trustification · queria · Jun 5, 2025 · Jun 4, 2025
diff --git a/tests/common/assets/csaf/cve-2024-26308.json.bz2 b/tests/common/assets/csaf/cve-2024-26308.json.bz2
diff --git a/tests/common/constants.ts b/tests/common/constants.ts
@@ -69,4 +69,5 @@ export const ADVISORY_FILES = [
   "cve-2023-4853.json.bz2",
   "cve-2023-20860.json.bz2",
   "cve-2023-28867.json.bz2",
+  "cve-2024-26308.json.bz2",
 ];
diff --git a/tests/ui/features/@vulnerability-explorer/vulnerability-explorer.feature b/tests/ui/features/@vulnerability-explorer/vulnerability-explorer.feature
@@ -2,6 +2,22 @@ Feature: Vulnerability Explorer - View Vulnerability details
     Background: Authentication
         Given User is authenticated
 
+    # Search for vulnerability
+
+    # Vulnerability Explorer
+    Scenario: Display an overview of a vulnerability
+        Given User visits Vulnerability details Page of "<vulnerabilityID>"
+        Then The page title is "<vulnerabilityID>"
+        Then The severity is "<severityDescription>" and the CVSS score is "<severityScore>"
+        Then The description begins with "<descriptionBeginsWith>"
+        Then The Reserved date is "<dateReserved>", the Published date is "<datePublished>" and Last modified date is "<dateLastModified>"
+
+        Examples:
+            | vulnerabilityID | severityDescription | severityScore | descriptionBeginsWith         | dateReserved | datePublished | dateLastModified |
+            # | CVE-2023-1664   | Medium              | 6.5           | A flaw was found in Keycloak. | Mar 27, 2023 | May 26, 2023  | Jan 15, 2025     |
+            | CVE-2024-26308 | Unknown              |               | Apache Commons Compress | Feb 17, 2024 | Feb 19, 2024  | Aug 02, 2024     |
+
+    # Related products / SBOMs
     Scenario Outline: View related SBOMs
         Given User visits Vulnerability details Page of "<vulnerabilityID>"
         When Tab "Related SBOMs" is visible
@@ -15,6 +31,7 @@ Feature: Vulnerability Explorer - View Vulnerability details
             | vulnerabilityID | sbomName    |
             | CVE-2023-1664   | quarkus-bom |
 
+    # Related advisories
     Scenario Outline: View related Advisories
         Given User visits Vulnerability details Page of "<vulnerabilityID>"
         Then The page title is "<vulnerabilityID>"

diff --git a/tests/ui/features/@vulnerability-explorer/vulnerability-explorer.step.ts b/tests/ui/features/@vulnerability-explorer/vulnerability-explorer.step.ts
@@ -1,6 +1,7 @@
 import { createBdd } from "playwright-bdd";
 import { ToolbarTable } from "../../helpers/ToolbarTable";
 import { SearchPage } from "../../helpers/SearchPage";
+import { expect } from "@playwright/test";
 
 export const { Given, When, Then } = createBdd();
 
@@ -16,6 +17,55 @@ Given(
   }
 );
 
+// Vulnerability Explorer
+Then(
+  "The severity is {string} and the CVSS score is {string}",
+  async ({ page }, severityDescription, severityScore) => {
+    if (severityDescription == "Unknown") {
+      var severity = `${severityDescription}`;
+    } else {
+      var severity = `${severityDescription}(${severityScore})`;
+    }
+    await expect(page.getByText(severity).first()).toBeVisible();
+  }
+);
+
+Then(
+  "The description begins with {string}",
+  async ({ page }, descriptionBeginsWith) => {
+    await expect(
+      page.getByRole("paragraph").filter({ hasText: descriptionBeginsWith })
+    ).toBeVisible();
+  }
+);
+
+Then(
+  "The Reserved date is {string}, the Published date is {string} and Last modified date is {string}",
+  async ({ page }, dateReserved, datePublished, dateLastModified) => {
+    await expect(
+      page
+        .locator(".pf-v6-c-description-list > div:nth-child(1)")
+        .filter({ hasText: "Reserved" })
+        .filter({ hasText: dateReserved })
+        .first()
+    ).toBeVisible();
+    await expect(
+      page
+        .locator(".pf-v6-c-description-list > div:nth-child(2)")
+        .filter({ hasText: "Published" })
+        .filter({ hasText: datePublished })
+        .first()
+    ).toBeVisible();
+    await expect(
+      page
+        .locator(".pf-v6-c-description-list > div:nth-child(3)")
+        .filter({ hasText: "Modified" })
+        .filter({ hasText: dateLastModified })
+        .first()
+    ).toBeVisible();
+  }
+);
+
 // SBOMS
 
 Then("The SBOMs table is sorted by {string}", async ({ page }, columnName) => {

diff --git a/tests/ui/features/vulnerability-explorer.feature b/tests/ui/features/vulnerability-explorer.feature
@@ -8,7 +8,7 @@ Background:
     And User has successfully uploaded a vulnerability dataset
     And User has successfully uploaded an advisory dataset
 
-# Vulnerabilities Explorer
+# Search
 Scenario: Navigating to the Vulnerability Explorer page by selecting it from the list of all vulnerabilities
     Given User is on the Home page
     When User clicks on the Search button in the menu
@@ -32,19 +32,20 @@ Scenario: Navigating to the Vulnerability Explorer page by filtering vulnerabili
     And User selects an Vulnerability returned by the filter
     Then The Vulnerability Explorer page should display
 
+# Vulnerabilities Explorer
 Scenario: Display an overview of a vulnerability
     Given User is on the Home page
     When User navigates to the Vulnerabilities Explorer page
     Then CVE name, CVSS score and CVE description should be visible
-    And "Show more" button is visible for vulnerabilities with a long descriptions
+    # And "Show more" button is visible for vulnerabilities with a long descriptions 
     And Vulnerability metadata Reserved, Last Published Date and Last Modified should be visible
-    And Download button should be visible
+    # And Download button should be visible
 
-Scenario: Download a vulnerability CVE from the Vulnerability Explorer page
-    Given User is on the Home page
-    When User navigates to the Vulnerabilities Explorer page
-    And User clicks the Download button
-    Then The vulnerability CVE should download as a JSON file
+# Scenario: Download a vulnerability CVE from the Vulnerability Explorer page
+#     Given User is on the Home page
+#     When User navigates to the Vulnerabilities Explorer page
+#     And User clicks the Download button
+#     Then The vulnerability CVE should download as a JSON file
 
 # Vulnerability-related Products
 Scenario: Display a list of products related to a single vulnerability

diff --git a/tests/ui/steps/details-page.ts b/tests/ui/steps/details-page.ts
@@ -3,9 +3,9 @@ import { DetailsPage } from "../helpers/DetailsPage";
 
 export const { Given, When, Then } = createBdd();
 
-Then("The page title is {string}", async ({ page }, sbomName) => {
+Then("The page title is {string}", async ({ page }, title) => {
   const pageWithTabs = new DetailsPage(page);
-  await pageWithTabs.verifyPageHeader(sbomName);
+  await pageWithTabs.verifyPageHeader(title);
 });
 
 Then("Tab {string} is selected", async ({ page }, tabName) => {