Commit 9381ae41 authored by Lin Jen-Shin's avatar Lin Jen-Shin

Merge branch '34564-move-vulnerability-entity-to-api' into 'master'

Move VulnerabilityEntity to API entities

See merge request gitlab-org/gitlab!19704
parents bf6ba3a2 cdb73626
# frozen_string_literal: true
class VulnerabilityEntity < Grape::Entity
expose :id
expose :title
expose :description
expose :state
expose :severity
expose :confidence
expose :report_type
expose :project, using: ::ProjectEntity
expose :author_id
expose :updated_by_id
expose :last_edited_by_id
expose :closed_by_id
expose :start_date
expose :due_date
expose :created_at
expose :updated_at
expose :last_edited_at
expose :closed_at
end
...@@ -26,7 +26,7 @@ module API ...@@ -26,7 +26,7 @@ module API
def render_vulnerability(vulnerability) def render_vulnerability(vulnerability)
if vulnerability.valid? if vulnerability.valid?
present vulnerability, with: VulnerabilityEntity present vulnerability, with: EE::API::Entities::Vulnerability
else else
render_validation_error!(vulnerability) render_validation_error!(vulnerability)
end end
...@@ -53,7 +53,7 @@ module API ...@@ -53,7 +53,7 @@ module API
end end
desc 'Resolve a vulnerability' do desc 'Resolve a vulnerability' do
success VulnerabilityEntity success EE::API::Entities::Vulnerability
end end
post ':id/resolve' do post ':id/resolve' do
vulnerability = find_and_authorize_vulnerability!(:resolve_vulnerability) vulnerability = find_and_authorize_vulnerability!(:resolve_vulnerability)
...@@ -64,7 +64,7 @@ module API ...@@ -64,7 +64,7 @@ module API
end end
desc 'Dismiss a vulnerability' do desc 'Dismiss a vulnerability' do
success VulnerabilityEntity success EE::API::Entities::Vulnerability
end end
post ':id/dismiss' do post ':id/dismiss' do
vulnerability = find_and_authorize_vulnerability!(:dismiss_vulnerability) vulnerability = find_and_authorize_vulnerability!(:dismiss_vulnerability)
...@@ -80,7 +80,7 @@ module API ...@@ -80,7 +80,7 @@ module API
end end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
desc 'Get a list of project vulnerabilities' do desc 'Get a list of project vulnerabilities' do
success VulnerabilityEntity success EE::API::Entities::Vulnerability
end end
get ':id/vulnerabilities' do get ':id/vulnerabilities' do
authorize! :read_project_security_dashboard, user_project authorize! :read_project_security_dashboard, user_project
...@@ -89,7 +89,7 @@ module API ...@@ -89,7 +89,7 @@ module API
vulnerabilities_by(user_project) vulnerabilities_by(user_project)
) )
present vulnerabilities, with: VulnerabilityEntity present vulnerabilities, with: EE::API::Entities::Vulnerability
end end
end end
end end
......
...@@ -895,6 +895,32 @@ module EE ...@@ -895,6 +895,32 @@ module EE
expose :updated_at expose :updated_at
expose :scopes, using: Scope expose :scopes, using: Scope
end end
class Vulnerability < Grape::Entity
expose :id
expose :title
expose :description
expose :state
expose :severity
expose :confidence
expose :report_type
expose :project, using: ::API::Entities::ProjectIdentity
expose :author_id
expose :updated_by_id
expose :last_edited_by_id
expose :closed_by_id
expose :start_date
expose :due_date
expose :created_at
expose :updated_at
expose :last_edited_at
expose :closed_at
end
end end
end end
end end
...@@ -13,16 +13,7 @@ ...@@ -13,16 +13,7 @@
}, },
"confidence": { "confidence": {
"type": "string", "type": "string",
"enum": [ "enum": ["undefined", "ignore", "unknown", "experimental", "low", "medium", "high", "confirmed"]
"undefined",
"ignore",
"unknown",
"experimental",
"low",
"medium",
"high",
"confirmed"
]
}, },
"report_type": { "report_type": {
"type": "string", "type": "string",
...@@ -34,19 +25,14 @@ ...@@ -34,19 +25,14 @@
] ]
}, },
"project": { "project": {
"required": ["id", "name", "full_path", "full_name"], "required": ["id", "name", "name_with_namespace", "description", "path", "path_with_namespace", "created_at"],
"id": { "id": { "type": "integer" },
"type": "integer" "name": { "type": "string" },
}, "name_with_namespace": { "type": "string" },
"name": { "description": { "type": ["string", "null"] },
"type": "string" "path": { "type": "string" },
}, "path_with_namespace": { "type": "string" },
"full_path": { "created_at": { "type": "date" }
"type": "string"
},
"full_name": {
"type": "string"
}
}, },
"author_id": { "type": "integer" }, "author_id": { "type": "integer" },
"updated_by_id": { "type": ["integer", "null"] }, "updated_by_id": { "type": ["integer", "null"] },
......
...@@ -63,7 +63,7 @@ describe API::Vulnerabilities do ...@@ -63,7 +63,7 @@ describe API::Vulnerabilities do
expect(response).to have_gitlab_http_status(200) expect(response).to have_gitlab_http_status(200)
expect(response).to include_pagination_headers expect(response).to include_pagination_headers
expect(response).to match_response_schema('vulnerability_list', dir: 'ee') expect(response).to match_response_schema('public_api/v4/vulnerabilities', dir: 'ee')
expect(response.headers['X-Total']).to eq project.vulnerabilities.count.to_s expect(response.headers['X-Total']).to eq project.vulnerabilities.count.to_s
end end
...@@ -134,7 +134,7 @@ describe API::Vulnerabilities do ...@@ -134,7 +134,7 @@ describe API::Vulnerabilities do
dismiss_vulnerability dismiss_vulnerability
expect(response).to have_gitlab_http_status(201) expect(response).to have_gitlab_http_status(201)
expect(response).to match_response_schema('vulnerability', dir: 'ee') expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
expect(vulnerability.reload).to( expect(vulnerability.reload).to(
have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now))) have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))
...@@ -208,7 +208,7 @@ describe API::Vulnerabilities do ...@@ -208,7 +208,7 @@ describe API::Vulnerabilities do
resolve_vulnerability resolve_vulnerability
expect(response).to have_gitlab_http_status(201) expect(response).to have_gitlab_http_status(201)
expect(response).to match_response_schema('vulnerability', dir: 'ee') expect(response).to match_response_schema('public_api/v4/vulnerability', dir: 'ee')
expect(vulnerability.reload).to( expect(vulnerability.reload).to(
have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now))) have_attributes(state: 'closed', closed_by: user, closed_at: be_like_time(Time.zone.now)))
......
# frozen_string_literal: true
require 'spec_helper'
describe VulnerabilityEntity do
let(:vulnerability) do
create(:vulnerability)
end
let(:entity) do
described_class.represent(vulnerability)
end
subject { entity.to_json }
it { is_expected.to match_schema('vulnerability', dir: 'ee') }
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment