Commit 697c2ced authored by Kamil Trzciński's avatar Kamil Trzciński

Merge branch '7952-move-vulnerability-feedback' into 'master'

Move VulnerabilityFeedback under namespace

See merge request gitlab-org/gitlab-ee!8567
parents 22ff93e5 e617c946
...@@ -20,6 +20,7 @@ ActiveSupport::Inflector.inflections do |inflect| ...@@ -20,6 +20,7 @@ ActiveSupport::Inflector.inflections do |inflect|
file_registry file_registry
job_artifact_registry job_artifact_registry
vulnerability_feedback vulnerability_feedback
vulnerabilities_feedback
) )
inflect.acronym 'EE' inflect.acronym 'EE'
end end
...@@ -14,12 +14,12 @@ class Projects::VulnerabilityFeedbackController < Projects::ApplicationControlle ...@@ -14,12 +14,12 @@ class Projects::VulnerabilityFeedbackController < Projects::ApplicationControlle
@vulnerability_feedback = @project.vulnerability_feedback.with_associations @vulnerability_feedback = @project.vulnerability_feedback.with_associations
if params[:category].present? if params[:category].present?
@vulnerability_feedback = @vulnerability_feedback @vulnerability_feedback = @vulnerability_feedback
.where(category: VulnerabilityFeedback.categories[params[:category]]) .where(category: Vulnerabilities::Feedback.categories[params[:category]])
end end
if params[:feedback_type].present? if params[:feedback_type].present?
@vulnerability_feedback = @vulnerability_feedback @vulnerability_feedback = @vulnerability_feedback
.where(feedback_type: VulnerabilityFeedback.feedback_types[params[:feedback_type]]) .where(feedback_type: Vulnerabilities::Feedback.feedback_types[params[:feedback_type]])
end end
render json: serializer.represent(@vulnerability_feedback) render json: serializer.represent(@vulnerability_feedback)
...@@ -51,7 +51,7 @@ class Projects::VulnerabilityFeedbackController < Projects::ApplicationControlle ...@@ -51,7 +51,7 @@ class Projects::VulnerabilityFeedbackController < Projects::ApplicationControlle
end end
def serializer def serializer
VulnerabilityFeedbackSerializer.new(current_user: current_user, project: project) Vulnerabilities::FeedbackSerializer.new(current_user: current_user, project: project)
end end
def vulnerability_feedback def vulnerability_feedback
......
...@@ -36,7 +36,7 @@ module EE ...@@ -36,7 +36,7 @@ module EE
has_many :approver_groups, as: :target, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent has_many :approver_groups, as: :target, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
has_many :audit_events, as: :entity has_many :audit_events, as: :entity
has_many :path_locks has_many :path_locks
has_many :vulnerability_feedback has_many :vulnerability_feedback, class_name: 'Vulnerabilities::Feedback'
has_many :vulnerabilities, class_name: 'Vulnerabilities::Occurrence' has_many :vulnerabilities, class_name: 'Vulnerabilities::Occurrence'
has_many :vulnerability_identifiers, class_name: 'Vulnerabilities::Identifier' has_many :vulnerability_identifiers, class_name: 'Vulnerabilities::Identifier'
has_many :vulnerability_scanners, class_name: 'Vulnerabilities::Scanner' has_many :vulnerability_scanners, class_name: 'Vulnerabilities::Scanner'
......
...@@ -28,7 +28,7 @@ module EE ...@@ -28,7 +28,7 @@ module EE
has_many :epics, foreign_key: :author_id has_many :epics, foreign_key: :author_id
has_many :assigned_epics, foreign_key: :assignee_id, class_name: "Epic" has_many :assigned_epics, foreign_key: :assignee_id, class_name: "Epic"
has_many :path_locks, dependent: :destroy # rubocop: disable Cop/ActiveRecordDependent has_many :path_locks, dependent: :destroy # rubocop: disable Cop/ActiveRecordDependent
has_many :vulnerability_feedback, foreign_key: :author_id has_many :vulnerability_feedback, foreign_key: :author_id, class_name: 'Vulnerabilities::Feedback'
has_many :approvals, dependent: :destroy # rubocop: disable Cop/ActiveRecordDependent has_many :approvals, dependent: :destroy # rubocop: disable Cop/ActiveRecordDependent
has_many :approvers, dependent: :destroy # rubocop: disable Cop/ActiveRecordDependent has_many :approvers, dependent: :destroy # rubocop: disable Cop/ActiveRecordDependent
......
# frozen_string_literal: true
module Vulnerabilities
class Feedback < ActiveRecord::Base
self.table_name = 'vulnerability_feedback'
belongs_to :project
belongs_to :author, class_name: "User"
belongs_to :issue
belongs_to :pipeline, class_name: 'Ci::Pipeline', foreign_key: :pipeline_id
attr_accessor :vulnerability_data
enum feedback_type: { dismissal: 0, issue: 1 }
enum category: { sast: 0, dependency_scanning: 1, container_scanning: 2, dast: 3 }
validates :project, presence: true
validates :author, presence: true
validates :issue, presence: true, if: :issue?
validates :vulnerability_data, presence: true, if: :issue?
validates :feedback_type, presence: true
validates :category, presence: true
validates :project_fingerprint, presence: true, uniqueness: { scope: [:project_id, :category, :feedback_type] }
scope :with_associations, -> { includes(:pipeline, :issue, :author) }
scope :all_preloaded, -> do
preload(:author, :project, :issue, :pipeline)
end
end
end
...@@ -86,7 +86,7 @@ module Vulnerabilities ...@@ -86,7 +86,7 @@ module Vulnerabilities
categories = items.group_by { |i| i[:category] } categories = items.group_by { |i| i[:category] }
fingerprints = items.group_by { |i| i[:project_fingerprint] } fingerprints = items.group_by { |i| i[:project_fingerprint] }
VulnerabilityFeedback.all_preloaded.where( Vulnerabilities::Feedback.all_preloaded.where(
project_id: project_ids.keys, project_id: project_ids.keys,
category: categories.keys, category: categories.keys,
project_fingerprint: fingerprints.keys).find_each do |feedback| project_fingerprint: fingerprints.keys).find_each do |feedback|
......
class VulnerabilityFeedback < ActiveRecord::Base
belongs_to :project
belongs_to :author, class_name: "User"
belongs_to :issue
belongs_to :pipeline, class_name: 'Ci::Pipeline', foreign_key: :pipeline_id
attr_accessor :vulnerability_data
enum feedback_type: { dismissal: 0, issue: 1 }
enum category: { sast: 0, dependency_scanning: 1, container_scanning: 2, dast: 3 }
validates :project, presence: true
validates :author, presence: true
validates :issue, presence: true, if: :issue?
validates :vulnerability_data, presence: true, if: :issue?
validates :feedback_type, presence: true
validates :category, presence: true
validates :project_fingerprint, presence: true, uniqueness: { scope: [:project_id, :category, :feedback_type] }
scope :with_associations, -> { includes(:pipeline, :issue, :author) }
scope :all_preloaded, -> do
preload(:author, :project, :issue, :pipeline)
end
end
class VulnerabilityFeedbackEntity < Grape::Entity # frozen_string_literal: true
class Vulnerabilities::FeedbackEntity < Grape::Entity
include Gitlab::Routing include Gitlab::Routing
include GitlabRoutingHelper include GitlabRoutingHelper
......
# frozen_string_literal: true
class Vulnerabilities::FeedbackSerializer < BaseSerializer
entity Vulnerabilities::FeedbackEntity
end
...@@ -9,8 +9,8 @@ class Vulnerabilities::OccurrenceEntity < Grape::Entity ...@@ -9,8 +9,8 @@ class Vulnerabilities::OccurrenceEntity < Grape::Entity
expose :project_fingerprint expose :project_fingerprint
expose :vulnerability_feedback_url, if: ->(*) { can_admin_vulnerability_feedback? } expose :vulnerability_feedback_url, if: ->(*) { can_admin_vulnerability_feedback? }
expose :project, using: ::ProjectEntity expose :project, using: ::ProjectEntity
expose :dismissal_feedback, using: VulnerabilityFeedbackEntity expose :dismissal_feedback, using: Vulnerabilities::FeedbackEntity
expose :issue_feedback, using: VulnerabilityFeedbackEntity expose :issue_feedback, using: Vulnerabilities::FeedbackEntity
expose :metadata, merge: true, if: ->(occurrence, _) { occurrence.raw_metadata } do expose :metadata, merge: true, if: ->(occurrence, _) { occurrence.raw_metadata } do
expose :description expose :description
......
class VulnerabilityFeedbackSerializer < BaseSerializer
entity VulnerabilityFeedbackEntity
end
...@@ -5,7 +5,7 @@ module EE ...@@ -5,7 +5,7 @@ module EE
def migrate_records def migrate_records
migrate_epics migrate_epics
migrate_vulnerability_feedback migrate_vulnerabilities_feedback
super super
end end
...@@ -16,7 +16,7 @@ module EE ...@@ -16,7 +16,7 @@ module EE
end end
# rubocop: enable CodeReuse/ActiveRecord # rubocop: enable CodeReuse/ActiveRecord
def migrate_vulnerability_feedback def migrate_vulnerabilities_feedback
user.vulnerability_feedback.update_all(author_id: ghost_user.id) user.vulnerability_feedback.update_all(author_id: ghost_user.id)
end end
end end
......
...@@ -5,7 +5,7 @@ FactoryBot.define do ...@@ -5,7 +5,7 @@ FactoryBot.define do
Digest::SHA1.hexdigest n.to_s Digest::SHA1.hexdigest n.to_s
end end
factory :vulnerability_feedback do factory :vulnerability_feedback, class: Vulnerabilities::Feedback do
project project
author author
issue nil issue nil
......
# frozen_string_literal: true
require 'spec_helper'
describe Vulnerabilities::Feedback do
it { is_expected.to define_enum_for(:feedback_type) }
it { is_expected.to define_enum_for(:category) }
describe 'associations' do
it { is_expected.to belong_to(:project) }
it { is_expected.to belong_to(:author).class_name('User') }
it { is_expected.to belong_to(:issue) }
it { is_expected.to belong_to(:pipeline).class_name('Ci::Pipeline').with_foreign_key('pipeline_id') }
end
describe 'validations' do
it { is_expected.to validate_presence_of(:project) }
it { is_expected.to validate_presence_of(:author) }
it { is_expected.to validate_presence_of(:feedback_type) }
it { is_expected.to validate_presence_of(:category) }
it { is_expected.to validate_presence_of(:project_fingerprint) }
end
end
...@@ -13,7 +13,7 @@ describe Vulnerabilities::Scanner do ...@@ -13,7 +13,7 @@ describe Vulnerabilities::Scanner do
it { is_expected.to validate_presence_of(:name) } it { is_expected.to validate_presence_of(:name) }
it { is_expected.to validate_presence_of(:project) } it { is_expected.to validate_presence_of(:project) }
it { is_expected.to validate_presence_of(:project) } it { is_expected.to validate_presence_of(:external_id) }
it { is_expected.to validate_uniqueness_of(:external_id).scoped_to(:project_id) } it { is_expected.to validate_uniqueness_of(:external_id).scoped_to(:project_id) }
end end
......
# frozen_string_literal: true
require 'spec_helper'
describe Vulnerabilities::FeedbackEntity do
let(:feedback) { build(:vulnerability_feedback) }
let(:entity) { described_class.represent(feedback) }
describe '#as_json' do
subject { entity.as_json }
it { is_expected.to include(:project_id, :author, :category, :feedback_type) }
end
end
...@@ -24,7 +24,7 @@ describe Users::MigrateToGhostUserService do ...@@ -24,7 +24,7 @@ describe Users::MigrateToGhostUserService do
let!(:user) { create(:user) } let!(:user) { create(:user) }
let(:service) { described_class.new(user) } let(:service) { described_class.new(user) }
include_examples "migrating a deleted user's associated records to the ghost user", VulnerabilityFeedback, [:author] do include_examples "migrating a deleted user's associated records to the ghost user", Vulnerabilities::Feedback, [:author] do
let(:created_record) { create(:vulnerability_feedback, author: user) } let(:created_record) { create(:vulnerability_feedback, author: user) }
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment