Skip to content

G
gitlab-ce
Commit 6672bf30 authored by Igor Drozdov's avatar Igor Drozdov
Browse files
Options

Merge branch 'create-assign-service' into 'master' 

Create service for assigning policy project

See merge request gitlab-org/gitlab!54812
parents 2caadec3 1f6f8e2e
Show whitespace changes
Inline Side-by-side
Showing with 112 additions and 0 deletions
ee/app/services/security/orchestration/assign_service.rb 0 → 100644
View file @ 6672bf30
# frozen_string_literal: true
module Security
module Orchestration
class AssignService < ::BaseService
def execute
res = create_or_update_security_policy_configuration
return success if res
rescue ActiveRecord::RecordNotFound => _
error('Policy project doesn\'t exists')
rescue ActiveRecord::RecordInvalid => _
error('Couldn\'t assign policy to project')
end
private
def create_or_update_security_policy_configuration
policy_project = Project.find(policy_project_id)
if has_existing_policy?
project.security_orchestration_policy_configuration.update!(
security_policy_management_project_id: policy_project.id
)
else
project.create_security_orchestration_policy_configuration! do |p|
p.security_policy_management_project_id = policy_project.id
end
end
end
def success
ServiceResponse.success(payload: { policy_project: policy_project_id })
end
def error(message)
ServiceResponse.error(payload: { policy_project: policy_project_id }, message: message)
end
def has_existing_policy?
project.security_orchestration_policy_configuration.present?
end
def policy_project_id
params[:policy_project_id]
end
end
end
end
ee/spec/services/security/orchestration/assign_service_spec.rb 0 → 100644
View file @ 6672bf30
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Security::Orchestration::AssignService do
let_it_be(:project, reload: true) { create(:project) }
let_it_be(:another_project) { create(:project) }
let_it_be(:policy_project) { create(:project) }
let_it_be(:new_policy_project) { create(:project) }
describe '#execute' do
subject(:service) { described_class.new(project, nil, policy_project_id: policy_project.id).execute }
it 'assigns policy project to project' do
expect(service).to be_success
expect(project.security_orchestration_policy_configuration.security_policy_management_project_id).to eq(policy_project.id)
end
it 'updates project with new policy project' do
service
repeated_service = described_class.new(project, nil, policy_project_id: new_policy_project.id).execute
expect(repeated_service).to be_success
expect(project.security_orchestration_policy_configuration.security_policy_management_project_id).to eq(new_policy_project.id)
end
it 'returns error when same policy is assigned to different projects' do
service
repeated_service = described_class.new(another_project, nil, policy_project_id: policy_project.id).execute
expect(repeated_service).to be_error
end
it 'returns error when db has problem' do
dbl_error = double('ActiveRecord')
dbl = double('Security::OrchestrationPolicyConfiguration', security_orchestration_policy_configuration: dbl_error)
allow(dbl_error).to receive(:update!).and_raise(ActiveRecord::RecordInvalid)
allow_next_instance_of(described_class) do |instance|
allow(instance).to receive(:has_existing_policy?).and_return(true)
allow(instance).to receive(:project).and_return(dbl)
end
repeated_service = described_class.new(project, nil, policy_project_id: new_policy_project.id).execute
expect(repeated_service).to be_error
end
describe 'with invalid project id' do
subject(:service) { described_class.new(project, nil, policy_project_id: 345).execute }
it 'assigns policy project to project' do
expect(service).to be_error
expect { service }.not_to change { project.security_orchestration_policy_configuration }
end
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7