Improve vulnerabilities permissions checks spec
If we improve the specs aiming for permissions checks, we should be able to faster catch all endpoints we need to change when consolidating permissions or introducing custom roles. This issue should be a demonstration of things that we should check whenever we consolidate permissions or introduce a new custom role:
This issue is about adding all needed specs for vulnerabilities consolidated under admin_vulnerability
and read_vulnerability
.
Ideas on specs improvement
- After we find all affected controllers, check if there are permissions-related tests, add them if not
- Check if there are feature spec in
ee/spec/features
for the affected controller actions, add them if not - Check all related graphql and REST API endpoints
Implementation Plan
-
ee/spec/controllers/projects/security/vulnerabilities_controller_spec.rb
-
Mutation.securityFindingCreateIssue
-
Mutation.securityFindingCreateMergeRequest
-
Mutation.securityFindingDismiss
-
Mutation.securityFindingRevertToDetected
-
Mutation.vulnerabilitiesDismiss
-
Mutation.vulnerabilityConfirm
-
Mutation.vulnerabilityCreate
-
Mutation.vulnerabilityExternalIssueLinkCreate
-
Mutation.vulnerabilityResolve
Edited by mo khan