Add standalone_vulnerabilities_enabled filter to API

This filter will be used to return only the projects which are using the standalone vulnerabilities. Related to https://gitlab.com/gitlab-org/gitlab/-/issues/213610

Add standalone_vulnerabilities_enabled filter to API
This filter will be used to return only the projects which are using the standalone vulnerabilities. Related to https://gitlab.com/gitlab-org/gitlab/-/issues/213610
5cd6d498 · Mehmet Emin INAC · James Lopez · 839037bf · 5cd6d498 · 5cd6d498
Commit 5cd6d498 authored May 07, 2020 by Mehmet Emin INAC Committed by James Lopez May 07, 2020
11 changed files
--- a/app/graphql/resolvers/namespace_projects_resolver.rb
+++ b/app/graphql/resolvers/namespace_projects_resolver.rb
@@ -29,3 +29,5 @@ module Resolvers
    end
  end
 end
+Resolvers::NamespaceProjectsResolver.prepend_if_ee('::EE::Resolvers::NamespaceProjectsResolver')
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -4156,6 +4156,11 @@ type Group {
    """
    first: Int
+    """
+    Returns only the projects which have vulnerabilities
+    """
+    hasVulnerabilities: Boolean = false
    """
    Include also subgroup projects
    """
@@ -6321,6 +6326,11 @@ type Namespace {
    """
    first: Int
+    """
+    Returns only the projects which have vulnerabilities
+    """
+    hasVulnerabilities: Boolean = false
    """
    Include also subgroup projects
    """

--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -11538,6 +11538,16 @@
                  },
                  "defaultValue": "false"
                },
+                {
+                  "name": "hasVulnerabilities",
+                  "description": "Returns only the projects which have vulnerabilities",
+                  "type": {
+                    "kind": "SCALAR",
+                    "name": "Boolean",
+                    "ofType": null
+                  },
+                  "defaultValue": "false"
+                },
                {
                  "name": "after",
                  "description": "Returns the elements in the list that come after the specified cursor.",
@@ -18773,6 +18783,16 @@
                  },
                  "defaultValue": "false"
                },
+                {
+                  "name": "hasVulnerabilities",
+                  "description": "Returns only the projects which have vulnerabilities",
+                  "type": {
+                    "kind": "SCALAR",
+                    "name": "Boolean",
+                    "ofType": null
+                  },
+                  "defaultValue": "false"
+                },
                {
                  "name": "after",
                  "description": "Returns the elements in the list that come after the specified cursor.",

--- a/ee/app/graphql/ee/resolvers/namespace_projects_resolver.rb
+++ b/ee/app/graphql/ee/resolvers/namespace_projects_resolver.rb
+# frozen_string_literal: true
+module EE
+  module Resolvers
+    module NamespaceProjectsResolver
+      extend ActiveSupport::Concern
+      prepended do
+        argument :has_vulnerabilities, GraphQL::BOOLEAN_TYPE,
+                 required: false,
+                 default_value: false,
+                 description: 'Returns only the projects which have vulnerabilities'
+      end
+      def resolve(include_subgroups:, has_vulnerabilities: false)
+        projects = super(include_subgroups: include_subgroups)
+        has_vulnerabilities ? projects.has_vulnerabilities : projects
+      end
+    end
+  end
+end
--- a/ee/app/graphql/ee/types/group_type.rb
+++ b/ee/app/graphql/ee/types/group_type.rb
@@ -30,7 +30,7 @@ module EE
              ::Types::VulnerabilityType.connection_type,
              null: true,
              description: 'Vulnerabilities reported on the projects in the group and its subgroups',
-              resolver: Resolvers::VulnerabilitiesResolver
+              resolver: ::Resolvers::VulnerabilitiesResolver
      end
    end
  end

--- a/ee/app/graphql/ee/types/project_type.rb
+++ b/ee/app/graphql/ee/types/project_type.rb
@@ -16,7 +16,7 @@ module EE
              ::Types::VulnerabilityType.connection_type,
              null: true,
              description: 'Vulnerabilities reported on the project',
-              resolver: Resolvers::VulnerabilitiesResolver
+              resolver: ::Resolvers::VulnerabilitiesResolver
        field :vulnerability_severities_count, ::Types::VulnerabilitySeveritiesCountType, null: true,
               description: 'Counts for each severity of vulnerability of the project',

--- a/ee/app/graphql/ee/types/query_type.rb
+++ b/ee/app/graphql/ee/types/query_type.rb
@@ -13,7 +13,7 @@ module EE
              ::Types::VulnerabilityType.connection_type,
              null: true,
              description: "Vulnerabilities reported on projects on the current user's instance security dashboard",
-              resolver: Resolvers::VulnerabilitiesResolver
+              resolver: ::Resolvers::VulnerabilitiesResolver
        field :design_management, ::Types::DesignManagementType,
              null: false,
@@ -21,12 +21,12 @@ module EE
        field :geo_node, ::Types::Geo::GeoNodeType,
              null: true,
-              resolver: Resolvers::Geo::GeoNodeResolver,
+              resolver: ::Resolvers::Geo::GeoNodeResolver,
              description: 'Find a Geo node'
        field :instance_security_dashboard, ::Types::InstanceSecurityDashboardType,
              null: true,
-              resolver: Resolvers::InstanceSecurityDashboardResolver,
+              resolver: ::Resolvers::InstanceSecurityDashboardResolver,
              description: 'Fields related to Instance Security Dashboard'
        def design_management

--- a/ee/app/models/ee/project.rb
+++ b/ee/app/models/ee/project.rb
@@ -151,6 +151,7 @@ module EE
      scope :with_designs, -> { where(id: DesignManagement::Design.select(:project_id)) }
      scope :with_deleting_user, -> { includes(:deleting_user) }
      scope :with_compliance_framework_settings, -> { preload(:compliance_framework_setting) }
+      scope :has_vulnerabilities, -> { joins(:vulnerabilities).group(:id) }
      delegate :shared_runners_minutes, :shared_runners_seconds, :shared_runners_seconds_last_reset,
        to: :statistics, allow_nil: true

--- a/ee/changelogs/unreleased/213610_extend_namespace_projects_resolver.yml
+++ b/ee/changelogs/unreleased/213610_extend_namespace_projects_resolver.yml
+---
+title: Add standaloneVulnerabilitiesEnabled filter to group projects resolver for
+  GraphQL
+merge_request: 31081
+author:
+type: added
--- a/ee/spec/graphql/ee/resolvers/namespace_projects_resolver_spec.rb
+++ b/ee/spec/graphql/ee/resolvers/namespace_projects_resolver_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+describe Resolvers::NamespaceProjectsResolver do
+  include GraphqlHelpers
+  let(:current_user) { create(:user) }
+  context "with a group" do
+    let(:group) { create(:group) }
+    let(:project_1) { create(:project, namespace: group) }
+    let(:project_2) { create(:project, namespace: group) }
+    before do
+      project_1.add_developer(current_user)
+      project_2.add_developer(current_user)
+      create(:vulnerability, project: project_1)
+    end
+    describe '#resolve' do
+      subject(:projects) { resolve_projects(has_vulnerabilities) }
+      context 'when the `has_vulnerabilities` parameter is not truthy' do
+        let(:has_vulnerabilities) { false }
+        it { is_expected.to contain_exactly(project_1, project_2) }
+      end
+      context 'when the `has_vulnerabilities` parameter is truthy' do
+        let(:has_vulnerabilities) { true }
+        it { is_expected.to contain_exactly(project_1) }
+      end
+    end
+  end
+  def resolve_projects(has_vulnerabilities)
+    args = {
+      include_subgroups: false,
+      has_vulnerabilities: has_vulnerabilities
+    }
+    resolve(described_class, obj: group, args: args, ctx: { current_user: current_user })
+  end
+end
--- a/ee/spec/models/project_spec.rb
+++ b/ee/spec/models/project_spec.rb
@@ -219,6 +219,19 @@ describe Project do
        end
      end
    end
+    describe '.has_vulnerabilities' do
+      let_it_be(:project_1) { create(:project) }
+      let_it_be(:project_2) { create(:project) }
+      before do
+        create(:vulnerability, project: project_1)
+      end
+      subject { described_class.has_vulnerabilities }
+      it { is_expected.to contain_exactly(project_1) }
+    end
  end
  describe 'validations' do