Stub out service for creating DAST site profiles

26b478fa · Philip Cunningham · 6e065c62 · 26b478fa · 26b478fa · 26b478fa
Commit 26b478fa authored Jul 10, 2020 by Philip Cunningham
3 changed files
--- a/ee/app/graphql/mutations/dast_site_profiles/create.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/create.rb
@@ -29,9 +29,14 @@ module Mutations
        project = authorized_find!(full_path: full_path)
        raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)

-        {
-          errors: ['Not implemented']
-        }
+        service = ::DastSiteProfiles::CreateService.new(project, current_user)
+        dast_site_profile = service.execute(name: profile_name, target_url: target_url)
+
+        if dast_site_profile.success?
+          raise 'Not implemented'
+        else
+          { errors: dast_site_profile.errors }
+        end
      end

      private

--- a/ee/app/services/dast_site_profiles/create_service.rb
+++ b/ee/app/services/dast_site_profiles/create_service.rb
+# frozen_string_literal: true
+
+module DastSiteProfiles
+  class CreateService < BaseService
+    def execute(name: nil, target_url: nil)
+      return ServiceResponse.error(message: 'Insufficient permissions') unless allowed?
+
+      ServiceResponse.error(message: 'Not implemented')
+    end
+
+    def allowed?
+      Ability.allowed?(current_user, :run_ondemand_dast_scan, project)
+    end
+  end
+end
--- a/ee/spec/services/dast_site_profiles/create_service_spec.rb
+++ b/ee/spec/services/dast_site_profiles/create_service_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe DastSiteProfiles::CreateService do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :repository, creator: user) }
+  let(:name) { FFaker::Company.catch_phrase }
+  let(:target_url) { FFaker::Internet.uri(:http) }
+
+  describe '#execute' do
+    subject { described_class.new(project, user).execute(name: name, target_url: target_url) }
+
+    let(:status) { subject.status }
+    let(:message) { subject.message }
+
+    context 'when the user does not have permission to run a dast scan' do
+      it 'returns an error status' do
+        expect(status).to eq(:error)
+      end
+
+      it 'populates message' do
+        expect(message).to eq('Insufficient permissions')
+      end
+    end
+
+    context 'when the user can run a dast scan' do
+      before do
+        project.add_developer(user)
+      end
+
+      it 'returns an error status' do
+        expect(status).to eq(:error)
+      end
+
+      it 'populates message' do
+        expect(message).to eq('Not implemented')
+      end
+    end
+  end
+end