Fix undismissed scope

350cf9f5 · Mehmet Emin INAC · Kerri Miller · a2bcee1d · 350cf9f5 · 350cf9f5
Commit 350cf9f5 authored Nov 16, 2020 by Mehmet Emin INAC Committed by Kerri Miller Nov 16, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 6 deletions

ee/app/models/security/finding.rb ee/app/models/security/finding.rb +5 -1

ee/spec/models/security/finding_spec.rb ee/spec/models/security/finding_spec.rb +12 -5

No files found.
--- a/ee/app/models/security/finding.rb
+++ b/ee/app/models/security/finding.rb
@@ -31,7 +31,11 @@ module Security
    scope :by_confidence_levels, -> (confidence_levels) { where(confidence: confidence_levels) }
    scope :by_report_types, -> (report_types) { joins(:scan).merge(Scan.by_scan_types(report_types)) }
    scope :undismissed, -> do
-      where('NOT EXISTS (?)', Scan.select(1).has_dismissal_feedback.where('vulnerability_feedback.project_fingerprint = security_findings.project_fingerprint'))
+      where('NOT EXISTS (?)',
+            Scan.select(1)
+                .has_dismissal_feedback
+                .where('security_scans.id = security_findings.scan_id')
+                .where('vulnerability_feedback.project_fingerprint = security_findings.project_fingerprint'))
    end
    scope :ordered, -> { order(severity: :desc, confidence: :desc, id: :asc) }
    scope :with_build_and_artifacts, -> { includes(build: :job_artifacts) }

--- a/ee/spec/models/security/finding_spec.rb
+++ b/ee/spec/models/security/finding_spec.rb
@@ -81,9 +81,10 @@ RSpec.describe Security::Finding do
  end

  describe '.undismissed' do
-    let(:scan) { create(:security_scan) }
-    let!(:undismissed_finding) { create(:security_finding, scan: scan) }
-    let!(:dismissed_finding) { create(:security_finding, scan: scan) }
+    let(:scan_1) { create(:security_scan) }
+    let(:scan_2) { create(:security_scan) }
+    let!(:undismissed_finding) { create(:security_finding, scan: scan_1) }
+    let!(:dismissed_finding) { create(:security_finding, scan: scan_1) }
    let(:expected_findings) { [undismissed_finding] }

    subject { described_class.undismissed }
@@ -91,9 +92,15 @@ RSpec.describe Security::Finding do
    before do
      create(:vulnerability_feedback,
             :dismissal,
-             project: scan.project,
-             category: scan.scan_type,
+             project: scan_1.project,
+             category: scan_1.scan_type,
             project_fingerprint: dismissed_finding.project_fingerprint)
+
+      create(:vulnerability_feedback,
+             :dismissal,
+             project: scan_2.project,
+             category: scan_2.scan_type,
+             project_fingerprint: undismissed_finding.project_fingerprint)
    end

    it { is_expected.to match_array(expected_findings) }