) }
   let(:new_excluded_urls) { ["#{new_target_url}/signout"] }
@@ -37,7 +36,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
   describe '#resolve' do
     subject do
       mutation.resolve(
-        full_path: full_path,
         id: dast_site_profile.to_global_id,
         profile_name: new_profile_name,
         target_url: new_target_url,
@@ -49,14 +47,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
     end
 
     context 'when on demand scan feature is enabled' do
-      context 'when the project does not exist' do
-        let(:full_path) { SecureRandom.hex }
-
-        it 'raises an exception' do
-          expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
-        end
-      end
-
       context 'when the user can run a dast scan' do
         before do
           project.add_developer(user)
@@ -67,7 +57,7 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
           result = ServiceResponse.error(message: '')
 
           service_params = {
-            id: dast_site_profile.id.to_s,
+            id: dast_site_profile.id,
             name: new_profile_name,
             target_url: new_target_url,
             target_type: new_target_type,
@@ -112,7 +102,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
           context 'when the arguments are omitted' do
             subject do
               mutation.resolve(
-                full_path: full_path,
                 id: dast_site_profile.to_global_id,
                 profile_name: new_profile_name
               )
@@ -128,7 +117,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
           context 'when the arguments are empty strings' do
             subject do
               mutation.resolve(
-                full_path: full_path,
                 id: dast_site_profile.to_global_id,
                 profile_name: new_profile_name,
                 request_headers: '',

ee/spec/requests/api/graphql/mutations/dast/profiles/run_spec.rb

@@ -12,11 +12,7 @@ RSpec.describe 'Running a DAST Profile' do
   let(:mutation_name) { :dast_profile_run }
 
   let(:mutation) do
-    graphql_mutation(
-      mutation_name,
-      full_path: project.full_path,
-      id: global_id_of(dast_profile)
-    )
+    graphql_mutation(mutation_name, id: global_id_of(dast_profile))
   end
 
   it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'

ee/spec/requests/api/graphql/mutations/dast/profiles/update_spec.rb

@@ -14,7 +14,6 @@ RSpec.describe 'Updating a DAST Profile' do
   let(:mutation) do
     graphql_mutation(
       mutation_name,
-      full_path: project.full_path,
       id: global_id_of(dast_profile),
       name: 'updated dast_profiles.name',
       branch_name: project.default_branch,

ee/spec/requests/api/graphql/mutations/dast_scanner_profiles/delete_spec.rb

@@ -14,11 +14,7 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
   let(:mutation_name) { :dast_scanner_profile_delete }
 
   let(:mutation) do
-    graphql_mutation(
-      mutation_name,
-      full_path: full_path,
-      id: dast_scanner_profile_id
-    )
+    graphql_mutation(mutation_name, id: dast_scanner_profile_id)
   end
 
   it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
@@ -27,17 +23,10 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
       expect { subject }.to change { DastScannerProfile.count }.by(-1)
     end
 
-    context 'when the dast_scanner_profile belongs to another project' do
-      let_it_be(:other_project) { create(:project, creator: current_user) }
-      let_it_be(:full_path) { other_project.full_path }
-
-      it_behaves_like 'a mutation that returns a top-level access error'
-    end
-
     context 'when the dast_scanner_profile does not exist' do
       let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
 
-      it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters']
+      it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
     end
   end
 end

ee/spec/requests/api/graphql/mutations/dast_scanner_profiles/update_spec.rb

@@ -22,7 +22,6 @@ RSpec.describe 'Update a DAST Scanner Profile' do
   let(:mutation) do
     graphql_mutation(
       mutation_name,
-      full_path: full_path,
       id: dast_scanner_profile_id,
       profile_name: new_profile_name,
       target_timeout: new_target_timeout,
@@ -66,14 +65,7 @@ RSpec.describe 'Update a DAST Scanner Profile' do
     context 'when the dast_scanner_profile does not exist' do
       let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
 
-      it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters']
-    end
-
-    context 'when the dast_scanner_profile belongs to a different project' do
-      let_it_be(:other_project) { create(:project, creator: current_user) }
-      let_it_be(:full_path) { other_project.full_path }
-
-      it_behaves_like 'a mutation that returns a top-level access error'
+      it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
     end
   end
 end

ee/spec/requests/api/graphql/mutations/dast_site_profiles/delete_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-RSpec.describe 'Creating a DAST Site Profile' do
+RSpec.describe 'Deleting a DAST Site Profile' do
   include GraphqlHelpers
 
   let_it_be(:project) { create(:project) }
@@ -13,11 +13,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
   let(:mutation_name) { :dast_site_profile_delete }
 
   let(:mutation) do
-    graphql_mutation(
-      mutation_name,
-      full_path: full_path,
-      id: dast_site_profile_id
-    )
+    graphql_mutation(mutation_name, id: dast_site_profile_id)
   end
 
   it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
@@ -40,7 +36,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
     context 'when the dast_site_profile does not exist' do
       let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
 
-      it_behaves_like 'a mutation that returns errors in the response', errors: ['Site profile not found for given parameters']
+      it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
     end
 
     context 'when wrong type of global id is passed' do
@@ -54,12 +50,5 @@ RSpec.describe 'Creating a DAST Site Profile' do
         end
       end
     end
-
-    context 'when the dast_site_profile belongs to a different project' do
-      let_it_be(:other_project) { create(:project) }
-      let_it_be(:full_path) { other_project.full_path }
-
-      it_behaves_like 'a mutation that returns a top-level access error'
-    end
   end
 end

ee/spec/requests/api/graphql/mutations/dast_site_profiles/update_spec.rb

@@ -18,7 +18,6 @@ RSpec.describe 'Creating a DAST Site Profile' do
   let(:mutation) do
     graphql_mutation(
       mutation_name,
-      full_path: full_path,
       id: dast_site_profile_id,
       profile_name: new_profile_name,
       target_url: new_target_url,
@@ -70,7 +69,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
     context 'when the dast_site_profile does not exist' do
       let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
 
-      it_behaves_like 'a mutation that returns errors in the response', errors: ['DastSiteProfile not found']
+      it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
     end
 
     context 'when wrong type of global id is passed' do
@@ -84,12 +83,5 @@ RSpec.describe 'Creating a DAST Site Profile' do
         end
       end
     end
-
-    context 'when the dast_site_profile belongs to a different project' do
-      let_it_be(:other_project) { create(:project, creator: current_user) }
-      let_it_be(:full_path) { other_project.full_path }
-
-      it_behaves_like 'a mutation that returns a top-level access error'
-    end
   end
 end