Commit 99f2e6ba authored by Dylan Griffith's avatar Dylan Griffith

Merge branch 'add_severity_levels_as_optional_to_api_entity' into 'master'

Add severity_levels as optional

See merge request gitlab-org/gitlab!67067
parents 5b98a5e7 49822c55
...@@ -14,6 +14,7 @@ module API ...@@ -14,6 +14,7 @@ module API
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule' optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule' optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule' optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule'
optional :severity_levels, type: Array[String], desc: 'The security levels to be considered by the approval rule'
end end
params :update_project_approval_rule do params :update_project_approval_rule do
...@@ -26,6 +27,7 @@ module API ...@@ -26,6 +27,7 @@ module API
optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed' optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule' optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule' optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule'
optional :severity_levels, type: Array[String], desc: 'The security levels to be considered by the approval rule'
end end
params :delete_project_approval_rule do params :delete_project_approval_rule do
......
...@@ -11,6 +11,7 @@ module EE ...@@ -11,6 +11,7 @@ module EE
expose :approvers, using: ::API::Entities::UserBasic, override: true expose :approvers, using: ::API::Entities::UserBasic, override: true
expose :scanners, override: true expose :scanners, override: true
expose :vulnerabilities_allowed, override: true expose :vulnerabilities_allowed, override: true
expose :severity_levels, override: true
end end
end end
end end
......
...@@ -40,7 +40,13 @@ ...@@ -40,7 +40,13 @@
"type": "string" "type": "string"
} }
}, },
"vulnerabilities_allowed": { "type": "integer" } "vulnerabilities_allowed": { "type": "integer" },
"severity_levels":{
"type": "array",
"items": {
"type": "string"
}
}
}, },
"additionalProperties": false "additionalProperties": false
} }
...@@ -84,6 +84,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do ...@@ -84,6 +84,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do
expect(project.approval_rules.first.scanners).to eql(scanners) expect(project.approval_rules.first.scanners).to eql(scanners)
end end
end end
context 'with valid severity_levels' do
let(:severity_levels) { ['critical'] }
it 'returns 201 status' do
expect do
post api(url, current_user), params: params.merge({ severity_levels: severity_levels })
end.to change { project.approval_rules.count }.from(0).to(1)
expect(response).to have_gitlab_http_status(:created)
expect(project.approval_rules.first.severity_levels).to eql(severity_levels)
end
end
end end
context 'with vulnerabilities_allowed' do context 'with vulnerabilities_allowed' do
...@@ -133,6 +145,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do ...@@ -133,6 +145,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
end end
end end
context 'with valid severity_levels' do
let(:severity_levels) { ['critical'] }
it 'returns 200 status' do
expect do
put api(url, current_user), params: { severity_levels: severity_levels }
end.to change { approval_rule.reload.severity_levels.count }.from(::Enums::Vulnerability.severity_levels.keys.count).to(severity_levels.count)
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'when approver already exists' do context 'when approver already exists' do
before do before do
approval_rule.users << approver approval_rule.users << approver
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment