Apply all filtering from token on vulnerability report
Summary
When using the enhanced filtering on the vulnerability report (Enable vulnerability_report_advanced_filtering
feature flag), only the last token which you apply is used to filter the results. The filtering of all tokens need to be taken into account.
Check the screen recording. At first it filters on state and dismissal reason. When applying the medium severity via the token, it then only applies that and loses the state filtering.
Possible fix
Similar to how is done in vulnerability_filters.vue, we need to store the full query object and keep it up to date based on subsequent filters-changed events.
// example
updateFilterQuery(query) {
const oldQuery = cloneDeep(this.filterQuery);
this.filterQuery = { ...this.filterQuery, ...query };
// Don't emit if the filters didn't change because it will trigger the GraphQL queries to run.
if (!isEqual(oldQuery, this.filterQuery)) {
this.emitFilterChange();
}
},
Verification steps
-
Go to https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/verify-epic-3429/-/security/vulnerability_report -
Play with the filters and verify the vulnerability report is being filtered correctly -
Make sure the filters are persisted through URL changes -
Make sure filters are combined (e.g. status + severity filters works correctly)
Edited by Savas Vedova