Fix corpus delete by updating corpus fetch
What does this MR do and why?
Fixes: #352073 (closed)
The bug
Deleting a corpus is done via the destroyPackage
mutation. Deleting a corpus via the corpus management UI ends up with a corpus with missing data. See further below the issues that recently caused this bug. An MR landed ~4 days ago that seems to have caused this bug.
Describe in detail what your merge request does and why.
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
- Enable the feature flags: corpus_management and corpus_management_ui
- Go to the security > configuration > corpus management (your_project_id/-/security/configuration/corpus_management)
- Upload the corpus
- delete the corpus.
- The corpus should not be visible.
Database review:
Query before the changes:
AppSec::Fuzzing::Coverage::Corpus.joins(:package).where(package: { project_id: 29 }).explain
AppSec::Fuzzing::Coverage::Corpus Load (0.6ms) SELECT "coverage_fuzzing_corpuses".* FROM "coverage_fuzzing_corpuses" INNER JOIN "packages_packages" "package" ON "package"."id" = "coverage_fuzzing_corpuses"."package_id" WHERE "package"."project_id" = 29 /*application:console,db_config_name:main,line:(pry):7:in `__pry__'*/
=> EXPLAIN for: SELECT "coverage_fuzzing_corpuses".* FROM "coverage_fuzzing_corpuses" INNER JOIN "packages_packages" "package" ON "package"."id" = "coverage_fuzzing_corpuses"."package_id" WHERE "package"."project_id" = 29 /*application:console,db_config_name:main,line:(pry):7:in `__pry__'*/
QUERY PLAN
------------------------------------------------------------------------------------------------------------------------------------
Nested Loop (cost=0.15..4.18 rows=1 width=56)
-> Seq Scan on coverage_fuzzing_corpuses (cost=0.00..1.00 rows=1 width=56)
-> Index Scan using index_packages_packages_on_id_and_created_at on packages_packages package (cost=0.15..2.17 rows=1 width=8)
Index Cond: (id = coverage_fuzzing_corpuses.package_id)
Filter: (project_id = 29)
(5 rows)
Query after the changes:
AppSec::Fuzzing::Coverage::Corpus.by_project_id_and_status_hidden(29).explain
AppSec::Fuzzing::Coverage::Corpus Load (0.6ms) SELECT "coverage_fuzzing_corpuses".* FROM "coverage_fuzzing_corpuses" INNER JOIN "packages_packages" "package" ON "package"."id" = "coverage_fuzzing_corpuses"."package_id" WHERE "package"."project_id" = 29 AND "package"."status" = 1 /*application:console,db_config_name:main,line:(pry):6:in `__pry__'*/
=> EXPLAIN for: SELECT "coverage_fuzzing_corpuses".* FROM "coverage_fuzzing_corpuses" INNER JOIN "packages_packages" "package" ON "package"."id" = "coverage_fuzzing_corpuses"."package_id" WHERE "package"."project_id" = 29 AND "package"."status" = 1 /*application:console,db_config_name:main,line:(pry):6:in `__pry__'*/
QUERY PLAN
----------------------------------------------------------------------------------------------------------------------------------------
Nested Loop (cost=0.15..3.18 rows=1 width=56)
Join Filter: (coverage_fuzzing_corpuses.package_id = package.id)
-> Seq Scan on coverage_fuzzing_corpuses (cost=0.00..1.00 rows=1 width=56)
-> Index Scan using index_packages_packages_on_project_id_and_status on packages_packages package (cost=0.15..2.17 rows=1 width=8)
Index Cond: ((project_id = 29) AND (status = 1))
(5 rows)
https://explain.depesz.com/s/BYUDD
Testing the changes
Tested with changes from MR !79868 (merged)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #352073 (closed)
Edited by Nikola Milojevic