Adds a confidence filter to the GSD

Where the GSD is the group security dashboard. This adds: - A confidence filter to the store - A confidence filter to the vulnerabilities controller - Tests for all the above

Adds a confidence filter to the GSD
Where the GSD is the group security dashboard. This adds: - A confidence filter to the store - A confidence filter to the vulnerabilities controller - Tests for all the above
e1bc0131 · samdbeckham · 02a368b3 · e1bc0131 · e1bc0131 · e1bc0131
Commit e1bc0131 authored May 16, 2019 by samdbeckham
10 changed files
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -54,6 +54,7 @@ First, navigate to the Security Dashboard found under your group's
 Once you're on the dashboard, at the top you should see a series of filters for:

 - Severity
+- Confidence
 - Report type
 - Project


--- a/ee/app/assets/javascripts/security_dashboard/store/modules/filters/constants.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/modules/filters/constants.js
@@ -33,6 +33,10 @@ export const BASE_FILTERS = {
    name: s__('ciReport|All severities'),
    id: 'all',
  },
+  confidence: {
+    name: s__('ciReport|All confidence levels'),
+    id: 'all',
+  },
  report_type: {
    name: s__('ciReport|All report types'),
    id: 'all',

--- a/ee/app/assets/javascripts/security_dashboard/store/modules/filters/state.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/modules/filters/state.js
-import { SEVERITY_LEVELS, REPORT_TYPES, BASE_FILTERS } from './constants';
+import { SEVERITY_LEVELS, CONFIDENCE_LEVELS, REPORT_TYPES, BASE_FILTERS } from './constants';

 const optionsObjectToArray = obj => Object.entries(obj).map(([id, name]) => ({ id, name }));

@@ -10,6 +10,12 @@ export default () => ({
      options: [BASE_FILTERS.severity, ...optionsObjectToArray(SEVERITY_LEVELS)],
      selection: new Set(['all']),
    },
+    {
+      name: 'Confidence',
+      id: 'confidence',
+      options: [BASE_FILTERS.confidence, ...optionsObjectToArray(CONFIDENCE_LEVELS)],
+      selection: new Set(['all']),
+    },
    {
      name: 'Report type',
      id: 'report_type',

--- a/ee/app/controllers/groups/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
@@ -39,7 +39,7 @@ class Groups::Security::VulnerabilitiesController < Groups::Security::Applicatio
  private

  def filter_params
-    params.permit(report_type: [], project_id: [], severity: [])
+    params.permit(report_type: [], confidence: [], project_id: [], severity: [])
      .merge(hide_dismissed: Gitlab::Utils.to_boolean(params[:hide_dismissed]))
  end


--- a/ee/app/finders/security/vulnerabilities_finder.rb
+++ b/ee/app/finders/security/vulnerabilities_finder.rb
@@ -8,6 +8,7 @@
 #   group - object to filter vulnerabilities
 #   params:
 #     severity: Array<String>
+#     confidence: Array<String>
 #     project: Array<String>
 #     report_type: Array<String>

@@ -26,6 +27,7 @@ module Security
      collection = by_report_type(collection)
      collection = by_project(collection)
      collection = by_severity(collection)
+      collection = by_confidence(collection)
      collection
    end

@@ -53,6 +55,14 @@ module Security
          *params[:severity]).compact)
    end

+    def by_confidence(items)
+      return items unless params[:confidence].present?
+
+      items.by_confidences(
+        Vulnerabilities::Occurrence::CONFIDENCE_LEVELS.values_at(
+          *params[:confidence]).compact)
+    end
+
    def init_collection(scope)
      if scope == :all
        group.all_vulnerabilities

--- a/ee/app/models/vulnerabilities/occurrence.rb
+++ b/ee/app/models/vulnerabilities/occurrence.rb
@@ -79,6 +79,7 @@ module Vulnerabilities
    scope :by_report_types, -> (values) { where(report_type: values) }
    scope :by_projects, -> (values) { where(project_id: values) }
    scope :by_severities, -> (values) { where(severity: values) }
+    scope :by_confidences, -> (values) { where(confidence: values) }

    scope :all_preloaded, -> do
      preload(:scanner, :identifiers, project: [:namespace, :project_feature])

--- a/ee/changelogs/unreleased/gsd-confidence-filter.yml
+++ b/ee/changelogs/unreleased/gsd-confidence-filter.yml
+---
+title: Adds a confidence filter to the Group Security Dashboard
+merge_request: 12805
+author:
+type: added
--- a/ee/spec/javascripts/security_dashboard/components/filters_spec.js
+++ b/ee/spec/javascripts/security_dashboard/components/filters_spec.js
@@ -18,7 +18,7 @@ describe('Filter component', () => {
    });

    it('should display all filters', () => {
-      expect(vm.$el.querySelectorAll('.js-filter').length).toEqual(3);
+      expect(vm.$el.querySelectorAll('.js-filter').length).toEqual(4);
    });
  });
 });
--- a/ee/spec/models/vulnerabilities/occurrence_spec.rb
+++ b/ee/spec/models/vulnerabilities/occurrence_spec.rb
@@ -234,6 +234,29 @@ describe Vulnerabilities::Occurrence do
    end
  end

+  describe '.by_confidences' do
+    let!(:vulnerability_high) { create(:vulnerabilities_occurrence, confidence: :high) }
+    let!(:vulnerability_low) { create(:vulnerabilities_occurrence, confidence: :low) }
+
+    subject { described_class.by_confidences(param) }
+
+    context 'with one param' do
+      let(:param) { 4 }
+
+      it 'returns found record' do
+        is_expected.to contain_exactly(vulnerability_low)
+      end
+    end
+
+    context 'without found record' do
+      let(:param) { 7 }
+
+      it 'returns empty collection' do
+        is_expected.to be_empty
+      end
+    end
+  end
+
  describe '.counted_by_severity' do
    let!(:high_vulnerabilities) { create_list(:vulnerabilities_occurrence, 3, severity: :high) }
    let!(:medium_vulnerabilities) { create_list(:vulnerabilities_occurrence, 2, severity: :medium) }

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -14746,6 +14746,9 @@ msgstr ""
 msgid "ciReport|(is loading, errors when loading results)"
 msgstr ""

+msgid "ciReport|All confidence levels"
+msgstr ""
+
 msgid "ciReport|All projects"
 msgstr ""