Commit c5ea95a1 authored by Philip Cunningham's avatar Philip Cunningham

Stub out DAST site profile creation mutation

parent 01682e0e
# frozen_string_literal: true
module Mutations
module DastSiteProfiles
class Create < BaseMutation
include ResolvesProject
graphql_name 'DastSiteProfileCreate'
field :id, GraphQL::ID_TYPE,
null: false,
description: 'ID of the site profile.'
argument :full_path, GraphQL::ID_TYPE,
required: true,
description: 'The project the site profile belongs to.'
argument :profile_name, GraphQL::STRING_TYPE,
required: true,
description: 'The name of the site profile.'
argument :target_url, GraphQL::STRING_TYPE,
required: false,
description: 'The URL of the target to be scanned.'
authorize :run_ondemand_dast_scan
def resolve(full_path:, profile_name:, target_url: nil)
project = authorized_find!(full_path: full_path)
raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
{
errors: ['Not implemented']
}
end
private
def find_object(full_path:)
resolve_project(full_path: full_path)
end
end
end
end
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Mutations::DastSiteProfiles::Create do
let(:group) { create(:group) }
let(:project) { create(:project, group: group) }
let(:user) { create(:user) }
let(:full_path) { project.full_path }
let(:profile_name) { SecureRandom.hex }
let(:target_url) { FFaker::Internet.uri(:https) }
subject(:mutation) { described_class.new(object: nil, context: { current_user: user }, field: nil) }
describe '#resolve' do
subject do
mutation.resolve(
full_path: full_path,
profile_name: profile_name,
target_url: target_url
)
end
context 'when on demand scan feature is not enabled' do
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when on demand scan feature is enabled' do
before do
stub_feature_flags(security_on_demand_scans_feature_flag: true)
end
context 'when the project does not exist' do
let(:full_path) { SecureRandom.hex }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user is not associated with the project' do
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable)
end
end
context 'when the user is an owner' do
it 'stubs out the response' do
group.add_owner(user)
expect(subject[:errors]).to eq(['Not implemented'])
end
end
context 'when the user is a maintainer' do
it 'stubs out the response' do
project.add_maintainer(user)
expect(subject[:errors]).to eq(['Not implemented'])
end
end
context 'when the user is a developer' do
it 'stubs out the response' do
project.add_developer(user)
expect(subject[:errors]).to eq(['Not implemented'])
end
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment