From 47c5d9ccab59c0b3227ca08f681eb7ca2add95dd Mon Sep 17 00:00:00 2001
From: Dheeraj Joshi <djoshi@gitlab.com>
Date: Thu, 11 Feb 2021 20:25:47 +0530
Subject: [PATCH] Add option to download scanned resources
This should disable listing scanned resources
until we fix timeout issues, and thus only
allow user to download them
---
.../components/security_reports_summary.vue | 12 +++++++++++
...line_security_report_summary.query.graphql | 16 ++++++++-------
.../security_reports_summary_spec.js | 20 +++++++++++++++++++
locale/gitlab.pot | 3 +++
4 files changed, 44 insertions(+), 7 deletions(-)
diff --git a/ee/app/assets/javascripts/security_dashboard/components/security_reports_summary.vue b/ee/app/assets/javascripts/security_dashboard/components/security_reports_summary.vue
index 14f743461767..48f17841b000 100644
--- a/ee/app/assets/javascripts/security_dashboard/components/security_reports_summary.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/security_reports_summary.vue
@@ -6,6 +6,7 @@ import {
GlCollapseToggleDirective,
GlSprintf,
GlModalDirective,
+ GlLink,
} from '@gitlab/ui';
import Modal from 'ee/vue_shared/security_reports/components/dast_modal.vue';
import AccessorUtilities from '~/lib/utils/accessor';
@@ -21,6 +22,7 @@ export default {
GlCollapse,
GlSprintf,
Modal,
+ GlLink,
},
directives: {
collapseToggle: GlCollapseToggleDirective,
@@ -132,6 +134,16 @@ export default {
:download-link="downloadLink(scanSummary)"
/>
</template>
+ <template v-else-if="scanSummary.scannedResourcesCsvPath">
+ <gl-link
+ download
+ :href="downloadLink(scanSummary)"
+ class="gl-ml-1"
+ data-testid="download-link"
+ >
+ ({{ s__('SecurityReports|Download scanned resources') }})
+ </gl-link>
+ </template>
</div>
</div>
</gl-collapse>
diff --git a/ee/app/assets/javascripts/security_dashboard/graphql/queries/pipeline_security_report_summary.query.graphql b/ee/app/assets/javascripts/security_dashboard/graphql/queries/pipeline_security_report_summary.query.graphql
index 666e54ce0e58..75a6bc74f0e5 100644
--- a/ee/app/assets/javascripts/security_dashboard/graphql/queries/pipeline_security_report_summary.query.graphql
+++ b/ee/app/assets/javascripts/security_dashboard/graphql/queries/pipeline_security_report_summary.query.graphql
@@ -4,14 +4,16 @@ query($fullPath: ID!, $pipelineIid: ID!) {
securityReportSummary {
dast {
vulnerabilitiesCount
- scannedResourcesCount
scannedResourcesCsvPath
- scannedResources {
- nodes {
- requestMethod
- url
- }
- }
+ # The following fields will be added in
+ # https://gitlab.com/gitlab-org/gitlab/-/issues/321586
+ # scannedResourcesCount
+ # scannedResources {
+ # nodes {
+ # requestMethod
+ # url
+ # }
+ # }
}
sast {
vulnerabilitiesCount
diff --git a/ee/spec/frontend/security_dashboard/components/security_reports_summary_spec.js b/ee/spec/frontend/security_dashboard/components/security_reports_summary_spec.js
index f4e54f928717..17a6a1a9d85d 100644
--- a/ee/spec/frontend/security_dashboard/components/security_reports_summary_spec.js
+++ b/ee/spec/frontend/security_dashboard/components/security_reports_summary_spec.js
@@ -28,6 +28,7 @@ describe('Security reports summary component', () => {
const findToggleButton = () => wrapper.find('[data-testid="collapse-button"]');
const findModalButton = () => wrapper.find('[data-testid="modal-button"]');
+ const findDownloadLink = () => wrapper.find('[data-testid="download-link"]');
beforeEach(() => {
jest.spyOn(AccessorUtilities, 'isLocalStorageAccessSafe').mockReturnValue(true);
@@ -208,4 +209,23 @@ describe('Security reports summary component', () => {
expect(glModalDirective).toHaveBeenCalledWith({ dastUrl: true });
});
});
+
+ describe('with scanned resources download path', () => {
+ const dastProps = {
+ vulnerabilitiesCount: 10,
+ scannedResourcesCsvPath: '/download/path',
+ };
+
+ beforeEach(() => {
+ createWrapper({
+ propsData: {
+ summary: { dast: dastProps },
+ },
+ });
+ });
+
+ it('should contain a download link', () => {
+ expect(findDownloadLink().attributes('href')).toBe('/download/path');
+ });
+ });
});
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 79d393fd2224..3a3074e4f63e 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -26204,6 +26204,9 @@ msgstr ""
msgid "SecurityReports|Download results"
msgstr ""
+msgid "SecurityReports|Download scanned resources"
+msgstr ""
+
msgid "SecurityReports|Either you don't have permission to view this dashboard or the dashboard has not been setup. Please check your permission settings with your administrator or check your dashboard configurations to proceed."
msgstr ""
--
GitLab