Commit 499527c6 authored by Avielle Wolfe's avatar Avielle Wolfe Committed by Nick Thomas

Clean up vulnerability findings actions

* Fix a spec giving false positive
* VulnerabilityFindingsActions -> ProjectVulnerabilityFindingsActions
    This captures that it contains the actions used on the project
    security dashboard
* VulnerabilityFindingsHistory -> ProjectsVulnerabilityFindingsActions
    This captures that it is/will be used on the group and instance
    security dashboards. It includes
    ProjectVulnerabilityFindingsAction and additionally adds the
    history action.
* Replace references to `group` with `vulnerable` in history cache
    classes. This reflects the upcoming use of those classes for
    the instance security dashboard.
parent d81f132a
# frozen_string_literal: true # frozen_string_literal: true
module VulnerabilityFindingsHistory module ProjectCollectionVulnerabilityFindingsActions
extend ActiveSupport::Concern extend ActiveSupport::Concern
include ProjectVulnerabilityFindingsActions
included do included do
def history def history
history_count = Gitlab::Vulnerabilities::History.new(group, filter_params).findings_counter history_count = Gitlab::Vulnerabilities::History.new(vulnerable, filter_params).findings_counter
respond_to do |format| respond_to do |format|
format.json do format.json do
......
# frozen_string_literal: true # frozen_string_literal: true
# The VulnerabilityFindingsActions concern contains actions that are used to populate findings # The ProjectVulnerabilityFindingsActions concern contains actions that are used to populate findings
# on security dashboards. # on security dashboards.
# #
# Note: Consumers of this module will need to define a `def vulnerable` method, which must return # Note: Consumers of this module will need to define a `def vulnerable` method, which must return
# an object with an interface that matches the one provided by the Vulnerable model concern. # an object with an interface that matches the one provided by the Vulnerable model concern.
module VulnerabilityFindingsActions module ProjectVulnerabilityFindingsActions
extend ActiveSupport::Concern extend ActiveSupport::Concern
def index def index
......
...@@ -3,8 +3,7 @@ ...@@ -3,8 +3,7 @@
class Groups::Security::VulnerabilitiesController < Groups::ApplicationController class Groups::Security::VulnerabilitiesController < Groups::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions include SecurityDashboardsPermissions
include VulnerabilityFindingsActions include ProjectCollectionVulnerabilityFindingsActions
include VulnerabilityFindingsHistory
alias_method :vulnerable, :group alias_method :vulnerable, :group
......
...@@ -3,8 +3,7 @@ ...@@ -3,8 +3,7 @@
class Groups::Security::VulnerabilityFindingsController < Groups::ApplicationController class Groups::Security::VulnerabilityFindingsController < Groups::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions include SecurityDashboardsPermissions
include VulnerabilityFindingsActions include ProjectCollectionVulnerabilityFindingsActions
include VulnerabilityFindingsHistory
alias_method :vulnerable, :group alias_method :vulnerable, :group
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
class Projects::Security::VulnerabilitiesController < Projects::ApplicationController class Projects::Security::VulnerabilitiesController < Projects::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions include SecurityDashboardsPermissions
include VulnerabilityFindingsActions include ProjectVulnerabilityFindingsActions
alias_method :vulnerable, :project alias_method :vulnerable, :project
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
class Projects::Security::VulnerabilityFindingsController < Projects::ApplicationController class Projects::Security::VulnerabilityFindingsController < Projects::ApplicationController
include VulnerabilitiesApiFeatureGate # must come first include VulnerabilitiesApiFeatureGate # must come first
include SecurityDashboardsPermissions include SecurityDashboardsPermissions
include VulnerabilityFindingsActions include ProjectVulnerabilityFindingsActions
alias_method :vulnerable, :project alias_method :vulnerable, :project
......
...@@ -5,12 +5,12 @@ require 'vulnerabilities/history_serializer' ...@@ -5,12 +5,12 @@ require 'vulnerabilities/history_serializer'
module Gitlab module Gitlab
module Vulnerabilities module Vulnerabilities
class History class History
attr_reader :group, :filters attr_reader :vulnerable, :filters
HISTORY_RANGE = 3.months HISTORY_RANGE = 3.months
def initialize(group, filters) def initialize(vulnerable, filters)
@group = group @vulnerable = vulnerable
@filters = filters @filters = filters
end end
...@@ -24,14 +24,14 @@ module Gitlab ...@@ -24,14 +24,14 @@ module Gitlab
private private
def vulnerability_findings def vulnerability_findings
::Security::VulnerabilityFindingsFinder.new(group, params: filters).execute(:all) ::Security::VulnerabilityFindingsFinder.new(vulnerable, params: filters).execute(:all)
end end
def cached_vulnerability_history def cached_vulnerability_history
history = { undefined: {}, info: {}, unknown: {}, low: {}, medium: {}, high: {}, critical: {}, total: {} } history = { undefined: {}, info: {}, unknown: {}, low: {}, medium: {}, high: {}, critical: {}, total: {} }
project_ids_to_fetch.each do |project_id| project_ids_to_fetch.each do |project_id|
project_history = Gitlab::Vulnerabilities::HistoryCache.new(group, project_id).fetch(HISTORY_RANGE) project_history = Gitlab::Vulnerabilities::HistoryCache.new(vulnerable, project_id).fetch(HISTORY_RANGE)
history.each do |key, value| history.each do |key, value|
value.merge!(project_history[key]) { |k, aggregate, project_count| aggregate + project_count } value.merge!(project_history[key]) { |k, aggregate, project_count| aggregate + project_count }
end end
...@@ -56,7 +56,7 @@ module Gitlab ...@@ -56,7 +56,7 @@ module Gitlab
def project_ids_to_fetch def project_ids_to_fetch
return filters[:project_id] if filters.key?('project_id') return filters[:project_id] if filters.key?('project_id')
group.project_ids_with_security_reports vulnerable.project_ids_with_security_reports
end end
end end
end end
......
...@@ -3,17 +3,17 @@ ...@@ -3,17 +3,17 @@
module Gitlab module Gitlab
module Vulnerabilities module Vulnerabilities
class HistoryCache class HistoryCache
attr_reader :group, :project_id attr_reader :vulnerable, :project_id
def initialize(group, project_id) def initialize(vulnerable, project_id)
@group = group @vulnerable = vulnerable
@project_id = project_id @project_id = project_id
end end
def fetch(range, force: false) def fetch(range, force: false)
Rails.cache.fetch(cache_key, force: force, expires_in: 1.day) do Rails.cache.fetch(cache_key, force: force, expires_in: 1.day) do
findings = ::Security::VulnerabilityFindingsFinder findings = ::Security::VulnerabilityFindingsFinder
.new(group, params: { project_id: [project_id] }) .new(vulnerable, params: { project_id: [project_id] })
.execute(:all) .execute(:all)
.count_by_day_and_severity(range) .count_by_day_and_severity(range)
::Vulnerabilities::HistorySerializer.new.represent(findings) ::Vulnerabilities::HistorySerializer.new.represent(findings)
......
...@@ -10,7 +10,7 @@ describe Groups::Security::VulnerabilitiesController do ...@@ -10,7 +10,7 @@ describe Groups::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is enabled this controller is not, # when new Vulnerability Findings API is enabled this controller is not,
# its actions are "moved" Groups::Security::VulnerabilityFindingsController # its actions are "moved" Groups::Security::VulnerabilityFindingsController
it_behaves_like 'VulnerabilityFindingsActions disabled' do it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { group } let(:vulnerable) { group }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
...@@ -29,7 +29,7 @@ describe Groups::Security::VulnerabilitiesController do ...@@ -29,7 +29,7 @@ describe Groups::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is disabled, we fall back to this controller # when new Vulnerability Findings API is disabled, we fall back to this controller
it_behaves_like VulnerabilityFindingsActions do it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { group } let(:vulnerable) { group }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
......
...@@ -9,7 +9,7 @@ describe Groups::Security::VulnerabilityFindingsController do ...@@ -9,7 +9,7 @@ describe Groups::Security::VulnerabilityFindingsController do
# when new Vulnerability Findings API is enabled, this controller is enabled as well # when new Vulnerability Findings API is enabled, this controller is enabled as well
it_behaves_like VulnerabilityFindingsActions do it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { group } let(:vulnerable) { group }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
...@@ -29,7 +29,7 @@ describe Groups::Security::VulnerabilityFindingsController do ...@@ -29,7 +29,7 @@ describe Groups::Security::VulnerabilityFindingsController do
# when new Vulnerability Findings API is disabled, this controller is disabled as well # when new Vulnerability Findings API is disabled, this controller is disabled as well
# and its actions are "moved" to Groups::Security::VulnerabilitiesController # and its actions are "moved" to Groups::Security::VulnerabilitiesController
it_behaves_like 'VulnerabilityFindingsActions disabled' do it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { group } let(:vulnerable) { group }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
......
...@@ -9,7 +9,7 @@ describe Projects::Security::VulnerabilitiesController do ...@@ -9,7 +9,7 @@ describe Projects::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is enabled, this controller is not # when new Vulnerability Findings API is enabled, this controller is not
# and its actions are "moved" to Projects::Security::VulnerabilityFindingsController # and its actions are "moved" to Projects::Security::VulnerabilityFindingsController
it_behaves_like 'VulnerabilityFindingsActions disabled' do it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { project } let(:vulnerable) { project }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
...@@ -26,7 +26,7 @@ describe Projects::Security::VulnerabilitiesController do ...@@ -26,7 +26,7 @@ describe Projects::Security::VulnerabilitiesController do
# when new Vulnerability Findings API is disabled, we fall back to this controller # when new Vulnerability Findings API is disabled, we fall back to this controller
it_behaves_like VulnerabilityFindingsActions do it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { project } let(:vulnerable) { project }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
......
...@@ -8,7 +8,7 @@ describe Projects::Security::VulnerabilityFindingsController do ...@@ -8,7 +8,7 @@ describe Projects::Security::VulnerabilityFindingsController do
# when new Vulnerability Findings API is enabled, this controller serves it # when new Vulnerability Findings API is enabled, this controller serves it
it_behaves_like VulnerabilityFindingsActions do it_behaves_like ProjectVulnerabilityFindingsActions do
let(:vulnerable) { project } let(:vulnerable) { project }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
...@@ -26,7 +26,7 @@ describe Projects::Security::VulnerabilityFindingsController do ...@@ -26,7 +26,7 @@ describe Projects::Security::VulnerabilityFindingsController do
# new Vulnerability Findings API is disabled and we fall back to # new Vulnerability Findings API is disabled and we fall back to
# Projects::Security::VulnerabilitiesController # Projects::Security::VulnerabilitiesController
it_behaves_like 'VulnerabilityFindingsActions disabled' do it_behaves_like 'ProjectVulnerabilityFindingsActions disabled' do
let(:vulnerable) { project } let(:vulnerable) { project }
let(:vulnerable_params) { params } let(:vulnerable_params) { params }
end end
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
require 'spec_helper' require 'spec_helper'
shared_examples 'VulnerabilityFindingsActions disabled' do shared_examples 'ProjectVulnerabilityFindingsActions disabled' do
include ApiHelpers include ApiHelpers
include VulnerableHelpers include VulnerableHelpers
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
require 'spec_helper' require 'spec_helper'
shared_examples VulnerabilityFindingsActions do shared_examples ProjectVulnerabilityFindingsActions do
include ApiHelpers include ApiHelpers
include VulnerableHelpers include VulnerableHelpers
...@@ -140,12 +140,12 @@ shared_examples VulnerabilityFindingsActions do ...@@ -140,12 +140,12 @@ shared_examples VulnerabilityFindingsActions do
end end
context 'with enabled filters' do context 'with enabled filters' do
let(:action_params) { vulnerable_params.merge(report_type: %w[sast dast], severity: %[high low]) } let(:action_params) { vulnerable_params.merge(report_type: %w[sast dast], severity: %w[high low]) }
it 'returns counts for filtered vulnerability findings' do it 'returns counts for filtered vulnerability findings' do
expect(json_response['high']).to eq(3) expect(json_response['high']).to eq(3)
expect(json_response['low']).to eq(0) expect(json_response['low']).to eq(0)
expect(json_response['medium']).to eq(2) expect(json_response['medium']).to eq(0)
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment