Add GRAPHQL option to ScanMethodTypeEnum
What does this MR do and why?
This Merge Request adds the GRAPHQL
option to ScanMethodTypeEnum.
This change is necessary to allow the creation of dast site profiles
with GraphQL scan method as described in #378692 (closed).
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
-
Go to
/-/graphql-explorer
-
Create a query like
mutation dastSiteProfileCreate($input: DastSiteProfileCreateInput!) {
dastSiteProfileCreate(input: $input) {
errors
dastSiteProfile {
id
}
}
}
{
"input": {
"fullPath": "root/apiscantest",
"profileName": "Test GraphQL",
"scanMethod": "GRAPHQL",
"targetType": "API",
"targetUrl": "http://localhost"
}
}
- Check the result
{
"data": {
"dastSiteProfileCreate": {
"errors": [],
"dastSiteProfile": {
"id": "gid://gitlab/DastSiteProfile/15"
}
}
}
}
- Check the new record via rails console
rails c
DastSiteProfile.last
DastSiteProfile Load (1.1ms) SELECT "dast_site_profiles".* FROM "dast_site_profiles" ORDER BY "dast_site_profiles"."id" DESC LIMIT 1
=> #<DastSiteProfile:0x0000000127b3f588
id: 15,
project_id: 20,
dast_site_id: 9,
created_at: Mon, 28 Nov 2022 20:43:05.485958000 UTC +00:00,
updated_at: Mon, 28 Nov 2022 20:43:05.485958000 UTC +00:00,
name: "Test GraphQL",
excluded_urls: [],
auth_enabled: false,
auth_url: nil,
auth_username_field: nil,
auth_password_field: nil,
auth_username: nil,
target_type: "api",
scan_method: "graphql",
auth_submit_field: nil,
scan_file_path: "http://localhost">
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Marcos Rocha