Add ability to sort vulnerabilities by detected_at

This change adds ability to sort vulnerabilities by detected at in GraphQL.

Add ability to sort vulnerabilities by detected_at
This change adds ability to sort vulnerabilities by detected at in GraphQL.
b3b37cc6 · Alan (Maciej) Paruszewski · Stan Hu · aa840cc8 · b3b37cc6 · b3b37cc6
Commit b3b37cc6 authored Sep 24, 2020 by Alan (Maciej) Paruszewski Committed by Stan Hu Sep 24, 2020
8 changed files
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -19469,6 +19469,16 @@ enum VulnerabilitySeverity {
 Vulnerability sort values
 """
 enum VulnerabilitySort {
+  """
+  Detection timestamp in ascending order
+  """
+  detected_asc
+
+  """
+  Detection timestamp in descending order
+  """
+  detected_desc
+
  """
  Severity in ascending order
  """

--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -56972,6 +56972,18 @@
              "description": "Title in ascending order",
              "isDeprecated": false,
              "deprecationReason": null
+            },
+            {
+              "name": "detected_desc",
+              "description": "Detection timestamp in descending order",
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "detected_asc",
+              "description": "Detection timestamp in ascending order",
+              "isDeprecated": false,
+              "deprecationReason": null
            }
          ],
          "possibleTypes": null
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -3590,6 +3590,8 @@ Vulnerability sort values.

 | Value | Description |
 | ----- | ----------- |
+| `detected_asc` | Detection timestamp in ascending order |
+| `detected_desc` | Detection timestamp in descending order |
 | `severity_asc` | Severity in ascending order |
 | `severity_desc` | Severity in descending order |
 | `title_asc` | Title in ascending order |

--- a/ee/app/graphql/types/vulnerability_sort_enum.rb
+++ b/ee/app/graphql/types/vulnerability_sort_enum.rb
@@ -9,5 +9,7 @@ module Types
    value 'severity_asc', 'Severity in ascending order'
    value 'title_desc', 'Title in descending order'
    value 'title_asc', 'Title in ascending order'
+    value 'detected_desc', 'Detection timestamp in descending order'
+    value 'detected_asc', 'Detection timestamp in ascending order'
  end
 end
--- a/ee/app/models/ee/vulnerability.rb
+++ b/ee/app/models/ee/vulnerability.rb
@@ -90,6 +90,8 @@ module EE
      scope :order_severity_desc, -> { reorder(severity: :desc, id: :desc) }
      scope :order_title_asc, -> { reorder(title: :asc, id: :desc) }
      scope :order_title_desc, -> { reorder(title: :desc, id: :desc) }
+      scope :order_created_at_asc, -> { reorder(created_at: :asc, id: :desc) }
+      scope :order_created_at_desc, -> { reorder(created_at: :desc, id: :desc) }

      delegate :scanner_name, :scanner_external_id, :metadata, :message, :cve, :description,
      to: :finding, prefix: true, allow_nil: true
@@ -194,6 +196,8 @@ module EE
        when 'severity_asc' then order_severity_asc
        when 'title_desc' then order_title_desc
        when 'title_asc' then order_title_asc
+        when 'detected_desc' then order_created_at_desc
+        when 'detected_asc' then order_created_at_asc
        else
          order_severity_desc
        end

--- a/ee/changelogs/unreleased/249245-add-sorting-vulnerabilities-by-detected-at.yml
+++ b/ee/changelogs/unreleased/249245-add-sorting-vulnerabilities-by-detected-at.yml
+---
+title: Add ability to sort vulnerabilities by detected_at
+merge_request: 42950
+author:
+type: added
--- a/ee/spec/graphql/types/vulnerability_sort_enum_spec.rb
+++ b/ee/spec/graphql/types/vulnerability_sort_enum_spec.rb
@@ -6,6 +6,6 @@ RSpec.describe GitlabSchema.types['VulnerabilitySort'] do
  it { expect(described_class.graphql_name).to eq('VulnerabilitySort') }

  it 'exposes all the existing Vulnerability sort orders' do
-    expect(described_class.values.keys).to include(*%w[severity_desc severity_asc title_desc title_asc])
+    expect(described_class.values.keys).to include(*%w[severity_desc severity_asc title_desc title_asc detected_desc detected_asc])
  end
 end
--- a/ee/spec/models/ee/vulnerability_spec.rb
+++ b/ee/spec/models/ee/vulnerability_spec.rb
@@ -203,6 +203,28 @@ RSpec.describe Vulnerability do
    end
  end

+  describe '.order_created_at_' do
+    let_it_be(:old_vulnerability) { create(:vulnerability, created_at: 2.weeks.ago) }
+    let_it_be(:very_old_vulnerability) { create(:vulnerability, created_at: 1.year.ago) }
+    let_it_be(:fresh_vulnerability) { create(:vulnerability, created_at: 3.days.ago) }
+
+    describe 'desc' do
+      subject { described_class.order_created_at_asc }
+
+      it 'returns vulnerabilities ordered by created_at' do
+        is_expected.to eq([very_old_vulnerability, old_vulnerability, fresh_vulnerability])
+      end
+    end
+
+    describe 'asc' do
+      subject { described_class.order_created_at_desc }
+
+      it 'returns vulnerabilities ordered by created_at' do
+        is_expected.to eq([fresh_vulnerability, old_vulnerability, very_old_vulnerability])
+      end
+    end
+  end
+
  describe '.with_resolution' do
    let_it_be(:vulnerability_with_resolution) { create(:vulnerability, resolved_on_default_branch: true) }
    let_it_be(:vulnerability_without_resolution) { create(:vulnerability, resolved_on_default_branch: false) }