Merge branch...

Merge branch '250353-convert-issues-createfromvulnerabilityservice-to-work-similar-to-issues-buildservice-2' into 'master' Create Issues::BuildFromVulnerabilityService based off of Issues::BuildService See merge request gitlab-org/gitlab!47510

Merge branch...
Merge branch '250353-convert-issues-createfromvulnerabilityservice-to-work-similar-to-issues-buildservice-2' into 'master' Create Issues::BuildFromVulnerabilityService based off of Issues::BuildService See merge request gitlab-org/gitlab!47510
bb154cf8 · Douglas Barbosa Alexandre · 012db001 · f23cdbd7 · bb154cf8 · bb154cf8
Commit bb154cf8 authored Nov 17, 2020 by Douglas Barbosa Alexandre
5 changed files
--- a/ee/app/services/issues/build_from_vulnerability_service.rb
+++ b/ee/app/services/issues/build_from_vulnerability_service.rb
+# frozen_string_literal: true
+
+module Issues
+  class BuildFromVulnerabilityService < Issues::BuildService
+    def execute
+      vulnerability = params[:vulnerability]
+
+      params.merge!(
+        title: _("Investigate vulnerability: %{title}") % { title: vulnerability.title },
+        description: render_description(vulnerability),
+        confidential: true
+      )
+
+      super
+    end
+
+    private
+
+    def render_description(vulnerability)
+      ApplicationController.render(
+        template: 'vulnerabilities/issue_description.md.erb',
+        locals: { vulnerability: vulnerability.present }
+      )
+    end
+  end
+end
--- a/ee/app/views/vulnerabilities/issue_description.md.erb
+++ b/ee/app/views/vulnerabilities/issue_description.md.erb
@@ -15,14 +15,14 @@
 <% if vulnerability.try(:file) %>
 * <%= _("Location") %>: [<%= vulnerability.location_text %>](<%= vulnerability.location_link %>)
 <% end %>
-
 <% if vulnerability.solution.present? %>
+
 ### <%= _("Solution") %>:

 <%= vulnerability.solution %>
 <% end %>
-
 <% if vulnerability.identifiers.present? %>
+
 ### <%= _("Identifiers") %>:

 <% vulnerability.identifiers.each do |identifier| %>
@@ -33,8 +33,8 @@
 <% end %>
 <% end %>
 <% end %>
-
 <% if vulnerability.links.present? %>
+
 ### <%= _("Links") %>:

 <% vulnerability.links.each do |link| %>
@@ -45,8 +45,8 @@
 <% end %>
 <% end %>
 <% end %>
-
 <% if vulnerability.remediations.present? && vulnerability.remediations.any? %>
+
 ### <%= _("Remediations") %>:

 <% vulnerability.remediations.each do |remediation| %>
@@ -60,8 +60,8 @@
  </details>
 <% end %>
 <% end %>
-
 <% if vulnerability.scanner.present? || vulnerability.scan.present? %>
+
 ### <%= _("Scanner") %>:

 <% if vulnerability.scanner.present? %>

--- a/ee/spec/services/ee/issues/build_from_vulnerability_service_spec.rb
+++ b/ee/spec/services/ee/issues/build_from_vulnerability_service_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Issues::BuildFromVulnerabilityService do
+  describe '#execute' do
+    let_it_be(:group)   { create(:group) }
+    let_it_be(:project) { create(:project, :public, :repository, namespace: group) }
+    let_it_be(:user)    { create(:user) }
+
+    before_all do
+      group.add_developer(user)
+    end
+
+    before do
+      stub_licensed_features(security_dashboard: true)
+    end
+
+    it 'builds the issue with the given params' do
+      vulnerability = create(:vulnerability, :with_finding, project: project)
+      service = described_class.new(project, user, vulnerability: vulnerability)
+
+      issue = service.execute
+
+      expect(issue).not_to be_persisted
+      expect(issue).to have_attributes(
+        project: project,
+        author: user,
+        title: "Investigate vulnerability: #{vulnerability.title}",
+        description:
+          <<~DESC
+            Issue created from vulnerability <a href="http://localhost/#{group.name}/#{project.name}/-/security/vulnerabilities/#{vulnerability.id}">#{vulnerability.id}</a>
+
+            ### Description:
+
+            Description of #{vulnerability.title}
+
+            * Severity: #{vulnerability.severity}
+            * Confidence: #{vulnerability.confidence}
+            * Location: [maven/src/main/java/com/gitlab/security_products/tests/App.java:29](http://localhost/#{project.full_path}/-/blob/master/maven/src/main/java/com/gitlab/security_products/tests/App.java#L29)
+
+            ### Solution:
+
+            #{vulnerability.solution}
+
+            ### Identifiers:
+
+            * [CVE-2018-1234](http://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-1234)
+
+            ### Links:
+
+            * [Cipher does not check for integrity first?](https://crypto.stackexchange.com/questions/31428/pbewithmd5anddes-cipher-does-not-check-for-integrity-first)
+
+            ### Scanner:
+
+            * Name: Find Security Bugs
+          DESC
+      )
+    end
+
+    context 'when a vulnerability has remediations' do
+      it 'displays Remediations section with attached diff' do
+        vulnerability = create(:vulnerability, :with_remediation, project: project)
+        service = described_class.new(project, user, vulnerability: vulnerability)
+
+        issue = service.execute
+
+        expect(issue.description).to match(/Remediations/)
+        expect(issue.description).to match(/This is a diff/)
+      end
+    end
+  end
+end
--- a/ee/spec/services/ee/issues/create_from_vulnerability_data_service_spec.rb
+++ b/ee/spec/services/ee/issues/create_from_vulnerability_data_service_spec.rb
@@ -118,7 +118,6 @@ RSpec.describe Issues::CreateFromVulnerabilityDataService, '#execute' do
            * [Awesome-security blog post](https;//example.com/blog-post)
            * https://example.com/another-link

-
            ### Scanner:

            * Name: Gemnasium
@@ -164,9 +163,6 @@ RSpec.describe Issues::CreateFromVulnerabilityDataService, '#execute' do

            Please do something!

-
-
-
            ### Scanner:

            * Name: Gemnasium

--- a/ee/spec/services/ee/issues/create_from_vulnerability_service_spec.rb
+++ b/ee/spec/services/ee/issues/create_from_vulnerability_service_spec.rb
@@ -119,7 +119,6 @@ RSpec.describe Issues::CreateFromVulnerabilityService, '#execute' do

          * [Cipher does not check for integrity first?](https://crypto.stackexchange.com/questions/31428/pbewithmd5anddes-cipher-does-not-check-for-integrity-first)

-
          ### Scanner:

          * Name: Find Security Bugs