fix(metrics): prevent 500 on Critical Asset Metrics page when no critical products exist#15057
Open
valentijnscholten wants to merge 2 commits into
Open
Conversation
valentijnscholten
force-pushed
the
fix-critical-asset-metrics-500
branch
from
9ca1a17 to
0d90e36
Compare
valentijnscholten
force-pushed
the
fix-critical-asset-metrics-500
branch
from
0d90e36 to
01e8e14
Compare
…ical products exist (DefectDojo#15051) When no product types are marked critical, the empty critical_prods queryset is falsy, so the metrics template fell through its '{% if not critical_prods %}' general-dashboard branch, which references context (max_findings_details, findings, ...) that the critical_product_metrics view does not supply, raising VariableDoesNotExist for 'max_findings_details'. Gate the dashboard branches on 'name != labels.ASSET_METRICS_CRITICAL_LABEL' too, mirroring the existing header branch, so the critical asset page shows the 'no critical assets' message instead of the general dashboard. Applied to both the V3 and classic metrics templates. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…#15051) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #15051
/critical_asset_metricsreturned a 500 when no product types are marked critical.Root cause
critical_product_metricsrendersdojo/metrics.htmlpassing onlyname,critical_prods, andurl_prefix. When there are no critical product types,critical_prodsis an empty queryset — which is falsy. The template's general-dashboard section is gated only on{% if not critical_prods %}, so the empty queryset makes it render the full metrics dashboard, which references context the view never supplies (max_findings_details,findings, …). That raises:The header section already distinguishes the critical page correctly via
{% elif name == labels.ASSET_METRICS_CRITICAL_LABEL %}; the dashboard gates just didn't.Fix
Gate the dashboard branches on
name != labels.ASSET_METRICS_CRITICAL_LABELas well, in both the V3 (dojo/templates/dojo/metrics.html) and classic (dojo/templates_classic/dojo/metrics.html) templates. On the critical asset page with no critical products, the existing "No Critical Assets registered" message is shown instead of the (broken) general dashboard.Tests
Adds
unittests/test_metrics_critical_asset.py:test_no_critical_product_types— reproduces Impossible to access /critical_asset_metrics #15051 (fails with the exactVariableDoesNotExistbefore this change, passes after).test_with_critical_product_type— page renders with a critical product type present.🤖 Generated with Claude Code