diff --git a/x-pack/plugins/siem/common/types/timeline/index.ts b/x-pack/plugins/siem/common/types/timeline/index.ts index e87986fd1bdf2..e67eb3182ffa9 100644 --- a/x-pack/plugins/siem/common/types/timeline/index.ts +++ b/x-pack/plugins/siem/common/types/timeline/index.ts @@ -130,23 +130,42 @@ const SavedSortRuntimeType = runtimeTypes.partial({ sortDirection: unionWithNullType(runtimeTypes.string), }); +/* + * Timeline Statuses + */ + +export enum TimelineStatus { + active = 'active', + draft = 'draft', +} + +export const TimelineStatusLiteralRt = runtimeTypes.union([ + runtimeTypes.literal(TimelineStatus.active), + runtimeTypes.literal(TimelineStatus.draft), +]); + +const TimelineStatusLiteralWithNullRt = unionWithNullType(TimelineStatusLiteralRt); + +export type TimelineStatusLiteral = runtimeTypes.TypeOf; +export type TimelineStatusLiteralWithNull = runtimeTypes.TypeOf< + typeof TimelineStatusLiteralWithNullRt +>; + /* * Timeline Types */ export enum TimelineType { default = 'default', - draft = 'draft', template = 'template', } export const TimelineTypeLiteralRt = runtimeTypes.union([ runtimeTypes.literal(TimelineType.template), - runtimeTypes.literal(TimelineType.draft), runtimeTypes.literal(TimelineType.default), ]); -const TimelineTypeLiteralWithNullRt = unionWithNullType(TimelineTypeLiteralRt); +export const TimelineTypeLiteralWithNullRt = unionWithNullType(TimelineTypeLiteralRt); export type TimelineTypeLiteral = runtimeTypes.TypeOf; export type TimelineTypeLiteralWithNull = runtimeTypes.TypeOf; @@ -167,6 +186,7 @@ export const SavedTimelineRuntimeType = runtimeTypes.partial({ dateRange: unionWithNullType(SavedDateRangePickerRuntimeType), savedQueryId: unionWithNullType(runtimeTypes.string), sort: unionWithNullType(SavedSortRuntimeType), + status: unionWithNullType(TimelineStatusLiteralRt), created: unionWithNullType(runtimeTypes.number), createdBy: unionWithNullType(runtimeTypes.string), updated: unionWithNullType(runtimeTypes.number), diff --git a/x-pack/plugins/siem/public/alerts/components/signals/actions.test.tsx b/x-pack/plugins/siem/public/alerts/components/signals/actions.test.tsx index d3be87ce7c39c..d7a8a55077340 100644 --- a/x-pack/plugins/siem/public/alerts/components/signals/actions.test.tsx +++ b/x-pack/plugins/siem/public/alerts/components/signals/actions.test.tsx @@ -15,7 +15,7 @@ import { } from '../../../common/mock/'; import { CreateTimeline, UpdateTimelineLoading } from './types'; import { Ecs } from '../../../graphql/types'; -import { TimelineType } from '../../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../../common/types/timeline'; jest.mock('apollo-client'); @@ -215,6 +215,7 @@ describe('signals actions', () => { columnId: '@timestamp', sortDirection: 'desc', }, + status: TimelineStatus.draft, title: '', timelineType: TimelineType.default, templateTimelineId: null, diff --git a/x-pack/plugins/siem/public/common/mock/global_state.ts b/x-pack/plugins/siem/public/common/mock/global_state.ts index 63dd6dddfa9c5..da49ebe6552f3 100644 --- a/x-pack/plugins/siem/public/common/mock/global_state.ts +++ b/x-pack/plugins/siem/public/common/mock/global_state.ts @@ -24,7 +24,7 @@ import { DEFAULT_INTERVAL_VALUE, } from '../../../common/constants'; import { networkModel } from '../../network/store'; -import { TimelineType } from '../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../common/types/timeline'; import { initialPolicyListState } from '../../endpoint_policy/store/policy_list/reducer'; import { initialAlertListState } from '../../endpoint_alerts/store/reducer'; import { initialPolicyDetailsState } from '../../endpoint_policy/store/policy_details/reducer'; @@ -231,6 +231,7 @@ export const mockGlobalState: State = { width: DEFAULT_TIMELINE_WIDTH, isSaving: false, version: null, + status: TimelineStatus.active, }, }, }, diff --git a/x-pack/plugins/siem/public/common/mock/timeline_results.ts b/x-pack/plugins/siem/public/common/mock/timeline_results.ts index 13ac356f67773..5c41812fdb95c 100644 --- a/x-pack/plugins/siem/public/common/mock/timeline_results.ts +++ b/x-pack/plugins/siem/public/common/mock/timeline_results.ts @@ -5,7 +5,7 @@ */ import { FilterStateStore } from '../../../../../../src/plugins/data/common/es_query/filters/meta_filter'; -import { TimelineType } from '../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../common/types/timeline'; import { OpenTimelineResult } from '../../timelines/components/open_timeline/types'; import { GetAllTimeline, SortFieldTimeline, TimelineResult, Direction } from '../../graphql/types'; @@ -2142,6 +2142,7 @@ export const mockTimelineModel: TimelineModel = { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, title: 'Test rule', timelineType: TimelineType.default, templateTimelineId: null, @@ -2242,8 +2243,9 @@ export const defaultTimelineProps: CreateTimelineProps = { showCheckboxes: false, showRowRenderers: true, sort: { columnId: '@timestamp', sortDirection: Direction.desc }, + status: TimelineStatus.draft, title: '', - timelineType: TimelineType.draft, + timelineType: TimelineType.default, templateTimelineVersion: null, templateTimelineId: null, version: null, diff --git a/x-pack/plugins/siem/public/graphql/introspection.json b/x-pack/plugins/siem/public/graphql/introspection.json index d6f34255bcc1c..3c8c7c21d72a0 100644 --- a/x-pack/plugins/siem/public/graphql/introspection.json +++ b/x-pack/plugins/siem/public/graphql/introspection.json @@ -253,7 +253,7 @@ { "name": "timelineType", "description": "", - "type": { "kind": "SCALAR", "name": "String", "ofType": null }, + "type": { "kind": "ENUM", "name": "TimelineType", "ofType": null }, "defaultValue": null } ], @@ -9726,6 +9726,14 @@ "isDeprecated": false, "deprecationReason": null }, + { + "name": "status", + "description": "", + "args": [], + "type": { "kind": "ENUM", "name": "TimelineStatus", "ofType": null }, + "isDeprecated": false, + "deprecationReason": null + }, { "name": "title", "description": "", @@ -10353,6 +10361,19 @@ "enumValues": null, "possibleTypes": null }, + { + "kind": "ENUM", + "name": "TimelineStatus", + "description": "", + "fields": null, + "inputFields": null, + "interfaces": null, + "enumValues": [ + { "name": "active", "description": "", "isDeprecated": false, "deprecationReason": null }, + { "name": "draft", "description": "", "isDeprecated": false, "deprecationReason": null } + ], + "possibleTypes": null + }, { "kind": "SCALAR", "name": "Int", @@ -10377,7 +10398,6 @@ "isDeprecated": false, "deprecationReason": null }, - { "name": "draft", "description": "", "isDeprecated": false, "deprecationReason": null }, { "name": "template", "description": "", @@ -10962,6 +10982,12 @@ "description": "", "type": { "kind": "INPUT_OBJECT", "name": "SortTimelineInput", "ofType": null }, "defaultValue": null + }, + { + "name": "status", + "description": "", + "type": { "kind": "ENUM", "name": "TimelineStatus", "ofType": null }, + "defaultValue": null } ], "interfaces": null, diff --git a/x-pack/plugins/siem/public/graphql/types.ts b/x-pack/plugins/siem/public/graphql/types.ts index c3493c580fa22..eae3887ec0636 100644 --- a/x-pack/plugins/siem/public/graphql/types.ts +++ b/x-pack/plugins/siem/public/graphql/types.ts @@ -143,6 +143,8 @@ export interface TimelineInput { savedQueryId?: Maybe; sort?: Maybe; + + status?: Maybe; } export interface ColumnHeaderInput { @@ -340,9 +342,13 @@ export enum TlsFields { _id = '_id', } +export enum TimelineStatus { + active = 'active', + draft = 'draft', +} + export enum TimelineType { default = 'default', - draft = 'draft', template = 'template', } @@ -1954,6 +1960,8 @@ export interface TimelineResult { sort?: Maybe; + status?: Maybe; + title?: Maybe; templateTimelineId?: Maybe; @@ -2237,7 +2245,7 @@ export interface GetAllTimelineQueryArgs { onlyUserFavorite?: Maybe; - timelineType?: Maybe; + timelineType?: Maybe; } export interface AuthenticationsSourceArgs { timerange: TimerangeInput; @@ -4298,7 +4306,7 @@ export namespace GetAllTimeline { search?: Maybe; sort?: Maybe; onlyUserFavorite?: Maybe; - timelineType?: Maybe; + timelineType?: Maybe; }; export type Query = { diff --git a/x-pack/plugins/siem/public/timelines/components/open_timeline/helpers.test.ts b/x-pack/plugins/siem/public/timelines/components/open_timeline/helpers.test.ts index 350e1a3124497..a97aa29e58c28 100644 --- a/x-pack/plugins/siem/public/timelines/components/open_timeline/helpers.test.ts +++ b/x-pack/plugins/siem/public/timelines/components/open_timeline/helpers.test.ts @@ -36,7 +36,7 @@ import { KueryFilterQueryKind } from '../../../common/store/model'; import { Note } from '../../../common/lib/note'; import moment from 'moment'; import sinon from 'sinon'; -import { TimelineType } from '../../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../../common/types/timeline'; jest.mock('../../../common/store/inputs/actions'); jest.mock('../../store/timeline/actions'); @@ -299,8 +299,9 @@ describe('helpers', () => { columnId: '@timestamp', sortDirection: 'desc', }, + status: TimelineStatus.draft, title: '', - timelineType: TimelineType.draft, + timelineType: TimelineType.default, templateTimelineId: null, templateTimelineVersion: null, version: '1', @@ -396,8 +397,9 @@ describe('helpers', () => { columnId: '@timestamp', sortDirection: 'desc', }, + status: TimelineStatus.draft, title: '', - timelineType: TimelineType.draft, + timelineType: TimelineType.default, templateTimelineId: null, templateTimelineVersion: null, version: '1', @@ -517,7 +519,7 @@ describe('helpers', () => { }, loadingEventIds: [], title: '', - timelineType: TimelineType.draft, + timelineType: TimelineType.default, templateTimelineId: null, templateTimelineVersion: null, noteIds: [], @@ -535,6 +537,7 @@ describe('helpers', () => { columnId: '@timestamp', sortDirection: 'desc', }, + status: TimelineStatus.draft, width: 1100, id: 'savedObject-1', }); @@ -685,7 +688,7 @@ describe('helpers', () => { }, loadingEventIds: [], title: '', - timelineType: TimelineType.draft, + timelineType: TimelineType.default, templateTimelineId: null, templateTimelineVersion: null, noteIds: [], @@ -703,6 +706,7 @@ describe('helpers', () => { columnId: '@timestamp', sortDirection: 'desc', }, + status: TimelineStatus.draft, width: 1100, id: 'savedObject-1', }); diff --git a/x-pack/plugins/siem/public/timelines/containers/all/index.gql_query.ts b/x-pack/plugins/siem/public/timelines/containers/all/index.gql_query.ts index 76aef8de4ad84..cdbf3e768581b 100644 --- a/x-pack/plugins/siem/public/timelines/containers/all/index.gql_query.ts +++ b/x-pack/plugins/siem/public/timelines/containers/all/index.gql_query.ts @@ -12,7 +12,7 @@ export const allTimelinesQuery = gql` $search: String $sort: SortTimeline $onlyUserFavorite: Boolean - $timelineType: String + $timelineType: TimelineType ) { getAllTimeline( pageInfo: $pageInfo diff --git a/x-pack/plugins/siem/public/timelines/containers/api.ts b/x-pack/plugins/siem/public/timelines/containers/api.ts index cf6229145623d..9f5e65e0fc5af 100644 --- a/x-pack/plugins/siem/public/timelines/containers/api.ts +++ b/x-pack/plugins/siem/public/timelines/containers/api.ts @@ -9,11 +9,11 @@ import { pipe } from 'fp-ts/lib/pipeable'; import { throwErrors } from '../../../../case/common/api'; import { - SavedTimeline, TimelineResponse, TimelineResponseType, - TimelineType, + TimelineStatus, } from '../../../common/types/timeline'; +import { TimelineInput, TimelineType } from '../../graphql/types'; import { TIMELINE_URL, TIMELINE_DRAFT_URL, @@ -31,7 +31,7 @@ import { } from '../../alerts/containers/detection_engine/rules'; interface RequestPostTimeline { - timeline: SavedTimeline; + timeline: TimelineInput; signal?: AbortSignal; } @@ -75,8 +75,8 @@ export const persistTimeline = async ({ timeline, version, }: RequestPersistTimeline): Promise => { - if (timelineId == null && timeline.timelineType === TimelineType.draft) { - const draftTimeline = await cleanDraftTimeline(); + if (timelineId == null && timeline.status === TimelineStatus.draft) { + const draftTimeline = await cleanDraftTimeline({ timelineType: timeline.timelineType! }); return patchTimeline({ timelineId: draftTimeline.data.persistTimeline.timeline.savedObjectId, timeline, @@ -133,14 +133,30 @@ export const exportSelectedTimeline: ExportSelectedData = async ({ return response.body!; }; -export const getDraftTimeline = async (): Promise => { - const response = await KibanaServices.get().http.get(TIMELINE_DRAFT_URL); +export const getDraftTimeline = async ({ + timelineType, +}: { + timelineType: TimelineType; +}): Promise => { + const response = await KibanaServices.get().http.get(TIMELINE_DRAFT_URL, { + query: { + timelineType, + }, + }); return decodeTimelineResponse(response); }; -export const cleanDraftTimeline = async (): Promise => { - const response = await KibanaServices.get().http.post(TIMELINE_DRAFT_URL); +export const cleanDraftTimeline = async ({ + timelineType, +}: { + timelineType: TimelineType; +}): Promise => { + const response = await KibanaServices.get().http.post(TIMELINE_DRAFT_URL, { + body: JSON.stringify({ + timelineType, + }), + }); return decodeTimelineResponse(response); }; diff --git a/x-pack/plugins/siem/public/timelines/store/timeline/defaults.ts b/x-pack/plugins/siem/public/timelines/store/timeline/defaults.ts index 649f1007f370b..5290178092f3e 100644 --- a/x-pack/plugins/siem/public/timelines/store/timeline/defaults.ts +++ b/x-pack/plugins/siem/public/timelines/store/timeline/defaults.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { TimelineType } from '../../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../../common/types/timeline'; import { Direction } from '../../../graphql/types'; import { DEFAULT_TIMELINE_WIDTH } from '../../components/timeline/body/constants'; @@ -35,7 +35,7 @@ export const timelineDefaults: SubsetTimelineModel & Pick { showCheckboxes: false, showRowRenderers: true, sort: { columnId: '@timestamp', sortDirection: Direction.desc }, + status: TimelineStatus.active, width: 1100, version: 'WzM4LDFd', id: '11169110-fc22-11e9-8ca9-072f15ce2685', @@ -290,6 +291,7 @@ describe('Epic Timeline', () => { templateTimelineVersion: null, timelineType: TimelineType.default, title: 'saved', + status: TimelineStatus.active, }); }); }); diff --git a/x-pack/plugins/siem/public/timelines/store/timeline/epic.ts b/x-pack/plugins/siem/public/timelines/store/timeline/epic.ts index 30305f63dc31a..20c2d1861bd66 100644 --- a/x-pack/plugins/siem/public/timelines/store/timeline/epic.ts +++ b/x-pack/plugins/siem/public/timelines/store/timeline/epic.ts @@ -33,8 +33,13 @@ import { Filter, MatchAllFilter, } from '../../../../../../.../../../src/plugins/data/public'; -import { TimelineType } from '../../../../common/types/timeline'; -import { TimelineInput, ResponseTimeline, TimelineResult } from '../../../graphql/types'; +import { TimelineStatus } from '../../../../common/types/timeline'; +import { + TimelineType, + TimelineInput, + ResponseTimeline, + TimelineResult, +} from '../../../graphql/types'; import { AppApolloClient } from '../../../common/lib/lib'; import { addError } from '../../../common/store/app/actions'; import { NotesById } from '../../../common/store/app/model'; @@ -152,10 +157,8 @@ export const createTimelineEpic = (): Epic< return true; } if (action.type === createTimeline.type && isItAtimelineAction(timelineId)) { - if (timelineObj.timelineType !== 'draft') { - myEpicTimelineId.setTimelineVersion(null); - myEpicTimelineId.setTimelineId(null); - } + myEpicTimelineId.setTimelineVersion(null); + myEpicTimelineId.setTimelineId(null); } else if (action.type === addTimeline.type && isItAtimelineAction(timelineId)) { const addNewTimeline: TimelineModel = get('payload.timeline', action); myEpicTimelineId.setTimelineId(addNewTimeline.savedObjectId); @@ -243,6 +246,7 @@ export const createTimelineEpic = (): Epic< ...savedTimeline, savedObjectId: response.timeline.savedObjectId, version: response.timeline.version, + status: response.timeline.status ?? TimelineStatus.active, timelineType: response.timeline.timelineType ?? TimelineType.default, templateTimelineId: response.timeline.templateTimelineId ?? null, templateTimelineVersion: response.timeline.templateTimelineVersion ?? null, @@ -299,6 +303,7 @@ const timelineInput: TimelineInput = { dateRange: null, savedQueryId: null, sort: null, + status: null, }; export const convertTimelineAsInput = ( diff --git a/x-pack/plugins/siem/public/timelines/store/timeline/model.ts b/x-pack/plugins/siem/public/timelines/store/timeline/model.ts index 8f37636910e2e..df5e2a99e0248 100644 --- a/x-pack/plugins/siem/public/timelines/store/timeline/model.ts +++ b/x-pack/plugins/siem/public/timelines/store/timeline/model.ts @@ -6,11 +6,14 @@ import { Filter } from '../../../../../../../src/plugins/data/public'; -import { TimelineTypeLiteralWithNull } from '../../../../common/types/timeline'; - import { DataProvider } from '../../components/timeline/data_providers/data_provider'; import { Sort } from '../../components/timeline/body/sort'; -import { PinnedEvent, TimelineNonEcsData } from '../../../graphql/types'; +import { + PinnedEvent, + TimelineNonEcsData, + TimelineType, + TimelineStatus, +} from '../../../graphql/types'; import { KueryFilterQuery, SerializedFilterQuery } from '../../../common/store/model'; export const DEFAULT_PAGE_COUNT = 2; // Eui Pager will not render unless this is a minimum of 2 pages @@ -81,7 +84,7 @@ export interface TimelineModel { /** Title */ title: string; /** timelineType: default | template */ - timelineType: TimelineTypeLiteralWithNull; + timelineType: TimelineType; /** an unique id for template timeline */ templateTimelineId: string | null; /** null for default timeline, number for template timeline */ @@ -107,6 +110,8 @@ export interface TimelineModel { showRowRenderers: boolean; /** Specifies which column the timeline is sorted on, and the direction (ascending / descending) */ sort: Sort; + /** status: active | draft */ + status: TimelineStatus; /** Persists the UI state (width) of the timeline flyover */ width: number; /** timeline is saving */ @@ -153,6 +158,7 @@ export type SubsetTimelineModel = Readonly< | 'savedObjectId' | 'version' | 'timelineType' + | 'status' > >; diff --git a/x-pack/plugins/siem/public/timelines/store/timeline/reducer.test.ts b/x-pack/plugins/siem/public/timelines/store/timeline/reducer.test.ts index 65c78ca8efdb2..66cd73a35f946 100644 --- a/x-pack/plugins/siem/public/timelines/store/timeline/reducer.test.ts +++ b/x-pack/plugins/siem/public/timelines/store/timeline/reducer.test.ts @@ -6,7 +6,7 @@ import { cloneDeep, set } from 'lodash/fp'; -import { TimelineType } from '../../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../../common/types/timeline'; import { IS_OPERATOR, @@ -100,6 +100,7 @@ const timelineByIdMock: TimelineById = { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, width: DEFAULT_TIMELINE_WIDTH, isSaving: false, version: null, @@ -1131,6 +1132,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 25, @@ -1226,6 +1228,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 25, @@ -1427,6 +1430,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 25, @@ -1522,6 +1526,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 25, @@ -1712,6 +1717,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 50, @@ -1791,6 +1797,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 25, @@ -1894,6 +1901,7 @@ describe('Timeline', () => { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.active, pinnedEventIds: {}, pinnedEventsSaveObject: {}, itemsPerPage: 25, diff --git a/x-pack/plugins/siem/server/graphql/timeline/schema.gql.ts b/x-pack/plugins/siem/server/graphql/timeline/schema.gql.ts index 2432af9a379a1..b9aa8534ab0e9 100644 --- a/x-pack/plugins/siem/server/graphql/timeline/schema.gql.ts +++ b/x-pack/plugins/siem/server/graphql/timeline/schema.gql.ts @@ -127,10 +127,14 @@ export const timelineSchema = gql` enum TimelineType { default - draft template } + enum TimelineStatus { + active + draft + } + input TimelineInput { columns: [ColumnHeaderInput!] dataProviders: [DataProviderInput!] @@ -146,6 +150,7 @@ export const timelineSchema = gql` dateRange: DateRangePickerInput savedQueryId: String sort: SortTimelineInput + status: TimelineStatus } input PageInfoTimeline { @@ -245,6 +250,7 @@ export const timelineSchema = gql` savedQueryId: String savedObjectId: String! sort: SortTimelineResult + status: TimelineStatus title: String templateTimelineId: String templateTimelineVersion: Int @@ -279,7 +285,7 @@ export const timelineSchema = gql` extend type Query { getOneTimeline(id: ID!): TimelineResult! - getAllTimeline(pageInfo: PageInfoTimeline, search: String, sort: SortTimeline, onlyUserFavorite: Boolean, timelineType: String): ResponseTimelines! + getAllTimeline(pageInfo: PageInfoTimeline, search: String, sort: SortTimeline, onlyUserFavorite: Boolean, timelineType: TimelineType): ResponseTimelines! } extend type Mutation { diff --git a/x-pack/plugins/siem/server/graphql/types.ts b/x-pack/plugins/siem/server/graphql/types.ts index 5313f4b9df268..4a063647a183d 100644 --- a/x-pack/plugins/siem/server/graphql/types.ts +++ b/x-pack/plugins/siem/server/graphql/types.ts @@ -145,6 +145,8 @@ export interface TimelineInput { savedQueryId?: Maybe; sort?: Maybe; + + status?: Maybe; } export interface ColumnHeaderInput { @@ -342,9 +344,13 @@ export enum TlsFields { _id = '_id', } +export enum TimelineStatus { + active = 'active', + draft = 'draft', +} + export enum TimelineType { default = 'default', - draft = 'draft', template = 'template', } @@ -1956,6 +1962,8 @@ export interface TimelineResult { sort?: Maybe; + status?: Maybe; + title?: Maybe; templateTimelineId?: Maybe; @@ -2239,7 +2247,7 @@ export interface GetAllTimelineQueryArgs { onlyUserFavorite?: Maybe; - timelineType?: Maybe; + timelineType?: Maybe; } export interface AuthenticationsSourceArgs { timerange: TimerangeInput; @@ -2697,7 +2705,7 @@ export namespace QueryResolvers { onlyUserFavorite?: Maybe; - timelineType?: Maybe; + timelineType?: Maybe; } } @@ -8043,6 +8051,8 @@ export namespace TimelineResultResolvers { sort?: SortResolver, TypeParent, TContext>; + status?: StatusResolver, TypeParent, TContext>; + title?: TitleResolver, TypeParent, TContext>; templateTimelineId?: TemplateTimelineIdResolver, TypeParent, TContext>; @@ -8153,6 +8163,11 @@ export namespace TimelineResultResolvers { Parent = TimelineResult, TContext = SiemContext > = Resolver; + export type StatusResolver< + R = Maybe, + Parent = TimelineResult, + TContext = SiemContext + > = Resolver; export type TitleResolver< R = Maybe, Parent = TimelineResult, diff --git a/x-pack/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts b/x-pack/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts index 00fb77bfb1647..3246de2190383 100644 --- a/x-pack/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts +++ b/x-pack/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts @@ -4,23 +4,63 @@ * you may not use this file except in compliance with the Elastic License. */ +import { intersection, type, partial, literal, union, string } from 'io-ts/lib/index'; import { failure } from 'io-ts/lib/PathReporter'; import { pipe } from 'fp-ts/lib/pipeable'; import { map, fold } from 'fp-ts/lib/Either'; import { identity } from 'fp-ts/lib/function'; import { - TimelineSavedObjectRuntimeType, + SavedTimelineRuntimeType, + TimelineTypeLiteralWithNullRt, TimelineSavedObject, TimelineType, + TimelineStatus, } from '../../../common/types/timeline'; +// TODO: Added to support legacy TimelineType.draft, can be removed in 7.10 +export const TimelineSavedObjectWithDraftRuntimeType = intersection([ + type({ + id: string, + version: string, + attributes: partial({ + ...SavedTimelineRuntimeType.props, + timelineType: union([TimelineTypeLiteralWithNullRt, literal('draft')]), + }), + }), + partial({ + savedObjectId: string, + }), +]); + +const getTimelineTypeAndStatus = ( + timelineType: TimelineType | 'draft' | null = TimelineType.default, + status: TimelineStatus | null = TimelineStatus.active +) => { + // TODO: Added to support legacy TimelineType.draft, can be removed in 7.10 + // @ts-ignore + if (timelineType === 'draft') { + return { + timelineType: TimelineType.default, + status: TimelineStatus.draft, + }; + } + + return { + timelineType, + status, + }; +}; + export const convertSavedObjectToSavedTimeline = (savedObject: unknown): TimelineSavedObject => { const timeline = pipe( - TimelineSavedObjectRuntimeType.decode(savedObject), + TimelineSavedObjectWithDraftRuntimeType.decode(savedObject), map(savedTimeline => { const attributes = { ...savedTimeline.attributes, - timelineType: savedTimeline.attributes.timelineType ?? TimelineType.default, + ...getTimelineTypeAndStatus( + savedTimeline.attributes.timelineType, + savedTimeline.attributes.status + ), }; return { savedObjectId: savedTimeline.id, diff --git a/x-pack/plugins/siem/server/lib/timeline/default_timeline.ts b/x-pack/plugins/siem/server/lib/timeline/default_timeline.ts index 710a43df1221d..b0ca3ba71f12b 100644 --- a/x-pack/plugins/siem/server/lib/timeline/default_timeline.ts +++ b/x-pack/plugins/siem/server/lib/timeline/default_timeline.ts @@ -6,7 +6,7 @@ import { Direction } from '../../graphql/types'; import { defaultHeaders } from './default_timeline_headers'; -import { SavedTimeline, TimelineType } from '../../../common/types/timeline'; +import { SavedTimeline, TimelineType, TimelineStatus } from '../../../common/types/timeline'; export const draftTimelineDefaults: SavedTimeline = { columns: defaultHeaders, @@ -15,7 +15,7 @@ export const draftTimelineDefaults: SavedTimeline = { eventType: 'all', filters: [], kqlMode: 'filter', - timelineType: TimelineType.draft, + timelineType: TimelineType.default, kqlQuery: { filterQuery: null, }, @@ -24,4 +24,5 @@ export const draftTimelineDefaults: SavedTimeline = { columnId: '@timestamp', sortDirection: Direction.desc, }, + status: TimelineStatus.draft, }; diff --git a/x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts b/x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts index 3b06adf1b751e..40c568ecda741 100644 --- a/x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts +++ b/x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts @@ -8,7 +8,7 @@ import uuid from 'uuid'; import { isEmpty } from 'lodash/fp'; import { AuthenticatedUser } from '../../../../security/common/model'; import { UNAUTHENTICATED_USER } from '../../../common/constants'; -import { SavedTimeline, TimelineType } from '../../../common/types/timeline'; +import { SavedTimeline, TimelineType, TimelineStatus } from '../../../common/types/timeline'; export const pickSavedTimeline = ( timelineId: string | null, @@ -39,10 +39,10 @@ export const pickSavedTimeline = ( savedTimeline.templateTimelineVersion = savedTimeline.templateTimelineVersion + 1; } } - } else if (savedTimeline.timelineType === TimelineType.draft) { - savedTimeline.timelineType = !isEmpty(savedTimeline.title) - ? TimelineType.default - : TimelineType.draft; + } else if (savedTimeline.status === TimelineStatus.draft) { + savedTimeline.status = !isEmpty(savedTimeline.title) + ? TimelineStatus.active + : TimelineStatus.draft; savedTimeline.templateTimelineId = null; savedTimeline.templateTimelineVersion = null; } else { diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts index e06e6c60ac65f..7180f06d853be 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts @@ -5,7 +5,7 @@ */ import { omit } from 'lodash/fp'; -import { TimelineType } from '../../../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../../../common/types/timeline'; export const mockDuplicateIdErrors = []; @@ -176,7 +176,8 @@ export const mockGetDraftTimelineValue = { updatedBy: 'angela', noteIds: [], pinnedEventIds: ['k-gi8nABm-sIqJ_scOoS'], - timelineType: TimelineType.draft, + timelineType: TimelineType.default, + status: TimelineStatus.draft, }; export const mockParsedTimelineObject = omit( diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts index 9bcef1f5930d9..470ba1a853b58 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts @@ -12,7 +12,7 @@ import { } from '../../../../../common/constants'; import stream from 'stream'; import { requestMock } from '../../../detection_engine/routes/__mocks__'; -import { SavedTimeline, TimelineType } from '../../../../../common/types/timeline'; +import { SavedTimeline, TimelineType, TimelineStatus } from '../../../../../common/types/timeline'; import { updateTimelineSchema } from '../schemas/update_timelines_schema'; import { createTimelineSchema } from '../schemas/create_timelines_schema'; @@ -86,7 +86,8 @@ export const createDraftTimelineWithoutTimelineId = { timeline: inputTimeline, timelineId: null, version: null, - timelineType: TimelineType.draft, + timelineType: TimelineType.default, + status: TimelineStatus.draft, }; export const createTemplateTimelineWithoutTimelineId = { @@ -153,16 +154,22 @@ export const getImportTimelinesRequestEnableOverwrite = (filename?: string) => }, }); -export const getDraftTimelinesRequest = () => +export const getDraftTimelinesRequest = (timelineType: TimelineType) => requestMock.create({ method: 'get', path: TIMELINE_DRAFT_URL, + query: { + timelineType, + }, }); -export const cleanDraftTimelinesRequest = () => +export const cleanDraftTimelinesRequest = (timelineType: TimelineType) => requestMock.create({ method: 'post', path: TIMELINE_DRAFT_URL, + body: { + timelineType, + }, }); export const mockTimelinesSavedObjects = () => ({ diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.test.ts b/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.test.ts index 231efff35636c..9dc957604d4df 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.test.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.test.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { SecurityPluginSetup } from '../../../../../../plugins/security/server'; +import { TimelineType } from '../../../../common/types/timeline'; import { serverMock, @@ -79,7 +80,7 @@ describe('clean draft timelines', () => { timeline: [], }); - const response = await server.inject(cleanDraftTimelinesRequest(), context); + const response = await server.inject(cleanDraftTimelinesRequest(TimelineType.default), context); expect(mockPersistTimeline).toHaveBeenCalled(); expect(response.status).toEqual(200); expect(response.body).toEqual({ @@ -98,7 +99,7 @@ describe('clean draft timelines', () => { mockResetTimeline.mockResolvedValue({}); mockGetTimeline.mockResolvedValue({ ...mockGetDraftTimelineValue }); - const response = await server.inject(cleanDraftTimelinesRequest(), context); + const response = await server.inject(cleanDraftTimelinesRequest(TimelineType.default), context); expect(mockPersistTimeline).not.toHaveBeenCalled(); expect(mockResetTimeline).toHaveBeenCalled(); expect(mockGetTimeline).toHaveBeenCalled(); diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.ts b/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.ts index 0890b65dec4e5..ac962a848368b 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/clean_draft_timelines_route.ts @@ -10,8 +10,10 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes import { TIMELINE_DRAFT_URL } from '../../../../common/constants'; import { buildFrameworkRequest } from './utils/common'; import { SetupPlugins } from '../../../plugin'; +import { buildRouteValidation } from '../../../utils/build_validation/route_validation'; import { getDraftTimeline, resetTimeline, getTimeline, persistTimeline } from '../saved_object'; import { draftTimelineDefaults } from '../default_timeline'; +import { cleanDraftTimelineSchema } from './schemas/clean_draft_timelines_schema'; export const cleanDraftTimelinesRoute = ( router: IRouter, @@ -21,7 +23,9 @@ export const cleanDraftTimelinesRoute = ( router.post( { path: TIMELINE_DRAFT_URL, - validate: {}, + validate: { + body: buildRouteValidation(cleanDraftTimelineSchema), + }, options: { tags: ['access:siem'], }, @@ -33,7 +37,7 @@ export const cleanDraftTimelinesRoute = ( try { const { timeline: [draftTimeline], - } = await getDraftTimeline(frameworkRequest); + } = await getDraftTimeline(frameworkRequest, request.body.timelineType); if (draftTimeline?.savedObjectId) { await resetTimeline(frameworkRequest, [draftTimeline.savedObjectId]); diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.test.ts b/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.test.ts index 76a64e9d225a1..e9bceb2c66806 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.test.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.test.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { SecurityPluginSetup } from '../../../../../../plugins/security/server'; +import { TimelineType } from '../../../../common/types/timeline'; import { serverMock, @@ -80,7 +81,10 @@ describe('get draft timelines', () => { timeline: [], }); - const response = await server.inject(getDraftTimelinesRequest(), context); + const response = await server.inject( + getDraftTimelinesRequest(TimelineType.default), + context + ); expect(mockPersistTimeline).toHaveBeenCalled(); expect(response.status).toEqual(200); expect(response.body).toEqual({ @@ -97,7 +101,10 @@ describe('get draft timelines', () => { timeline: [mockGetDraftTimelineValue], }); - const response = await server.inject(getDraftTimelinesRequest(), context); + const response = await server.inject( + getDraftTimelinesRequest(TimelineType.default), + context + ); expect(mockPersistTimeline).not.toHaveBeenCalled(); expect(response.status).toEqual(200); expect(response.body).toEqual({ diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.ts b/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.ts index 2ff1ec519d2a6..137b2032b8e50 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/get_draft_timelines_route.ts @@ -10,8 +10,10 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes import { TIMELINE_DRAFT_URL } from '../../../../common/constants'; import { buildFrameworkRequest } from './utils/common'; import { SetupPlugins } from '../../../plugin'; +import { buildRouteValidation } from '../../../utils/build_validation/route_validation'; import { getDraftTimeline, persistTimeline } from '../saved_object'; import { draftTimelineDefaults } from '../default_timeline'; +import { getDraftTimelineSchema } from './schemas/get_draft_timelines_schema'; export const getDraftTimelinesRoute = ( router: IRouter, @@ -21,7 +23,9 @@ export const getDraftTimelinesRoute = ( router.get( { path: TIMELINE_DRAFT_URL, - validate: {}, + validate: { + query: buildRouteValidation(getDraftTimelineSchema), + }, options: { tags: ['access:siem'], }, @@ -33,7 +37,7 @@ export const getDraftTimelinesRoute = ( try { const { timeline: [draftTimeline], - } = await getDraftTimeline(frameworkRequest); + } = await getDraftTimeline(frameworkRequest, request.query.timelineType); if (draftTimeline?.savedObjectId) { return response.ok({ diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts index 2f5200c87137d..48e22f6af2a7b 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts @@ -12,7 +12,7 @@ import { createMockConfig, } from '../../detection_engine/routes/__mocks__'; import { TIMELINE_EXPORT_URL } from '../../../../common/constants'; -import { TimelineType } from '../../../../common/types/timeline'; +import { TimelineStatus } from '../../../../common/types/timeline'; import { SecurityPluginSetup } from '../../../../../../plugins/security/server'; import { @@ -145,13 +145,13 @@ describe('import timelines', () => { test('should Create a new timeline savedObject with given draft timeline', async () => { mockGetTupleDuplicateErrorsAndUniqueTimeline.mockReturnValue([ mockDuplicateIdErrors, - [{ ...mockUniqueParsedObjects[0], timelineType: TimelineType.draft }], + [{ ...mockUniqueParsedObjects[0], status: TimelineStatus.draft }], ]); const mockRequest = getImportTimelinesRequest(); await server.inject(mockRequest, context); expect(mockPersistTimeline.mock.calls[0][3]).toEqual({ ...mockParsedTimelineObject, - timelineType: TimelineType.default, + status: TimelineStatus.active, }); }); diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts index bb63d1dce5554..dee8ed5078546 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts @@ -39,7 +39,7 @@ import { timelineSavedObjectOmittedFields, } from './utils/import_timelines'; import { createTimelines, getTimeline, getTemplateTimeline } from './utils/create_timelines'; -import { TimelineType } from '../../../../common/types/timeline'; +import { TimelineType, TimelineStatus } from '../../../../common/types/timeline'; import { checkIsFailureCases } from './utils/update_timelines'; const CHUNK_PARSED_OBJECT_SIZE = 10; @@ -154,10 +154,10 @@ export const importTimelinesRoute = ( frameworkRequest, { ...parsedTimelineObject, - timelineType: - parsedTimelineObject.timelineType === TimelineType.draft - ? TimelineType.default - : parsedTimelineObject.timelineType, + status: + parsedTimelineObject.status === TimelineStatus.draft + ? TimelineStatus.active + : parsedTimelineObject.status, }, null, // timelineSavedObjectId null, // timelineVersion diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/schemas/clean_draft_timelines_schema.ts b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/clean_draft_timelines_schema.ts new file mode 100644 index 0000000000000..2f880ee530dd9 --- /dev/null +++ b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/clean_draft_timelines_schema.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import * as rt from 'io-ts'; + +import { TimelineTypeLiteralRt } from '../../../../../common/types/timeline'; + +export const cleanDraftTimelineSchema = rt.type({ + timelineType: TimelineTypeLiteralRt, +}); diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/schemas/get_draft_timelines_schema.ts b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/get_draft_timelines_schema.ts new file mode 100644 index 0000000000000..34cfb5e6e756b --- /dev/null +++ b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/get_draft_timelines_schema.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import * as rt from 'io-ts'; + +import { TimelineTypeLiteralRt } from '../../../../../common/types/timeline'; + +export const getDraftTimelineSchema = rt.type({ + timelineType: TimelineTypeLiteralRt, +}); diff --git a/x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts b/x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts index 1e64e38ea5b0a..908aeac6b33ca 100644 --- a/x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts +++ b/x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts @@ -16,7 +16,7 @@ import { ExportedNotes, TimelineSavedObject, ExportTimelineNotFoundError, - TimelineType, + TimelineStatus, } from '../../../../../common/types/timeline'; import { NoteSavedObject } from '../../../../../common/types/timeline/note'; import { PinnedEventSavedObject } from '../../../../../common/types/timeline/pinned_event'; @@ -180,10 +180,8 @@ const getTimelinesFromObjects = async ( ...acc, { ...myTimeline, - timelineType: - myTimeline.timelineType === TimelineType.draft - ? TimelineType.default - : myTimeline.timelineType, + status: + myTimeline.status === TimelineStatus.draft ? TimelineStatus.active : myTimeline.status, ...getGlobalEventNotesByTimelineId(timelineNotes), pinnedEventIds: getPinnedEventsIdsByTimelineId(timelinePinnedEventIds), }, diff --git a/x-pack/plugins/siem/server/lib/timeline/saved_object.ts b/x-pack/plugins/siem/server/lib/timeline/saved_object.ts index f95cd01b2b788..1a2a2a9c20a67 100644 --- a/x-pack/plugins/siem/server/lib/timeline/saved_object.ts +++ b/x-pack/plugins/siem/server/lib/timeline/saved_object.ts @@ -10,13 +10,19 @@ import { SavedObjectsFindOptions } from '../../../../../../src/core/server'; import { UNAUTHENTICATED_USER } from '../../../common/constants'; import { NoteSavedObject } from '../../../common/types/timeline/note'; import { PinnedEventSavedObject } from '../../../common/types/timeline/pinned_event'; -import { SavedTimeline, TimelineSavedObject, TimelineType } from '../../../common/types/timeline'; +import { + SavedTimeline, + TimelineSavedObject, + TimelineTypeLiteralWithNull, +} from '../../../common/types/timeline'; import { ResponseTimeline, PageInfoTimeline, SortTimeline, ResponseFavoriteTimeline, TimelineResult, + TimelineType, + TimelineStatus, Maybe, } from '../../graphql/types'; import { FrameworkRequest } from '../framework'; @@ -49,7 +55,7 @@ export interface Timeline { pageInfo: PageInfoTimeline | null, search: string | null, sort: SortTimeline | null, - timelineType: string | null + timelineType: TimelineTypeLiteralWithNull ) => Promise; persistFavorite: ( @@ -62,7 +68,7 @@ export interface Timeline { timelineId: string | null, version: string | null, timeline: SavedTimeline, - timelineType?: TimelineType | null + timelineType?: TimelineTypeLiteralWithNull ) => Promise; deleteTimeline: (request: FrameworkRequest, timelineIds: string[]) => Promise; @@ -98,13 +104,26 @@ export const getTimelineByTemplateTimelineId = async ( /** The filter here is able to handle the legacy data, * which has no timelineType exists in the savedObject */ -const getTimelineTypeFilter = (timelineType: string | null) => { - return timelineType === TimelineType.template - ? `siem-ui-timeline.attributes.timelineType: ${TimelineType.template}` /** Show only whose timelineType exists and equals to "template" */ - : /** Show me every timeline whose timelineType is not "template". - * which includes timelineType === 'default' and - * those timelineType doesn't exists */ - `not siem-ui-timeline.attributes.timelineType: ${TimelineType.template} and not siem-ui-timeline.attributes.timelineType: ${TimelineType.draft}`; +const getTimelineTypeFilter = ( + timelineType: TimelineTypeLiteralWithNull, + includeDraft: boolean +) => { + const typeFilter = + timelineType === TimelineType.template + ? `siem-ui-timeline.attributes.timelineType: ${TimelineType.template}` /** Show only whose timelineType exists and equals to "template" */ + : /** Show me every timeline whose timelineType is not "template". + * which includes timelineType === 'default' and + * those timelineType doesn't exists */ + `not siem-ui-timeline.attributes.timelineType: ${TimelineType.template}`; + + /** Show me every timeline whose status is not "draft". + * which includes status === 'active' and + * those status doesn't exists */ + const draftFilter = includeDraft + ? `siem-ui-timeline.attributes.status: ${TimelineStatus.draft}` + : `not siem-ui-timeline.attributes.status: ${TimelineStatus.draft}`; + + return `${typeFilter} and ${draftFilter}`; }; export const getAllTimeline = async ( @@ -113,7 +132,7 @@ export const getAllTimeline = async ( pageInfo: PageInfoTimeline | null, search: string | null, sort: SortTimeline | null, - timelineType: string | null + timelineType: TimelineTypeLiteralWithNull ): Promise => { const options: SavedObjectsFindOptions = { type: timelineSavedObjectType, @@ -123,18 +142,21 @@ export const getAllTimeline = async ( searchFields: onlyUserFavorite ? ['title', 'description', 'favorite.keySearch'] : ['title', 'description'], - filter: getTimelineTypeFilter(timelineType), + filter: getTimelineTypeFilter(timelineType, false), sortField: sort != null ? sort.sortField : undefined, sortOrder: sort != null ? sort.sortOrder : undefined, }; return getAllSavedTimeline(request, options); }; -export const getDraftTimeline = async (request: FrameworkRequest): Promise => { +export const getDraftTimeline = async ( + request: FrameworkRequest, + timelineType: TimelineTypeLiteralWithNull +): Promise => { const options: SavedObjectsFindOptions = { type: timelineSavedObjectType, perPage: 1, - filter: `siem-ui-timeline.attributes.timelineType: ${TimelineType.draft}`, + filter: getTimelineTypeFilter(timelineType, true), sortField: 'created', sortOrder: 'desc', }; diff --git a/x-pack/plugins/siem/server/lib/timeline/saved_object_mappings.ts b/x-pack/plugins/siem/server/lib/timeline/saved_object_mappings.ts index 4d9ae19bfd6a2..51bff033b8791 100644 --- a/x-pack/plugins/siem/server/lib/timeline/saved_object_mappings.ts +++ b/x-pack/plugins/siem/server/lib/timeline/saved_object_mappings.ts @@ -263,6 +263,9 @@ export const timelineSavedObjectMappings: SavedObjectsType['mappings'] = { }, }, }, + status: { + type: 'keyword', + }, created: { type: 'date', }, diff --git a/x-pack/test/siem_cypress/es_archives/timeline/data.json.gz b/x-pack/test/siem_cypress/es_archives/timeline/data.json.gz index cde2775bddb24..bc4079ad2a90b 100644 Binary files a/x-pack/test/siem_cypress/es_archives/timeline/data.json.gz and b/x-pack/test/siem_cypress/es_archives/timeline/data.json.gz differ diff --git a/x-pack/test/siem_cypress/es_archives/timeline/mappings.json b/x-pack/test/siem_cypress/es_archives/timeline/mappings.json index ae36c130ee168..fcc16afd963d8 100644 --- a/x-pack/test/siem_cypress/es_archives/timeline/mappings.json +++ b/x-pack/test/siem_cypress/es_archives/timeline/mappings.json @@ -2416,6 +2416,9 @@ "timelineType": { "type": "keyword" }, + "status": { + "type": "keyword" + }, "columns": { "properties": { "aggregatable": {