Commit 1eb5b25a authored by Mehmet Emin INAC's avatar Mehmet Emin INAC

Add application and DB layer validations for flag_type uniqueness

Introducing a compound unique index on `vulnerability_occurrence_id`,
`flag_type`, and `origin` columns will help us utilizing PostgreSQL's
upsert functionality and will prevent inserting the same flag twice.

Changelog: added
EE: true
parent d89256f3
# frozen_string_literal: true
class AddUniqueIndexToVulnerabilityFlagsTable < ActiveRecord::Migration[6.1]
include Gitlab::Database::MigrationHelpers
INDEX_NAME = 'index_vulnerability_flags_on_unique_columns'
disable_ddl_transaction!
def up
add_concurrent_index :vulnerability_flags, [:vulnerability_occurrence_id, :flag_type, :origin], name: INDEX_NAME, unique: true
end
def down
remove_concurrent_index_by_name :vulnerability_flags, INDEX_NAME
end
end
529cf86e09b5aa9015b604e73827cb21e92ced401f30dfb281115a506596bd4e
\ No newline at end of file
...@@ -25441,6 +25441,8 @@ CREATE INDEX index_vulnerability_findings_remediations_on_remediation_id ON vuln ...@@ -25441,6 +25441,8 @@ CREATE INDEX index_vulnerability_findings_remediations_on_remediation_id ON vuln
CREATE UNIQUE INDEX index_vulnerability_findings_remediations_on_unique_keys ON vulnerability_findings_remediations USING btree (vulnerability_occurrence_id, vulnerability_remediation_id); CREATE UNIQUE INDEX index_vulnerability_findings_remediations_on_unique_keys ON vulnerability_findings_remediations USING btree (vulnerability_occurrence_id, vulnerability_remediation_id);
CREATE UNIQUE INDEX index_vulnerability_flags_on_unique_columns ON vulnerability_flags USING btree (vulnerability_occurrence_id, flag_type, origin);
CREATE INDEX index_vulnerability_flags_on_vulnerability_occurrence_id ON vulnerability_flags USING btree (vulnerability_occurrence_id); CREATE INDEX index_vulnerability_flags_on_vulnerability_occurrence_id ON vulnerability_flags USING btree (vulnerability_occurrence_id);
CREATE INDEX index_vulnerability_historical_statistics_on_date_and_id ON vulnerability_historical_statistics USING btree (date, id); CREATE INDEX index_vulnerability_historical_statistics_on_date_and_id ON vulnerability_historical_statistics USING btree (date, id);
...@@ -4,11 +4,11 @@ module Vulnerabilities ...@@ -4,11 +4,11 @@ module Vulnerabilities
class Flag < ApplicationRecord class Flag < ApplicationRecord
self.table_name = 'vulnerability_flags' self.table_name = 'vulnerability_flags'
belongs_to :finding, class_name: 'Vulnerabilities::Finding', foreign_key: 'vulnerability_occurrence_id', inverse_of: :vulnerability_flags belongs_to :finding, class_name: 'Vulnerabilities::Finding', foreign_key: 'vulnerability_occurrence_id', inverse_of: :vulnerability_flags, optional: false
validates :origin, length: { maximum: 255 } validates :origin, length: { maximum: 255 }
validates :description, length: { maximum: 1024 } validates :description, length: { maximum: 1024 }
validates :flag_type, presence: true validates :flag_type, presence: true, uniqueness: { scope: [:vulnerability_occurrence_id, :origin] }
enum flag_type: { enum flag_type: {
false_positive: 0 false_positive: 0
......
...@@ -4,13 +4,16 @@ require 'spec_helper' ...@@ -4,13 +4,16 @@ require 'spec_helper'
RSpec.describe Vulnerabilities::Flag do RSpec.describe Vulnerabilities::Flag do
describe 'associations' do describe 'associations' do
it { is_expected.to belong_to(:finding).class_name('Vulnerabilities::Finding').with_foreign_key('vulnerability_occurrence_id') } it { is_expected.to belong_to(:finding).class_name('Vulnerabilities::Finding').with_foreign_key('vulnerability_occurrence_id').required }
end end
describe 'validations' do describe 'validations' do
subject { build(:vulnerabilities_flag) }
it { is_expected.to validate_length_of(:origin).is_at_most(255) } it { is_expected.to validate_length_of(:origin).is_at_most(255) }
it { is_expected.to validate_length_of(:description).is_at_most(1024) } it { is_expected.to validate_length_of(:description).is_at_most(1024) }
it { is_expected.to validate_presence_of(:flag_type) } it { is_expected.to validate_presence_of(:flag_type) }
it { is_expected.to validate_uniqueness_of(:flag_type).scoped_to(:vulnerability_occurrence_id, :origin).ignoring_case_sensitivity }
it { is_expected.to define_enum_for(:flag_type).with_values(false_positive: 0) } it { is_expected.to define_enum_for(:flag_type).with_values(false_positive: 0) }
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment