Rename approval rule `security` enum as `vulnerability`

This change will make it easier to understand what the enum stands for.

Rename approval rule `security` enum as `vulnerability`
This change will make it easier to understand what the enum stands for.
59117bea · Mehmet Emin INAC · dabad744 · 59117bea · 59117bea · 59117bea
Commit 59117bea authored Oct 19, 2020 by Mehmet Emin INAC
9 changed files
--- a/ee/app/models/approval_merge_request_rule.rb
+++ b/ee/app/models/approval_merge_request_rule.rb
@@ -55,12 +55,12 @@ class ApprovalMergeRequestRule < ApplicationRecord
  alias_method :code_owner, :code_owner?
  enum report_type: {
-    security: 1,
+    vulnerability: 1,
    license_scanning: 2
  }
-  scope :security_report, -> { report_approver.where(report_type: :security) }
+  scope :vulnerability_report, -> { report_approver.vulnerability }
-  scope :license_compliance, -> { report_approver.where(report_type: :license_scanning) }
+  scope :license_compliance, -> { report_approver.license_scanning }
  scope :with_head_pipeline, -> { includes(merge_request: [:head_pipeline]) }
  scope :open_merge_requests, -> { merge(MergeRequest.opened) }
  scope :for_checks_that_can_be_refreshed, -> { license_compliance.open_merge_requests.with_head_pipeline }

--- a/ee/app/models/concerns/approval_rule_like.rb
+++ b/ee/app/models/concerns/approval_rule_like.rb
@@ -5,10 +5,10 @@ module ApprovalRuleLike
  DEFAULT_NAME = 'Default'
  DEFAULT_NAME_FOR_LICENSE_REPORT = 'License-Check'
-  DEFAULT_NAME_FOR_SECURITY_REPORT = 'Vulnerability-Check'
+  DEFAULT_NAME_FOR_VULNERABILITY_REPORT = 'Vulnerability-Check'
  REPORT_TYPES_BY_DEFAULT_NAME = {
    DEFAULT_NAME_FOR_LICENSE_REPORT => :license_scanning,
-    DEFAULT_NAME_FOR_SECURITY_REPORT => :security
+    DEFAULT_NAME_FOR_VULNERABILITY_REPORT => :vulnerability
  }.freeze
  APPROVALS_REQUIRED_MAX = 100
  ALL_MEMBERS = 'All Members'

--- a/ee/app/services/security/sync_reports_to_approval_rules_service.rb
+++ b/ee/app/services/security/sync_reports_to_approval_rules_service.rb
@@ -42,7 +42,7 @@ module Security
      # If we don't have reports, then we should wait until pipeline stops.
      return if reports.empty? && !pipeline.complete?
-      remove_required_approvals_for(ApprovalMergeRequestRule.security_report, sync_required_merge_requests)
+      remove_required_approvals_for(ApprovalMergeRequestRule.vulnerability_report, sync_required_merge_requests)
    end
    def reports

--- a/ee/spec/factories/approval_rules.rb
+++ b/ee/spec/factories/approval_rules.rb
@@ -21,7 +21,7 @@ FactoryBot.define do
  factory :report_approver_rule, parent: :approval_merge_request_rule do
    merge_request
    rule_type { :report_approver }
-    report_type { :security }
+    report_type { :vulnerability }
    sequence(:name) { |n| "*-#{n}.js" }
    trait :requires_approval do
@@ -48,13 +48,13 @@ FactoryBot.define do
      approvals_required { rand(1..ApprovalProjectRule::APPROVALS_REQUIRED_MAX) }
    end
-    trait :security_report do
+    trait :vulnerability_report do
      rule_type { :report_approver }
-      name { ApprovalRuleLike::DEFAULT_NAME_FOR_SECURITY_REPORT }
+      name { ApprovalRuleLike::DEFAULT_NAME_FOR_VULNERABILITY_REPORT }
    end
-    trait :security do
+    trait :vulnerability do
-      security_report
+      vulnerability_report
    end
    trait :license_scanning do

--- a/ee/spec/models/approval_merge_request_rule_spec.rb
+++ b/ee/spec/models/approval_merge_request_rule_spec.rb
@@ -136,9 +136,9 @@ RSpec.describe ApprovalMergeRequestRule do
      end
    end
-    describe '.security_report' do
+    describe '.vulnerability_report' do
      it 'returns the correct rules' do
-        expect(described_class.security_report)
+        expect(described_class.vulnerability_report)
          .to contain_exactly(report_approver_rule)
      end
    end

--- a/ee/spec/models/approval_project_rule_spec.rb
+++ b/ee/spec/models/approval_project_rule_spec.rb
@@ -21,7 +21,7 @@ RSpec.describe ApprovalProjectRule do
  describe '.regular' do
    it 'returns non-report_approver records' do
      rules = create_list(:approval_project_rule, 2)
-      create(:approval_project_rule, :security_report)
+      create(:approval_project_rule, :vulnerability_report)
      expect(described_class.regular).to contain_exactly(*rules)
    end
@@ -31,7 +31,7 @@ RSpec.describe ApprovalProjectRule do
    it 'returns regular or any-approver rules' do
      any_approver_rule = create(:approval_project_rule, rule_type: :any_approver)
      regular_rule = create(:approval_project_rule)
-      create(:approval_project_rule, :security_report)
+      create(:approval_project_rule, :vulnerability_report)
      expect(described_class.regular_or_any_approver).to(
        contain_exactly(any_approver_rule, regular_rule)
@@ -48,14 +48,14 @@ RSpec.describe ApprovalProjectRule do
  end
  describe '#regular?' do
-    let(:security_approver_rule) { build(:approval_project_rule, :security_report) }
+    let(:vulnerability_approver_rule) { build(:approval_project_rule, :vulnerability_report) }
    it 'returns true for regular rules' do
      expect(subject.regular?).to eq(true)
    end
    it 'returns false for report_approver rules' do
-      expect(security_approver_rule.regular?). to eq(false)
+      expect(vulnerability_approver_rule.regular?). to eq(false)
    end
  end
@@ -66,14 +66,14 @@ RSpec.describe ApprovalProjectRule do
  end
  describe '#report_approver?' do
-    let(:security_approver_rule) { build(:approval_project_rule, :security_report) }
+    let(:vulnerability_approver_rule) { build(:approval_project_rule, :vulnerability_report) }
    it 'returns false for regular rules' do
      expect(subject.report_approver?).to eq(false)
    end
    it 'returns true for report_approver rules' do
-      expect(security_approver_rule.report_approver?). to eq(true)
+      expect(vulnerability_approver_rule.report_approver?). to eq(true)
    end
  end
@@ -82,8 +82,8 @@ RSpec.describe ApprovalProjectRule do
      expect(build(:approval_project_rule).rule_type).to eq('regular')
    end
-    it 'returns the report_approver type for security report approvers rules' do
+    it 'returns the report_approver type for vulnerability report approvers rules' do
-      expect(build(:approval_project_rule, :security_report).rule_type).to eq('report_approver')
+      expect(build(:approval_project_rule, :vulnerability_report).rule_type).to eq('report_approver')
    end
  end
@@ -114,7 +114,7 @@ RSpec.describe ApprovalProjectRule do
  describe "validation" do
    let(:project_approval_rule) { create(:approval_project_rule) }
    let(:license_compliance_rule) { create(:approval_project_rule, :license_scanning) }
-    let(:vulnerability_check_rule) { create(:approval_project_rule, :security) }
+    let(:vulnerability_check_rule) { create(:approval_project_rule, :vulnerability) }
    context "when creating a new rule" do
      specify { expect(project_approval_rule).to be_valid }
@@ -166,7 +166,7 @@ RSpec.describe ApprovalProjectRule do
    let_it_be(:new_user) { create(:user, name: 'Spiderman') }
    let_it_be(:new_group) { create(:group, name: 'Avengers') }
-    let_it_be(:rule, reload: true) { create(:approval_project_rule, name: 'Security', users: [user], groups: [group]) }
+    let_it_be(:rule, reload: true) { create(:approval_project_rule, name: 'Vulnerability', users: [user], groups: [group]) }
    shared_examples 'auditable' do
      context 'when audit event queue is active' do
@@ -196,28 +196,28 @@ RSpec.describe ApprovalProjectRule do
    describe '#audit_add users after :add' do
      let(:action!) { rule.update(users: [user, new_user]) }
-      let(:message) { 'Added User Spiderman to approval group on Security rule' }
+      let(:message) { 'Added User Spiderman to approval group on Vulnerability rule' }
      it_behaves_like 'auditable'
    end
    describe '#audit_remove users after :remove' do
      let(:action!) { rule.update(users: []) }
-      let(:message) { 'Removed User Batman from approval group on Security rule' }
+      let(:message) { 'Removed User Batman from approval group on Vulnerability rule' }
      it_behaves_like 'auditable'
    end
    describe '#audit_add groups after :add' do
      let(:action!) { rule.update(groups: [group, new_group]) }
-      let(:message) { 'Added Group Avengers to approval group on Security rule' }
+      let(:message) { 'Added Group Avengers to approval group on Vulnerability rule' }
      it_behaves_like 'auditable'
    end
    describe '#audit_remove groups after :remove' do
      let(:action!) { rule.update(groups: []) }
-      let(:message) { 'Removed Group Justice League from approval group on Security rule' }
+      let(:message) { 'Removed Group Justice League from approval group on Vulnerability rule' }
      it_behaves_like 'auditable'
    end

--- a/ee/spec/requests/api/project_approval_rules_spec.rb
+++ b/ee/spec/requests/api/project_approval_rules_spec.rb
@@ -16,7 +16,7 @@ RSpec.describe API::ProjectApprovalRules do
    context 'when the request is correct' do
      let!(:rule) do
-        rule = create(:approval_project_rule, name: 'security', project: project, approvals_required: 7)
+        rule = create(:approval_project_rule, name: 'vulnerability', project: project, approvals_required: 7)
        rule.users << approver
        rule
      end
@@ -40,7 +40,7 @@ RSpec.describe API::ProjectApprovalRules do
        rule = json.first
        expect(rule['approvals_required']).to eq(7)
-        expect(rule['name']).to eq('security')
+        expect(rule['name']).to eq('vulnerability')
      end
      context 'private group filtering' do
@@ -73,7 +73,7 @@ RSpec.describe API::ProjectApprovalRules do
      context 'report_approver rules' do
        let!(:report_approver_rule) do
-          create(:approval_project_rule, :security_report, project: project)
+          create(:approval_project_rule, :vulnerability_report, project: project)
        end
        it 'includes report_approver rules' do

--- a/ee/spec/requests/api/project_approval_settings_spec.rb
+++ b/ee/spec/requests/api/project_approval_settings_spec.rb
@@ -16,7 +16,7 @@ RSpec.describe API::ProjectApprovalSettings do
    context 'when the request is correct' do
      let!(:rule) do
-        rule = create(:approval_project_rule, name: 'security', project: project, approvals_required: 7)
+        rule = create(:approval_project_rule, name: 'vulnerability', project: project, approvals_required: 7)
        rule.users << approver
        rule
      end
@@ -40,7 +40,7 @@ RSpec.describe API::ProjectApprovalSettings do
        rule = json['rules'].first
        expect(rule['approvals_required']).to eq(7)
-        expect(rule['name']).to eq('security')
+        expect(rule['name']).to eq('vulnerability')
      end
      context 'when target_branch is specified' do
@@ -103,7 +103,7 @@ RSpec.describe API::ProjectApprovalSettings do
      context 'report_approver rules' do
        let!(:report_approver_rule) do
-          create(:approval_project_rule, :security_report, project: project)
+          create(:approval_project_rule, :vulnerability_report, project: project)
        end
        it 'includes report_approver rules' do

--- a/ee/spec/services/merge_requests/sync_report_approver_approval_rules_spec.rb
+++ b/ee/spec/services/merge_requests/sync_report_approver_approval_rules_spec.rb
@@ -12,35 +12,35 @@ RSpec.describe MergeRequests::SyncReportApproverApprovalRules do
      stub_licensed_features(report_approver_rules: true)
    end
-    context "when a project has a single `#{ApprovalProjectRule::DEFAULT_NAME_FOR_SECURITY_REPORT}` approval rule" do
+    context "when a project has a single `#{ApprovalProjectRule::DEFAULT_NAME_FOR_VULNERABILITY_REPORT}` approval rule" do
-      let!(:security_approval_project_rule) { create(:approval_project_rule, :security_report, project: merge_request.target_project, approvals_required: 2) }
+      let!(:vulnerability_approval_project_rule) { create(:approval_project_rule, :vulnerability_report, project: merge_request.target_project, approvals_required: 2) }
      context 'when report_approver_rules are enabled' do
        let!(:regular_approval_project_rule) { create(:approval_project_rule, project: merge_request.target_project) }
        it 'creates rule for report approvers' do
          expect { service.execute }
-            .to change { merge_request.approval_rules.security_report.count }.from(0).to(1)
+            .to change { merge_request.approval_rules.vulnerability_report.count }.from(0).to(1)
-          rule = merge_request.approval_rules.security_report.first
+          rule = merge_request.approval_rules.vulnerability_report.first
          expect(rule).to be_report_approver
-          expect(rule.report_type).to eq 'security'
+          expect(rule.report_type).to eq 'vulnerability'
-          expect(rule.name).to eq(security_approval_project_rule.name)
+          expect(rule.name).to eq(vulnerability_approval_project_rule.name)
-          expect(rule.approval_project_rule).to eq(security_approval_project_rule)
+          expect(rule.approval_project_rule).to eq(vulnerability_approval_project_rule)
        end
        it 'updates previous rules if defined' do
          mr_rule = create(:report_approver_rule, merge_request: merge_request, approvals_required: 0)
          expect { service.execute }
-            .not_to change { merge_request.approval_rules.security_report.count }
+            .not_to change { merge_request.approval_rules.vulnerability_report.count }
          expect(mr_rule.reload).to be_report_approver
-          expect(mr_rule.report_type).to eq 'security'
+          expect(mr_rule.report_type).to eq 'vulnerability'
-          expect(mr_rule.name).to eq(security_approval_project_rule.name)
+          expect(mr_rule.name).to eq(vulnerability_approval_project_rule.name)
-          expect(mr_rule.approvals_required).to eq security_approval_project_rule.approvals_required
+          expect(mr_rule.approvals_required).to eq vulnerability_approval_project_rule.approvals_required
-          expect(mr_rule.approval_project_rule).to eq(security_approval_project_rule)
+          expect(mr_rule.approval_project_rule).to eq(vulnerability_approval_project_rule)
        end
      end
    end
@@ -76,11 +76,11 @@ RSpec.describe MergeRequests::SyncReportApproverApprovalRules do
    end
    context "when a project has multiple report approval rules" do
-      let!(:vulnerability_project_rule) { create(:approval_project_rule, :security_report, project: merge_request.target_project) }
+      let!(:vulnerability_project_rule) { create(:approval_project_rule, :vulnerability_report, project: merge_request.target_project) }
      let!(:license_compliance_project_rule) { create(:approval_project_rule, :license_scanning, project: merge_request.target_project) }
      context "when none of the rules have been synchronized to the merge request yet" do
-        let(:vulnerability_check_rule) { merge_request.reload.approval_rules.security.last }
+        let(:vulnerability_check_rule) { merge_request.reload.approval_rules.vulnerability_report.last }
        let(:license_check_rule) { merge_request.reload.approval_rules.find_by(name: ApprovalProjectRule::DEFAULT_NAME_FOR_LICENSE_REPORT) }
        before do
@@ -95,7 +95,7 @@ RSpec.describe MergeRequests::SyncReportApproverApprovalRules do
        specify { expect(merge_request.reload.approval_rules.count).to be(2) }
        specify { expect(vulnerability_check_rule).to be_report_approver }
        specify { expect(vulnerability_check_rule.approvals_required).to eql(vulnerability_project_rule.approvals_required) }
-        specify { expect(vulnerability_check_rule).to be_security }
+        specify { expect(vulnerability_check_rule).to be_vulnerability }
        specify { expect(vulnerability_check_rule.name).to eq(vulnerability_project_rule.name) }
        specify { expect(vulnerability_check_rule.approval_project_rule).to eq(vulnerability_project_rule) }
        specify { expect(license_check_rule).to be_report_approver }
@@ -113,7 +113,7 @@ RSpec.describe MergeRequests::SyncReportApproverApprovalRules do
        end
        specify { expect(merge_request.reload.approval_rules.count).to be(2) }
-        specify { expect(merge_request.reload.approval_rules.security_report.count).to be(1) }
+        specify { expect(merge_request.reload.approval_rules.vulnerability_report.count).to be(1) }
        specify { expect(merge_request.reload.approval_rules.where(report_type: :license_scanning)).to match_array([previous_rule]) }
      end
    end