Commit 49d11485 authored by Aleksei Lipniagov's avatar Aleksei Lipniagov

Merge branch '343843-prevent-update' into 'master'

Does not update persisted feedback when dismissing existing vulnerability

See merge request gitlab-org/gitlab!73311
parents 93310098 18861c42
...@@ -134,9 +134,11 @@ module VulnerabilityFeedback ...@@ -134,9 +134,11 @@ module VulnerabilityFeedback
dismiss_findings: false).execute dismiss_findings: false).execute
end end
unless vulnerability_feedback.persisted?
raise ActiveRecord::Rollback unless vulnerability_feedback.save raise ActiveRecord::Rollback unless vulnerability_feedback.save
end end
end end
end
def existing_vulnerability def existing_vulnerability
strong_memoize(:existing_vulnerability) { vulnerability_feedback.finding&.vulnerability } strong_memoize(:existing_vulnerability) { vulnerability_feedback.finding&.vulnerability }
......
...@@ -146,6 +146,19 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do ...@@ -146,6 +146,19 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do
end end
end end
end end
context 'when we already have persisted feedback' do
let!(:feedback) do
create(:vulnerability_feedback, :dismissal,
project: project,
pipeline: pipeline,
project_fingerprint: project_fingerprint)
end
it 'does not update the feedback' do
expect { result }.not_to change { feedback.reload.updated_at }
end
end
end end
context 'when feedback_type is issue' do context 'when feedback_type is issue' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment