From 23a91a492e22d4d363091b96b2fb79b1d18050f7 Mon Sep 17 00:00:00 2001
From: Lee Boynton <lee@lboynton.com>
Date: Wed, 6 Jul 2022 17:29:21 +0100
Subject: [PATCH] Add method to check if repo vulnerability alerts are enabled
 (#2453)

---
 .../Clients/IObservableRepositoriesClient.cs  | 11 ++++
 .../Clients/ObservableRepositoriesClient.cs   | 17 ++++++
 .../Clients/RepositoriesClientTests.cs        | 11 ++++
 .../Clients/RepositoriesClientTests.cs        | 52 +++++++++++++++++++
 .../ObservableRepositoriesClientTests.cs      | 25 +++++++++
 Octokit/Clients/IRepositoriesClient.cs        | 11 ++++
 Octokit/Clients/RepositoriesClient.cs         | 26 ++++++++++
 Octokit/Helpers/ApiUrls.cs                    | 11 ++++
 8 files changed, 164 insertions(+)

diff --git a/Octokit.Reactive/Clients/IObservableRepositoriesClient.cs b/Octokit.Reactive/Clients/IObservableRepositoriesClient.cs
index d9da62cbc0..dd5c78bc85 100644
--- a/Octokit.Reactive/Clients/IObservableRepositoriesClient.cs
+++ b/Octokit.Reactive/Clients/IObservableRepositoriesClient.cs
@@ -72,6 +72,17 @@ public interface IObservableRepositoriesClient
         /// <returns>A <see cref="Repository"/></returns>
         IObservable<Repository> Transfer(long repositoryId, RepositoryTransfer repositoryTransfer);
 
+        /// <summary>
+        /// Checks if vulnerability alerts are enabled for the specified repository.
+        /// </summary>
+        /// <remarks>
+        /// See the <a href="https://docs.github.com/en/rest/reference/repos#check-if-vulnerability-alerts-are-enabled-for-a-repository">API documentation</a> for more information.
+        /// </remarks>
+        /// <param name="owner">The current owner of the repository</param>
+        /// <param name="name">The name of the repository</param>
+        /// <returns>A <c>bool</c> indicating if alerts are turned on or not.</returns>
+        IObservable<bool> AreVulnerabilityAlertsEnabled(string owner, string name);
+
         /// <summary>
         /// Retrieves the <see cref="Repository"/> for the specified owner and name.
         /// </summary>
diff --git a/Octokit.Reactive/Clients/ObservableRepositoriesClient.cs b/Octokit.Reactive/Clients/ObservableRepositoriesClient.cs
index 9fbb2157b1..80f68d1009 100644
--- a/Octokit.Reactive/Clients/ObservableRepositoriesClient.cs
+++ b/Octokit.Reactive/Clients/ObservableRepositoriesClient.cs
@@ -151,6 +151,23 @@ public IObservable<Repository> Transfer(long repositoryId, RepositoryTransfer re
             return _client.Transfer(repositoryId, repositoryTransfer).ToObservable();
         }
 
+        /// <summary>
+        /// Checks if vulnerability alerts are enabled for the specified repository.
+        /// </summary>
+        /// <remarks>
+        /// See the <a href="https://docs.github.com/en/rest/reference/repos#check-if-vulnerability-alerts-are-enabled-for-a-repository">API documentation</a> for more information.
+        /// </remarks>
+        /// <param name="owner">The current owner of the repository</param>
+        /// <param name="name">The name of the repository</param>
+        /// <returns>A <c>bool</c> indicating if alerts are turned on or not.</returns>
+        public IObservable<bool> AreVulnerabilityAlertsEnabled(string owner, string name)
+        {
+            Ensure.ArgumentNotNullOrEmptyString(owner, nameof(owner));
+            Ensure.ArgumentNotNullOrEmptyString(name, nameof(name));
+
+            return _client.AreVulnerabilityAlertsEnabled(owner, name).ToObservable();
+        }
+
         /// <summary>
         /// Retrieves the <see cref="Repository"/> for the specified owner and name.
         /// </summary>
diff --git a/Octokit.Tests.Integration/Clients/RepositoriesClientTests.cs b/Octokit.Tests.Integration/Clients/RepositoriesClientTests.cs
index cd1fffea94..cd0c7eb64e 100644
--- a/Octokit.Tests.Integration/Clients/RepositoriesClientTests.cs
+++ b/Octokit.Tests.Integration/Clients/RepositoriesClientTests.cs
@@ -2055,4 +2055,15 @@ public async Task TransfersFromUserToOrgWithTeamsById()
             }
         }
     }
+
+    public class TheAreVulnerabilityAlertsEnabledMethod
+    {
+        [IntegrationTest]
+        public async Task AreVulnerabilityAlertsEnabledReturnsTrue()
+        {
+            var github = Helper.GetAuthenticatedClient();
+            var enabled = await github.Repository.AreVulnerabilityAlertsEnabled("owner", "name");
+            Assert.True(enabled);
+        }
+    }
 }
diff --git a/Octokit.Tests/Clients/RepositoriesClientTests.cs b/Octokit.Tests/Clients/RepositoriesClientTests.cs
index 00b3b520bf..9d95cd1cee 100644
--- a/Octokit.Tests/Clients/RepositoriesClientTests.cs
+++ b/Octokit.Tests/Clients/RepositoriesClientTests.cs
@@ -3,8 +3,11 @@
 using System.Net;
 using System.Threading.Tasks;
 using NSubstitute;
+using Octokit.Internal;
 using Xunit;
 
+using static Octokit.Internal.TestSetup;
+
 namespace Octokit.Tests.Clients
 {
     /// <summary>
@@ -395,6 +398,55 @@ public async Task SendsPreviewHeaderById()
             }
         }
 
+        public class TheAreVulnerabilityAlertsEnabledMethod
+        {
+            [Theory]
+            [InlineData(HttpStatusCode.NoContent, true)]
+            [InlineData(HttpStatusCode.NotFound, false)]
+            public async Task RequestsCorrectValueForStatusCode(HttpStatusCode status, bool expected)
+            {
+                var response = CreateResponse(status);
+                var responseTask = Task.FromResult<IApiResponse<object>>(new ApiResponse<object>(response));
+                var connection = Substitute.For<IConnection>();
+                connection.Get<object>(Arg.Is<Uri>(u => u.ToString() == "repos/owner/name/vulnerability-alerts"),
+                    null, null).Returns(responseTask);
+                var apiConnection = Substitute.For<IApiConnection>();
+                apiConnection.Connection.Returns(connection);
+                var client = new RepositoriesClient(apiConnection);
+
+                var result = await client.AreVulnerabilityAlertsEnabled("owner", "name");
+
+                Assert.Equal(expected, result);
+            }
+
+            [Fact]
+            public async Task ThrowsExceptionForInvalidStatusCode()
+            {
+                var response = CreateResponse(HttpStatusCode.Conflict);
+                var responseTask = Task.FromResult<IApiResponse<object>>(new ApiResponse<object>(response));
+                var connection = Substitute.For<IConnection>();
+                connection.Get<object>(Arg.Is<Uri>(u => u.ToString() == "repos/owner/name/vulnerability-alerts"),
+                    null, null).Returns(responseTask);
+                var apiConnection = Substitute.For<IApiConnection>();
+                apiConnection.Connection.Returns(connection);
+                var client = new RepositoriesClient(apiConnection);
+
+                await Assert.ThrowsAsync<ApiException>(() => client.AreVulnerabilityAlertsEnabled("owner", "name"));
+            }
+
+            [Fact]
+            public async Task EnsuresNonNullArguments()
+            {
+                var connection = Substitute.For<IApiConnection>();
+                var client = new RepositoriesClient(connection);
+
+                await Assert.ThrowsAsync<ArgumentNullException>(() => client.AreVulnerabilityAlertsEnabled(null, "name"));
+                await Assert.ThrowsAsync<ArgumentException>(() => client.AreVulnerabilityAlertsEnabled("", "name"));
+                await Assert.ThrowsAsync<ArgumentNullException>(() => client.AreVulnerabilityAlertsEnabled( "owner", null));
+                await Assert.ThrowsAsync<ArgumentException>(() => client.AreVulnerabilityAlertsEnabled("owner", ""));
+            }
+        }
+
         public class TheDeleteMethod
         {
             [Fact]
diff --git a/Octokit.Tests/Reactive/ObservableRepositoriesClientTests.cs b/Octokit.Tests/Reactive/ObservableRepositoriesClientTests.cs
index ca4ffb13eb..8bac0894d9 100644
--- a/Octokit.Tests/Reactive/ObservableRepositoriesClientTests.cs
+++ b/Octokit.Tests/Reactive/ObservableRepositoriesClientTests.cs
@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Net;
 using System.Reactive.Linq;
+using System.Reactive.Threading.Tasks;
 using System.Threading.Tasks;
 using NSubstitute;
 using Octokit.Internal;
@@ -89,6 +90,30 @@ public void CallsIntoClientById()
             }
         }
 
+        public class TheIsFollowingMethod
+        {
+            [Fact]
+            public void CallsIntoClient()
+            {
+                var githubClient = Substitute.For<IGitHubClient>();
+                var client = new ObservableRepositoriesClient(githubClient);
+
+                client.AreVulnerabilityAlertsEnabled("owner", "name");
+                githubClient.Repository.Received().AreVulnerabilityAlertsEnabled("owner", "name");
+            }
+
+            [Fact]
+            public async Task EnsuresNonNullArguments()
+            {
+                var client = new ObservableRepositoriesClient(Substitute.For<IGitHubClient>());
+
+                await Assert.ThrowsAsync<ArgumentNullException>(() => client.AreVulnerabilityAlertsEnabled(null, "name").ToTask());
+                await Assert.ThrowsAsync<ArgumentException>(() => client.AreVulnerabilityAlertsEnabled("", "name").ToTask());
+                await Assert.ThrowsAsync<ArgumentNullException>(() => client.AreVulnerabilityAlertsEnabled("owner", null).ToTask());
+                await Assert.ThrowsAsync<ArgumentException>(() => client.AreVulnerabilityAlertsEnabled("owner", "").ToTask());
+            }
+        }
+
         public class TheDeleteMethod
         {
             [Fact]
diff --git a/Octokit/Clients/IRepositoriesClient.cs b/Octokit/Clients/IRepositoriesClient.cs
index 976766f96c..773b76353c 100644
--- a/Octokit/Clients/IRepositoriesClient.cs
+++ b/Octokit/Clients/IRepositoriesClient.cs
@@ -133,6 +133,17 @@ public interface IRepositoriesClient
         /// <returns>A <see cref="Repository"/></returns>
         Task<Repository> Transfer(long repositoryId, RepositoryTransfer repositoryTransfer);
 
+        /// <summary>
+        /// Checks if vulnerability alerts are enabled for the specified repository.
+        /// </summary>
+        /// <remarks>
+        /// See the <a href="https://docs.github.com/en/rest/reference/repos#check-if-vulnerability-alerts-are-enabled-for-a-repository">API documentation</a> for more information.
+        /// </remarks>
+        /// <param name="owner">The current owner of the repository</param>
+        /// <param name="name">The name of the repository</param>
+        /// <returns>A <c>bool</c> indicating if alerts are turned on or not.</returns>
+        Task<bool> AreVulnerabilityAlertsEnabled(string owner, string name);
+
         /// <summary>
         /// Gets the specified repository.
         /// </summary>
diff --git a/Octokit/Clients/RepositoriesClient.cs b/Octokit/Clients/RepositoriesClient.cs
index 5a279837c0..612de5d15e 100644
--- a/Octokit/Clients/RepositoriesClient.cs
+++ b/Octokit/Clients/RepositoriesClient.cs
@@ -229,6 +229,32 @@ public Task<Repository> Transfer(long repositoryId, RepositoryTransfer repositor
             return ApiConnection.Post<Repository>(ApiUrls.RepositoryTransfer(repositoryId), repositoryTransfer);
         }
 
+        /// <summary>
+        /// Checks if vulnerability alerts are enabled for the specified repository.
+        /// </summary>
+        /// <remarks>
+        /// See the <a href="https://docs.github.com/en/rest/reference/repos#check-if-vulnerability-alerts-are-enabled-for-a-repository">API documentation</a> for more information.
+        /// </remarks>
+        /// <param name="owner">The current owner of the repository</param>
+        /// <param name="name">The name of the repository</param>
+        /// <returns>A <c>bool</c> indicating if alerts are turned on or not.</returns>
+        [ManualRoute("GET", "/repos/{owner}/{repo}/vulnerability-alerts")]
+        public async Task<bool> AreVulnerabilityAlertsEnabled(string owner, string name)
+        {
+            Ensure.ArgumentNotNullOrEmptyString(owner, nameof(owner));
+            Ensure.ArgumentNotNullOrEmptyString(name, nameof(name));
+
+            try
+            {
+                var response = await Connection.Get<object>(ApiUrls.RepositoryVulnerabilityAlerts(owner, name), null, null).ConfigureAwait(false);
+                return response.HttpResponse.IsTrue();
+            }
+            catch (NotFoundException)
+            {
+                return false;
+            }
+        }
+
         /// <summary>
         /// Updates the specified repository with the values given in <paramref name="update"/>
         /// </summary>
diff --git a/Octokit/Helpers/ApiUrls.cs b/Octokit/Helpers/ApiUrls.cs
index 1637866a51..92616ad1e2 100644
--- a/Octokit/Helpers/ApiUrls.cs
+++ b/Octokit/Helpers/ApiUrls.cs
@@ -2255,6 +2255,17 @@ public static Uri RepositoryDeployKeys(string owner, string name)
             return "repos/{0}/{1}/keys".FormatUri(owner, name);
         }
 
+        /// <summary>
+        /// Returns the <see cref="Uri"/> for checking vulnerability alerts for a repository.
+        /// </summary>
+        /// <param name="owner"></param>
+        /// <param name="name"></param>
+        /// <returns></returns>
+        public static Uri RepositoryVulnerabilityAlerts(string owner, string name)
+        {
+            return "repos/{0}/{1}/vulnerability-alerts".FormatUri(owner, name);
+        }
+
         /// <summary>
         /// Returns the <see cref="System.Uri"/> for the Deployments API for the given repository.
         /// </summary>