Merge branch '213013_group_level_security_reports_entity_changes' into 'master'

Extend the exportable types of export with Group See merge request gitlab-org/gitlab!31879

Merge branch '213013_group_level_security_reports_entity_changes' into 'master'
Extend the exportable types of export with Group See merge request gitlab-org/gitlab!31879
e3f5ac66 · Dylan Griffith · f994e6a7 · e268eb55 · e3f5ac66 · e3f5ac66
Commit e3f5ac66 authored May 18, 2020 by Dylan Griffith
3 changed files
--- a/ee/app/models/vulnerabilities/export.rb
+++ b/ee/app/models/vulnerabilities/export.rb
@@ -19,6 +19,7 @@ module Vulnerabilities
    validates :status, presence: true
    validates :format, presence: true
    validates :file, presence: true, if: :finished?
+    validate :only_one_exportable

    state_machine :status, initial: :created do
      event :start do
@@ -48,15 +49,17 @@ module Vulnerabilities
    end

    def exportable
-      project || author.security_dashboard
+      project || group || author.security_dashboard
    end

    def exportable=(value)
      case value
      when Project
-        self.project = value
+        make_project_level_export(value)
+      when Group
+        make_group_level_export(value)
      when InstanceSecurityDashboard
-        self.project = nil
+        make_instance_level_export
      else
        raise "Can not assign #{value.class} as exportable"
      end
@@ -75,5 +78,25 @@ module Vulnerabilities
      # which happens after object is inserted/updated
      self.update_column(:file_store, file.object_store)
    end
+
+    private
+
+    def make_project_level_export(project)
+      self.project = project
+      self.group = nil
+    end
+
+    def make_group_level_export(group)
+      self.group = group
+      self.project = nil
+    end
+
+    def make_instance_level_export
+      self.project = self.group = nil
+    end
+
+    def only_one_exportable
+      errors.add(:base, _('Project & Group can not be assigned at the same time')) if project && group
+    end
  end
 end
--- a/ee/spec/models/vulnerabilities/export_spec.rb
+++ b/ee/spec/models/vulnerabilities/export_spec.rb
@@ -23,6 +23,49 @@ describe Vulnerabilities::Export do

      it { is_expected.to validate_presence_of(:file) }
    end
+
+    describe 'presence of both project and group' do
+      let(:export) { build(:vulnerability_export, project: project, group: group) }
+      let(:expected_error) { _('Project & Group can not be assigned at the same time') }
+
+      subject { export.errors[:base] }
+
+      before do
+        export.validate
+      end
+
+      context 'when the project is present' do
+        let(:project) { build(:project) }
+
+        context 'when the group is present' do
+          let(:group) { build(:group) }
+
+          it { is_expected.to include(expected_error) }
+        end
+
+        context 'when the group is not present' do
+          let(:group) { nil }
+
+          it { is_expected.not_to include(expected_error) }
+        end
+      end
+
+      context 'when the project is not present' do
+        let(:project) { nil }
+
+        context 'when the group is present' do
+          let(:group) { build(:group) }
+
+          it { is_expected.not_to include(expected_error) }
+        end
+
+        context 'when the group is not present' do
+          let(:group) { nil }
+
+          it { is_expected.not_to include(expected_error) }
+        end
+      end
+    end
  end

  describe '#status' do
@@ -74,19 +117,28 @@ describe Vulnerabilities::Export do
      let(:project) { build(:project) }
      let(:vulnerability_export) { build(:vulnerability_export, project: project) }

-      it { is_expected.to eql(project) }
+      it { is_expected.to eq(project) }
    end

    context 'when the export does not have project assigned' do
-      let(:author) { build(:user) }
-      let(:vulnerability_export) { build(:vulnerability_export, :user, author: author) }
-      let(:mock_security_dashboard) { instance_double(InstanceSecurityDashboard) }
+      context 'when the export has group assigned' do
+        let(:group) { build(:group) }
+        let(:vulnerability_export) { build(:vulnerability_export, :group, group: group) }

-      before do
-        allow(author).to receive(:security_dashboard).and_return(mock_security_dashboard)
+        it { is_expected.to eq(group) }
      end

-      it { is_expected.to eql(mock_security_dashboard) }
+      context 'when the export does not have group assigned' do
+        let(:author) { build(:user) }
+        let(:vulnerability_export) { build(:vulnerability_export, :user, author: author) }
+        let(:mock_security_dashboard) { instance_double(InstanceSecurityDashboard) }
+
+        before do
+          allow(author).to receive(:security_dashboard).and_return(mock_security_dashboard)
+        end
+
+        it { is_expected.to eq(mock_security_dashboard) }
+      end
    end
  end

@@ -103,6 +155,14 @@ describe Vulnerabilities::Export do
      end
    end

+    context 'when the exportable is a Group' do
+      let(:exportable) { build(:group) }
+
+      it 'changes the exportable of the export to given group' do
+        expect { set_exportable }.to change { vulnerability_export.exportable }.to(exportable)
+      end
+    end
+
    context 'when the exportable is an InstanceSecurityDashboard' do
      let(:exportable) { InstanceSecurityDashboard.new(vulnerability_export.author) }


--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -16282,6 +16282,9 @@ msgstr ""
 msgid "Project %{project_repo} could not be found"
 msgstr ""

+msgid "Project & Group can not be assigned at the same time"
+msgstr ""
+
 msgid "Project '%{project_name}' is being imported."
 msgstr ""