Skip to content

G
gitlab-ce
Commit 73f76499 authored by Philip Cunningham's avatar Philip Cunningham Committed by Bob Van Landuyt
Browse files
Options

Deprecate fullPath from DAST on-demand mutations

parent a0d10fed
Show whitespace changes
Inline Side-by-side
Showing with 144 additions and 222 deletions
doc/api/graphql/reference/index.md
View file @ 73f76499
......@@ -1598,7 +1598,7 @@ Input type: `DastProfileRunInput`
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="mutationdastprofilerunclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastprofilerunfullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. |
| <a id="mutationdastprofilerunfullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastprofilerunid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be used for the scan. |
#### Fields
......@@ -1623,7 +1623,7 @@ Input type: `DastProfileUpdateInput`
| <a id="mutationdastprofileupdatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile to be associated. |
| <a id="mutationdastprofileupdatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile to be associated. |
| <a id="mutationdastprofileupdatedescription"></a>`description` | [`String`](#string) | Description of the profile. Defaults to an empty string. |
| <a id="mutationdastprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the profile belongs to. |
| <a id="mutationdastprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastprofileupdateid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be deleted. |
| <a id="mutationdastprofileupdatename"></a>`name` | [`String`](#string) | Name of the profile. |
| <a id="mutationdastprofileupdaterunafterupdate"></a>`runAfterUpdate` | [`Boolean`](#boolean) | Run scan using profile after update. Defaults to false. |
......@@ -1671,7 +1671,7 @@ Input type: `DastScannerProfileDeleteInput`
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="mutationdastscannerprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. |
| <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastscannerprofiledeleteid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be deleted. |
#### Fields
......@@ -1690,7 +1690,7 @@ Input type: `DastScannerProfileUpdateInput`
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="mutationdastscannerprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the scanner profile belongs to. |
| <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastscannerprofileupdateid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be updated. |
| <a id="mutationdastscannerprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the scanner profile. |
| <a id="mutationdastscannerprofileupdatescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. |
......@@ -1741,7 +1741,7 @@ Input type: `DastSiteProfileDeleteInput`
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="mutationdastsiteprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. |
| <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastsiteprofiledeleteid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be deleted. |
#### Fields
......@@ -1762,7 +1762,7 @@ Input type: `DastSiteProfileUpdateInput`
| <a id="mutationdastsiteprofileupdateauth"></a>`auth` | [`DastSiteProfileAuthInput`](#dastsiteprofileauthinput) | Parameters for authentication. |
| <a id="mutationdastsiteprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
| <a id="mutationdastsiteprofileupdateexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | URLs to skip during an authenticated scan. |
| <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. |
| <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` **{warning-solid}** | [`ID`](#id) | **Deprecated:** Full path not required to qualify Global ID. Deprecated in 14.5. |
| <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be updated. |
| <a id="mutationdastsiteprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the site profile. |
| <a id="mutationdastsiteprofileupdaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. |
......
ee/app/graphql/mutations/app_sec/dast/site_profiles/shared_arguments.rb
View file @ 73f76499
......@@ -10,10 +10,6 @@ module Mutations
SiteProfileID = ::Types::GlobalIDType[::DastSiteProfile]
included do
argument :full_path, GraphQL::Types::ID,
required: true,
description: 'Project the site profile belongs to.'
argument :profile_name, GraphQL::Types::String,
required: true,
description: 'Name of the site profile.'
......
ee/app/graphql/mutations/dast/profiles/run.rb
View file @ 73f76499
......@@ -15,7 +15,8 @@ module Mutations
description: 'URL of the pipeline that was created.'
argument :full_path, GraphQL::Types::ID,
required: true,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Full path for the project the scanner profile belongs to.'
argument :id, ProfileID,
......@@ -24,17 +25,10 @@ module Mutations
authorize :create_on_demand_dast_scan
def resolve(full_path:, id:)
project = authorized_find!(full_path)
# TODO: remove this line once the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id).model_id
dast_profile = find_dast_profile(project, id)
return { errors: ['Profile not found for given parameters'] } unless dast_profile
def resolve(id:, full_path: nil)
dast_profile = authorized_find!(id)
response = create_on_demand_dast_scan(project, dast_profile)
response = create_on_demand_dast_scan(dast_profile)
return { errors: response.errors } if response.error?
......@@ -43,15 +37,17 @@ module Mutations
private
def find_dast_profile(project, id)
::Dast::ProfilesFinder.new(project_id: project.id, id: id)
.execute
.first
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
def create_on_demand_dast_scan(project, dast_profile)
def create_on_demand_dast_scan(dast_profile)
::AppSec::Dast::Scans::CreateService.new(
container: project,
container: dast_profile.project,
current_user: current_user,
params: { dast_profile: dast_profile }
).execute
......
ee/app/graphql/mutations/dast/profiles/update.rb
View file @ 73f76499
......@@ -27,7 +27,8 @@ module Mutations
description: 'ID of the profile to be deleted.'
argument :full_path, GraphQL::Types::ID,
required: true,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the profile belongs to.'
argument :dast_profile_schedule, ::Types::Dast::ProfileScheduleInputType,
......@@ -62,12 +63,9 @@ module Mutations
authorize :create_on_demand_dast_scan
def resolve(full_path:, id:, name:, description:, branch_name: nil, dast_scanner_profile_id: nil, run_after_update: false, **args)
project = authorized_find!(full_path)
raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(args[:dast_profile_schedule], project)
dast_profile = find_dast_profile(project.id, id)
authorize!(dast_profile)
def resolve(id:, name:, description:, full_path: nil, branch_name: nil, dast_scanner_profile_id: nil, run_after_update: false, **args)
dast_profile = authorized_find!(id)
raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(args[:dast_profile_schedule], dast_profile.project)
params = {
dast_profile: dast_profile,
......@@ -81,7 +79,7 @@ module Mutations
}.compact
response = ::AppSec::Dast::Profiles::UpdateService.new(
container: project,
container: dast_profile.project,
current_user: current_user,
params: params
).execute
......@@ -109,14 +107,12 @@ module Mutations
klass.coerce_isolated_input(value).model_id
end
def find_dast_profile(project_id, id)
# TODO: remove this line once the compatibility layer is removed
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id).model_id
id = ProfileID.coerce_isolated_input(id)
::Dast::ProfilesFinder.new(project_id: project_id, id: id)
.execute
.first
GitlabSchema.find_by_gid(id)
end
end
end
......
ee/app/graphql/mutations/dast_scanner_profiles/delete.rb
View file @ 73f76499
......@@ -10,7 +10,8 @@ module Mutations
ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile]
argument :full_path, GraphQL::Types::ID,
required: true,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Full path for the project the scanner profile belongs to.'
argument :id, ScannerProfileID,
......@@ -19,15 +20,11 @@ module Mutations
authorize :create_on_demand_dast_scan
def resolve(full_path:, id:)
# TODO: remove this line once the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id)
def resolve(id:, full_path: nil)
dast_scanner_profile = authorized_find!(id)
project = authorized_find!(full_path)
service = ::AppSec::Dast::ScannerProfiles::DestroyService.new(project, current_user)
result = service.execute(id: id.model_id)
service = ::AppSec::Dast::ScannerProfiles::DestroyService.new(dast_scanner_profile.project, current_user)
result = service.execute(id: dast_scanner_profile.id)
if result.success?
{ errors: [] }
......@@ -35,6 +32,16 @@ module Mutations
{ errors: result.errors }
end
end
private
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end
end
end
ee/app/graphql/mutations/dast_scanner_profiles/update.rb
View file @ 73f76499
......@@ -7,12 +7,15 @@ module Mutations
graphql_name 'DastScannerProfileUpdate'
field :id, ::Types::GlobalIDType[::DastScannerProfile],
ScannerProfileID = ::Types::GlobalIDType[::DastScannerProfile]
field :id, ScannerProfileID,
null: true,
description: 'ID of the scanner profile.'
argument :full_path, GraphQL::Types::ID,
required: true,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the scanner profile belongs to.'
argument :id, ::Types::GlobalIDType[::DastScannerProfile],
......@@ -48,15 +51,11 @@ module Mutations
authorize :create_on_demand_dast_scan
def resolve(full_path:, **service_args)
# TODO: remove this explicit coercion once the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
gid = ::Types::GlobalIDType[::DastScannerProfile].coerce_isolated_input(service_args[:id])
project = authorized_find!(full_path)
def resolve(id:, full_path: nil, **service_args)
dast_scanner_profile = authorized_find!(id)
service = ::AppSec::Dast::ScannerProfiles::UpdateService.new(project, current_user)
result = service.execute(**service_args, id: gid.model_id)
service = ::AppSec::Dast::ScannerProfiles::UpdateService.new(dast_scanner_profile.project, current_user)
result = service.execute(**service_args, id: dast_scanner_profile.id)
if result.success?
{ id: result.payload.to_global_id, errors: [] }
......@@ -64,6 +63,16 @@ module Mutations
{ errors: result.errors }
end
end
private
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end
end
end
ee/app/graphql/mutations/dast_site_profiles/create.rb
View file @ 73f76499
......@@ -12,6 +12,10 @@ module Mutations
null: true,
description: 'ID of the site profile.'
argument :full_path, GraphQL::Types::ID,
required: true,
description: 'Project the site profile belongs to.'
argument :excluded_urls, [GraphQL::Types::String],
required: false,
default_value: [],
......
ee/app/graphql/mutations/dast_site_profiles/delete.rb
View file @ 73f76499
......@@ -5,24 +5,24 @@ module Mutations
class Delete < BaseMutation
graphql_name 'DastSiteProfileDelete'
ProfileID = ::Types::GlobalIDType[::DastSiteProfile]
argument :full_path, GraphQL::Types::ID,
required: true,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the site profile belongs to.'
argument :id, Mutations::AppSec::Dast::SiteProfiles::SharedArguments::SiteProfileID,
argument :id, ProfileID,
required: true,
description: 'ID of the site profile to be deleted.'
authorize :create_on_demand_dast_scan
def resolve(full_path:, id:)
project = authorized_find!(full_path)
# TODO: remove explicit coercion once compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id)
def resolve(id:, full_path: nil)
dast_site_profile = authorized_find!(id)
service = ::AppSec::Dast::SiteProfiles::DestroyService.new(project, current_user)
result = service.execute(id: id.model_id)
service = ::AppSec::Dast::SiteProfiles::DestroyService.new(dast_site_profile.project, current_user)
result = service.execute(id: dast_site_profile.id)
return { errors: result.errors } unless result.success?
......@@ -31,8 +31,12 @@ module Mutations
private
def find_object(full_path)
Project.find_by_full_path(full_path)
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end
end
......
ee/app/graphql/mutations/dast_site_profiles/update.rb
View file @ 73f76499
......@@ -12,6 +12,11 @@ module Mutations
null: true,
description: 'ID of the site profile.'
argument :full_path, GraphQL::Types::ID,
required: false,
deprecated: { reason: 'Full path not required to qualify Global ID', milestone: '14.5' },
description: 'Project the site profile belongs to.'
argument :id, SiteProfileID,
required: true,
description: 'ID of the site profile to be updated.'
......@@ -22,15 +27,15 @@ module Mutations
authorize :create_on_demand_dast_scan
def resolve(full_path:, id:, profile_name:, target_url: nil, **params)
project = authorized_find!(full_path)
def resolve(id:, full_path: nil, profile_name:, target_url: nil, **params)
dast_site_profile = authorized_find!(id)
auth_params = params[:auth] || {}
# TODO: remove explicit coercion once compatibility layer has been removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
dast_site_profile_params = {
id: SiteProfileID.coerce_isolated_input(id).model_id,
id: dast_site_profile.id,
name: profile_name,
target_url: target_url,
target_type: params[:target_type],
......@@ -44,10 +49,20 @@ module Mutations
auth_password: auth_params[:password]
}.compact
result = ::AppSec::Dast::SiteProfiles::UpdateService.new(project, current_user).execute(**dast_site_profile_params)
result = ::AppSec::Dast::SiteProfiles::UpdateService.new(dast_site_profile.project, current_user).execute(**dast_site_profile_params)
{ id: result.payload.try(:to_global_id), errors: result.errors }
end
private
def find_object(id)
# TODO: remove this line when the compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = SiteProfileID.coerce_isolated_input(id)
GitlabSchema.find_by_gid(id)
end
end
end
end
ee/spec/graphql/mutations/dast/profiles/run_spec.rb
View file @ 73f76499
......@@ -8,7 +8,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
let_it_be(:user) { create(:user) }
let_it_be(:dast_profile) { create(:dast_profile, project: project, branch_name: project.default_branch) }
let(:full_path) { project.full_path }
let(:dast_profile_id) { dast_profile.to_global_id }
subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
......@@ -17,10 +16,7 @@ RSpec.describe Mutations::Dast::Profiles::Run do
describe '#resolve' do
subject do
mutation.resolve(
full_path: full_path,
id: dast_profile_id
)
mutation.resolve(id: dast_profile_id)
end
context 'when on demand scan licensed feature is not available' do
......@@ -35,14 +31,6 @@ RSpec.describe Mutations::Dast::Profiles::Run do
stub_licensed_features(security_on_demand_scans: true)
end
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do
before do
project.add_developer(user)
......@@ -74,8 +62,8 @@ RSpec.describe Mutations::Dast::Profiles::Run do
context 'when the dast_profile does not exist' do
let(:dast_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'Dast::Profile', id: 'does_not_exist') }
it 'communicates failure' do
expect(subject[:errors]).to include('Profile not found for given parameters')
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
......
ee/spec/graphql/mutations/dast/profiles/update_spec.rb
View file @ 73f76499
......@@ -38,7 +38,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do
specify { expect(described_class).to require_graphql_authorizations(:create_on_demand_dast_scan) }
describe '#resolve' do
subject { mutation.resolve(**params.merge(full_path: project.full_path)) }
subject { mutation.resolve(**params) }
shared_examples 'an unrecoverable failure' do |parameter|
it 'raises an exception' do
......@@ -93,10 +93,7 @@ RSpec.describe Mutations::Dast::Profiles::Update do
let(:new_dast_profile_schedule) { attributes_for(:dast_profile_schedule) }
subject do
mutation.resolve(**params.merge(
full_path: project.full_path,
dast_profile_schedule: new_dast_profile_schedule
))
mutation.resolve(**params.merge(dast_profile_schedule: new_dast_profile_schedule))
end
context 'when dast_on_demand_scans_scheduler feature is enabled' do
......
ee/spec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
View file @ 73f76499
......@@ -5,7 +5,6 @@ require 'spec_helper'
RSpec.describe Mutations::DastScannerProfiles::Delete do
let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user) }
let_it_be(:full_path) { project.full_path }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let(:dast_scanner_profile_id) { dast_scanner_profile.to_global_id }
......@@ -20,18 +19,7 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
describe '#resolve' do
subject do
mutation.resolve(
full_path: full_path,
id: dast_scanner_profile_id
)
end
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
mutation.resolve(id: dast_scanner_profile_id)
end
context 'when the user is not associated with the project' do
......@@ -52,8 +40,8 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') }
it 'returns an error' do
expect(subject[:errors]).to include('Scanner profile not found for given parameters')
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
......
ee/spec/graphql/mutations/dast_scanner_profiles/update_spec.rb
View file @ 73f76499
......@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, group: group) }
let_it_be(:user) { create(:user) }
let_it_be(:full_path) { project.full_path }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) }
let_it_be(:new_profile_name) { SecureRandom.hex }
......@@ -27,7 +26,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
describe '#resolve' do
subject do
mutation.resolve(
full_path: full_path,
id: scanner_profile_id,
profile_name: new_profile_name,
target_timeout: new_target_timeout,
......@@ -41,14 +39,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
let(:scanner_profile_id) { dast_scanner_profile.to_global_id }
context 'when on demand scan feature is enabled' do
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a DAST scan' do
before do
project.add_developer(user)
......@@ -57,7 +47,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
context 'when the user omits unrequired elements' do
subject do
mutation.resolve(
full_path: full_path,
id: scanner_profile_id,
profile_name: new_profile_name,
target_timeout: new_target_timeout,
......@@ -93,7 +82,7 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
let(:scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') }
it 'raises an exception' do
expect(subject[:errors]).to include('Scanner profile not found for given parameters')
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
end
......
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
View file @ 73f76499
......@@ -6,7 +6,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
let(:group) { create(:group) }
let(:project) { create(:project, group: group) }
let(:user) { create(:user) }
let(:full_path) { project.full_path }
let!(:dast_site_profile) { create(:dast_site_profile, project: project) }
subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
......@@ -19,21 +18,10 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
describe '#resolve' do
subject do
mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id
)
mutation.resolve(id: dast_site_profile.to_global_id)
end
context 'when on demand scan feature is enabled' do
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do
before do
project.add_developer(user)
......
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
View file @ 73f76499
......@@ -8,7 +8,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
let_it_be(:user) { create(:user) }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let(:full_path) { project.full_path }
let(:new_profile_name) { SecureRandom.hex }
let(:new_target_url) { generate(:url) }
let(:new_excluded_urls) { ["#{new_target_url}/signout"] }
......@@ -37,7 +36,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
describe '#resolve' do
subject do
mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id,
profile_name: new_profile_name,
target_url: new_target_url,
......@@ -49,14 +47,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
end
context 'when on demand scan feature is enabled' do
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user can run a dast scan' do
before do
project.add_developer(user)
......@@ -67,7 +57,7 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
result = ServiceResponse.error(message: '')
service_params = {
id: dast_site_profile.id.to_s,
id: dast_site_profile.id,
name: new_profile_name,
target_url: new_target_url,
target_type: new_target_type,
......@@ -112,7 +102,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
context 'when the arguments are omitted' do
subject do
mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id,
profile_name: new_profile_name
)
......@@ -128,7 +117,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
context 'when the arguments are empty strings' do
subject do
mutation.resolve(
full_path: full_path,
id: dast_site_profile.to_global_id,
profile_name: new_profile_name,
request_headers: '',
......
ee/spec/requests/api/graphql/mutations/dast/profiles/run_spec.rb
View file @ 73f76499
......@@ -12,11 +12,7 @@ RSpec.describe 'Running a DAST Profile' do
let(:mutation_name) { :dast_profile_run }
let(:mutation) do
graphql_mutation(
mutation_name,
full_path: project.full_path,
id: global_id_of(dast_profile)
)
graphql_mutation(mutation_name, id: global_id_of(dast_profile))
end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
......
ee/spec/requests/api/graphql/mutations/dast/profiles/update_spec.rb
View file @ 73f76499
......@@ -14,7 +14,6 @@ RSpec.describe 'Updating a DAST Profile' do
let(:mutation) do
graphql_mutation(
mutation_name,
full_path: project.full_path,
id: global_id_of(dast_profile),
name: 'updated dast_profiles.name',
branch_name: project.default_branch,
......
ee/spec/requests/api/graphql/mutations/dast_scanner_profiles/delete_spec.rb
View file @ 73f76499
......@@ -14,11 +14,7 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
let(:mutation_name) { :dast_scanner_profile_delete }
let(:mutation) do
graphql_mutation(
mutation_name,
full_path: full_path,
id: dast_scanner_profile_id
)
graphql_mutation(mutation_name, id: dast_scanner_profile_id)
end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
......@@ -27,17 +23,10 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
expect { subject }.to change { DastScannerProfile.count }.by(-1)
end
context 'when the dast_scanner_profile belongs to another project' do
let_it_be(:other_project) { create(:project, creator: current_user) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end
context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters']
it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end
end
end
ee/spec/requests/api/graphql/mutations/dast_scanner_profiles/update_spec.rb
View file @ 73f76499
......@@ -22,7 +22,6 @@ RSpec.describe 'Update a DAST Scanner Profile' do
let(:mutation) do
graphql_mutation(
mutation_name,
full_path: full_path,
id: dast_scanner_profile_id,
profile_name: new_profile_name,
target_timeout: new_target_timeout,
......@@ -66,14 +65,7 @@ RSpec.describe 'Update a DAST Scanner Profile' do
context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters']
end
context 'when the dast_scanner_profile belongs to a different project' do
let_it_be(:other_project) { create(:project, creator: current_user) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end
end
end
ee/spec/requests/api/graphql/mutations/dast_site_profiles/delete_spec.rb
View file @ 73f76499
......@@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe 'Creating a DAST Site Profile' do
RSpec.describe 'Deleting a DAST Site Profile' do
include GraphqlHelpers
let_it_be(:project) { create(:project) }
......@@ -13,11 +13,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
let(:mutation_name) { :dast_site_profile_delete }
let(:mutation) do
graphql_mutation(
mutation_name,
full_path: full_path,
id: dast_site_profile_id
)
graphql_mutation(mutation_name, id: dast_site_profile_id)
end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
......@@ -40,7 +36,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
context 'when the dast_site_profile does not exist' do
let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Site profile not found for given parameters']
it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end
context 'when wrong type of global id is passed' do
......@@ -54,12 +50,5 @@ RSpec.describe 'Creating a DAST Site Profile' do
end
end
end
context 'when the dast_site_profile belongs to a different project' do
let_it_be(:other_project) { create(:project) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end
end
end
ee/spec/requests/api/graphql/mutations/dast_site_profiles/update_spec.rb
View file @ 73f76499
......@@ -18,7 +18,6 @@ RSpec.describe 'Creating a DAST Site Profile' do
let(:mutation) do
graphql_mutation(
mutation_name,
full_path: full_path,
id: dast_site_profile_id,
profile_name: new_profile_name,
target_url: new_target_url,
......@@ -70,7 +69,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
context 'when the dast_site_profile does not exist' do
let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['DastSiteProfile not found']
it_behaves_like 'a mutation that returns top-level errors', errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR]
end
context 'when wrong type of global id is passed' do
......@@ -84,12 +83,5 @@ RSpec.describe 'Creating a DAST Site Profile' do
end
end
end
context 'when the dast_site_profile belongs to a different project' do
let_it_be(:other_project) { create(:project, creator: current_user) }
let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error'
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7