Add latest changes from gitlab-org/gitlab@master

3 files changed, 163 insertions, 4 deletions

diff --git a/spec/frontend/invite_members/components/invite_modal_base_spec.js b/spec/frontend/invite_members/components/invite_modal_base_spec.js
index c26d1d921a5..4f4288196ab 100644
--- a/spec/frontend/invite_members/components/invite_modal_base_spec.js
+++ b/spec/frontend/invite_members/components/invite_modal_base_spec.js
@@ -70,6 +70,7 @@ describe('InviteModalBase', () => {
   const findDisabledInput = () => wrapper.findByTestId('disabled-input');
   const findCancelButton = () => wrapper.findByTestId('invite-modal-cancel');
   const findActionButton = () => wrapper.findByTestId('invite-modal-submit');
+  const findModal = () => wrapper.findComponent(GlModal);
 
   describe('rendering the modal', () => {
     let trackingSpy;
@@ -82,7 +83,7 @@ describe('InviteModalBase', () => {
     });
 
     it('renders the modal with the correct title', () => {
-      expect(wrapper.findComponent(GlModal).props('title')).toBe(propsData.modalTitle);
+      expect(findModal().props('title')).toBe(propsData.modalTitle);
     });
 
     it('displays the introText', () => {
@@ -200,9 +201,7 @@ describe('InviteModalBase', () => {
         });
         trackingSpy = mockTracking(undefined, wrapper.element, jest.spyOn);
 
-        const modal = wrapper.findComponent(GlModal);
-
-        modal.vm.$emit('shown');
+        findModal().vm.$emit('shown');
         expectTracking('render', ON_SHOW_TRACK_LABEL, 'default');
 
         unmockTracking();
@@ -280,4 +279,14 @@ describe('InviteModalBase', () => {
       state: false,
     });
   });
+
+  it('emits the shown event when the modal is shown', () => {
+    createComponent();
+    // Verify that the shown event isn't emitted when the component is first created.
+    expect(wrapper.emitted('shown')).toBeUndefined();
+
+    findModal().vm.$emit('shown');
+
+    expect(wrapper.emitted('shown')).toHaveLength(1);
+  });
 });
diff --git a/spec/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id_spec.rb b/spec/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id_spec.rb
new file mode 100644
index 00000000000..05817001395
--- /dev/null
+++ b/spec/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id_spec.rb
@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Gitlab::BackgroundMigration::DropVulnerabilitiesWithoutFindingId, feature_category: :vulnerability_management do # rubocop:disable Layout/LineLength -- autogenerated
+  let(:namespaces) { table(:namespaces) }
+  let(:projects) { table(:projects) }
+  let(:users) { table(:users) }
+  let(:members) { table(:members) }
+  let(:vulnerability_identifiers) { table(:vulnerability_identifiers) }
+  let(:vulnerability_scanners) { table(:vulnerability_scanners) }
+  let(:vulnerability_findings) { table(:vulnerability_occurrences) }
+  let(:vulnerabilities) { table(:vulnerabilities) }
+  let!(:user) { create_user(email: "test1@example.com", username: "test1") }
+  let!(:namespace) { namespaces.create!(name: "test-1", path: "test-1", owner_id: user.id) }
+  let!(:project) do
+    projects.create!(
+      id: 9999, namespace_id: namespace.id,
+      project_namespace_id: namespace.id,
+      creator_id: user.id
+    )
+  end
+
+  let!(:membership) do
+    members.create!(access_level: 50, source_id: project.id, source_type: "Project", user_id: user.id, state: 0,
+      notification_level: 3, type: "ProjectMember", member_namespace_id: namespace.id)
+  end
+
+  let(:migration_attrs) do
+    {
+      start_id: vulnerabilities.first.id,
+      end_id: vulnerabilities.last.id,
+      batch_table: :vulnerabilities,
+      batch_column: :id,
+      sub_batch_size: 100,
+      pause_ms: 0,
+      connection: ApplicationRecord.connection
+    }
+  end
+
+  describe "#perform" do
+    subject(:background_migration) { described_class.new(**migration_attrs).perform }
+
+    let!(:vulnerability_without_finding_id) { create_vulnerability }
+
+    let!(:vulnerabilities_finding) { create_finding(project) }
+    let!(:vulnerability_with_finding_id) { create_vulnerability(finding_id: vulnerabilities_finding.id) }
+
+    it 'removes all Vulnerabilities without a finding_id' do
+      expect { background_migration }.to change { vulnerabilities.count }.from(2).to(1)
+    end
+  end
+
+  private
+
+  def create_scanner(project, overrides = {})
+    attrs = {
+      project_id: project.id,
+      external_id: "test_vulnerability_scanner",
+      name: "Test Vulnerabilities::Scanner"
+    }.merge(overrides)
+
+    vulnerability_scanners.create!(attrs)
+  end
+
+  def create_identifier(project, overrides = {})
+    attrs = {
+      project_id: project.id,
+      external_id: "CVE-2018-1234",
+      external_type: "CVE",
+      name: "CVE-2018-1234",
+      fingerprint: SecureRandom.hex(20)
+    }.merge(overrides)
+
+    vulnerability_identifiers.create!(attrs)
+  end
+
+  def create_finding(project, overrides = {})
+    attrs = {
+      project_id: project.id,
+      scanner_id: create_scanner(project).id,
+      severity: 5, # medium
+      confidence: 2, # unknown,
+      report_type: 99, # generic
+      primary_identifier_id: create_identifier(project).id,
+      project_fingerprint: SecureRandom.hex(20),
+      location_fingerprint: SecureRandom.hex(20),
+      uuid: SecureRandom.uuid,
+      name: "CVE-2018-1234",
+      raw_metadata: "{}",
+      metadata_version: "test:1.0"
+    }.merge(overrides)
+
+    vulnerability_findings.create!(attrs)
+  end
+
+  def create_vulnerability(overrides = {})
+    attrs = {
+      project_id: project.id,
+      author_id: user.id,
+      title: 'test',
+      severity: 1,
+      confidence: 1,
+      report_type: 1,
+      state: 1,
+      detected_at: Time.zone.now
+    }.merge(overrides)
+
+    vulnerabilities.create!(attrs)
+  end
+
+  def create_user(overrides = {})
+    attrs = {
+      email: "test@example.com",
+      notification_email: "test@example.com",
+      name: "test",
+      username: "test",
+      state: "active",
+      projects_limit: 10
+    }.merge(overrides)
+
+    users.create!(attrs)
+  end
+end
diff --git a/spec/migrations/20231221223259_queue_drop_vulnerabilities_without_finding_id_spec.rb b/spec/migrations/20231221223259_queue_drop_vulnerabilities_without_finding_id_spec.rb
new file mode 100644
index 00000000000..473b9b065bc
--- /dev/null
+++ b/spec/migrations/20231221223259_queue_drop_vulnerabilities_without_finding_id_spec.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require_migration!
+
+RSpec.describe QueueDropVulnerabilitiesWithoutFindingId, feature_category: :vulnerability_management do
+  let!(:batched_migration) { described_class::MIGRATION }
+
+  it 'schedules a new batched migration' do
+    reversible_migration do |migration|
+      migration.before -> {
+        expect(batched_migration).not_to have_scheduled_batched_migration
+      }
+
+      migration.after -> {
+        expect(batched_migration).to have_scheduled_batched_migration(
+          table_name: :vulnerabilities,
+          column_name: :id,
+          interval: described_class::DELAY_INTERVAL,
+          batch_size: described_class::BATCH_SIZE,
+          sub_batch_size: described_class::SUB_BATCH_SIZE
+        )
+      }
+    end
+  end
+end