[8.10] [Security Solution] Prebuilt rules installation / upgrade flyo…

…ut improvements (elastic#164179) (elastic#164897)

# Backport

This will backport the following commits from `main` to `8.10`:
- [[Security Solution] Prebuilt rules installation / upgrade flyout
improvements (elastic#164179)](elastic#164179)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Nikita
Indik","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-08-25T19:47:13Z","message":"[Security
Solution] Prebuilt rules installation / upgrade flyout improvements
(elastic#164179)\n\n**Addresses:
https://github.com/elastic/kibana/issues/162334**\r\n**Base PR:
https://github.com/elastic/kibana/pull/163304**\r\n\r\n<img
width=\"1177\" alt=\"Screenshot 2023-08-24 at 04 09
07\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/73ac6726-69d4-4c46-bb16-da704a02aba5\">\r\n\r\n##
Summary\r\n\r\nThis is a follow-up refactoring and bugfix PR to improve
the prebuilt\r\nrules flyout. Base PR: elastic#163304\r\n\r\n#### Changes\r\n-
[x] Tweak UI so that it matches the design more
closely.\r\n[Design](https://www.figma.com/file/gLHm8LpTtSkAUQHrkG3RHU/%5B8.7%5D-%5BRules%5D-Rule-Immutability%2FCustomization?type=design&node-id=3563-612771&mode=design&t=yqZ6LI0vAjbir9xc-0)\r\n(external).\r\n-
[x] Rewrite preview installation and upgrade API endpoints to
respond\r\nwith `RuleResponse` instead of `DiffableRule`\r\n- [x] Revert
some changes introduced by
this\r\n[PR](https://github.com/elastic/kibana/pull/163304)\r\n- [x]
Revert exports
in\r\n`x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.ts`\r\n-
[x]
Delete\r\n`x-pack/plugins/security_solution/common/detection_engine/diffable_rule_to_rule_response.ts`\r\n-
[x] Make the data contexts unaware of any UI elements that
are\r\nconsuming them\r\n- [x] Move rendering of specialized flyout
components into to the\r\ncontext provider so that the table is unaware
of the flyout.\r\n- [x] Make \"flyoutRule\" and \"closeFlyout\" internal
to the context.\r\nComponents outside don't need to know anything about
how a rule is\r\ndisplayed. We can encapsulate this knowledge inside the
context and\r\nexpose only a generic method, like
openRulePreview(ruleId)\r\n - [x] Remove unnecessary checks after using
\"invariant\"\r\n- [x] Make sure query, timeline template and all the
other fields are\r\nshown in the flyout. Compare each rule in a flyout
with the Rule Details\r\nto ensure that all fields are in place.\r\n-
[x] Remove the enable / disable switch machine learning job UI
switch\r\nelement\r\n- [x] Add custom highlighted fields to the
flyout\r\n([comment](https://github.com/elastic/kibana/pull/163235#discussion_r1293821203))\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials.
[Docs\r\nticket](https://github.com/elastic/security-docs/issues/3798)\r\n-
[x] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)","sha":"c115f5d3d6f580b195e823c9e948f7b1daf8fddc","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection
Rules","v8.10.0","v8.11.0"],"number":164179,"url":"https://github.com/elastic/kibana/pull/164179","mergeCommit":{"message":"[Security
Solution] Prebuilt rules installation / upgrade flyout improvements
(elastic#164179)\n\n**Addresses:
https://github.com/elastic/kibana/issues/162334**\r\n**Base PR:
https://github.com/elastic/kibana/pull/163304**\r\n\r\n<img
width=\"1177\" alt=\"Screenshot 2023-08-24 at 04 09
07\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/73ac6726-69d4-4c46-bb16-da704a02aba5\">\r\n\r\n##
Summary\r\n\r\nThis is a follow-up refactoring and bugfix PR to improve
the prebuilt\r\nrules flyout. Base PR: elastic#163304\r\n\r\n#### Changes\r\n-
[x] Tweak UI so that it matches the design more
closely.\r\n[Design](https://www.figma.com/file/gLHm8LpTtSkAUQHrkG3RHU/%5B8.7%5D-%5BRules%5D-Rule-Immutability%2FCustomization?type=design&node-id=3563-612771&mode=design&t=yqZ6LI0vAjbir9xc-0)\r\n(external).\r\n-
[x] Rewrite preview installation and upgrade API endpoints to
respond\r\nwith `RuleResponse` instead of `DiffableRule`\r\n- [x] Revert
some changes introduced by
this\r\n[PR](https://github.com/elastic/kibana/pull/163304)\r\n- [x]
Revert exports
in\r\n`x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.ts`\r\n-
[x]
Delete\r\n`x-pack/plugins/security_solution/common/detection_engine/diffable_rule_to_rule_response.ts`\r\n-
[x] Make the data contexts unaware of any UI elements that
are\r\nconsuming them\r\n- [x] Move rendering of specialized flyout
components into to the\r\ncontext provider so that the table is unaware
of the flyout.\r\n- [x] Make \"flyoutRule\" and \"closeFlyout\" internal
to the context.\r\nComponents outside don't need to know anything about
how a rule is\r\ndisplayed. We can encapsulate this knowledge inside the
context and\r\nexpose only a generic method, like
openRulePreview(ruleId)\r\n - [x] Remove unnecessary checks after using
\"invariant\"\r\n- [x] Make sure query, timeline template and all the
other fields are\r\nshown in the flyout. Compare each rule in a flyout
with the Rule Details\r\nto ensure that all fields are in place.\r\n-
[x] Remove the enable / disable switch machine learning job UI
switch\r\nelement\r\n- [x] Add custom highlighted fields to the
flyout\r\n([comment](https://github.com/elastic/kibana/pull/163235#discussion_r1293821203))\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials.
[Docs\r\nticket](https://github.com/elastic/security-docs/issues/3798)\r\n-
[x] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)","sha":"c115f5d3d6f580b195e823c9e948f7b1daf8fddc"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164179","number":164179,"mergeCommit":{"message":"[Security
Solution] Prebuilt rules installation / upgrade flyout improvements
(elastic#164179)\n\n**Addresses:
https://github.com/elastic/kibana/issues/162334**\r\n**Base PR:
https://github.com/elastic/kibana/pull/163304**\r\n\r\n<img
width=\"1177\" alt=\"Screenshot 2023-08-24 at 04 09
07\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/73ac6726-69d4-4c46-bb16-da704a02aba5\">\r\n\r\n##
Summary\r\n\r\nThis is a follow-up refactoring and bugfix PR to improve
the prebuilt\r\nrules flyout. Base PR: elastic#163304\r\n\r\n#### Changes\r\n-
[x] Tweak UI so that it matches the design more
closely.\r\n[Design](https://www.figma.com/file/gLHm8LpTtSkAUQHrkG3RHU/%5B8.7%5D-%5BRules%5D-Rule-Immutability%2FCustomization?type=design&node-id=3563-612771&mode=design&t=yqZ6LI0vAjbir9xc-0)\r\n(external).\r\n-
[x] Rewrite preview installation and upgrade API endpoints to
respond\r\nwith `RuleResponse` instead of `DiffableRule`\r\n- [x] Revert
some changes introduced by
this\r\n[PR](https://github.com/elastic/kibana/pull/163304)\r\n- [x]
Revert exports
in\r\n`x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.ts`\r\n-
[x]
Delete\r\n`x-pack/plugins/security_solution/common/detection_engine/diffable_rule_to_rule_response.ts`\r\n-
[x] Make the data contexts unaware of any UI elements that
are\r\nconsuming them\r\n- [x] Move rendering of specialized flyout
components into to the\r\ncontext provider so that the table is unaware
of the flyout.\r\n- [x] Make \"flyoutRule\" and \"closeFlyout\" internal
to the context.\r\nComponents outside don't need to know anything about
how a rule is\r\ndisplayed. We can encapsulate this knowledge inside the
context and\r\nexpose only a generic method, like
openRulePreview(ruleId)\r\n - [x] Remove unnecessary checks after using
\"invariant\"\r\n- [x] Make sure query, timeline template and all the
other fields are\r\nshown in the flyout. Compare each rule in a flyout
with the Rule Details\r\nto ensure that all fields are in place.\r\n-
[x] Remove the enable / disable switch machine learning job UI
switch\r\nelement\r\n- [x] Add custom highlighted fields to the
flyout\r\n([comment](https://github.com/elastic/kibana/pull/163235#discussion_r1293821203))\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials.
[Docs\r\nticket](https://github.com/elastic/security-docs/issues/3798)\r\n-
[x] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)","sha":"c115f5d3d6f580b195e823c9e948f7b1daf8fddc"}}]}]
BACKPORT-->

Co-authored-by: Nikita Indik <[email protected]>
Co-authored-by: Patryk Kopyciński <[email protected]>

x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.ts

@@ -221,7 +221,7 @@ export const KqlQueryLanguage = t.keyof({ kuery: null, lucene: null });
 export type EqlQueryLanguage = t.TypeOf<typeof EqlQueryLanguage>;
 export const EqlQueryLanguage = t.literal('eql');
 
-export const eqlSchema = buildRuleSchemas({
+const eqlSchema = buildRuleSchemas({
   required: {
     type: t.literal('eql'),
     language: EqlQueryLanguage,
@@ -256,7 +256,7 @@ export const EqlPatchParams = eqlSchema.patch;
 // -------------------------------------------------------------------------------------------------
 // Indicator Match rule schema
 
-export const threatMatchSchema = buildRuleSchemas({
+const threatMatchSchema = buildRuleSchemas({
   required: {
     type: t.literal('threat_match'),
     query: RuleQuery,
@@ -307,7 +307,7 @@ export const ThreatMatchPatchParams = threatMatchSchema.patch;
 // -------------------------------------------------------------------------------------------------
 // Custom Query rule schema
 
-export const querySchema = buildRuleSchemas({
+const querySchema = buildRuleSchemas({
   required: {
     type: t.literal('query'),
   },
@@ -343,7 +343,7 @@ export const QueryPatchParams = querySchema.patch;
 // -------------------------------------------------------------------------------------------------
 // Saved Query rule schema
 
-export const savedQuerySchema = buildRuleSchemas({
+const savedQuerySchema = buildRuleSchemas({
   required: {
     type: t.literal('saved_query'),
     saved_id,
@@ -387,7 +387,7 @@ export const SavedQueryPatchParams = savedQuerySchema.patch;
 // -------------------------------------------------------------------------------------------------
 // Threshold rule schema
 
-export const thresholdSchema = buildRuleSchemas({
+const thresholdSchema = buildRuleSchemas({
   required: {
     type: t.literal('threshold'),
     query: RuleQuery,
@@ -422,7 +422,7 @@ export const ThresholdPatchParams = thresholdSchema.patch;
 // -------------------------------------------------------------------------------------------------
 // Machine Learning rule schema
 
-export const machineLearningSchema = buildRuleSchemas({
+const machineLearningSchema = buildRuleSchemas({
   required: {
     type: t.literal('machine_learning'),
     anomaly_threshold,
@@ -462,7 +462,7 @@ export const MachineLearningPatchParams = machineLearningSchema.patch;
 // -------------------------------------------------------------------------------------------------
 // New Terms rule schema
 
-export const newTermsSchema = buildRuleSchemas({
+const newTermsSchema = buildRuleSchemas({
   required: {
     type: t.literal('new_terms'),
     query: RuleQuery,

x-pack/plugins/security_solution/common/api/detection_engine/prebuilt_rules/review_rule_installation/review_rule_installation_route.ts

@@ -5,15 +5,15 @@
  * 2.0.
  */
 
-import type { RuleSignatureId, RuleTagArray, RuleVersion } from '../../model';
-import type { DiffableRule } from '../model';
+import type { RuleTagArray } from '../../model';
+import type { RuleResponse } from '../../model/rule_schema/rule_schemas';
 
 export interface ReviewRuleInstallationResponseBody {
   /** Aggregated info about all rules available for installation */
   stats: RuleInstallationStatsForReview;
 
   /** Info about individual rules: one object per each rule available for installation */
-  rules: RuleInstallationInfoForReview[];
+  rules: RuleResponse[];
 }
 
 export interface RuleInstallationStatsForReview {
@@ -23,8 +23,3 @@ export interface RuleInstallationStatsForReview {
   /** A union of all tags of all rules available for installation */
   tags: RuleTagArray;
 }
-
-export type RuleInstallationInfoForReview = DiffableRule & {
-  rule_id: RuleSignatureId;
-  version: RuleVersion;
-};

x-pack/plugins/security_solution/common/api/detection_engine/prebuilt_rules/review_rule_upgrade/review_rule_upgrade_route.ts

@@ -6,7 +6,8 @@
  */
 
 import type { RuleObjectId, RuleSignatureId, RuleTagArray } from '../../model';
-import type { DiffableRule, PartialRuleDiff } from '../model';
+import type { PartialRuleDiff } from '../model';
+import type { RuleResponse } from '../../model/rule_schema/rule_schemas';
 
 export interface ReviewRuleUpgradeResponseBody {
   /** Aggregated info about all rules available for upgrade */
@@ -27,8 +28,8 @@ export interface RuleUpgradeStatsForReview {
 export interface RuleUpgradeInfoForReview {
   id: RuleObjectId;
   rule_id: RuleSignatureId;
-  rule: DiffableRule;
-  target_rule: DiffableRule;
+  current_rule: RuleResponse;
+  target_rule: RuleResponse;
   diff: PartialRuleDiff;
   revision: number;
 }