diff --git a/ee/spec/requests/api/vulnerabilities_spec.rb b/ee/spec/requests/api/vulnerabilities_spec.rb
index 4de0c264654d03174261f4526671afc3f0b6f720..30835cbeb89192921780787b43110b6075da5172 100644
--- a/ee/spec/requests/api/vulnerabilities_spec.rb
+++ b/ee/spec/requests/api/vulnerabilities_spec.rb
@@ -24,7 +24,7 @@
project.add_developer(user)
end
- it 'returns all vulnerabilities of a project' do
+ it 'returns all vulnerabilities of a project', :aggregate_failures do
get_vulnerabilities
expect(response).to have_gitlab_http_status(:ok)
@@ -36,7 +36,7 @@
context 'with pagination' do
let(:project_vulnerabilities_path) { "#{super()}?page=3&per_page=1" }
- it 'paginates the vulnerabilities according to the pagination params' do
+ it 'paginates the vulnerabilities according to the pagination params', :aggregate_failures do
low_severity_vulnerability = create(:vulnerability, :with_finding, project: project, severity: :low)
get_vulnerabilities
@@ -49,7 +49,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { get_vulnerabilities }.to be_allowed_for(:admin) }
it { expect { get_vulnerabilities }.to be_allowed_for(:owner).of(project) }
it { expect { get_vulnerabilities }.to be_allowed_for(:maintainer).of(project) }
@@ -75,7 +75,7 @@
project.add_developer(user)
end
- it 'returns the desired vulnerability' do
+ it 'returns the desired vulnerability', :aggregate_failures do
get_vulnerability
expect(response).to have_gitlab_http_status(:ok)
@@ -83,7 +83,7 @@
expect(json_response['id']).to eq vulnerability_id
end
- it 'returns the desired findings' do
+ it 'returns the desired findings', :aggregate_failures do
get_vulnerability
expect(response).to have_gitlab_http_status(:ok)
@@ -95,7 +95,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { get_vulnerability }.to be_allowed_for(:admin) }
it { expect { get_vulnerability }.to be_allowed_for(:owner).of(project) }
it { expect { get_vulnerability }.to be_allowed_for(:maintainer).of(project) }
@@ -122,7 +122,7 @@
project.add_developer(user)
end
- it 'creates a vulnerability from finding and attaches it to the vulnerability' do
+ it 'creates a vulnerability from finding and attaches it to the vulnerability', :aggregate_failures do
expect { subject }.to change { project.vulnerabilities.count }.by(1)
expect(project.vulnerabilities.last).to(
have_attributes(
@@ -143,7 +143,7 @@
context 'when finding id is unknown' do
let(:finding_id) { 0 }
- it 'responds with expected error' do
+ it 'responds with expected error', :aggregate_failures do
subject
expect(response).to have_gitlab_http_status(:bad_request)
@@ -156,7 +156,7 @@
create(:vulnerability, findings: [finding], project: finding.project)
end
- it 'rejects creation of a new vulnerability from this finding' do
+ it 'rejects creation of a new vulnerability from this finding', :aggregate_failures do
subject
expect(response).to have_gitlab_http_status(:bad_request)
@@ -167,7 +167,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { create_vulnerability }.to be_allowed_for(:admin) }
it { expect { create_vulnerability }.to be_allowed_for(:owner).of(project) }
it { expect { create_vulnerability }.to be_allowed_for(:maintainer).of(project) }
@@ -202,7 +202,7 @@
stub_feature_flags(deprecate_vulnerabilities_feedback: false)
end
- it 'dismisses a vulnerability and its associated findings' do
+ it 'dismisses a vulnerability and its associated findings', :aggregate_failures do
freeze_time do
dismiss_vulnerability
@@ -240,7 +240,7 @@
Grape::Endpoint.before_each nil
end
- it 'responds with error' do
+ it 'responds with error', :aggregate_failures do
dismiss_vulnerability
expect(response).to have_gitlab_http_status(:bad_request)
@@ -261,7 +261,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { dismiss_vulnerability }.to be_allowed_for(:admin) }
it { expect { dismiss_vulnerability }.to be_allowed_for(:owner).of(project) }
it { expect { dismiss_vulnerability }.to be_allowed_for(:maintainer).of(project) }
@@ -291,7 +291,7 @@
project.add_developer(user)
end
- it 'resolves a vulnerability and its associated findings' do
+ it 'resolves a vulnerability and its associated findings', :aggregate_failures do
freeze_time do
resolve_vulnerability
@@ -311,7 +311,7 @@
post api("/vulnerabilities/#{vulnerability_id}/resolve", user), params: { comment: comment }
end
- it 'adds the comment to the vulnerability state transition' do
+ it 'adds the comment to the vulnerability state transition', :aggregate_failures do
resolve_vulnerability
expect(response).to have_gitlab_http_status(:created)
@@ -336,7 +336,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { resolve_vulnerability }.to be_allowed_for(:admin) }
it { expect { resolve_vulnerability }.to be_allowed_for(:owner).of(project) }
it { expect { resolve_vulnerability }.to be_allowed_for(:maintainer).of(project) }
@@ -371,7 +371,7 @@
project.add_developer(user)
end
- it 'confirms a vulnerability and its associated findings' do
+ it 'confirms a vulnerability and its associated findings', :aggregate_failures do
freeze_time do
confirm_vulnerability
@@ -400,7 +400,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { confirm_vulnerability }.to be_allowed_for(:admin) }
it { expect { confirm_vulnerability }.to be_allowed_for(:owner).of(project) }
it { expect { confirm_vulnerability }.to be_allowed_for(:maintainer).of(project) }
@@ -473,7 +473,7 @@
Grape::Endpoint.before_each nil
end
- it 'responds with error' do
+ it 'responds with error', :aggregate_failures do
revert_vulnerability_to_detected
expect(response).to have_gitlab_http_status(:bad_request)
@@ -494,7 +494,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { revert_vulnerability_to_detected }.to be_allowed_for(:admin) }
it { expect { revert_vulnerability_to_detected }.to be_allowed_for(:owner).of(project) }
it { expect { revert_vulnerability_to_detected }.to be_allowed_for(:maintainer).of(project) }
diff --git a/ee/spec/requests/api/vulnerability_exports_spec.rb b/ee/spec/requests/api/vulnerability_exports_spec.rb
index 41f49df55649afcc54a3f48a200cf245975a7ae7..a8a6c931870ee2e490403dd6e041d081fc05f12e 100644
--- a/ee/spec/requests/api/vulnerability_exports_spec.rb
+++ b/ee/spec/requests/api/vulnerability_exports_spec.rb
@@ -22,7 +22,7 @@
context 'when the request does not fulfill the requirements' do
let(:format) { 'exif' }
- it 'responds with bad_request' do
+ it 'responds with bad_request', :aggregate_failures do
create_vulnerability_export
expect(response).to have_gitlab_http_status(:bad_request)
@@ -54,7 +54,7 @@
context 'when the export creation succeeds' do
let(:vulnerability_export) { create(:vulnerability_export) }
- it 'returns information about new vulnerability export' do
+ it 'returns information about new vulnerability export', :aggregate_failures do
create_vulnerability_export
expect(response).to have_gitlab_http_status(:created)
@@ -66,7 +66,7 @@
let(:errors) { instance_double(ActiveModel::Errors, any?: true, messages: ['foo']) }
let(:vulnerability_export) { instance_double(Vulnerabilities::Export, persisted?: false, errors: errors) }
- it 'returns the error message' do
+ it 'returns the error message', :aggregate_failures do
create_vulnerability_export
expect(response).to have_gitlab_http_status(:bad_request)
@@ -89,7 +89,7 @@
let(:deny_setup) { project.add_guest(user) }
let(:permission_setup) { project.add_developer(user) }
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { create_vulnerability_export }.to be_allowed_for(:admin) }
it { expect { create_vulnerability_export }.to be_allowed_for(:owner).of(project) }
it { expect { create_vulnerability_export }.to be_allowed_for(:maintainer).of(project) }
@@ -132,7 +132,7 @@
end
context 'when export is finished' do
- it 'returns information about vulnerability export' do
+ it 'returns information about vulnerability export', :aggregate_failures do
get_vulnerability_export
expect(response).to have_gitlab_http_status(:ok)
@@ -150,7 +150,7 @@
context 'when export is running' do
let_it_be(:vulnerability_export) { create(:vulnerability_export, :running, :csv, project: project, author: user) }
- it 'returns information about vulnerability export' do
+ it 'returns information about vulnerability export', :aggregate_failures do
get_vulnerability_export
expect(response).to have_gitlab_http_status(:accepted)
@@ -166,7 +166,7 @@
end
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
context 'for export author' do
before do
project.add_developer(user)
@@ -200,7 +200,7 @@
context 'when export is running' do
let!(:vulnerability_export) { create(:vulnerability_export, :running, :csv, project: project, author: user) }
- it 'renders 404' do
+ it 'renders 404', :aggregate_failures do
download_vulnerability_export
expect(response).to have_gitlab_http_status(:not_found)
@@ -220,7 +220,7 @@
end
context 'when export is finished' do
- it 'renders 200 with CSV file' do
+ it 'renders 200 with CSV file', :aggregate_failures do
download_vulnerability_export
expect(response).to have_gitlab_http_status(:ok)
@@ -231,7 +231,7 @@
end
describe 'permissions' do
- context 'for export author' do
+ context 'for export author', :enable_admin_mode do
before do
project.add_developer(user)
end
diff --git a/ee/spec/requests/api/vulnerability_findings_spec.rb b/ee/spec/requests/api/vulnerability_findings_spec.rb
index 028fec78d9795fc1efdbcffdad327dff359ae04c..a139c793a8723a37e1631a7f64f81fb578acd3ef 100644
--- a/ee/spec/requests/api/vulnerability_findings_spec.rb
+++ b/ee/spec/requests/api/vulnerability_findings_spec.rb
@@ -58,7 +58,7 @@
# That's why the page size is 40.
let(:pagination) { { per_page: 40 } }
- it 'returns all non-dismissed vulnerabilities' do
+ it 'returns all non-dismissed vulnerabilities', :aggregate_failures do
# all findings except one that was dismissed
finding_count = (sast_report.findings.count + ds_report.findings.count - 1).to_s
@@ -77,7 +77,7 @@
stub_feature_flags(deprecate_vulnerabilities_feedback: false)
end
- it 'returns all non-dismissed vulnerabilities' do
+ it 'returns all non-dismissed vulnerabilities', :aggregate_failures do
# all findings except one that was dismissed
finding_count = (sast_report.findings.count + ds_report.findings.count - 1).to_s
@@ -119,7 +119,7 @@
context 'when the `Security::PureFindingsFinder` is not available' do
let(:pure_finder_available?) { false }
- it 'uses the `Security::FindingsFinder`' do
+ it 'uses the `Security::FindingsFinder`', :aggregate_failures do
expect(mock_pure_findings_finder).not_to have_received(:execute)
expect(mock_findings_finder).to have_received(:execute)
end
@@ -128,7 +128,7 @@
context 'when the `Security::PureFindingsFinder` is available' do
let(:pure_finder_available?) { true }
- it 'uses the `Security::FindingsFinder`' do
+ it 'uses the `Security::FindingsFinder`', :aggregate_failures do
expect(mock_pure_findings_finder).to have_received(:execute)
expect(mock_findings_finder).not_to have_received(:execute)
end
@@ -136,7 +136,7 @@
end
describe 'filtering' do
- it 'returns vulnerabilities with sast report_type' do
+ it 'returns vulnerabilities with sast report_type', :aggregate_failures do
finding_count = (sast_report.findings.count - 1).to_s # all SAST findings except one that was dismissed
get api(project_vulnerability_findings_path, user), params: { report_type: 'sast' }
@@ -152,7 +152,7 @@
expect(json_response.first['name']).to eq 'ECB mode is insecure'
end
- it 'returns vulnerabilities with dependency_scanning report_type' do
+ it 'returns vulnerabilities with dependency_scanning report_type', :aggregate_failures do
finding_count = ds_report.findings.count.to_s
get api(project_vulnerability_findings_path, user), params: { report_type: 'dependency_scanning' }
@@ -174,7 +174,7 @@
expect(response).to have_gitlab_http_status(:bad_request)
end
- it 'returns dismissed vulnerabilities with `all` scope' do
+ it 'returns dismissed vulnerabilities with `all` scope', :aggregate_failures do
finding_count = (sast_report.findings.count + ds_report.findings.count).to_s
get api(project_vulnerability_findings_path, user), params: { scope: 'all' }.merge(pagination)
@@ -184,7 +184,7 @@
expect(response.headers['X-Total']).to eq finding_count
end
- it 'returns vulnerabilities with low severity' do
+ it 'returns vulnerabilities with low severity', :aggregate_failures do
get api(project_vulnerability_findings_path, user), params: { severity: 'low' }.merge(pagination)
expect(response).to have_gitlab_http_status(:ok)
@@ -198,7 +198,7 @@
expect(response).to have_gitlab_http_status(:bad_request)
end
- it 'returns vulnerabilities with high confidence' do
+ it 'returns vulnerabilities with high confidence', :aggregate_failures do
get api(project_vulnerability_findings_path, user), params: { confidence: 'high' }.merge(pagination)
expect(response).to have_gitlab_http_status(:ok)
@@ -213,7 +213,7 @@
end
context 'when pipeline_id is supplied' do
- it 'returns vulnerabilities from supplied pipeline' do
+ it 'returns vulnerabilities from supplied pipeline', :aggregate_failures do
finding_count = (sast_report.findings.count + ds_report.findings.count - 1).to_s
get api(project_vulnerability_findings_path, user), params: { pipeline_id: pipeline.id }.merge(pagination)
@@ -254,7 +254,7 @@
end
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
subject(:get_vulnerability_findings) { get api(project_vulnerability_findings_path, user) }
it { expect { get_vulnerability_findings }.to be_allowed_for(:admin) }
diff --git a/ee/spec/requests/api/vulnerability_issue_links_spec.rb b/ee/spec/requests/api/vulnerability_issue_links_spec.rb
index b8164f1f49b1983908dd450fad7a309da666ba5d..527fb3c4d4933bf4629e4a2e3f6c5d035aa8a15c 100644
--- a/ee/spec/requests/api/vulnerability_issue_links_spec.rb
+++ b/ee/spec/requests/api/vulnerability_issue_links_spec.rb
@@ -49,7 +49,7 @@
include_examples 'responds with list of only visible issue links'
- it 'does not return confidential issue in the response' do
+ it 'does not return confidential issue in the response', :aggregate_failures do
get_issue_links
expect(json_response.map { |link| link['id'] }).not_to include(confidential_issue.id)
@@ -64,7 +64,7 @@
include_examples 'responds with list of only visible issue links'
- it 'does not return issue from inaccessible project' do
+ it 'does not return issue from inaccessible project', :aggregate_failures do
get_issue_links
expect(json_response.map { |link| link['id'] }).not_to include(private_issue.id)
@@ -77,7 +77,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { get_issue_links }.to be_allowed_for(:admin) }
it { expect { get_issue_links }.to be_allowed_for(:owner).of(project) }
it { expect { get_issue_links }.to be_allowed_for(:maintainer).of(project) }
@@ -108,7 +108,7 @@
end
context 'with valid params' do
- it 'creates a new vulnerability-issue link' do
+ it 'creates a new vulnerability-issue link', :aggregate_failures do
create_issue_link
expect(response).to have_gitlab_http_status(:created)
@@ -149,7 +149,7 @@
other_issue.project.add_developer(user)
end
- it 'creates a new vulnerability-issue link' do
+ it 'creates a new vulnerability-issue link', :aggregate_failures do
create_issue_link
expect(response).to have_gitlab_http_status(:created)
@@ -176,7 +176,7 @@
create(:vulnerabilities_issue_link, vulnerability: vulnerability, issue: issue)
end
- it 'responds with "conflict" status code and specific error message' do
+ it 'responds with "conflict" status code and specific error message', :aggregate_failures do
create_issue_link
expect(response).to have_gitlab_http_status(:unprocessable_entity)
@@ -191,7 +191,7 @@
let(:params) { super().merge(link_type: 'created') }
- it 'responds with "conflict" status code and specific error message' do
+ it 'responds with "conflict" status code and specific error message', :aggregate_failures do
create_issue_link
expect(response).to have_gitlab_http_status(:unprocessable_entity)
@@ -214,7 +214,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { create_issue_link }.to be_allowed_for(:admin) }
it { expect { create_issue_link }.to be_allowed_for(:owner).of(project) }
it { expect { create_issue_link }.to be_allowed_for(:maintainer).of(project) }
@@ -243,7 +243,7 @@
end
context 'with valid params' do
- it 'deletes the specified vulnerability-issue link' do
+ it 'deletes the specified vulnerability-issue link', :aggregate_failures do
delete_issue_link
expect(response).to have_gitlab_http_status(:ok)
@@ -259,7 +259,7 @@
let_it_be(:issue) { create(:issue, project: private_project) }
let_it_be(:vulnerability_issue_link) { create(:vulnerabilities_issue_link, vulnerability: vulnerability, issue: issue) }
- it 'deletes the link without disclosing the linked issue' do
+ it 'deletes the link without disclosing the linked issue', :aggregate_failures do
delete_issue_link
expect(response).to have_gitlab_http_status(:ok)
@@ -285,7 +285,7 @@
it_behaves_like 'forbids access to vulnerability API endpoint in case of disabled features'
end
- describe 'permissions' do
+ describe 'permissions', :enable_admin_mode do
it { expect { delete_issue_link }.to be_allowed_for(:admin) }
it { expect { delete_issue_link }.to be_allowed_for(:owner).of(project) }
it { expect { delete_issue_link }.to be_allowed_for(:maintainer).of(project) }
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 3b50d821b4c2a22b6fd0a74430afdd9e759acfe6..bde160b03cd32ea51dd771dfaa0bc747c4c9ce69 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -415,10 +415,6 @@
./ee/spec/requests/api/projects_spec.rb
./ee/spec/requests/api/settings_spec.rb
./ee/spec/requests/api/users_spec.rb
- ./ee/spec/requests/api/vulnerabilities_spec.rb
- ./ee/spec/requests/api/vulnerability_exports_spec.rb
- ./ee/spec/requests/api/vulnerability_findings_spec.rb
- ./ee/spec/requests/api/vulnerability_issue_links_spec.rb
./ee/spec/support/shared_examples/requests/api/project_approval_rules_api_shared_examples.rb
]