Merge branch '34564-move-vulnerability-entity-to-api' into 'master'

Move VulnerabilityEntity to API entities See merge request gitlab-org/gitlab!19704

Merge branch '34564-move-vulnerability-entity-to-api' into 'master'
Move VulnerabilityEntity to API entities See merge request gitlab-org/gitlab!19704
9381ae41 · Lin Jen-Shin · bf6ba3a2 · cdb73626 · bf6ba3a2 · 9381ae41
Commit 9381ae41 authored Nov 08, 2019 by Lin Jen-Shin
7 changed files
--- a/ee/app/serializers/vulnerability_entity.rb
+++ b/ee/app/serializers/vulnerability_entity.rb
-# frozen_string_literal: true
-
-class VulnerabilityEntity < Grape::Entity
-  expose :id
-  expose :title
-  expose :description
-
-  expose :state
-  expose :severity
-  expose :confidence
-  expose :report_type
-
-  expose :project, using: ::ProjectEntity
-
-  expose :author_id
-  expose :updated_by_id
-  expose :last_edited_by_id
-  expose :closed_by_id
-
-  expose :start_date
-  expose :due_date
-
-  expose :created_at
-  expose :updated_at
-  expose :last_edited_at
-  expose :closed_at
-end
--- a/ee/lib/api/vulnerabilities.rb
+++ b/ee/lib/api/vulnerabilities.rb
@@ -26,7 +26,7 @@ module API

      def render_vulnerability(vulnerability)
        if vulnerability.valid?
-          present vulnerability, with: VulnerabilityEntity
+          present vulnerability, with: EE::API::Entities::Vulnerability
        else
          render_validation_error!(vulnerability)
        end
@@ -53,7 +53,7 @@ module API
      end

      desc 'Resolve a vulnerability' do
-        success VulnerabilityEntity
+        success EE::API::Entities::Vulnerability
      end
      post ':id/resolve' do
        vulnerability = find_and_authorize_vulnerability!(:resolve_vulnerability)
@@ -64,7 +64,7 @@ module API
      end

      desc 'Dismiss a vulnerability' do
-        success VulnerabilityEntity
+        success EE::API::Entities::Vulnerability
      end
      post ':id/dismiss' do
        vulnerability = find_and_authorize_vulnerability!(:dismiss_vulnerability)
@@ -80,7 +80,7 @@ module API
    end
    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      desc 'Get a list of project vulnerabilities' do
-        success VulnerabilityEntity
+        success EE::API::Entities::Vulnerability
      end
      get ':id/vulnerabilities' do
        authorize! :read_project_security_dashboard, user_project
@@ -89,7 +89,7 @@ module API
          vulnerabilities_by(user_project)
        )

-        present vulnerabilities, with: VulnerabilityEntity
+        present vulnerabilities, with: EE::API::Entities::Vulnerability
      end
    end
  end

--- a/ee/lib/ee/api/entities.rb
+++ b/ee/lib/ee/api/entities.rb
@@ -895,6 +895,32 @@ module EE
        expose :updated_at
        expose :scopes, using: Scope
      end
+
+      class Vulnerability < Grape::Entity
+        expose :id
+        expose :title
+        expose :description
+
+        expose :state
+        expose :severity
+        expose :confidence
+        expose :report_type
+
+        expose :project, using: ::API::Entities::ProjectIdentity
+
+        expose :author_id
+        expose :updated_by_id
+        expose :last_edited_by_id
+        expose :closed_by_id
+
+        expose :start_date
+        expose :due_date
+
+        expose :created_at
+        expose :updated_at
+        expose :last_edited_at
+        expose :closed_at
+      end
    end
  end
 end
--- a/ee/spec/fixtures/api/schemas/vulnerability_list.json
+++ b/ee/spec/fixtures/api/schemas/vulnerability_list.json
--- a/ee/spec/fixtures/api/schemas/vulnerability.json
+++ b/ee/spec/fixtures/api/schemas/vulnerability.json
@@ -13,16 +13,7 @@
    },
    "confidence": {
      "type": "string",
-      "enum": [
-        "undefined",
-        "ignore",
-        "unknown",
-        "experimental",
-        "low",
-        "medium",
-        "high",
-        "confirmed"
-      ]
+      "enum": ["undefined", "ignore", "unknown", "experimental", "low", "medium", "high", "confirmed"]
    },
    "report_type": {
      "type": "string",
@@ -34,19 +25,14 @@
      ]
    },
    "project": {
-      "required": ["id", "name", "full_path", "full_name"],
-      "id": {
-        "type": "integer"
-      },
-      "name": {
-        "type": "string"
-      },
-      "full_path": {
-        "type": "string"
-      },
-      "full_name": {
-        "type": "string"
-      }
+      "required": ["id", "name", "name_with_namespace", "description", "path", "path_with_namespace", "created_at"],
+      "id": { "type": "integer" },
+      "name": { "type": "string" },
+      "name_with_namespace": { "type": "string" },
+      "description": { "type": ["string", "null"] },
+      "path": { "type": "string" },
+      "path_with_namespace": { "type": "string" },
+      "created_at": { "type": "date" }
    },
    "author_id": { "type": "integer" },
    "updated_by_id": { "type": ["integer", "null"] },

--- a/ee/spec/requests/api/vulnerabilities_spec.rb
+++ b/ee/spec/requests/api/vulnerabilities_spec.rb
@@ -63,7 +63,7 @@ describe API::Vulnerabilities do

        expect(response).to have_gitlab_http_status(200)
        expect(response).to include_pagination_headers
-        expect(response).to match_response_schema('vulnerability_list', dir: 'ee')
+        expect(response).to match_response_schema('public_api/v4/vulnerabilities', dir: 'ee')
        expect(response.headers['X-Total']).to eq project.vulnerabilities.count.to_s
      end

@@ -134,7 +134,7 @@ describe API::Vulnerabilities do
          dismiss_vulnerability

          expect(response).to have_gitlab_http_status(201)
-          expect(response).to match_response_schema('vulnerability', dir: 'ee')
+          expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')

          expect(vulnerability.reload).to(
            have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))
@@ -208,7 +208,7 @@ describe API::Vulnerabilities do
          resolve_vulnerability

          expect(response).to have_gitlab_http_status(201)
-          expect(response).to match_response_schema('vulnerability', dir: 'ee')
+          expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')

          expect(vulnerability.reload).to(
            have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))

--- a/ee/spec/serializers/vulnerability_entity_spec.rb
+++ b/ee/spec/serializers/vulnerability_entity_spec.rb
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe VulnerabilityEntity do
-  let(:vulnerability) do
-    create(:vulnerability)
-  end
-
-  let(:entity) do
-    described_class.represent(vulnerability)
-  end
-
-  subject { entity.to_json }
-
-  it { is_expected.to match_schema('vulnerability', dir: 'ee') }
-end