-
Notifications
You must be signed in to change notification settings - Fork 8.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security Solution][Exceptions] - Update exception item comments to i…
…nclude id (#73129) ## Summary This PR is somewhat of an intermediary step. Comments on exception list items are denormalized. We initially decided that we would not add `uuid` to comments, but found that it is in fact necessary. This is intermediary in the sense that what we ideally want to have is a dedicated `comments` CRUD route. Also just note that I added a callout for when a version conflict occurs (ie: exception item was updated by someone else while a user is editing the same item). With this PR users are able to: - Create comments when creating exception list items - Add new comments on exception item update Users will currently be blocked from: - Deleting comments - Updating comments - Updating exception item if version conflict is found
- Loading branch information
Showing
41 changed files
with
702 additions
and
783 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
43 changes: 43 additions & 0 deletions
43
x-pack/plugins/lists/common/schemas/request/update_exception_list_item_validation.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License; | ||
| * you may not use this file except in compliance with the Elastic License. | ||
| */ | ||
|
|
||
| import { getUpdateExceptionListItemSchemaMock } from './update_exception_list_item_schema.mock'; | ||
| import { validateComments } from './update_exception_list_item_validation'; | ||
|
|
||
| describe('update_exception_list_item_validation', () => { | ||
| describe('#validateComments', () => { | ||
| test('it returns no errors if comments is undefined', () => { | ||
| const payload = getUpdateExceptionListItemSchemaMock(); | ||
| delete payload.comments; | ||
| const output = validateComments(payload); | ||
|
|
||
| expect(output).toEqual([]); | ||
| }); | ||
|
|
||
| test('it returns no errors if new comments are append only', () => { | ||
| const payload = getUpdateExceptionListItemSchemaMock(); | ||
| payload.comments = [ | ||
| { comment: 'Im an old comment', id: '1' }, | ||
| { comment: 'Im a new comment' }, | ||
| ]; | ||
| const output = validateComments(payload); | ||
|
|
||
| expect(output).toEqual([]); | ||
| }); | ||
|
|
||
| test('it returns error if comments are not append only', () => { | ||
| const payload = getUpdateExceptionListItemSchemaMock(); | ||
| payload.comments = [ | ||
| { comment: 'Im an old comment', id: '1' }, | ||
| { comment: 'Im a new comment modifying the order of existing comments' }, | ||
| { comment: 'Im an old comment', id: '2' }, | ||
| ]; | ||
| const output = validateComments(payload); | ||
|
|
||
| expect(output).toEqual(['item "comments" are append only']); | ||
| }); | ||
| }); | ||
| }); |
40 changes: 40 additions & 0 deletions
40
x-pack/plugins/lists/common/schemas/request/update_exception_list_item_validation.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License; | ||
| * you may not use this file except in compliance with the Elastic License. | ||
| */ | ||
|
|
||
| import { UpdateExceptionListItemSchema } from './update_exception_list_item_schema'; | ||
|
|
||
| export const validateComments = (item: UpdateExceptionListItemSchema): string[] => { | ||
| if (item.comments == null) { | ||
| return []; | ||
| } | ||
|
|
||
| const [appendOnly] = item.comments.reduce( | ||
| (acc, comment) => { | ||
| const [, hasNewComments] = acc; | ||
| if (comment.id == null) { | ||
| return [true, true]; | ||
| } | ||
|
|
||
| if (hasNewComments && comment.id != null) { | ||
| return [false, true]; | ||
| } | ||
|
|
||
| return acc; | ||
| }, | ||
| [true, false] | ||
| ); | ||
| if (!appendOnly) { | ||
| return ['item "comments" are append only']; | ||
| } else { | ||
| return []; | ||
| } | ||
| }; | ||
|
|
||
| export const updateExceptionListItemValidate = ( | ||
| schema: UpdateExceptionListItemSchema | ||
| ): string[] => { | ||
| return [...validateComments(schema)]; | ||
| }; |
Oops, something went wrong.