Skip to content

Commit

Permalink
[Security Solution][Exceptions] - Update rule.exceptions_list to incl…
Browse files Browse the repository at this point in the history 
…ude exception list list_id (elastic#73349)

## Summary

This PR addresses the following:
- Adds `list_id` to `rule.exceptions_list` - this is needed in a number of features
- Updated `getExceptions` in `x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts` to use the latest exception item find endpoint that accepts an array of lists (previously was looping through lists and conducting a `find` for each)
- Updated prepackaged rule that makes reference to global endpoint list to include `list_id`
- Updates `formatAboutStepData` in `x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts` to include exception list `list_id`
  • Loading branch information
@yctercero
yctercero committed Jul 29, 2020
1 parent 14602ef commit 5c9b87d
Show file tree
Hide file tree
Showing 21 changed files with 122 additions and 137 deletions.
28 changes: 21 additions & 7 deletions x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,9 @@ describe('useExceptionList', () => {
useExceptionList({
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'myListId', listId: 'list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
pagination: {
page: 1,
Expand Down Expand Up @@ -76,7 +78,9 @@ describe('useExceptionList', () => {
useExceptionList({
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'myListId', listId: 'list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
onSuccess: onSuccessMock,
pagination: {
Expand Down Expand Up @@ -131,7 +135,9 @@ describe('useExceptionList', () => {
initialProps: {
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'myListId', listId: 'list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
onSuccess: onSuccessMock,
pagination: {
Expand All @@ -146,7 +152,9 @@ describe('useExceptionList', () => {
rerender({
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'newListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'newListId', listId: 'new_list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
onSuccess: onSuccessMock,
pagination: {
Expand All @@ -173,7 +181,9 @@ describe('useExceptionList', () => {
useExceptionList({
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'myListId', listId: 'list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
pagination: {
page: 1,
Expand Down Expand Up @@ -210,7 +220,9 @@ describe('useExceptionList', () => {
useExceptionList({
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'myListId', listId: 'list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
pagination: {
page: 1,
Expand Down Expand Up @@ -238,7 +250,9 @@ describe('useExceptionList', () => {
useExceptionList({
filterOptions: { filter: '', tags: [] },
http: mockKibanaHttpService,
lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }],
lists: [
{ id: 'myListId', listId: 'list_id', namespaceType: 'single', type: 'detection' },
],
onError: onErrorMock,
pagination: {
page: 1,
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/lists/public/exceptions/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ export interface UseExceptionListProps {

export interface ExceptionIdentifiers {
id: string;
listId: string;
namespaceType: NamespaceType;
type: ExceptionListType;
}
Expand Down
5 changes: 4 additions & 1 deletion ...rity_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1446,11 +1446,13 @@ describe('add prepackaged rules schema', () => {
exceptions_list: [
{
id: 'some_uuid',
list_id: 'list_id_single',
namespace_type: 'single',
type: 'detection',
},
{
id: 'some_uuid',
id: 'endpoint_list',
list_id: 'endpoint_list',
namespace_type: 'agnostic',
type: 'endpoint',
},
Expand Down Expand Up @@ -1535,6 +1537,7 @@ describe('add prepackaged rules schema', () => {
const checked = exactCheck(payload, decoded);
const message = pipe(checked, foldLeftRight);
expect(getPaths(left(message.errors))).toEqual([
'Invalid value "undefined" supplied to "exceptions_list,list_id"',
'Invalid value "undefined" supplied to "exceptions_list,type"',
'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"',
]);
Expand Down
5 changes: 4 additions & 1 deletion ...ins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1513,11 +1513,13 @@ describe('create rules schema', () => {
exceptions_list: [
{
id: 'some_uuid',
list_id: 'list_id_single',
namespace_type: 'single',
type: 'detection',
},
{
id: 'some_uuid',
id: 'endpoint_list',
list_id: 'endpoint_list',
namespace_type: 'agnostic',
type: 'endpoint',
},
Expand Down Expand Up @@ -1600,6 +1602,7 @@ describe('create rules schema', () => {
const checked = exactCheck(payload, decoded);
const message = pipe(checked, foldLeftRight);
expect(getPaths(left(message.errors))).toEqual([
'Invalid value "undefined" supplied to "exceptions_list,list_id"',
'Invalid value "undefined" supplied to "exceptions_list,type"',
'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"',
]);
Expand Down
5 changes: 4 additions & 1 deletion ...ins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1642,11 +1642,13 @@ describe('import rules schema', () => {
exceptions_list: [
{
id: 'some_uuid',
list_id: 'list_id_single',
namespace_type: 'single',
type: 'detection',
},
{
id: 'some_uuid',
id: 'endpoint_list',
list_id: 'endpoint_list',
namespace_type: 'agnostic',
type: 'endpoint',
},
Expand Down Expand Up @@ -1730,6 +1732,7 @@ describe('import rules schema', () => {
const checked = exactCheck(payload, decoded);
const message = pipe(checked, foldLeftRight);
expect(getPaths(left(message.errors))).toEqual([
'Invalid value "undefined" supplied to "exceptions_list,list_id"',
'Invalid value "undefined" supplied to "exceptions_list,type"',
'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"',
]);
Expand Down
5 changes: 4 additions & 1 deletion ...gins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1176,11 +1176,13 @@ describe('patch_rules_schema', () => {
exceptions_list: [
{
id: 'some_uuid',
list_id: 'list_id_single',
namespace_type: 'single',
type: 'detection',
},
{
id: 'some_uuid',
id: 'endpoint_list',
list_id: 'endpoint_list',
namespace_type: 'agnostic',
type: 'endpoint',
},
Expand Down Expand Up @@ -1251,6 +1253,7 @@ describe('patch_rules_schema', () => {
const checked = exactCheck(payload, decoded);
const message = pipe(checked, foldLeftRight);
expect(getPaths(left(message.errors))).toEqual([
'Invalid value "undefined" supplied to "exceptions_list,list_id"',
'Invalid value "undefined" supplied to "exceptions_list,type"',
'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"',
'Invalid value "[{"id":"uuid_here","namespace_type":"not a namespace type"}]" supplied to "exceptions_list"',
Expand Down
5 changes: 4 additions & 1 deletion ...ins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1448,11 +1448,13 @@ describe('update rules schema', () => {
exceptions_list: [
{
id: 'some_uuid',
list_id: 'list_id_single',
namespace_type: 'single',
type: 'detection',
},
{
id: 'some_uuid',
id: 'endpoint_list',
list_id: 'endpoint_list',
namespace_type: 'agnostic',
type: 'endpoint',
},
Expand Down Expand Up @@ -1534,6 +1536,7 @@ describe('update rules schema', () => {
const checked = exactCheck(payload, decoded);
const message = pipe(checked, foldLeftRight);
expect(getPaths(left(message.errors))).toEqual([
'Invalid value "undefined" supplied to "exceptions_list,list_id"',
'Invalid value "undefined" supplied to "exceptions_list,type"',
'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"',
]);
Expand Down
9 changes: 6 additions & 3 deletions x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,20 @@
* you may not use this file except in compliance with the Elastic License.
*/
import { List, ListArray } from './lists';
import { ENDPOINT_LIST_ID } from '../../../shared_imports';

export const getListMock = (): List => ({
id: 'some_uuid',
list_id: 'list_id_single',
namespace_type: 'single',
type: 'detection',
});

export const getListAgnosticMock = (): List => ({
id: 'some_uuid',
export const getEndpointListMock = (): List => ({
id: ENDPOINT_LIST_ID,
list_id: ENDPOINT_LIST_ID,
namespace_type: 'agnostic',
type: 'endpoint',
});

export const getListArrayMock = (): ListArray => [getListMock(), getListAgnosticMock()];
export const getListArrayMock = (): ListArray => [getListMock(), getEndpointListMock()];
10 changes: 5 additions & 5 deletions x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { left } from 'fp-ts/lib/Either';

import { foldLeftRight, getPaths } from '../../../test_utils';

import { getListAgnosticMock, getListMock, getListArrayMock } from './lists.mock';
import { getEndpointListMock, getListMock, getListArrayMock } from './lists.mock';
import {
List,
ListArray,
Expand All @@ -31,7 +31,7 @@ describe('Lists', () => {
});

test('it should validate a list with "namespace_type" of "agnostic"', () => {
const payload = getListAgnosticMock();
const payload = getEndpointListMock();
const decoded = list.decode(payload);
const message = pipe(decoded, foldLeftRight);

Expand Down Expand Up @@ -91,7 +91,7 @@ describe('Lists', () => {
const message = pipe(decoded, foldLeftRight);

expect(getPaths(left(message.errors))).toEqual([
'Invalid value "1" supplied to "Array<{| id: string, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}>"',
'Invalid value "1" supplied to "Array<{| id: NonEmptyString, list_id: NonEmptyString, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}>"',
]);
expect(message.schema).toEqual({});
});
Expand Down Expand Up @@ -122,8 +122,8 @@ describe('Lists', () => {
const message = pipe(decoded, foldLeftRight);

expect(getPaths(left(message.errors))).toEqual([
'Invalid value "1" supplied to "(Array<{| id: string, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}> | undefined)"',
'Invalid value "[1]" supplied to "(Array<{| id: string, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}> | undefined)"',
'Invalid value "1" supplied to "(Array<{| id: NonEmptyString, list_id: NonEmptyString, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}> | undefined)"',
'Invalid value "[1]" supplied to "(Array<{| id: NonEmptyString, list_id: NonEmptyString, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}> | undefined)"',
]);
expect(message.schema).toEqual({});
});
Expand Down
5 changes: 4 additions & 1 deletion x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,12 @@ import * as t from 'io-ts';

import { exceptionListType, namespaceType } from '../../../shared_imports';

import { NonEmptyString } from './non_empty_string';

export const list = t.exact(
t.type({
id: t.string,
id: NonEmptyString,
list_id: NonEmptyString,
type: exceptionListType,
namespace_type: namespaceType,
})
Expand Down
1 change: 1 addition & 0 deletions ..._solution/public/common/components/exceptions/use_fetch_or_create_rule_exception_list.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ export const useFetchOrCreateRuleExceptionList = ({

const newExceptionListReference = {
id: newExceptionList.id,
list_id: newExceptionList.list_id,
type: newExceptionList.type,
namespace_type: newExceptionList.namespace_type,
};
Expand Down
2 changes: 2 additions & 0 deletions x-pack/plugins/security_solution/public/common/components/exceptions/viewer/index.test.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ describe('ExceptionsViewer', () => {
exceptionListsMeta={[
{
id: '5b543420',
listId: 'list_id',
type: 'endpoint',
namespaceType: 'single',
},
Expand Down Expand Up @@ -124,6 +125,7 @@ describe('ExceptionsViewer', () => {
exceptionListsMeta={[
{
id: '5b543420',
listId: 'list_id',
type: 'endpoint',
namespaceType: 'single',
},
Expand Down
2 changes: 0 additions & 2 deletions x-pack/plugins/security_solution/public/common/components/exceptions/viewer/index.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,8 +176,6 @@ const ExceptionsViewerComponent = ({

const handleEditException = useCallback(
(exception: ExceptionListItemSchema): void => {
// TODO: Added this just for testing. Update
// modal state logic as needed once ready
dispatch({
type: 'updateExceptionToEdit',
exception,
Expand Down
7 changes: 0 additions & 7 deletions ...ns/security_solution/public/detections/pages/detection_engine/rules/all/__mocks__/mock.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@

import { esFilters } from '../../../../../../../../../../src/plugins/data/public';
import { Rule, RuleError } from '../../../../../containers/detection_engine/rules';
import { List } from '../../../../../../../common/detection_engine/schemas/types';
import { AboutStepRule, ActionsStepRule, DefineStepRule, ScheduleStepRule } from '../../types';
import { FieldValueQueryBar } from '../../../../../components/rules/query_bar';
import { fillEmptySeverityMappings } from '../../helpers';
Expand Down Expand Up @@ -242,9 +241,3 @@ export const mockRules: Rule[] = [
mockRule('abe6c564-050d-45a5-aaf0-386c37dd1f61'),
mockRule('63f06f34-c181-4b2d-af35-f2ace572a1ee'),
];

export const mockExceptionsList: List = {
namespace_type: 'single',
id: '75cd4380-cc5e-11ea-9101-5b34f44aeb44',
type: 'detection',
};
Loading

0 comments on commit 5c9b87d

Please sign in to comment.