Add #to_reference method for Vulnerability

4f3c3566 · Alan (Maciej) Paruszewski · Vitali Tatarintev · 8fca4b2d · 4f3c3566 · 4f3c3566
Commit 4f3c3566 authored Sep 10, 2020 by Alan (Maciej) Paruszewski Committed by Vitali Tatarintev Sep 10, 2020
3 changed files
--- a/ee/app/models/vulnerability.rb
+++ b/ee/app/models/vulnerability.rb
@@ -75,6 +75,10 @@ class Vulnerability < ApplicationRecord
  scope :order_severity_desc, -> { reorder(severity: :desc, id: :desc) }
  class << self
+    def reference_prefix
+      '^'
+    end
    def parent_class
      ::Project
    end
@@ -129,6 +133,12 @@ class Vulnerability < ApplicationRecord
    end
  end
+  def to_reference(from = nil, full: false)
+    reference = "#{self.class.reference_prefix}#{id}"
+    "#{project.to_reference_base(from, full: full)}#{reference}"
+  end
  # There will only be one finding associated with a vulnerability for the foreseeable future
  def finding
    findings.first

--- a/ee/changelogs/unreleased/243447-fix-problem-with-todo-reference-for-vulnerabilities.yml
+++ b/ee/changelogs/unreleased/243447-fix-problem-with-todo-reference-for-vulnerabilities.yml
+---
+title: Introduce ^ as a reference prefix for Vulnerabilities
+merge_request: 41643
+author:
+type: fixed
--- a/ee/spec/models/vulnerability_spec.rb
+++ b/ee/spec/models/vulnerability_spec.rb
@@ -273,6 +273,91 @@ RSpec.describe Vulnerability do
    it { is_expected.to eq('critical' => 6, 'high' => 4, 'info' => 1, 'low' => 5, 'medium' => 2, 'unknown' => 3) }
  end
+  describe '.reference_prefix' do
+    subject { described_class.reference_prefix }
+    it { is_expected.to eq('^') }
+  end
+  describe '#to_reference' do
+    let(:namespace) { build(:namespace, path: 'sample-namespace') }
+    let(:project) { build(:project, name: 'sample-project', namespace: namespace) }
+    let(:vulnerability) { build(:vulnerability, id: 1, project: project) }
+    context 'when nil argument' do
+      it 'returns vulnerability id' do
+        expect(vulnerability.to_reference).to eq '^1'
+      end
+      it 'returns complete path to the vulnerability with full: true' do
+        expect(vulnerability.to_reference(full: true)).to eq 'sample-namespace/sample-project^1'
+      end
+    end
+    context 'when argument is a project' do
+      context 'when same project' do
+        it 'returns vulnerability id' do
+          expect(vulnerability.to_reference(project)).to eq('^1')
+        end
+        it 'returns full reference with full: true' do
+          expect(vulnerability.to_reference(project, full: true)).to eq 'sample-namespace/sample-project^1'
+        end
+      end
+      context 'when cross-project in same namespace' do
+        let(:another_project) do
+          build(:project, name: 'another-project', namespace: project.namespace)
+        end
+        it 'returns a cross-project reference' do
+          expect(vulnerability.to_reference(another_project)).to eq 'sample-project^1'
+        end
+        it 'returns full reference with full: true' do
+          expect(vulnerability.to_reference(another_project, full: true)).to eq 'sample-namespace/sample-project^1'
+        end
+      end
+      context 'when cross-project in different namespace' do
+        let(:another_namespace) { build(:namespace, path: 'another-namespace') }
+        let(:another_namespace_project) { build(:project, path: 'another-project', namespace: another_namespace) }
+        it 'returns complete path to the vulnerability' do
+          expect(vulnerability.to_reference(another_namespace_project)).to eq 'sample-namespace/sample-project^1'
+        end
+        it 'returns full reference with full: true' do
+          expect(vulnerability.to_reference(another_namespace_project, full: true)).to eq 'sample-namespace/sample-project^1'
+        end
+      end
+    end
+    context 'when argument is a namespace' do
+      context 'when same as vulnerability' do
+        it 'returns path to the vulnerability with the project name' do
+          expect(vulnerability.to_reference(namespace)).to eq 'sample-project^1'
+        end
+        it 'returns full reference with full: true' do
+          expect(vulnerability.to_reference(namespace, full: true)).to eq 'sample-namespace/sample-project^1'
+        end
+      end
+      context 'when different from vulnerability namespace' do
+        let(:group) { build(:group, name: 'Group', path: 'sample-group') }
+        it 'returns full path to the vulnerability with full: true' do
+          expect(vulnerability.to_reference(group)).to eq 'sample-namespace/sample-project^1'
+        end
+        it 'returns full path to the vulnerability with full: false' do
+          expect(vulnerability.to_reference(group, full: false)).to eq 'sample-namespace/sample-project^1'
+        end
+      end
+    end
+  end
  describe '#finding' do
    let_it_be(:project) { create(:project, :with_vulnerability) }
    let_it_be(:vulnerability) { project.vulnerabilities.first }