Generate policy profile mocks

Generate for mocks for DAST site and scanner profiles referenced in policies.

Generate policy profile mocks
Generate for mocks for DAST site and scanner profiles referenced in policies.
f6ecd022 · Paul Gascou-Vaillancourt · 23b5db8d · f6ecd022 · 23b5db8d · f6ecd022
Commit f6ecd022 authored Dec 16, 2021 by Paul Gascou-Vaillancourt
6 changed files
--- a/ee/spec/frontend/fixtures/dast_profiles.rb
+++ b/ee/spec/frontend/fixtures/dast_profiles.rb
@@ -8,10 +8,49 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
    include GraphqlHelpers
    include JavaScriptFixturesHelpers
    include API::Helpers::GraphqlHelpers
+    include RepoHelpers
+
+    shared_examples 'dast_site_profiles.query.graphql' do |type|
+      path = 'security_configuration/dast_profiles/graphql/dast_site_profiles.query.graphql'
+
+      it "graphql/#{path}.#{type}.json" do
+        query = get_graphql_query_as_string(path, ee: true)
+
+        post_graphql(query, current_user: current_user, variables: {
+          fullPath: project.full_path,
+          first: 20
+        })
+
+        expect_graphql_errors_to_be_empty
+        expect(graphql_data_at(:project, :siteProfiles, :edges)).to have_attributes(size: dast_site_profiles.length)
+      end
+    end
+
+    shared_examples 'dast_scanner_profiles.query.graphql' do |type|
+      path = 'security_configuration/dast_profiles/graphql/dast_scanner_profiles.query.graphql'
+
+      it "graphql/#{path}.#{type}.json" do
+        query = get_graphql_query_as_string(path, ee: true)
+
+        post_graphql(query, current_user: current_user, variables: {
+          fullPath: project.full_path,
+          first: 20
+        })
+
+        expect_graphql_errors_to_be_empty
+        expect(graphql_data_at(:project, :scannerProfiles, :edges)).to have_attributes(size: dast_scanner_profiles.length)
+      end
+    end

    let_it_be(:current_user) { create(:user) }
    let_it_be(:project) { create(:project, :repository, :public) }

+    before do
+      stub_licensed_features(security_on_demand_scans: true)
+      project.add_developer(current_user)
+    end
+
+    describe 'dast_site_profiles' do
      # DAST site validations
      let_it_be(:dast_site_validation_pending) do
        create(
@@ -103,14 +142,6 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
        )
      end

-    before do
-      stub_licensed_features(security_on_demand_scans: true)
-      project.add_developer(current_user)
-    end
-
-    describe 'dast_site_profiles' do
-      path = 'security_configuration/dast_profiles/graphql/dast_site_profiles.query.graphql'
-
      context 'basic site profiles' do
        # DAST site profiles
        let_it_be(:dast_site_profiles) do
@@ -153,17 +184,7 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
          ]
        end

-        it "graphql/#{path}.basic.json" do
-          query = get_graphql_query_as_string(path, ee: true)
-
-          post_graphql(query, current_user: current_user, variables: {
-            fullPath: project.full_path,
-            first: 20
-          })
-
-          expect_graphql_errors_to_be_empty
-          expect(graphql_data_at(:project, :siteProfiles, :edges)).to have_attributes(size: 5)
-        end
+        it_behaves_like 'dast_site_profiles.query.graphql', "basic"
      end

      context 'dast site profile with secret variables' do
@@ -199,8 +220,6 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
    end

    describe 'dast_scanner_profiles' do
-      path = 'security_configuration/dast_profiles/graphql/dast_scanner_profiles.query.graphql'
-
      # DAST scanner profiles
      let_it_be(:dast_scanner_profiles) do
        [
@@ -225,16 +244,59 @@ RSpec.describe 'DAST profiles (GraphQL fixtures)' do
        ]
      end

-      it "graphql/#{path}.basic.json" do
-        query = get_graphql_query_as_string(path, ee: true)
+      it_behaves_like 'dast_scanner_profiles.query.graphql', "basic"
+    end

-        post_graphql(query, current_user: current_user, variables: {
-          fullPath: project.full_path,
-          first: 20
-        })
+    describe 'from policies' do
+      let_it_be(:policies_project) { create(:project, :repository) }
+      let_it_be(:security_orchestration_policy_configuration) do
+        create(
+          :security_orchestration_policy_configuration,
+          project: project,
+          security_policy_management_project: policies_project
+        )
+      end
+      let_it_be(:dast_site_profiles) do
+        [
+          create(
+            :dast_site_profile,
+            name: "From policy",
+            auth_username: "from-policy@example.com",
+            project: project
+          )
+      ]
+      end
+      let_it_be(:dast_scanner_profiles) do
+        [
+          create(
+            :dast_scanner_profile,
+            name: "Active scanner",
+            spider_timeout: 5,
+            target_timeout: 10,
+            scan_type: 'active',
+            use_ajax_spider: true,
+            show_debug_messages: true,
+            project: project
+          )
+      ]
+      end
+      let(:policy1) do
+        build(:scan_execution_policy, rules: [{ type: 'pipeline', branches: %w[master] }], actions: [
+          { scan: 'dast', site_profile: dast_site_profiles.first.name, scanner_profile: dast_scanner_profiles.first.name }
+        ])
+      end
+      let(:policy_yaml) { build(:orchestration_policy_yaml, scan_execution_policy: [policy1]) }

-        expect_graphql_errors_to_be_empty
-        expect(graphql_data_at(:project, :scannerProfiles, :edges)).to have_attributes(size: 2)
+      before do
+        create_file_in_repo(policies_project, 'master', 'master', Security::OrchestrationPolicyConfiguration::POLICY_PATH, policy_yaml)
+      end
+
+      context "site profiles" do
+        it_behaves_like 'dast_site_profiles.query.graphql', "from_policies"
+      end
+
+      context "scanner profiles" do
+        it_behaves_like 'dast_scanner_profiles.query.graphql', "from_policies"
      end
    end


--- a/ee/spec/frontend/on_demand_scans_form/mocks/mock_data.js
+++ b/ee/spec/frontend/on_demand_scans_form/mocks/mock_data.js
-export const policyScannerProfile = {
-  id: 'gid://gitlab/DastScannerProfile/3',
-  profileName: 'Scanner profile #3',
-  spiderTimeout: 20,
-  targetTimeout: 150,
-  scanType: 'ACTIVE',
-  useAjaxSpider: true,
-  showDebugMessages: true,
-  editPath: '/scanner_profile/edit/3',
-  referencedInSecurityPolicies: ['some_policy'],
-};
-
-export const policySiteProfile = {
-  id: 'gid://gitlab/DastSiteProfile/6',
-  profileName: 'Profile 6',
-  targetUrl: 'http://example-6.com',
-  normalizedTargetUrl: 'http://example-6.com',
-  editPath: '/6/edit',
-  validationStatus: 'NONE',
-  auth: {
-    enabled: false,
-  },
-  excludedUrls: ['https://bar.com/logout'],
-  referencedInSecurityPolicies: ['some_policy'],
-  targetType: 'WEBSITE',
-};
--- a/ee/spec/frontend/security_configuration/dast_profiles/components/dast_profiles_list_spec.js
+++ b/ee/spec/frontend/security_configuration/dast_profiles/components/dast_profiles_list_spec.js
@@ -4,7 +4,7 @@ import { mount, shallowMount, createWrapper } from '@vue/test-utils';
 import { merge } from 'lodash';
 import DastProfilesList from 'ee/security_configuration/dast_profiles/components/dast_profiles_list.vue';
 import { createMockDirective, getBinding } from 'helpers/vue_mock_directive';
-import { siteProfiles as profiles, policySiteProfile } from '../mocks/mock_data';
+import { siteProfiles as profiles, policySiteProfiles } from '../mocks/mock_data';

 const TEST_ERROR_MESSAGE = 'something went wrong';

@@ -259,7 +259,7 @@ describe('EE - DastProfilesList', () => {

  describe('profile referenced in a security policy', () => {
    it('disables the delete button', () => {
-      createFullComponent({ propsData: { profiles: policySiteProfile } });
+      createFullComponent({ propsData: { profiles: policySiteProfiles } });
      const disabledRow = getAllTableRows()[0];
      const deleteButton = getDeleteButtonWithin(disabledRow);
      expect(deleteButton.attributes('disabled')).toBe('disabled');
@@ -267,7 +267,7 @@ describe('EE - DastProfilesList', () => {
    });

    it('shows the correct tooltip text', () => {
-      createFullComponent({ propsData: { profiles: policySiteProfile } });
+      createFullComponent({ propsData: { profiles: policySiteProfiles } });
      expect(getBinding(getDeleteTooltip().element, 'gl-tooltip')).not.toBe(undefined);
      expect(getDeleteTooltip().attributes('title')).toBe(
        'This profile is currently being used in a policy.',

--- a/ee/spec/frontend/security_configuration/dast_profiles/dast_scanner_profiles_form/components/dast_scanner_profiles_form_spec.js
+++ b/ee/spec/frontend/security_configuration/dast_profiles/dast_scanner_profiles_form/components/dast_scanner_profiles_form_spec.js
@@ -6,8 +6,10 @@ import DastScannerProfileForm from 'ee/security_configuration/dast_profiles/dast
 import { SCAN_TYPE } from 'ee/security_configuration/dast_profiles/dast_scanner_profiles/constants';
 import dastScannerProfileCreateMutation from 'ee/security_configuration/dast_profiles/dast_scanner_profiles/graphql/dast_scanner_profile_create.mutation.graphql';
 import dastScannerProfileUpdateMutation from 'ee/security_configuration/dast_profiles/dast_scanner_profiles/graphql/dast_scanner_profile_update.mutation.graphql';
-import { policyScannerProfile } from 'ee_jest/on_demand_scans_form/mocks/mock_data';
-import { scannerProfiles } from 'ee_jest/security_configuration/dast_profiles/mocks/mock_data';
+import {
+  scannerProfiles,
+  policyScannerProfiles,
+} from 'ee_jest/security_configuration/dast_profiles/mocks/mock_data';
 import { TEST_HOST } from 'helpers/test_constants';
 import { mountExtended, shallowMountExtended } from 'helpers/vue_test_utils_helper';

@@ -179,7 +181,7 @@ describe('DastScannerProfileForm', () => {
    beforeEach(() => {
      createShallowComponent({
        propsData: {
-          profile: policyScannerProfile,
+          profile: policyScannerProfiles[0],
        },
      });
    });

--- a/ee/spec/frontend/security_configuration/dast_profiles/dast_site_profiles/components/dast_site_profile_form_spec.js
+++ b/ee/spec/frontend/security_configuration/dast_profiles/dast_site_profiles/components/dast_site_profile_form_spec.js
@@ -7,7 +7,7 @@ import DastSiteAuthSection from 'ee/security_configuration/dast_profiles/dast_si
 import DastSiteProfileForm from 'ee/security_configuration/dast_profiles/dast_site_profiles/components/dast_site_profile_form.vue';
 import dastSiteProfileCreateMutation from 'ee/security_configuration/dast_profiles/dast_site_profiles/graphql/dast_site_profile_create.mutation.graphql';
 import dastSiteProfileUpdateMutation from 'ee/security_configuration/dast_profiles/dast_site_profiles/graphql/dast_site_profile_update.mutation.graphql';
-import { policySiteProfile } from 'ee_jest/on_demand_scans_form/mocks/mock_data';
+import { policySiteProfiles } from 'ee_jest/security_configuration/dast_profiles/mocks/mock_data';
 import { TEST_HOST } from 'helpers/test_constants';
 import { mountExtended, shallowMountExtended } from 'helpers/vue_test_utils_helper';

@@ -268,7 +268,7 @@ describe('DastSiteProfileForm', () => {
    beforeEach(() => {
      createShallowComponent({
        propsData: {
-          profile: policySiteProfile,
+          profile: policySiteProfiles[0],
        },
      });
    });

--- a/ee/spec/frontend/security_configuration/dast_profiles/mocks/mock_data.js
+++ b/ee/spec/frontend/security_configuration/dast_profiles/mocks/mock_data.js
 import siteProfilesFixture from 'test_fixtures/graphql/security_configuration/dast_profiles/graphql/dast_site_profiles.query.graphql.basic.json';
 import scannerProfilesFixtures from 'test_fixtures/graphql/security_configuration/dast_profiles/graphql/dast_scanner_profiles.query.graphql.basic.json';
+import policySiteProfilesFixtures from 'test_fixtures/graphql/security_configuration/dast_profiles/graphql/dast_site_profiles.query.graphql.from_policies.json';
+import policyScannerProfilesFixtures from 'test_fixtures/graphql/security_configuration/dast_profiles/graphql/dast_scanner_profiles.query.graphql.from_policies.json';

 export const siteProfiles = siteProfilesFixture.data.project.siteProfiles.edges.map(
  ({ node }) => node,
@@ -12,17 +14,9 @@ export const validatedSiteProfile = siteProfiles.find(
  ({ validationStatus }) => validationStatus === 'PASSED_VALIDATION',
 );

-export const policySiteProfile = [
-  {
-    id: 'gid://gitlab/DastSiteProfile/6',
-    profileName: 'Profile 6',
-    targetUrl: 'http://example-6.com',
-    normalizedTargetUrl: 'http://example-6.com',
-    editPath: '/6/edit',
-    validationStatus: 'NONE',
-    referencedInSecurityPolicies: ['some_policy'],
-  },
-];
+export const policySiteProfiles = policySiteProfilesFixtures.data.project.siteProfiles.edges.map(({node}) => node)
+
+export const policyScannerProfiles = policyScannerProfilesFixtures.data.project.scannerProfiles.edges.map(({node}) => node)

 export const scannerProfiles = scannerProfilesFixtures.data.project.scannerProfiles.edges.map(
  ({ node }) => node,