Skip to content

Commit

Permalink
[Security Solution] Prebuilt rules installation / upgrade flyout impr…
Browse files Browse the repository at this point in the history
…ovements (#164179)

**Addresses: #162334
**Base PR: #163304

<img width="1177" alt="Screenshot 2023-08-24 at 04 09 07"
src="https://github.com/elastic/kibana/assets/15949146/73ac6726-69d4-4c46-bb16-da704a02aba5">

## Summary

This is a follow-up refactoring and bugfix PR to improve the prebuilt
rules flyout. Base PR: #163304

#### Changes
- [x] Tweak UI so that it matches the design more closely.
[Design](https://www.figma.com/file/gLHm8LpTtSkAUQHrkG3RHU/%5B8.7%5D-%5BRules%5D-Rule-Immutability%2FCustomization?type=design&node-id=3563-612771&mode=design&t=yqZ6LI0vAjbir9xc-0)
(external).
- [x] Rewrite preview installation and upgrade API endpoints to respond
with `RuleResponse` instead of `DiffableRule`
- [x] Revert some changes introduced by this
[PR](#163304)
- [x] Revert exports in
`x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.ts`
- [x] Delete
`x-pack/plugins/security_solution/common/detection_engine/diffable_rule_to_rule_response.ts`
- [x] Make the data contexts unaware of any UI elements that are
consuming them
- [x] Move rendering of specialized flyout components into to the
context provider so that the table is unaware of the flyout.
- [x] Make "flyoutRule" and "closeFlyout" internal to the context.
Components outside don't need to know anything about how a rule is
displayed. We can encapsulate this knowledge inside the context and
expose only a generic method, like openRulePreview(ruleId)
 - [x] Remove unnecessary checks after using "invariant"
- [x] Make sure query, timeline template and all the other fields are
shown in the flyout. Compare each rule in a flyout with the Rule Details
to ensure that all fields are in place.
- [x] Remove the enable / disable switch machine learning job UI switch
element
- [x] Add custom highlighted fields to the flyout
([comment](#163235 (comment)))

### Checklist

Delete any items that are not applicable to this PR.

- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials. [Docs
ticket](elastic/security-docs#3798)
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)

(cherry picked from commit c115f5d)

# Conflicts:
#	x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/review_rule_installation/review_rule_installation_route.ts
  • Loading branch information
nikitaindik committed Aug 26, 2023
1 parent 681661d commit bb89f90
Show file tree
Hide file tree
Showing 29 changed files with 536 additions and 685 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ export const KqlQueryLanguage = t.keyof({ kuery: null, lucene: null });
export type EqlQueryLanguage = t.TypeOf<typeof EqlQueryLanguage>;
export const EqlQueryLanguage = t.literal('eql');

export const eqlSchema = buildRuleSchemas({
const eqlSchema = buildRuleSchemas({
required: {
type: t.literal('eql'),
language: EqlQueryLanguage,
Expand Down Expand Up @@ -256,7 +256,7 @@ export const EqlPatchParams = eqlSchema.patch;
// -------------------------------------------------------------------------------------------------
// Indicator Match rule schema

export const threatMatchSchema = buildRuleSchemas({
const threatMatchSchema = buildRuleSchemas({
required: {
type: t.literal('threat_match'),
query: RuleQuery,
Expand Down Expand Up @@ -307,7 +307,7 @@ export const ThreatMatchPatchParams = threatMatchSchema.patch;
// -------------------------------------------------------------------------------------------------
// Custom Query rule schema

export const querySchema = buildRuleSchemas({
const querySchema = buildRuleSchemas({
required: {
type: t.literal('query'),
},
Expand Down Expand Up @@ -343,7 +343,7 @@ export const QueryPatchParams = querySchema.patch;
// -------------------------------------------------------------------------------------------------
// Saved Query rule schema

export const savedQuerySchema = buildRuleSchemas({
const savedQuerySchema = buildRuleSchemas({
required: {
type: t.literal('saved_query'),
saved_id,
Expand Down Expand Up @@ -387,7 +387,7 @@ export const SavedQueryPatchParams = savedQuerySchema.patch;
// -------------------------------------------------------------------------------------------------
// Threshold rule schema

export const thresholdSchema = buildRuleSchemas({
const thresholdSchema = buildRuleSchemas({
required: {
type: t.literal('threshold'),
query: RuleQuery,
Expand Down Expand Up @@ -422,7 +422,7 @@ export const ThresholdPatchParams = thresholdSchema.patch;
// -------------------------------------------------------------------------------------------------
// Machine Learning rule schema

export const machineLearningSchema = buildRuleSchemas({
const machineLearningSchema = buildRuleSchemas({
required: {
type: t.literal('machine_learning'),
anomaly_threshold,
Expand Down Expand Up @@ -462,7 +462,7 @@ export const MachineLearningPatchParams = machineLearningSchema.patch;
// -------------------------------------------------------------------------------------------------
// New Terms rule schema

export const newTermsSchema = buildRuleSchemas({
const newTermsSchema = buildRuleSchemas({
required: {
type: t.literal('new_terms'),
query: RuleQuery,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,15 @@
* 2.0.
*/

import type { RuleSignatureId, RuleTagArray, RuleVersion } from '../../model';
import type { DiffableRule } from '../model';
import type { RuleTagArray } from '../../model';
import type { RuleResponse } from '../../model/rule_schema/rule_schemas';

export interface ReviewRuleInstallationResponseBody {
/** Aggregated info about all rules available for installation */
stats: RuleInstallationStatsForReview;

/** Info about individual rules: one object per each rule available for installation */
rules: RuleInstallationInfoForReview[];
rules: RuleResponse[];
}

export interface RuleInstallationStatsForReview {
Expand All @@ -23,8 +23,3 @@ export interface RuleInstallationStatsForReview {
/** A union of all tags of all rules available for installation */
tags: RuleTagArray;
}

export type RuleInstallationInfoForReview = DiffableRule & {
rule_id: RuleSignatureId;
version: RuleVersion;
};
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,8 @@
*/

import type { RuleObjectId, RuleSignatureId, RuleTagArray } from '../../model';
import type { DiffableRule, PartialRuleDiff } from '../model';
import type { PartialRuleDiff } from '../model';
import type { RuleResponse } from '../../model/rule_schema/rule_schemas';

export interface ReviewRuleUpgradeResponseBody {
/** Aggregated info about all rules available for upgrade */
Expand All @@ -27,8 +28,8 @@ export interface RuleUpgradeStatsForReview {
export interface RuleUpgradeInfoForReview {
id: RuleObjectId;
rule_id: RuleSignatureId;
rule: DiffableRule;
target_rule: DiffableRule;
current_rule: RuleResponse;
target_rule: RuleResponse;
diff: PartialRuleDiff;
revision: number;
}
Loading

0 comments on commit bb89f90

Please sign in to comment.