Commit f734facd authored by Mayra Cabrera's avatar Mayra Cabrera

Merge branch '233825-vulnerabilities-show-opened-issue-if-in-the-same-file' into 'master'

Use issue links to determine vulnerability issue feedback

See merge request gitlab-org/gitlab!38814
parents 34df1df8 460eef56
...@@ -211,7 +211,7 @@ module Vulnerabilities ...@@ -211,7 +211,7 @@ module Vulnerabilities
end end
def issue_feedback def issue_feedback
feedback(feedback_type: 'issue') Vulnerabilities::Feedback.find_by(issue: vulnerability&.related_issues) if vulnerability
end end
def merge_request_feedback def merge_request_feedback
......
...@@ -375,6 +375,9 @@ RSpec.describe Vulnerabilities::Finding do ...@@ -375,6 +375,9 @@ RSpec.describe Vulnerabilities::Finding do
) )
end end
let(:vulnerability) { create(:vulnerability, findings: [finding]) }
let!(:issue_link) { create(:vulnerabilities_issue_link, vulnerability: vulnerability, issue: issue)}
it 'returns associated feedback' do it 'returns associated feedback' do
feedback = finding.issue_feedback feedback = finding.issue_feedback
...@@ -383,6 +386,27 @@ RSpec.describe Vulnerabilities::Finding do ...@@ -383,6 +386,27 @@ RSpec.describe Vulnerabilities::Finding do
expect(feedback[:feedback_type]).to eq 'issue' expect(feedback[:feedback_type]).to eq 'issue'
expect(feedback[:issue_id]).to eq issue.id expect(feedback[:issue_id]).to eq issue.id
end end
context 'when there is no feedback for the vulnerability' do
let(:vulnerability_no_feedback) { create(:vulnerability, findings: [finding_no_feedback]) }
let!(:finding_no_feedback) { create(:vulnerabilities_finding, :dependency_scanning, project: project) }
it 'does not return unassociated feedback' do
feedback = finding_no_feedback.issue_feedback
expect(feedback).not_to be_present
end
end
context 'when there is no vulnerability associated with the finding' do
let!(:finding_no_vulnerability) { create(:vulnerabilities_finding, :dependency_scanning, project: project) }
it 'does not return feedback' do
feedback = finding_no_vulnerability.issue_feedback
expect(feedback).not_to be_present
end
end
end end
describe '#dismissal_feedback' do describe '#dismissal_feedback' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment