Add the ability to parse CWE-{number} format

Changelog: fixed MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/84313 EE: true

Add the ability to parse CWE-{number} format
Changelog: fixed MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/84313 EE: true
7059b473 · Subashis · d372b7c2 · 7059b473 · 7059b473 · 7059b473
Commit 7059b473 authored Apr 04, 2022 by Subashis
4 changed files
--- a/ee/app/finders/security/training_providers/base_url_finder.rb
+++ b/ee/app/finders/security/training_providers/base_url_finder.rb
@@ -13,7 +13,7 @@ module Security
      def initialize(project, provider, identifier_external_id)
        @project = project
        @provider = provider
-        @identifier_external_id = identifier_external_id
+        @identifier_external_id = identifier_external_id.split('-').last
      end

      def execute

--- a/ee/spec/finders/security/training_providers/base_url_finder_spec.rb
+++ b/ee/spec/finders/security/training_providers/base_url_finder_spec.rb
@@ -10,7 +10,7 @@ RSpec.describe Security::TrainingProviders::BaseUrlFinder do

  describe '#execute' do
    it 'raises an error if full_url is not implemented' do
-      expect { described_class.new(nil, nil, nil).execute }.to raise_error(
+      expect { described_class.new(identifier.project, provider, identifier.external_type).execute }.to raise_error(
        NotImplementedError,
        'full_url must be overwritten to return training url'
      )

--- a/ee/spec/finders/security/training_providers/kontra_url_finder_spec.rb
+++ b/ee/spec/finders/security/training_providers/kontra_url_finder_spec.rb
@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::KontraUrlFinder do
    it 'returns full url path' do
      expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2')
    end
+
+    context "when identifier contains CWE-{number} format" do
+      let_it_be(:identifier) { create(:vulnerabilities_identifier, external_type: 'cwe', external_id: "CWE-2") }
+
+      it 'returns full url path with proper mapping key' do
+        expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?cwe=2')
+      end
+    end
  end
 end
--- a/ee/spec/finders/security/training_providers/secure_code_warrior_url_finder_spec.rb
+++ b/ee/spec/finders/security/training_providers/secure_code_warrior_url_finder_spec.rb
@@ -43,5 +43,13 @@ RSpec.describe Security::TrainingProviders::SecureCodeWarriorUrlFinder do
    it 'returns full url path' do
      expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2')
    end
+
+    context "when identifier contains CWE-{number} format" do
+      let_it_be(:identifier) { create(:vulnerabilities_identifier, external_type: 'cwe', external_id: "CWE-2") }
+
+      it 'returns full url path with proper mapping key' do
+        expect(described_class.new(identifier.project, provider, identifier.external_id).full_url).to eq('example.com/?Id=gitlab&MappingList=cwe&MappingKey=2')
+      end
+    end
  end
 end