From 3d8e425f4ac3dfdc25ab395d6253d98e933f8910 Mon Sep 17 00:00:00 2001 From: Ievgen Sorokopud Date: Mon, 14 Aug 2023 18:07:16 +0200 Subject: [PATCH] [Security Solution][Skipped Test] Saved query validation error test (#163050) ## Summary Original ticket: https://github.com/elastic/kibana/issues/159060 This PR un-skips test which was disabled after the Rule Editing page [refactoring](https://github.com/elastic/kibana/pull/157749). There we stopped fields validation on page loading. To be able to show the "failed to load saved query" error on page loading we force the field validation when we failed to load a saved query. --- .../custom_saved_query_rule.cy.ts | 28 +++++++++++++++---- .../pages/rule_editing/index.tsx | 2 -- .../rules/step_define_rule/schema.tsx | 6 ++-- .../rules/step_define_rule/translations.tsx | 7 ----- .../translations/translations/fr-FR.json | 1 - .../translations/translations/ja-JP.json | 1 - .../translations/translations/zh-CN.json | 1 - 7 files changed, 26 insertions(+), 20 deletions(-) diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts index 3c43bca292602..8cb8fc2ba7576 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts +++ b/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts @@ -9,7 +9,6 @@ import { getNewRule, getSavedQueryRule } from '../../../objects/rule'; import { DEFINE_CONTINUE_BUTTON, - CUSTOM_QUERY_BAR, LOAD_QUERY_DYNAMICALLY_CHECKBOX, QUERY_BAR, } from '../../../screens/create_new_rule'; @@ -37,7 +36,7 @@ import { } from '../../../tasks/create_new_rule'; import { saveEditedRule } from '../../../tasks/edit_rule'; import { login, visit } from '../../../tasks/login'; -import { getDetails } from '../../../tasks/rule_details'; +import { assertDetailsNotExist, getDetails } from '../../../tasks/rule_details'; import { createRule } from '../../../tasks/api_calls/rules'; import { RULE_CREATION, SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; @@ -110,12 +109,29 @@ describe('Custom saved_query rules', () => { cy.get(TOASTER).should('contain', FAILED_TO_LOAD_ERROR); }); - // TODO: this error depended on the schema validation running. Can we show the error - // based on the saved query failing to load instead of relying on the schema validation? - it.skip('Shows validation error on rule edit when saved query can not be loaded', function () { + it('Shows validation error on rule edit when saved query can not be loaded', function () { editFirstRule(); - cy.get(CUSTOM_QUERY_BAR).should('contain', FAILED_TO_LOAD_ERROR); + cy.get(TOASTER).should('contain', FAILED_TO_LOAD_ERROR); + }); + + it('Allows to update saved_query rule with non-existent query', () => { + editFirstRule(); + + cy.get(LOAD_QUERY_DYNAMICALLY_CHECKBOX).should('exist'); + + cy.intercept('PUT', '/api/detection_engine/rules').as('editedRule'); + saveEditedRule(); + + cy.wait('@editedRule').then(({ response }) => { + // updated rule type shouldn't change + cy.wrap(response?.body.type).should('equal', 'saved_query'); + }); + + cy.get(DEFINE_RULE_PANEL_PROGRESS).should('not.exist'); + + assertDetailsNotExist(SAVED_QUERY_NAME_DETAILS); + assertDetailsNotExist(SAVED_QUERY_DETAILS); }); }); diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/pages/rule_editing/index.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/pages/rule_editing/index.tsx index 822a90cb0af6e..f749f63b3c5e4 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/pages/rule_editing/index.tsx +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/pages/rule_editing/index.tsx @@ -20,7 +20,6 @@ import { FormattedMessage } from '@kbn/i18n-react'; import type { FC } from 'react'; import React, { memo, useCallback, useEffect, useMemo, useRef, useState } from 'react'; import { useParams } from 'react-router-dom'; -import { noop } from 'lodash'; import type { DataViewListItem } from '@kbn/data-views-plugin/common'; import { RulePreview } from '../../../../detections/components/rules/rule_preview'; @@ -163,7 +162,6 @@ const EditRulePageComponent: FC<{ rule: Rule }> = ({ rule }) => { const { isSavedQueryLoading, savedQuery } = useGetSavedQuery({ savedQueryId: rule?.saved_id, ruleType: rule?.type, - onError: noop, }); // Since in the edit step we start with an existing rule, we assume that diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx index 968f63f58c9ff..d996ee4e49592 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx @@ -39,7 +39,6 @@ import { THREAT_MATCH_INDEX_HELPER_TEXT, THREAT_MATCH_REQUIRED, THREAT_MATCH_EMPTIES, - SAVED_QUERY_REQUIRED, } from './translations'; export const schema: FormSchema = { @@ -147,7 +146,10 @@ export const schema: FormSchema = { return undefined; } if (savedId) { - return { code: 'ERR_FIELD_MISSING', path, message: SAVED_QUERY_REQUIRED }; + // Ignore field validation error in this case. + // Instead, we show the error toast when saved query object does not exist. + // https://github.com/elastic/kibana/issues/159060 + return undefined; } const message = isEqlRule(formData.ruleType) ? EQL_QUERY_REQUIRED : CUSTOM_QUERY_REQUIRED; return { code: 'ERR_FIELD_MISSING', path, message }; diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/translations.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/translations.tsx index 28253e34550e2..12b82d427edb1 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/translations.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/translations.tsx @@ -14,13 +14,6 @@ export const CUSTOM_QUERY_REQUIRED = i18n.translate( } ); -export const SAVED_QUERY_REQUIRED = i18n.translate( - 'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.savedQueryFieldRequiredError', - { - defaultMessage: 'Failed to load the saved query. Select a new one or add a custom query.', - } -); - export const EQL_QUERY_REQUIRED = i18n.translate( 'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.eqlQueryFieldRequiredError', { diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index 720b0e8d549a2..0a41979cac1c8 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -31155,7 +31155,6 @@ "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchTitle": "Correspondance d'indicateur", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.thresholdTypeDescription": "Agrégez les résultats de recherche pour détecter à quel moment le nombre de correspondances dépasse le seuil.", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.thresholdTypeTitle": "Seuil", - "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.savedQueryFieldRequiredError": "Impossible de charger la requête enregistrée. Sélectionnez-en une nouvelle ou ajoutez une requête personnalisée.", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.SavedQueryFormRowLabel": "Requête enregistrée", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.source": "Source", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.suppressionMissingFieldsLabel": "Si un champ de suppression est manquant", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index a239b3d1e0477..806ad69f7faa3 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -31154,7 +31154,6 @@ "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchTitle": "インジケーター一致", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.thresholdTypeDescription": "クエリ結果を集約し、いつ一致数がしきい値を超えるのかを検出します。", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.thresholdTypeTitle": "しきい値", - "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.savedQueryFieldRequiredError": "保存されたクエリを読み込めませんでした。新しいクエリを選択するか、カスタムクエリを追加してください。", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.SavedQueryFormRowLabel": "保存されたクエリ", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.source": "送信元", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.suppressionMissingFieldsLabel": "抑制フィールドが欠落している場合", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index fa22bef215154..7cd9c279a468f 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -31150,7 +31150,6 @@ "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchTitle": "指标匹配", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.thresholdTypeDescription": "聚合查询结果以检测匹配数目何时超过阈值。", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.thresholdTypeTitle": "阈值", - "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.savedQueryFieldRequiredError": "无法加载已保存查询。选择新查询或添加定制查询。", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.SavedQueryFormRowLabel": "已保存查询", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.source": "源", "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.suppressionMissingFieldsLabel": "如果阻止字段缺失",