[Backend]: Split construct_security_policies into policy type specific modules

The following discussion from !185279 (merged) should be addressed:

• @mcavoj started a discussion:

  suggestion: A few thoughts about this module:

  • I think it would be a good idea to split it up by policy type into separate modules. We can keep the this one for the generic construct_security_policies
  • We can include the individual modules ones for each policy type here to construct the policy-specific hashes
  • In the other resolvers, we would include the policy-specific modules. For example, in ScanExecutionPolicyResolver, we'd include include ConstructScanExecutionPolicies

  (nitpick-y) If we don't split it up, could we at least order the methods so it's easier to follow?

  diff --git a/ee/app/graphql/resolvers/concerns/construct_security_policies.rb b/ee/app/graphql/resolvers/concerns/construct_security_policies.rb
  index f67b31690064..810670adde4f 100644
  --- a/ee/app/graphql/resolvers/concerns/construct_security_policies.rb
  +++ b/ee/app/graphql/resolvers/concerns/construct_security_policies.rb
  @@ -13,6 +13,30 @@ def construct_security_policies(policies)
       end
     end
   
  +  def construct_scan_result_policies(policies)
  +    policies.map do |policy|
  +      construct_scan_result_policy(policy)
  +    end
  +  end
  +
  +  def construct_scan_execution_policies(policies)
  +    policies.map do |policy|
  +      construct_scan_execution_policy(policy)
  +    end
  +  end
  +
  +  def construct_pipeline_execution_policies(policies)
  +    policies.map do |policy|
  +      construct_pipeline_execution_policy(policy)
  +    end
  +  end
  +
  +  def construct_vulnerability_management_policies(policies)
  +    policies.map do |policy|
  +      construct_vulnerability_management_policy(policy)
  +    end
  +  end
  +
     def construct_security_policy(policy)
       case policy[:type]
       when "pipeline_execution_policy"
  @@ -26,14 +50,22 @@ def construct_security_policy(policy)
       end
     end
   
  -  def construct_vulnerability_management_policy(policy, with_policy_fields = false)
  -    type = 'vulnerability_management_policy'
  +  def construct_scan_result_policy(policy, with_policy_fields = false)
  +    approvers = approvers(policy)
  +    type = 'approval_policy'
  +
       policy_fields = {
  +      action_approvers: approvers[:approvers],
  +      all_group_approvers: approvers[:all_groups],
  +      custom_roles: approvers[:custom_roles],
  +      deprecated_properties: deprecated_properties(policy),
  +      role_approvers: approvers[:roles],
         source: {
           project: policy[:project],
           namespace: policy[:namespace],
           inherited: policy[:inherited]
  -      }
  +      },
  +      user_approvers: approvers[:users]
       }
   
       policy_fields_with_type = policy_fields.merge(type: type)
  @@ -41,12 +73,10 @@ def construct_vulnerability_management_policy(policy, with_policy_fields = false
       policy = {
         name: policy[:name],
         description: policy[:description],
  -      edit_path: edit_path(policy, :vulnerability_management_policy),
  +      edit_path: edit_path(policy, :approval_policy),
         enabled: policy[:enabled],
         policy_scope: policy_scope(policy[:policy_scope]),
  -      yaml: YAML.dump(
  -        policy.slice(:name, :description, :enabled, :rules, :actions, :policy_scope).deep_stringify_keys
  -      ),
  +      yaml: YAML.dump(policy.slice(*POLICY_YAML_ATTRIBUTES).deep_stringify_keys),
         updated_at: policy[:config].policy_last_updated_at
       }.merge(policy_fields)
   
  @@ -58,24 +88,16 @@ def construct_vulnerability_management_policy(policy, with_policy_fields = false
       policy
     end
   
  -  def construct_vulnerability_management_policies(policies)
  -    policies.map do |policy|
  -      construct_vulnerability_management_policy(policy)
  -    end
  -  end
  -
  -  def construct_pipeline_execution_policy(policy, with_policy_fields = false)
  -    warnings = []
  -    type = 'pipeline_execution_policy'
  +  def construct_scan_execution_policy(policy, with_policy_fields = false)
  +    type = 'scan_execution_policy'
   
       policy_fields = {
  +      deprecated_properties: deprecated_properties(policy),
         source: {
           project: policy[:project],
           namespace: policy[:namespace],
           inherited: policy[:inherited]
  -      },
  -      policy_blob_file_path: policy_blob_file_path(policy, warnings),
  -      warnings: warnings
  +      }
       }
   
       policy_fields_with_type = policy_fields.merge(type: type)
  @@ -83,13 +105,10 @@ def construct_pipeline_execution_policy(policy, with_policy_fields = false)
       policy = {
         name: policy[:name],
         description: policy[:description],
  -      edit_path: edit_path(policy, :pipeline_execution_policy),
  +      edit_path: edit_path(policy, :scan_execution_policy),
         enabled: policy[:enabled],
         policy_scope: policy_scope(policy[:policy_scope]),
  -      yaml: YAML.dump(
  -        policy.slice(:name, :description, :enabled, :pipeline_config_strategy, :content, :policy_scope, :metadata,
  -          :suffix, :skip_ci).deep_stringify_keys
  -      ),
  +      yaml: YAML.dump(policy.slice(*POLICY_YAML_ATTRIBUTES, :skip_ci).deep_stringify_keys),
         updated_at: policy[:config].policy_last_updated_at
       }.merge(policy_fields)
   
  @@ -101,22 +120,18 @@ def construct_pipeline_execution_policy(policy, with_policy_fields = false)
       policy
     end
   
  -  def construct_pipeline_execution_policies(policies)
  -    policies.map do |policy|
  -      construct_pipeline_execution_policy(policy)
  -    end
  -  end
  -
  -  def construct_scan_execution_policy(policy, with_policy_fields = false)
  -    type = 'scan_execution_policy'
  +  def construct_pipeline_execution_policy(policy, with_policy_fields = false)
  +    warnings = []
  +    type = 'pipeline_execution_policy'
   
       policy_fields = {
  -      deprecated_properties: deprecated_properties(policy),
         source: {
           project: policy[:project],
           namespace: policy[:namespace],
           inherited: policy[:inherited]
  -      }
  +      },
  +      policy_blob_file_path: policy_blob_file_path(policy, warnings),
  +      warnings: warnings
       }
   
       policy_fields_with_type = policy_fields.merge(type: type)
  @@ -124,10 +139,13 @@ def construct_scan_execution_policy(policy, with_policy_fields = false)
       policy = {
         name: policy[:name],
         description: policy[:description],
  -      edit_path: edit_path(policy, :scan_execution_policy),
  +      edit_path: edit_path(policy, :pipeline_execution_policy),
         enabled: policy[:enabled],
         policy_scope: policy_scope(policy[:policy_scope]),
  -      yaml: YAML.dump(policy.slice(*POLICY_YAML_ATTRIBUTES, :skip_ci).deep_stringify_keys),
  +      yaml: YAML.dump(
  +        policy.slice(:name, :description, :enabled, :pipeline_config_strategy, :content, :policy_scope, :metadata,
  +          :suffix, :skip_ci).deep_stringify_keys
  +      ),
         updated_at: policy[:config].policy_last_updated_at
       }.merge(policy_fields)
   
  @@ -139,28 +157,14 @@ def construct_scan_execution_policy(policy, with_policy_fields = false)
       policy
     end
   
  -  def construct_scan_execution_policies(policies)
  -    policies.map do |policy|
  -      construct_scan_execution_policy(policy)
  -    end
  -  end
  -
  -  def construct_scan_result_policy(policy, with_policy_fields = false)
  -    approvers = approvers(policy)
  -    type = 'approval_policy'
  -
  +  def construct_vulnerability_management_policy(policy, with_policy_fields = false)
  +    type = 'vulnerability_management_policy'
       policy_fields = {
  -      action_approvers: approvers[:approvers],
  -      all_group_approvers: approvers[:all_groups],
  -      custom_roles: approvers[:custom_roles],
  -      deprecated_properties: deprecated_properties(policy),
  -      role_approvers: approvers[:roles],
         source: {
           project: policy[:project],
           namespace: policy[:namespace],
           inherited: policy[:inherited]
  -      },
  -      user_approvers: approvers[:users]
  +      }
       }
   
       policy_fields_with_type = policy_fields.merge(type: type)
  @@ -168,10 +172,12 @@ def construct_scan_result_policy(policy, with_policy_fields = false)
       policy = {
         name: policy[:name],
         description: policy[:description],
  -      edit_path: edit_path(policy, :approval_policy),
  +      edit_path: edit_path(policy, :vulnerability_management_policy),
         enabled: policy[:enabled],
         policy_scope: policy_scope(policy[:policy_scope]),
  -      yaml: YAML.dump(policy.slice(*POLICY_YAML_ATTRIBUTES).deep_stringify_keys),
  +      yaml: YAML.dump(
  +        policy.slice(:name, :description, :enabled, :rules, :actions, :policy_scope).deep_stringify_keys
  +      ),
         updated_at: policy[:config].policy_last_updated_at
       }.merge(policy_fields)
   
  @@ -183,12 +189,6 @@ def construct_scan_result_policy(policy, with_policy_fields = false)
       policy
     end
   
  -  def construct_scan_result_policies(policies)
  -    policies.map do |policy|
  -      construct_scan_result_policy(policy)
  -    end
  -  end
  -
     def approvers(policy)
       Security::SecurityOrchestrationPolicies::FetchPolicyApproversService
         .new(policy: policy, container: container, current_user: current_user)