Respond with 304 Not Modified if Vulnerability is already dismissed

a421ebba · Victor Zagorodny · James Lopez · f977d2d6 · a421ebba · a421ebba
Commit a421ebba authored Oct 18, 2019 by Victor Zagorodny Committed by James Lopez Oct 18, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 0 deletions

ee/lib/api/vulnerabilities.rb ee/lib/api/vulnerabilities.rb +2 -0

ee/spec/requests/api/vulnerabilities_spec.rb ee/spec/requests/api/vulnerabilities_spec.rb +10 -0

No files found.
--- a/ee/lib/api/vulnerabilities.rb
+++ b/ee/lib/api/vulnerabilities.rb
@@ -44,6 +44,8 @@ module API
      post ':id/dismiss' do
        if Feature.enabled?(:first_class_vulnerabilities)
          vulnerability = find_and_authorize_vulnerability!(:dismiss_vulnerability)
+          break not_modified! if vulnerability.closed?
          vulnerability = ::Vulnerabilities::DismissService.new(current_user, vulnerability).execute
          render_vulnerability(vulnerability)
        else

--- a/ee/spec/requests/api/vulnerabilities_spec.rb
+++ b/ee/spec/requests/api/vulnerabilities_spec.rb
@@ -111,6 +111,16 @@ describe API::Vulnerabilities do
          expect(response).to have_gitlab_http_status(403)
        end
      end
+      context 'if a vulnerability is already dismissed' do
+        let(:vulnerability) { create(:vulnerability, :closed, project: project) }
+        it 'responds with 304 Not Modified' do
+          subject
+          expect(response).to have_gitlab_http_status(304)
+        end
+      end
    end
    context 'when user does not have permissions to create a dismissal feedback' do