Commit a2ab7960 authored by Sean McGivern's avatar Sean McGivern

Merge branch 'add-service-for-creating-site-profiles-35830' into 'master'

Stub out service for creating DAST site profiles

See merge request gitlab-org/gitlab!36535
parents c533c6d4 26b478fa
...@@ -29,9 +29,14 @@ module Mutations ...@@ -29,9 +29,14 @@ module Mutations
project = authorized_find!(full_path: full_path) project = authorized_find!(full_path: full_path)
raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project) raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
{ service = ::DastSiteProfiles::CreateService.new(project, current_user)
errors: ['Not implemented'] dast_site_profile = service.execute(name: profile_name, target_url: target_url)
}
if dast_site_profile.success?
raise 'Not implemented'
else
{ errors: dast_site_profile.errors }
end
end end
private private
......
# frozen_string_literal: true
module DastSiteProfiles
class CreateService < BaseService
def execute(name: nil, target_url: nil)
return ServiceResponse.error(message: 'Insufficient permissions') unless allowed?
ServiceResponse.error(message: 'Not implemented')
end
def allowed?
Ability.allowed?(current_user, :run_ondemand_dast_scan, project)
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe DastSiteProfiles::CreateService do
let(:user) { create(:user) }
let(:project) { create(:project, :repository, creator: user) }
let(:name) { FFaker::Company.catch_phrase }
let(:target_url) { FFaker::Internet.uri(:http) }
describe '#execute' do
subject { described_class.new(project, user).execute(name: name, target_url: target_url) }
let(:status) { subject.status }
let(:message) { subject.message }
context 'when the user does not have permission to run a dast scan' do
it 'returns an error status' do
expect(status).to eq(:error)
end
it 'populates message' do
expect(message).to eq('Insufficient permissions')
end
end
context 'when the user can run a dast scan' do
before do
project.add_developer(user)
end
it 'returns an error status' do
expect(status).to eq(:error)
end
it 'populates message' do
expect(message).to eq('Not implemented')
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment