Truncate body length

Add shared files for body Changelog: changed EE: true

Truncate body length
Add shared files for body Changelog: changed EE: true
fd3480de · Jonathan Schafer · ad50fc7c · fd3480de · fd3480de · fd3480de
Commit fd3480de authored Jun 29, 2021 by Jonathan Schafer
6 changed files
--- a/ee/app/models/vulnerabilities/finding/evidence/request.rb
+++ b/ee/app/models/vulnerabilities/finding/evidence/request.rb
@@ -4,6 +4,8 @@ module Vulnerabilities
  class Finding
    class Evidence
      class Request < ApplicationRecord
+        include WithBody
+
        self.table_name = 'vulnerability_finding_evidence_requests'

        belongs_to :evidence, class_name: 'Vulnerabilities::Finding::Evidence', inverse_of: :request, foreign_key: 'vulnerability_finding_evidence_id', optional: false
@@ -11,7 +13,6 @@ module Vulnerabilities

        validates :method, length: { maximum: 32 }
        validates :url, length: { maximum: 2048 }
-        validates :body, length: { maximum: 2048 }
      end
    end
  end

--- a/ee/app/models/vulnerabilities/finding/evidence/response.rb
+++ b/ee/app/models/vulnerabilities/finding/evidence/response.rb
@@ -4,13 +4,14 @@ module Vulnerabilities
  class Finding
    class Evidence
      class Response < ApplicationRecord
+        include WithBody
+
        self.table_name = 'vulnerability_finding_evidence_responses'

        belongs_to :evidence, class_name: 'Vulnerabilities::Finding::Evidence', inverse_of: :response, foreign_key: 'vulnerability_finding_evidence_id', optional: false
        has_many :headers, class_name: 'Vulnerabilities::Finding::Evidence::Header', inverse_of: :response, foreign_key: 'vulnerability_finding_evidence_response_id'

        validates :reason_phrase, length: { maximum: 2048 }
-        validates :body, length: { maximum: 2048 }
      end
    end
  end

--- a/ee/app/models/vulnerabilities/finding/evidence/with_body.rb
+++ b/ee/app/models/vulnerabilities/finding/evidence/with_body.rb
+# frozen_string_literal: true
+
+module Vulnerabilities
+  class Finding
+    class Evidence
+      module WithBody
+        extend ActiveSupport::Concern
+
+        MAX_BODY_LENGTH = 2048
+
+        included do
+          before_validation :truncate_body
+
+          validates :body, length: { maximum: MAX_BODY_LENGTH }
+        end
+
+        private
+
+        def truncate_body
+          return unless self.body
+
+          self.body = self.body.truncate(MAX_BODY_LENGTH, omission: "---- TRUNCATED(Total Length: #{self.body.length} characters) ----")
+        end
+      end
+    end
+  end
+end
--- a/ee/spec/models/vulnerabilities/finding/evidence/body_shared_examples.rb
+++ b/ee/spec/models/vulnerabilities/finding/evidence/body_shared_examples.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.shared_examples 'body shared examples' do |container_type|
+  it 'truncates the body to field length' do
+    max_body_length = Vulnerabilities::Finding::Evidence::WithBody::MAX_BODY_LENGTH
+    container = build(container_type, body: '0' * max_body_length * 2)
+
+    expect(container.body.length).to eq(max_body_length * 2)
+    container.validate
+    expect(container.body.length).to eq(max_body_length)
+  end
+end
--- a/ee/spec/models/vulnerabilities/finding/evidence/request_spec.rb
+++ b/ee/spec/models/vulnerabilities/finding/evidence/request_spec.rb
 # frozen_string_literal: true

 require 'spec_helper'
+require_relative './body_shared_examples'

 RSpec.describe Vulnerabilities::Finding::Evidence::Request do
  it { is_expected.to belong_to(:evidence).class_name('Vulnerabilities::Finding::Evidence').inverse_of(:request).required }
@@ -8,5 +9,6 @@ RSpec.describe Vulnerabilities::Finding::Evidence::Request do

  it { is_expected.to validate_length_of(:method).is_at_most(32) }
  it { is_expected.to validate_length_of(:url).is_at_most(2048) }
-  it { is_expected.to validate_length_of(:body).is_at_most(2048) }
+
+  it_behaves_like 'body shared examples', :vulnerabilties_finding_evidence_request
 end
--- a/ee/spec/models/vulnerabilities/finding/evidence/response_spec.rb
+++ b/ee/spec/models/vulnerabilities/finding/evidence/response_spec.rb
 # frozen_string_literal: true

 require 'spec_helper'
+require_relative './body_shared_examples'

 RSpec.describe Vulnerabilities::Finding::Evidence::Response do
  it { is_expected.to belong_to(:evidence).class_name('Vulnerabilities::Finding::Evidence').inverse_of(:response).required }
  it { is_expected.to have_many(:headers).class_name('Vulnerabilities::Finding::Evidence::Header').with_foreign_key('vulnerability_finding_evidence_response_id').inverse_of(:response) }

  it { is_expected.to validate_length_of(:reason_phrase).is_at_most(2048) }
-  it { is_expected.to validate_length_of(:body).is_at_most(2048) }
+
+  it_behaves_like 'body shared examples', :vulnerabilties_finding_evidence_response
 end