From 001be677119622c45e3ce7b6e49b2332d6b4f36e Mon Sep 17 00:00:00 2001 From: Yara Tercero Date: Thu, 2 Jul 2020 17:05:44 -0400 Subject: [PATCH] updated rule exception list param to also include list type --- .../common/schemas/common/schemas.test.ts | 33 ++++++++++++++++++- .../lists/common/schemas/common/schemas.ts | 9 +++-- .../lists/public/exceptions/api.test.ts | 2 +- .../hooks/use_exception_list.test.ts | 14 ++++---- .../exceptions/hooks/use_exception_list.ts | 10 ++++-- .../plugins/lists/public/exceptions/types.ts | 3 +- .../create_exception_list_item.ts | 4 +-- .../update_exception_list_item.ts | 4 +-- .../detection_engine/lists_common_deps.ts | 2 +- .../add_prepackged_rules_schema.test.ts | 3 ++ .../request/create_rules_schema.test.ts | 3 ++ .../request/import_rules_schema.test.ts | 3 ++ .../request/patch_rules_schema.test.ts | 3 ++ .../request/update_rules_schema.test.ts | 3 ++ .../schemas/types/lists.mock.ts | 2 ++ .../schemas/types/lists.test.ts | 8 ++--- .../detection_engine/schemas/types/lists.ts | 3 +- .../detection_engine/rules/details/index.tsx | 3 +- .../common/components/exceptions/types.ts | 6 ++++ .../viewer/exception_item/index.tsx | 16 ++++----- .../viewer/exceptions_viewer_items.tsx | 10 +++--- .../components/exceptions/viewer/index.tsx | 4 +-- .../components/exceptions/viewer/reducer.ts | 6 ++-- .../scripts/rules/patches/update_list.json | 3 +- .../rules/queries/query_with_list.json | 8 ++++- .../scripts/rules/updates/update_list.json | 4 ++- 26 files changed, 122 insertions(+), 47 deletions(-) diff --git a/x-pack/plugins/lists/common/schemas/common/schemas.test.ts b/x-pack/plugins/lists/common/schemas/common/schemas.test.ts index d426a91e71b9..f08f98d56913 100644 --- a/x-pack/plugins/lists/common/schemas/common/schemas.test.ts +++ b/x-pack/plugins/lists/common/schemas/common/schemas.test.ts @@ -9,7 +9,7 @@ import { left } from 'fp-ts/lib/Either'; import { foldLeftRight, getPaths } from '../../siem_common_deps'; -import { operator, operator_type as operatorType } from './schemas'; +import { exceptionListType, operator, operator_type as operatorType } from './schemas'; describe('Common schemas', () => { describe('operatorType', () => { @@ -91,4 +91,35 @@ describe('Common schemas', () => { expect(keys.length).toEqual(2); }); }); + + describe('exceptionListType', () => { + test('it should validate for "detection"', () => { + const payload = 'detection'; + const decoded = exceptionListType.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should validate for "endpoint"', () => { + const payload = 'endpoint'; + const decoded = exceptionListType.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should contain 2 keys', () => { + // Might seem like a weird test, but its meant to + // ensure that if exceptionListType is updated, you + // also update the ExceptionListTypeEnum, a workaround + // for io-ts not yet supporting enums + // https://github.com/gcanti/io-ts/issues/67 + const keys = Object.keys(exceptionListType.keys); + + expect(keys.length).toEqual(2); + }); + }); }); diff --git a/x-pack/plugins/lists/common/schemas/common/schemas.ts b/x-pack/plugins/lists/common/schemas/common/schemas.ts index a91f487cfa27..257d75a65e6d 100644 --- a/x-pack/plugins/lists/common/schemas/common/schemas.ts +++ b/x-pack/plugins/lists/common/schemas/common/schemas.ts @@ -73,15 +73,20 @@ export type _Tags = t.TypeOf; export const _tagsOrUndefined = t.union([_tags, t.undefined]); export type _TagsOrUndefined = t.TypeOf; -// TODO: Change this into a t.keyof enumeration when we know what types of lists we going to have. -export const exceptionListType = t.string; +export const exceptionListType = t.keyof({ detection: null, endpoint: null }); export const exceptionListTypeOrUndefined = t.union([exceptionListType, t.undefined]); export type ExceptionListType = t.TypeOf; export type ExceptionListTypeOrUndefined = t.TypeOf; +export enum ExceptionListTypeEnum { + DETECTION = 'detection', + ENDPOINT = 'endpoint', +} // TODO: Change this into a t.keyof enumeration when we know what types of lists we going to have. export const exceptionListItemType = t.string; +export const exceptionListItemTypeOrUndefined = t.union([exceptionListItemType, t.undefined]); export type ExceptionListItemType = t.TypeOf; +export type ExceptionListItemTypeOrUndefined = t.TypeOf; export const list_type = t.keyof({ item: null, list: null }); export type ListType = t.TypeOf; diff --git a/x-pack/plugins/lists/public/exceptions/api.test.ts b/x-pack/plugins/lists/public/exceptions/api.test.ts index 975641b9bebe..cd54c24e95e2 100644 --- a/x-pack/plugins/lists/public/exceptions/api.test.ts +++ b/x-pack/plugins/lists/public/exceptions/api.test.ts @@ -342,7 +342,7 @@ describe('Exceptions Lists API', () => { }); test('it returns error if response payload fails decode', async () => { - const badPayload = getExceptionListItemSchemaMock(); + const badPayload = getExceptionListSchemaMock(); delete badPayload.id; fetchMock.mockResolvedValue(badPayload); diff --git a/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.test.ts b/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.test.ts index ae93ad75781c..918397d01ce2 100644 --- a/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.test.ts +++ b/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.test.ts @@ -41,7 +41,7 @@ describe('useExceptionList', () => { useExceptionList({ filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'myListId', namespaceType: 'single' }], + lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, pagination: { page: 1, @@ -76,7 +76,7 @@ describe('useExceptionList', () => { useExceptionList({ filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'myListId', namespaceType: 'single' }], + lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, onSuccess: onSuccessMock, pagination: { @@ -131,7 +131,7 @@ describe('useExceptionList', () => { initialProps: { filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'myListId', namespaceType: 'single' }], + lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, onSuccess: onSuccessMock, pagination: { @@ -146,7 +146,7 @@ describe('useExceptionList', () => { rerender({ filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'newListId', namespaceType: 'single' }], + lists: [{ id: 'newListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, onSuccess: onSuccessMock, pagination: { @@ -173,7 +173,7 @@ describe('useExceptionList', () => { useExceptionList({ filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'myListId', namespaceType: 'single' }], + lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, pagination: { page: 1, @@ -210,7 +210,7 @@ describe('useExceptionList', () => { useExceptionList({ filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'myListId', namespaceType: 'single' }], + lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, pagination: { page: 1, @@ -238,7 +238,7 @@ describe('useExceptionList', () => { useExceptionList({ filterOptions: { filter: '', tags: [] }, http: mockKibanaHttpService, - lists: [{ id: 'myListId', namespaceType: 'single' }], + lists: [{ id: 'myListId', namespaceType: 'single', type: 'detection' }], onError: onErrorMock, pagination: { page: 1, diff --git a/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.ts b/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.ts index f0e3c3c28ad7..c639dcff8b53 100644 --- a/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.ts +++ b/x-pack/plugins/lists/public/exceptions/hooks/use_exception_list.ts @@ -8,7 +8,7 @@ import { useEffect, useMemo, useRef, useState } from 'react'; import { fetchExceptionListById, fetchExceptionListItemsByListId } from '../api'; import { ExceptionIdentifiers, ExceptionList, Pagination, UseExceptionListProps } from '../types'; -import { ExceptionListItemSchema } from '../../../common/schemas'; +import { ExceptionListItemSchema, NamespaceType } from '../../../common/schemas'; type Func = () => void; export type ReturnExceptionListAndItems = [ @@ -73,7 +73,13 @@ export const useExceptionList = ({ let exceptions: ExceptionListItemSchema[] = []; let exceptionListsReturned: ExceptionList[] = []; - const fetchData = async ({ id, namespaceType }: ExceptionIdentifiers): Promise => { + const fetchData = async ({ + id, + namespaceType, + }: { + id: string; + namespaceType: NamespaceType; + }): Promise => { try { setLoading(true); diff --git a/x-pack/plugins/lists/public/exceptions/types.ts b/x-pack/plugins/lists/public/exceptions/types.ts index 658d2dbad066..1b4e09b07f1d 100644 --- a/x-pack/plugins/lists/public/exceptions/types.ts +++ b/x-pack/plugins/lists/public/exceptions/types.ts @@ -9,6 +9,7 @@ import { CreateExceptionListSchema, ExceptionListItemSchema, ExceptionListSchema, + ExceptionListType, NamespaceType, Page, PerPage, @@ -60,7 +61,7 @@ export interface UseExceptionListProps { export interface ExceptionIdentifiers { id: string; namespaceType: NamespaceType; - type?: string; + type: ExceptionListType; } export interface ApiCallByListIdProps { diff --git a/x-pack/plugins/lists/server/services/exception_lists/create_exception_list_item.ts b/x-pack/plugins/lists/server/services/exception_lists/create_exception_list_item.ts index a84283aeabbb..a731371a6ffa 100644 --- a/x-pack/plugins/lists/server/services/exception_lists/create_exception_list_item.ts +++ b/x-pack/plugins/lists/server/services/exception_lists/create_exception_list_item.ts @@ -12,8 +12,8 @@ import { Description, EntriesArray, ExceptionListItemSchema, + ExceptionListItemType, ExceptionListSoSchema, - ExceptionListType, ItemId, ListId, MetaOrUndefined, @@ -43,7 +43,7 @@ interface CreateExceptionListItemOptions { user: string; tags: Tags; tieBreaker?: string; - type: ExceptionListType; + type: ExceptionListItemType; } export const createExceptionListItem = async ({ diff --git a/x-pack/plugins/lists/server/services/exception_lists/update_exception_list_item.ts b/x-pack/plugins/lists/server/services/exception_lists/update_exception_list_item.ts index 5578063fd9b6..2059c730d809 100644 --- a/x-pack/plugins/lists/server/services/exception_lists/update_exception_list_item.ts +++ b/x-pack/plugins/lists/server/services/exception_lists/update_exception_list_item.ts @@ -10,8 +10,8 @@ import { DescriptionOrUndefined, EntriesArrayOrUndefined, ExceptionListItemSchema, + ExceptionListItemTypeOrUndefined, ExceptionListSoSchema, - ExceptionListTypeOrUndefined, IdOrUndefined, ItemIdOrUndefined, MetaOrUndefined, @@ -43,7 +43,7 @@ interface UpdateExceptionListItemOptions { user: string; tags: TagsOrUndefined; tieBreaker?: string; - type: ExceptionListTypeOrUndefined; + type: ExceptionListItemTypeOrUndefined; } export const updateExceptionListItem = async ({ diff --git a/x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts b/x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts index a8b177f587a4..0499fdd1ac8d 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { EntriesArray, namespaceType } from '../../../lists/common/schemas'; +export { EntriesArray, exceptionListType, namespaceType } from '../../../lists/common/schemas'; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts index 0c45a7b1ef6b..5fd2c3dbbf89 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts @@ -1447,10 +1447,12 @@ describe('add prepackaged rules schema', () => { { id: 'some_uuid', namespace_type: 'single', + type: 'detection', }, { id: 'some_uuid', namespace_type: 'agnostic', + type: 'endpoint', }, ], }; @@ -1533,6 +1535,7 @@ describe('add prepackaged rules schema', () => { const checked = exactCheck(payload, decoded); const message = pipe(checked, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "exceptions_list,type"', 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', ]); expect(message.schema).toEqual({}); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts index e529cf3fa555..71f396495624 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts @@ -1514,10 +1514,12 @@ describe('create rules schema', () => { { id: 'some_uuid', namespace_type: 'single', + type: 'detection', }, { id: 'some_uuid', namespace_type: 'agnostic', + type: 'endpoint', }, ], }; @@ -1598,6 +1600,7 @@ describe('create rules schema', () => { const checked = exactCheck(payload, decoded); const message = pipe(checked, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "exceptions_list,type"', 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', ]); expect(message.schema).toEqual({}); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts index bbf0a8debd65..828626ef26d6 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts @@ -1643,10 +1643,12 @@ describe('import rules schema', () => { { id: 'some_uuid', namespace_type: 'single', + type: 'detection', }, { id: 'some_uuid', namespace_type: 'agnostic', + type: 'endpoint', }, ], }; @@ -1728,6 +1730,7 @@ describe('import rules schema', () => { const checked = exactCheck(payload, decoded); const message = pipe(checked, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "exceptions_list,type"', 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', ]); expect(message.schema).toEqual({}); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts index 81a17df43daf..e75aff1abe3e 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts @@ -1177,10 +1177,12 @@ describe('patch_rules_schema', () => { { id: 'some_uuid', namespace_type: 'single', + type: 'detection', }, { id: 'some_uuid', namespace_type: 'agnostic', + type: 'endpoint', }, ], }; @@ -1249,6 +1251,7 @@ describe('patch_rules_schema', () => { const checked = exactCheck(payload, decoded); const message = pipe(checked, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "exceptions_list,type"', 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', 'Invalid value "[{"id":"uuid_here","namespace_type":"not a namespace type"}]" supplied to "exceptions_list"', ]); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts index c15803eee874..d18d2d91b963 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts @@ -1449,10 +1449,12 @@ describe('update rules schema', () => { { id: 'some_uuid', namespace_type: 'single', + type: 'detection', }, { id: 'some_uuid', namespace_type: 'agnostic', + type: 'endpoint', }, ], }; @@ -1532,6 +1534,7 @@ describe('update rules schema', () => { const checked = exactCheck(payload, decoded); const message = pipe(checked, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "exceptions_list,type"', 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', ]); expect(message.schema).toEqual({}); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts index d76e2ac78f3d..0b22d95a7327 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts @@ -7,11 +7,13 @@ import { List, ListArray } from './lists'; export const getListMock = (): List => ({ id: 'some_uuid', + type: 'detection', namespace_type: 'single', }); export const getListAgnosticMock = (): List => ({ id: 'some_uuid', + type: 'endpoint', namespace_type: 'agnostic', }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts index 657a4b479f16..56ee4630996f 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts @@ -30,7 +30,7 @@ describe('Lists', () => { expect(message.schema).toEqual(payload); }); - test('it should validate a list with "namespace_type" of"agnostic"', () => { + test('it should validate a list with "namespace_type" of "agnostic"', () => { const payload = getListAgnosticMock(); const decoded = list.decode(payload); const message = pipe(decoded, foldLeftRight); @@ -91,7 +91,7 @@ describe('Lists', () => { const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ - 'Invalid value "1" supplied to "Array<{| id: string, namespace_type: "agnostic" | "single" |}>"', + 'Invalid value "1" supplied to "Array<{| id: string, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}>"', ]); expect(message.schema).toEqual({}); }); @@ -122,8 +122,8 @@ describe('Lists', () => { const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ - 'Invalid value "1" supplied to "(Array<{| id: string, namespace_type: "agnostic" | "single" |}> | undefined)"', - 'Invalid value "[1]" supplied to "(Array<{| id: string, namespace_type: "agnostic" | "single" |}> | undefined)"', + 'Invalid value "1" supplied to "(Array<{| id: string, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}> | undefined)"', + 'Invalid value "[1]" supplied to "(Array<{| id: string, type: "detection" | "endpoint", namespace_type: "agnostic" | "single" |}> | undefined)"', ]); expect(message.schema).toEqual({}); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts index 07be038ff352..cadc32a37a05 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts @@ -6,11 +6,12 @@ import * as t from 'io-ts'; -import { namespaceType } from '../../lists_common_deps'; +import { exceptionListType, namespaceType } from '../../lists_common_deps'; export const list = t.exact( t.type({ id: t.string, + type: exceptionListType, namespace_type: namespaceType, }) ); diff --git a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx index 8364ff05d5b2..1d7b333243aa 100644 --- a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx +++ b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx @@ -256,9 +256,10 @@ export const RuleDetailsPageComponent: FC = ({ const exceptionLists = useMemo((): ExceptionIdentifiers[] => { if (rule != null && rule.exceptions_list != null) { - return rule.exceptions_list.map(({ id, namespace_type }) => ({ + return rule.exceptions_list.map(({ id, namespace_type, type }) => ({ id, namespaceType: namespace_type, + type, })); } else { return []; diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/types.ts b/x-pack/plugins/security_solution/public/common/components/exceptions/types.ts index d5a0afe47c48..887a37ff84db 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/types.ts +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/types.ts @@ -11,10 +11,16 @@ import { Entry, ExceptionListItemSchema, CreateExceptionListItemSchema, + NamespaceType, OperatorTypeEnum, OperatorEnum, } from '../../../lists_plugin_deps'; +export interface ExceptionListItemIdentifiers { + id: string; + namespaceType: NamespaceType; +} + export interface FormattedEntry { fieldName: string; operator: string | undefined; diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item/index.tsx b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item/index.tsx index 6072437bbf4b..3b85c6741a48 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item/index.tsx +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item/index.tsx @@ -18,11 +18,8 @@ import styled from 'styled-components'; import { ExceptionDetails } from './exception_details'; import { ExceptionEntries } from './exception_entries'; import { getFormattedEntries, getFormattedComments } from '../../helpers'; -import { FormattedEntry } from '../../types'; -import { - ExceptionIdentifiers, - ExceptionListItemSchema, -} from '../../../../../../public/lists_plugin_deps'; +import { FormattedEntry, ExceptionListItemIdentifiers } from '../../types'; +import { ExceptionListItemSchema } from '../../../../../../public/lists_plugin_deps'; const MyFlexItem = styled(EuiFlexItem)` &.comments--show { @@ -32,10 +29,10 @@ const MyFlexItem = styled(EuiFlexItem)` `; interface ExceptionItemProps { - loadingItemIds: ExceptionIdentifiers[]; + loadingItemIds: ExceptionListItemIdentifiers[]; exceptionItem: ExceptionListItemSchema; commentsAccordionId: string; - onDeleteException: (arg: ExceptionIdentifiers) => void; + onDeleteException: (arg: ExceptionListItemIdentifiers) => void; onEditException: (item: ExceptionListItemSchema) => void; } @@ -55,7 +52,10 @@ const ExceptionItemComponent = ({ }, [exceptionItem.entries]); const handleDelete = useCallback((): void => { - onDeleteException({ id: exceptionItem.id, namespaceType: exceptionItem.namespace_type }); + onDeleteException({ + id: exceptionItem.id, + namespaceType: exceptionItem.namespace_type, + }); }, [onDeleteException, exceptionItem.id, exceptionItem.namespace_type]); const handleEdit = useCallback((): void => { diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exceptions_viewer_items.tsx b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exceptions_viewer_items.tsx index 63137a7b2489..b5e778da69bc 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exceptions_viewer_items.tsx +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exceptions_viewer_items.tsx @@ -11,10 +11,8 @@ import styled from 'styled-components'; import * as i18n from '../translations'; import { ExceptionItem } from './exception_item'; import { AndOrBadge } from '../../and_or_badge'; -import { - ExceptionIdentifiers, - ExceptionListItemSchema, -} from '../../../../../public/lists_plugin_deps'; +import { ExceptionListItemSchema } from '../../../../../public/lists_plugin_deps'; +import { ExceptionListItemIdentifiers } from '../types'; const MyFlexItem = styled(EuiFlexItem)` margin: ${({ theme }) => `${theme.eui.euiSize} 0`}; @@ -37,9 +35,9 @@ interface ExceptionsViewerItemsProps { showEmpty: boolean; isInitLoading: boolean; exceptions: ExceptionListItemSchema[]; - loadingItemIds: ExceptionIdentifiers[]; + loadingItemIds: ExceptionListItemIdentifiers[]; commentsAccordionId: string; - onDeleteException: (arg: ExceptionIdentifiers) => void; + onDeleteException: (arg: ExceptionListItemIdentifiers) => void; onEditExceptionItem: (item: ExceptionListItemSchema) => void; } diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/index.tsx b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/index.tsx index 68a1e7220979..ea28bd848e3e 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/index.tsx +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/index.tsx @@ -205,8 +205,8 @@ const ExceptionsViewerComponent = ({ ); const handleDeleteException = useCallback( - ({ id, namespaceType }: ExceptionIdentifiers) => { - setLoadingItemIds([{ id, namespaceType }]); + ({ id, namespaceType, type }: ExceptionIdentifiers) => { + setLoadingItemIds([{ id, namespaceType, type }]); deleteExceptionItem({ id, diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/reducer.ts b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/reducer.ts index 1f9a4fb446ab..f6716482f50f 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/reducer.ts +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/reducer.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { FilterOptions, ExceptionsPagination } from '../types'; +import { FilterOptions, ExceptionsPagination, ExceptionListItemIdentifiers } from '../types'; import { ExceptionList, ExceptionListItemSchema, @@ -20,7 +20,7 @@ export interface State { exceptions: ExceptionListItemSchema[]; exceptionToEdit: ExceptionListItemSchema | null; loadingLists: ExceptionIdentifiers[]; - loadingItemIds: ExceptionIdentifiers[]; + loadingItemIds: ExceptionListItemIdentifiers[]; isInitLoading: boolean; isModalOpen: boolean; } @@ -41,7 +41,7 @@ export type Action = | { type: 'updateIsInitLoading'; loading: boolean } | { type: 'updateModalOpen'; isOpen: boolean } | { type: 'updateExceptionToEdit'; exception: ExceptionListItemSchema } - | { type: 'updateLoadingItemIds'; items: ExceptionIdentifiers[] }; + | { type: 'updateLoadingItemIds'; items: ExceptionListItemIdentifiers[] }; export const allExceptionItemsReducer = () => (state: State, action: Action): State => { switch (action.type) { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json index 6323597fc094..10023b9c82ca 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json @@ -3,7 +3,8 @@ "exceptions_list": [ { "id": "some_updated_fake_id", - "namespace_type": "single" + "namespace_type": "single", + "type": "detection" } ] } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json index 0dda9a74557f..00cd00f1b418 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json @@ -6,5 +6,11 @@ "type": "query", "query": "host.name: *", "interval": "30s", - "exceptions_list": [{ "id": "8b9058e0-b685-11ea-83bd-99c6441a63ec", "namespace_type": "single" }] + "exceptions_list": [ + { + "id": "8b9058e0-b685-11ea-83bd-99c6441a63ec", + "namespace_type": "single", + "type": "detection" + } + ] } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json index f7359d586bd8..86db4c861c9e 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json @@ -6,5 +6,7 @@ "severity": "high", "type": "query", "query": "user.name: root or user.name: admin", - "exceptions_list": [{ "id": "some_updated_fake_id", "namespace_type": "single" }] + "exceptions_list": [ + { "id": "some_updated_fake_id", "namespace_type": "single", "type": "detection" } + ] }