Merge pull request #1024 from hmrc/BDOG-3374

BDOG-3374 Only show requested curation status on vulnerabilities serv…

Author: colin-lamed

app/uk/gov/hmrc/cataloguefrontend/view/partials/code.scala.html

@@ -57,7 +57,7 @@
             }
             @if(repo.repoType == RepoType.Service) {
                 <li>
-                    <a id="link-to-vulnerabilities" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesList(None, curationStatus = Some(CurationStatus.ActionRequired.asString), Some(s"\"${repo.name}\""), None)">
+                    <a id="link-to-vulnerabilities" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesList(None, curationStatus = Some(CurationStatus.ActionRequired), Some(s"\"${repo.name}\""), None)">
                         Vulnerabilities
                     </a>
                 </li>

app/uk/gov/hmrc/cataloguefrontend/view/standard_layout.scala.html

@@ -182,9 +182,9 @@
                                 <li><a id="link-to-leak-detection-rules" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.leakdetection.routes.LeakDetectionController.ruleSummaries">Leak Detection - Rules</a></li>
                                 <li><a id="link-to-leak-detection-repositories" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.leakdetection.routes.LeakDetectionController.repoSummaries(includeWarnings = false, includeExemptions = false, includeViolations = true)">Leak Detection - Repositories</a></li>
                                 <li><hr class="dropdown-divider"></li>
-                                <li><a id="link-to-vulnerabilities" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesList(None, curationStatus = Some(CurationStatus.ActionRequired.asString), None, None)">Vulnerabilities</a></li>
+                                <li><a id="link-to-vulnerabilities" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesList(None, curationStatus = Some(CurationStatus.ActionRequired), None, None)">Vulnerabilities</a></li>
                                 <li><a id="link-to-vulnerabilities-services" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesForServices()">Vulnerabilities - Services</a></li>
-                                <li><a id="link-to-vulnerabilities-timeline" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesTimeline(None, None, None, curationStatus = Some(CurationStatus.ActionRequired.asString))">Vulnerabilities - Timeline</a></li>
+                                <li><a id="link-to-vulnerabilities-timeline" class="dropdown-item" href="@uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesTimeline(None, None, None, curationStatus = Some(CurationStatus.ActionRequired))">Vulnerabilities - Timeline</a></li>
                                 <li><hr class="dropdown-divider"></li>
                                 <li><a id="link-to-pr-commenter-recommendations" class="dropdown-item" href="@prcommenterRoutes.PrCommenterController.recommendations()">PR-Commenter Recommendations</a></li>
                             </ul>

app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/CurationStatus.scala

@@ -17,6 +17,7 @@
 package uk.gov.hmrc.cataloguefrontend.vulnerabilities
 
 import play.api.libs.json.Reads
+import play.api.mvc.QueryStringBindable
 import uk.gov.hmrc.cataloguefrontend.util.{FormFormat, FromString, FromStringEnum, Parser}
 
 import FromStringEnum._
@@ -27,7 +28,7 @@ enum CurationStatus(
   override val asString: String,
   val displayString    : String
 ) extends FromString
-  derives Ordering, Reads, FormFormat:
+  derives Ordering, Reads, FormFormat, QueryStringBindable:
   case InvestigationOngoing extends CurationStatus(asString = "INVESTIGATION_ONGOING", displayString = "Investigation ongoing")
   case NoActionRequired     extends CurationStatus(asString = "NO_ACTION_REQUIRED"   , displayString = "No action required"   )
   case ActionRequired       extends CurationStatus(asString = "ACTION_REQUIRED"      , displayString = "Action required"      )

app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/VulnerabilitiesController.scala

@@ -53,7 +53,7 @@ class VulnerabilitiesController @Inject() (
     */
   def vulnerabilitiesList(
     vulnerability : Option[String]
-  , curationStatus: Option[String]
+  , curationStatus: Option[CurationStatus]
   , service       : Option[String]
   , team          : Option[TeamName]
   , flag          : Option[String]
@@ -82,16 +82,17 @@ class VulnerabilitiesController @Inject() (
     * @param flag for reverse routing
     */
   def vulnerabilitiesForServices(
-    team: Option[TeamName]
-  , flag: Option[String]
+    curationStatus: Option[CurationStatus]
+  , team          : Option[TeamName]
+  , flag          : Option[String]
   ): Action[AnyContent] =
     BasicAuthAction.async: request =>
       given MessagesRequest[AnyContent] = request
       import VulnerabilitiesCountFilter.form
       form
         .bindFromRequest()
         .fold(
-          formWithErrors => Future.successful(BadRequest(vulnerabilitiesForServicesPage(Seq.empty, Seq.empty, formWithErrors))),
+          formWithErrors => Future.successful(BadRequest(vulnerabilitiesForServicesPage(curationStatus.getOrElse(CurationStatus.ActionRequired), Seq.empty, Seq.empty, formWithErrors))),
           validForm =>
             for
               teams  <- teamsAndRepositoriesConnector.allTeams().map(_.sortBy(_.name.asString.toLowerCase))
@@ -100,7 +101,7 @@ class VulnerabilitiesController @Inject() (
                         , serviceName = None // Use listJS filters
                         , team        = validForm.team
                         )
-            yield Ok(vulnerabilitiesForServicesPage(counts, teams, form.fill(validForm)))
+            yield Ok(vulnerabilitiesForServicesPage(validForm.curationStatus, counts, teams, form.fill(validForm)))
         )
 
   /**
@@ -115,7 +116,7 @@ class VulnerabilitiesController @Inject() (
     service       : Option[ServiceName]
   , team          : Option[TeamName]
   , vulnerability : Option[String]
-  , curationStatus: Option[String]
+  , curationStatus: Option[CurationStatus]
   , from          : LocalDate
   , to            : LocalDate
   ): Action[AnyContent] =
@@ -167,18 +168,20 @@ object VulnerabilitiesExplorerFilter:
     )
 
 case class VulnerabilitiesCountFilter(
-  flag   : SlugInfoFlag        = SlugInfoFlag.Latest,
-  service: Option[ServiceName] = None,
-  team   : Option[TeamName]    = None,
+  flag          : SlugInfoFlag        = SlugInfoFlag.Latest,
+  service       : Option[ServiceName] = None,
+  team          : Option[TeamName]    = None,
+  curationStatus: CurationStatus
 )
 
 object VulnerabilitiesCountFilter:
   lazy val form: Form[VulnerabilitiesCountFilter] =
     Form(
       Forms.mapping(
-        "flag"    -> Forms.optional(Forms.of[SlugInfoFlag]).transform(_.getOrElse(SlugInfoFlag.Latest), Some.apply),
-        "service" -> Forms.optional(Forms.of[ServiceName]),
-        "team"    -> Forms.optional(Forms.of[TeamName]),
+        "flag"           -> Forms.optional(Forms.of[SlugInfoFlag]).transform(_.getOrElse(SlugInfoFlag.Latest), Some.apply),
+        "service"        -> Forms.optional(Forms.of[ServiceName]),
+        "team"           -> Forms.optional(Forms.of[TeamName]),
+        "curationStatus" -> Forms.optional(Forms.of[CurationStatus]).transform(_.getOrElse(CurationStatus.ActionRequired), Some.apply)
       )(VulnerabilitiesCountFilter.apply)(f => Some(Tuple.fromProductTyped(f)))
     )
 

app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/view/VulnerabilitiesForServicesPage.scala.html

@@ -21,12 +21,13 @@
 @this()
 
 
-@(vulnerabilities: Seq[TotalVulnerabilityCount],
-  teams          : Seq[GitHubTeam],
-  form           : Form[VulnerabilitiesCountFilter]
+@(curationStatus     : CurationStatus,
+  vulnerabilityCounts: Seq[TotalVulnerabilityCount],
+  teams              : Seq[GitHubTeam],
+  form               : Form[VulnerabilitiesCountFilter]
 )(implicit
-  messages       : Messages,
-  request        : RequestHeader
+  messages           : Messages,
+  request            : RequestHeader
 )
 
 @implicitField: FieldConstructor = @{ FieldConstructor(catalogueFieldConstructor.f) }
@@ -38,7 +39,7 @@ <h1 class="page-heading mt-4">Service Vulnerabilities</h1>
     <div id="service-list">
         <form id="form" method="get">
             <div class="row">
-                <div class="col-md-6">
+                <div class="col-md-5">
                     <dl>
                         <dt>
                             <label for="search" class="form-label">Service</label>
@@ -59,7 +60,7 @@ <h1 class="page-heading mt-4">Service Vulnerabilities</h1>
                         Symbol("class")       -> "form-select"
                     )
                 </div>
-                <div class="col-md-3">
+                <div class="col-md-2">
                     @select(
                         field                 =  form("flag"),
                         options               =  SlugInfoFlag.values.toSeq.filterNot(_ == SlugInfoFlag.ForEnvironment(Environment.Integration)).map(env => env.asString -> env.displayString),
@@ -69,20 +70,36 @@ <h1 class="page-heading mt-4">Service Vulnerabilities</h1>
                         Symbol("class")       -> "form-select"
                     )
                 </div>
+                <div class="col-md-2">
+                    @select(
+                        field                 =  form("curationStatus"),
+                        options               =  CurationStatus.values.toSeq.map(cs => cs.asString -> cs.displayString),
+                        Symbol("_label")      -> "Curation status:",
+                        Symbol("_labelClass") -> "form-label",
+                        Symbol("id")          -> "curation-status-filter",
+                        Symbol("class")       -> "form-select"
+                    )
+                </div>
             </div>
         </form>
         <table class="table table-striped sticky-header">
             <thead>
                 <tr>
                     <th class="col-6"><button class="sort no-border fw-bold" data-sort="service">Service</button></th>
-                    <th class="col-2 text-center"><button class="sort no-border fw-bold" data-sort="action-required">Action Required</button></th>
-                    <th class="col-2 text-center"><button class="sort no-border fw-bold" data-sort="investigation-ongoing">Investigation Ongoing</button></th>
-                    <th class="col-2 text-center"><button class="sort no-border fw-bold" data-sort="no-action-required">No Action Required</button></th>
-                    <th class="col-2 text-center"><button class="sort no-border fw-bold" data-sort="uncurated">Uncurated</button></th>
+                    <th class="col-2 text-center">
+                      <button class="sort no-border fw-bold" data-sort="count">
+                        @curationStatus match {
+                            case CurationStatus.ActionRequired       => { Action Required       }
+                            case CurationStatus.InvestigationOngoing => { Investigation Ongoing }
+                            case CurationStatus.NoActionRequired     => { No Action Required    }
+                            case CurationStatus.Uncurated            => { Uncurated             }
+                          }
+                      </button>
+                    </th>
                 </tr>
             </thead>
             <tbody class="list">
-                @vulnerabilities.map(vulnerabilitiesCountForService)
+                @vulnerabilityCounts.map(vulnerabilitiesCountForService)
             </tbody>
         </table>
     </div>
@@ -92,17 +109,24 @@ <h1 class="page-heading mt-4">Service Vulnerabilities</h1>
 @vulnerabilitiesCountForService(tvc: TotalVulnerabilityCount) = {
     <tr>
         <td><a class="service" id="[email protected]" href="@uk.gov.hmrc.cataloguefrontend.routes.CatalogueController.service(tvc.service)">@tvc.service.asString</a></td>
-        <td class="text-center"><a class="action-required" id="@tvc.service-action-required-vulnerabilities" href="@vulnerabilitiesListHref(tvc.service, CurationStatus.ActionRequired)">@tvc.actionRequired</a></td>
-        <td class="text-center"><a class="investigation-ongoing" id="@tvc.service-investigation-ongoing-vulnerabilities" href="@vulnerabilitiesListHref(tvc.service, CurationStatus.InvestigationOngoing)">@tvc.investigationOngoing</a></td>
-        <td class="text-center"><a class="no-action-required" id="@tvc.service-no-action-required-vulnerabilities" href="@vulnerabilitiesListHref(tvc.service, CurationStatus.NoActionRequired)">@tvc.noActionRequired</a></td>
-        <td class="text-center"><a class="uncurated" id="@tvc.service-uncurated-required-vulnerabilities" href="@vulnerabilitiesListHref(tvc.service, CurationStatus.Uncurated)">@tvc.uncurated</a></td>
+        <td class="text-center">
+          <a class="count" id="@tvc.service-count" href="@vulnerabilitiesListHref(tvc.service, curationStatus)">
+            @curationStatus match {
+                case CurationStatus.ActionRequired       => { @tvc.actionRequired       }
+                case CurationStatus.InvestigationOngoing => { @tvc.investigationOngoing }
+                case CurationStatus.NoActionRequired     => { @tvc.noActionRequired     }
+                case CurationStatus.Uncurated            => { @tvc.uncurated            }
+            }
+          </a>
+        </td>
+
     </tr>
 }
 
 @vulnerabilitiesListHref(service: ServiceName, curationStatus: CurationStatus) = {
      @uk.gov.hmrc.cataloguefrontend.vulnerabilities.routes.VulnerabilitiesController.vulnerabilitiesList(
         vulnerability  = None,
-        curationStatus = Some(curationStatus.asString),
+        curationStatus = Some(curationStatus),
         service        = Some(s"\"${service.asString}\""),
         team           = form("team").value.map(TeamName.apply),
         flag           = form("flag").value
@@ -113,12 +137,14 @@ <h1 class="page-heading mt-4">Service Vulnerabilities</h1>
 <!-- listjs configuration -->
 <script @CSPNonce.attr>
     let options = {
-        valueNames: [ 'service', 'action-required', 'investigation-ongoing', 'no-action-required', 'uncurated' ],
+        valueNames: [ 'service', 'count' ],
         searchColumns: ['service'],
         searchDelay: 350
     };
 
     let serviceList = new List('service-list', options);
+    serviceList.sort('service', { order: "asc"  });
+    serviceList.sort('count'  , { order: "desc" });
 
     let searchBox = document.getElementById("search");
     // set autofocus cursor to right of text in search box
@@ -129,7 +155,7 @@ <h1 class="page-heading mt-4">Service Vulnerabilities</h1>
     serviceList.search(searchBox.value);
 </script>
 <script @CSPNonce.attr>
-  ["team-filter", "flag-filter"]
+  ["team-filter", "flag-filter", "curation-status-filter"]
     .forEach(function(id) {
       document.getElementById(id).addEventListener("change", function() {
         document.getElementById("form").submit();

build.sbt

@@ -17,7 +17,8 @@ lazy val microservice = Project("catalogue-frontend", file("."))
       "uk.gov.hmrc.play.bootstrap.binders.RedirectUrl",
       "uk.gov.hmrc.cataloguefrontend.connector.BuildDeployApiConnector.PrototypeStatus",
       "uk.gov.hmrc.cataloguefrontend.createrepository.RepoType",
-      "uk.gov.hmrc.cataloguefrontend.servicemetrics.LogMetricId"
+      "uk.gov.hmrc.cataloguefrontend.servicemetrics.LogMetricId",
+      "uk.gov.hmrc.cataloguefrontend.vulnerabilities.CurationStatus"
     ),
     TwirlKeys.templateImports ++= Seq(
       "uk.gov.hmrc.cataloguefrontend.model._",
@@ -38,8 +39,8 @@ lazy val microservice = Project("catalogue-frontend", file("."))
     pipelineStages := Seq(digest)
   )
 
-val bootstrapPlayVersion = "9.7.0"
-val hmrcMongoVersion     = "2.3.0"
+val bootstrapPlayVersion = "9.8.0"
+val hmrcMongoVersion     = "2.5.0"
 
 val compile = Seq(
   caffeine,

conf/app.routes

@@ -132,9 +132,9 @@ GET        /deployment-timeline-select/:serviceName                        uk.go
 +nocsrf
 POST       /audit                                                          uk.gov.hmrc.cataloguefrontend.auditing.BrowserSideAuditingController.sendAudit()
 
-GET        /vulnerabilities                              uk.gov.hmrc.cataloguefrontend.vulnerabilities.VulnerabilitiesController.vulnerabilitiesList(vulnerability: Option[String] ?= None, curationStatus: Option[String] ?= None, service: Option[String] ?= None, team: Option[TeamName] ?= None, flag: Option[String] ?= None)
-GET        /vulnerabilities/services                     uk.gov.hmrc.cataloguefrontend.vulnerabilities.VulnerabilitiesController.vulnerabilitiesForServices(team: Option[TeamName] ?= None, flag: Option[String] ?= None)
-GET        /vulnerabilities/timeline                     uk.gov.hmrc.cataloguefrontend.vulnerabilities.VulnerabilitiesController.vulnerabilitiesTimeline(service: Option[ServiceName] ?= None, team: Option[TeamName] ?= None, vulnerability: Option[String] ?= None, curationStatus: Option[String] ?= None, from: java.time.LocalDate ?= java.time.LocalDate.now().minusMonths(6), to: java.time.LocalDate ?= java.time.LocalDate.now())
+GET        /vulnerabilities                              uk.gov.hmrc.cataloguefrontend.vulnerabilities.VulnerabilitiesController.vulnerabilitiesList(vulnerability: Option[String] ?= None, curationStatus: Option[CurationStatus] ?= None, service: Option[String] ?= None, team: Option[TeamName] ?= None, flag: Option[String] ?= None)
+GET        /vulnerabilities/services                     uk.gov.hmrc.cataloguefrontend.vulnerabilities.VulnerabilitiesController.vulnerabilitiesForServices(curationStatus: Option[CurationStatus] ?= None, team: Option[TeamName] ?= None, flag: Option[String] ?= None)
+GET        /vulnerabilities/timeline                     uk.gov.hmrc.cataloguefrontend.vulnerabilities.VulnerabilitiesController.vulnerabilitiesTimeline(service: Option[ServiceName] ?= None, team: Option[TeamName] ?= None, vulnerability: Option[String] ?= None, curationStatus: Option[CurationStatus] ?= None, from: java.time.LocalDate ?= java.time.LocalDate.now().minusMonths(6), to: java.time.LocalDate ?= java.time.LocalDate.now())
 
 GET        /users                                        uk.gov.hmrc.cataloguefrontend.users.UsersController.users
 GET        /users-search                                 uk.gov.hmrc.cataloguefrontend.users.UsersController.userSearch(query: String, includeDeleted: Boolean ?= false, includeNonHuman: Boolean ?= false)