occurrence_entity.rb 1.76 KB
Newer Older
1 2 3 4 5 6 7 8 9
# frozen_string_literal: true

class Vulnerabilities::OccurrenceEntity < Grape::Entity
  include RequestAwareEntity

  expose :id, :report_type, :name, :severity, :confidence
  expose :scanner, using: Vulnerabilities::ScannerEntity
  expose :identifiers, using: Vulnerabilities::IdentifierEntity
  expose :project_fingerprint
10
  expose :vulnerability_feedback_path, as: :vulnerability_feedback_issue_path, if: ->(_, _) { can_admin_vulnerability_feedback? && can_create_issue? }
11
  expose :vulnerability_feedback_path, as: :vulnerability_feedback_merge_request_path, if: ->(_, _) { can_admin_vulnerability_feedback? && can_create_merge_request? }
12
  expose :vulnerability_feedback_path, as: :vulnerability_feedback_dismissal_path, if: ->(_, _) { can_admin_vulnerability_feedback? }
13
  expose :project, using: ::ProjectEntity
14 15
  expose :dismissal_feedback, using: Vulnerabilities::FeedbackEntity
  expose :issue_feedback, using: Vulnerabilities::FeedbackEntity
16
  expose :merge_request_feedback, using: Vulnerabilities::FeedbackEntity
17 18 19

  expose :metadata, merge: true, if: ->(occurrence, _) { occurrence.raw_metadata } do
    expose :description
20
    expose :links
21 22 23
    expose :location
    expose :remediations
    expose :solution
24 25
  end

26 27 28 29
  expose :blob_path do |occurrence|
    occurrence.present.blob_path
  end

30 31 32 33
  alias_method :occurrence, :object

  private

34 35
  def vulnerability_feedback_path
    project_vulnerability_feedback_index_path(occurrence.project)
36 37 38 39 40
  end

  def can_admin_vulnerability_feedback?
    can?(request.current_user, :admin_vulnerability_feedback, occurrence.project)
  end
41 42 43 44

  def can_create_issue?
    can?(request.current_user, :create_issue, occurrence.project)
  end
45 46 47 48

  def can_create_merge_request?
    can?(request.current_user, :create_merge_request_in, occurrence.project)
  end
49
end