Expose vulnerabilities_allowed

for project_approval_rules API. EE: true Changelog: added

Expose vulnerabilities_allowed
for project_approval_rules API. EE: true Changelog: added
d14b3c9a · Zamir Martins Filho · 32613a4b · d14b3c9a · d14b3c9a · d14b3c9a
Commit d14b3c9a authored Jul 22, 2021 by Zamir Martins Filho
4 changed files
--- a/ee/lib/api/helpers/project_approval_rules_helpers.rb
+++ b/ee/lib/api/helpers/project_approval_rules_helpers.rb
@@ -13,6 +13,7 @@ module API
        optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
        optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
        optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
+        optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule'
      end
      params :update_project_approval_rule do
@@ -24,6 +25,7 @@ module API
        optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
        optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
        optional :scanners, type: Array[String], desc: 'The security scanners to be considered by the approval rule'
+        optional :vulnerabilities_allowed, type: Integer, desc: 'The number of vulnerabilities allowed for this rule'
      end
      params :delete_project_approval_rule do

--- a/ee/lib/ee/api/entities/project_approval_setting_rule.rb
+++ b/ee/lib/ee/api/entities/project_approval_setting_rule.rb
@@ -10,6 +10,7 @@ module EE
      class ProjectApprovalSettingRule < ProjectApprovalRule
        expose :approvers, using: ::API::Entities::UserBasic, override: true
        expose :scanners, override: true
+        expose :vulnerabilities_allowed, override: true
      end
    end
  end

--- a/ee/spec/fixtures/api/schemas/public_api/v4/project_approval_setting.json
+++ b/ee/spec/fixtures/api/schemas/public_api/v4/project_approval_setting.json
@@ -39,7 +39,8 @@
      "items": {
        "type": "string"
      }
-    }
+    },
+    "vulnerabilities_allowed": { "type": "integer" }
  },
  "additionalProperties": false
 }
--- a/ee/spec/support/shared_examples/requests/api/project_approval_rules_api_shared_examples.rb
+++ b/ee/spec/support/shared_examples/requests/api/project_approval_rules_api_shared_examples.rb
@@ -85,6 +85,18 @@ RSpec.shared_examples 'an API endpoint for creating project approval rule' do
      end
    end
  end
+  context 'with vulnerabilities_allowed' do
+    let(:vulnerabilities_allowed) { 10 }
+    it 'returns 201 status' do
+      expect do
+        post api(url, current_user), params: params.merge({ vulnerabilities_allowed: vulnerabilities_allowed })
+      end.to change { project.approval_rules.count}.from(0).to(1)
+      expect(response).to have_gitlab_http_status(:created)
+      expect(project.approval_rules.first.vulnerabilities_allowed).to eql(vulnerabilities_allowed)
+    end
+  end
 end
 RSpec.shared_examples 'an API endpoint for updating project approval rule' do
@@ -149,6 +161,17 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
      expect(response).to have_gitlab_http_status(:ok)
    end
+    context 'with vulnerabilities_allowed' do
+      let(:vulnerabilities_allowed) { 10 }
+      it 'returns 200 status' do
+        expect do
+          put api(url, current_user), params: { vulnerabilities_allowed: vulnerabilities_allowed }
+        end.to change { approval_rule.reload.vulnerabilities_allowed }.from(0).to(vulnerabilities_allowed)
+        expect(response).to have_gitlab_http_status(:ok)
+      end
+    end
  end
  context 'as a project admin' do