Commit 86fa6dcd authored by rossfuhrman's avatar rossfuhrman Committed by Heinrich Lee Yu

Include subgroups for group security dashboard

We need to include subgroups when determining which projects to show on
the group security dashboard
parent a6f2c19c
...@@ -49,7 +49,7 @@ module ProjectVulnerabilityFindingsActions ...@@ -49,7 +49,7 @@ module ProjectVulnerabilityFindingsActions
# https://gitlab.com/gitlab-org/gitlab/-/issues/13561 # https://gitlab.com/gitlab-org/gitlab/-/issues/13561
# For Groups, supply all the project ids to force usage of the SQL index # For Groups, supply all the project ids to force usage of the SQL index
# as when we have no project ids supplied, we want all projects. # as when we have no project ids supplied, we want all projects.
vulnerability_params.merge!(project_id: vulnerable.projects.pluck_primary_key) vulnerability_params.merge!(project_id: Project.for_group_and_its_subgroups(vulnerable).pluck_primary_key)
end end
end end
end end
......
---
title: Include subgroups when populating group security dashboard
merge_request: 28154
author:
type: fixed
...@@ -4,6 +4,7 @@ require 'spec_helper' ...@@ -4,6 +4,7 @@ require 'spec_helper'
describe Groups::Security::VulnerabilityFindingsController do describe Groups::Security::VulnerabilityFindingsController do
let(:group) { create(:group) } let(:group) { create(:group) }
let(:sub_group) { create(:group, parent: group) }
let(:params) { { group_id: group } } let(:params) { { group_id: group } }
let(:user) { create(:user) } let(:user) { create(:user) }
...@@ -33,6 +34,11 @@ describe Groups::Security::VulnerabilityFindingsController do ...@@ -33,6 +34,11 @@ describe Groups::Security::VulnerabilityFindingsController do
create(:vulnerabilities_occurrence, pipelines: [pipeline], project: project, severity: :high) create(:vulnerabilities_occurrence, pipelines: [pipeline], project: project, severity: :high)
end end
# create a sub group project to ensure we include it
sub_group_project = create(:project, namespace: sub_group)
pipeline = create(:ci_pipeline, :success, project: sub_group_project)
create(:vulnerabilities_occurrence, pipelines: [pipeline], project: sub_group_project, severity: :high)
# create an ungrouped project to ensure we don't include it # create an ungrouped project to ensure we don't include it
project = create(:project) project = create(:project)
pipeline = create(:ci_pipeline, :success, project: project) pipeline = create(:ci_pipeline, :success, project: project)
...@@ -40,7 +46,7 @@ describe Groups::Security::VulnerabilityFindingsController do ...@@ -40,7 +46,7 @@ describe Groups::Security::VulnerabilityFindingsController do
get :index, params: { group_id: group }, format: :json get :index, params: { group_id: group }, format: :json
expect(json_response.count).to be(2) expect(json_response.count).to be(3)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment