Improve error message for failed bulk vulnerability status update
Context
This improvement was suggested by @svedova in !119476 (merged).
As is
At the moment, the error message displays the raw IDs of all the vulnerabilities that could not be updated, but this isn't super useful.
Proposal
Keep the current error message, but make all IDs individual hyperlinks that link to their vulnerability detail page.
Implementation steps
- When updates fail, instead of constructing the
updateErrorText
fromrejected
, userejected
in the template to loop over all failed vulnerabilities. - Store the whole
gid
inrejected
instead of only the last part, so it can be used to match with selected vulnerabilities. - For each failed vulnerablity, show
gl-link
component which usesvulnerabilityPath
to construct thehref
and split last part ofgid
to only short last part ofgid
, e.g. "gid://gitlab/Vulnerability/2214321" -> "2214321". This is currently also done, but within thehandleSubmit
method when constructing theupdateErrorText
Verification steps
- Go to security-reports vulnerability report
- Select a couple of vulnerabilities
- Mock a graphql error by going to network tab in chrome devtools, search for "/api/graphql", right-click on one of the entries, and select "Block request URL"
- Change status of the selected vulnerabilities to anything you like
- Verify that the IDs of the vulnerabilities that failed to update appear (like before), now each ID is a hyperlink.
- Verify that clicking an ID goes to that vulnerability detail page
Edited by Lorenz van Herwaarden