Inconsistent display of vulnerability comment when state changed from vulnerability report UI, cannot delete/change
Summary
There are two ways to change the status of a vulnerability and enter a comment relating to the change:
- Click on the individual vulnerability in the Vulnerability Report to bring up the details page, and then change the status and then add a comment
- Tick the checkbox next to the vulnerability in the Vulnerability Report page, enter the status and comment and click Change Status. Then locate the vulnerability and click on it to bring up the details page.
The first method results in a comment associated with the status change that can then be edited and deleted:
The second method results in the comment being incorporated into the event summary line, and in the details page the "Add a comment box" is displayed, but if you try to add a comment it either gets reset when the auto-refresh of the discussion objects takes place, or if you are fast enough outputs a "Something went wrong trying to save the comment" error.
The behaviour of the vulnerability details page should not vary depending on how the status change and comment were initially performed, and you should be able to delete and edit the comment associated with the vulnerability status change when created by the second method.
Steps to reproduce
See recordings above.
Example Project
What is the current bug behavior?
Comments added via the Vulnerability Report Change Status button are not able to be deleted or edited in the vulnerability details page, and the "Add a comment" dialog is unusable.
What is the expected correct behavior?
Comments entered via the Vulnerability Report page should be treated exactly as they are when entered via the vulnerability details page.
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: \`sudo gitlab-rake gitlab:env:info\`) (For installations from source run and paste the output of: \`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production\`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:check SANITIZE=true`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`) (we will only investigate if the tests are passing)