[7.9] [Security Solution] add an excess validation instead of the exa…

…ct match (elastic#76472) (elastic#76637)

* [Security Solution] add an excess validation instead of the exact match (elastic#76472)

* add an excess validation instead of the exact match

* fix readble type + unit test

* review I

* remove buildRouteValidation to use buildRouteValidationWithExcess

* fix test

x-pack/plugins/security_solution/server/lib/timeline/routes/__mocks__/request_responses.ts

@@ -3,8 +3,9 @@
  * or more contributor license agreements. Licensed under the Elastic License;
  * you may not use this file except in compliance with the Elastic License.
  */
+
+import path, { join, resolve } from 'path';
 import * as rt from 'io-ts';
-import stream from 'stream';
 
 import {
   TIMELINE_DRAFT_URL,
@@ -20,8 +21,8 @@ import { requestMock } from '../../../detection_engine/routes/__mocks__';
 import { updateTimelineSchema } from '../schemas/update_timelines_schema';
 import { createTimelineSchema } from '../schemas/create_timelines_schema';
 import { GetTimelineByIdSchemaQuery } from '../schemas/get_timeline_by_id_schema';
+import { getReadables } from '../utils/common';
 
-const readable = new stream.Readable();
 export const getExportTimelinesRequest = () =>
   requestMock.create({
     method: 'get',
@@ -34,15 +35,20 @@ export const getExportTimelinesRequest = () =>
     },
   });
 
-export const getImportTimelinesRequest = (filename?: string) =>
-  requestMock.create({
+export const getImportTimelinesRequest = async (fileName?: string) => {
+  const dir = resolve(join(__dirname, '../../../detection_engine/rules/prepackaged_timelines'));
+  const file = fileName ?? 'index.ndjson';
+  const dataPath = path.join(dir, file);
+  const readable = await getReadables(dataPath);
+  return requestMock.create({
     method: 'post',
     path: TIMELINE_IMPORT_URL,
     query: { overwrite: false },
     body: {
-      file: { ...readable, hapi: { filename: filename ?? 'filename.ndjson' } },
+      file: { ...readable, hapi: { filename: file } },
     },
   });
+};
 
 export const inputTimeline: SavedTimeline = {
   columns: [

x-pack/plugins/security_solution/server/lib/timeline/routes/clean_draft_timelines_route.ts

@@ -11,7 +11,7 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes
 import { TIMELINE_DRAFT_URL } from '../../../../common/constants';
 import { buildFrameworkRequest } from './utils/common';
 import { SetupPlugins } from '../../../plugin';
-import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
+import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
 import { getDraftTimeline, resetTimeline, getTimeline, persistTimeline } from '../saved_object';
 import { draftTimelineDefaults } from '../default_timeline';
 import { cleanDraftTimelineSchema } from './schemas/clean_draft_timelines_schema';
@@ -26,7 +26,7 @@ export const cleanDraftTimelinesRoute = (
     {
       path: TIMELINE_DRAFT_URL,
       validate: {
-        body: buildRouteValidation(cleanDraftTimelineSchema),
+        body: buildRouteValidationWithExcess(cleanDraftTimelineSchema),
       },
       options: {
         tags: ['access:securitySolution'],

x-pack/plugins/security_solution/server/lib/timeline/routes/create_timelines_route.ts

@@ -9,7 +9,7 @@ import { TIMELINE_URL } from '../../../../common/constants';
 
 import { ConfigType } from '../../..';
 import { SetupPlugins } from '../../../plugin';
-import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
+import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
 
 import { transformError, buildSiemResponse } from '../../detection_engine/routes/utils';
 
@@ -31,7 +31,7 @@ export const createTimelinesRoute = (
     {
       path: TIMELINE_URL,
       validate: {
-        body: buildRouteValidation(createTimelineSchema),
+        body: buildRouteValidationWithExcess(createTimelineSchema),
       },
       options: {
         tags: ['access:securitySolution'],

x-pack/plugins/security_solution/server/lib/timeline/routes/export_timelines_route.test.ts

@@ -96,7 +96,7 @@ describe('export timelines', () => {
       const result = server.validate(request);
 
       expect(result.badRequest.mock.calls[0][0]).toEqual(
-        'Invalid value "undefined" supplied to "file_name"'
+        'Invalid value {"id":"someId"}, excess properties: ["id"]'
       );
     });
 
@@ -110,7 +110,7 @@ describe('export timelines', () => {
       const result = server.validate(request);
 
       expect(result.badRequest.mock.calls[0][0]).toEqual(
-        'Invalid value "someId" supplied to "ids",Invalid value "someId" supplied to "ids",Invalid value "{"ids":"someId"}" supplied to "(Partial<{ ids: (Array<string> | null) }> | null)"'
+        'Invalid value "someId" supplied to "ids",Invalid value "someId" supplied to "ids"'
       );
     });
   });

x-pack/plugins/security_solution/server/lib/timeline/routes/export_timelines_route.ts

@@ -14,7 +14,7 @@ import {
   exportTimelinesQuerySchema,
   exportTimelinesRequestBodySchema,
 } from './schemas/export_timelines_schema';
-import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
+import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
 import { buildFrameworkRequest } from './utils/common';
 import { SetupPlugins } from '../../../plugin';
 
@@ -27,8 +27,8 @@ export const exportTimelinesRoute = (
     {
       path: TIMELINE_EXPORT_URL,
       validate: {
-        query: buildRouteValidation(exportTimelinesQuerySchema),
-        body: buildRouteValidation(exportTimelinesRequestBodySchema),
+        query: buildRouteValidationWithExcess(exportTimelinesQuerySchema),
+        body: buildRouteValidationWithExcess(exportTimelinesRequestBodySchema),
       },
       options: {
         tags: ['access:securitySolution'],

x-pack/plugins/security_solution/server/lib/timeline/routes/get_draft_timelines_route.ts

@@ -10,7 +10,7 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes
 import { TIMELINE_DRAFT_URL } from '../../../../common/constants';
 import { buildFrameworkRequest } from './utils/common';
 import { SetupPlugins } from '../../../plugin';
-import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
+import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
 import { getDraftTimeline, persistTimeline } from '../saved_object';
 import { draftTimelineDefaults } from '../default_timeline';
 import { getDraftTimelineSchema } from './schemas/get_draft_timelines_schema';
@@ -24,7 +24,7 @@ export const getDraftTimelinesRoute = (
     {
       path: TIMELINE_DRAFT_URL,
       validate: {
-        query: buildRouteValidation(getDraftTimelineSchema),
+        query: buildRouteValidationWithExcess(getDraftTimelineSchema),
       },
       options: {
         tags: ['access:securitySolution'],

x-pack/plugins/security_solution/server/lib/timeline/routes/get_timeline_route.ts

@@ -10,7 +10,7 @@ import { TIMELINE_URL } from '../../../../common/constants';
 
 import { ConfigType } from '../../..';
 import { SetupPlugins } from '../../../plugin';
-import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
+import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
 
 import { buildSiemResponse, transformError } from '../../detection_engine/routes/utils';
 
@@ -28,7 +28,7 @@ export const getTimelineRoute = (
   router.get(
     {
       path: `${TIMELINE_URL}`,
-      validate: { query: buildRouteValidation(getTimelineByIdSchemaQuery) },
+      validate: { query: buildRouteValidationWithExcess(getTimelineByIdSchemaQuery) },
       options: {
         tags: ['access:securitySolution'],
       },