Merge branch 'philipcunningham-remove-dast-site-validation-field-289800' into 'master'

Remove dastSiteValidation field from project

See merge request gitlab-org/gitlab!49911

doc/api/graphql/reference/gitlab_schema.graphql

@@ -17243,22 +17243,6 @@ type Project {
     last: Int
   ): DastSiteProfileConnection
 
-  """
-  DAST Site Validation associated with the project. Will always return `null` if
-  `security_on_demand_scans_site_validation` is disabled
-  """
-  dastSiteValidation(
-    """
-    Normalized URL of the target to be scanned
-    """
-    normalizedTargetUrls: [String!]
-
-    """
-    URL of the target to be scanned
-    """
-    targetUrl: String!
-  ): DastSiteValidation
-
   """
   DAST Site Validations associated with the project. Will always return no nodes
   if `security_on_demand_scans_site_validation` is disabled

doc/api/graphql/reference/gitlab_schema.json

@@ -50903,51 +50903,6 @@
               "isDeprecated": false,
               "deprecationReason": null
             },
-            {
-              "name": "dastSiteValidation",
-              "description": "DAST Site Validation associated with the project. Will always return `null` if `security_on_demand_scans_site_validation` is disabled",
-              "args": [
-                {
-                  "name": "normalizedTargetUrls",
-                  "description": "Normalized URL of the target to be scanned",
-                  "type": {
-                    "kind": "LIST",
-                    "name": null,
-                    "ofType": {
-                      "kind": "NON_NULL",
-                      "name": null,
-                      "ofType": {
-                        "kind": "SCALAR",
-                        "name": "String",
-                        "ofType": null
-                      }
-                    }
-                  },
-                  "defaultValue": null
-                },
-                {
-                  "name": "targetUrl",
-                  "description": "URL of the target to be scanned",
-                  "type": {
-                    "kind": "NON_NULL",
-                    "name": null,
-                    "ofType": {
-                      "kind": "SCALAR",
-                      "name": "String",
-                      "ofType": null
-                    }
-                  },
-                  "defaultValue": null
-                }
-              ],
-              "type": {
-                "kind": "OBJECT",
-                "name": "DastSiteValidation",
-                "ofType": null
-              },
-              "isDeprecated": false,
-              "deprecationReason": null
-            },
             {
               "name": "dastSiteValidations",
               "description": "DAST Site Validations associated with the project. Will always return no nodes if `security_on_demand_scans_site_validation` is disabled",

doc/api/graphql/reference/index.md

@@ -2595,7 +2595,6 @@ Autogenerated return type of PipelineRetry.
 | `dastScannerProfiles` | DastScannerProfileConnection | The DAST scanner profiles associated with the project |
 | `dastSiteProfile` | DastSiteProfile | DAST Site Profile associated with the project |
 | `dastSiteProfiles` | DastSiteProfileConnection | DAST Site Profiles associated with the project |
-| `dastSiteValidation` | DastSiteValidation | DAST Site Validation associated with the project. Will always return `null` if `security_on_demand_scans_site_validation` is disabled |
 | `dastSiteValidations` | DastSiteValidationConnection | DAST Site Validations associated with the project. Will always return no nodes if `security_on_demand_scans_site_validation` is disabled |
 | `description` | String | Short description of the project |
 | `descriptionHtml` | String | The GitLab Flavored Markdown rendering of `description` |

ee/app/graphql/ee/types/project_type.rb

@@ -77,13 +77,6 @@ module EE
               description: 'DAST Site Profiles associated with the project',
               resolver: ::Resolvers::DastSiteProfileResolver
 
-        field :dast_site_validation,
-              ::Types::DastSiteValidationType,
-              null: true,
-              resolver: ::Resolvers::DastSiteValidationResolver.single,
-              description: 'DAST Site Validation associated with the project. Will always return `null` ' \
-                           'if `security_on_demand_scans_site_validation` is disabled'
-
         field :dast_site_validations,
               ::Types::DastSiteValidationType.connection_type,
               null: true,

ee/app/graphql/resolvers/dast_site_validation_resolver.rb

@@ -9,15 +9,10 @@ module Resolvers
     argument :normalized_target_urls, [GraphQL::STRING_TYPE], required: false,
              description: 'Normalized URL of the target to be scanned'
 
-    when_single do
-      argument :target_url, GraphQL::STRING_TYPE, required: true,
-               description: 'URL of the target to be scanned'
-    end
-
     def resolve(**args)
       return DastSiteValidation.none unless allowed?
 
-      DastSiteValidationsFinder.new(project_id: project.id, url_base: url_base(args)).execute
+      DastSiteValidationsFinder.new(project_id: project.id, url_base: args[:normalized_target_urls]).execute
     end
 
     private
@@ -25,11 +20,5 @@ module Resolvers
     def allowed?
       ::Feature.enabled?(:security_on_demand_scans_site_validation, project)
     end
-
-    def url_base(args)
-      return DastSiteValidation.get_normalized_url_base(args[:target_url]) if args[:target_url]
-
-      args[:normalized_target_urls]
-    end
   end
 end

ee/spec/graphql/resolvers/dast_site_validation_resolver_spec.rb

@@ -25,12 +25,6 @@ RSpec.describe Resolvers::DastSiteValidationResolver do
 
   subject { sync(resolver) }
 
-  context 'when resolving a single DAST site validation' do
-    let(:resolver) { dast_site_validations(target_url: target_url) }
-
-    it { is_expected.to contain_exactly(dast_site_validation1) }
-  end
-
   context 'when resolving multiple DAST site validations' do
     let(:args) { {} }
     let(:resolver) { dast_site_validations(args) }

ee/spec/graphql/types/dast_site_validation_type_spec.rb

@@ -16,7 +16,7 @@ RSpec.describe GitlabSchema.types['DastSiteValidation'] do
       },
       variables: {
         fullPath: project.full_path,
-        targetUrl: dast_site_validation.url_base
+        normalized_target_urls: [dast_site_validation.url_base]
       }
     ).as_json
   end
@@ -30,19 +30,17 @@ RSpec.describe GitlabSchema.types['DastSiteValidation'] do
 
   it { expect(described_class).to have_graphql_fields(fields) }
 
-  describe 'dast_site_validation' do
+  describe 'dast_site_validations' do
     before do
       project.add_developer(user)
     end
 
     let(:query) do
       %(
-        query project($fullPath: ID!, $targetUrl: String!) {
+        query project($fullPath: ID!, $normalizedTargetUrls: [String!]) {
           project(fullPath: $fullPath) {
-            dastSiteValidation(targetUrl: $targetUrl) {
-              id
-              status
-              normalizedTargetUrl
+            dastSiteValidations(normalizedTargetUrls: $normalizedTargetUrls) {
+              edges { node { id status normalizedTargetUrl } }
             }
           }
         }
@@ -50,7 +48,7 @@ RSpec.describe GitlabSchema.types['DastSiteValidation'] do
     end
 
     describe 'status field' do
-      subject { response.dig('data', 'project', 'dastSiteValidation', 'status') }
+      subject { response.dig('data', 'project', 'dastSiteValidations', 'edges', 0, 'node', 'status') }
 
       it { is_expected.to eq('PENDING_VALIDATION') }
     end

ee/spec/requests/api/graphql/project/dast_site_validation_spec.rb

-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe 'Query.project(fullPath).dastSiteValidation' do
-  include GraphqlHelpers
-
-  let_it_be(:dast_site_validation) { create(:dast_site_validation) }
-  let_it_be(:project) { dast_site_validation.dast_site_token.project }
-  let_it_be(:current_user) { create(:user) }
-
-  let(:query) do
-    %(
-      query project($fullPath: ID!, $targetUrl: String!) {
-        project(fullPath: $fullPath) {
-          dastSiteValidation(targetUrl: $targetUrl) {
-            id
-            status
-          }
-        }
-      }
-    )
-  end
-
-  subject do
-    post_graphql(
-      query,
-      current_user: current_user,
-      variables: {
-        fullPath: project.full_path,
-        targetUrl: dast_site_validation.url_base
-      }
-    )
-    graphql_data
-  end
-
-  let(:project_response) { subject['project'] }
-  let(:dast_site_validation_response) { project_response['dastSiteValidation'] }
-
-  before do
-    stub_licensed_features(security_on_demand_scans: true)
-  end
-
-  context 'when a user does not have access to the project' do
-    it 'returns a null project' do
-      expect(project_response).to be_nil
-    end
-  end
-
-  context 'when a user does not have access to dast_site_validation' do
-    it 'returns a null dast_site_validation' do
-      project.add_guest(current_user)
-
-      expect(dast_site_validation_response).to be_nil
-    end
-  end
-
-  context 'when a user has access to dast_site_profiles' do
-    before do
-      project.add_developer(current_user)
-    end
-
-    context 'when feature flag is disabled' do
-      before do
-        stub_feature_flags(security_on_demand_scans_site_validation: false)
-      end
-
-      it 'returns a null dast_site_validation' do
-        expect(dast_site_validation_response).to be_nil
-      end
-    end
-
-    it 'returns a dast_site_validation' do
-      expect(dast_site_validation_response['id']).to eq(dast_site_validation.to_global_id.to_s)
-      expect(dast_site_validation_response['status']).to eq('PENDING_VALIDATION')
-    end
-
-    context 'when there are multiple DAST site validations with the same target and for the same project' do
-      it 'returns the most recent dast_site_validation' do
-        new_dast_site_validation = create(:dast_site_validation, dast_site_token: dast_site_validation.dast_site_token)
-
-        expect(dast_site_validation_response['id']).to eq(new_dast_site_validation.to_global_id.to_s)
-      end
-    end
-  end
-end