Make VulnerabilitiesFinder agnostic

It can now take another a project or a group and give you the relevant vulnerabilities.

Make VulnerabilitiesFinder agnostic
It can now take another a project or a group and give you the relevant vulnerabilities.
158f2720 · Avielle Wolfe · Avielle Wolfe · 33f79100 · 158f2720 · 158f2720
Commit 158f2720 authored Jun 27, 2019 by Avielle Wolfe Committed by Avielle Wolfe Jul 09, 2019
3 changed files
--- a/ee/app/controllers/groups/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
@@ -44,6 +44,6 @@ class Groups::Security::VulnerabilitiesController < Groups::Security::Applicatio
  end

  def found_vulnerabilities(collection = :latest)
-    ::Security::VulnerabilitiesFinder.new(group: group, params: filter_params).execute(collection)
+    ::Security::VulnerabilitiesFinder.new(group, params: filter_params).execute(collection)
  end
 end
--- a/ee/app/finders/security/vulnerabilities_finder.rb
+++ b/ee/app/finders/security/vulnerabilities_finder.rb
@@ -5,7 +5,7 @@
 # Used to filter Vulnerabilities::Occurrences  by set of params for Security Dashboard
 #
 # Arguments:
-#   group - object to filter vulnerabilities
+#   vulnerable - object to filter vulnerabilities
 #   params:
 #     severity: Array<String>
 #     confidence: Array<String>
@@ -15,10 +15,10 @@
 module Security
  class VulnerabilitiesFinder
    attr_accessor :params
-    attr_reader :group
+    attr_reader :vulnerable

-    def initialize(group:, params: {})
-      @group = group
+    def initialize(vulnerable, params: {})
+      @vulnerable = vulnerable
      @params = params
    end

@@ -65,11 +65,11 @@ module Security

    def init_collection(scope)
      if scope == :all
-        group.all_vulnerabilities
+        vulnerable.all_vulnerabilities
      elsif scope == :with_sha
-        group.latest_vulnerabilities_with_sha
+        vulnerable.latest_vulnerabilities_with_sha
      else
-        group.latest_vulnerabilities
+        vulnerable.latest_vulnerabilities
      end
    end
  end

--- a/ee/spec/finders/security/vulnerabilities_finder_spec.rb
+++ b/ee/spec/finders/security/vulnerabilities_finder_spec.rb
@@ -15,7 +15,15 @@ describe Security::VulnerabilitiesFinder do
    set(:vulnerability3) { create(:vulnerabilities_occurrence, report_type: :sast, severity: :low, pipelines: [pipeline2], project: project2) }
    set(:vulnerability4) { create(:vulnerabilities_occurrence, report_type: :dast, severity: :medium, pipelines: [pipeline1], project: project1) }

-    subject { described_class.new(group: group, params: params).execute }
+    subject { described_class.new(group, params: params).execute }
+
+    it 'is agnostic between projects and groups' do
+      group_vulnerabilities = described_class.new(group).execute
+      project_vulnerabilities = described_class.new(project1).execute
+
+      expect(group_vulnerabilities.count).to be(4)
+      expect(project_vulnerabilities.count).to be(2)
+    end

    context 'by report type' do
      context 'when sast' do