Move VulnerabilityEntity to API entities and fix

Move VulnerabilityEntity from controller serializers folder to the EE API entities module and use ProjectEntity identity (which is also an EE API entity) to represent the `project` attribute of a Vulnerability.

Move VulnerabilityEntity to API entities and fix
Move VulnerabilityEntity from controller serializers folder to the EE API entities module and use ProjectEntity identity (which is also an EE API entity) to represent the `project` attribute of a Vulnerability.
cdb73626 · Victor Zagorodny · 8953e5c0 · 8953e5c0 · cdb73626 · cdb73626
Commit cdb73626 authored Nov 06, 2019 by Victor Zagorodny
7 changed files
--- a/ee/app/serializers/vulnerability_entity.rb
+++ b/ee/app/serializers/vulnerability_entity.rb
-# frozen_string_literal: true
-class VulnerabilityEntity < Grape::Entity
-  expose :id
-  expose :title
-  expose :description
-  expose :state
-  expose :severity
-  expose :confidence
-  expose :report_type
-  expose :project, using: ::ProjectEntity
-  expose :author_id
-  expose :updated_by_id
-  expose :last_edited_by_id
-  expose :closed_by_id
-  expose :start_date
-  expose :due_date
-  expose :created_at
-  expose :updated_at
-  expose :last_edited_at
-  expose :closed_at
-end
--- a/ee/lib/api/vulnerabilities.rb
+++ b/ee/lib/api/vulnerabilities.rb
@@ -21,7 +21,7 @@ module API
      def render_vulnerability(vulnerability)
        if vulnerability.valid?
-          present vulnerability, with: VulnerabilityEntity
+          present vulnerability, with: EE::API::Entities::Vulnerability
        else
          render_validation_error!(vulnerability)
        end
@@ -39,7 +39,7 @@ module API
    end
    resource :vulnerabilities do
      desc 'Resolve a vulnerability' do
-        success VulnerabilityEntity
+        success EE::API::Entities::Vulnerability
      end
      post ':id/resolve' do
        vulnerability = find_and_authorize_vulnerability!(:resolve_vulnerability)
@@ -50,7 +50,7 @@ module API
      end
      desc 'Dismiss a vulnerability' do
-        success VulnerabilityEntity
+        success EE::API::Entities::Vulnerability
      end
      post ':id/dismiss' do
        vulnerability = find_and_authorize_vulnerability!(:dismiss_vulnerability)
@@ -66,7 +66,7 @@ module API
    end
    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      desc 'Get a list of project vulnerabilities' do
-        success VulnerabilityEntity
+        success EE::API::Entities::Vulnerability
      end
      get ':id/vulnerabilities' do
        authorize! :read_project_security_dashboard, user_project
@@ -75,7 +75,7 @@ module API
          vulnerabilities_by(user_project)
        )
-        present vulnerabilities, with: VulnerabilityEntity
+        present vulnerabilities, with: EE::API::Entities::Vulnerability
      end
    end
  end

--- a/ee/lib/ee/api/entities.rb
+++ b/ee/lib/ee/api/entities.rb
@@ -895,6 +895,32 @@ module EE
        expose :updated_at
        expose :scopes, using: Scope
      end
+      class Vulnerability < Grape::Entity
+        expose :id
+        expose :title
+        expose :description
+        expose :state
+        expose :severity
+        expose :confidence
+        expose :report_type
+        expose :project, using: ::API::Entities::ProjectIdentity
+        expose :author_id
+        expose :updated_by_id
+        expose :last_edited_by_id
+        expose :closed_by_id
+        expose :start_date
+        expose :due_date
+        expose :created_at
+        expose :updated_at
+        expose :last_edited_at
+        expose :closed_at
+      end
    end
  end
 end
--- a/ee/spec/fixtures/api/schemas/vulnerability_list.json
+++ b/ee/spec/fixtures/api/schemas/vulnerability_list.json
--- a/ee/spec/fixtures/api/schemas/vulnerability.json
+++ b/ee/spec/fixtures/api/schemas/vulnerability.json
@@ -13,16 +13,7 @@
    },
    "confidence": {
      "type": "string",
-      "enum": [
+      "enum": ["undefined", "ignore", "unknown", "experimental", "low", "medium", "high", "confirmed"]
-        "undefined",
-        "ignore",
-        "unknown",
-        "experimental",
-        "low",
-        "medium",
-        "high",
-        "confirmed"
-      ]
    },
    "report_type": {
      "type": "string",
@@ -34,19 +25,14 @@
      ]
    },
    "project": {
-      "required": ["id", "name", "full_path", "full_name"],
+      "required": ["id", "name", "name_with_namespace", "description", "path", "path_with_namespace", "created_at"],
-      "id": {
+      "id": { "type": "integer" },
-        "type": "integer"
+      "name": { "type": "string" },
-      },
+      "name_with_namespace": { "type": "string" },
-      "name": {
+      "description": { "type": ["string", "null"] },
-        "type": "string"
+      "path": { "type": "string" },
-      },
+      "path_with_namespace": { "type": "string" },
-      "full_path": {
+      "created_at": { "type": "date" }
-        "type": "string"
-      },
-      "full_name": {
-        "type": "string"
-      }
    },
    "author_id": { "type": "integer" },
    "updated_by_id": { "type": ["integer", "null"] },

--- a/ee/spec/requests/api/vulnerabilities_spec.rb
+++ b/ee/spec/requests/api/vulnerabilities_spec.rb
@@ -51,7 +51,7 @@ describe API::Vulnerabilities do
        expect(response).to have_gitlab_http_status(200)
        expect(response).to include_pagination_headers
-        expect(response).to match_response_schema('vulnerability_list', dir: 'ee')
+        expect(response).to match_response_schema('public_api/v4/vulnerabilities', dir: 'ee')
        expect(response.headers['X-Total']).to eq project.vulnerabilities.count.to_s
      end
@@ -92,7 +92,7 @@ describe API::Vulnerabilities do
          subject
          expect(response).to have_gitlab_http_status(201)
-          expect(response).to match_response_schema('vulnerability', dir: 'ee')
+          expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
          expect(vulnerability.reload).to(
            have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))
@@ -165,7 +165,7 @@ describe API::Vulnerabilities do
          subject
          expect(response).to have_gitlab_http_status(201)
-          expect(response).to match_response_schema('vulnerability', dir: 'ee')
+          expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
          expect(vulnerability.reload).to(
            have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))

--- a/ee/spec/serializers/vulnerability_entity_spec.rb
+++ b/ee/spec/serializers/vulnerability_entity_spec.rb
-# frozen_string_literal: true
-require 'spec_helper'
-describe VulnerabilityEntity do
-  let(:vulnerability) do
-    create(:vulnerability)
-  end
-  let(:entity) do
-    described_class.represent(vulnerability)
-  end
-  subject { entity.to_json }
-  it { is_expected.to match_schema('vulnerability', dir: 'ee') }
-end