Show additional columns on group/instance sec dash

- show identifier column - show scanner column - update tests - update docs

Show additional columns on group/instance sec dash
- show identifier column - show scanner column - update tests - update docs
7a10cf41 · Alexander Turinske · Mark Florian · 277c8def · 277c8def · 7a10cf41
Commit 7a10cf41 authored Sep 11, 2020 by Alexander Turinske Committed by Mark Florian Sep 11, 2020
9 changed files
--- a/doc/user/application_security/security_dashboard/img/group_vulnerability_report_v13_3.png
+++ b/doc/user/application_security/security_dashboard/img/group_vulnerability_report_v13_3.png
--- a/doc/user/application_security/security_dashboard/img/group_vulnerability_report_v13_4.png
+++ b/doc/user/application_security/security_dashboard/img/group_vulnerability_report_v13_4.png
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -196,7 +196,7 @@ to configure daily security scans.
 Each dashboard's vulnerability list contains vulnerabilities from the latest scans that were merged
 into the default branch.

-![Vulnerability Report](img/group_vulnerability_report_v13_3.png)
+![Vulnerability Report](img/group_vulnerability_report_v13_4.png)

 You can filter which vulnerabilities the Security Dashboard displays by:


--- a/ee/app/assets/javascripts/security_dashboard/components/project_vulnerabilities.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/project_vulnerabilities.vue
@@ -130,8 +130,6 @@ export default {
      :is-loading="isLoadingFirstVulnerabilities"
      :filters="filters"
      :vulnerabilities="vulnerabilities"
-      :should-show-identifier="true"
-      :should-show-report-type="true"
      :security-scanners="securityScanners"
      @refetch-vulnerabilities="refetchVulnerabilities"
    />

--- a/ee/app/assets/javascripts/security_dashboard/components/vulnerability_list.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/vulnerability_list.vue
@@ -53,16 +53,6 @@ export default {
      required: false,
      default: () => ({}),
    },
-    shouldShowIdentifier: {
-      type: Boolean,
-      required: false,
-      default: false,
-    },
-    shouldShowReportType: {
-      type: Boolean,
-      required: false,
-      default: false,
-    },
    securityScanners: {
      type: Object,
      required: false,
@@ -157,31 +147,25 @@ export default {
          thClass: 'description',
          tdClass: 'description gl-word-break-all',
        },
-      ];
-
-      if (this.shouldShowSelection) {
-        baseFields.unshift({
-          key: 'checkbox',
-          thClass: 'checkbox',
-          tdClass: 'checkbox',
-        });
-      }
-
-      if (this.shouldShowIdentifier) {
-        baseFields.push({
+        {
          key: 'identifier',
          label: s__('Vulnerability|Identifier'),
          thClass: 'identifier',
          tdClass: 'identifier gl-word-break-all',
-        });
-      }
-
-      if (this.shouldShowReportType) {
-        baseFields.push({
+        },
+        {
          key: 'reportType',
          label: s__('Reports|Scanner'),
          thClass: 'scanner',
          tdClass: 'scanner',
+        },
+      ];
+
+      if (this.shouldShowSelection) {
+        baseFields.unshift({
+          key: 'checkbox',
+          thClass: 'checkbox',
+          tdClass: 'checkbox',
        });
      }


--- a/ee/changelogs/unreleased/230379-scanner-identifier-columns-on-group-instance-dash.yml
+++ b/ee/changelogs/unreleased/230379-scanner-identifier-columns-on-group-instance-dash.yml
+---
+title: Show additional columns in Group and Instance Security Dashboards
+merge_request: 41829
+author:
+type: changed
--- a/ee/spec/frontend/security_dashboard/components/first_class_group_security_dashboard_vulnerabilities_spec.js
+++ b/ee/spec/frontend/security_dashboard/components/first_class_group_security_dashboard_vulnerabilities_spec.js
@@ -103,9 +103,7 @@ describe('First Class Group Dashboard Vulnerabilities Component', () => {
      expect(findVulnerabilities().props()).toEqual({
        filters: {},
        isLoading: false,
-        shouldShowIdentifier: false,
        securityScanners: {},
-        shouldShowReportType: false,
        shouldShowSelection: true,
        shouldShowProjectNamespace: true,
        vulnerabilities,

--- a/ee/spec/frontend/security_dashboard/components/first_class_instance_security_dashboard_vulnerabilities_spec.js
+++ b/ee/spec/frontend/security_dashboard/components/first_class_instance_security_dashboard_vulnerabilities_spec.js
@@ -119,9 +119,7 @@ describe('First Class Instance Dashboard Vulnerabilities Component', () => {
      expect(findVulnerabilities().props()).toEqual({
        filters: {},
        isLoading: false,
-        shouldShowIdentifier: false,
        securityScanners: {},
-        shouldShowReportType: false,
        shouldShowSelection: true,
        shouldShowProjectNamespace: true,
        vulnerabilities,

--- a/ee/spec/frontend/security_dashboard/components/vulnerability_list_spec.js
+++ b/ee/spec/frontend/security_dashboard/components/vulnerability_list_spec.js
@@ -84,6 +84,38 @@ describe('Vulnerability list component', () => {
      expect(cell.text()).toBe(newVulnerabilities[0].title);
    });

+    it('should correctly render the identifier cell', () => {
+      const identifiers = findDataCells('vulnerability-identifier');
+      const extraIdentifierCounts = findDataCells('vulnerability-more-identifiers');
+
+      const firstIdentifiers = newVulnerabilities[0].identifiers;
+      expect(identifiers.at(0).text()).toBe(firstIdentifiers[0].name);
+      expect(trimText(extraIdentifierCounts.at(0).text())).toContain(
+        `${firstIdentifiers.length - 1} more`,
+      );
+
+      expect(identifiers.at(1).text()).toBe(newVulnerabilities[1].identifiers[0].name);
+      expect(extraIdentifierCounts).toHaveLength(1);
+    });
+
+    it('should correctly render the report type cell', () => {
+      const cells = findDataCells('vulnerability-report-type');
+      expect(cells.at(0).text()).toBe('SAST');
+      expect(cells.at(1).text()).toBe('Dependency Scanning');
+      expect(cells.at(2).text()).toBe('Custom scanner without translation');
+      expect(cells.at(3).text()).toBe('');
+    });
+
+    it('should correctly render the vulnerability vendor if the vulnerability vendor does exist', () => {
+      const cells = findDataCells('vulnerability-vendor');
+      expect(cells.at(0).text()).toBe('GitLab');
+    });
+
+    it('should correctly render an empty string if the vulnerability vendor does not exist', () => {
+      const cells = findDataCells('vulnerability-vendor');
+      expect(cells.at(3).text()).toBe('');
+    });
+
    it('should not show the selection summary if no vulnerabilities are selected', () => {
      expect(findSelectionSummary().exists()).toBe(false);
    });
@@ -164,19 +196,6 @@ describe('Vulnerability list component', () => {
      expect(cellText).toEqual(project.nameWithNamespace);
      expect(cellText).not.toContain('(line: ');
    });
-
-    it('should not display the vulnerability identifier cell', () => {
-      const identifier = findDataCell('vulnerability-identifier');
-      expect(identifier.exists()).toBe(false);
-
-      const extraIdentifierCount = findDataCell('vulnerability-more-identifiers');
-      expect(extraIdentifierCount.exists()).toBe(false);
-    });
-
-    it('should not display the vulnerability report type', () => {
-      const cell = findDataCell('vulnerability-report-type');
-      expect(cell.exists()).toBe(false);
-    });
  });

  describe('when displayed on a project level dashboard', () => {
@@ -219,38 +238,6 @@ describe('Vulnerability list component', () => {
      expect(cellText).not.toContain(project.nameWithNamespace);
      expect(cellText).toEqual(location.file);
    });
-
-    it('should correctly render the identifier cell', () => {
-      const identifiers = findDataCells('vulnerability-identifier');
-      const extraIdentifierCounts = findDataCells('vulnerability-more-identifiers');
-
-      const firstIdentifiers = newVulnerabilities[0].identifiers;
-      expect(identifiers.at(0).text()).toBe(firstIdentifiers[0].name);
-      expect(trimText(extraIdentifierCounts.at(0).text())).toContain(
-        `${firstIdentifiers.length - 1} more`,
-      );
-
-      expect(identifiers.at(1).text()).toBe(newVulnerabilities[1].identifiers[0].name);
-      expect(extraIdentifierCounts).toHaveLength(1);
-    });
-
-    it('should display the vulnerability report type', () => {
-      const cells = findDataCells('vulnerability-report-type');
-      expect(cells.at(0).text()).toBe('SAST');
-      expect(cells.at(1).text()).toBe('Dependency Scanning');
-      expect(cells.at(2).text()).toBe('Custom scanner without translation');
-      expect(cells.at(3).text()).toBe('');
-    });
-
-    it('should display the vulnerability vendor if the vulnerability vendor does exist', () => {
-      const cells = findDataCells('vulnerability-vendor');
-      expect(cells.at(0).text()).toBe('GitLab');
-    });
-
-    it('should display an empty string if the vulnerability vendor does not exist', () => {
-      const cells = findDataCells('vulnerability-vendor');
-      expect(cells.at(3).text()).toBe('');
-    });
  });

  describe('when has an issue associated', () => {