Implement fallback for remediations

- Implement fallback for `Vulnerabilities::Finding#remediations` - Implement `Remediation#diff` method

Implement fallback for remediations
- Implement fallback for `Vulnerabilities::Finding#remediations` - Implement `Remediation#diff` method
c08e6490 · Mehmet Emin INAC · Igor Drozdov · 90c3fb9f · c08e6490 · c08e6490
Commit c08e6490 authored Dec 17, 2020 by Mehmet Emin INAC Committed by Igor Drozdov Dec 17, 2020
4 changed files
--- a/ee/app/models/vulnerabilities/finding.rb
+++ b/ee/app/models/vulnerabilities/finding.rb
@@ -271,7 +271,9 @@ module Vulnerabilities
    end

    def remediations
-      metadata.dig('remediations')
+      return metadata.dig('remediations') unless super.present?
+
+      super.as_json(only: [:summary, :diff])
    end

    def build_evidence_request(data)

--- a/ee/app/models/vulnerabilities/remediation.rb
+++ b/ee/app/models/vulnerabilities/remediation.rb
@@ -22,6 +22,10 @@ module Vulnerabilities

    scope :by_checksum, -> (checksum) { where(checksum: checksum) }

+    def diff
+      @diff ||= file.read
+    end
+
    def retrieve_upload(_identifier, paths)
      Upload.find_by(model: self, path: paths)
    end

--- a/ee/spec/models/vulnerabilities/finding_spec.rb
+++ b/ee/spec/models/vulnerabilities/finding_spec.rb
@@ -452,6 +452,33 @@ RSpec.describe Vulnerabilities::Finding do
    end
  end

+  describe '#remediations' do
+    let(:raw_remediation) { { summary: 'foo', diff: 'bar' }.stringify_keys }
+    let(:raw_metadata) { { remediations: [raw_remediation] }.to_json }
+    let(:finding) { create(:vulnerabilities_finding, raw_metadata: raw_metadata) }
+
+    subject { finding.remediations }
+
+    context 'when the finding has associated remediation records' do
+      let!(:persisted_remediation) { create(:vulnerabilities_remediation, findings: [finding]) }
+      let(:remediation_hash) { persisted_remediation.as_json(only: [:summary, :diff]) }
+
+      it { is_expected.to eq([remediation_hash]) }
+    end
+
+    context 'when the finding does not have associated remediation records' do
+      context 'when the finding has remediations in `raw_metadata`' do
+        it { is_expected.to eq([raw_remediation]) }
+      end
+
+      context 'when the finding does not have remediations in `raw_metadata`' do
+        let(:raw_metadata) { {}.to_json }
+
+        it { is_expected.to be_nil }
+      end
+    end
+  end
+
  describe 'feedback' do
    let_it_be(:project) { create(:project) }
    let(:finding) do

--- a/ee/spec/models/vulnerabilities/remediation_spec.rb
+++ b/ee/spec/models/vulnerabilities/remediation_spec.rb
@@ -20,4 +20,14 @@ RSpec.describe Vulnerabilities::Remediation do

    it { is_expected.to match_array([remediation_2]) }
  end
+
+  describe '#diff' do
+    let(:diff_content) { 'foo' }
+    let(:diff_file) { Tempfile.new.tap { |f| f.write(diff_content) } }
+    let(:remediation) { create(:vulnerabilities_remediation, file: diff_file) }
+
+    subject { remediation.diff }
+
+    it { is_expected.to eq(diff_content) }
+  end
 end