BE: Update approvers fetching logic to include role approvers

Why are we doing this work

Scan Result Policy Action currently supports individual approvers or a group of users. However, when a customer has projects with lower criticality or the scan results detect a vulnerability of low criticality (I.e., Low/Medium), they want to require an approver from the project based on the role (I.e., owner/maintainer)

This issue focusses on updating the approvers fetching logic in FetchPolicyApproversService to include the users with roles from role_approvers

Relevant links

Epic: Support Role Based Approval Action for Scan Res... (&8018 - closed)

Non-functional requirements

Documentation:
Feature flag:
Performance:
Testing:

Implementation plan

backend Update FetchPolicyApproversService to get users with role from role_approvers

def execute
  action = required_approval(policy)

  return success({ users: [], groups: [], roles: [] }) unless action

  success({ users: user_approvers(action), groups: group_approvers(action), role_users: role_approvers(action) })
end

private

def role_approvers(action)
  return [] unless action[:role_approvers]

  action[:role_approvers].flat_map do |role|
    container.members.public_send(role.pluralize)
  end
end

Verification steps

Edited Nov 01, 2022 by Sashi Kumar Kumaresan