Dismiss action w/ dismissed vulnerabilities hidden

When dismissed vulnerabilities are hidden:
- Vulnerabilities list is refreshed when a vulnerability is dismissed
- A toast notification confirms the dismissal and lets the user undo it
- When cancelling the dismissal, the vulnerabilities list is refreshed

ee/app/assets/javascripts/security_dashboard/store/modules/vulnerabilities/actions.js

@@ -149,14 +149,40 @@ export const receiveCreateIssueError = ({ commit }, { flashError }) => {
 };
 
 export const dismissVulnerability = (
-  { dispatch, state },
+  { dispatch, state, rootState },
   { vulnerability, flashError, comment },
 ) => {
+  const page = state.pageInfo && state.pageInfo.page ? state.pageInfo.page : 1;
+  const dismissedVulnerabilitiesHidden = Boolean(
+    rootState.filters && rootState.filters.hide_dismissed,
+  );
   dispatch('requestDismissVulnerability');
 
-  const toastMsg = sprintf(s__("Security Reports|Dismissed '%{vulnerabilityName}'"), {
-    vulnerabilityName: vulnerability.name,
-  });
+  const toastMsg = sprintf(
+    dismissedVulnerabilitiesHidden
+      ? s__(
+          "Security Reports|Dismissed '%{vulnerabilityName}'. Turn off the hide dismissed toggle to view.",
+        )
+      : s__("Security Reports|Dismissed '%{vulnerabilityName}'"),
+    {
+      vulnerabilityName: vulnerability.name,
+    },
+  );
+  const toastOptions = dismissedVulnerabilitiesHidden
+    ? {
+        action: {
+          text: s__('Security Reports|Undo dismiss'),
+          onClick: (e, toastObject) => {
+            if (vulnerability.dismissal_feedback) {
+              dispatch('undoDismiss', { vulnerability })
+                .then(() => dispatch('fetchVulnerabilities', { page }))
+                .catch(() => {});
+              toastObject.goAway(0);
+            }
+          },
+        },
+      }
+    : {};
 
   axios
     .post(vulnerability.create_vulnerability_feedback_dismissal_path, {
@@ -175,7 +201,14 @@ export const dismissVulnerability = (
     .then(({ data }) => {
       dispatch('closeDismissalCommentBox');
       dispatch('receiveDismissVulnerabilitySuccess', { vulnerability, data });
-      toast(toastMsg);
+      if (dismissedVulnerabilitiesHidden) {
+        dispatch('fetchVulnerabilities', {
+          // If we just dismissed the last vulnerability on the active page,
+          // we load the previous page if any
+          page: state.vulnerabilities.length === 1 && page > 1 ? page - 1 : page,
+        });
+      }
+      toast(toastMsg, toastOptions);
     })
     .catch(() => {
       dispatch('receiveDismissVulnerabilityError', { flashError });
@@ -298,7 +331,7 @@ export const undoDismiss = ({ dispatch }, { vulnerability, flashError }) => {
 
   dispatch('requestUndoDismiss');
 
-  axios
+  return axios
     .delete(destroy_vulnerability_feedback_dismissal_path)
     .then(() => {
       dispatch('receiveUndoDismissSuccess', { vulnerability });

ee/changelogs/unreleased/9102-hide-dismissed-vulnerabilities-dismiss-action.yml

+---
+title: Implement dismissal behaviour when dismissed vulnerabilities are hidden
+merge_request: 16207
+author:
+type: changed

ee/spec/javascripts/security_dashboard/store/vulnerabilities/actions_spec.js

@@ -758,6 +758,71 @@ describe('vulnerability dismissal', () => {
         );
       });
     });
+
+    describe('with dismissed vulnerabilities hidden', () => {
+      beforeEach(() => {
+        state = {
+          ...initialState(),
+          filters: {
+            hide_dismissed: true,
+          },
+        };
+        mock
+          .onPost(vulnerability.create_vulnerability_feedback_dismissal_path)
+          .replyOnce(200, data);
+      });
+
+      it('should show the dismissal toast message and refresh vulnerabilities', done => {
+        spyOn(Vue.toasted, 'show').and.callThrough();
+
+        const checkToastMessage = () => {
+          const [message, options] = Vue.toasted.show.calls.argsFor(0);
+
+          expect(Vue.toasted.show).toHaveBeenCalledTimes(1);
+          expect(message).toContain('Turn off the hide dismissed toggle to view');
+          expect(options.action.length).toBe(2);
+          done();
+        };
+
+        testAction(
+          actions.dismissVulnerability,
+          { vulnerability, comment },
+          state,
+          [],
+          [
+            { type: 'requestDismissVulnerability' },
+            { type: 'closeDismissalCommentBox' },
+            {
+              type: 'receiveDismissVulnerabilitySuccess',
+              payload: { data, vulnerability },
+            },
+            { type: 'fetchVulnerabilities', payload: { page: 1 } },
+          ],
+          checkToastMessage,
+        );
+      });
+
+      it('should load the previous page if there is no more vulnerabiliy on the current one and page > 1', () => {
+        state.vulnerabilities = [mockDataVulnerabilities[0]];
+        state.pageInfo.page = 3;
+
+        testAction(
+          actions.dismissVulnerability,
+          { vulnerability, comment },
+          state,
+          [],
+          [
+            { type: 'requestDismissVulnerability' },
+            { type: 'closeDismissalCommentBox' },
+            {
+              type: 'receiveDismissVulnerabilitySuccess',
+              payload: { data, vulnerability },
+            },
+            { type: 'fetchVulnerabilities', payload: { page: 2 } },
+          ],
+        );
+      });
+    });
   });
 
   describe('receiveDismissVulnerabilitySuccess', () => {

locale/gitlab.pot

@@ -14336,6 +14336,9 @@ msgstr ""
 msgid "Security Reports|Dismissed '%{vulnerabilityName}'"
 msgstr ""
 
+msgid "Security Reports|Dismissed '%{vulnerabilityName}'. Turn off the hide dismissed toggle to view."
+msgstr ""
+
 msgid "Security Reports|Either you don't have permission to view this dashboard or the dashboard has not been setup. Please check your permission settings with your administrator or check your dashboard configurations to proceed."
 msgstr ""