Commit cdb73626 authored by Victor Zagorodny's avatar Victor Zagorodny

Move VulnerabilityEntity to API entities and fix

Move VulnerabilityEntity from controller
serializers folder to the EE API entities module
and use ProjectEntity identity (which is also an
EE API entity) to represent the `project`
attribute of a Vulnerability.
parent 8953e5c0
# frozen_string_literal: true
class VulnerabilityEntity < Grape::Entity
expose :id
expose :title
expose :description
expose :state
expose :severity
expose :confidence
expose :report_type
expose :project, using: ::ProjectEntity
expose :author_id
expose :updated_by_id
expose :last_edited_by_id
expose :closed_by_id
expose :start_date
expose :due_date
expose :created_at
expose :updated_at
expose :last_edited_at
expose :closed_at
end
......@@ -21,7 +21,7 @@ module API
def render_vulnerability(vulnerability)
if vulnerability.valid?
present vulnerability, with: VulnerabilityEntity
present vulnerability, with: EE::API::Entities::Vulnerability
else
render_validation_error!(vulnerability)
end
......@@ -39,7 +39,7 @@ module API
end
resource :vulnerabilities do
desc 'Resolve a vulnerability' do
success VulnerabilityEntity
success EE::API::Entities::Vulnerability
end
post ':id/resolve' do
vulnerability = find_and_authorize_vulnerability!(:resolve_vulnerability)
......@@ -50,7 +50,7 @@ module API
end
desc 'Dismiss a vulnerability' do
success VulnerabilityEntity
success EE::API::Entities::Vulnerability
end
post ':id/dismiss' do
vulnerability = find_and_authorize_vulnerability!(:dismiss_vulnerability)
......@@ -66,7 +66,7 @@ module API
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
desc 'Get a list of project vulnerabilities' do
success VulnerabilityEntity
success EE::API::Entities::Vulnerability
end
get ':id/vulnerabilities' do
authorize! :read_project_security_dashboard, user_project
......@@ -75,7 +75,7 @@ module API
vulnerabilities_by(user_project)
)
present vulnerabilities, with: VulnerabilityEntity
present vulnerabilities, with: EE::API::Entities::Vulnerability
end
end
end
......
......@@ -895,6 +895,32 @@ module EE
expose :updated_at
expose :scopes, using: Scope
end
class Vulnerability < Grape::Entity
expose :id
expose :title
expose :description
expose :state
expose :severity
expose :confidence
expose :report_type
expose :project, using: ::API::Entities::ProjectIdentity
expose :author_id
expose :updated_by_id
expose :last_edited_by_id
expose :closed_by_id
expose :start_date
expose :due_date
expose :created_at
expose :updated_at
expose :last_edited_at
expose :closed_at
end
end
end
end
......@@ -13,16 +13,7 @@
},
"confidence": {
"type": "string",
"enum": [
"undefined",
"ignore",
"unknown",
"experimental",
"low",
"medium",
"high",
"confirmed"
]
"enum": ["undefined", "ignore", "unknown", "experimental", "low", "medium", "high", "confirmed"]
},
"report_type": {
"type": "string",
......@@ -34,19 +25,14 @@
]
},
"project": {
"required": ["id", "name", "full_path", "full_name"],
"id": {
"type": "integer"
},
"name": {
"type": "string"
},
"full_path": {
"type": "string"
},
"full_name": {
"type": "string"
}
"required": ["id", "name", "name_with_namespace", "description", "path", "path_with_namespace", "created_at"],
"id": { "type": "integer" },
"name": { "type": "string" },
"name_with_namespace": { "type": "string" },
"description": { "type": ["string", "null"] },
"path": { "type": "string" },
"path_with_namespace": { "type": "string" },
"created_at": { "type": "date" }
},
"author_id": { "type": "integer" },
"updated_by_id": { "type": ["integer", "null"] },
......
......@@ -51,7 +51,7 @@ describe API::Vulnerabilities do
expect(response).to have_gitlab_http_status(200)
expect(response).to include_pagination_headers
expect(response).to match_response_schema('vulnerability_list', dir: 'ee')
expect(response).to match_response_schema('public_api/v4/vulnerabilities', dir: 'ee')
expect(response.headers['X-Total']).to eq project.vulnerabilities.count.to_s
end
......@@ -92,7 +92,7 @@ describe API::Vulnerabilities do
subject
expect(response).to have_gitlab_http_status(201)
expect(response).to match_response_schema('vulnerability', dir: 'ee')
expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
expect(vulnerability.reload).to(
have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))
......@@ -165,7 +165,7 @@ describe API::Vulnerabilities do
subject
expect(response).to have_gitlab_http_status(201)
expect(response).to match_response_schema('vulnerability', dir: 'ee')
expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
expect(vulnerability.reload).to(
have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))
......
# frozen_string_literal: true
require 'spec_helper'
describe VulnerabilityEntity do
let(:vulnerability) do
create(:vulnerability)
end
let(:entity) do
described_class.represent(vulnerability)
end
subject { entity.to_json }
it { is_expected.to match_schema('vulnerability', dir: 'ee') }
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment