Merge branch '357008-fix-training-url' into 'master'

Add the ability to parse CWE/cwe-{number} and {number} format for external identifier for security training url See merge request gitlab-org/gitlab!84313

Merge branch '357008-fix-training-url' into 'master'
Add the ability to parse CWE/cwe-{number} and {number} format for external identifier for security training url See merge request gitlab-org/gitlab!84313
4784d4e4 · Doug Stull · 73d59b9d · 7059b473 · 4784d4e4 · 4784d4e4
Commit 4784d4e4 authored Apr 07, 2022 by Doug Stull
4 changed files
--- a/ee/app/finders/security/training_providers/base_url_finder.rb
+++ b/ee/app/finders/security/training_providers/base_url_finder.rb
@@ -13,7 +13,7 @@ module Security
      def initialize(project, provider, identifier_external_id)
        @project = project
        @provider = provider
-        @identifier_external_id = identifier_external_id
+        @identifier_external_id = identifier_external_id.split('-').last
      end
      def execute

--- a/ee/spec/finders/security/training_providers/base_url_finder_spec.rb
+++ b/ee/spec/finders/security/training_providers/base_url_finder_spec.rb
@@ -10,7 +10,7 @@ RSpec.describe Security::TrainingProviders::BaseUrlFinder do
  describe '#execute' do
    it 'raises an error if full_url is not implemented' do
-      expect { described_class.new(nil, nil, nil).execute }.to raise_error(
+      expect { described_class.new(identifier.project, provider, identifier.external_type).execute }.to raise_error(
        NotImplementedError,
        'full_url must be overwritten to return training url'
      )

--- a/ee/spec/finders/security/training_providers/kontra_url_finder_spec.rb
+++ b/ee/spec/finders/security/training_providers/kontra_url_finder_spec.rb
@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::KontraUrlFinder do
    it 'returns full url path' do
      expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2')
    end
+    context "when identifier contains CWE-{number} format" do
+      let_it_be(:identifier) { create(:vulnerabilities_identifier, external_type: 'cwe', external_id: "CWE-2") }
+      it 'returns full url path with proper mapping key' do
+        expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2')
+      end
+    end
  end
 end
--- a/ee/spec/finders/security/training_providers/secure_code_warrior_url_finder_spec.rb
+++ b/ee/spec/finders/security/training_providers/secure_code_warrior_url_finder_spec.rb
@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::SecureCodeWarriorUrlFinder do
    it 'returns full url path' do
      expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2')
    end
+    context "when identifier contains CWE-{number} format" do
+      let_it_be(:identifier) { create(:vulnerabilities_identifier, external_type: 'cwe', external_id: "CWE-2") }
+      it 'returns full url path with proper mapping key' do
+        expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2')
+      end
+    end
  end
 end