From 9e6c368f7a799d1be35cd0bdc53a7944ac30d0e1 Mon Sep 17 00:00:00 2001
From: Joseph Schorr <josephschorr@users.noreply.github.com>
Date: Wed, 1 Mar 2017 16:11:11 -0500
Subject: [PATCH] Make QSS multiple notification messaging nicer

---
 endpoints/notificationevent.py | 11 +++++++++--
 test/test_secscan.py           |  4 ++--
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/endpoints/notificationevent.py b/endpoints/notificationevent.py
index 0e8e805dd..cbba64fd0 100644
--- a/endpoints/notificationevent.py
+++ b/endpoints/notificationevent.py
@@ -169,8 +169,15 @@ class VulnerabilityFoundEvent(NotificationEvent):
   def get_summary(self, event_data, notification_data):
     multiple_vulns = event_data.get(VulnerabilityFoundEvent.MULTIPLE_VULNERABILITY_KEY)
     if multiple_vulns is not None:
-      msg = '%s vulnerabilities were detected in repository %s in %s tags'
-      return msg % (len(multiple_vulns), event_data['repository'], len(event_data['tags']))
+      top_priority = multiple_vulns[0].get('priority', 'Unknown')
+      matching = [v for v in multiple_vulns if v.get('priority', 'Unknown') == top_priority]
+
+      msg = '%s %s' % (len(matching), top_priority)
+      if len(matching) < len(multiple_vulns):
+        msg += ' and %s more' % (len(multiple_vulns) - len(matching))
+
+      msg += ' vulnerabilities were detected in repository %s in %s tags'
+      return msg % (event_data['repository'], len(event_data['tags']))
     else:
       msg = '%s vulnerability detected in repository %s in %s tags'
       return msg % (event_data['vulnerability']['priority'], event_data['repository'],
diff --git a/test/test_secscan.py b/test/test_secscan.py
index aec0e55fd..cc29e5d74 100644
--- a/test/test_secscan.py
+++ b/test/test_secscan.py
@@ -353,8 +353,8 @@ class TestSecurityScanner(unittest.TestCase):
 
       # Ensure we get the correct event message out as well.
       event = VulnerabilityFoundEvent()
-      self.assertEquals('2 vulnerabilities were detected in repository devtable/simple in 2 tags',
-                        event.get_summary(body['event_data'], {}))
+      msg = '1 Low and 1 more vulnerabilities were detected in repository devtable/simple in 2 tags'
+      self.assertEquals(msg, event.get_summary(body['event_data'], {}))
     else:
       self.assertIsNone(queue_item)