Commit 36408e3e authored by Philip Cunningham's avatar Philip Cunningham Committed by Stan Hu

Amend DAST shared examples to use let_it_be

parent 8551f067
...@@ -5,18 +5,21 @@ require 'spec_helper' ...@@ -5,18 +5,21 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Profile' do RSpec.describe 'Creating a DAST Profile' do
include GraphqlHelpers include GraphqlHelpers
let(:name) { SecureRandom.hex } let_it_be(:project) { create(:project, :repository) }
let(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:current_user) { create(:user) }
let(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) } let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let_it_be(:dast_profile_name) { SecureRandom.hex }
let(:dast_profile) { Dast::Profile.find_by(project: project, name: name) } let(:dast_profile) { Dast::Profile.find_by(project: project, name: dast_profile_name) }
let(:mutation_name) { :dast_profile_create } let(:mutation_name) { :dast_profile_create }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
name: name, name: dast_profile_name,
branch_name: project.default_branch, branch_name: project.default_branch,
dast_site_profile_id: global_id_of(dast_site_profile), dast_site_profile_id: global_id_of(dast_site_profile),
dast_scanner_profile_id: global_id_of(dast_scanner_profile), dast_scanner_profile_id: global_id_of(dast_scanner_profile),
...@@ -25,6 +28,7 @@ RSpec.describe 'Creating a DAST Profile' do ...@@ -25,6 +28,7 @@ RSpec.describe 'Creating a DAST Profile' do
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'returns dastProfile.id' do it 'returns dastProfile.id' do
subject subject
...@@ -49,7 +53,7 @@ RSpec.describe 'Creating a DAST Profile' do ...@@ -49,7 +53,7 @@ RSpec.describe 'Creating a DAST Profile' do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
name: name, name: dast_profile_name,
branch_name: project.default_branch, branch_name: project.default_branch,
dast_site_profile_id: global_id_of(dast_site_profile), dast_site_profile_id: global_id_of(dast_site_profile),
dast_scanner_profile_id: global_id_of(dast_scanner_profile), dast_scanner_profile_id: global_id_of(dast_scanner_profile),
...@@ -57,16 +61,13 @@ RSpec.describe 'Creating a DAST Profile' do ...@@ -57,16 +61,13 @@ RSpec.describe 'Creating a DAST Profile' do
dast_profile_schedule: { dast_profile_schedule: {
starts_at: Time.zone.now, starts_at: Time.zone.now,
active: true, active: true,
cadence: { cadence: { duration: 1, unit: 'DAY' },
duration: 1, timezone: 'America/New_York'
unit: "DAY"
},
timezone: "America/New_York"
} }
) )
end end
it 'creates dastProfileSchedule when passed' do it 'creates a Dast::ProfileSchedule' do
expect { subject }.to change { Dast::ProfileSchedule.count }.by(1) expect { subject }.to change { Dast::ProfileSchedule.count }.by(1)
end end
end end
......
...@@ -5,10 +5,11 @@ require 'spec_helper' ...@@ -5,10 +5,11 @@ require 'spec_helper'
RSpec.describe 'Deleting a DAST Profile' do RSpec.describe 'Deleting a DAST Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_profile) { create(:dast_profile, project: project) } let_it_be(:project) { create(:project) }
let_it_be(:current_user) { create(:user) }
let_it_be(:dast_profile) { create(:dast_profile, project: project) }
let(:mutation_name) { :dast_profile_delete } let(:mutation_name) { :dast_profile_delete }
let(:mutation) { graphql_mutation(mutation_name, id: global_id_of(dast_profile)) } let(:mutation) { graphql_mutation(mutation_name, id: global_id_of(dast_profile)) }
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
......
...@@ -5,7 +5,9 @@ require 'spec_helper' ...@@ -5,7 +5,9 @@ require 'spec_helper'
RSpec.describe 'Running a DAST Profile' do RSpec.describe 'Running a DAST Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_profile) { create(:dast_profile, project: project) } let_it_be(:project) { create(:project, :repository) }
let_it_be(:current_user) { create(:user) }
let_it_be(:dast_profile) { create(:dast_profile, project: project) }
let(:mutation_name) { :dast_profile_run } let(:mutation_name) { :dast_profile_run }
......
...@@ -5,7 +5,9 @@ require 'spec_helper' ...@@ -5,7 +5,9 @@ require 'spec_helper'
RSpec.describe 'Updating a DAST Profile' do RSpec.describe 'Updating a DAST Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_profile) { create(:dast_profile, project: project) } let_it_be(:project) { create(:project, :repository) }
let_it_be(:current_user) { create(:user) }
let_it_be(:dast_profile) { create(:dast_profile, project: project) }
let(:mutation_name) { :dast_profile_update } let(:mutation_name) { :dast_profile_update }
......
...@@ -5,11 +5,15 @@ require 'spec_helper' ...@@ -5,11 +5,15 @@ require 'spec_helper'
RSpec.describe 'Running a DAST Scan' do RSpec.describe 'Running a DAST Scan' do
include GraphqlHelpers include GraphqlHelpers
let(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:project) { create(:project, :repository) }
let(:dast_site_profile_id) { dast_site_profile.to_global_id.to_s } let_it_be(:current_user) { create(:user) }
let(:dast_scanner_profile_id) { nil } let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_site_profile_id) { global_id_of(dast_site_profile) }
let_it_be(:dast_scanner_profile_id) { nil }
let(:mutation_name) { :dast_on_demand_scan_create } let(:mutation_name) { :dast_on_demand_scan_create }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
...@@ -20,6 +24,7 @@ RSpec.describe 'Running a DAST Scan' do ...@@ -20,6 +24,7 @@ RSpec.describe 'Running a DAST Scan' do
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'returns a pipeline_url containing the correct path' do it 'returns a pipeline_url containing the correct path' do
post_graphql_mutation(mutation, current_user: current_user) post_graphql_mutation(mutation, current_user: current_user)
...@@ -32,8 +37,8 @@ RSpec.describe 'Running a DAST Scan' do ...@@ -32,8 +37,8 @@ RSpec.describe 'Running a DAST Scan' do
end end
context 'when dast_scanner_profile_id is provided' do context 'when dast_scanner_profile_id is provided' do
let(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) } let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) }
let(:dast_scanner_profile_id) { dast_scanner_profile.to_global_id.to_s } let_it_be(:dast_scanner_profile_id) { global_id_of(dast_scanner_profile) }
it 'returns an empty errors array' do it 'returns an empty errors array' do
subject subject
...@@ -47,17 +52,16 @@ RSpec.describe 'Running a DAST Scan' do ...@@ -47,17 +52,16 @@ RSpec.describe 'Running a DAST Scan' do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
dast_site_profile_id: dast_site_profile.dast_site.to_global_id.to_s dast_site_profile_id: global_id_of(dast_site_profile),
dast_scanner_profile_id: global_id_of(dast_site_profile)
) )
end end
it_behaves_like 'a mutation that returns top-level errors' do it_behaves_like 'a mutation that returns top-level errors' do
let(:match_errors) do let(:match_errors) do
gid = dast_site_profile.dast_site.to_global_id
eq(["Variable $dastOnDemandScanCreateInput of type DastOnDemandScanCreateInput! " \ eq(["Variable $dastOnDemandScanCreateInput of type DastOnDemandScanCreateInput! " \
"was provided invalid value for dastSiteProfileId (\"#{gid}\" does not " \ "was provided invalid value for dastScannerProfileId (\"#{dast_site_profile_id}\" does not " \
"represent an instance of DastSiteProfile)"]) "represent an instance of DastScannerProfile)"])
end end
end end
end end
......
...@@ -5,7 +5,10 @@ require 'spec_helper' ...@@ -5,7 +5,10 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Scanner Profile' do RSpec.describe 'Creating a DAST Scanner Profile' do
include GraphqlHelpers include GraphqlHelpers
let(:profile_name) { FFaker::Company.catch_phrase } let_it_be(:project) { create(:project) }
let_it_be(:current_user) { create(:user) }
let_it_be(:profile_name) { FFaker::Company.catch_phrase }
let(:dast_scanner_profile) { DastScannerProfile.find_by(project: project, name: profile_name) } let(:dast_scanner_profile) { DastScannerProfile.find_by(project: project, name: profile_name) }
let(:mutation_name) { :dast_scanner_profile_create } let(:mutation_name) { :dast_scanner_profile_create }
...@@ -18,11 +21,12 @@ RSpec.describe 'Creating a DAST Scanner Profile' do ...@@ -18,11 +21,12 @@ RSpec.describe 'Creating a DAST Scanner Profile' do
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'returns the dast_scanner_profile id' do it 'returns the dast_scanner_profile id' do
post_graphql_mutation(mutation, current_user: current_user) post_graphql_mutation(mutation, current_user: current_user)
expect(mutation_response['id']).to eq(dast_scanner_profile.to_global_id.to_s) expect(mutation_response['id']).to eq(global_id_of(dast_scanner_profile))
end end
it 'sets default values of omitted properties' do it 'sets default values of omitted properties' do
......
...@@ -4,10 +4,15 @@ require 'spec_helper' ...@@ -4,10 +4,15 @@ require 'spec_helper'
RSpec.describe 'Delete a DAST Scanner Profile' do RSpec.describe 'Delete a DAST Scanner Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) }
let(:dast_scanner_profile_id) { dast_scanner_profile.to_global_id.to_s } let_it_be(:project) { create(:project) }
let_it_be(:current_user) { create(:user) }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let_it_be(:dast_scanner_profile_id) { global_id_of(dast_scanner_profile) }
let(:mutation_name) { :dast_scanner_profile_delete } let(:mutation_name) { :dast_scanner_profile_delete }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
...@@ -23,14 +28,14 @@ RSpec.describe 'Delete a DAST Scanner Profile' do ...@@ -23,14 +28,14 @@ RSpec.describe 'Delete a DAST Scanner Profile' do
end end
context 'when the dast_scanner_profile belongs to another project' do context 'when the dast_scanner_profile belongs to another project' do
let(:project_1) { create(:project, :repository, creator: current_user) } let_it_be(:other_project) { create(:project, creator: current_user) }
let(:full_path) { project_1.full_path } let_it_be(:full_path) { other_project.full_path }
it_behaves_like 'a mutation that returns a top-level access error' it_behaves_like 'a mutation that returns a top-level access error'
end end
context 'when the dast_scanner_profile does not exist' do context 'when the dast_scanner_profile does not exist' do
let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: 'does_not_exist') } let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters'] it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters']
end end
......
...@@ -5,11 +5,12 @@ require 'spec_helper' ...@@ -5,11 +5,12 @@ require 'spec_helper'
RSpec.describe 'Update a DAST Scanner Profile' do RSpec.describe 'Update a DAST Scanner Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) } let_it_be(:project) { create(:project) }
let!(:dast_scanner_profile_1) { create(:dast_scanner_profile, project: project) } let_it_be(:current_user) { create(:user) }
let_it_be(:dast_scanner_profile) { create(:dast_scanner_profile, project: project, target_timeout: 200, spider_timeout: 5000) }
let_it_be(:new_profile_name) { SecureRandom.hex } let_it_be(:dast_scanner_profile_id) { global_id_of(dast_scanner_profile) }
let(:new_profile_name) { SecureRandom.hex }
let(:new_target_timeout) { dast_scanner_profile.target_timeout + 1 } let(:new_target_timeout) { dast_scanner_profile.target_timeout + 1 }
let(:new_spider_timeout) { dast_scanner_profile.spider_timeout + 1 } let(:new_spider_timeout) { dast_scanner_profile.spider_timeout + 1 }
let(:new_scan_type) { (DastScannerProfile.scan_types.keys - [DastScannerProfile.last.scan_type]).first } let(:new_scan_type) { (DastScannerProfile.scan_types.keys - [DastScannerProfile.last.scan_type]).first }
...@@ -17,11 +18,12 @@ RSpec.describe 'Update a DAST Scanner Profile' do ...@@ -17,11 +18,12 @@ RSpec.describe 'Update a DAST Scanner Profile' do
let(:new_show_debug_messages) { !dast_scanner_profile.show_debug_messages } let(:new_show_debug_messages) { !dast_scanner_profile.show_debug_messages }
let(:mutation_name) { :dast_scanner_profile_update } let(:mutation_name) { :dast_scanner_profile_update }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
id: dast_scanner_profile.to_global_id.to_s, id: dast_scanner_profile_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_timeout: new_target_timeout, target_timeout: new_target_timeout,
spider_timeout: new_spider_timeout, spider_timeout: new_spider_timeout,
...@@ -54,33 +56,22 @@ RSpec.describe 'Update a DAST Scanner Profile' do ...@@ -54,33 +56,22 @@ RSpec.describe 'Update a DAST Scanner Profile' do
end end
context 'when there is an issue updating the dast_scanner_profile' do context 'when there is an issue updating the dast_scanner_profile' do
let(:new_profile_name) { dast_scanner_profile_1.name } let_it_be(:other_dast_scanner_profile) { create(:dast_scanner_profile, project: project) }
let(:new_profile_name) { other_dast_scanner_profile.name }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Name has already been taken'] it_behaves_like 'a mutation that returns errors in the response', errors: ['Name has already been taken']
end end
context 'when the dast_scanner_profile does not exist' do context 'when the dast_scanner_profile does not exist' do
before do let(:dast_scanner_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastScannerProfile', id: non_existing_record_id) }
dast_scanner_profile.destroy!
end
it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters'] it_behaves_like 'a mutation that returns errors in the response', errors: ['Scanner profile not found for given parameters']
end end
context 'when the dast_scanner_profile belongs to a different project' do context 'when the dast_scanner_profile belongs to a different project' do
let(:mutation) do let_it_be(:other_project) { create(:project, creator: current_user) }
graphql_mutation( let_it_be(:full_path) { other_project.full_path }
mutation_name,
full_path: create(:project).full_path,
id: dast_scanner_profile.to_global_id.to_s,
profile_name: new_profile_name,
target_timeout: new_target_timeout,
spider_timeout: new_spider_timeout,
scan_type: new_scan_type.upcase,
use_ajax_spider: new_use_ajax_spider,
show_debug_messages: new_show_debug_messages
)
end
it_behaves_like 'a mutation that returns a top-level access error' it_behaves_like 'a mutation that returns a top-level access error'
end end
......
...@@ -5,11 +5,14 @@ require 'spec_helper' ...@@ -5,11 +5,14 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Site Profile' do RSpec.describe 'Creating a DAST Site Profile' do
include GraphqlHelpers include GraphqlHelpers
let(:profile_name) { FFaker::Company.catch_phrase } let_it_be(:project) { create(:project) }
let(:target_url) { generate(:url) } let_it_be(:current_user) { create(:user) }
let(:dast_site_profile) { DastSiteProfile.find_by(project: project, name: profile_name) }
let_it_be(:profile_name) { FFaker::Company.catch_phrase }
let_it_be(:target_url) { generate(:url) }
let(:mutation_name) { :dast_site_profile_create } let(:mutation_name) { :dast_site_profile_create }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
...@@ -31,10 +34,13 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -31,10 +34,13 @@ RSpec.describe 'Creating a DAST Site Profile' do
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'returns the dast_site_profile id' do it 'returns the dast_site_profile id' do
subject subject
dast_site_profile = DastSiteProfile.find_by(project: project, name: profile_name)
expect(mutation_response).to include('id' => global_id_of(dast_site_profile)) expect(mutation_response).to include('id' => global_id_of(dast_site_profile))
end end
end end
......
...@@ -5,10 +5,13 @@ require 'spec_helper' ...@@ -5,10 +5,13 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Site Profile' do RSpec.describe 'Creating a DAST Site Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:project) { create(:project) }
let_it_be(:current_user) { create(:user) }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_site_profile_id) { global_id_of(dast_site_profile) }
let(:mutation_name) { :dast_site_profile_delete } let(:mutation_name) { :dast_site_profile_delete }
let(:dast_site_profile_id) { dast_site_profile.to_global_id.to_s }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
...@@ -18,6 +21,7 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -18,6 +21,7 @@ RSpec.describe 'Creating a DAST Site Profile' do
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'deletes the dast_site_profile' do it 'deletes the dast_site_profile' do
expect { subject }.to change { DastSiteProfile.count }.by(-1) expect { subject }.to change { DastSiteProfile.count }.by(-1)
...@@ -34,39 +38,26 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -34,39 +38,26 @@ RSpec.describe 'Creating a DAST Site Profile' do
end end
context 'when the dast_site_profile does not exist' do context 'when the dast_site_profile does not exist' do
let(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: 'does_not_exist') } let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
it_behaves_like 'a mutation that returns errors in the response', errors: ['Site profile not found for given parameters'] it_behaves_like 'a mutation that returns errors in the response', errors: ['Site profile not found for given parameters']
end end
context 'when wrong type of global id is passed' do context 'when wrong type of global id is passed' do
let(:mutation) do let_it_be(:dast_site_profile_id) { global_id_of(dast_site_profile.dast_site) }
graphql_mutation(
mutation_name,
full_path: full_path,
id: dast_site_profile.dast_site.to_global_id.to_s
)
end
it_behaves_like 'a mutation that returns top-level errors' do it_behaves_like 'a mutation that returns top-level errors' do
let(:match_errors) do let(:match_errors) do
gid = dast_site_profile.dast_site.to_global_id
eq(["Variable $dastSiteProfileDeleteInput of type DastSiteProfileDeleteInput! " \ eq(["Variable $dastSiteProfileDeleteInput of type DastSiteProfileDeleteInput! " \
"was provided invalid value for id (\"#{gid}\" does not represent an instance " \ "was provided invalid value for id (\"#{dast_site_profile_id}\" does not represent an instance " \
"of DastSiteProfile)"]) "of DastSiteProfile)"])
end end
end end
end end
context 'when the dast_site_profile belongs to a different project' do context 'when the dast_site_profile belongs to a different project' do
let(:mutation) do let_it_be(:other_project) { create(:project) }
graphql_mutation( let_it_be(:full_path) { other_project.full_path }
mutation_name,
full_path: create(:project).full_path,
id: dast_site_profile.to_global_id.to_s
)
end
it_behaves_like 'a mutation that returns a top-level access error' it_behaves_like 'a mutation that returns a top-level access error'
end end
......
...@@ -5,17 +5,21 @@ require 'spec_helper' ...@@ -5,17 +5,21 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Site Profile' do RSpec.describe 'Creating a DAST Site Profile' do
include GraphqlHelpers include GraphqlHelpers
let!(:dast_site_profile) { create(:dast_site_profile, project: project) } let_it_be(:project) { create(:project) }
let_it_be(:current_user) { create(:user) }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:dast_site_profile_id) { global_id_of(dast_site_profile) }
let(:new_profile_name) { SecureRandom.hex } let_it_be(:new_profile_name) { SecureRandom.hex }
let(:new_target_url) { generate(:url) } let_it_be(:new_target_url) { generate(:url) }
let(:mutation_name) { :dast_site_profile_update } let(:mutation_name) { :dast_site_profile_update }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
id: dast_site_profile.to_global_id.to_s, id: dast_site_profile_id,
profile_name: new_profile_name, profile_name: new_profile_name,
target_url: new_target_url, target_url: new_target_url,
target_type: 'API', target_type: 'API',
...@@ -64,45 +68,26 @@ RSpec.describe 'Creating a DAST Site Profile' do ...@@ -64,45 +68,26 @@ RSpec.describe 'Creating a DAST Site Profile' do
end end
context 'when the dast_site_profile does not exist' do context 'when the dast_site_profile does not exist' do
before do let_it_be(:dast_site_profile_id) { Gitlab::GlobalId.build(nil, model_name: 'DastSiteProfile', id: non_existing_record_id) }
dast_site_profile.destroy!
end
it_behaves_like 'a mutation that returns errors in the response', errors: ['DastSiteProfile not found'] it_behaves_like 'a mutation that returns errors in the response', errors: ['DastSiteProfile not found']
end end
context 'when wrong type of global id is passed' do context 'when wrong type of global id is passed' do
let(:mutation) do let_it_be(:dast_site_profile_id) { global_id_of(project) }
graphql_mutation(
mutation_name,
full_path: full_path,
id: dast_site_profile.dast_site.to_global_id.to_s,
profile_name: new_profile_name,
target_url: new_target_url
)
end
it_behaves_like 'a mutation that returns top-level errors' do it_behaves_like 'a mutation that returns top-level errors' do
let(:match_errors) do let(:match_errors) do
gid = dast_site_profile.dast_site.to_global_id
eq(["Variable $dastSiteProfileUpdateInput of type DastSiteProfileUpdateInput! " \ eq(["Variable $dastSiteProfileUpdateInput of type DastSiteProfileUpdateInput! " \
"was provided invalid value for id (\"#{gid}\" does not represent an instance " \ "was provided invalid value for id (\"#{dast_site_profile_id}\" does not represent an instance " \
"of DastSiteProfile)"]) "of DastSiteProfile)"])
end end
end end
end end
context 'when the dast_site_profile belongs to a different project' do context 'when the dast_site_profile belongs to a different project' do
let(:mutation) do let_it_be(:other_project) { create(:project, creator: current_user) }
graphql_mutation( let_it_be(:full_path) { other_project.full_path }
mutation_name,
full_path: create(:project).full_path,
id: dast_site_profile.to_global_id.to_s,
profile_name: new_profile_name,
target_url: new_target_url
)
end
it_behaves_like 'a mutation that returns a top-level access error' it_behaves_like 'a mutation that returns a top-level access error'
end end
......
...@@ -5,16 +5,17 @@ require 'spec_helper' ...@@ -5,16 +5,17 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Site Token' do RSpec.describe 'Creating a DAST Site Token' do
include GraphqlHelpers include GraphqlHelpers
let(:target_url) { generate(:url) } let_it_be(:project) { create(:project) }
let(:dast_site_token) { DastSiteToken.find_by!(project: project, token: uuid) } let_it_be(:current_user) { create(:user) }
let(:uuid) { '0000-0000-0000-0000' } let_it_be(:uuid) { '0000-0000-0000-0000' }
let(:mutation_name) { :dast_site_token_create } let(:mutation_name) { :dast_site_token_create }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
target_url: target_url target_url: generate(:url)
) )
end end
...@@ -23,11 +24,14 @@ RSpec.describe 'Creating a DAST Site Token' do ...@@ -23,11 +24,14 @@ RSpec.describe 'Creating a DAST Site Token' do
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'returns the dast_site_token id' do it 'returns the dast_site_token id' do
subject subject
expect(mutation_response["id"]).to eq(dast_site_token.to_global_id.to_s) dast_site_token = DastSiteToken.find_by!(project: project, token: uuid)
expect(mutation_response["id"]).to eq(global_id_of(dast_site_token))
end end
it 'creates a new dast_site_token' do it 'creates a new dast_site_token' do
......
...@@ -5,28 +5,33 @@ require 'spec_helper' ...@@ -5,28 +5,33 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Site Token' do RSpec.describe 'Creating a DAST Site Token' do
include GraphqlHelpers include GraphqlHelpers
let(:dast_site) { create(:dast_site, project: project) } let_it_be(:project) { create(:project, :repository) }
let(:dast_site_token) { create(:dast_site_token, project: project, url: dast_site.url) } let_it_be(:current_user) { create(:user) }
let(:validation_path) { SecureRandom.hex } let_it_be(:dast_site) { create(:dast_site, project: project) }
let(:dast_site_validation) { DastSiteValidation.find_by!(url_path: validation_path) } let_it_be(:dast_site_token) { create(:dast_site_token, project: project, url: dast_site.url) }
let_it_be(:validation_path) { SecureRandom.hex }
let(:mutation_name) { :dast_site_validation_create } let(:mutation_name) { :dast_site_validation_create }
let(:mutation) do let(:mutation) do
graphql_mutation( graphql_mutation(
mutation_name, mutation_name,
full_path: full_path, full_path: full_path,
dast_site_token_id: dast_site_token.to_global_id.to_s, dast_site_token_id: global_id_of(dast_site_token),
validation_path: validation_path, validation_path: validation_path,
strategy: Types::DastSiteValidationStrategyEnum.values['TEXT_FILE'].graphql_name strategy: Types::DastSiteValidationStrategyEnum.values['TEXT_FILE'].graphql_name
) )
end end
it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan' it_behaves_like 'an on-demand scan mutation when user cannot run an on-demand scan'
it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do it_behaves_like 'an on-demand scan mutation when user can run an on-demand scan' do
it 'returns the dast_site_validation id' do it 'returns the dast_site_validation id' do
subject subject
expect(mutation_response["id"]).to eq(dast_site_validation.to_global_id.to_s) dast_site_validation = DastSiteValidation.find_by!(url_path: validation_path)
expect(mutation_response["id"]).to eq(global_id_of(dast_site_validation))
end end
it 'creates a new dast_site_validation' do it 'creates a new dast_site_validation' do
......
...@@ -5,8 +5,10 @@ require 'spec_helper' ...@@ -5,8 +5,10 @@ require 'spec_helper'
RSpec.describe 'Creating a DAST Site Token' do RSpec.describe 'Creating a DAST Site Token' do
include GraphqlHelpers include GraphqlHelpers
let(:dast_site_token) { create(:dast_site_token, project: project)} let_it_be(:project) { create(:project) }
let!(:dast_site_validation) { create(:dast_site_validation, state: :passed, dast_site_token: dast_site_token)} let_it_be(:current_user) { create(:user) }
let_it_be(:dast_site_token) { create(:dast_site_token, project: project)}
let_it_be(:dast_site_validation) { create(:dast_site_validation, state: :passed, dast_site_token: dast_site_token)}
let(:mutation_name) { :dast_site_validation_revoke } let(:mutation_name) { :dast_site_validation_revoke }
......
...@@ -2,13 +2,12 @@ ...@@ -2,13 +2,12 @@
require 'spec_helper' require 'spec_helper'
# There must be a method or let called `mutation` defined that executes # There must be a method or let named `mutation` defined that executes the
# the mutation and one called `mutation_name` that is the name of the # mutation and one named `mutation_name` that is the name of the mutation being
# mutation being executed. # executed. There must also be method or let named `project` and one named
# `current_user.`
RSpec.shared_examples 'an on-demand scan mutation when user can run an on-demand scan' do RSpec.shared_examples 'an on-demand scan mutation when user can run an on-demand scan' do
let(:project) { create(:project, :repository, creator: current_user) } let_it_be(:full_path) { project.full_path }
let(:current_user) { create(:user) }
let(:full_path) { project.full_path }
def mutation_response def mutation_response
graphql_mutation_response(mutation_name) graphql_mutation_response(mutation_name)
......
...@@ -2,13 +2,12 @@ ...@@ -2,13 +2,12 @@
require 'spec_helper' require 'spec_helper'
# There must be a method or let called `mutation` defined that executes # There must be a method or let named `mutation` defined that executes the
# the mutation and one called `mutation_name` that is the name of the # mutation and one named `mutation_name` that is the name of the mutation being
# mutation being executed. # executed. There must also be method or let named `project` and one named
# `current_user.`
RSpec.shared_examples 'an on-demand scan mutation when user cannot run an on-demand scan' do RSpec.shared_examples 'an on-demand scan mutation when user cannot run an on-demand scan' do
let(:project) { create(:project, :repository, creator: current_user) } let_it_be(:full_path) { project.full_path }
let(:current_user) { create(:user) }
let(:full_path) { project.full_path }
before do before do
stub_licensed_features(security_on_demand_scans: true) stub_licensed_features(security_on_demand_scans: true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment