Commit f9f7ab0b authored by adarsh ravi's avatar adarsh ravi Committed by Luke Duncalfe

Move from let! to let_it_be to optimize performance

parent b4b045fa
...@@ -3,6 +3,11 @@ ...@@ -3,6 +3,11 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe Security::Finding do RSpec.describe Security::Finding do
let_it_be(:scan_1) { create(:security_scan, scan_type: :sast) }
let_it_be(:scan_2) { create(:security_scan, scan_type: :dast) }
let_it_be(:finding_1) { create(:security_finding, scan: scan_1) }
let_it_be(:finding_2) { create(:security_finding, scan: scan_2) }
describe 'associations' do describe 'associations' do
it { is_expected.to belong_to(:scan).required } it { is_expected.to belong_to(:scan).required }
it { is_expected.to belong_to(:scanner).required } it { is_expected.to belong_to(:scanner).required }
...@@ -20,8 +25,6 @@ RSpec.describe Security::Finding do ...@@ -20,8 +25,6 @@ RSpec.describe Security::Finding do
end end
describe '.by_uuid' do describe '.by_uuid' do
let!(:finding_1) { create(:security_finding) }
let!(:finding_2) { create(:security_finding) }
let(:expected_findings) { [finding_1] } let(:expected_findings) { [finding_1] }
subject { described_class.by_uuid(finding_1.uuid) } subject { described_class.by_uuid(finding_1.uuid) }
...@@ -30,40 +33,39 @@ RSpec.describe Security::Finding do ...@@ -30,40 +33,39 @@ RSpec.describe Security::Finding do
end end
describe '.by_build_ids' do describe '.by_build_ids' do
let!(:finding_1) { create(:security_finding) }
let!(:finding_2) { create(:security_finding) }
subject { described_class.by_build_ids(finding_1.scan.build_id) } subject { described_class.by_build_ids(finding_1.scan.build_id) }
it { is_expected.to eq([finding_1]) } it { is_expected.to eq([finding_1]) }
end end
describe '.by_severity_levels' do describe '.by_severity_levels' do
let!(:critical_severity_finding) { create(:security_finding, severity: :critical) } let(:expected_findings) { [finding_2] }
let!(:high_severity_finding) { create(:security_finding, severity: :high) }
let(:expected_findings) { [critical_severity_finding] }
subject { described_class.by_severity_levels(:critical) } subject { described_class.by_severity_levels(:critical) }
before do
finding_1.update! severity: :high
finding_2.update! severity: :critical
end
it { is_expected.to match_array(expected_findings) } it { is_expected.to match_array(expected_findings) }
end end
describe '.by_confidence_levels' do describe '.by_confidence_levels' do
let!(:high_confidence_finding) { create(:security_finding, confidence: :high) } let(:expected_findings) { [finding_2] }
let!(:low_confidence_finding) { create(:security_finding, confidence: :low) }
let(:expected_findings) { [high_confidence_finding] }
subject { described_class.by_confidence_levels(:high) } subject { described_class.by_confidence_levels(:high) }
before do
finding_1.update! confidence: :low
finding_2.update! confidence: :high
end
it { is_expected.to match_array(expected_findings) } it { is_expected.to match_array(expected_findings) }
end end
describe '.by_report_types' do describe '.by_report_types' do
let!(:sast_scan) { create(:security_scan, scan_type: :sast) } let(:expected_findings) { [finding_1] }
let!(:dast_scan) { create(:security_scan, scan_type: :dast) }
let!(:sast_finding) { create(:security_finding, scan: sast_scan) }
let!(:dast_finding) { create(:security_finding, scan: dast_scan) }
let(:expected_findings) { [sast_finding] }
subject { described_class.by_report_types(:sast) } subject { described_class.by_report_types(:sast) }
...@@ -71,8 +73,6 @@ RSpec.describe Security::Finding do ...@@ -71,8 +73,6 @@ RSpec.describe Security::Finding do
end end
describe '.by_project_fingerprints' do describe '.by_project_fingerprints' do
let!(:finding_1) { create(:security_finding) }
let!(:finding_2) { create(:security_finding) }
let(:expected_findings) { [finding_1] } let(:expected_findings) { [finding_1] }
subject { described_class.by_project_fingerprints(finding_1.project_fingerprint) } subject { described_class.by_project_fingerprints(finding_1.project_fingerprint) }
...@@ -81,64 +81,63 @@ RSpec.describe Security::Finding do ...@@ -81,64 +81,63 @@ RSpec.describe Security::Finding do
end end
describe '.undismissed' do describe '.undismissed' do
let(:scan_1) { create(:security_scan) } let(:expected_findings) { [finding_2] }
let(:scan_2) { create(:security_scan) }
let!(:undismissed_finding) { create(:security_finding, scan: scan_1) }
let!(:dismissed_finding) { create(:security_finding, scan: scan_1) }
let(:expected_findings) { [undismissed_finding] }
subject { described_class.undismissed } subject { described_class.undismissed }
before do before do
finding_2.update! scan: scan_1
create(:vulnerability_feedback, create(:vulnerability_feedback,
:dismissal, :dismissal,
project: scan_1.project, project: scan_1.project,
category: scan_1.scan_type, category: scan_1.scan_type,
project_fingerprint: dismissed_finding.project_fingerprint) project_fingerprint: finding_1.project_fingerprint)
create(:vulnerability_feedback, create(:vulnerability_feedback,
:dismissal, :dismissal,
project: scan_2.project, project: scan_2.project,
category: scan_2.scan_type, category: scan_2.scan_type,
project_fingerprint: undismissed_finding.project_fingerprint) project_fingerprint: finding_2.project_fingerprint)
end end
it { is_expected.to match_array(expected_findings) } it { is_expected.to match_array(expected_findings) }
end end
describe '.ordered' do describe '.ordered' do
let!(:finding_1) { create(:security_finding, severity: :high, confidence: :unknown) } let_it_be(:finding_3) { create(:security_finding, severity: :critical, confidence: :confirmed) }
let!(:finding_2) { create(:security_finding, severity: :low, confidence: :confirmed) } let_it_be(:finding_4) { create(:security_finding, severity: :critical, confidence: :high) }
let!(:finding_3) { create(:security_finding, severity: :critical, confidence: :confirmed) }
let!(:finding_4) { create(:security_finding, severity: :critical, confidence: :high) }
let(:expected_findings) { [finding_3, finding_4, finding_1, finding_2] } let(:expected_findings) { [finding_3, finding_4, finding_1, finding_2] }
subject { described_class.ordered } subject { described_class.ordered }
before do
finding_1.update!(severity: :high, confidence: :unknown)
finding_2.update!(severity: :low, confidence: :confirmed)
end
it { is_expected.to eq(expected_findings) } it { is_expected.to eq(expected_findings) }
end end
describe '.deduplicated' do describe '.deduplicated' do
let!(:finding_1) { create(:security_finding, deduplicated: true) }
let!(:finding_2) { create(:security_finding, deduplicated: false) }
let(:expected_findings) { [finding_1] } let(:expected_findings) { [finding_1] }
subject { described_class.deduplicated } subject { described_class.deduplicated }
before do
finding_1.update! deduplicated: true
finding_2.update! deduplicated: false
end
it { is_expected.to eq(expected_findings) } it { is_expected.to eq(expected_findings) }
end end
describe '.count_by_scan_type' do describe '.count_by_scan_type' do
let!(:sast_scan) { create(:security_scan, scan_type: :sast) }
let!(:dast_scan) { create(:security_scan, scan_type: :dast) }
let!(:finding_1) { create(:security_finding, scan: sast_scan) }
let!(:finding_2) { create(:security_finding, scan: sast_scan) }
let!(:finding_3) { create(:security_finding, scan: dast_scan) }
subject { described_class.count_by_scan_type } subject { described_class.count_by_scan_type }
let_it_be(:finding_3) { create(:security_finding, scan: scan_1) }
it { it {
is_expected.to eq({ is_expected.to eq({
Security::Scan.scan_types['dast'] => 1, Security::Scan.scan_types['dast'] => 1,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment