Add ability to comment notes created for vulnerabilities (!27794) · Merge requests · GitLab.org / GitLab

Alan (Maciej) Paruszewski requested to merge 209993-add-ability-to-comment-vulnerability-state-changes into master Mar 23, 2020

What does this MR do?

Related to #209993 (closed)

In this MR we add the ability in the application to comment notes and initiate discussions in Vulnerabilities.

Examples:

Comment note in Vulnerability:

Request: POST /root/security-reports/-/security/vulnerabilities/45/notes

Body:

{
    "in_reply_to_discussion_id": "7c624576b9354b3b394c21ba0436c2d88921f6da",
    "note": {
        "note": "I do not believe it should be dismissed!"
    }
}

Update note in Vulnerability:

Request: PUT /root/security-reports/-/security/vulnerabilities/45/notes/1410

Body:

{
    "note": {
        "note": "I do not believe it should be dismissed!"
    }
}

Delete note in Vulnerability:

Request: DELETE /root/security-reports/-/security/vulnerabilities/45/notes/1410

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
[-] Tested in all supported browsers
[-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

[-] Label as security and @ mention @gitlab-com/gl-security/appsec
[-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
[-] Security reports checked/validated by a reviewer from the AppSec team

Edited Apr 02, 2020 by Mayra Cabrera

Add ability to comment notes created for vulnerabilities

What does this MR do?

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Merge request reports