Add missing validations to DAST models

Adds model-level constraints to reflect database constraints.

Add missing validations to DAST models
Adds model-level constraints to reflect database constraints.
86147808 · Philip Cunningham · charlie ablett · 8f792928 · 86147808 · 86147808
Commit 86147808 authored Feb 16, 2021 by Philip Cunningham Committed by charlie ablett Feb 16, 2021
6 changed files
--- a/ee/app/models/dast/profile.rb
+++ b/ee/app/models/dast/profile.rb
@@ -9,10 +9,11 @@ module Dast
    belongs_to :dast_scanner_profile

    validates :description, length: { maximum: 255 }
-    validates :name, length: { maximum: 255 }, uniqueness: { scope: :project_id }
+    validates :name, length: { maximum: 255 }, uniqueness: { scope: :project_id }, presence: true
    validates :project_id, :dast_site_profile_id, :dast_scanner_profile_id, presence: true

    validate :project_ids_match
+    validate :description_not_nil

    scope :by_project_id, -> (project_id) do
      where(project_id: project_id)
@@ -25,6 +26,10 @@ module Dast
      association_project_id_matches(dast_scanner_profile)
    end

+    def description_not_nil
+      errors.add(:description, 'can\'t be nil') if description.nil?
+    end
+
    def association_project_id_matches(association)
      return if association.nil?


--- a/ee/app/models/dast_scanner_profile.rb
+++ b/ee/app/models/dast_scanner_profile.rb
@@ -4,7 +4,7 @@ class DastScannerProfile < ApplicationRecord
  belongs_to :project

  validates :project_id, presence: true
-  validates :name, length: { maximum: 255 }, uniqueness: { scope: :project_id }
+  validates :name, length: { maximum: 255 }, uniqueness: { scope: :project_id }, presence: true

  scope :project_id_in, -> (project_ids) { where(project_id: project_ids) }


--- a/ee/app/models/dast_site_profile.rb
+++ b/ee/app/models/dast_site_profile.rb
@@ -4,7 +4,7 @@ class DastSiteProfile < ApplicationRecord
  belongs_to :project
  belongs_to :dast_site

-  validates :name, length: { maximum: 255 }, uniqueness: { scope: :project_id }
+  validates :name, length: { maximum: 255 }, uniqueness: { scope: :project_id }, presence: true
  validates :project_id, :dast_site_id, presence: true
  validate :dast_site_project_id_fk


--- a/ee/spec/models/dast/profile_spec.rb
+++ b/ee/spec/models/dast/profile_spec.rb
@@ -19,6 +19,7 @@ RSpec.describe Dast::Profile, type: :model do
    it { is_expected.to validate_presence_of(:project_id) }
    it { is_expected.to validate_presence_of(:dast_site_profile_id) }
    it { is_expected.to validate_presence_of(:dast_scanner_profile_id) }
+    it { is_expected.to validate_presence_of(:name) }

    context 'when the project_id and dast_site_profile.project_id do not match' do
      let(:project) { create(:project) }
@@ -47,6 +48,17 @@ RSpec.describe Dast::Profile, type: :model do
        end
      end
    end
+
+    context 'when the description is nil' do
+      subject { build(:dast_profile, description: nil) }
+
+      it 'is not valid' do
+        aggregate_failures do
+          expect(subject.valid?).to be_falsey
+          expect(subject.errors.full_messages).to include('Description can\'t be nil')
+        end
+      end
+    end
  end

  describe 'scopes' do

--- a/ee/spec/models/dast_scanner_profile_spec.rb
+++ b/ee/spec/models/dast_scanner_profile_spec.rb
@@ -14,6 +14,7 @@ RSpec.describe DastScannerProfile, type: :model do
    it { is_expected.to validate_length_of(:name).is_at_most(255) }
    it { is_expected.to validate_uniqueness_of(:name).scoped_to(:project_id) }
    it { is_expected.to validate_presence_of(:project_id) }
+    it { is_expected.to validate_presence_of(:name) }
  end

  describe 'scopes' do

--- a/ee/spec/models/dast_site_profile_spec.rb
+++ b/ee/spec/models/dast_site_profile_spec.rb
@@ -16,6 +16,7 @@ RSpec.describe DastSiteProfile, type: :model do
    it { is_expected.to validate_uniqueness_of(:name).scoped_to(:project_id) }
    it { is_expected.to validate_presence_of(:project_id) }
    it { is_expected.to validate_presence_of(:dast_site_id) }
+    it { is_expected.to validate_presence_of(:name) }

    context 'when the project_id and dast_site.project_id do not match' do
      let(:project) { create(:project) }