Commit b6854212 authored by Douglas Barbosa Alexandre's avatar Douglas Barbosa Alexandre

Merge branch 'add-enum-vuln-concern' into 'master'

refactor: Extract vulnerability enums into concern [RUN AS-IF-FOSS]

See merge request gitlab-org/gitlab!49865
parents 0a234010 94ee37f1
# frozen_string_literal: true
module Enums
module Vulnerability
CONFIDENCE_LEVELS = {
# undefined: 0, no longer applicable
ignore: 1,
unknown: 2,
experimental: 3,
low: 4,
medium: 5,
high: 6,
confirmed: 7
}.with_indifferent_access.freeze
REPORT_TYPES = {
sast: 0,
secret_detection: 4
}.with_indifferent_access.freeze
SEVERITY_LEVELS = {
# undefined: 0, no longer applicable
info: 1,
unknown: 2,
# experimental: 3, formerly used by confidence, no longer applicable
low: 4,
medium: 5,
high: 6,
critical: 7
}.with_indifferent_access.freeze
def self.confidence_levels
CONFIDENCE_LEVELS
end
def self.report_types
REPORT_TYPES
end
def self.severity_levels
SEVERITY_LEVELS
end
end
end
Enums::Vulnerability.prepend_if_ee('EE::Enums::Vulnerability')
......@@ -11,7 +11,7 @@ module Representation
attr_reader :raw_entry
def report_type
::Vulnerabilities::Finding::REPORT_TYPES.key(@report_type) || @report_type
::Enums::Vulnerability.report_types.key(@report_type) || @report_type
end
def ==(other)
......
......@@ -25,7 +25,7 @@ module Resolvers
private
def generate_missing_dates(calendar_entries, start_date, end_date)
severities = ::Vulnerabilities::Finding::SEVERITY_LEVELS.keys
severities = ::Enums::Vulnerability.severity_levels.keys
(start_date..end_date)
.each_with_object({}) { |date, result| result[date] = build_calendar_entry(date, calendar_entries[date], result[date - 1.day]) }
.values
......
......@@ -6,7 +6,7 @@ module Types
graphql_name 'SecurityReportSummary'
description 'Represents summary of a security report'
::Vulnerabilities::Finding::REPORT_TYPES.keys.each do |report_type|
::Enums::Vulnerability.report_types.keys.each do |report_type|
field report_type, ::Types::SecurityReportSummarySectionType, null: true,
description: "Aggregated counts for the #{report_type} scan"
end
......
......@@ -12,7 +12,7 @@ module Types
field :total, GraphQL::INT_TYPE, null: false,
description: 'Total number of vulnerabilities on a particular day'
::Vulnerabilities::Finding::SEVERITY_LEVELS.keys.each do |severity|
::Enums::Vulnerability.severity_levels.keys.each do |severity|
field severity.to_s, GraphQL::INT_TYPE, null: false,
description: "Total number of vulnerabilities on a particular day with #{severity} severity"
end
......
......@@ -29,7 +29,7 @@ module Types
when 'coverage_fuzzing'
VulnerabilityLocation::CoverageFuzzingType
else
raise UnexpectedReportType, "Report type must be one of #{::Vulnerabilities::Finding::REPORT_TYPES.keys}"
raise UnexpectedReportType, "Report type must be one of #{::Enums::Vulnerability.report_types.keys}"
end
end
end
......
......@@ -5,7 +5,7 @@ module Types
graphql_name 'VulnerabilityReportType'
description 'The type of the security scan that found the vulnerability'
::Vulnerabilities::Finding::REPORT_TYPES.keys.each do |report_type|
::Enums::Vulnerability.report_types.keys.each do |report_type|
value report_type.to_s.upcase, value: report_type.to_s
end
end
......
......@@ -6,7 +6,7 @@ module Types
graphql_name 'VulnerabilitySeveritiesCount'
description 'Represents vulnerability counts by severity'
::Vulnerabilities::Finding::SEVERITY_LEVELS.keys.each do |severity|
::Enums::Vulnerability.severity_levels.keys.each do |severity|
field severity, GraphQL::INT_TYPE, null: true,
description: "Number of vulnerabilities of #{severity.upcase} severity of the project"
end
......
......@@ -5,7 +5,7 @@ module Types
graphql_name 'VulnerabilitySeverity'
description 'The severity of the vulnerability'
::Vulnerabilities::Finding::SEVERITY_LEVELS.keys.each do |severity|
::Enums::Vulnerability.severity_levels.keys.each do |severity|
value severity.to_s.upcase, value: severity.to_s
end
end
......
......@@ -24,10 +24,10 @@ module Types
description: "State of the vulnerability (#{::Vulnerability.states.keys.join(', ').upcase})"
field :severity, VulnerabilitySeverityEnum, null: true,
description: "Severity of the vulnerability (#{::Vulnerabilities::Finding::SEVERITY_LEVELS.keys.join(', ').upcase})"
description: "Severity of the vulnerability (#{::Enums::Vulnerability.severity_levels.keys.join(', ').upcase})"
field :report_type, VulnerabilityReportTypeEnum, null: true,
description: "Type of the security report that found the vulnerability (#{::Vulnerabilities::Finding::REPORT_TYPES.keys.join(', ').upcase})"
description: "Type of the security report that found the vulnerability (#{::Enums::Vulnerability.report_types.keys.join(', ').upcase})"
field :resolved_on_default_branch, GraphQL::BOOLEAN_TYPE, null: false,
description: "Indicates whether the vulnerability is fixed on the default branch or not"
......
# frozen_string_literal: true
module EE
module Enums
module Vulnerability
extend ActiveSupport::Concern
REPORT_TYPES = {
dependency_scanning: 1,
container_scanning: 2,
dast: 3,
coverage_fuzzing: 5,
api_fuzzing: 6
}.freeze
class_methods do
extend ::Gitlab::Utils::Override
override :report_types
def report_types
@report_types ||= super.merge(REPORT_TYPES).sort_by(&:last).to_h.with_indifferent_access.freeze
end
end
end
end
end
......@@ -59,9 +59,9 @@ module EE
# keep the order of the values in the state enum, it is used in state_order method to properly order vulnerabilities based on state
# remember to recreate index_vulnerabilities_on_state_case_id index when you update or extend this enum
enum state: { detected: 1, confirmed: 4, resolved: 3, dismissed: 2 }
enum severity: ::Vulnerabilities::Finding::SEVERITY_LEVELS, _prefix: :severity
enum confidence: ::Vulnerabilities::Finding::CONFIDENCE_LEVELS, _prefix: :confidence
enum report_type: ::Vulnerabilities::Finding::REPORT_TYPES
enum severity: ::Enums::Vulnerability.severity_levels, _prefix: :severity
enum confidence: ::Enums::Vulnerability.confidence_levels, _prefix: :confidence
enum report_type: ::Enums::Vulnerability.report_types
validates :project, :author, :title, :severity, :confidence, :report_type, presence: true
......
......@@ -16,10 +16,8 @@ module Security
has_one :build, through: :scan
# TODO: These are duplicated between this model and Vulnerabilities::Finding,
# we should create a shared module to encapculate this in one place.
enum confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS, _prefix: :confidence
enum severity: Vulnerabilities::Finding::SEVERITY_LEVELS, _prefix: :severity
enum confidence: ::Enums::Vulnerability.confidence_levels, _prefix: :confidence
enum severity: ::Enums::Vulnerability.severity_levels, _prefix: :severity
validates :project_fingerprint, presence: true, length: { maximum: 40 }
validates :position, presence: true
......
......@@ -15,7 +15,7 @@ module Vulnerabilities
attr_accessor :vulnerability_data
enum feedback_type: { dismissal: 0, issue: 1, merge_request: 2 }, _prefix: :for
enum category: ::Vulnerabilities::Finding::REPORT_TYPES
enum category: ::Enums::Vulnerability.report_types
validates :project, presence: true
validates :author, presence: true
......
......@@ -39,41 +39,9 @@ module Vulnerabilities
attr_writer :sha
attr_accessor :scan
CONFIDENCE_LEVELS = {
# undefined: 0, no longer applicable
ignore: 1,
unknown: 2,
experimental: 3,
low: 4,
medium: 5,
high: 6,
confirmed: 7
}.with_indifferent_access.freeze
SEVERITY_LEVELS = {
# undefined: 0, no longer applicable
info: 1,
unknown: 2,
# experimental: 3, formerly used by confidence, no longer applicable
low: 4,
medium: 5,
high: 6,
critical: 7
}.with_indifferent_access.freeze
REPORT_TYPES = {
sast: 0,
dependency_scanning: 1,
container_scanning: 2,
dast: 3,
secret_detection: 4,
coverage_fuzzing: 5,
api_fuzzing: 6
}.with_indifferent_access.freeze
enum confidence: CONFIDENCE_LEVELS, _prefix: :confidence
enum report_type: REPORT_TYPES
enum severity: SEVERITY_LEVELS, _prefix: :severity
enum confidence: ::Enums::Vulnerability.confidence_levels, _prefix: :confidence
enum report_type: ::Enums::Vulnerability.report_types
enum severity: ::Enums::Vulnerability.severity_levels, _prefix: :severity
validates :scanner, presence: true
validates :project, presence: true
......@@ -124,7 +92,7 @@ module Vulnerabilities
def self.counted_by_severity
group(:severity).count.transform_keys do |severity|
SEVERITY_LEVELS[severity]
severities[severity]
end
end
......
......@@ -27,7 +27,7 @@ module Vulnerabilities
select(
arel_table[:date],
arel_table[:total].sum.as('total'),
*Finding::SEVERITY_LEVELS.map { |severity, _| arel_table[severity].sum.as(severity.to_s) }
*::Enums::Vulnerability.severity_levels.map { |severity, _| arel_table[severity].sum.as(severity.to_s) }
)
end
scope :grouped_by_date, -> (sort = :asc) do
......
......@@ -75,7 +75,7 @@ module Security
level_i = dep_i.dig(:vulnerabilities, 0, :severity) || :info
level_j = dep_j.dig(:vulnerabilities, 0, :severity) || :info
::Vulnerabilities::Finding::SEVERITY_LEVELS[level_j] <=> ::Vulnerabilities::Finding::SEVERITY_LEVELS[level_i]
::Enums::Vulnerability.severity_levels[level_j] <=> ::Enums::Vulnerability.severity_levels[level_i]
end
end
end
......
......@@ -72,8 +72,8 @@ module Security
if a_severity == b_severity
a.compare_key <=> b.compare_key
else
Vulnerabilities::Finding::SEVERITY_LEVELS[b_severity] <=>
Vulnerabilities::Finding::SEVERITY_LEVELS[a_severity]
::Enums::Vulnerability.severity_levels[b_severity] <=>
::Enums::Vulnerability.severity_levels[a_severity]
end
end
end
......
......@@ -5,7 +5,7 @@ module Security
include Gitlab::Utils::StrongMemoize
# @param [Ci::Pipeline] pipeline
# @param [Hash[Symbol, Array[Symbol]] selection_information keys must be in the set of Vulnerabilities::Finding::REPORT_TYPES for example: {dast: [:scanned_resources_count, :vulnerabilities_count], container_scanning:[:vulnerabilities_count]}
# @param [Hash[Symbol, Array[Symbol]] selection_information keys must be in the set of Enums::Vulnerability.report_types for example: {dast: [:scanned_resources_count, :vulnerabilities_count], container_scanning:[:vulnerabilities_count]}
def initialize(pipeline, selection_information)
@pipeline = pipeline
@selection_information = selection_information
......
......@@ -6,7 +6,7 @@ module Security
#
class ScannedResourcesCountingService
# @param [Ci::Pipeline] pipeline
# @param Array[Symbol] report_types Summary report types. Valid values are members of Vulnerabilities::Finding::REPORT_TYPES
# @param Array[Symbol] report_types Summary report types. Valid values are members of Enums::Vulnerability.report_types
def initialize(pipeline, report_types)
@pipeline = pipeline
@report_types = report_types
......
......@@ -6,7 +6,7 @@ module Security
#
class ScannedResourcesService
# @param [Ci::Pipeline] pipeline
# @param Array[Symbol] report_types Summary report types. Valid values are members of Vulnerabilities::Finding::REPORT_TYPES
# @param Array[Symbol] report_types Summary report types. Valid values are members of Enums::Vulnerability.report_types
# @param [Int] The maximum number of scanned resources to return
def initialize(pipeline, report_types, limit = nil)
@pipeline = pipeline
......
......@@ -6,7 +6,7 @@ module Security
#
class VulnerabilityCountingService
# @param [Ci::Pipeline] pipeline
# @param Array[String] report_types Summary report types. Valid values are members of Vulnerabilities::Finding::REPORT_TYPES
# @param Array[String] report_types Summary report types. Valid values are members of Enums::Vulnerability.report_types
def initialize(pipeline, report_types)
@pipeline = pipeline
@report_types = report_types
......
......@@ -128,15 +128,15 @@ class Gitlab::Seeder::Vulnerabilities
end
def random_confidence_level
::Vulnerabilities::Finding::CONFIDENCE_LEVELS.keys.sample
::Enums::Vulnerability.confidence_levels.keys.sample
end
def random_severity_level
::Vulnerabilities::Finding::SEVERITY_LEVELS.keys.sample
::Enums::Vulnerability.severity_levels.keys.sample
end
def random_report_type
::Vulnerabilities::Finding::REPORT_TYPES.keys.sample
::Enums::Vulnerability.report_types.keys.sample
end
def metadata(line)
......
......@@ -136,13 +136,13 @@ module Gitlab
end
def parse_severity_level(input)
return input if ::Vulnerabilities::Finding::SEVERITY_LEVELS.key?(input)
return input if ::Enums::Vulnerability.severity_levels.key?(input)
'unknown'
end
def parse_confidence_level(input)
return input if ::Vulnerabilities::Finding::CONFIDENCE_LEVELS.key?(input)
return input if ::Enums::Vulnerability.confidence_levels.key?(input)
'unknown'
end
......
......@@ -46,13 +46,13 @@ FactoryBot.define do
severity { :low }
end
::Vulnerabilities::Finding::SEVERITY_LEVELS.keys.each do |severity_level|
::Enums::Vulnerability.severity_levels.keys.each do |severity_level|
trait severity_level do
severity { severity_level }
end
end
::Vulnerabilities::Finding::REPORT_TYPES.keys.each do |report_type|
::Enums::Vulnerability.report_types.keys.each do |report_type|
trait report_type do
report_type { report_type }
end
......
......@@ -237,7 +237,7 @@ FactoryBot.define do
end
end
::Vulnerabilities::Finding::REPORT_TYPES.keys.each do |security_report_type|
::Enums::Vulnerability.report_types.keys.each do |security_report_type|
trait security_report_type do
report_type { security_report_type }
end
......
......@@ -4,7 +4,7 @@ require 'spec_helper'
RSpec.describe GitlabSchema.types['VulnerabilitySeveritiesCount'] do
let_it_be(:fields) do
::Vulnerabilities::Finding::SEVERITY_LEVELS.keys
::Enums::Vulnerability.severity_levels.keys
end
it { expect(described_class).to have_graphql_fields(fields) }
......
......@@ -13,9 +13,9 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateVulnerabilitiesFromDismissalFe
let(:feedback) { table(:vulnerability_feedback) }
let(:namespaces) { table(:namespaces)}
let(:severity) { Vulnerabilities::Finding::SEVERITY_LEVELS[:unknown] }
let(:confidence) { Vulnerabilities::Finding::CONFIDENCE_LEVELS[:medium] }
let(:report_type) { Vulnerabilities::Finding::REPORT_TYPES[:sast] }
let(:severity) { ::Enums::Vulnerability.severity_levels[:unknown] }
let(:confidence) { ::Enums::Vulnerability.confidence_levels[:medium] }
let(:report_type) { ::Enums::Vulnerability.report_types[:sast] }
let!(:user) { users.create!(email: 'author@example.com', username: 'author', projects_limit: 10) }
let!(:project) { projects.create!(namespace_id: namespace.id, name: 'gitlab', path: 'gitlab') }
......
......@@ -12,9 +12,9 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateVulnerabilitiesToDismissed, :m
let(:identifiers) { table(:vulnerability_identifiers) }
let(:feedback) { table(:vulnerability_feedback) }
let(:severity) { Vulnerabilities::Finding::SEVERITY_LEVELS[:unknown] }
let(:confidence) { Vulnerabilities::Finding::CONFIDENCE_LEVELS[:medium] }
let(:report_type) { Vulnerabilities::Finding::REPORT_TYPES[:sast] }
let(:severity) { ::Enums::Vulnerability.severity_levels[:unknown] }
let(:confidence) { ::Enums::Vulnerability.confidence_levels[:medium] }
let(:report_type) { ::Enums::Vulnerability.report_types[:sast] }
let!(:user) { users.create!(id: 13, email: 'author@example.com', username: 'author', projects_limit: 10) }
let!(:project) { projects.create!(id: 123, namespace_id: 12, name: 'gitlab', path: 'gitlab') }
......
......@@ -5,10 +5,10 @@ require 'spec_helper'
RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do
let(:identifier) { build(:vulnerabilities_identifier) }
let(:base_vulnerability) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '123', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:high], severity: Vulnerabilities::Finding::SEVERITY_LEVELS[:critical]) }
let(:base_vulnerability) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '123', confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: ::Enums::Vulnerability.severity_levels[:critical]) }
let(:base_report) { build(:ci_reports_security_aggregated_reports, findings: [base_vulnerability])}
let(:head_vulnerability) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '123', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:high], severity: Vulnerabilities::Finding::SEVERITY_LEVELS[:critical]) }
let(:head_vulnerability) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '123', confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: ::Enums::Vulnerability.severity_levels[:critical]) }
let(:head_report) { build(:ci_reports_security_aggregated_reports, findings: [head_vulnerability])}
before do
......@@ -62,8 +62,8 @@ RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do
end
context 'new vulnerabilities' do
let(:vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:medium]) }
let(:low_vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:low]) }
let(:vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: ::Enums::Vulnerability.confidence_levels[:medium]) }
let(:low_vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: ::Enums::Vulnerability.confidence_levels[:low]) }
let(:base_report) { build(:ci_reports_security_aggregated_reports, findings: [base_vulnerability, vuln])}
let(:head_report) { build(:ci_reports_security_aggregated_reports, findings: [head_vulnerability, vuln, low_vuln])}
......@@ -75,8 +75,8 @@ RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do
end
describe '#added' do
let(:vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:high], severity: Vulnerabilities::Finding::SEVERITY_LEVELS[:critical]) }
let(:low_vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:high], severity: Vulnerabilities::Finding::SEVERITY_LEVELS[:low]) }
let(:vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: Enums::Vulnerability.severity_levels[:critical]) }
let(:low_vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: Enums::Vulnerability.severity_levels[:low]) }
context 'with new vulnerability' do
let(:head_report) { build(:ci_reports_security_aggregated_reports, findings: [head_vulnerability, vuln])}
......@@ -107,7 +107,7 @@ RSpec.describe Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer do
describe '#fixed' do
let(:vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888') }
let(:medium_vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: Vulnerabilities::Finding::CONFIDENCE_LEVELS[:high], severity: Vulnerabilities::Finding::SEVERITY_LEVELS[:medium]) }
let(:medium_vuln) { build(:vulnerabilities_finding, report_type: :sast, identifiers: [identifier], location_fingerprint: '888', confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: Enums::Vulnerability.severity_levels[:medium]) }
context 'with fixed vulnerability' do
let(:base_report) { build(:ci_reports_security_aggregated_reports, findings: [base_vulnerability, vuln])}
......
......@@ -16,9 +16,9 @@ RSpec.describe MigrateVulnerabilityDismissalFeedback, :migration, :sidekiq do
let(:vulnerabilities) { table(:vulnerabilities) }
let(:dismissed_state) { Gitlab::BackgroundMigration::UpdateVulnerabilitiesFromDismissalFeedback::VULNERABILITY_DISMISSED_STATE }
let(:severity) { Vulnerabilities::Finding::SEVERITY_LEVELS[:unknown] }
let(:confidence) { Vulnerabilities::Finding::CONFIDENCE_LEVELS[:medium] }
let(:report_type) { Vulnerabilities::Finding::REPORT_TYPES[:sast] }
let(:severity) { ::Enums::Vulnerability.severity_levels[:unknown] }
let(:confidence) { ::Enums::Vulnerability.confidence_levels[:medium] }
let(:report_type) { ::Enums::Vulnerability.report_types[:sast] }
before do
stub_const("#{described_class.name}::BATCH_SIZE", 1)
......
......@@ -16,9 +16,9 @@ RSpec.describe MigrateVulnerabilityDismissals, :migration, :sidekiq do
let(:vulnerabilities) { table(:vulnerabilities) }
let(:detected_state) { Gitlab::BackgroundMigration::UpdateVulnerabilitiesToDismissed::VULNERABILITY_DETECTED }
let(:severity) { Vulnerabilities::Finding::SEVERITY_LEVELS[:unknown] }
let(:confidence) { Vulnerabilities::Finding::CONFIDENCE_LEVELS[:medium] }
let(:report_type) { Vulnerabilities::Finding::REPORT_TYPES[:sast] }
let(:severity) { ::Enums::Vulnerability.severity_levels[:unknown] }
let(:confidence) { ::Enums::Vulnerability.confidence_levels[:medium] }
let(:report_type) { ::Enums::Vulnerability.report_types[:sast] }
before do
stub_const("#{described_class.name}::BATCH_SIZE", 1)
......
......@@ -82,9 +82,9 @@ RSpec.describe Vulnerabilities::Finding do
end
context 'order' do
let!(:finding1) { create(:vulnerabilities_finding, confidence: described_class::CONFIDENCE_LEVELS[:high], severity: described_class::SEVERITY_LEVELS[:high]) }
let!(:finding2) { create(:vulnerabilities_finding, confidence: described_class::CONFIDENCE_LEVELS[:medium], severity: described_class::SEVERITY_LEVELS[:critical]) }
let!(:finding3) { create(:vulnerabilities_finding, confidence: described_class::CONFIDENCE_LEVELS[:high], severity: described_class::SEVERITY_LEVELS[:critical]) }
let!(:finding1) { create(:vulnerabilities_finding, confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: ::Enums::Vulnerability.severity_levels[:high]) }
let!(:finding2) { create(:vulnerabilities_finding, confidence: ::Enums::Vulnerability.confidence_levels[:medium], severity: ::Enums::Vulnerability.severity_levels[:critical]) }
let!(:finding3) { create(:vulnerabilities_finding, confidence: ::Enums::Vulnerability.confidence_levels[:high], severity: ::Enums::Vulnerability.severity_levels[:critical]) }
it 'orders by severity and confidence' do
expect(described_class.all.ordered).to eq([finding3, finding2, finding1])
......@@ -139,7 +139,7 @@ RSpec.describe Vulnerabilities::Finding do
subject { described_class.by_report_types(param) }
context 'with one param' do
let(:param) { Vulnerabilities::Finding::REPORT_TYPES['sast'] }
let(:param) { Vulnerabilities::Finding.report_types['sast'] }
it 'returns found record' do
is_expected.to contain_exactly(vulnerability_sast)
......@@ -149,11 +149,11 @@ RSpec.describe Vulnerabilities::Finding do
context 'with array of params' do
let(:param) do
[
Vulnerabilities::Finding::REPORT_TYPES['dependency_scanning'],
Vulnerabilities::Finding::REPORT_TYPES['dast'],
Vulnerabilities::Finding::REPORT_TYPES['secret_detection'],
Vulnerabilities::Finding::REPORT_TYPES['coverage_fuzzing'],
Vulnerabilities::Finding::REPORT_TYPES['api_fuzzing']
Vulnerabilities::Finding.report_types['dependency_scanning'],
Vulnerabilities::Finding.report_types['dast'],
Vulnerabilities::Finding.report_types['secret_detection'],
Vulnerabilities::Finding.report_types['coverage_fuzzing'],
Vulnerabilities::Finding.report_types['api_fuzzing']
]
end
......@@ -168,7 +168,7 @@ RSpec.describe Vulnerabilities::Finding do
end
context 'without found record' do
let(:param) { Vulnerabilities::Finding::REPORT_TYPES['container_scanning']}
let(:param) { ::Enums::Vulnerability.report_types['container_scanning']}
it 'returns empty collection' do
is_expected.to be_empty
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment