Commit 7a10cf41 authored by Alexander Turinske's avatar Alexander Turinske Committed by Mark Florian

Show additional columns on group/instance sec dash

- show identifier column
- show scanner column
- update tests
- update docs
parent 277c8def
...@@ -196,7 +196,7 @@ to configure daily security scans. ...@@ -196,7 +196,7 @@ to configure daily security scans.
Each dashboard's vulnerability list contains vulnerabilities from the latest scans that were merged Each dashboard's vulnerability list contains vulnerabilities from the latest scans that were merged
into the default branch. into the default branch.
![Vulnerability Report](img/group_vulnerability_report_v13_3.png) ![Vulnerability Report](img/group_vulnerability_report_v13_4.png)
You can filter which vulnerabilities the Security Dashboard displays by: You can filter which vulnerabilities the Security Dashboard displays by:
......
...@@ -130,8 +130,6 @@ export default { ...@@ -130,8 +130,6 @@ export default {
:is-loading="isLoadingFirstVulnerabilities" :is-loading="isLoadingFirstVulnerabilities"
:filters="filters" :filters="filters"
:vulnerabilities="vulnerabilities" :vulnerabilities="vulnerabilities"
:should-show-identifier="true"
:should-show-report-type="true"
:security-scanners="securityScanners" :security-scanners="securityScanners"
@refetch-vulnerabilities="refetchVulnerabilities" @refetch-vulnerabilities="refetchVulnerabilities"
/> />
......
...@@ -53,16 +53,6 @@ export default { ...@@ -53,16 +53,6 @@ export default {
required: false, required: false,
default: () => ({}), default: () => ({}),
}, },
shouldShowIdentifier: {
type: Boolean,
required: false,
default: false,
},
shouldShowReportType: {
type: Boolean,
required: false,
default: false,
},
securityScanners: { securityScanners: {
type: Object, type: Object,
required: false, required: false,
...@@ -157,31 +147,25 @@ export default { ...@@ -157,31 +147,25 @@ export default {
thClass: 'description', thClass: 'description',
tdClass: 'description gl-word-break-all', tdClass: 'description gl-word-break-all',
}, },
]; {
if (this.shouldShowSelection) {
baseFields.unshift({
key: 'checkbox',
thClass: 'checkbox',
tdClass: 'checkbox',
});
}
if (this.shouldShowIdentifier) {
baseFields.push({
key: 'identifier', key: 'identifier',
label: s__('Vulnerability|Identifier'), label: s__('Vulnerability|Identifier'),
thClass: 'identifier', thClass: 'identifier',
tdClass: 'identifier gl-word-break-all', tdClass: 'identifier gl-word-break-all',
}); },
} {
if (this.shouldShowReportType) {
baseFields.push({
key: 'reportType', key: 'reportType',
label: s__('Reports|Scanner'), label: s__('Reports|Scanner'),
thClass: 'scanner', thClass: 'scanner',
tdClass: 'scanner', tdClass: 'scanner',
},
];
if (this.shouldShowSelection) {
baseFields.unshift({
key: 'checkbox',
thClass: 'checkbox',
tdClass: 'checkbox',
}); });
} }
......
---
title: Show additional columns in Group and Instance Security Dashboards
merge_request: 41829
author:
type: changed
...@@ -103,9 +103,7 @@ describe('First Class Group Dashboard Vulnerabilities Component', () => { ...@@ -103,9 +103,7 @@ describe('First Class Group Dashboard Vulnerabilities Component', () => {
expect(findVulnerabilities().props()).toEqual({ expect(findVulnerabilities().props()).toEqual({
filters: {}, filters: {},
isLoading: false, isLoading: false,
shouldShowIdentifier: false,
securityScanners: {}, securityScanners: {},
shouldShowReportType: false,
shouldShowSelection: true, shouldShowSelection: true,
shouldShowProjectNamespace: true, shouldShowProjectNamespace: true,
vulnerabilities, vulnerabilities,
......
...@@ -119,9 +119,7 @@ describe('First Class Instance Dashboard Vulnerabilities Component', () => { ...@@ -119,9 +119,7 @@ describe('First Class Instance Dashboard Vulnerabilities Component', () => {
expect(findVulnerabilities().props()).toEqual({ expect(findVulnerabilities().props()).toEqual({
filters: {}, filters: {},
isLoading: false, isLoading: false,
shouldShowIdentifier: false,
securityScanners: {}, securityScanners: {},
shouldShowReportType: false,
shouldShowSelection: true, shouldShowSelection: true,
shouldShowProjectNamespace: true, shouldShowProjectNamespace: true,
vulnerabilities, vulnerabilities,
......
...@@ -84,6 +84,38 @@ describe('Vulnerability list component', () => { ...@@ -84,6 +84,38 @@ describe('Vulnerability list component', () => {
expect(cell.text()).toBe(newVulnerabilities[0].title); expect(cell.text()).toBe(newVulnerabilities[0].title);
}); });
it('should correctly render the identifier cell', () => {
const identifiers = findDataCells('vulnerability-identifier');
const extraIdentifierCounts = findDataCells('vulnerability-more-identifiers');
const firstIdentifiers = newVulnerabilities[0].identifiers;
expect(identifiers.at(0).text()).toBe(firstIdentifiers[0].name);
expect(trimText(extraIdentifierCounts.at(0).text())).toContain(
`${firstIdentifiers.length - 1} more`,
);
expect(identifiers.at(1).text()).toBe(newVulnerabilities[1].identifiers[0].name);
expect(extraIdentifierCounts).toHaveLength(1);
});
it('should correctly render the report type cell', () => {
const cells = findDataCells('vulnerability-report-type');
expect(cells.at(0).text()).toBe('SAST');
expect(cells.at(1).text()).toBe('Dependency Scanning');
expect(cells.at(2).text()).toBe('Custom scanner without translation');
expect(cells.at(3).text()).toBe('');
});
it('should correctly render the vulnerability vendor if the vulnerability vendor does exist', () => {
const cells = findDataCells('vulnerability-vendor');
expect(cells.at(0).text()).toBe('GitLab');
});
it('should correctly render an empty string if the vulnerability vendor does not exist', () => {
const cells = findDataCells('vulnerability-vendor');
expect(cells.at(3).text()).toBe('');
});
it('should not show the selection summary if no vulnerabilities are selected', () => { it('should not show the selection summary if no vulnerabilities are selected', () => {
expect(findSelectionSummary().exists()).toBe(false); expect(findSelectionSummary().exists()).toBe(false);
}); });
...@@ -164,19 +196,6 @@ describe('Vulnerability list component', () => { ...@@ -164,19 +196,6 @@ describe('Vulnerability list component', () => {
expect(cellText).toEqual(project.nameWithNamespace); expect(cellText).toEqual(project.nameWithNamespace);
expect(cellText).not.toContain('(line: '); expect(cellText).not.toContain('(line: ');
}); });
it('should not display the vulnerability identifier cell', () => {
const identifier = findDataCell('vulnerability-identifier');
expect(identifier.exists()).toBe(false);
const extraIdentifierCount = findDataCell('vulnerability-more-identifiers');
expect(extraIdentifierCount.exists()).toBe(false);
});
it('should not display the vulnerability report type', () => {
const cell = findDataCell('vulnerability-report-type');
expect(cell.exists()).toBe(false);
});
}); });
describe('when displayed on a project level dashboard', () => { describe('when displayed on a project level dashboard', () => {
...@@ -219,38 +238,6 @@ describe('Vulnerability list component', () => { ...@@ -219,38 +238,6 @@ describe('Vulnerability list component', () => {
expect(cellText).not.toContain(project.nameWithNamespace); expect(cellText).not.toContain(project.nameWithNamespace);
expect(cellText).toEqual(location.file); expect(cellText).toEqual(location.file);
}); });
it('should correctly render the identifier cell', () => {
const identifiers = findDataCells('vulnerability-identifier');
const extraIdentifierCounts = findDataCells('vulnerability-more-identifiers');
const firstIdentifiers = newVulnerabilities[0].identifiers;
expect(identifiers.at(0).text()).toBe(firstIdentifiers[0].name);
expect(trimText(extraIdentifierCounts.at(0).text())).toContain(
`${firstIdentifiers.length - 1} more`,
);
expect(identifiers.at(1).text()).toBe(newVulnerabilities[1].identifiers[0].name);
expect(extraIdentifierCounts).toHaveLength(1);
});
it('should display the vulnerability report type', () => {
const cells = findDataCells('vulnerability-report-type');
expect(cells.at(0).text()).toBe('SAST');
expect(cells.at(1).text()).toBe('Dependency Scanning');
expect(cells.at(2).text()).toBe('Custom scanner without translation');
expect(cells.at(3).text()).toBe('');
});
it('should display the vulnerability vendor if the vulnerability vendor does exist', () => {
const cells = findDataCells('vulnerability-vendor');
expect(cells.at(0).text()).toBe('GitLab');
});
it('should display an empty string if the vulnerability vendor does not exist', () => {
const cells = findDataCells('vulnerability-vendor');
expect(cells.at(3).text()).toBe('');
});
}); });
describe('when has an issue associated', () => { describe('when has an issue associated', () => {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment