Extend the test cases for deduplication logic

Also made some cosmetic changes.

Extend the test cases for deduplication logic
Also made some cosmetic changes.
4324cffc · Mehmet Emin INAC · 3be15804 · 4324cffc · 4324cffc · 4324cffc
Commit 4324cffc authored Dec 01, 2020 by Mehmet Emin INAC
4 changed files
--- a/ee/app/services/security/merge_reports_service.rb
+++ b/ee/app/services/security/merge_reports_service.rb
@@ -58,7 +58,7 @@ module Security

    def deduplicate_findings!
      @findings, * = @findings.each_with_object([[], Set.new]) do |finding, (deduplicated, seen_identifiers)|
-        next if finding.keys.any? { |key| seen_identifiers.member?(key) }
+        next if seen_identifiers.intersect?(finding.keys.to_set)

        seen_identifiers.merge(finding.keys)
        deduplicated << finding

--- a/ee/app/services/security/store_scan_service.rb
+++ b/ee/app/services/security/store_scan_service.rb
@@ -57,7 +57,7 @@ module Security
    end

    def register_keys(keys)
-      return false if keys.any? { |key| known_keys.member?(key) }
+      return false if known_keys.intersect?(keys.to_set)

      known_keys.merge(keys)
    end

--- a/ee/spec/lib/gitlab/ci/reports/security/finding_key_spec.rb
+++ b/ee/spec/lib/gitlab/ci/reports/security/finding_key_spec.rb
@@ -11,6 +11,9 @@ RSpec.describe Gitlab::Ci::Reports::Security::FindingKey do
      'location fp' | nil                     | 'identifier fp' | 'different identifier fp' | false
      'location fp' | 'different location fp' | nil             | 'different identifier fp' | false
      'location fp' | 'different location fp' | 'identifier fp' | nil                       | false
+      nil           | nil                     | 'identifier fp' | 'identifier fp'           | false
+      'location fp' | 'location fp'           | nil             | nil                       | false
+      nil           | nil                     | nil             | nil                       | false
      'location fp' | 'different location fp' | 'identifier fp' | 'different identifier fp' | false
      'location fp' | 'different location fp' | 'identifier fp' | 'identifier fp'           | false
      'location fp' | 'location fp'           | 'identifier fp' | 'different identifier fp' | false

--- a/ee/spec/lib/gitlab/ci/reports/security/identifier_spec.rb
+++ b/ee/spec/lib/gitlab/ci/reports/security/identifier_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'

 RSpec.describe Gitlab::Ci::Reports::Security::Identifier do
+  using RSpec::Parameterized::TableSyntax
+
  describe '#initialize' do
    subject { described_class.new(**params) }

@@ -52,39 +54,39 @@ RSpec.describe Gitlab::Ci::Reports::Security::Identifier do
    end
  end

-  describe '#cve?' do
-    let(:identifier) { create(:ci_reports_security_identifier, external_type: external_type) }
-
-    subject { identifier.cve? }
-
-    context 'when has cve as external type' do
-      let(:external_type) { 'Cve' }
-
-      it { is_expected.to eq(true) }
+  describe '#type_identifier?' do
+    where(:external_type, :expected_result) do
+      'cve'  | false
+      'foo'  | false
+      'cwe'  | true
+      'wasc' | true
    end

-    context 'when does not have cve as external type' do
-      let(:external_type) { 'Cwe' }
+    with_them do
+      let(:identifier) { create(:ci_reports_security_identifier, external_type: external_type) }
+
+      subject { identifier.type_identifier? }

-      it { is_expected.to eq(false) }
+      it { is_expected.to be(expected_result) }
    end
  end

-  describe '#cwe?' do
-    let(:identifier) { create(:ci_reports_security_identifier, external_type: external_type) }
-
-    subject { identifier.cwe? }
-
-    context 'when has cwe as external type' do
-      let(:external_type) { 'Cwe' }
-
-      it { is_expected.to eq(true) }
+  describe 'external type check methods' do
+    where(:external_type, :is_cve?, :is_cwe?, :is_wasc?) do
+      'Foo'  | false | false | false
+      'Cve'  | true  | false | false
+      'Cwe'  | false | true  | false
+      'Wasc' | false | false | true
    end

-    context 'when does not have cwe as external type' do
-      let(:external_type) { 'Cve' }
+    with_them do
+      let(:identifier) { create(:ci_reports_security_identifier, external_type: external_type) }

-      it { is_expected.to eq(false) }
+      it 'returns correct result for the type check method' do
+        expect(identifier.cve?).to be(is_cve?)
+        expect(identifier.cwe?).to be(is_cwe?)
+        expect(identifier.wasc?).to be(is_wasc?)
+      end
    end
  end

@@ -105,8 +107,6 @@ RSpec.describe Gitlab::Ci::Reports::Security::Identifier do
  end

  describe '#==' do
-    using RSpec::Parameterized::TableSyntax
-
    where(:type_1, :id_1, :type_2, :id_2, :equal, :case_name) do
      'CVE' | '2018-1234' | 'CVE'           | '2018-1234' | true  | 'when external_type and external_id are equal'
      'CVE' | '2018-1234' | 'brakeman_code' | '2018-1234' | false | 'when external_type is different'