Display the tab as disabled when no vulnerabilities found #95

Signed-off-by: tdruez <[email protected]>
aboutcode-org · Aug 30, 2024 · bf4758f · bf4758f
1 parent ff4a4a5
commit bf4758f
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 5 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -104,6 +104,9 @@ Release notes
   "Add Package".
   https://github.com/aboutcode-org/dejacode/issues/163
 
+- Add a Vulnerabilities tab in the Product details view.
+  https://github.com/aboutcode-org/dejacode/issues/95
+
 ### Version 5.1.0
 
 - Upgrade Python version to 3.12 and Django to 5.0.x

diff --git a/dje/templates/object_details_base.html b/dje/templates/object_details_base.html
@@ -77,8 +77,8 @@ <h1 class="header-title text-break">
   <nav role="navigation">
     <ul class="nav nav-tabs container px-3" id="details_tab" role="tablist">
       {% for tab_name, tab_context in tabsets.items %}
-        <li class="nav-item" role="presentation">
-          <button class="nav-link{% if forloop.first %} active{% endif %}" id="tab_{{ tab_name|slugify }}-tab" data-bs-toggle="tab" data-bs-target="#tab_{{ tab_name|slugify }}" type="button" role="tab" aria-controls="tab_{{ tab_name|slugify }}" aria-selected="{% if forloop.first %}true{% else %}false{% endif %}">
+        <li class="nav-item" role="presentation"{% if tab_context.tooltip %} data-bs-toggle="tooltip" title="{{ tab_context.tooltip }}"{% endif %}>
+          <button class="nav-link{% if forloop.first %} active{% endif %}" id="tab_{{ tab_name|slugify }}-tab" data-bs-toggle="tab" data-bs-target="#tab_{{ tab_name|slugify }}" type="button" role="tab" aria-controls="tab_{{ tab_name|slugify }}" aria-selected="{% if forloop.first %}true{% else %}false{% endif %}" {% if tab_context.disabled %}disabled="disabled"{% endif %}>
             {% if tab_context.label %}
               {{ tab_context.label }}
             {% else %}

diff --git a/product_portfolio/tests/test_views.py b/product_portfolio/tests/test_views.py
@@ -301,6 +301,30 @@ def test_product_portfolio_detail_view_tab_vulnerability_view_filters(self):
         expected = "?vulnerabilities-max_score=#vulnerabilities"
         self.assertContains(response, expected)
 
+    @mock.patch("dejacode_toolkit.vulnerablecode.VulnerableCode.is_configured")
+    def test_product_portfolio_detail_view_tab_vulnerability_label(self, mock_is_configured):
+        mock_is_configured.return_value = True
+        self.client.login(username="nexb_user", password="secret")
+        url = self.product1.get_absolute_url()
+        response = self.client.get(url)
+        self.assertNotContains(response, "tab_vulnerabilities")
+
+        self.dataspace.enable_vulnerablecodedb_access = True
+        self.dataspace.save()
+        response = self.client.get(url)
+        expected = 'aria-controls="tab_vulnerabilities" aria-selected="false" disabled="disabled"'
+        self.assertContains(response, expected)
+        expected = 'data-bs-toggle="tooltip" title="No vulnerabilities found in this Product"'
+        self.assertContains(response, expected)
+
+        package1 = make_package(self.dataspace, is_vulnerable=True)
+        ProductPackage.objects.create(
+            product=self.product1, package=package1, dataspace=self.dataspace
+        )
+        response = self.client.get(url)
+        expected = '<span class="badge badge-vulnerability">1</span>'
+        self.assertContains(response, expected)
+
     def test_product_portfolio_detail_view_object_type_filter_in_inventory_tab(self):
         self.client.login(username="nexb_user", password="secret")
 
@@ -409,7 +433,6 @@ def test_product_portfolio_detail_view_review_status_filter_in_inventory_tab(sel
         self.assertContains(response, component2.name)
         self.assertContains(response, self.package1.filename)
 
-        # <a href="?inventory-review_status=" class="dropdown-item active">All</a>
         self.assertContains(
             response,
             '<a href="?inventory-review_status=#inventory" class="dropdown-item active">All</a>',

diff --git a/product_portfolio/views.py b/product_portfolio/views.py
@@ -533,8 +533,14 @@ def tab_vulnerabilities(self):
 
         vulnerability_qs = self.object.get_vulnerability_qs()
         vulnerability_count = vulnerability_qs.count()
-        if not vulnerability_count:  # TODO: Display tab as disabled instead
-            return
+        if not vulnerability_count:
+            label = 'Vulnerabilities <span class="badge bg-secondary">0</span>'
+            return {
+                "label": format_html(label),
+                "fields": [],
+                "disabled": True,
+                "tooltip": "No vulnerabilities found in this Product",
+            }
 
         label = (
             f'Vulnerabilities <span class="badge badge-vulnerability">{vulnerability_count}</span>'