Add mutation to add projects to Instance Security Dashboard

This change will add new mutation to GraphQL API that will allow user to add multiple projects to Instance Security Dashboard.

Add mutation to add projects to Instance Security Dashboard
This change will add new mutation to GraphQL API that will allow user to add multiple projects to Instance Security Dashboard.
d296d42c · Alan (Maciej) Paruszewski · Bob Van Landuyt · 4b975914 · d296d42c · d296d42c
Commit d296d42c authored Apr 29, 2020 by Alan (Maciej) Paruszewski Committed by Bob Van Landuyt Apr 29, 2020
7 changed files
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -38,6 +38,51 @@ type AddAwardEmojiPayload {
  errors: [String!]!
 }

+"""
+Autogenerated input type of AddProjectsToSecurityDashboard
+"""
+input AddProjectsToSecurityDashboardInput {
+  """
+  A unique identifier for the client performing the mutation.
+  """
+  clientMutationId: String
+
+  """
+  IDs of projects to be added to Instance Security Dashboard
+  """
+  projectIds: [ID!]!
+}
+
+"""
+Autogenerated return type of AddProjectsToSecurityDashboard
+"""
+type AddProjectsToSecurityDashboardPayload {
+  """
+  IDs of projects that were added to the Instance Security Dashboard
+  """
+  addedProjectIds: [ID!]
+
+  """
+  A unique identifier for the client performing the mutation.
+  """
+  clientMutationId: String
+
+  """
+  IDs of projects that are already added to the Instance Security Dashboard
+  """
+  duplicatedProjectIds: [ID!]
+
+  """
+  Reasons why the mutation failed.
+  """
+  errors: [String!]!
+
+  """
+  IDs of projects that were not added to the Instance Security Dashboard
+  """
+  invalidProjectIds: [ID!]
+}
+
 """
 Autogenerated input type of AdminSidekiqQueuesDeleteJobs
 """
@@ -5743,6 +5788,7 @@ enum MoveType {

 type Mutation {
  addAwardEmoji(input: AddAwardEmojiInput!): AddAwardEmojiPayload
+  addProjectsToSecurityDashboard(input: AddProjectsToSecurityDashboardInput!): AddProjectsToSecurityDashboardPayload
  adminSidekiqQueuesDeleteJobs(input: AdminSidekiqQueuesDeleteJobsInput!): AdminSidekiqQueuesDeleteJobsPayload
  boardListUpdateLimitMetrics(input: BoardListUpdateLimitMetricsInput!): BoardListUpdateLimitMetricsPayload
  createDiffNote(input: CreateDiffNoteInput!): CreateDiffNotePayload

--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -125,6 +125,168 @@
          "enumValues": null,
          "possibleTypes": null
        },
+        {
+          "kind": "INPUT_OBJECT",
+          "name": "AddProjectsToSecurityDashboardInput",
+          "description": "Autogenerated input type of AddProjectsToSecurityDashboard",
+          "fields": null,
+          "inputFields": [
+            {
+              "name": "projectIds",
+              "description": "IDs of projects to be added to Instance Security Dashboard",
+              "type": {
+                "kind": "NON_NULL",
+                "name": null,
+                "ofType": {
+                  "kind": "LIST",
+                  "name": null,
+                  "ofType": {
+                    "kind": "NON_NULL",
+                    "name": null,
+                    "ofType": {
+                      "kind": "SCALAR",
+                      "name": "ID",
+                      "ofType": null
+                    }
+                  }
+                }
+              },
+              "defaultValue": null
+            },
+            {
+              "name": "clientMutationId",
+              "description": "A unique identifier for the client performing the mutation.",
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "defaultValue": null
+            }
+          ],
+          "interfaces": null,
+          "enumValues": null,
+          "possibleTypes": null
+        },
+        {
+          "kind": "OBJECT",
+          "name": "AddProjectsToSecurityDashboardPayload",
+          "description": "Autogenerated return type of AddProjectsToSecurityDashboard",
+          "fields": [
+            {
+              "name": "addedProjectIds",
+              "description": "IDs of projects that were added to the Instance Security Dashboard",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "LIST",
+                "name": null,
+                "ofType": {
+                  "kind": "NON_NULL",
+                  "name": null,
+                  "ofType": {
+                    "kind": "SCALAR",
+                    "name": "ID",
+                    "ofType": null
+                  }
+                }
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "clientMutationId",
+              "description": "A unique identifier for the client performing the mutation.",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "duplicatedProjectIds",
+              "description": "IDs of projects that are already added to the Instance Security Dashboard",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "LIST",
+                "name": null,
+                "ofType": {
+                  "kind": "NON_NULL",
+                  "name": null,
+                  "ofType": {
+                    "kind": "SCALAR",
+                    "name": "ID",
+                    "ofType": null
+                  }
+                }
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "errors",
+              "description": "Reasons why the mutation failed.",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "NON_NULL",
+                "name": null,
+                "ofType": {
+                  "kind": "LIST",
+                  "name": null,
+                  "ofType": {
+                    "kind": "NON_NULL",
+                    "name": null,
+                    "ofType": {
+                      "kind": "SCALAR",
+                      "name": "String",
+                      "ofType": null
+                    }
+                  }
+                }
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "invalidProjectIds",
+              "description": "IDs of projects that were not added to the Instance Security Dashboard",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "LIST",
+                "name": null,
+                "ofType": {
+                  "kind": "NON_NULL",
+                  "name": null,
+                  "ofType": {
+                    "kind": "SCALAR",
+                    "name": "ID",
+                    "ofType": null
+                  }
+                }
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            }
+          ],
+          "inputFields": null,
+          "interfaces": [
+
+          ],
+          "enumValues": null,
+          "possibleTypes": null
+        },
        {
          "kind": "INPUT_OBJECT",
          "name": "AdminSidekiqQueuesDeleteJobsInput",
@@ -16471,6 +16633,33 @@
              "isDeprecated": false,
              "deprecationReason": null
            },
+            {
+              "name": "addProjectsToSecurityDashboard",
+              "description": null,
+              "args": [
+                {
+                  "name": "input",
+                  "description": null,
+                  "type": {
+                    "kind": "NON_NULL",
+                    "name": null,
+                    "ofType": {
+                      "kind": "INPUT_OBJECT",
+                      "name": "AddProjectsToSecurityDashboardInput",
+                      "ofType": null
+                    }
+                  },
+                  "defaultValue": null
+                }
+              ],
+              "type": {
+                "kind": "OBJECT",
+                "name": "AddProjectsToSecurityDashboardPayload",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
            {
              "name": "adminSidekiqQueuesDeleteJobs",
              "description": null,

--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -26,6 +26,18 @@ Autogenerated return type of AddAwardEmoji
 | `clientMutationId` | String | A unique identifier for the client performing the mutation. |
 | `errors` | String! => Array | Reasons why the mutation failed. |

+## AddProjectsToSecurityDashboardPayload
+
+Autogenerated return type of AddProjectsToSecurityDashboard
+
+| Name  | Type  | Description |
+| ---   |  ---- | ----------  |
+| `addedProjectIds` | ID! => Array | IDs of projects that were added to the Instance Security Dashboard |
+| `clientMutationId` | String | A unique identifier for the client performing the mutation. |
+| `duplicatedProjectIds` | ID! => Array | IDs of projects that are already added to the Instance Security Dashboard |
+| `errors` | String! => Array | Reasons why the mutation failed. |
+| `invalidProjectIds` | ID! => Array | IDs of projects that were not added to the Instance Security Dashboard |
+
 ## AdminSidekiqQueuesDeleteJobsPayload

 Autogenerated return type of AdminSidekiqQueuesDeleteJobs

--- a/ee/app/graphql/ee/types/mutation_type.rb
+++ b/ee/app/graphql/ee/types/mutation_type.rb
@@ -18,6 +18,7 @@ module EE
        mount_mutation ::Mutations::Requirements::Update
        mount_mutation ::Mutations::Vulnerabilities::Dismiss
        mount_mutation ::Mutations::Boards::Lists::UpdateLimitMetrics
+        mount_mutation ::Mutations::SecurityDashboard::AddProjects
      end
    end
  end

--- a/ee/app/graphql/mutations/security_dashboard/add_projects.rb
+++ b/ee/app/graphql/mutations/security_dashboard/add_projects.rb
+# frozen_string_literal: true
+
+module Mutations
+  module SecurityDashboard
+    class AddProjects < BaseMutation
+      graphql_name 'AddProjectsToSecurityDashboard'
+
+      authorize :read_instance_security_dashboard
+
+      field :invalid_project_ids, [GraphQL::ID_TYPE],
+            null: true,
+            description: 'IDs of projects that were not added to the Instance Security Dashboard'
+
+      field :added_project_ids, [GraphQL::ID_TYPE],
+            null: true,
+            description: 'IDs of projects that were added to the Instance Security Dashboard'
+
+      field :duplicated_project_ids, [GraphQL::ID_TYPE],
+            null: true,
+            description: 'IDs of projects that are already added to the Instance Security Dashboard'
+
+      argument :project_ids, [GraphQL::ID_TYPE],
+               required: true,
+               description: 'IDs of projects to be added to Instance Security Dashboard'
+
+      def resolve(project_ids:)
+        dashboard = authorized_find!
+        raise_resource_not_available_error! unless dashboard.feature_available?(:security_dashboard)
+
+        result = add_projects(project_ids.map(&method(:extract_project_id)))
+
+        {
+          invalid_project_ids: result.invalid_project_ids.map(&method(:to_global_id)),
+          added_project_ids: result.added_project_ids.map(&method(:to_global_id)),
+          duplicated_project_ids: result.duplicate_project_ids.map(&method(:to_global_id)),
+          errors: []
+        }
+      end
+
+      private
+
+      def find_object(*args)
+        InstanceSecurityDashboard.new(current_user)
+      end
+
+      def extract_project_id(global_id)
+        return unless global_id.present?
+
+        GitlabSchema.parse_gid(global_id, expected_type: ::Project).model_id
+      end
+
+      def add_projects(project_ids)
+        Dashboard::Projects::CreateService.new(
+          current_user,
+          current_user.security_dashboard_projects,
+          feature: :security_dashboard
+        ).execute(project_ids.compact)
+      end
+
+      def to_global_id(project_id)
+        GitlabSchema.id_from_object(Project.new(id: project_id))
+      end
+    end
+  end
+end
--- a/ee/changelogs/unreleased/214583-add-mutation-to-add-projects-to-security-dashboard.yml
+++ b/ee/changelogs/unreleased/214583-add-mutation-to-add-projects-to-security-dashboard.yml
+---
+title: Add GraphQL mutation for adding projects to Instance Security Dashboard
+merge_request: 30092
+author:
+type: added
--- a/ee/spec/graphql/mutations/security_dashboard/add_projects_spec.rb
+++ b/ee/spec/graphql/mutations/security_dashboard/add_projects_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+
+describe Mutations::SecurityDashboard::AddProjects do
+  let(:mutation) { described_class.new(object: nil, context: { current_user: current_user }, field: nil) }
+
+  describe '#resolve' do
+    let_it_be(:project) { create(:project) }
+    let_it_be(:my_project) { create(:project) }
+    let_it_be(:already_added_project) { create(:project) }
+
+    let_it_be(:user) { create(:user, security_dashboard_projects: [already_added_project]) }
+
+    let(:project_ids) { [project, my_project, already_added_project].map(&GitlabSchema.method(:id_from_object)).map(&:to_s) }
+
+    before do
+      my_project.add_developer(user)
+      already_added_project.add_developer(user)
+    end
+
+    subject { mutation.resolve(project_ids: project_ids) }
+
+    context 'when user is not logged_in' do
+      let(:current_user) { nil }
+
+      it 'raises Gitlab::Graphql::Errors::ResourceNotAvailable error' do
+        expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
+      end
+    end
+
+    context 'when user is logged_in' do
+      let(:current_user) { user }
+
+      context 'when security_dashboard is not enabled' do
+        it 'raises Gitlab::Graphql::Errors::ResourceNotAvailable error' do
+          expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
+        end
+      end
+
+      context 'when security_dashboard is enabled' do
+        before do
+          stub_licensed_features(security_dashboard: true)
+        end
+
+        context 'when project_ids is empty' do
+          let(:project_ids) { [] }
+
+          it { is_expected.to eq(added_project_ids: [], duplicated_project_ids: [], invalid_project_ids: [], errors: []) }
+        end
+
+        context 'when project_ids contains ids' do
+          it 'adds project that is available to the user to the security dashboard', :aggregate_failures do
+            expect(subject[:added_project_ids]).to eq([GitlabSchema.id_from_object(my_project)])
+            expect(user.security_dashboard_projects).to include(my_project)
+          end
+
+          it 'does not add project that already exist in the security dashboard', :aggregate_failures do
+            expect(subject[:duplicated_project_ids]).to eq([GitlabSchema.id_from_object(already_added_project)])
+            expect(user.security_dashboard_projects).to include(already_added_project)
+          end
+
+          it 'does not add project that is not available for the user' do
+            expect(subject[:invalid_project_ids]).to eq([GitlabSchema.id_from_object(project)])
+          end
+        end
+      end
+    end
+  end
+end