added godoc and tests

xanzy · Apr 12, 2022 · c283c78 · c283c78
1 parent 0f9bf5f
commit c283c78
Show file tree

Hide file tree

Showing 2 changed files with 179 additions and 39 deletions.
diff --git a/project_vulnerabilities.go b/project_vulnerabilities.go
@@ -1,64 +1,98 @@
+//
+// Copyright 2021, Sander van Harmelen
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
 package gitlab
 
 import (
 	"fmt"
 	"net/http"
 	"time"
+
+	retryablehttp "github.com/hashicorp/go-retryablehttp"
 )
 
+// ProjectVulnerabilitiesService handles communication with the projects vulnerabilities
+// related methods of the GitLab API.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html
 type ProjectVulnerabilitiesService struct {
 	client *Client
 }
 
+// Project represents a GitLab project vulnerability.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html
 type ProjectVulnerability struct {
-	AuthorID                int       `json:"author_id"`
-	Confidence              string    `json:"confidence"`
-	CreatedAt               time.Time `json:"created_at"`
-	Description             string    `json:"description"`
-	DismissedAt             time.Time `json:"dismissed_at"`
-	DismissedByID           int       `json:"dismissed_by_id"`
-	DueDate                 time.Time `json:"due_date"`
-	Finding                 Finding   `json:"finding"`
-	ID                      int       `json:"id"`
-	LastEditedAt            time.Time `json:"last_edited_at"`
-	LastEditedByID          int       `json:"last_edited_by_id"`
-	Project                 Project   `json:"project"`
-	ProjectDefaultBranch    string    `json:"project_default_branch"`
-	ReportType              string    `json:"report_type"`
-	ResolvedAt              time.Time `json:"resolved_at"`
-	ResolvedByID            int       `json:"resolved_by_id"`
-	ResolvedOnDefaultBranch bool      `json:"resolved_on_default_branch"`
-	Severity                string    `json:"severity"`
-	StartDate               time.Time `json:"start_date"`
-	State                   string    `json:"state"`
-	Title                   string    `json:"title"`
-	UpdatedAt               time.Time `json:"updated_at"`
-	UpdatedByID             int       `json:"updated_by_id"`
+	AuthorID                int        `json:"author_id"`
+	Confidence              string     `json:"confidence"`
+	CreatedAt               *time.Time `json:"created_at"`
+	Description             string     `json:"description"`
+	DismissedAt             *time.Time `json:"dismissed_at"`
+	DismissedByID           int        `json:"dismissed_by_id"`
+	DueDate                 *time.Time `json:"due_date"`
+	Finding                 Finding    `json:"finding"`
+	ID                      int        `json:"id"`
+	LastEditedAt            *time.Time `json:"last_edited_at"`
+	LastEditedByID          int        `json:"last_edited_by_id"`
+	Project                 Project    `json:"project"`
+	ProjectDefaultBranch    string     `json:"project_default_branch"`
+	ReportType              string     `json:"report_type"`
+	ResolvedAt              *time.Time `json:"resolved_at"`
+	ResolvedByID            int        `json:"resolved_by_id"`
+	ResolvedOnDefaultBranch bool       `json:"resolved_on_default_branch"`
+	Severity                string     `json:"severity"`
+	StartDate               *time.Time `json:"start_date"`
+	State                   string     `json:"state"`
+	Title                   string     `json:"title"`
+	UpdatedAt               *time.Time `json:"updated_at"`
+	UpdatedByID             int        `json:"updated_by_id"`
 }
 
+// Project represents a GitLab project vulnerability finding.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html
 type Finding struct {
-	Confidence          string    `json:"confidence"`
-	CreatedAt           time.Time `json:"created_at"`
-	ID                  int       `json:"id"`
-	LocationFingerprint string    `json:"location_fingerprint"`
-	MetadataVersion     string    `json:"metadata_version"`
-	Name                string    `json:"name"`
-	PrimaryIdentifierID int       `json:"primary_identifier_id"`
-	ProjectFingerprint  string    `json:"project_fingerprint"`
-	ProjectID           int       `json:"project_id"`
-	RawMetadata         string    `json:"raw_metadata"`
-	ReportType          string    `json:"report_type"`
-	ScannerID           int       `json:"scanner_id"`
-	Severity            string    `json:"severity"`
-	UpdatedAt           time.Time `json:"updated_at"`
-	UUID                string    `json:"uuid"`
-	VulnerabilityID     int       `json:"vulnerability_id"`
+	Confidence          string     `json:"confidence"`
+	CreatedAt           *time.Time `json:"created_at"`
+	ID                  int        `json:"id"`
+	LocationFingerprint string     `json:"location_fingerprint"`
+	MetadataVersion     string     `json:"metadata_version"`
+	Name                string     `json:"name"`
+	PrimaryIdentifierID int        `json:"primary_identifier_id"`
+	ProjectFingerprint  string     `json:"project_fingerprint"`
+	ProjectID           int        `json:"project_id"`
+	RawMetadata         string     `json:"raw_metadata"`
+	ReportType          string     `json:"report_type"`
+	ScannerID           int        `json:"scanner_id"`
+	Severity            string     `json:"severity"`
+	UpdatedAt           *time.Time `json:"updated_at"`
+	UUID                string     `json:"uuid"`
+	VulnerabilityID     int        `json:"vulnerability_id"`
 }
 
+// ListProjectVulnerabilitiesOptions represents the available ListProjectVulnerabilities() options.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html#list-project-vulnerabilities
 type ListProjectVulnerabilitiesOptions struct {
 	ListOptions
 }
 
+// ListProjectVulnerabilities gets a list of all project vulnerabilities
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html#list-project-vulnerabilities
 func (s *ProjectVulnerabilitiesService) ListProjectVulnerabilities(pid interface{}, opt *ListProjectVulnerabilitiesOptions, options ...RequestOptionFunc) ([]*ProjectVulnerability, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
@@ -79,3 +113,37 @@ func (s *ProjectVulnerabilitiesService) ListProjectVulnerabilities(pid interface
 
 	return p, resp, err
 }
+
+// CreateVulnerabilityOptions represents the available CreateVulnerability() options.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html#new-vulnerability
+type CreateVulnerabilityOptions struct {
+	FindingID string `url:"finding_id,omitempty" json:"finding_id,omitempty"`
+}
+
+// CreateVulnerability creates a new vulnerability on the selected project
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html#new-vulnerability
+func (s *ProjectVulnerabilitiesService) CreateVulnerability(pid interface{}, opt *CreateVulnerabilityOptions, options ...RequestOptionFunc) (*ProjectVulnerability, *Response, error) {
+	var err error
+	var req *retryablehttp.Request
+
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/vulnerabilities", PathEscape(project))
+
+	req, err = s.client.NewRequest(http.MethodPost, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(ProjectVulnerability)
+	resp, err := s.client.Do(req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, err
+}
diff --git a/project_vulnerabilities_test.go b/project_vulnerabilities_test.go
@@ -0,0 +1,72 @@
+//
+// Copyright 2021, Sander van Harmelen
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+	"reflect"
+	"testing"
+)
+
+func TestListProjectVulnerabilities(t *testing.T) {
+	mux, server, client := setup(t)
+	defer teardown(server)
+
+	mux.HandleFunc("/api/v4/projects/1/vulnerabilities", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, http.MethodGet)
+		fmt.Fprint(w, `[{"id":1},{"id":2}]`)
+	})
+
+	opt := &ListProjectVulnerabilitiesOptions{
+		ListOptions: ListOptions{2, 3},
+	}
+
+	projectVulnerabilities, _, err := client.ProjectVulnerabilities.ListProjectVulnerabilities(1, opt)
+	if err != nil {
+		t.Errorf("ProjectVulnerabilities.ListProjectVulnerabilities returned error: %v", err)
+	}
+
+	want := []*ProjectVulnerability{{ID: 1}, {ID: 2}}
+	if !reflect.DeepEqual(want, projectVulnerabilities) {
+		t.Errorf("ProjectVulnerabilities.ListProjectVulnerabilities returned %+v, want %+v", projectVulnerabilities, want)
+	}
+}
+
+func TestCreateVulnerability(t *testing.T) {
+	mux, server, client := setup(t)
+	defer teardown(server)
+
+	mux.HandleFunc("/api/v4/projects/1/vulnerabilities", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, http.MethodPost)
+		fmt.Fprint(w, `{"id":1}`)
+	})
+
+	opt := &CreateVulnerabilityOptions{
+		FindingID: "1",
+	}
+
+	projectVulnerability, _, err := client.ProjectVulnerabilities.CreateVulnerability(1, opt)
+	if err != nil {
+		t.Errorf("ProjectVulnerabilities.CreateVulnerability returned error: %v", err)
+	}
+
+	want := &ProjectVulnerability{ID: 1}
+	if !reflect.DeepEqual(want, projectVulnerability) {
+		t.Errorf("ProjectVulnerabilities.CreateVulnerability returned %+v, want %+v", projectVulnerability, want)
+	}
+}