Commit aa564dc9 authored by Kerri Miller's avatar Kerri Miller

Merge branch...

Merge branch '332139-vulnerability-counts-are-not-updated-when-a-scanner-filter-is-applied' into 'master'

Add Scanner ID filter to vulnerabilitySeveritiesCount

See merge request gitlab-org/gitlab!63335
parents 19001b63 b5336ba1
......@@ -9551,6 +9551,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount).
| <a id="groupvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. |
| <a id="groupvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. |
| <a id="groupvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. |
| <a id="groupvulnerabilityseveritiescountscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. |
| <a id="groupvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. |
| <a id="groupvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. |
......@@ -9719,6 +9720,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount).
| <a id="instancesecuritydashboardvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. |
| <a id="instancesecuritydashboardvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. |
......@@ -11955,6 +11957,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount).
| <a id="projectvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. |
| <a id="projectvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. |
| <a id="projectvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. |
| <a id="projectvulnerabilityseveritiescountscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. |
| <a id="projectvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. |
| <a id="projectvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. |
......
......@@ -7,6 +7,7 @@ query vulnerabilitySeveritiesCount(
$reportType: [VulnerabilityReportType!]
$scanner: [String!]
$state: [VulnerabilityState!]
$scannerId: [VulnerabilitiesScannerID!]
$isGroup: Boolean = false
$isProject: Boolean = false
$isInstance: Boolean = false
......@@ -18,6 +19,7 @@ query vulnerabilitySeveritiesCount(
reportType: $reportType
scanner: $scanner
state: $state
scannerId: $scannerId
) {
...VulnerabilitySeveritiesCount
}
......@@ -29,6 +31,7 @@ query vulnerabilitySeveritiesCount(
reportType: $reportType
scanner: $scanner
state: $state
scannerId: $scannerId
) {
...VulnerabilitySeveritiesCount
}
......@@ -39,6 +42,7 @@ query vulnerabilitySeveritiesCount(
reportType: $reportType
scanner: $scanner
state: $state
scannerId: $scannerId
) {
...VulnerabilitySeveritiesCount
}
......
......@@ -35,5 +35,11 @@ module Resolvers
# dashboard
object.nil? && current_user.present?
end
def resolve_gids(gids, gid_class)
gids.map do |gid|
Types::GlobalIDType[gid_class].coerce_isolated_input(gid).model_id
end
end
end
end
......@@ -55,12 +55,6 @@ module Resolvers
private
def resolve_gids(gids, gid_class)
gids.map do |gid|
Types::GlobalIDType[gid_class].coerce_isolated_input(gid).model_id
end
end
def vulnerabilities(params)
Security::VulnerabilitiesFinder.new(vulnerable, params).execute
end
......
......@@ -29,9 +29,15 @@ module Resolvers
required: false,
description: 'Filter vulnerabilities by scanner.'
argument :scanner_id, [::Types::GlobalIDType[::Vulnerabilities::Scanner]],
required: false,
description: 'Filter vulnerabilities by scanner ID.'
def resolve(**args)
return Vulnerability.none unless vulnerable
args[:scanner_id] = resolve_gids(args[:scanner_id], ::Vulnerabilities::Scanner) if args[:scanner_id]
Hash.new(0)
.merge(vulnerabilities(args).grouped_by_severity.count)
end
......
......@@ -63,6 +63,14 @@ RSpec.describe Resolvers::VulnerabilitySeveritiesCountResolver do
end
end
context 'when given scanner ID' do
let(:filters) { { scanner_id: [GitlabSchema.id_from_object(high_vulnerability.finding.scanner)] } }
it 'only returns count for vulnerabilities with scanner ID' do
is_expected.to eq('high' => 1)
end
end
context 'when given report types' do
let(:filters) { { report_type: %i[dast sast] } }
......
......@@ -5,7 +5,7 @@ require 'spec_helper'
RSpec.describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user) }
let_it_be(:vulnerability) { create(:vulnerability, :high, project: project) }
let_it_be(:vulnerability) { create(:vulnerability, :high, :with_finding, project: project) }
let_it_be(:query) do
%(
......@@ -32,4 +32,24 @@ RSpec.describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
expect(high_count).to eq(1)
end
context 'with scannerId filter' do
let(:query) do
%(
query {
project(fullPath: "#{project.full_path}") {
vulnerabilitySeveritiesCount(scannerId: "#{GitlabSchema.id_from_object(vulnerability.finding.scanner)}") {
high
}
}
}
)
end
it 'counts vulnerabilities with issues' do
high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high')
expect(high_count).to eq(1)
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment