diff --git a/ee/app/graphql/mutations/dast_site_profiles/create.rb b/ee/app/graphql/mutations/dast_site_profiles/create.rb
index 60bd0f45b63bcd40a5863da617929a2e3d4a0d5d..5978b7dafa5ab93fc7b0288889fa390396aea678 100644
--- a/ee/app/graphql/mutations/dast_site_profiles/create.rb
+++ b/ee/app/graphql/mutations/dast_site_profiles/create.rb
@@ -30,12 +30,12 @@ def resolve(full_path:, profile_name:, target_url: nil)
raise_resource_not_available_error! unless Feature.enabled?(:security_on_demand_scans_feature_flag, project)
service = ::DastSiteProfiles::CreateService.new(project, current_user)
- result = service.execute(name: profile_name, target_url: target_url)
+ dast_site_profile = service.execute(name: profile_name, target_url: target_url)
- if result.success?
- { id: result.payload.to_global_id, errors: [] }
+ if dast_site_profile.success?
+ raise 'Not implemented'
else
- { errors: result.errors }
+ { errors: dast_site_profile.errors }
end
end
diff --git a/ee/app/services/dast_site_profiles/create_service.rb b/ee/app/services/dast_site_profiles/create_service.rb
index d1c95c064be84ac6cbc983830e836504fc261762..f58db79b83a68d0d46c15b13dc49e59ab2471fc2 100644
--- a/ee/app/services/dast_site_profiles/create_service.rb
+++ b/ee/app/services/dast_site_profiles/create_service.rb
@@ -2,26 +2,12 @@
module DastSiteProfiles
class CreateService < BaseService
- def execute(name:, target_url:)
+ def execute(name: nil, target_url: nil)
return ServiceResponse.error(message: 'Insufficient permissions') unless allowed?
- ActiveRecord::Base.transaction do
- service = DastSites::FindOrCreateService.new(project, current_user)
- dast_site = service.execute!(url: target_url)
-
- dast_site_profile = DastSiteProfile.create!(project: project, dast_site: dast_site, name: name)
- ServiceResponse.success(payload: dast_site_profile)
- end
-
- rescue ActiveRecord::RecordInvalid => err
- ServiceResponse.error(message: err.record.errors.full_messages)
- rescue => err
- Gitlab::ErrorTracking.track_exception(err)
- ServiceResponse.error(message: 'Internal server error')
+ ServiceResponse.error(message: 'Not implemented')
end
- private
-
def allowed?
Ability.allowed?(current_user, :run_ondemand_dast_scan, project)
end
diff --git a/ee/app/services/dast_sites/find_or_create_service.rb b/ee/app/services/dast_sites/find_or_create_service.rb
deleted file mode 100644
index 94bf62dd062ebbe440ba8935328dc367960911a8..0000000000000000000000000000000000000000
--- a/ee/app/services/dast_sites/find_or_create_service.rb
+++ /dev/null
@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-module DastSites
- class FindOrCreateService < BaseService
- PermissionsError = Class.new(StandardError)
-
- def execute!(url:)
- raise PermissionsError.new('Insufficient permissions') unless allowed?
-
- find_or_create_by!(url)
- end
-
- private
-
- def allowed?
- Ability.allowed?(current_user, :run_ondemand_dast_scan, project)
- end
-
- def find_or_create_by!(url)
- DastSite.safe_find_or_create_by!(project: project, url: url)
- end
- end
-end
diff --git a/ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb b/ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
index 6eef3d261d4f53d5ecd1a92c70aead9646b556c0..cf479a58888133569666fbcb11917f8b96dbfb91 100644
--- a/ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
+++ b/ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
@@ -47,52 +47,26 @@
end
context 'when the user is an owner' do
- it 'returns the dast_site_profile id' do
+ it 'stubs out the response' do
group.add_owner(user)
- expect(subject[:id].to_s).to include('gid://gitlab/DastSiteProfile/1')
+ expect(subject[:errors]).to eq(['Not implemented'])
end
end
context 'when the user is a maintainer' do
- it 'returns the dast_site_profile id' do
+ it 'stubs out the response' do
project.add_maintainer(user)
- expect(subject[:id].to_s).to include('gid://gitlab/DastSiteProfile/2')
+ expect(subject[:errors]).to eq(['Not implemented'])
end
end
context 'when the user is a developer' do
- before do
+ it 'stubs out the response' do
project.add_developer(user)
- end
-
- it 'returns the dast_site_profile id' do
- expect(subject[:id].to_s).to include('gid://gitlab/DastSiteProfile/3')
- end
-
- it 'calls the dast_site_profile creation service' do
- service = double('service')
- result = double('result', success?: false, errors: [])
-
- expect(DastSiteProfiles::CreateService).to receive(:new).and_return(service)
- expect(service).to receive(:execute).with(name: profile_name, target_url: target_url).and_return(result)
-
- subject
- end
-
- context 'when the project name already exists' do
- it 'returns an error' do
- subject
-
- response = mutation.resolve(
- full_path: full_path,
- profile_name: profile_name,
- target_url: target_url
- )
- expect(response[:errors]).to include('Name has already been taken')
- end
+ expect(subject[:errors]).to eq(['Not implemented'])
end
end
end
diff --git a/ee/spec/requests/api/graphql/mutations/dast_site_profiles/create_spec.rb b/ee/spec/requests/api/graphql/mutations/dast_site_profiles/create_spec.rb
index eb8d666fe53fe5e4d3da01fc138f8a46cd638252..87c4c5ddef64b4c6912edc4f352bed157fa9c90b 100644
--- a/ee/spec/requests/api/graphql/mutations/dast_site_profiles/create_spec.rb
+++ b/ee/spec/requests/api/graphql/mutations/dast_site_profiles/create_spec.rb
@@ -46,11 +46,7 @@ def mutation_response
project.add_developer(current_user)
end
- it 'returns a the dast_site_profile id' do
- post_graphql_mutation(mutation, current_user: current_user)
-
- expect(mutation_response['id']).to eq('gid://gitlab/DastSiteProfile/1')
- end
+ it_behaves_like 'a mutation that returns errors in the response', errors: ['Not implemented']
end
end
end
diff --git a/ee/spec/services/dast_site_profiles/create_service_spec.rb b/ee/spec/services/dast_site_profiles/create_service_spec.rb
index 9e0c5c367e3c5ae2800c14f7ee62f7f354684b7a..7976805ecbb2d18838547db593b242ee06be2351 100644
--- a/ee/spec/services/dast_site_profiles/create_service_spec.rb
+++ b/ee/spec/services/dast_site_profiles/create_service_spec.rb
@@ -13,8 +13,6 @@
let(:status) { subject.status }
let(:message) { subject.message }
- let(:errors) { subject.errors }
- let(:payload) { subject.payload }
context 'when the user does not have permission to run a dast scan' do
it 'returns an error status' do
@@ -31,54 +29,12 @@
project.add_developer(user)
end
- it 'returns a success status' do
- expect(status).to eq(:success)
- end
-
- it 'creates a dast_site_profile' do
- expect { subject }.to change(DastSiteProfile, :count).by(1)
- end
-
- it 'creates a dast_site' do
- expect { subject }.to change(DastSite, :count).by(1)
- end
-
- it 'returns a dast_site_profile payload' do
- expect(payload).to be_a(DastSiteProfile)
- end
-
- context 'when the dast_site already exists' do
- before do
- create(:dast_site, project: project, url: target_url)
- end
-
- it 'returns a success status' do
- expect(status).to eq(:success)
- end
-
- it 'does not create a new dast_site' do
- expect { subject }.not_to change(DastSite, :count)
- end
- end
-
- context 'when the target url is localhost' do
- let(:target_url) { 'http://localhost:3000/hello-world' }
-
- it 'returns an error status' do
- expect(status).to eq(:error)
- end
-
- it 'populates errors' do
- expect(errors).to include('Url is blocked: Requests to localhost are not allowed')
- end
+ it 'returns an error status' do
+ expect(status).to eq(:error)
end
- context 'when an unknown error occurs' do
- it 'populates errors with a generic message' do
- allow(DastSiteProfile).to receive(:create!).and_raise(StandardError)
-
- expect(errors).to include('Internal server error')
- end
+ it 'populates message' do
+ expect(message).to eq('Not implemented')
end
end
end
diff --git a/ee/spec/services/dast_sites/find_or_create_service_spec.rb b/ee/spec/services/dast_sites/find_or_create_service_spec.rb
deleted file mode 100644
index 00078be812d1272260965348036d20d20b2000e6..0000000000000000000000000000000000000000
--- a/ee/spec/services/dast_sites/find_or_create_service_spec.rb
+++ /dev/null
@@ -1,59 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe DastSites::FindOrCreateService do
- let(:user) { create(:user) }
- let(:project) { create(:project, :repository, creator: user) }
- let(:url) { FFaker::Internet.uri(:http) }
-
- describe '#execute!' do
- subject { described_class.new(project, user).execute!(url: url) }
-
- context 'when the user does not have permission to run a dast scan' do
- it 'raises an exception' do
- expect { subject }.to raise_error(DastSites::FindOrCreateService::PermissionsError) do |err|
- expect(err.message).to include('Insufficient permissions')
- end
- end
- end
-
- context 'when the user can run a dast scan' do
- before do
- project.add_developer(user)
- end
-
- it 'returns a dast_site' do
- expect(subject).to be_a(DastSite)
- end
-
- it 'creates a dast_site' do
- expect { subject }.to change(DastSite, :count).by(1)
- end
-
- context 'when the dast_site already exists' do
- before do
- create(:dast_site, project: project, url: url)
- end
-
- it 'returns the existing dast_site' do
- expect(subject).to be_a(DastSite)
- end
-
- it 'does not create a new dast_site' do
- expect { subject }.not_to change(DastSite, :count)
- end
- end
-
- context 'when the target url is localhost' do
- let(:url) { 'http://localhost:3000/hello-world' }
-
- it 'raises an exception' do
- expect { subject }.to raise_error(ActiveRecord::RecordInvalid) do |err|
- expect(err.record.errors.full_messages).to include('Url is blocked: Requests to localhost are not allowed')
- end
- end
- end
- end
- end
-end