Commit aa564dc9 authored by Kerri Miller's avatar Kerri Miller

Merge branch...

Merge branch '332139-vulnerability-counts-are-not-updated-when-a-scanner-filter-is-applied' into 'master'

Add Scanner ID filter to vulnerabilitySeveritiesCount

See merge request gitlab-org/gitlab!63335
parents 19001b63 b5336ba1
...@@ -9551,6 +9551,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). ...@@ -9551,6 +9551,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount).
| <a id="groupvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | | <a id="groupvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. |
| <a id="groupvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | | <a id="groupvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. |
| <a id="groupvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. | | <a id="groupvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. |
| <a id="groupvulnerabilityseveritiescountscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. |
| <a id="groupvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | | <a id="groupvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. |
| <a id="groupvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | | <a id="groupvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. |
...@@ -9719,6 +9720,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). ...@@ -9719,6 +9720,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount).
| <a id="instancesecuritydashboardvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | | <a id="instancesecuritydashboardvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | | <a id="instancesecuritydashboardvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. | | <a id="instancesecuritydashboardvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | | <a id="instancesecuritydashboardvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | | <a id="instancesecuritydashboardvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. |
...@@ -11955,6 +11957,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). ...@@ -11955,6 +11957,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount).
| <a id="projectvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | | <a id="projectvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. |
| <a id="projectvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | | <a id="projectvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. |
| <a id="projectvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. | | <a id="projectvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. |
| <a id="projectvulnerabilityseveritiescountscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. |
| <a id="projectvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | | <a id="projectvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. |
| <a id="projectvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | | <a id="projectvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. |
......
...@@ -7,6 +7,7 @@ query vulnerabilitySeveritiesCount( ...@@ -7,6 +7,7 @@ query vulnerabilitySeveritiesCount(
$reportType: [VulnerabilityReportType!] $reportType: [VulnerabilityReportType!]
$scanner: [String!] $scanner: [String!]
$state: [VulnerabilityState!] $state: [VulnerabilityState!]
$scannerId: [VulnerabilitiesScannerID!]
$isGroup: Boolean = false $isGroup: Boolean = false
$isProject: Boolean = false $isProject: Boolean = false
$isInstance: Boolean = false $isInstance: Boolean = false
...@@ -18,6 +19,7 @@ query vulnerabilitySeveritiesCount( ...@@ -18,6 +19,7 @@ query vulnerabilitySeveritiesCount(
reportType: $reportType reportType: $reportType
scanner: $scanner scanner: $scanner
state: $state state: $state
scannerId: $scannerId
) { ) {
...VulnerabilitySeveritiesCount ...VulnerabilitySeveritiesCount
} }
...@@ -29,6 +31,7 @@ query vulnerabilitySeveritiesCount( ...@@ -29,6 +31,7 @@ query vulnerabilitySeveritiesCount(
reportType: $reportType reportType: $reportType
scanner: $scanner scanner: $scanner
state: $state state: $state
scannerId: $scannerId
) { ) {
...VulnerabilitySeveritiesCount ...VulnerabilitySeveritiesCount
} }
...@@ -39,6 +42,7 @@ query vulnerabilitySeveritiesCount( ...@@ -39,6 +42,7 @@ query vulnerabilitySeveritiesCount(
reportType: $reportType reportType: $reportType
scanner: $scanner scanner: $scanner
state: $state state: $state
scannerId: $scannerId
) { ) {
...VulnerabilitySeveritiesCount ...VulnerabilitySeveritiesCount
} }
......
...@@ -35,5 +35,11 @@ module Resolvers ...@@ -35,5 +35,11 @@ module Resolvers
# dashboard # dashboard
object.nil? && current_user.present? object.nil? && current_user.present?
end end
def resolve_gids(gids, gid_class)
gids.map do |gid|
Types::GlobalIDType[gid_class].coerce_isolated_input(gid).model_id
end
end
end end
end end
...@@ -55,12 +55,6 @@ module Resolvers ...@@ -55,12 +55,6 @@ module Resolvers
private private
def resolve_gids(gids, gid_class)
gids.map do |gid|
Types::GlobalIDType[gid_class].coerce_isolated_input(gid).model_id
end
end
def vulnerabilities(params) def vulnerabilities(params)
Security::VulnerabilitiesFinder.new(vulnerable, params).execute Security::VulnerabilitiesFinder.new(vulnerable, params).execute
end end
......
...@@ -29,9 +29,15 @@ module Resolvers ...@@ -29,9 +29,15 @@ module Resolvers
required: false, required: false,
description: 'Filter vulnerabilities by scanner.' description: 'Filter vulnerabilities by scanner.'
argument :scanner_id, [::Types::GlobalIDType[::Vulnerabilities::Scanner]],
required: false,
description: 'Filter vulnerabilities by scanner ID.'
def resolve(**args) def resolve(**args)
return Vulnerability.none unless vulnerable return Vulnerability.none unless vulnerable
args[:scanner_id] = resolve_gids(args[:scanner_id], ::Vulnerabilities::Scanner) if args[:scanner_id]
Hash.new(0) Hash.new(0)
.merge(vulnerabilities(args).grouped_by_severity.count) .merge(vulnerabilities(args).grouped_by_severity.count)
end end
......
...@@ -63,6 +63,14 @@ RSpec.describe Resolvers::VulnerabilitySeveritiesCountResolver do ...@@ -63,6 +63,14 @@ RSpec.describe Resolvers::VulnerabilitySeveritiesCountResolver do
end end
end end
context 'when given scanner ID' do
let(:filters) { { scanner_id: [GitlabSchema.id_from_object(high_vulnerability.finding.scanner)] } }
it 'only returns count for vulnerabilities with scanner ID' do
is_expected.to eq('high' => 1)
end
end
context 'when given report types' do context 'when given report types' do
let(:filters) { { report_type: %i[dast sast] } } let(:filters) { { report_type: %i[dast sast] } }
......
...@@ -5,7 +5,7 @@ require 'spec_helper' ...@@ -5,7 +5,7 @@ require 'spec_helper'
RSpec.describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do RSpec.describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:vulnerability) { create(:vulnerability, :high, project: project) } let_it_be(:vulnerability) { create(:vulnerability, :high, :with_finding, project: project) }
let_it_be(:query) do let_it_be(:query) do
%( %(
...@@ -32,4 +32,24 @@ RSpec.describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do ...@@ -32,4 +32,24 @@ RSpec.describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
expect(high_count).to eq(1) expect(high_count).to eq(1)
end end
context 'with scannerId filter' do
let(:query) do
%(
query {
project(fullPath: "#{project.full_path}") {
vulnerabilitySeveritiesCount(scannerId: "#{GitlabSchema.id_from_object(vulnerability.finding.scanner)}") {
high
}
}
}
)
end
it 'counts vulnerabilities with issues' do
high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high')
expect(high_count).to eq(1)
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment