Add spec for group vulns including all projects

Since groups can contain multiple projects, we need to check that all related vulnerabilities all included in the response.

Add spec for group vulns including all projects
Since groups can contain multiple projects, we need to check that all related vulnerabilities all included in the response.
c215198d · Avielle Wolfe · 12d7e9db · c215198d
Commit c215198d authored Jul 11, 2019 by Avielle Wolfe
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 0 deletions

ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb ...ollers/groups/security/vulnerabilities_controller_spec.rb +24 -0

No files found.
--- a/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
+++ b/ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
@@ -52,4 +52,28 @@ describe Groups::Security::VulnerabilitiesController do
      end
    end
  end
+
+  describe 'GET index.json' do
+    it 'returns vulnerabilities for all projects in the group' do
+      stub_licensed_features(security_dashboard: true)
+      group.add_developer(user)
+
+      # create projects for the group
+      2.times do
+        project = create(:project, namespace: group)
+        pipeline = create(:ci_pipeline, :success, project: project)
+
+        create(:vulnerabilities_occurrence, pipelines: [pipeline], project: project, severity: :high)
+      end
+
+      # create an ungrouped project to ensure we don't include it
+      project = create(:project)
+      pipeline = create(:ci_pipeline, :success, project: project)
+      create(:vulnerabilities_occurrence, pipelines: [pipeline], project: project, severity: :high)
+
+      get :index, params: { group_id: group }, format: :json
+
+      expect(json_response.count).to be(2)
+    end
+  end
 end