Skip to content

Update dismissal_reason on vulnerabilityDismiss

Zamir Martins requested to merge update_dismissal_reason_when_mutating into master

What does this MR do and why?

Update dismissal_reason on vulnerabilityDismiss when vulnerability is already dismissed.

Related issue: #394694 (closed)

Example of usage

Request

mutation {
  vulnerabilityDismiss( input: {id: "gid://gitlab/Vulnerability/582", dismissalReason: ACCEPTABLE_RISK}){
    vulnerability {
      state
      stateTransitions {
        nodes {
          dismissalReason
	  createdAt
	  fromState
          toState
        }
      }
    }
  }
}

Response

{
  "data": {
    "vulnerabilityDismiss": {
      "vulnerability": {
        "state": "DISMISSED",
        "stateTransitions": {
          "nodes": [
            {
              "dismissalReason": ACCEPTABLE_RISK,
              "createdAt": "2023-03-17T11:11:33Z",
              "fromState": "DISMISSED",
              "toState": "DISMISSED"
            },
            {
              "dismissalReason": NOT_APPLICABLE,
              "createdAt": "2023-03-15T11:11:33Z",
              "fromState": "DETECTED",
              "toState": "DISMISSED"
            },
            {
              "dismissalReason": null,
              "createdAt": "2023-03-15T11:10:45Z",
              "fromState": "DISMISSED",
              "toState": "DETECTED"
            },
            {
              "dismissalReason": null,
              "createdAt": "2023-03-15T11:10:00Z",
              "fromState": "DETECTED",
              "toState": "DISMISSED"
            }
          ]
        }
      }
    }
  }
}

Error Response

{
  "data": {
    "vulnerabilityDismiss": null
  },
  "errors": [
    {
      "message": "To state must not be the same as from_state for similar dismissal_reason",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "vulnerabilityDismiss"
      ]
    }
  ]
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Zamir Martins

Merge request reports

Loading