Commit a5f66310 authored by Vitali Tatarintev's avatar Vitali Tatarintev

Merge branch '276898-add-filtering-jira-issues-on-vulnerability-id' into 'master'

Add filtering Jira issues on GitLab Vulnerability ID

See merge request gitlab-org/gitlab!47198
parents 72c6ac9f 4f819e21
......@@ -13,7 +13,7 @@ module Projects
def valid_params
@valid_params ||= %i[page per_page search state status author_username assignee_username]
# to permit array params you need to init them to an empty array
@valid_params << { labels: [] }
@valid_params << { labels: [], vulnerability_ids: [] }
end
end
......
......@@ -18,6 +18,7 @@ module Jira
@assignee = params[:assignee_username]
@sort = params[:sort] || DEFAULT_SORT
@sort_direction = params[:sort_direction] || DEFAULT_SORT_DIRECTION
@vulnerability_ids = params[:vulnerability_ids]
end
def execute
......@@ -29,7 +30,7 @@ module Jira
private
attr_reader :jira_project_key, :sort, :sort_direction, :search, :labels, :status, :reporter, :assignee, :state
attr_reader :jira_project_key, :sort, :sort_direction, :search, :labels, :status, :reporter, :assignee, :state, :vulnerability_ids
def jql_filters
[
......@@ -39,7 +40,8 @@ module Jira
by_reporter,
by_assignee,
by_open_and_closed,
by_summary_and_description
by_summary_and_description,
by_vulnerability_ids
].compact.join(' AND ')
end
......@@ -93,6 +95,15 @@ module Jira
end
end
def by_vulnerability_ids
return if vulnerability_ids.blank?
vulnerability_ids
.map { |vulnerability_id| %Q[description ~ "/-/security/vulnerabilities/#{vulnerability_id}"] }
.join(' OR ')
.then { |query| "(#{query})" }
end
def escape_quotes(param)
param.gsub('\\', '\\\\\\').gsub('"', '\\"')
end
......
---
title: Add filtering Jira issues on GitLab Vulnerability ID
merge_request: 47198
author:
type: added
......@@ -109,5 +109,13 @@ RSpec.describe Jira::JqlBuilderService do
expect(subject).to eq('project = PROJECT_KEY order by created DESC')
end
end
context 'with vulnerability_ids params' do
let(:params) { { vulnerability_ids: [1, 25] } }
it 'builds jql' do
expect(subject).to eq('project = PROJECT_KEY AND (description ~ "/-/security/vulnerabilities/1" OR description ~ "/-/security/vulnerabilities/25") order by created DESC')
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment