Commit 56bcfe59 authored by Thong Kuah's avatar Thong Kuah

Merge branch 'fix-use-of-ci_pipelines' into 'master'

Check use of `ci_pipelines` scope

See merge request gitlab-org/gitlab!40982
parents 3c96d96d 8d7e0955
...@@ -20,7 +20,7 @@ module Projects ...@@ -20,7 +20,7 @@ module Projects
private private
def scanned_resources def scanned_resources
pipeline = project.ci_pipelines.find(pipeline_id) pipeline = project.all_pipelines.find(pipeline_id)
@scanned_resources = pipeline&.security_reports&.reports&.fetch('dast', nil)&.scanned_resources @scanned_resources = pipeline&.security_reports&.reports&.fetch('dast', nil)&.scanned_resources
return if @scanned_resources return if @scanned_resources
......
---
title: Allow on-demand DAST pipelines to be found for scanned resource
merge_request: 40982
author:
type: fixed
...@@ -5,9 +5,9 @@ require 'spec_helper' ...@@ -5,9 +5,9 @@ require 'spec_helper'
RSpec.describe Projects::Security::ScannedResourcesController do RSpec.describe Projects::Security::ScannedResourcesController do
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:project) { create(:project, :repository) } let_it_be(:project) { create(:project, :repository) }
let_it_be(:pipeline) { create(:ci_pipeline, project: project, ref: 'master', sha: project.commit.id) }
let_it_be(:action_params) { { project_id: project, namespace_id: project.namespace, pipeline_id: pipeline } } let(:pipeline) { create(:ci_pipeline, project: project, ref: 'master', sha: project.commit.id) }
let(:action_params) { { project_id: project, namespace_id: project.namespace, pipeline_id: pipeline } }
before do before do
stub_licensed_features(dast: true, security_dashboard: true) stub_licensed_features(dast: true, security_dashboard: true)
...@@ -30,13 +30,29 @@ RSpec.describe Projects::Security::ScannedResourcesController do ...@@ -30,13 +30,29 @@ RSpec.describe Projects::Security::ScannedResourcesController do
end end
end end
context 'when the pipeline id is missing' do it 'returns the CSV data' do
let_it_be(:action_params) { { project_id: project, namespace_id: project.namespace } } expect(subject).to have_gitlab_http_status(:ok)
expect(parsed_csv_data.size).to be_positive
end
before do context 'when pipeline_id is from a dangling pipeline' do
project.add_developer(user) let(:pipeline) do
create(:ci_pipeline,
source: :ondemand_dast_scan,
project: project,
ref: 'master',
sha: project.commit.id)
end end
it 'returns the CSV data' do
expect(subject).to have_gitlab_http_status(:ok)
expect(parsed_csv_data.size).to be_positive
end
end
context 'when the pipeline id is missing' do
let(:action_params) { { project_id: project, namespace_id: project.namespace } }
it 'raises an error when pipeline_id param is missing' do it 'raises an error when pipeline_id param is missing' do
expect { subject }.to raise_error(ActionController::ParameterMissing) expect { subject }.to raise_error(ActionController::ParameterMissing)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment