Commit 4784d4e4 authored by Doug Stull's avatar Doug Stull

Merge branch '357008-fix-training-url' into 'master'

Add the ability to parse CWE/cwe-{number} and  {number} format for external identifier for security training url

See merge request gitlab-org/gitlab!84313
parents 73d59b9d 7059b473
...@@ -13,7 +13,7 @@ module Security ...@@ -13,7 +13,7 @@ module Security
def initialize(project, provider, identifier_external_id) def initialize(project, provider, identifier_external_id)
@project = project @project = project
@provider = provider @provider = provider
@identifier_external_id = identifier_external_id @identifier_external_id = identifier_external_id.split('-').last
end end
def execute def execute
......
...@@ -10,7 +10,7 @@ RSpec.describe Security::TrainingProviders::BaseUrlFinder do ...@@ -10,7 +10,7 @@ RSpec.describe Security::TrainingProviders::BaseUrlFinder do
describe '#execute' do describe '#execute' do
it 'raises an error if full_url is not implemented' do it 'raises an error if full_url is not implemented' do
expect { described_class.new(nil, nil, nil).execute }.to raise_error( expect { described_class.new(identifier.project, provider, identifier.external_type).execute }.to raise_error(
NotImplementedError, NotImplementedError,
'full_url must be overwritten to return training url' 'full_url must be overwritten to return training url'
) )
......
...@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::KontraUrlFinder do ...@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::KontraUrlFinder do
it 'returns full url path' do it 'returns full url path' do
expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2') expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2')
end end
context "when identifier contains CWE-{number} format" do
let_it_be(:identifier) { create(:vulnerabilities_identifier, external_type: 'cwe', external_id: "CWE-2") }
it 'returns full url path with proper mapping key' do
expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2')
end
end
end end
end end
...@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::SecureCodeWarriorUrlFinder do ...@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::SecureCodeWarriorUrlFinder do
it 'returns full url path' do it 'returns full url path' do
expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2') expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2')
end end
context "when identifier contains CWE-{number} format" do
let_it_be(:identifier) { create(:vulnerabilities_identifier, external_type: 'cwe', external_id: "CWE-2") }
it 'returns full url path with proper mapping key' do
expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2')
end
end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment