From 3f4e53f10a1631ecd0c40de90d918a1cc4f9ee2c Mon Sep 17 00:00:00 2001 From: Marshall Main <55718608+marshallmain@users.noreply.github.com> Date: Mon, 2 Oct 2023 13:41:33 -0700 Subject: [PATCH] [Security Solution] Migrate risk score internal APIs to versioned router (#165280) Closes https://github.com/elastic/security-team/issues/7177 --- .../risk_score/feature_status/api.ts | 1 + .../risk_score/onboarding/api/onboarding.ts | 1 + .../onboarding/api/saved_objects.ts | 4 +- .../onboarding/api/stored_scripts.ts | 2 + .../lib/risk_score/index_status/index.ts | 73 +++++++++-------- .../risk_score/indices/create_index_route.ts | 61 ++++++++------ .../indices/delete_indices_route.ts | 40 ++++----- .../onboarding/routes/install_risk_scores.ts | 60 +++++++------- .../read_prebuilt_dev_tool_content_route.ts | 82 ++++++++++--------- .../routes/create_prebuilt_saved_objects.ts | 63 +++++++------- .../routes/delete_prebuilt_saved_objects.ts | 62 +++++++------- .../stored_scripts/create_script_route.ts | 50 +++++------ .../stored_scripts/delete_script_route.ts | 46 ++++++----- .../group10/risk_engine/utils.ts | 7 +- .../tasks/api_calls/risk_scores/index.ts | 7 +- .../tasks/api_calls/risk_scores/indices.ts | 19 ++++- .../api_calls/risk_scores/saved_objects.ts | 7 +- .../api_calls/risk_scores/stored_scripts.ts | 13 ++- 18 files changed, 335 insertions(+), 263 deletions(-) diff --git a/x-pack/plugins/security_solution/public/explore/containers/risk_score/feature_status/api.ts b/x-pack/plugins/security_solution/public/explore/containers/risk_score/feature_status/api.ts index c644e6b9a0ee8..2cfaa2265f527 100644 --- a/x-pack/plugins/security_solution/public/explore/containers/risk_score/feature_status/api.ts +++ b/x-pack/plugins/security_solution/public/explore/containers/risk_score/feature_status/api.ts @@ -24,6 +24,7 @@ export const getRiskScoreIndexStatus = async (params: { RISK_SCORE_INDEX_STATUS_API_URL, { method: 'GET', + version: '1', query: { indexName, entity }, asSystemRequest: true, signal: params.signal, diff --git a/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/onboarding.ts b/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/onboarding.ts index 130d23b2df637..a8578d4d53f7e 100644 --- a/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/onboarding.ts +++ b/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/onboarding.ts @@ -41,6 +41,7 @@ export const installRiskScore = ({ }) => { return http .post(INTERNAL_RISK_SCORE_URL, { + version: '1', body: JSON.stringify(options), signal, }) diff --git a/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/saved_objects.ts b/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/saved_objects.ts index ee3ff3bb64f9c..6e5369f2337f9 100644 --- a/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/saved_objects.ts +++ b/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/saved_objects.ts @@ -66,7 +66,7 @@ export const bulkCreatePrebuiltSavedObjects = async ({ body?: Array<{ type: string; title: string; id: string; name: string }>; } > - >(prebuiltSavedObjectsBulkCreateUrl(options.templateName)) + >(prebuiltSavedObjectsBulkCreateUrl(options.templateName), { version: '1' }) .then((result) => { const response = result[options.templateName]; const error = response?.error?.message; @@ -142,7 +142,7 @@ export const bulkDeletePrebuiltSavedObjects = async ({ options: Options; }) => { const res = await http - .post(prebuiltSavedObjectsBulkDeleteUrl(options.templateName)) + .post(prebuiltSavedObjectsBulkDeleteUrl(options.templateName), { version: '1' }) .catch((e) => { notifications?.toasts?.addDanger({ title: errorMessage ?? DELETE_SAVED_OBJECTS_FAILURE, diff --git a/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/stored_scripts.ts b/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/stored_scripts.ts index d94607cdf4893..6a7fa486bc729 100644 --- a/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/stored_scripts.ts +++ b/x-pack/plugins/security_solution/public/explore/containers/risk_score/onboarding/api/stored_scripts.ts @@ -27,6 +27,7 @@ export async function createStoredScript({ }: CreateStoredScript) { const res = await http .put(RISK_SCORE_CREATE_STORED_SCRIPT, { + version: '1', body: JSON.stringify(options), signal, }) @@ -53,6 +54,7 @@ export async function deleteStoredScript({ }: DeleteStoredScript) { const res = await http .delete(RISK_SCORE_DELETE_STORED_SCRIPT, { + version: '1', body: JSON.stringify(options), signal, }) diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/index_status/index.ts b/x-pack/plugins/security_solution/server/lib/risk_score/index_status/index.ts index 698724545585d..77e47f215713a 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/index_status/index.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/index_status/index.ts @@ -14,46 +14,53 @@ import { buildSiemResponse } from '../../detection_engine/routes/utils'; import { indexStatusRequestQuery } from '../../../../common/api/risk_score'; export const getRiskScoreIndexStatusRoute = (router: SecuritySolutionPluginRouter) => { - router.get( - { + router.versioned + .get({ + access: 'internal', path: RISK_SCORE_INDEX_STATUS_API_URL, - validate: { - query: buildRouteValidation(indexStatusRequestQuery), - }, options: { tags: ['access:securitySolution', `access:${APP_ID}-entity-analytics`], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const coreContext = await context.core; - const { indexName, entity } = request.query; - try { - const newFieldName = `${entity}.risk.calculated_level`; - const res = await coreContext.elasticsearch.client.asCurrentUser.fieldCaps({ - index: indexName, - fields: newFieldName, - ignore_unavailable: true, - allow_no_indices: false, - }); - const isDeprecated = !Object.keys(res.fields).includes(newFieldName); + }) + .addVersion( + { + validate: { + request: { + query: buildRouteValidation(indexStatusRequestQuery), + }, + }, + version: '1', + }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const coreContext = await context.core; + const { indexName, entity } = request.query; + try { + const newFieldName = `${entity}.risk.calculated_level`; + const res = await coreContext.elasticsearch.client.asCurrentUser.fieldCaps({ + index: indexName, + fields: newFieldName, + ignore_unavailable: true, + allow_no_indices: false, + }); + const isDeprecated = !Object.keys(res.fields).includes(newFieldName); - return response.ok({ - body: { isDeprecated, isEnabled: true }, - }); - } catch (err) { - const error = transformError(err); - if (error.statusCode === 404) { - // index does not exist, therefore cannot be deprecated return response.ok({ - body: { isDeprecated: false, isEnabled: false }, + body: { isDeprecated, isEnabled: true }, + }); + } catch (err) { + const error = transformError(err); + if (error.statusCode === 404) { + // index does not exist, therefore cannot be deprecated + return response.ok({ + body: { isDeprecated: false, isEnabled: false }, + }); + } + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, }); } - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/indices/create_index_route.ts b/x-pack/plugins/security_solution/server/lib/risk_score/indices/create_index_route.ts index 24391b35bf4bc..22987cf563d0b 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/indices/create_index_route.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/indices/create_index_route.ts @@ -15,43 +15,50 @@ import { createIndex } from './lib/create_index'; import { createEsIndexRequestBody } from '../../../../common/api/risk_score'; export const createEsIndexRoute = (router: SecuritySolutionPluginRouter, logger: Logger) => { - router.put( - { + router.versioned + .put({ + access: 'internal', path: RISK_SCORE_CREATE_INDEX, - validate: { body: createEsIndexRequestBody }, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const { client } = (await context.core).elasticsearch; - const esClient = client.asCurrentUser; - const options = request.body; + }) + .addVersion( + { + validate: { + request: { body: createEsIndexRequestBody }, + }, + version: '1', + }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const { client } = (await context.core).elasticsearch; + const esClient = client.asCurrentUser; + const options = request.body; - try { - const result = await createIndex({ - esClient, - logger, - options, - }); - const error = result[options.index].error; + try { + const result = await createIndex({ + esClient, + logger, + options, + }); + const error = result[options.index].error; - if (error != null) { + if (error != null) { + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); + } else { + return response.ok({ body: options }); + } + } catch (e) { + const error = transformError(e); return siemResponse.error({ body: error.message, statusCode: error.statusCode, }); - } else { - return response.ok({ body: options }); } - } catch (e) { - const error = transformError(e); - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/indices/delete_indices_route.ts b/x-pack/plugins/security_solution/server/lib/risk_score/indices/delete_indices_route.ts index 9413b31765012..326963992a709 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/indices/delete_indices_route.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/indices/delete_indices_route.ts @@ -13,30 +13,32 @@ import { deleteEsIndices } from './lib/delete_indices'; import { deleteIndicesRequestBody } from '../../../../common/api/risk_score'; export const deleteEsIndicesRoute = (router: SecuritySolutionPluginRouter) => { - router.post( - { + router.versioned + .post({ + access: 'internal', path: RISK_SCORE_DELETE_INDICES, - validate: { body: deleteIndicesRequestBody }, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); + }) + .addVersion( + { validate: { request: { body: deleteIndicesRequestBody } }, version: '1' }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); - const { client } = (await context.core).elasticsearch; - const { indices } = request.body; + const { client } = (await context.core).elasticsearch; + const { indices } = request.body; - try { - await deleteEsIndices({ client, indices }); - return response.ok({ body: { deleted: indices } }); - } catch (err) { - const error = transformError(err); - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); + try { + await deleteEsIndices({ client, indices }); + return response.ok({ body: { deleted: indices } }); + } catch (err) { + const error = transformError(err); + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); + } } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/onboarding/routes/install_risk_scores.ts b/x-pack/plugins/security_solution/server/lib/risk_score/onboarding/routes/install_risk_scores.ts index dc71b70148703..f8afbbfae9365 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/onboarding/routes/install_risk_scores.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/onboarding/routes/install_risk_scores.ts @@ -23,42 +23,44 @@ export const installRiskScoresRoute = ( logger: Logger, security: SetupPlugins['security'] ) => { - router.post( - { + router.versioned + .post({ + access: 'internal', path: INTERNAL_RISK_SCORE_URL, - validate: onboardingRiskScoreRequestBody, options: { tags: ['access:securitySolution', `access:${APP_ID}-entity-analytics`], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const { riskScoreEntity } = request.body; + }) + .addVersion( + { validate: { request: onboardingRiskScoreRequestBody }, version: '1' }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const { riskScoreEntity } = request.body; - try { - const securitySolution = await context.securitySolution; + try { + const securitySolution = await context.securitySolution; - const spaceId = securitySolution?.getSpaceId(); + const spaceId = securitySolution?.getSpaceId(); - const { client } = (await context.core).elasticsearch; - const esClient = client.asCurrentUser; - const res = await installRiskScoreModule({ - esClient, - logger, - riskScoreEntity, - spaceId, - }); + const { client } = (await context.core).elasticsearch; + const esClient = client.asCurrentUser; + const res = await installRiskScoreModule({ + esClient, + logger, + riskScoreEntity, + spaceId, + }); - return response.ok({ - body: res, - }); - } catch (err) { - const error = transformError(err); - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); + return response.ok({ + body: res, + }); + } catch (err) { + const error = transformError(err); + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); + } } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_dev_tool_content/routes/read_prebuilt_dev_tool_content_route.ts b/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_dev_tool_content/routes/read_prebuilt_dev_tool_content_route.ts index 766d32456c5e3..70edd32eee584 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_dev_tool_content/routes/read_prebuilt_dev_tool_content_route.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_dev_tool_content/routes/read_prebuilt_dev_tool_content_route.ts @@ -45,50 +45,52 @@ const buildConsoleResponse = (response: KibanaResponseFactory) => new ConsoleResponseFactory(response); export const readPrebuiltDevToolContentRoute = (router: SecuritySolutionPluginRouter) => { - router.get( - { + router.versioned + .get({ + access: 'internal', path: DEV_TOOL_PREBUILT_CONTENT, - validate: readConsoleRequestBody, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildConsoleResponse(response); - const { console_id: consoleId } = request.params; - - try { - const securitySolution = await context.securitySolution; - const spaceId = securitySolution.getSpaceId(); - - const fileName = consoleMappings[consoleId] ?? null; - - if (!fileName) { - return siemResponse.error({ statusCode: 500, body: 'No such file or directory' }); + }) + .addVersion( + { validate: { request: readConsoleRequestBody }, version: '1' }, + async (context, request, response) => { + const siemResponse = buildConsoleResponse(response); + const { console_id: consoleId } = request.params; + + try { + const securitySolution = await context.securitySolution; + const spaceId = securitySolution.getSpaceId(); + + const fileName = consoleMappings[consoleId] ?? null; + + if (!fileName) { + return siemResponse.error({ statusCode: 500, body: 'No such file or directory' }); + } + + const filePath = '../console_templates'; + const dir = resolve(join(__dirname, filePath)); + + const dataPath = path.join(dir, fileName); + const template = await getReadables(dataPath); + + const riskScoreEntity = + consoleId === 'enable_host_risk_score' ? RiskScoreEntity.host : RiskScoreEntity.user; + const view = getView({ spaceId, riskScoreEntity }); + + // override the mustache.js escape function to not escape special characters + mustache.escape = (text) => text; + const output = mustache.render(template, view); + return response.ok({ body: output }); + } catch (err) { + const error = transformError(err); + + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); } - - const filePath = '../console_templates'; - const dir = resolve(join(__dirname, filePath)); - - const dataPath = path.join(dir, fileName); - const template = await getReadables(dataPath); - - const riskScoreEntity = - consoleId === 'enable_host_risk_score' ? RiskScoreEntity.host : RiskScoreEntity.user; - const view = getView({ spaceId, riskScoreEntity }); - - // override the mustache.js escape function to not escape special characters - mustache.escape = (text) => text; - const output = mustache.render(template, view); - return response.ok({ body: output }); - } catch (err) { - const error = transformError(err); - - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/create_prebuilt_saved_objects.ts b/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/create_prebuilt_saved_objects.ts index 5c0235418a241..ce65983161da1 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/create_prebuilt_saved_objects.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/create_prebuilt_saved_objects.ts @@ -23,37 +23,44 @@ export const createPrebuiltSavedObjectsRoute = ( logger: Logger, security: SetupPlugins['security'] ) => { - router.post( - { + router.versioned + .post({ + access: 'internal', path: PREBUILT_SAVED_OBJECTS_BULK_CREATE, - validate: createPrebuiltSavedObjectsRequestBody, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const { template_name: templateName } = request.params; - - const securitySolution = await context.securitySolution; - - const spaceId = securitySolution?.getSpaceId(); - - const frameworkRequest = await buildFrameworkRequest(context, security, request); - const savedObjectsClient = (await frameworkRequest.context.core).savedObjects.client; - const result = await bulkCreateSavedObjects({ - savedObjectsClient, - logger, - spaceId, - savedObjectTemplate: templateName, - }); - const error = - result?.hostRiskScoreDashboards?.error || result?.userRiskScoreDashboards?.error; - if (error != null) { - return siemResponse.error({ statusCode: error.statusCode, body: error.message }); - } else { - return response.ok({ body: result }); + }) + .addVersion( + { + validate: { + request: createPrebuiltSavedObjectsRequestBody, + }, + version: '1', + }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const { template_name: templateName } = request.params; + + const securitySolution = await context.securitySolution; + + const spaceId = securitySolution?.getSpaceId(); + + const frameworkRequest = await buildFrameworkRequest(context, security, request); + const savedObjectsClient = (await frameworkRequest.context.core).savedObjects.client; + const result = await bulkCreateSavedObjects({ + savedObjectsClient, + logger, + spaceId, + savedObjectTemplate: templateName, + }); + const error = + result?.hostRiskScoreDashboards?.error || result?.userRiskScoreDashboards?.error; + if (error != null) { + return siemResponse.error({ statusCode: error.statusCode, body: error.message }); + } else { + return response.ok({ body: result }); + } } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/delete_prebuilt_saved_objects.ts b/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/delete_prebuilt_saved_objects.ts index fc3ce460e19bb..9f2138b3c608f 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/delete_prebuilt_saved_objects.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/prebuilt_saved_objects/routes/delete_prebuilt_saved_objects.ts @@ -22,44 +22,46 @@ export const deletePrebuiltSavedObjectsRoute = ( router: SecuritySolutionPluginRouter, security: SetupPlugins['security'] ) => { - router.post( - { + router.versioned + .post({ + access: 'internal', path: PREBUILT_SAVED_OBJECTS_BULK_DELETE, - validate: deletePrebuiltSavedObjectsRequestBody, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const { template_name: templateName } = request.params; - const deleteAll = request?.body?.deleteAll; + }) + .addVersion( + { validate: { request: deletePrebuiltSavedObjectsRequestBody }, version: '1' }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const { template_name: templateName } = request.params; + const deleteAll = request?.body?.deleteAll; - try { - const securitySolution = await context.securitySolution; + try { + const securitySolution = await context.securitySolution; - const spaceId = securitySolution?.getSpaceId(); + const spaceId = securitySolution?.getSpaceId(); - const frameworkRequest = await buildFrameworkRequest(context, security, request); - const savedObjectsClient = (await frameworkRequest.context.core).savedObjects.client; + const frameworkRequest = await buildFrameworkRequest(context, security, request); + const savedObjectsClient = (await frameworkRequest.context.core).savedObjects.client; - const res = await bulkDeleteSavedObjects({ - deleteAll, - savedObjectsClient, - spaceId, - savedObjectTemplate: templateName, - }); + const res = await bulkDeleteSavedObjects({ + deleteAll, + savedObjectsClient, + spaceId, + savedObjectTemplate: templateName, + }); - return response.ok({ - body: res, - }); - } catch (err) { - const error = transformError(err); - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); + return response.ok({ + body: res, + }); + } catch (err) { + const error = transformError(err); + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); + } } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/create_script_route.ts b/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/create_script_route.ts index 86969b76461b2..e5909892071c5 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/create_script_route.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/create_script_route.ts @@ -14,37 +14,39 @@ import type { SecuritySolutionPluginRouter } from '../../../types'; import { createStoredScript } from './lib/create_script'; export const createStoredScriptRoute = (router: SecuritySolutionPluginRouter, logger: Logger) => { - router.put( - { + router.versioned + .put({ + access: 'internal', path: RISK_SCORE_CREATE_STORED_SCRIPT, - validate: { body: createStoredScriptRequestBody }, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const { client } = (await context.core).elasticsearch; - const esClient = client.asCurrentUser; - const options = request.body; + }) + .addVersion( + { validate: { request: { body: createStoredScriptRequestBody } }, version: '1' }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const { client } = (await context.core).elasticsearch; + const esClient = client.asCurrentUser; + const options = request.body; - try { - const result = await createStoredScript({ - esClient, - logger, - options, - }); + try { + const result = await createStoredScript({ + esClient, + logger, + options, + }); - const error = result[options.id].error; - if (error != null) { + const error = result[options.id].error; + if (error != null) { + return siemResponse.error({ statusCode: error.statusCode, body: error.message }); + } else { + return response.ok({ body: options }); + } + } catch (e) { + const error = transformError(e); return siemResponse.error({ statusCode: error.statusCode, body: error.message }); - } else { - return response.ok({ body: options }); } - } catch (e) { - const error = transformError(e); - return siemResponse.error({ statusCode: error.statusCode, body: error.message }); } - } - ); + ); }; diff --git a/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/delete_script_route.ts b/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/delete_script_route.ts index f355c931b8fd4..7f579b28802ec 100644 --- a/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/delete_script_route.ts +++ b/x-pack/plugins/security_solution/server/lib/risk_score/stored_scripts/delete_script_route.ts @@ -13,31 +13,33 @@ import { deleteStoredScript } from './lib/delete_script'; import { deleteStoredScriptRequestBody } from '../../../../common/api/risk_score'; export const deleteStoredScriptRoute = (router: SecuritySolutionPluginRouter) => { - router.delete( - { + router.versioned + .delete({ + access: 'internal', path: RISK_SCORE_DELETE_STORED_SCRIPT, - validate: { body: deleteStoredScriptRequestBody }, options: { tags: ['access:securitySolution'], }, - }, - async (context, request, response) => { - const siemResponse = buildSiemResponse(response); - const { client } = (await context.core).elasticsearch; - const options = request.body; - try { - await deleteStoredScript({ - client, - options, - }); - return response.ok({ body: options }); - } catch (err) { - const error = transformError(err); - return siemResponse.error({ - body: error.message, - statusCode: error.statusCode, - }); + }) + .addVersion( + { validate: { request: { body: deleteStoredScriptRequestBody } }, version: '1' }, + async (context, request, response) => { + const siemResponse = buildSiemResponse(response); + const { client } = (await context.core).elasticsearch; + const options = request.body; + try { + await deleteStoredScript({ + client, + options, + }); + return response.ok({ body: options }); + } catch (err) { + const error = transformError(err); + return siemResponse.error({ + body: error.message, + statusCode: error.statusCode, + }); + } } - } - ); + ); }; diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/risk_engine/utils.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/risk_engine/utils.ts index 48549059d0e90..7af59dfab7cf8 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/risk_engine/utils.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/risk_engine/utils.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { v4 as uuidv4 } from 'uuid'; import SuperTest from 'supertest'; import type { Client } from '@elastic/elasticsearch'; @@ -485,14 +486,14 @@ export const installLegacyRiskScore = async ({ await supertest .post('/internal/risk_score') .set('kbn-xsrf', 'true') - .set('elastic-api-version', '1') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') .send({ riskScoreEntity: 'host' }) .expect(200); await supertest .post('/internal/risk_score') .set('kbn-xsrf', 'true') - .set('elastic-api-version', '1') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') .send({ riskScoreEntity: 'user' }) .expect(200); @@ -501,6 +502,7 @@ export const installLegacyRiskScore = async ({ '/internal/risk_score/prebuilt_content/saved_objects/_bulk_create/hostRiskScoreDashboards' ) .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') .send() .expect(200); @@ -509,6 +511,7 @@ export const installLegacyRiskScore = async ({ '/internal/risk_score/prebuilt_content/saved_objects/_bulk_create/userRiskScoreDashboards' ) .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') .send() .expect(200); }; diff --git a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts index 6ed6665beb455..3047ad0090fbd 100644 --- a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { ENTITY_ANALYTICS_URL } from '../../../urls/navigation'; import { RISK_SCORE_URL } from '../../../urls/risk_score'; import { visitWithTimeRange } from '../../navigation'; @@ -298,7 +299,11 @@ export const installRiskScoreModule = () => { body: { riskScoreEntity: 'host', }, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, }) .its('status') .should('eql', 200); diff --git a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts index f31feb9229648..296a487a47f7b 100644 --- a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { INDICES_URL } from '../../../urls/risk_score'; import type { RiskScoreEntity } from '../../risk_scores/common'; import { getLatestTransformIndex, getPivotTransformIndex } from '../../risk_scores/indices'; @@ -17,7 +18,11 @@ export const createIndex = (options: { method: 'put', url: `${INDICES_URL}/create`, body: options, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, }); }; @@ -29,7 +34,11 @@ export const deleteRiskScoreIndicies = (riskScoreEntity: RiskScoreEntity, spaceI body: { indices: [getPivotTransformIndex(riskScoreEntity, spaceId)], }, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, failOnStatusCode: false, }) .then(() => { @@ -39,7 +48,11 @@ export const deleteRiskScoreIndicies = (riskScoreEntity: RiskScoreEntity, spaceI body: { indices: [getLatestTransformIndex(riskScoreEntity, spaceId)], }, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, failOnStatusCode: false, }); }); diff --git a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts index 353e52fea53aa..e87c314382e0c 100644 --- a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { RISK_SCORE_SAVED_OBJECTS_URL, SAVED_OBJECTS_URL } from '../../../urls/risk_score'; import type { RiskScoreEntity } from '../../risk_scores/common'; import { getRiskScoreTagName } from '../../risk_scores/saved_objects'; @@ -17,7 +18,11 @@ export const deleteSavedObjects = (templateName: `${RiskScoreEntity}RiskScoreDas body: { deleteAll: true, }, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, }); }; diff --git a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts index 803673f351fc5..5f2da4b1f3fb0 100644 --- a/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { STORED_SCRIPTS_URL } from '../../../urls/risk_score'; export const createStoredScript = (options: { id: string; script: {} }) => { @@ -12,7 +13,11 @@ export const createStoredScript = (options: { id: string; script: {} }) => { method: 'put', url: `${STORED_SCRIPTS_URL}/create`, body: options, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + 'elastic-api-version': '1', + }, }); }; @@ -22,7 +27,11 @@ const deleteStoredScript = (id: string) => { url: `${STORED_SCRIPTS_URL}/delete`, body: { id }, failOnStatusCode: false, - headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, }); };