Archived projects show up in the group-level vulnerability report filters
Example GraphQL request
query groupProjects($fullPath: ID!, $ids: [ID!], $search: String, $pageSize: Int, $after: String) {
group(fullPath: $fullPath) {
id
projects(
includeSubgroups: true
includeArchived: true
ids: $ids
search: $search
first: $pageSize
after: $after
) {
edges {
node {
id
name
archived
}
}
pageInfo {
endCursor
hasNextPage
}
}
}
}
variables
{
"fullPath": "gitlab-org",
"search": " API Fuzzing POC Old"
}
To reproduce
-
Import the webgoat project into your local gdk under a group
- the group I use in this example is http://gdk.test:3000/gitlab-org
- We will be archiving this project, so if you already have it imported maybe name it "Archived Webgoat.Net" to make it easy to distinguish in the project filter dropdown (this is the name I use in this example)
-
Archive the project
-
now view the group level vulnerability report for the group you imported this project under
-
When you click the projects filter drop-down, you will see our archived project as an option
- this is the bug: archived projects should not be included in the group-level report view
example
Implementation Plan
I believe that since we have added the new filter to the finder and the resolver we just need to update the security_dashboard/graphql/queries/group_projects.query.graphql
to use the new filter:
diff --git a/ee/app/assets/javascripts/security_dashboard/graphql/queries/group_projects.query.graphql b/ee/app/assets/javascripts/security_dashboard/graphql/queries/group_projects.query.graphql
index e33d06d0e9e4..50d158bea33e 100644
--- a/ee/app/assets/javascripts/security_dashboard/graphql/queries/group_projects.query.graphql
+++ b/ee/app/assets/javascripts/security_dashboard/graphql/queries/group_projects.query.graphql
@@ -1,7 +1,7 @@
query groupProjects($fullPath: ID!, $ids: [ID!], $search: String, $pageSize: Int, $after: String) {
group(fullPath: $fullPath) {
id
- projects(includeSubgroups: true, ids: $ids, search: $search, first: $pageSize, after: $after) {
+ projects(includeSubgroups: true, includeArchived: false, ids: $ids, search: $search, first: $pageSize, after: $after) {
edges {
node {
id
Edited by Michael Becker