Create DAST site profile fixture with secrets

parent 8b0d679a
......@@ -7,6 +7,7 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
include ApiHelpers
include GraphqlHelpers
include JavaScriptFixturesHelpers
include API::Helpers::GraphqlHelpers
let_it_be(:current_user) { create(:user) }
let_it_be(:project) { create(:project, :repository, :public) }
......@@ -118,31 +119,36 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
:dast_site_profile,
name: "Non-validated",
auth_username: "non-validated@example.com",
project: project, dast_site: dast_site_none
project: project,
dast_site: dast_site_none
),
create(
:dast_site_profile,
name: "Validation failed",
auth_username: "validation-failed@example.com",
project: project, dast_site: dast_site_failed
project: project,
dast_site: dast_site_failed
),
create(
:dast_site_profile,
name: "Validation passed",
auth_username: "validation-passed@example.com",
project: project, dast_site: dast_site_passed
project: project,
dast_site: dast_site_passed
),
create(
:dast_site_profile,
name: "Validation in progress",
auth_username: "validation-in-progress@example.com",
project: project, dast_site: dast_site_inprogress
project: project,
dast_site: dast_site_inprogress
),
create(
:dast_site_profile,
name: "Validation pending",
auth_username: "validation-pending@example.com",
project: project, dast_site: dast_site_pending
project: project,
dast_site: dast_site_pending
)
]
end
......@@ -159,6 +165,37 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
expect(graphql_data_at(:project, :siteProfiles, :edges)).to have_attributes(size: 5)
end
end
context 'dast site profile with secret variables' do
let(:response) { @site_profile.to_json }
let_it_be(:dast_site_profile) { create(:dast_site_profile, project: project) }
let_it_be(:request_headers_variable) { create(:dast_site_profile_secret_variable, :request_headers, dast_site_profile: dast_site_profile) }
let_it_be(:password_variable) { create(:dast_site_profile_secret_variable, :password, dast_site_profile: dast_site_profile) }
it "security_configuration/dast_profiles/dast_site_profile_with_secrets.json" do
query = %(
{
project(fullPath: "#{project.full_path}") {
dastSiteProfile(id: "#{Gitlab::GlobalId.as_global_id(dast_site_profile.id, model_name: 'DastSiteProfile')}") {
id
name: profileName
targetUrl
targetType
excludedUrls
requestHeaders
auth { enabled url username usernameField password passwordField }
referencedInSecurityPolicies
}
}
}
)
@site_profile = run_graphql!(
query: query,
context: { current_user: current_user },
transform: -> (result) { result.dig('data', 'project', 'dastSiteProfile') }
)
end
end
end
describe 'dast_scanner_profiles' do
......@@ -205,7 +242,10 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
path = 'on_demand_scans/graphql/scheduled_dast_profiles.query.graphql'
let_it_be(:dast_profile) { create(:dast_profile, project: project) }
let_it_be(:dast_profile_schedule) { create(:dast_profile_schedule, project: project, dast_profile: dast_profile)}
let_it_be(:dast_profile_schedule) do
create(:dast_profile_schedule, project: project,
dast_profile: dast_profile)
end
it "graphql/#{path}.json" do
query = get_graphql_query_as_string(path, ee: true)
......
import { GlForm } from '@gitlab/ui';
import { within } from '@testing-library/dom';
import merge from 'lodash/merge';
import siteProfileWithSecrets from 'test_fixtures/security_configuration/dast_profiles/dast_site_profile_with_secrets.json';
import BaseDastProfileForm from 'ee/security_configuration/dast_profiles/components/base_dast_profile_form.vue';
import DastSiteAuthSection from 'ee/security_configuration/dast_profiles/dast_site_profiles/components/dast_site_auth_section.vue';
import DastSiteProfileForm from 'ee/security_configuration/dast_profiles/dast_site_profiles/components/dast_site_profile_form.vue';
import dastSiteProfileCreateMutation from 'ee/security_configuration/dast_profiles/dast_site_profiles/graphql/dast_site_profile_create.mutation.graphql';
import dastSiteProfileUpdateMutation from 'ee/security_configuration/dast_profiles/dast_site_profiles/graphql/dast_site_profile_update.mutation.graphql';
import { siteProfiles, policySiteProfile } from 'ee_jest/on_demand_scans_form/mocks/mock_data';
import { policySiteProfile } from 'ee_jest/on_demand_scans_form/mocks/mock_data';
import { TEST_HOST } from 'helpers/test_constants';
import { mountExtended, shallowMountExtended } from 'helpers/vue_test_utils_helper';
const [siteProfileOne] = siteProfiles;
const projectFullPath = 'group/project';
const profilesLibraryPath = `${TEST_HOST}/${projectFullPath}/-/security/configuration/dast_scans`;
const onDemandScansPath = `${TEST_HOST}/${projectFullPath}/-/on_demand_scans`;
......@@ -59,7 +59,7 @@ describe('DastSiteProfileForm', () => {
await setFieldValue(findTargetUrlInput(), targetUrl);
await setFieldValue(findExcludedUrlsInput(), excludedUrls);
await setFieldValue(findRequestHeadersInput(), requestHeaders);
await setAuthFieldsValues(siteProfileOne.auth);
await setAuthFieldsValues(siteProfileWithSecrets.auth);
};
const setTargetType = async (type) => {
......@@ -158,17 +158,19 @@ describe('DastSiteProfileForm', () => {
it('when updating an existing profile', () => {
createComponent({
propsData: {
profile: siteProfileOne,
profile: siteProfileWithSecrets,
},
});
expect(findRequestHeadersInput().element.value).toBe(siteProfileOne.requestHeaders);
expect(findByNameAttribute('password').element.value).toBe(siteProfileOne.auth.password);
expect(findRequestHeadersInput().element.value).toBe(siteProfileWithSecrets.requestHeaders);
expect(findByNameAttribute('password').element.value).toBe(
siteProfileWithSecrets.auth.password,
);
});
it('when updating an existing profile with no request-header & password', () => {
createComponent({
propsData: {
profile: { ...siteProfileOne, requestHeaders: null, auth: { enabled: true } },
profile: { ...siteProfileWithSecrets, requestHeaders: null, auth: { enabled: true } },
},
});
expect(findRequestHeadersInput().element.value).toBe('');
......@@ -188,7 +190,7 @@ describe('DastSiteProfileForm', () => {
describe.each`
title | profile | mutationVars | mutation | mutationKind
${'New site profile'} | ${{}} | ${{ fullPath: projectFullPath }} | ${dastSiteProfileCreateMutation} | ${'dastSiteProfileCreate'}
${'Edit site profile'} | ${siteProfileOne} | ${{ id: siteProfileOne.id }} | ${dastSiteProfileUpdateMutation} | ${'dastSiteProfileUpdate'}
${'Edit site profile'} | ${siteProfileWithSecrets} | ${{ id: siteProfileWithSecrets.id }} | ${dastSiteProfileUpdateMutation} | ${'dastSiteProfileUpdate'}
`('$title', ({ profile, mutationVars, mutation, mutationKind }) => {
beforeEach(() => {
createComponent({
......@@ -208,7 +210,7 @@ describe('DastSiteProfileForm', () => {
expect(baseDastProfileForm.props('mutationVariables')).toEqual({
profileName,
targetUrl,
excludedUrls: siteProfileOne.excludedUrls,
excludedUrls: excludedUrls.split(', '),
requestHeaders,
targetType: 'API',
...mutationVars,
......@@ -221,7 +223,7 @@ describe('DastSiteProfileForm', () => {
describe.each`
title | profile | mutationVars | mutationKind
${'New site profile'} | ${{}} | ${{}} | ${'dastSiteProfileCreate'}
${'Edit site profile'} | ${siteProfileOne} | ${{ id: siteProfileOne.id }} | ${'dastSiteProfileUpdate'}
${'Edit site profile'} | ${siteProfileWithSecrets} | ${{ id: siteProfileWithSecrets.id }} | ${'dastSiteProfileUpdate'}
`('$title', ({ profile, title, mutationVars, mutationKind }) => {
beforeEach(() => {
createComponent({
......@@ -252,7 +254,7 @@ describe('DastSiteProfileForm', () => {
beforeEach(() => {
createShallowComponent({
propsData: {
profile: siteProfileOne,
profile: siteProfileWithSecrets,
},
});
});
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment