Commit b3eca770 authored by Peter Leitzen's avatar Peter Leitzen

Merge branch 'ajk-gql-dast-site' into 'master'

Improvements to dast site GQL resolvers

See merge request gitlab-org/gitlab!50426
parents 7c7418b8 10b32d0b
# frozen_string_literal: true
module Mutations
module AuthorizesProject
include ResolvesProject
def authorized_find_project!(full_path:)
authorized_find!(full_path: full_path)
end
private
def find_object(full_path:)
resolve_project(full_path: full_path)
end
end
end
# frozen_string_literal: true
module Mutations
module FindsProject
private
def find_object(full_path)
Project.find_by_full_path(full_path)
end
end
end
...@@ -3,9 +3,9 @@ ...@@ -3,9 +3,9 @@
module Mutations module Mutations
module DastOnDemandScans module DastOnDemandScans
class Create < BaseMutation class Create < BaseMutation
InvalidGlobalID = Class.new(StandardError) include FindsProject
include AuthorizesProject InvalidGlobalID = Class.new(StandardError)
graphql_name 'DastOnDemandScanCreate' graphql_name 'DastOnDemandScanCreate'
...@@ -28,7 +28,7 @@ module Mutations ...@@ -28,7 +28,7 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, dast_site_profile_id:, **args) def resolve(full_path:, dast_site_profile_id:, **args)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
dast_site_profile = find_dast_site_profile(project, dast_site_profile_id) dast_site_profile = find_dast_site_profile(project, dast_site_profile_id)
dast_scanner_profile = find_dast_scanner_profile(project, args[:dast_scanner_profile_id]) dast_scanner_profile = find_dast_scanner_profile(project, args[:dast_scanner_profile_id])
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Mutations module Mutations
module DastScannerProfiles module DastScannerProfiles
class Create < BaseMutation class Create < BaseMutation
include AuthorizesProject include FindsProject
graphql_name 'DastScannerProfileCreate' graphql_name 'DastScannerProfileCreate'
...@@ -53,7 +53,7 @@ module Mutations ...@@ -53,7 +53,7 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, profile_name:, spider_timeout: nil, target_timeout: nil, scan_type:, use_ajax_spider:, show_debug_messages:) def resolve(full_path:, profile_name:, spider_timeout: nil, target_timeout: nil, scan_type:, use_ajax_spider:, show_debug_messages:)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
service = ::DastScannerProfiles::CreateService.new(project, current_user) service = ::DastScannerProfiles::CreateService.new(project, current_user)
result = service.execute( result = service.execute(
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Mutations module Mutations
module DastScannerProfiles module DastScannerProfiles
class Delete < BaseMutation class Delete < BaseMutation
include AuthorizesProject include FindsProject
graphql_name 'DastScannerProfileDelete' graphql_name 'DastScannerProfileDelete'
...@@ -24,7 +24,7 @@ module Mutations ...@@ -24,7 +24,7 @@ module Mutations
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883 # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ScannerProfileID.coerce_isolated_input(id) id = ScannerProfileID.coerce_isolated_input(id)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
service = ::DastScannerProfiles::DestroyService.new(project, current_user) service = ::DastScannerProfiles::DestroyService.new(project, current_user)
result = service.execute(id: id.model_id) result = service.execute(id: id.model_id)
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Mutations module Mutations
module DastSiteProfiles module DastSiteProfiles
class Create < BaseMutation class Create < BaseMutation
include AuthorizesProject include FindsProject
graphql_name 'DastSiteProfileCreate' graphql_name 'DastSiteProfileCreate'
...@@ -26,7 +26,7 @@ module Mutations ...@@ -26,7 +26,7 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, profile_name:, target_url: nil) def resolve(full_path:, profile_name:, target_url: nil)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
service = ::DastSiteProfiles::CreateService.new(project, current_user) service = ::DastSiteProfiles::CreateService.new(project, current_user)
result = service.execute(name: profile_name, target_url: target_url) result = service.execute(name: profile_name, target_url: target_url)
......
...@@ -3,8 +3,6 @@ ...@@ -3,8 +3,6 @@
module Mutations module Mutations
module DastSiteProfiles module DastSiteProfiles
class Delete < BaseMutation class Delete < BaseMutation
include AuthorizesProject
graphql_name 'DastSiteProfileDelete' graphql_name 'DastSiteProfileDelete'
argument :full_path, GraphQL::ID_TYPE, argument :full_path, GraphQL::ID_TYPE,
...@@ -18,7 +16,7 @@ module Mutations ...@@ -18,7 +16,7 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, id:) def resolve(full_path:, id:)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
# TODO: remove explicit coercion once compatibility layer is removed # TODO: remove explicit coercion once compatibility layer is removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883 # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
id = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id) id = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id)
...@@ -28,10 +26,16 @@ module Mutations ...@@ -28,10 +26,16 @@ module Mutations
return { errors: dast_site_profile.errors.full_messages } unless dast_site_profile.destroy return { errors: dast_site_profile.errors.full_messages } unless dast_site_profile.destroy
{ errors: [] } { errors: [] }
rescue ActiveRecord::RecordNotFound
raise_resource_not_available_error!
end end
private private
def find_object(full_path)
Project.find_by_full_path(full_path)
end
def find_dast_site_profile(project:, global_id:) def find_dast_site_profile(project:, global_id:)
project.dast_site_profiles.find(global_id.model_id) project.dast_site_profiles.find(global_id.model_id)
rescue ActiveRecord::RecordNotFound rescue ActiveRecord::RecordNotFound
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Mutations module Mutations
module DastSiteProfiles module DastSiteProfiles
class Update < BaseMutation class Update < BaseMutation
include AuthorizesProject include FindsProject
graphql_name 'DastSiteProfileUpdate' graphql_name 'DastSiteProfileUpdate'
...@@ -33,7 +33,7 @@ module Mutations ...@@ -33,7 +33,7 @@ module Mutations
# TODO: remove explicit coercion once compatibility layer has been removed # TODO: remove explicit coercion once compatibility layer has been removed
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883 # See: https://gitlab.com/gitlab-org/gitlab/-/issues/257883
service_args[:id] = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id).model_id service_args[:id] = ::Types::GlobalIDType[::DastSiteProfile].coerce_isolated_input(id).model_id
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
service = ::DastSiteProfiles::UpdateService.new(project, current_user) service = ::DastSiteProfiles::UpdateService.new(project, current_user)
result = service.execute(**service_args) result = service.execute(**service_args)
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Mutations module Mutations
module DastSiteTokens module DastSiteTokens
class Create < BaseMutation class Create < BaseMutation
include AuthorizesProject include FindsProject
graphql_name 'DastSiteTokenCreate' graphql_name 'DastSiteTokenCreate'
...@@ -30,7 +30,7 @@ module Mutations ...@@ -30,7 +30,7 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, target_url:) def resolve(full_path:, target_url:)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(project) raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(project)
response = ::DastSiteTokens::CreateService.new( response = ::DastSiteTokens::CreateService.new(
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module Mutations module Mutations
module DastSiteValidations module DastSiteValidations
class Create < BaseMutation class Create < BaseMutation
include AuthorizesProject include FindsProject
graphql_name 'DastSiteValidationCreate' graphql_name 'DastSiteValidationCreate'
...@@ -34,7 +34,7 @@ module Mutations ...@@ -34,7 +34,7 @@ module Mutations
authorize :create_on_demand_dast_scan authorize :create_on_demand_dast_scan
def resolve(full_path:, dast_site_token_id:, validation_path:, strategy: :text_file) def resolve(full_path:, dast_site_token_id:, validation_path:, strategy: :text_file)
project = authorized_find_project!(full_path: full_path) project = authorized_find!(full_path)
raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(project) raise Gitlab::Graphql::Errors::ResourceNotAvailable, 'Feature disabled' unless allowed?(project)
dast_site_token = dast_site_token_id.find dast_site_token = dast_site_token_id.find
......
...@@ -5,14 +5,12 @@ require 'spec_helper' ...@@ -5,14 +5,12 @@ require 'spec_helper'
RSpec.describe Resolvers::DastSiteProfileResolver do RSpec.describe Resolvers::DastSiteProfileResolver do
include GraphqlHelpers include GraphqlHelpers
let_it_be(:current_user) { create(:user) }
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let_it_be(:developer) { create(:user, developer_projects: [project] ) }
let_it_be(:dast_site_profile1) { create(:dast_site_profile, project: project) } let_it_be(:dast_site_profile1) { create(:dast_site_profile, project: project) }
let_it_be(:dast_site_profile2) { create(:dast_site_profile, project: project) } let_it_be(:dast_site_profile2) { create(:dast_site_profile, project: project) }
before do let(:current_user) { developer }
project.add_maintainer(current_user)
end
specify do specify do
expect(described_class).to have_nullable_graphql_type(Types::DastSiteProfileType.connection_type) expect(described_class).to have_nullable_graphql_type(Types::DastSiteProfileType.connection_type)
...@@ -21,7 +19,7 @@ RSpec.describe Resolvers::DastSiteProfileResolver do ...@@ -21,7 +19,7 @@ RSpec.describe Resolvers::DastSiteProfileResolver do
context 'when resolving a single DAST site profile' do context 'when resolving a single DAST site profile' do
subject { sync(single_dast_site_profile(id: dast_site_profile1.to_global_id)) } subject { sync(single_dast_site_profile(id: dast_site_profile1.to_global_id)) }
it { is_expected.to contain_exactly(dast_site_profile1) } it { is_expected.to eq dast_site_profile1 }
end end
context 'when resolving multiple DAST site profiles' do context 'when resolving multiple DAST site profiles' do
...@@ -32,11 +30,11 @@ RSpec.describe Resolvers::DastSiteProfileResolver do ...@@ -32,11 +30,11 @@ RSpec.describe Resolvers::DastSiteProfileResolver do
private private
def dast_site_profiles(args = {}, context = { current_user: current_user }) def dast_site_profiles
resolve(described_class, obj: project, args: args, ctx: context) resolve(described_class, obj: project, ctx: { current_user: current_user })
end end
def single_dast_site_profile(args = {}, context = { current_user: current_user }) def single_dast_site_profile(**args)
resolve(described_class, obj: project, args: args, ctx: context) resolve(described_class.single, obj: project, args: args, ctx: { current_user: current_user })
end end
end end
...@@ -23,11 +23,10 @@ RSpec.describe Resolvers::DastSiteValidationResolver do ...@@ -23,11 +23,10 @@ RSpec.describe Resolvers::DastSiteValidationResolver do
expect(described_class).to have_nullable_graphql_type(Types::DastSiteValidationType.connection_type) expect(described_class).to have_nullable_graphql_type(Types::DastSiteValidationType.connection_type)
end end
subject { sync(resolver) }
context 'when resolving multiple DAST site validations' do context 'when resolving multiple DAST site validations' do
subject { dast_site_validations(**args) }
let(:args) { {} } let(:args) { {} }
let(:resolver) { dast_site_validations(args) }
it { is_expected.to contain_exactly(dast_site_validation3, dast_site_validation2, dast_site_validation1) } it { is_expected.to contain_exactly(dast_site_validation3, dast_site_validation2, dast_site_validation1) }
...@@ -52,7 +51,8 @@ RSpec.describe Resolvers::DastSiteValidationResolver do ...@@ -52,7 +51,8 @@ RSpec.describe Resolvers::DastSiteValidationResolver do
private private
def dast_site_validations(args = {}, context = { current_user: current_user }) def dast_site_validations(**args)
context = { current_user: current_user }
resolve(described_class, obj: project, args: args, ctx: context) resolve(described_class, obj: project, args: args, ctx: context)
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment