Remove endpoint response code

This also removed unnecessary validation code and code that pulls the finding from the vulnerability id

Remove endpoint response code
This also removed unnecessary validation code and code that pulls the finding from the vulnerability id
865c5617 · Jonathan Schafer · e52e99bb · 865c5617 · 865c5617 · 865c5617
Commit 865c5617 authored Dec 10, 2020 by Jonathan Schafer
8 changed files
--- a/ee/app/models/vulnerabilities/feedback.rb
+++ b/ee/app/models/vulnerabilities/feedback.rb
@@ -46,7 +46,6 @@ module Vulnerabilities

    def self.find_or_init_for(feedback_params)
      validate_enums(feedback_params)
-      validate_finding_uuid(feedback_params[:finding_uuid]) if feedback_params[:finding_uuid]

      record = find_or_initialize_by(feedback_params.slice(:category, :feedback_type, :project_fingerprint))
      record.assign_attributes(feedback_params)
@@ -66,10 +65,6 @@ module Vulnerabilities
      end
    end

-    def self.validate_finding_uuid(finding_uuid)
-      raise ArgumentError.new("No finding with the UUID '#{finding_uuid}'") if Vulnerabilities::Finding.where(uuid: finding_uuid).blank?
-    end
-
    def self.with_category(category)
      where(category: category)
    end

--- a/ee/app/serializers/vulnerabilities/feedback_entity.rb
+++ b/ee/app/serializers/vulnerabilities/feedback_entity.rb
@@ -47,7 +47,6 @@ class Vulnerabilities::FeedbackEntity < Grape::Entity
    feedback&.pipeline&.ref
  end
  expose :project_fingerprint
-  expose :finding_uuid

  alias_method :feedback, :object


--- a/ee/app/services/vulnerability_feedback/create_service.rb
+++ b/ee/app/services/vulnerability_feedback/create_service.rb
@@ -15,10 +15,6 @@ module VulnerabilityFeedback
        dismiss_existing_vulnerability
      end

-      if !vulnerability_feedback.vulnerability_data.blank? && vulnerability_feedback.vulnerability_data[:vulnerability_id]
-        vulnerability_feedback.finding_uuid = Vulnerability.find(vulnerability_feedback.vulnerability_data[:vulnerability_id]).finding.uuid
-      end
-
      if vulnerability_feedback.persisted? && vulnerability_feedback.valid?
        success(vulnerability_feedback)
      else

--- a/ee/changelogs/unreleased/277133-insert-finding_uuid-values-into-the-vulnerability_feedback-whil.yml
+++ b/ee/changelogs/unreleased/277133-insert-finding_uuid-values-into-the-vulnerability_feedback-whil.yml
+---
+title: Insert finding_uuid value into vulnerability_feedback when creating records
+merge_request: 49408
+author:
+type: changed
--- a/ee/spec/fixtures/api/schemas/vulnerability_feedback.json
+++ b/ee/spec/fixtures/api/schemas/vulnerability_feedback.json
@@ -36,8 +36,7 @@
    },
    "project_fingerprint": { "type": "string" },
    "branch": { "type": ["string", "null"] },
-    "destroy_vulnerability_feedback_dismissal_path": { "type": "string" },
-    "finding_uuid": { "type": ["string", "null"] }
+    "destroy_vulnerability_feedback_dismissal_path": { "type": "string" }
  },
  "additionalProperties": false
 }
--- a/ee/spec/models/vulnerabilities/feedback_spec.rb
+++ b/ee/spec/models/vulnerabilities/feedback_spec.rb
@@ -283,14 +283,26 @@ RSpec.describe Vulnerabilities::Feedback do

        subject(:feedback) { described_class.find_or_init_for(feedback_params_with_finding) }

-        it 'validates and sets finding_uuid' do
-          feedback_params[:finding_uuid] = finding.uuid
+        it 'sets finding_uuid' do
          feedback.save!

          expect(feedback.finding_uuid).to eq(finding.uuid)
        end
      end

+      context 'when the finding_uuid provided is nil' do
+        let(:finding) { create(:vulnerabilities_finding) }
+        let(:feedback_params_with_finding) { feedback_params.merge(finding_uuid: nil) }
+
+        subject(:feedback) { described_class.find_or_init_for(feedback_params_with_finding) }
+
+        it 'sets finding_uuid as nil' do
+          feedback.save!
+
+          expect(feedback.finding_uuid).to be_nil
+        end
+      end
+
      context 'when attempting to save duplicate' do
        it 'raises ActiveRecord::RecordInvalid' do
          duplicate = described_class.find_or_init_for(feedback_params)
@@ -315,13 +327,6 @@ RSpec.describe Vulnerabilities::Feedback do

        expect { described_class.find_or_init_for(feedback_params) }.to raise_error(ArgumentError, /category/)
      end
-
-      it 'raises ArgumentError when given a bad finding UUID' do
-        create(:vulnerabilities_finding, uuid: 'bar')
-        feedback_params[:finding_uuid] = 'foo'
-
-        expect { described_class.find_or_init_for(feedback_params) }.to raise_error(ArgumentError, /finding with the UUID/)
-      end
    end
  end


--- a/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
+++ b/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
@@ -167,21 +167,4 @@ RSpec.describe Vulnerabilities::FeedbackEntity do
      expect(subject[:comment_details]).to include(:comment_author)
    end
  end
-
-  context 'when finding_uuid is not present' do
-    let(:feedback) { build(:vulnerability_feedback, :issue, project: project) }
-
-    it 'has a nil finding_uuid' do
-      expect(subject[:finding_uuid]).to be_nil
-    end
-  end
-
-  context 'when finding_uuid is present' do
-    let_it_be(:finding) { create(:vulnerabilities_finding) }
-    let(:feedback) { create(:vulnerability_feedback, finding_uuid: finding.uuid, project: project) }
-
-    it 'exposes finding_uuid' do
-      expect(subject[:finding_uuid]).to eq(finding.uuid)
-    end
-  end
 end
--- a/ee/spec/services/vulnerability_feedback/create_service_spec.rb
+++ b/ee/spec/services/vulnerability_feedback/create_service_spec.rb
@@ -172,6 +172,7 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do
        expect(feedback.issue).to be_an(Issue)
        expect(feedback.for_merge_request?).to eq(false)
        expect(feedback.merge_request).to be_nil
+        expect(feedback.finding_uuid).to be_nil
      end

      it 'updates the feedback when it already exists' do
@@ -219,7 +220,6 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do
          it 'creates the feedback' do
            expect(result[:status]).to eq(:success)
            expect(result[:vulnerability_feedback]).to be_persisted
-            expect(result[:vulnerability_feedback].finding_uuid).to be_nil
          end
        end

@@ -276,10 +276,6 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do
            expect(result[:vulnerability_feedback]).to be_persisted
          end

-          it 'sets the finding_uuid' do
-            expect(result[:vulnerability_feedback].finding_uuid).to eq(vulnerability.finding.uuid)
-          end
-
          context 'when issue link is already created' do
            context 'when feedback does not exist' do
              let!(:issue_link) { create(:vulnerabilities_issue_link, :created, vulnerability: vulnerability) }
@@ -394,6 +390,21 @@ RSpec.describe VulnerabilityFeedback::CreateService, '#execute' do
        expect(branches.length).to eq 1
      end
    end
+
+    context 'when finding_uuid is provided' do
+      let(:vulnerability) { create(:vulnerability, :with_findings, project: project) }
+      let(:result) do
+        described_class.new(
+          project,
+          user,
+          feedback_params.merge(finding_uuid: vulnerability.finding.uuid)
+        ).execute
+      end
+
+      it 'sets the finding_uuid' do
+        expect(result[:vulnerability_feedback].finding_uuid).to eq(vulnerability.finding.uuid)
+      end
+    end
  end

  context 'when feedback exists' do