From 9143785aaa4b09af65c7b851362e3c4bb729ba17 Mon Sep 17 00:00:00 2001
From: Marshall Main <marshall.main@elastic.co>
Date: Thu, 12 Nov 2020 01:39:57 -0500
Subject: [PATCH] Allow a few more fields to be undefined in internal schema

---
 .../lib/detection_engine/rules/patch_rules.ts    |  2 +-
 .../detection_engine/schemas/rule_converters.ts  |  8 ++++----
 .../lib/detection_engine/schemas/rule_schemas.ts | 16 ++++++++--------
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts
index b50499af3a6f5..8e10fc21f040c 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/patch_rules.ts
@@ -181,7 +181,7 @@ export const patchRules = async ({
   };
   const [validated, errors] = validate(newRule, internalRuleUpdate);
   if (errors != null || validated === null) {
-    throw new PatchError('Applying patch would create invalid rule', 400);
+    throw new PatchError(`Applying patch would create invalid rule: ${errors}`, 400);
   }
 
   const update = await alertsClient.update({
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_converters.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_converters.ts
index 5c8ffc6bdde5a..e16543c99bbe4 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_converters.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_converters.ts
@@ -197,18 +197,18 @@ export const internalRuleToAPIResponse = (
     meta: rule.params.meta,
     rule_name_override: rule.params.ruleNameOverride,
     timestamp_override: rule.params.timestampOverride,
-    author: rule.params.author,
+    author: rule.params.author ?? [],
     false_positives: rule.params.falsePositives,
     from: rule.params.from,
     rule_id: rule.params.ruleId,
     max_signals: rule.params.maxSignals,
-    risk_score_mapping: rule.params.riskScoreMapping,
-    severity_mapping: rule.params.severityMapping,
+    risk_score_mapping: rule.params.riskScoreMapping ?? [],
+    severity_mapping: rule.params.severityMapping ?? [],
     threat: rule.params.threat,
     to: rule.params.to,
     references: rule.params.references,
     version: rule.params.version,
-    exceptions_list: rule.params.exceptionsList,
+    exceptions_list: rule.params.exceptionsList ?? [],
     ...typeSpecificCamelToSnake(rule.params),
   };
 };
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_schemas.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_schemas.ts
index fdf46c1e1d012..5bb8d6d6746f9 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_schemas.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/schemas/rule_schemas.ts
@@ -6,7 +6,7 @@
 
 import * as t from 'io-ts';
 
-import { listArray } from '../../../../common/detection_engine/schemas/types/lists';
+import { listArrayOrUndefined } from '../../../../common/detection_engine/schemas/types/lists';
 import {
   threat_mapping,
   threat_index,
@@ -15,7 +15,7 @@ import {
   itemsPerSearchOrUndefined,
 } from '../../../../common/detection_engine/schemas/types/threat_mapping';
 import {
-  author,
+  authorOrUndefined,
   buildingBlockTypeOrUndefined,
   description,
   enabled,
@@ -37,10 +37,10 @@ import {
   machine_learning_job_id,
   max_signals,
   risk_score,
-  risk_score_mapping,
+  riskScoreMappingOrUndefined,
   ruleNameOverrideOrUndefined,
   severity,
-  severity_mapping,
+  severityMappingOrUndefined,
   tags,
   timestampOverrideOrUndefined,
   threat,
@@ -64,7 +64,7 @@ import { SIGNALS_ID, SERVER_APP_ID } from '../../../../common/constants';
 const nonEqlLanguages = t.keyof({ kuery: null, lucene: null });
 export const baseRuleParams = t.exact(
   t.type({
-    author,
+    author: authorOrUndefined,
     buildingBlockType: buildingBlockTypeOrUndefined,
     description,
     note: noteOrUndefined,
@@ -80,16 +80,16 @@ export const baseRuleParams = t.exact(
     // maxSignals not used in ML rules but probably should be used
     maxSignals: max_signals,
     riskScore: risk_score,
-    riskScoreMapping: risk_score_mapping,
+    riskScoreMapping: riskScoreMappingOrUndefined,
     ruleNameOverride: ruleNameOverrideOrUndefined,
     severity,
-    severityMapping: severity_mapping,
+    severityMapping: severityMappingOrUndefined,
     timestampOverride: timestampOverrideOrUndefined,
     threat,
     to,
     references,
     version,
-    exceptionsList: listArray,
+    exceptionsList: listArrayOrUndefined,
   })
 );
 export type BaseRuleParams = t.TypeOf<typeof baseRuleParams>;