Resolve "Validate against Vulnerabilities::StateTransition to_state and from_state being the same to prevent redundant record creation"
requested to merge 375497-validate-against-vulnerabilities-statetransition-to_state-and-from_state-being-the-same-to into master
What does this MR do and why?
To prevent the creation of redundant Vulnerability State Transition records where there is no actual state change occurring, this MR implements a database level check constraint to ensure that the to_state and from_state fields of a transition record differ.
How to set up and validate locally
Assuming an existing vulnerability state transition exists in your db, open a rails console and run the following:
Vulnerabilities::StateTransition.create(Vulnerabilities::StateTransition.last.attributes.except('id').merge('to_state' => :dismissed, 'from_state' => :dismissed))
This should result in the following failure:
ActiveRecord::StatementInvalid: PG::CheckViolation: ERROR: new row for relation "vulnerability_state_transitions" violates check constraint "check_d1ca8ec043"
DETAIL: Failing row contains (2, 128, 2, 2, 2022-10-25 11:33:45.946096+00, 2022-10-25 11:33:45.946096+00, null, null, null).
from /data/cache/bundle-2.7.6/ruby/2.7.0/gems/activerecord-6.1.6.1/lib/active_record/connection_adapters/postgresql_adapter.rb:672:in `exec_params'
Caused by PG::CheckViolation: ERROR: new row for relation "vulnerability_state_transitions" violates check constraint "check_d1ca8ec043"
DETAIL: Failing row contains (2, 128, 2, 2, 2022-10-25 11:33:45.946096+00, 2022-10-25 11:33:45.946096+00, null, null, null).
from /data/cache/bundle-2.7.6/ruby/2.7.0/gems/activerecord-6.1.6.1/lib/active_record/connection_adapters/postgresql_adapter.rb:672:in `exec_params'
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #375497 (closed)
Edited by Gregory Havenga