Mount DastSiteProfileCreate GraphQL mutation

Mounts mutation, generates documentation and adds some specs.

doc/api/graphql/reference/gitlab_schema.graphql

@@ -2064,6 +2064,51 @@ enum DastScanTypeEnum {
   PASSIVE
 }
 
+"""
+Autogenerated input type of DastSiteProfileCreate
+"""
+input DastSiteProfileCreateInput {
+  """
+  A unique identifier for the client performing the mutation.
+  """
+  clientMutationId: String
+
+  """
+  The project the site profile belongs to.
+  """
+  fullPath: ID!
+
+  """
+  The name of the site profile.
+  """
+  profileName: String!
+
+  """
+  The URL of the target to be scanned.
+  """
+  targetUrl: String
+}
+
+"""
+Autogenerated return type of DastSiteProfileCreate
+"""
+type DastSiteProfileCreatePayload {
+  """
+  A unique identifier for the client performing the mutation.
+  """
+  clientMutationId: String
+
+  """
+  Errors encountered during execution of the mutation.
+  """
+  errors: [String!]!
+
+  """
+  ID of the site profile.
+  """
+  id: ID
+}
+
 """
 Autogenerated input type of DeleteAnnotation
 """
@@ -7969,6 +8014,7 @@ type Mutation {
   createNote(input: CreateNoteInput!): CreateNotePayload
   createRequirement(input: CreateRequirementInput!): CreateRequirementPayload
   createSnippet(input: CreateSnippetInput!): CreateSnippetPayload
+  dastSiteProfileCreate(input: DastSiteProfileCreateInput!): DastSiteProfileCreatePayload
   deleteAnnotation(input: DeleteAnnotationInput!): DeleteAnnotationPayload
   designManagementDelete(input: DesignManagementDeleteInput!): DesignManagementDeletePayload
   designManagementUpload(input: DesignManagementUploadInput!): DesignManagementUploadPayload

doc/api/graphql/reference/gitlab_schema.json

@@ -5523,6 +5523,132 @@
           ],
           "possibleTypes": null
         },
+        {
+          "kind": "INPUT_OBJECT",
+          "name": "DastSiteProfileCreateInput",
+          "description": "Autogenerated input type of DastSiteProfileCreate",
+          "fields": null,
+          "inputFields": [
+            {
+              "name": "fullPath",
+              "description": "The project the site profile belongs to.",
+              "type": {
+                "kind": "NON_NULL",
+                "name": null,
+                "ofType": {
+                  "kind": "SCALAR",
+                  "name": "ID",
+                  "ofType": null
+                }
+              },
+              "defaultValue": null
+            },
+            {
+              "name": "profileName",
+              "description": "The name of the site profile.",
+              "type": {
+                "kind": "NON_NULL",
+                "name": null,
+                "ofType": {
+                  "kind": "SCALAR",
+                  "name": "String",
+                  "ofType": null
+                }
+              },
+              "defaultValue": null
+            },
+            {
+              "name": "targetUrl",
+              "description": "The URL of the target to be scanned.",
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "defaultValue": null
+            },
+            {
+              "name": "clientMutationId",
+              "description": "A unique identifier for the client performing the mutation.",
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "defaultValue": null
+            }
+          ],
+          "interfaces": null,
+          "enumValues": null,
+          "possibleTypes": null
+        },
+        {
+          "kind": "OBJECT",
+          "name": "DastSiteProfileCreatePayload",
+          "description": "Autogenerated return type of DastSiteProfileCreate",
+          "fields": [
+            {
+              "name": "clientMutationId",
+              "description": "A unique identifier for the client performing the mutation.",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "errors",
+              "description": "Errors encountered during execution of the mutation.",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "NON_NULL",
+                "name": null,
+                "ofType": {
+                  "kind": "LIST",
+                  "name": null,
+                  "ofType": {
+                    "kind": "NON_NULL",
+                    "name": null,
+                    "ofType": {
+                      "kind": "SCALAR",
+                      "name": "String",
+                      "ofType": null
+                    }
+                  }
+                }
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "id",
+              "description": "ID of the site profile.",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "SCALAR",
+                "name": "ID",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            }
+          ],
+          "inputFields": null,
+          "interfaces": [
+
+          ],
+          "enumValues": null,
+          "possibleTypes": null
+        },
         {
           "kind": "INPUT_OBJECT",
           "name": "DeleteAnnotationInput",
@@ -22811,6 +22937,33 @@
               "isDeprecated": false,
               "deprecationReason": null
             },
+            {
+              "name": "dastSiteProfileCreate",
+              "description": null,
+              "args": [
+                {
+                  "name": "input",
+                  "description": null,
+                  "type": {
+                    "kind": "NON_NULL",
+                    "name": null,
+                    "ofType": {
+                      "kind": "INPUT_OBJECT",
+                      "name": "DastSiteProfileCreateInput",
+                      "ofType": null
+                    }
+                  },
+                  "defaultValue": null
+                }
+              ],
+              "type": {
+                "kind": "OBJECT",
+                "name": "DastSiteProfileCreatePayload",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
             {
               "name": "deleteAnnotation",
               "description": null,

doc/api/graphql/reference/index.md

@@ -364,6 +364,16 @@ Autogenerated return type of CreateSnippet
 | `errors` | String! => Array | Errors encountered during execution of the mutation. |
 | `snippet` | Snippet | The snippet after mutation |
 
+## DastSiteProfileCreatePayload
+
+Autogenerated return type of DastSiteProfileCreate
+
+| Name  | Type  | Description |
+| ---   |  ---- | ----------  |
+| `clientMutationId` | String | A unique identifier for the client performing the mutation. |
+| `errors` | String! => Array | Errors encountered during execution of the mutation. |
+| `id` | ID | ID of the site profile. |
+
 ## DeleteAnnotationPayload
 
 Autogenerated return type of DeleteAnnotation

ee/app/graphql/ee/types/mutation_type.rb

@@ -22,6 +22,7 @@ module EE
         mount_mutation ::Mutations::InstanceSecurityDashboard::AddProject
         mount_mutation ::Mutations::InstanceSecurityDashboard::RemoveProject
         mount_mutation ::Mutations::Pipelines::RunDastScan
+        mount_mutation ::Mutations::DastSiteProfiles::Create
       end
     end
   end

ee/app/graphql/mutations/dast_site_profiles/create.rb

@@ -8,7 +8,7 @@ module Mutations
       graphql_name 'DastSiteProfileCreate'
 
       field :id, GraphQL::ID_TYPE,
-            null: false,
+            null: true,
             description: 'ID of the site profile.'
 
       argument :full_path, GraphQL::ID_TYPE,

ee/spec/requests/api/graphql/mutations/dast_site_profiles/create_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Creating a DAST Site Profile' do
+  include GraphqlHelpers
+
+  let(:project) { create(:project, :repository, creator: current_user) }
+  let(:current_user) { create(:user) }
+  let(:full_path) { project.full_path }
+  let(:profile_name) { FFaker::Company.catch_phrase }
+  let(:target_url) { FFaker::Internet.uri(:https) }
+
+  let(:mutation) do
+    graphql_mutation(
+      :dast_site_profile_create,
+      full_path: full_path,
+      profile_name: profile_name,
+      target_url: target_url
+    )
+  end
+
+  def mutation_response
+    graphql_mutation_response(:dast_site_profile_create)
+  end
+
+  context 'when on demand scan feature is not enabled' do
+    it_behaves_like 'a mutation that returns top-level errors',
+                    errors: ['The resource that you are attempting to access does not ' \
+                             'exist or you don\'t have permission to perform this action']
+  end
+
+  context 'when on demand scan feature is enabled' do
+    before do
+      stub_feature_flags(security_on_demand_scans_feature_flag: true)
+    end
+
+    context 'when the user does not have permission to run a dast scan' do
+      it_behaves_like 'a mutation that returns top-level errors',
+                      errors: ['The resource that you are attempting to access does not ' \
+                               'exist or you don\'t have permission to perform this action']
+    end
+
+    context 'when the user can run a dast scan' do
+      before do
+        project.add_developer(current_user)
+      end
+
+      it_behaves_like 'a mutation that returns errors in the response', errors: ['Not implemented']
+    end
+  end
+end