Commit 499527c6 authored by Avielle Wolfe's avatar Avielle Wolfe Committed by Nick Thomas

Clean up vulnerability findings actions

* Fix a spec giving false positive
* VulnerabilityFindingsActions -> ProjectVulnerabilityFindingsActions
    This captures that it contains the actions used on the project
    security dashboard
* VulnerabilityFindingsHistory -> ProjectsVulnerabilityFindingsActions
    This captures that it is/will be used on the group and instance
    security dashboards. It includes
    ProjectVulnerabilityFindingsAction and additionally adds the
    history action.
* Replace references to `group` with `vulnerable` in history cache
    classes. This reflects the upcoming use of those classes for
    the instance security dashboard.
parent d81f132a
# frozen_string_literal: true
module VulnerabilityFindingsHistory
module ProjectCollectionVulnerabilityFindingsActions
extend ActiveSupport::Concern
include ProjectVulnerabilityFindingsActions
included do
def history
history_count = Gitlab::Vulnerabilities::History.new(group, filter_params).findings_counter
history_count = Gitlab::Vulnerabilities::History.new(vulnerable, filter_params).findings_counter
respond_to do |format|
format.json do
......
# frozen_string_literal: true
# The VulnerabilityFindingsActions concern contains actions that are used to populate findings
# The ProjectVulnerabilityFindingsActions concern contains actions that are used to populate findings
# on security dashboards.
#
# Note: Consumers of this module will need to define a `def vulnerable` method, which must return
# an object with an interface that matches the one provided by the Vulnerable model concern.
module VulnerabilityFindingsActions
module ProjectVulnerabilityFindingsActions
extend ActiveSupport::Concern
def index
......
......@@ -3,8 +3,7 @@
class Groups::Security::VulnerabilitiesController < Groups::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions
include VulnerabilityFindingsActions
include VulnerabilityFindingsHistory
include ProjectCollectionVulnerabilityFindingsActions
alias_method :vulnerable, :group
......
......@@ -3,8 +3,7 @@
class Groups::Security::VulnerabilityFindingsController < Groups::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions
include VulnerabilityFindingsActions
include VulnerabilityFindingsHistory
include ProjectCollectionVulnerabilityFindingsActions
alias_method :vulnerable, :group
......
......@@ -3,7 +3,7 @@
class Projects::Security::VulnerabilitiesController < Projects::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions
include VulnerabilityFindingsActions
include ProjectVulnerabilityFindingsActions
alias_method :vulnerable, :project
......
......@@ -3,7 +3,7 @@
class Projects::Security::VulnerabilityFindingsController < Projects::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions
include VulnerabilityFindingsActions
include ProjectVulnerabilityFindingsActions
alias_method :vulnerable, :project
......
......@@ -5,12 +5,12 @@ require 'vulnerabilities/history_serializer'
module Gitlab
module Vulnerabilities
class History
attr_reader :group, :filters
attr_reader :vulnerable, :filters
HISTORY_RANGE = 3.months
def initialize(group, filters)
@group = group
def initialize(vulnerable, filters)
@vulnerable = vulnerable
@filters = filters
end
......@@ -24,14 +24,14 @@ module Gitlab
private
def vulnerability_findings
::Security::VulnerabilityFindingsFinder.new(group, params: filters).execute(:all)
::Security::VulnerabilityFindingsFinder.new(vulnerable, params: filters).execute(:all)
end
def cached_vulnerability_history
history = { undefined: {}, info: {}, unknown: {}, low: {}, medium: {}, high: {}, critical: {}, total: {} }
project_ids_to_fetch.each do |project_id|
project_history = Gitlab::Vulnerabilities::HistoryCache.new(group, project_id).fetch(HISTORY_RANGE)
project_history = Gitlab::Vulnerabilities::HistoryCache.new(vulnerable, project_id).fetch(HISTORY_RANGE)
history.each do |key, value|
value.merge!(project_history[key]) { |k, aggregate, project_count| aggregate + project_count }
end
......@@ -56,7 +56,7 @@ module Gitlab
def project_ids_to_fetch
return filters[:project_id] if filters.key?('project_id')
group.project_ids_with_security_reports
vulnerable.project_ids_with_security_reports
end
end
end
......
......@@ -3,17 +3,17 @@
module Gitlab
module Vulnerabilities
class HistoryCache
attr_reader :group, :project_id
attr_reader :vulnerable, :project_id
def initialize(group, project_id)
@group = group
def initialize(vulnerable, project_id)
@vulnerable = vulnerable
@project_id = project_id
end
def fetch(range, force: false)
Rails.cache.fetch(cache_key, force: force, expires_in: 1.day) do
findings = ::Security::VulnerabilityFindingsFinder
.new(group, params: { project_id: [project_id] })
.new(vulnerable, params: { project_id: [project_id] })
.execute(:all)
.count_by_day_and_severity(range)
::Vulnerabilities::HistorySerializer.new.represent(findings)
......
......@@ -10,7 +10,7 @@ describe Groups::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is enabled this controller is not,
# its actions are "moved" Groups::Security::VulnerabilityFindingsController
it_behaves_like 'VulnerabilityFindingsActions disabled' do
it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { group }
let(:vulnerable_params) { params }
end
......@@ -29,7 +29,7 @@ describe Groups::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is disabled, we fall back to this controller
it_behaves_like VulnerabilityFindingsActions do
it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { group }
let(:vulnerable_params) { params }
end
......
......@@ -9,7 +9,7 @@ describe Groups::Security::VulnerabilityFindingsController do
# when new Vulnerability Findings API is enabled, this controller is enabled as well
it_behaves_like VulnerabilityFindingsActions do
it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { group }
let(:vulnerable_params) { params }
end
......@@ -29,7 +29,7 @@ describe Groups::Security::VulnerabilityFindingsController do
# when new Vulnerability Findings API is disabled, this controller is disabled as well
# and its actions are "moved" to Groups::Security::VulnerabilitiesController
it_behaves_like 'VulnerabilityFindingsActions disabled' do
it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { group }
let(:vulnerable_params) { params }
end
......
......@@ -9,7 +9,7 @@ describe Projects::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is enabled, this controller is not
# and its actions are "moved" to Projects::Security::VulnerabilityFindingsController
it_behaves_like 'VulnerabilityFindingsActions disabled' do
it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { project }
let(:vulnerable_params) { params }
end
......@@ -26,7 +26,7 @@ describe Projects::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is disabled, we fall back to this controller
it_behaves_like VulnerabilityFindingsActions do
it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { project }
let(:vulnerable_params) { params }
end
......
......@@ -8,7 +8,7 @@ describe Projects::Security::VulnerabilityFindingsController do
# when new Vulnerability Findings API is enabled, this controller serves it
it_behaves_like VulnerabilityFindingsActions do
it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { project }
let(:vulnerable_params) { params }
end
......@@ -26,7 +26,7 @@ describe Projects::Security::VulnerabilityFindingsController do
# new Vulnerability Findings API is disabled and we fall back to
# Projects::Security::VulnerabilitiesController
it_behaves_like 'VulnerabilityFindingsActions disabled' do
it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { project }
let(:vulnerable_params) { params }
end
......
......@@ -2,7 +2,7 @@
require 'spec_helper'
shared_examples 'VulnerabilityFindingsActions disabled' do
shared_examples 'ProjectVulnerabilityFindingsActions disabled' do
include ApiHelpers
include VulnerableHelpers
......
......@@ -2,7 +2,7 @@
require 'spec_helper'
shared_examples VulnerabilityFindingsActions do
shared_examples ProjectVulnerabilityFindingsActions do
include ApiHelpers
include VulnerableHelpers
......@@ -140,12 +140,12 @@ shared_examples VulnerabilityFindingsActions do
end
context 'with enabled filters' do
let(:action_params) { vulnerable_params.merge(report_type: %w[sast dast], severity: %[high low]) }
let(:action_params) { vulnerable_params.merge(report_type: %w[sast dast], severity: %w[high low]) }
it 'returns counts for filtered vulnerability findings' do
expect(json_response['high']).to eq(3)
expect(json_response['low']).to eq(0)
expect(json_response['medium']).to eq(2)
expect(json_response['medium']).to eq(0)
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment