Merge pull request #253 from OpenPathfinder/ulises/execute-import

Author: UlisesGascon

__tests__/httpServer/apiV1.test.js

@@ -43,6 +43,7 @@ let getAllChecks
 let getCheckById
 let getAllChecklists
 let getChecklistById
+let getProjectById
 
 beforeAll(async () => {
   // Initialize server asynchronously
@@ -58,7 +59,8 @@ beforeAll(async () => {
     getAllChecks,
     getCheckById,
     getAllChecklists,
-    getChecklistById
+    getChecklistById,
+    getProjectById
   } = initializeStore(knex))
 })
 
@@ -557,4 +559,137 @@ describe('HTTP Server API V1', () => {
 
     test.todo('should return 500 for internal server error')
   })
+
+  describe('POST /api/v1/bulk-import', () => {
+    const operationId = getAllBulkImportOperations()[0].id
+    let largePayload
+    let validPayload
+    let projectId
+
+    beforeEach(async () => {
+      // Create a test project for each test
+      const project = await addProject({ name: 'test-project' })
+      projectId = project.id
+      largePayload = [{
+        type: 'annualDependencyRefresh',
+        project_id: projectId,
+        is_subscribed: true
+      }, {
+        type: 'vulnResponse14Days',
+        project_id: projectId,
+        is_subscribed: true
+      }, {
+        type: 'incidentResponsePlan',
+        project_id: projectId,
+        is_subscribed: true
+      }, {
+        type: 'assignCVEForKnownVulns',
+        project_id: projectId,
+        is_subscribed: true
+      }, {
+        type: 'includeCVEInReleaseNotes',
+        project_id: projectId,
+        is_subscribed: true
+      }]
+      validPayload = [largePayload[0]]
+    })
+
+    test('should return 202 and a success message', async () => {
+      // Check initial state
+      let storedProject = await getProjectById(projectId)
+      expect(storedProject.has_annualDependencyRefresh_policy).toBe(null)
+
+      // Perform bulk import
+      const response = await app
+        .post('/api/v1/bulk-import')
+        .send({ id: operationId, payload: validPayload })
+
+      expect(response.status).toBe(202)
+      expect(response.body).toHaveProperty('status', 'completed')
+      expect(response.body).toHaveProperty('started')
+      expect(response.body).toHaveProperty('finished')
+      expect(response.body).toHaveProperty('result')
+      expect(response.body.result).toHaveProperty('message', 'Bulk import completed successfully')
+      expect(response.body.result).toHaveProperty('success', true)
+
+      // Check final state
+      storedProject = await getProjectById(projectId)
+      expect(storedProject.has_annualDependencyRefresh_policy).toBe(true)
+    })
+
+    test('should return 202 and a success message (case: multiple updates)', async () => {
+      // Check initial state
+      let storedProject = await getProjectById(projectId)
+      expect(storedProject.has_annualDependencyRefresh_policy).toBe(null)
+      expect(storedProject.has_vulnResponse14Days_policy).toBe(null)
+      expect(storedProject.has_incidentResponsePlan_policy).toBe(null)
+      expect(storedProject.has_assignCVEForKnownVulns_policy).toBe(null)
+      expect(storedProject.has_includeCVEInReleaseNotes_policy).toBe(null)
+
+      // Perform bulk import
+      const response = await app
+        .post('/api/v1/bulk-import')
+        .send({ id: operationId, payload: largePayload })
+
+      expect(response.status).toBe(202)
+      expect(response.body).toHaveProperty('status', 'completed')
+      expect(response.body).toHaveProperty('started')
+      expect(response.body).toHaveProperty('finished')
+      expect(response.body).toHaveProperty('result')
+      expect(response.body.result).toHaveProperty('message', 'Bulk import completed successfully')
+      expect(response.body.result).toHaveProperty('success', true)
+
+      // Check final state
+      storedProject = await getProjectById(projectId)
+      expect(storedProject.has_annualDependencyRefresh_policy).toBe(true)
+      expect(storedProject.has_vulnResponse14Days_policy).toBe(true)
+      expect(storedProject.has_incidentResponsePlan_policy).toBe(true)
+      expect(storedProject.has_assignCVEForKnownVulns_policy).toBe(true)
+      expect(storedProject.has_includeCVEInReleaseNotes_policy).toBe(true)
+    })
+
+    test('should return 400 for invalid payload (case: Swagger rejection)', async () => {
+      const response = await app
+        .post('/api/v1/bulk-import')
+        .send({ id: operationId, payload: 'invalid' })
+
+      expect(response.status).toBe(400)
+      expect(response.body).toHaveProperty('errors')
+      expect(response.body.errors[0]).toHaveProperty('message', 'must be object')
+    })
+
+    test('should return 400 for invalid payload (case: invalid payload against JSON Schema)', async () => {
+      const response = await app
+        .post('/api/v1/bulk-import')
+        .send({ id: operationId, payload: [{ invalid: 'payload' }] })
+
+      expect(response.status).toBe(400)
+      expect(response.body).toHaveProperty('errors')
+      expect(response.body.errors[0]).toHaveProperty('message', 'The data does not match the schema')
+    })
+
+    test('should return 404 for invalid operation ID', async () => {
+      const response = await app
+        .post('/api/v1/bulk-import')
+        .send({ id: 'invalid', payload: validPayload })
+
+      expect(response.status).toBe(404)
+      expect(response.body).toHaveProperty('errors')
+      expect(response.body.errors[0]).toHaveProperty('message', 'Bulk import operation not found')
+    })
+
+    test('should return 500 if the request is not completed (due project not found)', async () => {
+      const invalidPayload = validPayload.map(p => ({ ...p, project_id: 9999999 }))
+
+      const response = await app
+        .post('/api/v1/bulk-import')
+        .send({ id: operationId, payload: invalidPayload })
+
+      expect(response.status).toBe(500)
+      expect(response.body).toHaveProperty('errors')
+      expect(response.body.errors[0]).toHaveProperty('message', 'Failed to run bulk import: Operation failed for item type: annualDependencyRefresh, project_id: 9999999')
+    })
+
+    test.skip('should return 500 for internal server error', async () => {})
+  })
 })

__tests__/importers.test.js

@@ -33,7 +33,7 @@ afterAll(async () => {
   await knex.destroy()
 })
 
-describe('Integration: bulkImport', () => {
+describe.skip('Integration: bulkImport', () => {
   test('Should import software design training data', async () => {
     // Check the environment
     const project = await addProject({ name: 'project1' })

src/httpServer/routers/apiV1.js

@@ -4,7 +4,8 @@ const { initializeStore } = require('../../store')
 const _ = require('lodash')
 const { isSlug } = require('validator')
 const { getWorkflowsDetails } = require('../../cli/workflows')
-const { getAllBulkImportOperations } = require('../../importers')
+const { getAllBulkImportOperations, bulkImport } = require('../../importers')
+const { validateBulkImport } = require('../../schemas')
 
 const HTTP_DEFAULT_TIMEOUT = 30 * 1000 // 30 seconds
 
@@ -235,6 +236,35 @@ function createApiRouter (knex, express) {
     }
   })
 
+  router.post('/bulk-import', async (req, res) => {
+    try {
+      const { id, payload } = req.body
+      const operation = getAllBulkImportOperations().find((op) => op.id === id)
+
+      if (!operation) {
+        return res.status(404).json({ errors: [{ message: 'Bulk import operation not found' }] })
+      }
+      const started = new Date().toISOString()
+
+      try {
+        validateBulkImport(payload)
+      } catch (error) {
+        logger.error('Error validating the user data against the schema')
+        return res.status(400).json({ errors: [{ message: 'The data does not match the schema' }] })
+      }
+
+      await bulkImport({ operationId: id, knex, data: payload })
+      const finished = new Date().toISOString()
+      res.status(202).json({ status: 'completed', started, finished, result: { message: 'Bulk import completed successfully', success: true } })
+    } catch (error) {
+      logger.error(error)
+      res.status(500).json({
+        status: 'failed',
+        errors: [{ message: `Failed to run bulk import: ${error.message}` }]
+      })
+    }
+  })
+
   return router
 }
 

src/httpServer/swagger/api-v1.yml

@@ -98,7 +98,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/WorkflowCompleted'
+                $ref: '#/components/schemas/OperationCompleted'
         '400':
           description: Bad request, invalid input data
           content:
@@ -366,6 +366,57 @@ paths:
               schema:
                 $ref: '#/components/schemas/ErrorResponse'
   /api/v1/bulk-import:
+    post:
+      summary: Perform bulk import
+      description: Performs a bulk import of data
+      operationId: performBulkImport
+      tags:
+        - Bulk Import
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              type: object
+              additionalProperties: false
+              properties:
+                id:
+                  type: string
+                  example: load-manual-checks
+                payload:
+                  # @TODO: Improve this schema to be more specific about the expected input
+                  oneOf:
+                    - type: object
+                    - type: array
+                      items:
+                        oneOf:
+                          - type: object
+                          - type: string
+      responses:
+        '202':
+          description: Bulk import completed
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/OperationCompleted'
+        '400':
+          description: Bad request, invalid input data
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
+        '404':
+          description: Operation not found
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
+        '500':
+          description: Internal server error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ErrorResponse'
     get:
       summary: Get operations for bulk import
       description: Returns a list of operations for bulk import
@@ -406,7 +457,7 @@ components:
         - id
         - description
         - schema
-    WorkflowCompleted:
+    OperationCompleted:
       type: object
       additionalProperties: false
       properties: