From ed6ee3c584df7f77eb5b3a53b4ebb00ab97a6d46 Mon Sep 17 00:00:00 2001
From: Valentijn Scholten <valentijnscholten@gmail.com>
Date: Tue, 24 Jun 2025 21:56:34 +0200
Subject: [PATCH 1/4] metrics filters: improve handling when nothign matches
 the filters

---
 dojo/metrics/utils.py | 16 ++++++----------
 dojo/product/views.py | 20 +++++++++-----------
 2 files changed, 15 insertions(+), 21 deletions(-)

diff --git a/dojo/metrics/utils.py b/dojo/metrics/utils.py
index 9647f84c7f9..9d5052b1959 100644
--- a/dojo/metrics/utils.py
+++ b/dojo/metrics/utils.py
@@ -62,14 +62,12 @@ def finding_queries(
     findings_filter = finding_filter_class(request.GET, queryset=all_authorized_findings)
     form = findings_filter.form
     filtered_findings: QuerySet[Finding] = queryset_check(findings_filter)
-    # Quick check to determine if the filters were too tight and filtered everything away. If so, fall back to using all
-    # authorized Findings instead.
-    if not filtered_findings.exists() and all_authorized_findings.exists():
-        filtered_findings = all_authorized_findings
+
+    if not filtered_findings.exists():
         messages.add_message(
             request,
-            messages.ERROR,
-            _("All objects have been filtered away. Displaying all objects"),
+            messages.WARNING,
+            _("No findings match the current filters."),
             extra_tags="alert-danger")
 
     start_date, end_date = get_date_range(filtered_findings)
@@ -161,12 +159,10 @@ def endpoint_queries(
     endpoints_qs = queryset_check(endpoints)
 
     if not endpoints_qs.exists():
-        endpoints = endpoints_query
-        endpoints_qs = endpoints if isinstance(endpoints, QuerySet) else endpoints.qs
         messages.add_message(
             request,
-            messages.ERROR,
-            _("All objects have been filtered away. Displaying all objects"),
+            messages.WARNING,
+            _("No endpoints match the current filters."),
             extra_tags="alert-danger")
 
     start_date, end_date = get_date_range(endpoints_qs)
diff --git a/dojo/product/views.py b/dojo/product/views.py
index 736b7b5ec7e..2552d79dc48 100644
--- a/dojo/product/views.py
+++ b/dojo/product/views.py
@@ -364,7 +364,7 @@ def identify_view(request):
     return "Finding"
 
 
-def finding_querys(request, prod):
+def finding_queries(request, prod):
     filters = {}
     findings_query = Finding.objects.filter(test__engagement__product=prod)
     # prefetch only what's needed to avoid lots of repeated queries
@@ -433,7 +433,7 @@ def finding_querys(request, prod):
     return filters
 
 
-def endpoint_querys(request, prod):
+def endpoint_queries(request, prod):
     filters = {}
     endpoints_query = Endpoint_Status.objects.filter(finding__test__engagement__product=prod,
                                                      finding__severity__in=(
@@ -449,13 +449,11 @@ def endpoint_querys(request, prod):
     filters["form"] = endpoints.form
 
     if not endpoints_qs and not endpoints_query:
-        endpoints = endpoints_query
-        endpoints_qs = queryset_check(endpoints)
-        messages.add_message(request,
-                             messages.ERROR,
-                             _("All objects have been filtered away. Displaying all objects"),
-                             extra_tags="alert-danger")
-
+        messages.add_message(
+            request,
+            messages.WARNING,
+            _("No Endpoints match the current filters."),
+            extra_tags="alert-danger")
     try:
         start_date = endpoints_qs.earliest("date").date
         start_date = datetime(start_date.year,
@@ -538,9 +536,9 @@ def view_product_metrics(request, pid):
 
     filters = {}
     if view == "Finding":
-        filters = finding_querys(request, prod)
+        filters = finding_queries(request, prod)
     elif view == "Endpoint":
-        filters = endpoint_querys(request, prod)
+        filters = endpoint_queries(request, prod)
 
     start_date = timezone.make_aware(datetime.combine(filters["start_date"], datetime.min.time()))
     end_date = filters["end_date"]

From b66a21f9c61485c107a01df1b347a9707a64b53b Mon Sep 17 00:00:00 2001
From: Valentijn Scholten <valentijnscholten@gmail.com>
Date: Tue, 24 Jun 2025 22:27:38 +0200
Subject: [PATCH 2/4] fix no endpoint data error

---
 dojo/metrics/utils.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dojo/metrics/utils.py b/dojo/metrics/utils.py
index 9d5052b1959..9d9dd66f7d1 100644
--- a/dojo/metrics/utils.py
+++ b/dojo/metrics/utils.py
@@ -159,6 +159,7 @@ def endpoint_queries(
     endpoints_qs = queryset_check(endpoints)
 
     if not endpoints_qs.exists():
+        endpoints = endpoints_qs
         messages.add_message(
             request,
             messages.WARNING,

From 97bb6769bdf41af818c0e4b89625f3d4efafa9d1 Mon Sep 17 00:00:00 2001
From: Valentijn Scholten <valentijnscholten@gmail.com>
Date: Tue, 24 Jun 2025 22:51:08 +0200
Subject: [PATCH 3/4] fix endpoints metrics test

---
 dojo/metrics/utils.py             |  5 ++++-
 unittests/test_metrics_queries.py | 10 +++++++---
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/dojo/metrics/utils.py b/dojo/metrics/utils.py
index 9d9dd66f7d1..cf3e2813e13 100644
--- a/dojo/metrics/utils.py
+++ b/dojo/metrics/utils.py
@@ -1,4 +1,5 @@
 
+import logging
 import operator
 from collections.abc import Callable
 from datetime import date, datetime, timedelta
@@ -32,6 +33,8 @@
     queryset_check,
 )
 
+logger = logging.getLogger(__name__)
+
 
 def get_metrics_finding_filter_class() -> type[MetricsFindingFilter | MetricsFindingFilterWithoutObjectLookups]:
     if get_system_setting("filter_string_matching", False):
@@ -159,13 +162,13 @@ def endpoint_queries(
     endpoints_qs = queryset_check(endpoints)
 
     if not endpoints_qs.exists():
-        endpoints = endpoints_qs
         messages.add_message(
             request,
             messages.WARNING,
             _("No endpoints match the current filters."),
             extra_tags="alert-danger")
 
+    endpoints = endpoints_qs
     start_date, end_date = get_date_range(endpoints_qs)
 
     if len(prod_type) > 0:
diff --git a/unittests/test_metrics_queries.py b/unittests/test_metrics_queries.py
index 68dd1f43fee..17b57871bed 100644
--- a/unittests/test_metrics_queries.py
+++ b/unittests/test_metrics_queries.py
@@ -8,7 +8,7 @@
 from django.urls import reverse
 
 from dojo.metrics import utils
-from dojo.models import User
+from dojo.models import Product_Type, User
 
 from .dojo_test_case import DojoTestCase
 
@@ -184,10 +184,14 @@ def test_endpoint_queries_no_data(self):
             [],
         )
 
-    def test_endpoint_queries(self):
+    @patch("dojo.filters.now")
+    def test_endpoint_queries(self, mock_now):
+        fake_now = pytz.UTC.localize(datetime(2020, 7, 1))
+        mock_now.return_value = fake_now
+
         # Queries over Finding and Endpoint_Status
         with self.assertNumQueries(43):
-            product_types = []
+            product_types = Product_Type.objects.all()
             endpoint_queries = utils.endpoint_queries(
                 product_types,
                 self.request,

From fb8f0da8e051b9709c0117ee6fa4d2747afef5ea Mon Sep 17 00:00:00 2001
From: Valentijn Scholten <valentijnscholten@gmail.com>
Date: Wed, 25 Jun 2025 08:25:50 +0200
Subject: [PATCH 4/4] fix test

---
 unittests/test_metrics_queries.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/unittests/test_metrics_queries.py b/unittests/test_metrics_queries.py
index 17b57871bed..e72b08d8a2b 100644
--- a/unittests/test_metrics_queries.py
+++ b/unittests/test_metrics_queries.py
@@ -190,7 +190,7 @@ def test_endpoint_queries(self, mock_now):
         mock_now.return_value = fake_now
 
         # Queries over Finding and Endpoint_Status
-        with self.assertNumQueries(43):
+        with self.assertNumQueries(44):
             product_types = Product_Type.objects.all()
             endpoint_queries = utils.endpoint_queries(
                 product_types,