Skip to content

metrics filters: improve handling when nothing matches the filters #12687

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
valentijnscholten merged 4 commits into from
Jun 26, 2025
Merged

metrics filters: improve handling when nothing matches the filters #12687

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ed6ee3c
metrics filters: improve handling when nothign matches the filters
valentijnscholten Jun 24, 2025
b66a21f
fix no endpoint data error
valentijnscholten Jun 24, 2025
97bb676
fix endpoints metrics test
valentijnscholten Jun 24, 2025
fb8f0da
fix test
valentijnscholten Jun 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions dojo/metrics/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@

import logging
import operator
from collections.abc import Callable
from datetime import date, datetime, timedelta
Expand Down Expand Up @@ -32,6 +33,8 @@
queryset_check,
)

logger = logging.getLogger(__name__)


def get_metrics_finding_filter_class() -> type[MetricsFindingFilter | MetricsFindingFilterWithoutObjectLookups]:
if get_system_setting("filter_string_matching", False):
Expand Down Expand Up @@ -62,14 +65,12 @@ def finding_queries(
findings_filter = finding_filter_class(request.GET, queryset=all_authorized_findings)
form = findings_filter.form
filtered_findings: QuerySet[Finding] = queryset_check(findings_filter)
# Quick check to determine if the filters were too tight and filtered everything away. If so, fall back to using all
# authorized Findings instead.
if not filtered_findings.exists() and all_authorized_findings.exists():
filtered_findings = all_authorized_findings

if not filtered_findings.exists():
messages.add_message(
request,
messages.ERROR,
_("All objects have been filtered away. Displaying all objects"),
messages.WARNING,
_("No findings match the current filters."),
extra_tags="alert-danger")

start_date, end_date = get_date_range(filtered_findings)
Expand Down Expand Up @@ -161,14 +162,13 @@ def endpoint_queries(
endpoints_qs = queryset_check(endpoints)

if not endpoints_qs.exists():
endpoints = endpoints_query
endpoints_qs = endpoints if isinstance(endpoints, QuerySet) else endpoints.qs
messages.add_message(
request,
messages.ERROR,
_("All objects have been filtered away. Displaying all objects"),
messages.WARNING,
_("No endpoints match the current filters."),
extra_tags="alert-danger")

endpoints = endpoints_qs
start_date, end_date = get_date_range(endpoints_qs)

if len(prod_type) > 0:
Expand Down
20 changes: 9 additions & 11 deletions dojo/product/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -364,7 +364,7 @@ def identify_view(request):
return "Finding"


def finding_querys(request, prod):
def finding_queries(request, prod):
filters = {}
findings_query = Finding.objects.filter(test__engagement__product=prod)
# prefetch only what's needed to avoid lots of repeated queries
Expand Down Expand Up @@ -433,7 +433,7 @@ def finding_querys(request, prod):
return filters


def endpoint_querys(request, prod):
def endpoint_queries(request, prod):
filters = {}
endpoints_query = Endpoint_Status.objects.filter(finding__test__engagement__product=prod,
finding__severity__in=(
Expand All @@ -449,13 +449,11 @@ def endpoint_querys(request, prod):
filters["form"] = endpoints.form

if not endpoints_qs and not endpoints_query:
endpoints = endpoints_query
endpoints_qs = queryset_check(endpoints)
messages.add_message(request,
messages.ERROR,
_("All objects have been filtered away. Displaying all objects"),
extra_tags="alert-danger")

messages.add_message(
request,
messages.WARNING,
_("No Endpoints match the current filters."),
extra_tags="alert-danger")
try:
start_date = endpoints_qs.earliest("date").date
start_date = datetime(start_date.year,
Expand Down Expand Up @@ -538,9 +536,9 @@ def view_product_metrics(request, pid):

filters = {}
if view == "Finding":
filters = finding_querys(request, prod)
filters = finding_queries(request, prod)
elif view == "Endpoint":
filters = endpoint_querys(request, prod)
filters = endpoint_queries(request, prod)

start_date = timezone.make_aware(datetime.combine(filters["start_date"], datetime.min.time()))
end_date = filters["end_date"]
Expand Down
12 changes: 8 additions & 4 deletions unittests/test_metrics_queries.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
from django.urls import reverse

from dojo.metrics import utils
from dojo.models import User
from dojo.models import Product_Type, User

from .dojo_test_case import DojoTestCase

Expand Down Expand Up @@ -184,10 +184,14 @@ def test_endpoint_queries_no_data(self):
[],
)

def test_endpoint_queries(self):
@patch("dojo.filters.now")
def test_endpoint_queries(self, mock_now):
fake_now = pytz.UTC.localize(datetime(2020, 7, 1))
mock_now.return_value = fake_now

# Queries over Finding and Endpoint_Status
with self.assertNumQueries(43):
product_types = []
with self.assertNumQueries(44):
product_types = Product_Type.objects.all()
endpoint_queries = utils.endpoint_queries(
product_types,
self.request,
Expand Down