Commit 43278e7c authored by Bob Van Landuyt's avatar Bob Van Landuyt

Merge branch 'philipcunningham-find-by-global-id-321205' into 'master'

Deprecate fullPath from DAST on-demand mutations

See merge request gitlab-org/gitlab!72478
parents 0f4009ad 73f76499
...@@ -1598,7 +1598,7 @@ Input type: `DastProfileRunInput` ...@@ -1598,7 +1598,7 @@ Input type: `DastProfileRunInput`
| Name | Type | Description | | Name | Type | Description |
| ---- | ---- | ----------- | | ---- | ---- | ----------- |
| <a id="mutationdastprofilerunclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationdastprofilerunclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastprofilerunfullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. | | <a id="mutationdastprofilerunfullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastprofilerunid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be used for the scan. | | <a id="mutationdastprofilerunid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be used for the scan. |
#### Fields #### Fields
...@@ -1623,7 +1623,7 @@ Input type: `DastProfileUpdateInput` ...@@ -1623,7 +1623,7 @@ Input type: `DastProfileUpdateInput`
| <a id="mutationdastprofileupdatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile to be associated. | | <a id="mutationdastprofileupdatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile to be associated. |
| <a id="mutationdastprofileupdatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile to be associated. | | <a id="mutationdastprofileupdatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile to be associated. |
| <a id="mutationdastprofileupdatedescription"></a>`description` | [`String`](#string) | Description of the profile. Defaults to an empty string. | | <a id="mutationdastprofileupdatedescription"></a>`description` | [`String`](#string) | Description of the profile. Defaults to an empty string. |
| <a id="mutationdastprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the profile belongs to. | | <a id="mutationdastprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastprofileupdateid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be deleted. | | <a id="mutationdastprofileupdateid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be deleted. |
| <a id="mutationdastprofileupdatename"></a>`name` | [`String`](#string) | Name of the profile. | | <a id="mutationdastprofileupdatename"></a>`name` | [`String`](#string) | Name of the profile. |
| <a id="mutationdastprofileupdaterunafterupdate"></a>`runAfterUpdate` | [`Boolean`](#boolean) | Run scan using profile after update. Defaults to false. | | <a id="mutationdastprofileupdaterunafterupdate"></a>`runAfterUpdate` | [`Boolean`](#boolean) | Run scan using profile after update. Defaults to false. |
...@@ -1671,7 +1671,7 @@ Input type: `DastScannerProfileDeleteInput` ...@@ -1671,7 +1671,7 @@ Input type: `DastScannerProfileDeleteInput`
| Name | Type | Description | | Name | Type | Description |
| ---- | ---- | ----------- | | ---- | ---- | ----------- |
| <a id="mutationdastscannerprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationdastscannerprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. | | <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastscannerprofiledeleteid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be deleted. | | <a id="mutationdastscannerprofiledeleteid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be deleted. |
#### Fields #### Fields
...@@ -1690,7 +1690,7 @@ Input type: `DastScannerProfileUpdateInput` ...@@ -1690,7 +1690,7 @@ Input type: `DastScannerProfileUpdateInput`
| Name | Type | Description | | Name | Type | Description |
| ---- | ---- | ----------- | | ---- | ---- | ----------- |
| <a id="mutationdastscannerprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationdastscannerprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the scanner profile belongs to. | | <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastscannerprofileupdateid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be updated. | | <a id="mutationdastscannerprofileupdateid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be updated. |
| <a id="mutationdastscannerprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the scanner profile. | | <a id="mutationdastscannerprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the scanner profile. |
| <a id="mutationdastscannerprofileupdatescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. | | <a id="mutationdastscannerprofileupdatescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. |
...@@ -1741,7 +1741,7 @@ Input type: `DastSiteProfileDeleteInput` ...@@ -1741,7 +1741,7 @@ Input type: `DastSiteProfileDeleteInput`
| Name | Type | Description | | Name | Type | Description |
| ---- | ---- | ----------- | | ---- | ---- | ----------- |
| <a id="mutationdastsiteprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationdastsiteprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. | | <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastsiteprofiledeleteid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be deleted. | | <a id="mutationdastsiteprofiledeleteid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be deleted. |
#### Fields #### Fields
...@@ -1762,7 +1762,7 @@ Input type: `DastSiteProfileUpdateInput` ...@@ -1762,7 +1762,7 @@ Input type: `DastSiteProfileUpdateInput`
| <a id="mutationdastsiteprofileupdateauth"></a>`auth` | [`DastSiteProfileAuthInput`](#dastsiteprofileauthinput) | Parameters for authentication. | | <a id="mutationdastsiteprofileupdateauth"></a>`auth` | [`DastSiteProfileAuthInput`](#dastsiteprofileauthinput) | Parameters for authentication. |
| <a id="mutationdastsiteprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationdastsiteprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastsiteprofileupdateexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | URLs to skip during an authenticated scan. | | <a id="mutationdastsiteprofileupdateexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | URLs to skip during an authenticated scan. |
| <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. | | <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be updated. | | <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be updated. |
| <a id="mutationdastsiteprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the site profile. | | <a id="mutationdastsiteprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the site profile. |
| <a id="mutationdastsiteprofileupdaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. | | <a id="mutationdastsiteprofileupdaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. |
......
...@@ -10,10 +10,6 @@ module Mutations ...@@ -10,10 +10,6 @@ module Mutations
SiteProfileID = ::Types::GlobalIDType[::DastSiteProfile] SiteProfileID = ::Types::GlobalIDType[::DastSiteProfile]
included do included do
argument :full_path, GraphQL::Types::ID,
required: true,
description: 'Project the site profile belongs to.'
argument :profile_name, GraphQL::Types::String, argument :profile_name, GraphQL::Types::String,
required: true, required: true,
description: 'Name of the site profile.' description: 'Name of the site profile.'
......
...@@ -15,7 +15,8 @@ module Mutations ...@@ -15,7 +15,8 @@ module Mutations
description: 'URL of the pipeline that was created.' description: 'URL of the pipeline that was created.'
argument :full_path, GraphQL::Types::ID, argument :full_path, GraphQL::Types::ID,
required: true, required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Full path for the project the scanner profile belongs to.' description: 'Full path for the project the scanner profile belongs to.'
argument :id, ProfileID, argument :id, ProfileID,
...@@ -24,17 +25,10 @@ module Mutations ...@@ -24,17 +25,10 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, id:) def resolve(id:, full_path: nil)
project = authorized_find!(full_path) dast_profile = authorized_find!(id)
# TODO: remove this line once the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id).model_id
dast_profile = find_dast_profile(project, id)
return { errors: ['Profile not found for given parameters'] } unless dast_profile
response = create_on_demand_dast_scan(project, dast_profile) response = create_on_demand_dast_scan(dast_profile)
return { errors: response.errors } if response.error? return { errors: response.errors } if response.error?
...@@ -43,15 +37,17 @@ module Mutations ...@@ -43,15 +37,17 @@ module Mutations
private private
def find_dast_profile(project, id) def find_object(id)
::Dast::ProfilesFinder.new(project_id: project.id, id: id) # TODO: remove this line when the compatibility layer is removed
.execute # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
.first id = ProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end end
def create_on_demand_dast_scan(project, dast_profile) def create_on_demand_dast_scan(dast_profile)
::AppSec::Dast::Scans::CreateService.new( ::AppSec::Dast::Scans::CreateService.new(
container: project, container: dast_profile.project,
current_user: current_user, current_user: current_user,
params: { dast_profile: dast_profile } params: { dast_profile: dast_profile }
).execute ).execute
......
...@@ -27,12 +27,13 @@ module Mutations ...@@ -27,12 +27,13 @@ module Mutations
description: 'ID of the profile to be deleted.' description: 'ID of the profile to be deleted.'
argument :full_path, GraphQL::Types::ID, argument :full_path, GraphQL::Types::ID,
required: true, required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the profile belongs to.' description: 'Project the profile belongs to.'
argument :dast_profile_schedule, ::Types::Dast::ProfileScheduleInputType, argument :dast_profile_schedule, ::Types::Dast::ProfileScheduleInputType,
required: false, required: false,
description: 'Represents a DAST profile schedule. Results in an error if `dast_on_demand_scans_scheduler` feature flag is disabled.' description: 'Represents a DAST profile schedule. Results in an error if `dast_on_demand_scans_scheduler` feature flag is disabled.'
argument :name, GraphQL::Types::String, argument :name, GraphQL::Types::String,
required: false, required: false,
...@@ -62,12 +63,9 @@ module Mutations ...@@ -62,12 +63,9 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, id:, name:, description:, branch_name: nil, dast_scanner_profile_id: nil, run_after_update: false, **args) def resolve(id:, name:, description:, full_path: nil, branch_name: nil, dast_scanner_profile_id: nil, run_after_update: false, **args)
project = authorized_find!(full_path) dast_profile = authorized_find!(id)
raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(args[:dast_profile_schedule], project) raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(args[:dast_profile_schedule], dast_profile.project)
dast_profile = find_dast_profile(project.id, id)
authorize!(dast_profile)
params = { params = {
dast_profile: dast_profile, dast_profile: dast_profile,
...@@ -81,7 +79,7 @@ module Mutations ...@@ -81,7 +79,7 @@ module Mutations
}.compact }.compact
response = ::AppSec::Dast::Profiles::UpdateService.new( response = ::AppSec::Dast::Profiles::UpdateService.new(
container: project, container: dast_profile.project,
current_user: current_user, current_user: current_user,
params: params params: params
).execute ).execute
...@@ -109,14 +107,12 @@ module Mutations ...@@ -109,14 +107,12 @@ module Mutations
klass.coerce_isolated_input(value).model_id klass.coerce_isolated_input(value).model_id
end end
def find_dast_profile(project_id, id) def find_object(id)
# TODO: remove this line once the compatibility layer is removed # TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883 # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id).model_id id = ProfileID.coerce_isolated_input(id)
::Dast::ProfilesFinder.new(project_id: project_id, id: id) GitlabSchema.find_by_gid(id)
.execute
.first
end end
end end
end end
......
...@@ -10,24 +10,21 @@ module Mutations ...@@ -10,24 +10,21 @@ module Mutations
ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile] ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile]
argument :full_path, GraphQL::Types::ID, argument :full_path, GraphQL::Types::ID,
required: true, required: false,
description: 'Full path for the project the scanner profile belongs to.' deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Full path for the project the scanner profile belongs to.'
argument :id, ScannerProfileID, argument :id, ScannerProfileID,
required: true, required: true,
description: 'ID of the scanner profile to be deleted.' description: 'ID of the scanner profile to be deleted.'
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, id:) def resolve(id:, full_path: nil)
# TODO: remove this line once the compatibility layer is removed dast_scanner_profile = authorized_find!(id)
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id)
project = authorized_find!(full_path)
service = ::AppSec::Dast::ScannerProfiles::DestroyService.new(project, current_user) service = ::AppSec::Dast::ScannerProfiles::DestroyService.new(dast_scanner_profile.project, current_user)
result = service.execute(id: id.model_id) result = service.execute(id: dast_scanner_profile.id)
if result.success? if result.success?
{ errors: [] } { errors: [] }
...@@ -35,6 +32,16 @@ module Mutations ...@@ -35,6 +32,16 @@ module Mutations
{ errors: result.errors } { errors: result.errors }
end end
end end
private
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end end
end end
end end
...@@ -7,56 +7,55 @@ module Mutations ...@@ -7,56 +7,55 @@ module Mutations
graphql_name 'DastScannerProfileUpdate' graphql_name 'DastScannerProfileUpdate'
field :id, ::Types::GlobalIDType[::DastScannerProfile], ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile]
field :id, ScannerProfileID,
null: true, null: true,
description: 'ID of the scanner profile.' description: 'ID of the scanner profile.'
argument :full_path, GraphQL::Types::ID, argument :full_path, GraphQL::Types::ID,
required: true, required: false,
description: 'Project the scanner profile belongs to.' deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the scanner profile belongs to.'
argument :id, ::Types::GlobalIDType[::DastScannerProfile], argument :id, ::Types::GlobalIDType[::DastScannerProfile],
required: true, required: true,
description: 'ID of the scanner profile to be updated.' description: 'ID of the scanner profile to be updated.'
argument :profile_name, GraphQL::Types::String, argument :profile_name, GraphQL::Types::String,
required: true, required: true,
description: 'Name of the scanner profile.' description: 'Name of the scanner profile.'
argument :spider_timeout, GraphQL::Types::Int, argument :spider_timeout, GraphQL::Types::Int,
required: true, required: true,
description: 'Maximum number of minutes allowed for the spider to traverse the site.' description: 'Maximum number of minutes allowed for the spider to traverse the site.'
argument :target_timeout, GraphQL::Types::Int, argument :target_timeout, GraphQL::Types::Int,
required: true, required: true,
description: 'Maximum number of seconds allowed for the site under test to respond to a request.' description: 'Maximum number of seconds allowed for the site under test to respond to a request.'
argument :scan_type, Types::DastScanTypeEnum, argument :scan_type, Types::DastScanTypeEnum,
required: false, required: false,
description: 'Indicates the type of DAST scan that will run. ' \ description: 'Indicates the type of DAST scan that will run. ' \
'Either a Passive Scan or an Active Scan.' 'Either a Passive Scan or an Active Scan.'
argument :use_ajax_spider, GraphQL::Types::Boolean, argument :use_ajax_spider, GraphQL::Types::Boolean,
required: false, required: false,
description: 'Indicates if the AJAX spider should be used to crawl the target site. ' \ description: 'Indicates if the AJAX spider should be used to crawl the target site. ' \
'True to run the AJAX spider in addition to the traditional spider, and false to run only the traditional spider.' 'True to run the AJAX spider in addition to the traditional spider, and false to run only the traditional spider.'
argument :show_debug_messages, GraphQL::Types::Boolean, argument :show_debug_messages, GraphQL::Types::Boolean,
required: false, required: false,
description: 'Indicates if debug messages should be included in DAST console output. ' \ description: 'Indicates if debug messages should be included in DAST console output. ' \
'True to include the debug messages.' 'True to include the debug messages.'
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, **service_args) def resolve(id:, full_path: nil, **service_args)
# TODO: remove this explicit coercion once the compatibility layer is removed dast_scanner_profile = authorized_find!(id)
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
gid = ::Types::GlobalIDType[::DastScannerProfile].coerce_isolated_input(service_args[:id])
project = authorized_find!(full_path)
service = ::AppSec::Dast::ScannerProfiles::UpdateService.new(project, current_user) service = ::AppSec::Dast::ScannerProfiles::UpdateService.new(dast_scanner_profile.project, current_user)
result = service.execute(**service_args, id: gid.model_id) result = service.execute(**service_args, id: dast_scanner_profile.id)
if result.success? if result.success?
{ id: result.payload.to_global_id, errors: [] } { id: result.payload.to_global_id, errors: [] }
...@@ -64,6 +63,16 @@ module Mutations ...@@ -64,6 +63,16 @@ module Mutations
{ errors: result.errors } { errors: result.errors }
end end
end end
private
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end end
end end
end end
...@@ -12,6 +12,10 @@ module Mutations ...@@ -12,6 +12,10 @@ module Mutations
null: true, null: true,
description: 'ID of the site profile.' description: 'ID of the site profile.'
argument :full_path, GraphQL::Types::ID,
required: true,
description: 'Project the site profile belongs to.'
argument :excluded_urls, [GraphQL::Types::String], argument :excluded_urls, [GraphQL::Types::String],
required: false, required: false,
default_value: [], default_value: [],
......
...@@ -5,24 +5,24 @@ module Mutations ...@@ -5,24 +5,24 @@ module Mutations
class Delete < BaseMutation class Delete < BaseMutation
graphql_name 'DastSiteProfileDelete' graphql_name 'DastSiteProfileDelete'
ProfileID = ::Types::GlobalIDType[::DastSiteProfile]
argument :full_path, GraphQL::Types::ID, argument :full_path, GraphQL::Types::ID,
required: true, required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the site profile belongs to.' description: 'Project the site profile belongs to.'
argument :id, Mutations::AppSec::Dast::SiteProfiles::SharedArguments::SiteProfileID, argument :id, ProfileID,
required: true, required: true,
description: 'ID of the site profile to be deleted.' description: 'ID of the site profile to be deleted.'
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, id:) def resolve(id:, full_path: nil)
project = authorized_find!(full_path) dast_site_profile = authorized_find!(id)
# TODO: remove explicit coercion once compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id)
service = ::AppSec::Dast::SiteProfiles::DestroyService.new(project, current_user) service = ::AppSec::Dast::SiteProfiles::DestroyService.new(dast_site_profile.project, current_user)
result = service.execute(id: id.model_id) result = service.execute(id: dast_site_profile.id)
return { errors: result.errors } unless result.success? return { errors: result.errors } unless result.success?
...@@ -31,8 +31,12 @@ module Mutations ...@@ -31,8 +31,12 @@ module Mutations
private private
def find_object(full_path) def find_object(id)
Project.find_by_full_path(full_path) # TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end end
end end
end end
......
...@@ -12,6 +12,11 @@ module Mutations ...@@ -12,6 +12,11 @@ module Mutations
null: true, null: true,
description: 'ID of the site profile.' description: 'ID of the site profile.'
argument :full_path, GraphQL::Types::ID,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the site profile belongs to.'
argument :id, SiteProfileID, argument :id, SiteProfileID,
required: true, required: true,
description: 'ID of the site profile to be updated.' description: 'ID of the site profile to be updated.'
...@@ -22,15 +27,15 @@ module Mutations ...@@ -22,15 +27,15 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, id:, profile_name:, target_url: nil, **params) def resolve(id:, full_path: nil, profile_name:, target_url: nil, **params)
project = authorized_find!(full_path) dast_site_profile = authorized_find!(id)
auth_params = params[:auth] || {} auth_params = params[:auth] || {}
# TODO: remove explicit coercion once compatibility layer has been removed # TODO: remove explicit coercion once compatibility layer has been removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883 # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
dast_site_profile_params = { dast_site_profile_params = {
id: SiteProfileID.coerce_isolated_input(id).model_id, id: dast_site_profile.id,
name: profile_name, name: profile_name,
target_url: target_url, target_url: target_url,
target_type: params[:target_type], target_type: params[:target_type],
...@@ -44,10 +49,20 @@ module Mutations ...@@ -44,10 +49,20 @@ module Mutations
auth_password: auth_params[:password] auth_password: auth_params[:password]
}.compact }.compact
result = ::AppSec::Dast::SiteProfiles::UpdateService.new(project, current_user).execute(**dast_site_profile_params) result = ::AppSec::Dast::SiteProfiles::UpdateService.new(dast_site_profile.project, current_user).execute(**dast_site_profile_params)
{ id: result.payload.try(:to_global_id), errors: result.errors } { id: result.payload.try(:to_global_id), errors: result.errors }
end end
private
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = SiteProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end end
end end
end end
...@@ -8,7 +8,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do ...@@ -8,7 +8,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:dast_profile) { create(:dast_profile, project: project, branch_name: project.default_branch) } let_it_be(:dast_profile) { create(:dast_profile, project: project, branch_name: project.default_branch) }
let(:full_path) { project.full_path }
let(:dast_profile_id) { dast_profile.to_global_id } let(:dast_profile_id) { dast_profile.to_global_id }
subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) } subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
...@@ -17,10 +16,7 @@ RSpec.describe Mutations::Dast::Profiles::Run do ...@@ -17,10 +16,7 @@ RSpec.describe Mutations::Dast::Profiles::Run do
describe '#resolve' do describe '#resolve' do
subject do subject do
mutation.resolve( mutation.resolve(id: dast_profile_id)
full_path: full_path,
id: dast_profile_id
)
end end
context 'when on demand scan licensed feature is not available' do context 'when on demand scan licensed feature is not available' do
...@@ -35,14 +31,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do ...@@ -35,14 +31,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
stub_licensed_features(security_on_demand_scans: true) stub_licensed_features(security_on_demand_scans: true)
end end
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do context 'when the user can run a dast scan' do
before do before do
project.add_developer(user) project.add_developer(user)
...@@ -74,8 +62,8 @@ RSpec.describe Mutations::Dast::Profiles::Run do ...@@ -74,8 +62,8 @@ RSpec.describe Mutations::Dast::Profiles::Run do
context 'when the dast_profile does not exist' do context 'when the dast_profile does not exist' do
let(:dast_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'Dast::Profile', id: 'does_not_exist') } let(:dast_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'Dast::Profile', id: 'does_not_exist') }
it 'communicates failure' do it 'raises an exception' do
expect(subject[:errors]).to include('Profile not found for given parameters') expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end end
end end
......
...@@ -38,7 +38,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do ...@@ -38,7 +38,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do
specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) } specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
describe '#resolve' do describe '#resolve' do
subject { mutation.resolve(**params.merge(full_path: project.full_path)) } subject { mutation.resolve(**params) }
shared_examples 'an unrecoverable failure' do |parameter| shared_examples 'an unrecoverable failure' do |parameter|
it 'raises an exception' do it 'raises an exception' do
...@@ -93,10 +93,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do ...@@ -93,10 +93,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do
let(:new_dast_profile_schedule) { attributes_for(:dast_profile_schedule) } let(:new_dast_profile_schedule) { attributes_for(:dast_profile_schedule) }
subject do subject do
mutation.resolve(**params.merge( mutation.resolve(**params.merge(dast_profile_schedule: new_dast_profile_schedule))
full_path: project.full_path,
dast_profile_schedule: new_dast_profile_schedule
))
end end
context 'when dast_on_demand_scans_scheduler feature is enabled' do context 'when dast_on_demand_scans_scheduler feature is enabled' do
......
...@@ -5,7 +5,6 @@ require 'spec_helper' ...@@ -5,7 +5,6 @@ require 'spec_helper'
RSpec.describe Mutations::DastScannerProfiles::Delete do RSpec.describe Mutations::DastScannerProfiles::Delete do
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:full_path) { project.full_path }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) } let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let(:dast_scanner_profile_id) { dast_scanner_profile.to_global_id } let(:dast_scanner_profile_id) { dast_scanner_profile.to_global_id }
...@@ -20,18 +19,7 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do ...@@ -20,18 +19,7 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
describe '#resolve' do describe '#resolve' do
subject do subject do
mutation.resolve( mutation.resolve(id: dast_scanner_profile_id)
full_path: full_path,
id: dast_scanner_profile_id
)
end
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end end
context 'when the user is not associated with the project' do context 'when the user is not associated with the project' do
...@@ -52,8 +40,8 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do ...@@ -52,8 +40,8 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
context 'when the dast_scanner_profile does not exist' do context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') } let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') }
it 'returns an error' do it 'raises an exception' do
expect(subject[:errors]).to include('Scanner profile not found for given parameters') expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end end
end end
......
...@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do ...@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
let_it_be(:group) { create(:group) } let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, group: group) } let_it_be(:project) { create(:project, group: group) }
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:full_path) { project.full_path }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) } let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) }
let_it_be(:new_profile_name) { SecureRandom.hex } let_it_be(:new_profile_name) { SecureRandom.hex }
...@@ -27,7 +26,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do ...@@ -27,7 +26,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
describe '#resolve' do describe '#resolve' do
subject do subject do
mutation.resolve( mutation.resolve(
full_path: full_path,
id: scanner_profile_id, id: scanner_profile_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_timeout: new_target_timeout, target_timeout: new_target_timeout,
...@@ -41,14 +39,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do ...@@ -41,14 +39,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
let(:scanner_profile_id) { dast_scanner_profile.to_global_id } let(:scanner_profile_id) { dast_scanner_profile.to_global_id }
context 'when on demand scan feature is enabled' do context 'when on demand scan feature is enabled' do
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a DAST scan' do context 'when the user can run a DAST scan' do
before do before do
project.add_developer(user) project.add_developer(user)
...@@ -57,7 +47,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do ...@@ -57,7 +47,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
context 'when the user omits unrequired elements' do context 'when the user omits unrequired elements' do
subject do subject do
mutation.resolve( mutation.resolve(
full_path: full_path,
id: scanner_profile_id, id: scanner_profile_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_timeout: new_target_timeout, target_timeout: new_target_timeout,
...@@ -93,7 +82,7 @@ RSpec.describe Mutations::DastScannerProfiles::Update do ...@@ -93,7 +82,7 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
let(:scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') } let(:scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') }
it 'raises an exception' do it 'raises an exception' do
expect(subject[:errors]).to include('Scanner profile not found for given parameters') expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end end
end end
end end
......
...@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do ...@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
let(:group) { create(:group) } let(:group) { create(:group) }
let(:project) { create(:project, group: group) } let(:project) { create(:project, group: group) }
let(:user) { create(:user) } let(:user) { create(:user) }
let(:full_path) { project.full_path }
let!(:dast_site_profile) { create(:dast_site_profile, project: project) } let!(:dast_site_profile) { create(:dast_site_profile, project: project) }
subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) } subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
...@@ -19,21 +18,10 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do ...@@ -19,21 +18,10 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
describe '#resolve' do describe '#resolve' do
subject do subject do
mutation.resolve( mutation.resolve(id: dast_site_profile.to_global_id)
full_path: full_path,
id: dast_site_profile.to_global_id
)
end end
context 'when on demand scan feature is enabled' do context 'when on demand scan feature is enabled' do
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do context 'when the user can run a dast scan' do
before do before do
project.add_developer(user) project.add_developer(user)
......
...@@ -8,7 +8,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -8,7 +8,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let(:full_path) { project.full_path }
let(:new_profile_name) { SecureRandom.hex } let(:new_profile_name) { SecureRandom.hex }
let(:new_target_url) { generate(:url) } let(:new_target_url) { generate(:url) }
let(:new_excluded_urls) { ["#{new_target_url}/signout"] } let(:new_excluded_urls) { ["#{new_target_url}/signout"] }
...@@ -37,7 +36,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -37,7 +36,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
describe '#resolve' do describe '#resolve' do
subject do subject do
mutation.resolve( mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id, id: dast_site_profile.to_global_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_url: new_target_url, target_url: new_target_url,
...@@ -49,14 +47,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -49,14 +47,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
end end
context 'when on demand scan feature is enabled' do context 'when on demand scan feature is enabled' do
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do context 'when the user can run a dast scan' do
before do before do
project.add_developer(user) project.add_developer(user)
...@@ -67,7 +57,7 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -67,7 +57,7 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
result = ServiceResponse.error(message: '') result = ServiceResponse.error(message: '')
service_params = { service_params = {
id: dast_site_profile.id.to_s, id: dast_site_profile.id,
name: new_profile_name, name: new_profile_name,
target_url: new_target_url, target_url: new_target_url,
target_type: new_target_type, target_type: new_target_type,
...@@ -112,7 +102,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -112,7 +102,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
context 'when the arguments are omitted' do context 'when the arguments are omitted' do
subject do subject do
mutation.resolve( mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id, id: dast_site_profile.to_global_id,
profile_name: new_profile_name profile_name: new_profile_name
) )
...@@ -128,7 +117,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do ...@@ -128,7 +117,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
context 'when the arguments are empty strings' do context 'when the arguments are empty strings' do
subject do subject do
mutation.resolve( mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id, id: dast_site_profile.to_global_id,
profile_name: new_profile_name, profile_name: new_profile_name,
request_headers: '', request_headers: '',
......
...@@ -12,11 +12,7 @@ RSpec.describe 'Running a DAST Profile' do ...@@ -12,11 +12,7 @@ RSpec.describe 'Running a DAST Profile' do
let(:mutation_name) { :dast_profile_run } let(:mutation_name) { :dast_profile_run }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(mutation_name, id: global_id_of(dast_profile))
mutation_name,
full_path: project.full_path,
id: global_id_of(dast_profile)
)
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
......
...@@ -14,7 +14,6 @@ RSpec.describe 'Updating a DAST Profile' do ...@@ -14,7 +14,6 @@ RSpec.describe 'Updating a DAST Profile' do
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: project.full_path,
id: global_id_of(dast_profile), id: global_id_of(dast_profile),
name: 'updated dast_profiles.name', name: 'updated dast_profiles.name',
branch_name: project.default_branch, branch_name: project.default_branch,
......
...@@ -14,11 +14,7 @@ RSpec.describe 'Delete a DAST Scanner Profile' do ...@@ -14,11 +14,7 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
let(:mutation_name) { :dast_scanner_profile_delete } let(:mutation_name) { :dast_scanner_profile_delete }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(mutation_name, id: dast_scanner_profile_id)
mutation_name,
full_path: full_path,
id: dast_scanner_profile_id
)
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
...@@ -27,17 +23,10 @@ RSpec.describe 'Delete a DAST Scanner Profile' do ...@@ -27,17 +23,10 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
expect { subject }.to change { DastScannerProfile.count }.by(-1) expect { subject }.to change { DastScannerProfile.count }.by(-1)
end end
context 'when the dast_scanner_profile belongs to another project' do
let_it_be(:other_project) { create(:project, creator: current_user) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end
context 'when the dast_scanner_profile does not exist' do context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) } let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters'] it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end end
end end
end end
...@@ -22,7 +22,6 @@ RSpec.describe 'Update a DAST Scanner Profile' do ...@@ -22,7 +22,6 @@ RSpec.describe 'Update a DAST Scanner Profile' do
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path,
id: dast_scanner_profile_id, id: dast_scanner_profile_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_timeout: new_target_timeout, target_timeout: new_target_timeout,
...@@ -66,14 +65,7 @@ RSpec.describe 'Update a DAST Scanner Profile' do ...@@ -66,14 +65,7 @@ RSpec.describe 'Update a DAST Scanner Profile' do
context 'when the dast_scanner_profile does not exist' do context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) } let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters'] it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end
context 'when the dast_scanner_profile belongs to a different project' do
let_it_be(:other_project) { create(:project, creator: current_user) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end end
end end
end end
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe 'Creating a DAST Site Profile' do RSpec.describe 'Deleting a DAST Site Profile' do
include GraphqlHelpers include GraphqlHelpers
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
...@@ -13,11 +13,7 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -13,11 +13,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
let(:mutation_name) { :dast_site_profile_delete } let(:mutation_name) { :dast_site_profile_delete }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(mutation_name, id: dast_site_profile_id)
mutation_name,
full_path: full_path,
id: dast_site_profile_id
)
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
...@@ -40,7 +36,7 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -40,7 +36,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
context 'when the dast_site_profile does not exist' do context 'when the dast_site_profile does not exist' do
let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) } let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Site profile not found for given parameters'] it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end end
context 'when wrong type of global id is passed' do context 'when wrong type of global id is passed' do
...@@ -54,12 +50,5 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -54,12 +50,5 @@ RSpec.describe 'Creating a DAST Site Profile' do
end end
end end
end end
context 'when the dast_site_profile belongs to a different project' do
let_it_be(:other_project) { create(:project) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end
end end
end end
...@@ -18,7 +18,6 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -18,7 +18,6 @@ RSpec.describe 'Creating a DAST Site Profile' do
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path,
id: dast_site_profile_id, id: dast_site_profile_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_url: new_target_url, target_url: new_target_url,
...@@ -70,7 +69,7 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -70,7 +69,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
context 'when the dast_site_profile does not exist' do context 'when the dast_site_profile does not exist' do
let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) } let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['DastSiteProfile not found'] it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end end
context 'when wrong type of global id is passed' do context 'when wrong type of global id is passed' do
...@@ -84,12 +83,5 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -84,12 +83,5 @@ RSpec.describe 'Creating a DAST Site Profile' do
end end
end end
end end
context 'when the dast_site_profile belongs to a different project' do
let_it_be(:other_project) { create(:project, creator: current_user) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment