Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
afbc66e3
Commit
afbc66e3
authored
Sep 29, 2021
by
Marcos Rocha
Committed by
Bob Van Landuyt
Sep 29, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update scheduler owner when the owner is not valid
parent
179873ea
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
62 additions
and
10 deletions
+62
-10
ee/app/models/dast/profile_schedule.rb
ee/app/models/dast/profile_schedule.rb
+4
-0
ee/app/services/app_sec/dast/profiles/update_service.rb
ee/app/services/app_sec/dast/profiles/update_service.rb
+3
-1
ee/spec/services/app_sec/dast/profiles/update_service_spec.rb
...pec/services/app_sec/dast/profiles/update_service_spec.rb
+55
-9
No files found.
ee/app/models/dast/profile_schedule.rb
View file @
afbc66e3
...
...
@@ -51,6 +51,10 @@ class Dast::ProfileSchedule < ApplicationRecord
self
.
class
.
active_for_project
(
project_id
)
end
def
owner_valid?
Ability
.
allowed?
(
owner
,
:create_on_demand_dast_scan
,
project
)
end
private
def
deactivate!
...
...
ee/app/services/app_sec/dast/profiles/update_service.rb
View file @
afbc66e3
...
...
@@ -52,7 +52,9 @@ module AppSec
def
update_or_create_schedule!
if
schedule
schedule
.
update!
(
schedule_input_params
)
attributes
=
schedule_input_params
attributes
=
attributes
.
merge
(
user_id:
current_user
.
id
)
unless
schedule
.
owner_valid?
schedule
.
update!
(
attributes
)
else
::
Dast
::
ProfileSchedule
.
new
(
dast_profile:
dast_profile
,
...
...
ee/spec/services/app_sec/dast/profiles/update_service_spec.rb
View file @
afbc66e3
...
...
@@ -9,6 +9,7 @@ RSpec.describe AppSec::Dast::Profiles::UpdateService do
let_it_be
(
:dast_site_profile
)
{
create
(
:dast_site_profile
,
project:
project
)
}
let_it_be
(
:dast_scanner_profile
)
{
create
(
:dast_scanner_profile
,
project:
project
)
}
let_it_be
(
:plan_limits
)
{
create
(
:plan_limits
,
:default_plan
)
}
let_it_be
(
:scheduler_owner
)
{
create
(
:user
,
name:
'Scheduler Owner'
)
}
let
(
:default_params
)
do
{
...
...
@@ -59,7 +60,7 @@ RSpec.describe AppSec::Dast::Profiles::UpdateService do
context
'when the user can run a DAST scan'
do
before
do
project
.
add_
developer
(
us
er
)
project
.
add_
users
([
user
,
scheduler_owner
],
:develop
er
)
end
it
'communicates success'
do
...
...
@@ -127,24 +128,69 @@ RSpec.describe AppSec::Dast::Profiles::UpdateService do
end
context
'when associated schedule is present'
do
before
do
create
(
:dast_profile_schedule
,
dast_profile:
dast_profile
)
end
let_it_be_with_reload
(
:dast_profile_schedule
)
{
create
(
:dast_profile_schedule
,
project:
project
,
dast_profile:
dast_profile
,
owner:
scheduler_owner
)
}
it
'updates the dast profile schedule'
do
updated_schedule
=
subject
.
payload
[
:dast_profile_schedule
].
reload
subject
aggregate_failures
do
expect
(
updated
_schedule
.
active
).
to
eq
(
params
[
:dast_profile_schedule
][
:active
])
expect
(
updated
_schedule
.
starts_at
.
to_i
).
to
eq
(
params
[
:dast_profile_schedule
][
:starts_at
].
to_i
)
expect
(
updated
_schedule
.
timezone
).
to
eq
(
params
[
:dast_profile_schedule
][
:timezone
])
expect
(
updated
_schedule
.
cadence
).
to
eq
(
params
[
:dast_profile_schedule
][
:cadence
].
stringify_keys
)
expect
(
dast_profile
_schedule
.
active
).
to
eq
(
params
[
:dast_profile_schedule
][
:active
])
expect
(
dast_profile
_schedule
.
starts_at
.
to_i
).
to
eq
(
params
[
:dast_profile_schedule
][
:starts_at
].
to_i
)
expect
(
dast_profile
_schedule
.
timezone
).
to
eq
(
params
[
:dast_profile_schedule
][
:timezone
])
expect
(
dast_profile
_schedule
.
cadence
).
to
eq
(
params
[
:dast_profile_schedule
][
:cadence
].
stringify_keys
)
end
end
it
'creates the audit event'
do
expect
{
subject
}.
to
change
{
AuditEvent
.
where
(
target_id:
dast_profile
.
dast_profile_schedule
.
id
).
count
}
end
context
'when the owner is valid'
do
it
'does not updates the schedule owner'
do
subject
expect
(
dast_profile_schedule
.
user_id
).
to
eq
(
scheduler_owner
.
id
)
end
end
context
'when the owner was deleted'
do
before
do
scheduler_owner
.
destroy!
subject
.
payload
[
:dast_profile_schedule
].
reload
end
it
'updates the schedule owner'
do
subject
expect
(
dast_profile_schedule
.
user_id
).
to
eq
(
user
.
id
)
end
end
context
'when the owner permission was downgraded'
do
before
do
project
.
add_guest
(
scheduler_owner
)
end
it
'updates the schedule owner'
do
subject
expect
(
dast_profile_schedule
.
user_id
).
to
eq
(
user
.
id
)
end
end
context
'when the owner was removed from the project'
do
before
do
stub_feature_flags
(
member_destroy_async_auth_refresh:
false
)
project
.
team
.
truncate
project
.
add_developer
(
user
)
end
it
'updates the schedule owner'
do
subject
expect
(
dast_profile_schedule
.
user_id
).
to
eq
(
user
.
id
)
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment