Commit 473e7957 authored by Mayra Cabrera's avatar Mayra Cabrera

Merge branch '119021-fix-project-security-status-missing-subgroups' into 'master'

Fix: include subgroups in security status

See merge request gitlab-org/gitlab!22653
parents 4ed9af44 2126266c
......@@ -151,7 +151,12 @@ module EE
end
def vulnerable_projects
projects.where("EXISTS(?)", ::Vulnerabilities::Occurrence.select(1).undismissed.where('vulnerability_occurrences.project_id = projects.id'))
vulnerabilities = ::Vulnerabilities::Occurrence
.select(1)
.undismissed
.where('vulnerability_occurrences.project_id = projects.id')
::Project.for_group_and_its_subgroups(self).where("EXISTS(?)", vulnerabilities)
end
def human_ldap_access
......
---
title: 'Fix include subgroups in security status'
merge_request: 22653
author:
type: fixed
......@@ -273,6 +273,17 @@ describe Group do
expect(vulnerable_projects.first).to eq(vulnerable_project)
end
it 'includes projects in subgroups' do
subgroup = create(:group, parent: group)
project = create(:project, namespace: subgroup)
create(:vulnerabilities_occurrence, project: project)
vulnerable_projects = group.vulnerable_projects
expect(vulnerable_projects.count).to be(1)
expect(vulnerable_projects.first).to eq(project)
end
it 'does not include projects that only have dismissed vulnerabilities' do
project = create(:project, namespace: group)
vulnerability = create(:vulnerabilities_occurrence, report_type: :dast, project: project)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment