Merge branch '296855-fix-broken-dismissal-description' into 'master'

Fix broken dismissal descriptions in Vulnerability details view See merge request gitlab-org/gitlab!58431

Merge branch '296855-fix-broken-dismissal-description' into 'master'
Fix broken dismissal descriptions in Vulnerability details view See merge request gitlab-org/gitlab!58431
3ca9a250 · Igor Drozdov · 1834ff50 · 9171bb29 · 3ca9a250 · 3ca9a250
Commit 3ca9a250 authored Apr 07, 2021 by Igor Drozdov
6 changed files
--- a/app/graphql/types/base_enum.rb
+++ b/app/graphql/types/base_enum.rb
@@ -22,8 +22,7 @@ module Types
        description(enum_mod.description) if use_description
        enum_mod.definition.each do |key, content|
-          desc = content.delete(:description)
+          value(key.to_s.upcase, **content)
-          value(key.to_s.upcase, description: desc, **content)
        end
      end

--- a/ee/app/helpers/vulnerabilities_helper.rb
+++ b/ee/app/helpers/vulnerabilities_helper.rb
@@ -24,12 +24,17 @@ module VulnerabilitiesHelper
      pipeline: vulnerability_pipeline_data(pipeline),
      can_modify_related_issues: current_user.can?(:admin_vulnerability_issue_link, vulnerability),
      issue_tracking_help_path: help_page_path('user/project/settings', anchor: 'sharing-and-permissions'),
-      permissions_help_path: help_page_path('user/permissions', anchor: 'project-members-permissions')
+      permissions_help_path: help_page_path('user/permissions', anchor: 'project-members-permissions'),
+      dismissal_descriptions: dismissal_descriptions
    }
    result.merge(vulnerability_data(vulnerability), vulnerability_finding_data(vulnerability))
  end
+  def dismissal_descriptions
+    Vulnerabilities::DismissalReasonEnum.definition.transform_values { |v| v[:description] }
+  end
  def new_issue_url_for(vulnerability)
    return unless vulnerability.project.issues_enabled?

--- a/ee/app/serializers/vulnerabilities/feedback_entity.rb
+++ b/ee/app/serializers/vulnerabilities/feedback_entity.rb
@@ -50,9 +50,6 @@ class Vulnerabilities::FeedbackEntity < Grape::Entity
  expose :project_fingerprint
  expose :dismissal_reason
-  expose :dismissal_descriptions do |feedback|
-    Vulnerabilities::DismissalReasonEnum.definition.transform_values { |v| v[:description] }
-  end
  alias_method :feedback, :object

--- a/ee/changelogs/unreleased/296855-fix-broken-dismissal-description.yml
+++ b/ee/changelogs/unreleased/296855-fix-broken-dismissal-description.yml
+---
+title: Fix broken dismissal descriptions in vulnerability details view
+merge_request: 58431
+author:
+type: fixed
--- a/ee/spec/helpers/vulnerabilities_helper_spec.rb
+++ b/ee/spec/helpers/vulnerabilities_helper_spec.rb
@@ -162,6 +162,22 @@ RSpec.describe VulnerabilitiesHelper do
        it { is_expected.to be_falsey }
      end
    end
+    context 'dismissal descriptions' do
+      let(:expected_descriptions) do
+        {
+          acceptable_risk: "The vulnerability is known, and has not been remediated or mitigated, but is considered to be an acceptable business risk.",
+          false_positive: "An error in reporting in which a test result incorrectly indicates the presence of a vulnerability in a system when the vulnerability is not present.",
+          mitigating_control: "A management, operational, or technical control (that is, safeguard or countermeasure) employed by an organization that provides equivalent or comparable protection for an information system.",
+          used_in_tests: "The finding is not a vulnerability because it is part of a test or is test data.",
+          not_applicable: "The vulnerability is known, and has not been remediated or mitigated, but is considered to be in a part of the application that will not be updated."
+        }
+      end
+      it 'incldues dismissal descriptions' do
+        expect(subject[:dismissal_descriptions]).to eq(expected_descriptions)
+      end
+    end
  end
  describe '#create_jira_issue_url_for' do
@@ -294,7 +310,6 @@ RSpec.describe VulnerabilitiesHelper do
      it 'returns dismissal feedback information', :aggregate_failures do
        dismissal_feedback = subject[:dismissal_feedback]
        expect(dismissal_feedback[:dismissal_reason]).to eq(feedback.dismissal_reason)
-        expect(dismissal_feedback[:dismissal_descriptions]).to eq(Vulnerabilities::DismissalReasonEnum.definition.transform_values { |v| v[:description] })
        expect(dismissal_feedback[:comment_details][:comment]).to eq(feedback.comment)
      end
    end

--- a/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
+++ b/ee/spec/serializers/vulnerabilities/feedback_entity_spec.rb
@@ -194,12 +194,4 @@ RSpec.describe Vulnerabilities::FeedbackEntity do
      expect(subject[:dismissal_reason]).to eq(feedback.dismissal_reason)
    end
  end
-  context 'when dismissal descriptions are available' do
-    let(:feedback) { build_stubbed(:vulnerability_feedback, :dismissal, project: project) }
-    it 'exposes dismissal_descriptions' do
-      expect(subject[:dismissal_descriptions]).to eq(Vulnerabilities::DismissalReasonEnum.definition.transform_values { |v| v[:description] })
-    end
-  end
 end