display evidences and risky description if analysis is system passed …

…and has findings
appknox · Jul 12, 2024 · ef40752 · ef40752
1 parent aca4472
commit ef40752
Show file tree

Hide file tree

Showing 5 changed files with 214 additions and 46 deletions.
diff --git a/app/components/file-details/vulnerability-analysis-details/index.hbs b/app/components/file-details/vulnerability-analysis-details/index.hbs
@@ -102,8 +102,8 @@
       </AkTypography>
     </AkStack>
 
-    {{#if (or @analysis.isRisky @analysis.isOverriddenAsPassed)}}
-      {{#if (and (eq @analysis.cvssVersion 3) @analysis.cvssVector)}}
+    {{#if this.showAnalysisContent}}
+      {{#if this.showCVSSContent}}
         <div local-class='analysis-section'>
           <AkStack data-test-analysisDetails-regulatory='cvssv3'>
             <AkTypography
@@ -155,42 +155,48 @@
         </div>
       {{/if}}
 
-      <div
-        local-class='analysis-section'
-        data-test-analysisDetails-vulnerabilityContainer
-      >
-        <AkTypography
-          data-test-analysisDetails-vulnerabilityTitle
-          @variant='subtitle1'
-          @gutterBottom={{true}}
+      {{#if this.showFindings}}
+        <div
+          local-class='analysis-section'
+          data-test-analysisDetails-vulnerabilityContainer
         >
-          {{t 'vulnerability'}}
-        </AkTypography>
-
-        <div class='my-2'>
-          {{#each @analysis.findings as |finding idx|}}
-            {{#if finding.title}}
-              <AkTypography
-                data-test-analysisDetails-vulFindingTitle='{{idx}}'
-                local-class='analysis-content-value'
-              >
-                {{finding.title}}
-              </AkTypography>
+          <AkTypography
+            data-test-analysisDetails-vulnerabilityTitle
+            @variant='subtitle1'
+            @gutterBottom={{true}}
+          >
+            {{#if (and @analysis.isRiskPassedBySystem this.hasFindings)}}
+              {{t 'evidences'}}
+            {{else}}
+              {{t 'vulnerability'}}
             {{/if}}
+          </AkTypography>
 
-            <div local-class='vulnerabiliy-finding-container'>
-              <pre
-                data-test-analysisDetails-vulFindingDescription='{{idx}}'
-                local-class='vulnerabiliy-finding-description'
-              >
-                {{finding.description}}
-              </pre>
-            </div>
-          {{/each}}
+          <div class='my-2'>
+            {{#each @analysis.findings as |finding idx|}}
+              {{#if finding.title}}
+                <AkTypography
+                  data-test-analysisDetails-vulFindingTitle='{{idx}}'
+                  local-class='analysis-content-value'
+                >
+                  {{finding.title}}
+                </AkTypography>
+              {{/if}}
+
+              <div local-class='vulnerabiliy-finding-container'>
+                <pre
+                  data-test-analysisDetails-vulFindingDescription='{{idx}}'
+                  local-class='vulnerabiliy-finding-description'
+                >
+                  {{finding.description}}
+                </pre>
+              </div>
+            {{/each}}
+          </div>
         </div>
-      </div>
+      {{/if}}
 
-      {{#if @analysis.vulnerability.compliant}}
+      {{#if this.showCompliantSolution}}
         <AkStack
           local-class='analysis-section'
           @direction='column'
@@ -213,7 +219,7 @@
         </AkStack>
       {{/if}}
 
-      {{#if @analysis.vulnerability.nonCompliant}}
+      {{#if this.showNonCompliantSolution}}
         <AkStack
           local-class='analysis-section'
           @direction='column'
@@ -236,7 +242,7 @@
         </AkStack>
       {{/if}}
 
-      {{#if this.hasRegulatoryContent}}
+      {{#if this.showRegulatoryContent}}
         <AkStack
           local-class='analysis-section analysis-regulatory-section'
           @direction='column'
@@ -282,7 +288,7 @@
         </AkStack>
       {{/if}}
 
-      {{#if @analysis.vulnerability.businessImplication}}
+      {{#if this.showBusinessImplications}}
         <AkStack
           local-class='analysis-section'
           @direction='column'

diff --git a/app/components/file-details/vulnerability-analysis-details/index.ts b/app/components/file-details/vulnerability-analysis-details/index.ts
@@ -152,8 +152,11 @@ export default class FileDetailsVulnerabilityAnalysisDetailsComponent extends Co
     ];
   }
 
-  get hasRegulatoryContent() {
-    return this.regulatoryContent.some((it) => it.hasContent);
+  get showRegulatoryContent() {
+    return (
+      this.regulatoryContent.some((it) => it.hasContent) &&
+      !this.analysis.isRiskPassedBySystem
+    );
   }
 
   get vulnerability() {
@@ -169,13 +172,62 @@ export default class FileDetailsVulnerabilityAnalysisDetailsComponent extends Co
       return htmlSafe(this.vulnerability.get?.('question') || '');
     }
 
-    if (this.analysis.isRisky || this.analysis.isOverriddenAsPassed) {
+    if (
+      this.analysis.isRisky ||
+      this.analysis.isOverriddenAsPassed ||
+      (this.analysis.isRiskPassedBySystem && this.hasFindings)
+    ) {
       return this.vulnerability.get?.('descriptionUnescapedd');
     }
 
     return htmlSafe(this.vulnerability.get?.('successMessage') || '');
   }
 
+  get showAnalysisContent() {
+    return (
+      this.analysis.isRiskPassedBySystem ||
+      this.analysis.isRisky ||
+      this.analysis.isOverriddenAsPassed
+    );
+  }
+
+  get showCVSSContent() {
+    return (
+      this.analysis.cvssVersion === 3 &&
+      this.analysis.cvssVector &&
+      !this.analysis.isRiskPassedBySystem
+    );
+  }
+
+  get showCompliantSolution() {
+    return (
+      this.analysis.vulnerability.get('compliant') &&
+      !this.analysis.isRiskPassedBySystem
+    );
+  }
+
+  get showNonCompliantSolution() {
+    return (
+      this.analysis.vulnerability.get('nonCompliant') &&
+      !this.analysis.isRiskPassedBySystem
+    );
+  }
+
+  get hasFindings() {
+    return this.analysis.findings.length > 0;
+  }
+
+  get showFindings() {
+    return this.showAnalysisContent && this.hasFindings;
+  }
+
+  get showBusinessImplications() {
+    return (
+      this.analysis.vulnerability.get('businessImplication') &&
+      !this.analysis.isRiskPassedBySystem
+    );
+  }
+
   get businessImplication() {
     return htmlSafe(this.vulnerability.get?.('businessImplication') || '');
   }