DAST Site profile - Mismatch between client-side edit mutation and backend implementation
There seem to be a mismatch between the frontend and backend implementations for editing DAST site profiles.
Problems
Malformed client-side query
The client-side query is trying to query the project
field, which doesn't actually exist in the mutation.
id
parameter
Type mismatch for the The frontend passes the id
parameter as ID!
when it should actually be DastSiteProfileID!
.
Invalid ID
Finally, the frontend uses site profiles' IDs instead of expected GIDs.
Solution
Let's modify the client-side query to match the backend implementation.
diff --git a/ee/app/assets/javascripts/dast_site_profiles_form/graphql/dast_site_profile_update.mutation.graphql b/ee/app/assets/javascripts/dast_site_profiles_form/graphql/dast_site_profile_update.mutation.graphql
index 23139dcc1ec..60db94aff3a 100644
--- a/ee/app/assets/javascripts/dast_site_profiles_form/graphql/dast_site_profile_update.mutation.graphql
+++ b/ee/app/assets/javascripts/dast_site_profiles_form/graphql/dast_site_profile_update.mutation.graphql
@@ -1,13 +1,13 @@
mutation dastSiteProfileUpdate(
- $id: ID!
+ $id: DastSiteProfileID!
$fullPath: ID!
$profileName: String!
$targetUrl: String
) {
- project(fullPath: $fullPath) {
- dastSiteProfileUpdate(input: { id: $id, profileName: $profileName, targetUrl: $targetUrl }) {
- id
- errors
- }
+ dastSiteProfileUpdate(
+ input: { id: $id, fullPath: $fullPath, profileName: $profileName, targetUrl: $targetUrl }
+ ) {
+ id
+ errors
}
}
We should also figure out how to pass the global ID from the HAML template down to the Vue app, so that the correct value is passed to the query.