Commit a7128f0e authored by Alan (Maciej) Paruszewski's avatar Alan (Maciej) Paruszewski Committed by Bob Van Landuyt

Add ability to sort vulnerabilities by report type

This change adds ability to sort vulnerabilities by report type in
GraphQL.
parent 09e608d8
......@@ -19836,6 +19836,16 @@ enum VulnerabilitySort {
"""
detected_desc
"""
Report Type in ascending order
"""
report_type_asc
"""
Report Type in descending order
"""
report_type_desc
"""
Severity in ascending order
"""
......
......@@ -57815,6 +57815,18 @@
"description": "Detection timestamp in ascending order",
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "report_type_desc",
"description": "Report Type in descending order",
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "report_type_asc",
"description": "Report Type in ascending order",
"isDeprecated": false,
"deprecationReason": null
}
],
"possibleTypes": null
......@@ -3640,6 +3640,8 @@ Vulnerability sort values.
| ----- | ----------- |
| `detected_asc` | Detection timestamp in ascending order |
| `detected_desc` | Detection timestamp in descending order |
| `report_type_asc` | Report Type in ascending order |
| `report_type_desc` | Report Type in descending order |
| `severity_asc` | Severity in ascending order |
| `severity_desc` | Severity in descending order |
| `title_asc` | Title in ascending order |
......
......@@ -11,5 +11,7 @@ module Types
value 'title_asc', 'Title in ascending order'
value 'detected_desc', 'Detection timestamp in descending order'
value 'detected_asc', 'Detection timestamp in ascending order'
value 'report_type_desc', 'Report Type in descending order'
value 'report_type_asc', 'Report Type in ascending order'
end
end
......@@ -103,6 +103,8 @@ module EE
scope :order_title_desc, -> { reorder(title: :desc, id: :desc) }
scope :order_created_at_asc, -> { reorder(created_at: :asc, id: :desc) }
scope :order_created_at_desc, -> { reorder(created_at: :desc, id: :desc) }
scope :order_report_type_asc, -> { reorder(report_type_order.asc, id: :desc) }
scope :order_report_type_desc, -> { reorder(report_type_order.desc, id: :desc) }
scope :order_id_desc, -> { reorder(id: :desc) }
scope :with_limit, -> (maximum) { limit(maximum) }
......@@ -192,6 +194,18 @@ module EE
)
end
def report_type_order
report_types
.sort
.to_h
.values
.each
.with_index
.reduce(Arel::Nodes::Case.new(arel_table[:report_type])) do |node, (value, index)|
node.when(value).then(index)
end
end
def active_states
ACTIVE_STATES
end
......@@ -212,6 +226,8 @@ module EE
when 'title_asc' then order_title_asc
when 'detected_desc' then order_created_at_desc
when 'detected_asc' then order_created_at_asc
when 'report_type_desc' then order_report_type_desc
when 'report_type_asc' then order_report_type_asc
else
order_severity_desc
end
......
---
title: Add ability to sort vulnerabilities by report type in GraphQL
merge_request: 42979
author:
type: added
......@@ -6,6 +6,6 @@ RSpec.describe GitlabSchema.types['VulnerabilitySort'] do
it { expect(described_class.graphql_name).to eq('VulnerabilitySort') }
it 'exposes all the existing Vulnerability sort orders' do
expect(described_class.values.keys).to include(*%w[severity_desc severity_asc title_desc title_asc detected_desc detected_asc])
expect(described_class.values.keys).to include(*%w[severity_desc severity_asc title_desc title_asc detected_desc detected_asc report_type_desc report_type_asc])
end
end
......@@ -301,6 +301,29 @@ RSpec.describe Vulnerability do
end
end
describe '.order_report_type' do
let_it_be(:vulnerability_dast) { create(:vulnerability, :dast) }
let_it_be(:vulnerability_secret_detection) { create(:vulnerability, :secret_detection) }
let_it_be(:vulnerability_sast) { create(:vulnerability, :sast) }
let_it_be(:vulnerability_coverage_fuzzing) { create(:vulnerability, :coverage_fuzzing) }
describe 'asc' do
subject { described_class.order_report_type_asc }
it 'returns vulnerabilities ordered by report_type' do
is_expected.to eq([vulnerability_coverage_fuzzing, vulnerability_dast, vulnerability_sast, vulnerability_secret_detection])
end
end
describe 'desc' do
subject { described_class.order_report_type_desc }
it 'returns vulnerabilities ordered by report_type' do
is_expected.to eq([vulnerability_secret_detection, vulnerability_sast, vulnerability_dast, vulnerability_coverage_fuzzing])
end
end
end
describe '.with_resolution' do
let_it_be(:vulnerability_with_resolution) { create(:vulnerability, resolved_on_default_branch: true) }
let_it_be(:vulnerability_without_resolution) { create(:vulnerability, resolved_on_default_branch: false) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment