Check that all properties are returned correctly

7c5a5558 · Michał Zając · c0f4f041 · 7c5a5558 · 7c5a5558 · 7c5a5558
Commit 7c5a5558 authored Mar 30, 2020 by Michał Zając
3 changed files
--- a/ee/spec/factories/vulnerabilities.rb
+++ b/ee/spec/factories/vulnerabilities.rb
@@ -43,12 +43,20 @@ FactoryBot.define do

    trait :with_findings do
      after(:build) do |vulnerability|
-        vulnerability.findings = build_list(
+        occurrences_with_solution = build_list(
          :vulnerabilities_occurrence,
          2,
          vulnerability: vulnerability,
          report_type: vulnerability.report_type,
          project: vulnerability.project)
+        occurrences_with_remediation = build_list(
+          :vulnerabilities_occurrence,
+          2,
+          :with_remediation,
+          vulnerability: vulnerability,
+          report_type: vulnerability.report_type,
+          project: vulnerability.project)
+        vulnerability.findings = occurrences_with_solution + occurrences_with_remediation
      end
    end


--- a/ee/spec/factories/vulnerabilities/occurrences.rb
+++ b/ee/spec/factories/vulnerabilities/occurrences.rb
@@ -69,6 +69,19 @@ FactoryBot.define do
      end
    end

+    trait :with_remediation do
+      after(:build) do |finding|
+        raw_metadata = JSON.parse(finding.raw_metadata)
+        raw_metadata.delete(:solution)
+        raw_metadata[:remediations] = [
+          {
+            summary: "Use GCM mode which includes HMAC in the resulting encrypted data, providing integrity of the result."
+          }
+        ]
+        finding.raw_metadata = raw_metadata.to_json
+      end
+    end
+
    ::Vulnerabilities::Occurrence::REPORT_TYPES.keys.each do |security_report_type|
      trait security_report_type do
        report_type { security_report_type }

--- a/ee/spec/helpers/ee/vulnerabilities_helper_spec.rb
+++ b/ee/spec/helpers/ee/vulnerabilities_helper_spec.rb
@@ -57,21 +57,30 @@ describe VulnerabilitiesHelper do

    subject { helper.vulnerability_finding_data(finding) }

-    it 'returns finding information' do
-      puts finding.to_json
-      expect(subject[:name]).not_to be_nil
-      expect(subject[:description]).not_to be_nil
+    it "returns finding information" do
      expect(subject).to include(
-        :solution => finding.solution,
-        :remediation => nil,
-        :issue_feedback => finding.issue_feedback,
-        :project => finding.project,
-        :description => finding.description,
-        :identifiers => finding.identifiers,
-        :links => finding.links,
-        :location => finding.location,
-        :name => finding.name
+        description: finding.description,
+        identifiers: finding.identifiers,
+        links: finding.links,
+        location: finding.location,
+        name: finding.name
      )
    end
+
+    context "when finding has a remediations key" do
+      let(:finding) { vulnerability.findings.select { |finding| finding.raw_metadata.include?("remediations") }.first }
+
+      it "uses the first remediation summary" do
+        expect(subject[:solution]).to start_with "Use GCM mode"
+      end
+    end
+
+    context "when finding has a solution key" do
+      let(:finding) { vulnerability.findings.select { |finding| finding.raw_metadata.include?("solution") }.first }
+
+      it "uses the solution key" do
+        expect(subject[:solution]).to start_with "GCM mode"
+      end
+    end
  end
 end