Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
98821eb1
Commit
98821eb1
authored
Oct 15, 2018
by
Kamil Trzciński
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix pagination and preloading of resources
parent
baac8a77
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
52 additions
and
19 deletions
+52
-19
ee/app/controllers/groups/security/vulnerabilities_controller.rb
...controllers/groups/security/vulnerabilities_controller.rb
+1
-5
ee/app/models/vulnerabilities/occurrence.rb
ee/app/models/vulnerabilities/occurrence.rb
+7
-1
ee/app/models/vulnerability_feedback.rb
ee/app/models/vulnerability_feedback.rb
+4
-0
ee/app/serializers/vulnerabilities/occurrence_serializer.rb
ee/app/serializers/vulnerabilities/occurrence_serializer.rb
+12
-0
ee/lib/gitlab/vulnerabilities/occurrences_preloader.rb
ee/lib/gitlab/vulnerabilities/occurrences_preloader.rb
+5
-3
ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
...ollers/groups/security/vulnerabilities_controller_spec.rb
+23
-10
No files found.
ee/app/controllers/groups/security/vulnerabilities_controller.rb
View file @
98821eb1
...
...
@@ -6,17 +6,13 @@ class Groups::Security::VulnerabilitiesController < Groups::ApplicationControlle
def
index
@vulnerabilities
=
group
.
all_vulnerabilities
.
ordered
.
page
(
params
[
:page
])
.
per
(
10
)
.
to_a
::
Gitlab
::
Vulnerabilities
::
OccurrencesPreloader
.
new
.
preload
(
@vulnerabilities
)
# rubocop:disable CodeReuse/ActiveRecord
respond_to
do
|
format
|
format
.
json
do
render
json:
Vulnerabilities
::
OccurrenceSerializer
.
new
(
current_user:
@current_user
)
.
with_pagination
(
request
,
response
)
.
represent
(
@vulnerabilities
)
.
represent
(
@vulnerabilities
,
preload:
true
)
end
end
end
...
...
ee/app/models/vulnerabilities/occurrence.rb
View file @
98821eb1
...
...
@@ -7,6 +7,8 @@ module Vulnerabilities
self
.
table_name
=
"vulnerability_occurrences"
paginates_per
10
# Used for both severity and confidence
LEVELS
=
{
undefined:
0
,
...
...
@@ -62,6 +64,10 @@ module Vulnerabilities
scope
:ordered
,
->
{
order
(
"severity desc"
,
:id
)
}
scope
:counted_by_report_and_severity
,
->
{
group
(
:report_type
,
:severity
).
count
}
scope
:all_preloaded
,
->
do
preload
(
:scanner
,
:identifiers
,
:project
)
end
def
feedback
(
feedback_type
:)
params
=
{
project_id:
project_id
,
...
...
@@ -75,7 +81,7 @@ module Vulnerabilities
categories
=
items
.
group_by
{
|
i
|
i
[
:category
]
}
fingerprints
=
items
.
group_by
{
|
i
|
i
[
:project_fingerprint
]
}
VulnerabilityFeedback
.
where
(
VulnerabilityFeedback
.
all_preloaded
.
where
(
project_id:
project_ids
.
keys
,
category:
categories
.
keys
,
project_fingerprint:
fingerprints
.
keys
).
find_each
do
|
feedback
|
...
...
ee/app/models/vulnerability_feedback.rb
View file @
98821eb1
...
...
@@ -18,4 +18,8 @@ class VulnerabilityFeedback < ActiveRecord::Base
validates
:project_fingerprint
,
presence:
true
,
uniqueness:
{
scope:
[
:project_id
,
:category
,
:feedback_type
]
}
scope
:with_associations
,
->
{
includes
(
:pipeline
,
:issue
,
:author
)
}
scope
:all_preloaded
,
->
do
preload
(
:author
,
:project
,
:issue
,
:pipeline
)
end
end
ee/app/serializers/vulnerabilities/occurrence_serializer.rb
View file @
98821eb1
...
...
@@ -2,4 +2,16 @@ class Vulnerabilities::OccurrenceSerializer < BaseSerializer
include
WithPagination
entity
Vulnerabilities
::
OccurrenceEntity
def
represent
(
resource
,
opts
=
{})
if
paginated?
resource
=
paginator
.
paginate
(
resource
)
end
if
opts
.
delete
(
:preload
)
resource
=
Gitlab
::
Vulnerabilities
::
OccurrencesPreloader
.
preload!
(
resource
)
end
super
(
resource
,
opts
)
end
end
ee/lib/gitlab/vulnerabilities/occurrences_preloader.rb
View file @
98821eb1
...
...
@@ -7,9 +7,11 @@ module Gitlab
# vulnerabilities (occurrences).
module
Vulnerabilities
class
OccurrencesPreloader
def
preload
(
occurrences
)
occurrences
.
each
(
&
:issue_feedback
)
occurrences
.
each
(
&
:dismissal_feedback
)
def
self
.
preload!
(
occurrences
)
occurrences
.
all_preloaded
.
tap
do
|
occurrences
|
occurrences
.
each
(
&
:issue_feedback
)
occurrences
.
each
(
&
:dismissal_feedback
)
end
end
end
end
...
...
ee/spec/controllers/groups/security/vulnerabilities_controller_spec.rb
View file @
98821eb1
...
...
@@ -86,24 +86,37 @@ describe Groups::Security::VulnerabilitiesController do
end
context
'with vulnerability feedback'
do
it
"avoids N+1 queries"
do
create_vulnerabilities
(
2
,
project_dev
)
control_count
=
ActiveRecord
::
QueryRecorder
.
new
{
get_summary
}
create_vulnerabilities
(
2
,
project_guest
)
expect
{
get_summary
}.
not_to
exceed_all_query_limit
(
control_count
)
end
private
def
get_summary
get
:index
,
group_id:
group
,
format: :json
end
it
"avoids N+1 queries"
do
control_count
=
ActiveRecord
::
QueryRecorder
.
new
{
get_summary
}
# Create feedback
project_dev
.
vulnerabilities
.
each
do
|
occ
|
def
create_vulnerabilities
(
count
,
project
)
pipeline
=
create
(
:ci_empty_pipeline
,
project:
project
)
vulnerabilities
=
create_list
(
:vulnerabilities_occurrence
,
count
,
project:
project
)
vulnerabilities
.
each
do
|
occurrence
|
create
(
:vulnerability_feedback
,
:sast
,
:dismissal
,
project:
project_dev
,
project_fingerprint:
occ
.
project_fingerprint
)
pipeline:
pipeline
,
project:
project_dev
,
project_fingerprint:
occurrence
.
project_fingerprint
)
create
(
:vulnerability_feedback
,
:sast
,
:issue
,
issue:
create
(
:issue
,
project:
project
),
project:
project_dev
,
project_fingerprint:
occ
.
project_fingerprint
)
pipeline:
pipeline
,
issue:
create
(
:issue
,
project:
project_dev
),
project:
project_dev
,
project_fingerprint:
occurrence
.
project_fingerprint
)
end
expect
{
get_summary
}.
not_to
exceed_query_limit
(
control_count
)
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment