Merge branch 'generalise-auth-hooks-for-dast-on-demand-scans-232348' into 'master'

Generalise auth hooks for DAST On-Demand Scans See merge request gitlab-org/gitlab!39936

Merge branch 'generalise-auth-hooks-for-dast-on-demand-scans-232348' into 'master'
Generalise auth hooks for DAST On-Demand Scans See merge request gitlab-org/gitlab!39936
6d825787 · Ash McKenzie · f48d8124 · 4e7ac11c · 6d825787 · 6d825787
Commit 6d825787 authored Aug 24, 2020 by Ash McKenzie
6 changed files
--- a/app/graphql/mutations/concerns/mutations/authorizes_project.rb
+++ b/app/graphql/mutations/concerns/mutations/authorizes_project.rb
+# frozen_string_literal: true
+
+module Mutations
+  module AuthorizesProject
+    include ResolvesProject
+
+    def authorized_find_project!(full_path:)
+      authorized_find!(full_path: full_path)
+    end
+
+    private
+
+    def find_object(full_path:)
+      resolve_project(full_path: full_path)
+    end
+  end
+end
--- a/ee/app/graphql/mutations/dast_on_demand_scans/create.rb
+++ b/ee/app/graphql/mutations/dast_on_demand_scans/create.rb
@@ -5,7 +5,7 @@ module Mutations
    class Create < BaseMutation
      InvalidGlobalID = Class.new(StandardError)

-      include ResolvesProject
+      include AuthorizesProject

      graphql_name 'DastOnDemandScanCreate'

@@ -24,7 +24,7 @@ module Mutations
      authorize :create_on_demand_dast_scan

      def resolve(full_path:, dast_site_profile_id:)
-        project = authorized_find!(full_path: full_path)
+        project = authorized_find_project!(full_path: full_path)

        dast_site_profile = find_dast_site_profile(project: project, dast_site_profile_id: dast_site_profile_id)
        dast_site = dast_site_profile.dast_site
@@ -41,10 +41,6 @@ module Mutations

      private

-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
-
      def find_dast_site_profile(project:, dast_site_profile_id:)
        project
          .dast_site_profiles

--- a/ee/app/graphql/mutations/dast_scanner_profiles/create.rb
+++ b/ee/app/graphql/mutations/dast_scanner_profiles/create.rb
@@ -3,7 +3,7 @@
 module Mutations
  module DastScannerProfiles
    class Create < BaseMutation
-      include ResolvesProject
+      include AuthorizesProject

      graphql_name 'DastScannerProfileCreate'

@@ -30,7 +30,7 @@ module Mutations
      authorize :create_on_demand_dast_scan

      def resolve(full_path:, profile_name:, spider_timeout: nil, target_timeout: nil)
-        project = authorized_find!(full_path: full_path)
+        project = authorized_find_project!(full_path: full_path)

        service = ::DastScannerProfiles::CreateService.new(project, current_user)
        result = service.execute(name: profile_name, spider_timeout: spider_timeout, target_timeout: target_timeout)
@@ -41,12 +41,6 @@ module Mutations
          { errors: result.errors }
        end
      end
-
-      private
-
-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
    end
  end
 end
--- a/ee/app/graphql/mutations/dast_site_profiles/create.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/create.rb
@@ -3,7 +3,7 @@
 module Mutations
  module DastSiteProfiles
    class Create < BaseMutation
-      include ResolvesProject
+      include AuthorizesProject

      graphql_name 'DastSiteProfileCreate'

@@ -26,7 +26,7 @@ module Mutations
      authorize :create_on_demand_dast_scan

      def resolve(full_path:, profile_name:, target_url: nil)
-        project = authorized_find!(full_path: full_path)
+        project = authorized_find_project!(full_path: full_path)

        service = ::DastSiteProfiles::CreateService.new(project, current_user)
        result = service.execute(name: profile_name, target_url: target_url)
@@ -37,12 +37,6 @@ module Mutations
          { errors: result.errors }
        end
      end
-
-      private
-
-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
    end
  end
 end
--- a/ee/app/graphql/mutations/dast_site_profiles/delete.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/delete.rb
@@ -3,7 +3,7 @@
 module Mutations
  module DastSiteProfiles
    class Delete < BaseMutation
-      include ResolvesProject
+      include AuthorizesProject

      graphql_name 'DastSiteProfileDelete'

@@ -18,7 +18,7 @@ module Mutations
      authorize :create_on_demand_dast_scan

      def resolve(full_path:, id:)
-        project = authorized_find!(full_path: full_path)
+        project = authorized_find_project!(full_path: full_path)
        dast_site_profile = find_dast_site_profile(project: project, global_id: id)

        return { errors: dast_site_profile.errors.full_messages } unless dast_site_profile.destroy
@@ -28,10 +28,6 @@ module Mutations

      private

-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
-
      def find_dast_site_profile(project:, global_id:)
        project.dast_site_profiles.find(global_id.model_id)
      end

--- a/ee/app/graphql/mutations/dast_site_profiles/update.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/update.rb
@@ -3,7 +3,7 @@
 module Mutations
  module DastSiteProfiles
    class Update < BaseMutation
-      include ResolvesProject
+      include AuthorizesProject

      graphql_name 'DastSiteProfileUpdate'

@@ -30,7 +30,7 @@ module Mutations
      authorize :create_on_demand_dast_scan

      def resolve(full_path:, **service_args)
-        project = authorized_find!(full_path: full_path)
+        project = authorized_find_project!(full_path: full_path)

        service = ::DastSiteProfiles::UpdateService.new(project, current_user)
        result = service.execute(service_args)
@@ -41,12 +41,6 @@ module Mutations
          { errors: result.errors }
        end
      end
-
-      private
-
-      def find_object(full_path:)
-        resolve_project(full_path: full_path)
-      end
    end
  end
 end