Commit d14b3c9a authored by Zamir Martins Filho's avatar Zamir Martins Filho

Expose vulnerabilities_allowed

for project_approval_rules API.

EE: true
Changelog: added
parent 32613a4b
......@@ -13,6 +13,7 @@ module API
optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule'
end
params :update_project_approval_rule do
......@@ -24,6 +25,7 @@ module API
optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule'
end
params :delete_project_approval_rule do
......
......@@ -10,6 +10,7 @@ module EE
class ProjectApprovalSettingRule < ProjectApprovalRule
expose :approvers, using: ::API::Entities::UserBasic, override: true
expose :scanners, override: true
expose :vulnerabilities_allowed, override: true
end
end
end
......
......@@ -39,7 +39,8 @@
"items": {
"type": "string"
}
}
},
"vulnerabilities_allowed": { "type": "integer" }
},
"additionalProperties": false
}
......@@ -85,6 +85,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do
end
end
end
context 'with vulnerabilities_allowed' do
let(:vulnerabilities_allowed) { 10 }
it 'returns 201 status' do
expect do
post api(url, current_user), params: params.merge({ vulnerabilities_allowed: vulnerabilities_allowed })
end.to change { project.approval_rules.count}.from(0).to(1)
expect(response).to have_gitlab_http_status(:created)
expect(project.approval_rules.first.vulnerabilities_allowed).to eql(vulnerabilities_allowed)
end
end
end
RSpec.shared_examples 'an API endpoint for updating project approval rule' do
......@@ -149,6 +161,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
expect(response).to have_gitlab_http_status(:ok)
end
context 'with vulnerabilities_allowed' do
let(:vulnerabilities_allowed) { 10 }
it 'returns 200 status' do
expect do
put api(url, current_user), params: { vulnerabilities_allowed: vulnerabilities_allowed }
end.to change { approval_rule.reload.vulnerabilities_allowed }.from(0).to(vulnerabilities_allowed)
expect(response).to have_gitlab_http_status(:ok)
end
end
end
context 'as a project admin' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment