Commit 1956df1e authored by Mehmet Emin INAC's avatar Mehmet Emin INAC

Call vulnerability statistics update service

Call `Vulnerabilities::Statistics::UpdateService` service class from
the service classes where we update the state of vulnerability.
parent 4c111708
......@@ -16,6 +16,7 @@ module Vulnerabilities
return false unless vulnerability.update(params)
SystemNoteService.change_vulnerability_state(vulnerability, @user) if vulnerability.state_previously_changed?
Vulnerabilities::Statistics::UpdateService.update_for(vulnerability)
true
end
......
......@@ -20,6 +20,7 @@ module Vulnerabilities
finding = @project.vulnerability_findings.lock_for_confirmation!(@finding_id)
save_vulnerability(vulnerability, finding)
Statistics::UpdateService.update_for(vulnerability)
rescue ActiveRecord::RecordNotFound
vulnerability.errors.add(:base, _('finding is not found or is already attached to a vulnerability'))
raise ActiveRecord::Rollback
......
# frozen_string_literal: true
module Vulnerabilities
module Statistics
class UpdateService
def self.update_for(vulnerability)
new(vulnerability).execute
end
def initialize(vulnerability)
self.vulnerability = vulnerability
end
def execute
end
private
attr_accessor :vulnerability
def stat_diff
@stat_diff ||= vulnerability.stat_diff
end
end
end
end
......@@ -18,6 +18,7 @@ module Vulnerabilities
raise Gitlab::Access::AccessDeniedError unless can?(author, :create_vulnerability, project)
vulnerability.update!(vulnerability_params)
Statistics::UpdateService.update_for(vulnerability)
vulnerability
end
......
......@@ -21,6 +21,8 @@ RSpec.describe Vulnerabilities::ConfirmService do
project.add_developer(user)
end
it_behaves_like 'calls Vulnerabilities::Statistics::UpdateService'
it 'confirms a vulnerability' do
Timecop.freeze do
confirm_vulnerability
......
......@@ -20,6 +20,8 @@ RSpec.describe Vulnerabilities::CreateService do
project.add_developer(user)
end
it_behaves_like 'calls Vulnerabilities::Statistics::UpdateService'
it 'creates a vulnerability from finding and attaches it to the vulnerability' do
expect { subject }.to change { project.vulnerabilities.count }.by(1)
expect(project.vulnerabilities.last).to(
......
......@@ -21,6 +21,8 @@ RSpec.describe Vulnerabilities::DismissService do
project.add_developer(user)
end
it_behaves_like 'calls Vulnerabilities::Statistics::UpdateService'
it 'dismisses a vulnerability and its associated findings' do
Timecop.freeze do
dismiss_vulnerability
......
......@@ -21,6 +21,8 @@ RSpec.describe Vulnerabilities::ResolveService do
project.add_developer(user)
end
it_behaves_like 'calls Vulnerabilities::Statistics::UpdateService'
it 'resolves a vulnerability' do
Timecop.freeze do
resolve_vulnerability
......
......@@ -22,6 +22,8 @@ RSpec.describe Vulnerabilities::UpdateService do
project.add_developer(user)
end
it_behaves_like 'calls Vulnerabilities::Statistics::UpdateService'
context 'when neither severity nor confidence are overridden' do
it 'updates the vulnerability from updated finding (title, severity and confidence only)', :aggregate_failures do
expect { subject }.not_to change { project.vulnerabilities.count }
......
# frozen_string_literal: true
RSpec.shared_examples 'calls Vulnerabilities::Statistics::UpdateService' do
before do
allow(Vulnerabilities::Statistics::UpdateService).to receive(:update_for)
end
it 'calls the service class' do
subject
expect(Vulnerabilities::Statistics::UpdateService).to have_received(:update_for)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment