-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security Solution][Endpoint] Allow wildcard in trusted app paths (#9…
…7623) (#98749) * show operator dropdown for path field refs elastic/security-team/issues/543 * update translation to use consistent values refs elastic/security-team/issues/543 * update schema to validate path values refs elastic/security-team/issues/543 * add tests for field and operator values refs elastic/security-team/issues/543 * review changes refs elastic/security-team/issues/543 * update schema to enforce dropdown validation for PATH field refs elastic/security-team/issues/543 * add tests for schema updates refs 1deab39 refs elastic/security-team/issues/543 * optimise dropdown list for re-renders refs elastic/security-team/issues/543 * align input fields and keep alignments when resized refs elastic/security-team/issues/543 * correctly enter operator data on trusted app CRUD refs elastic/security-team/issues/543 * update tests refs 2ac56ee refs elastic/security-team/issues/543 * remove redundant code review changes * better type assertion review changes * move operator options out of component - these do not depend on component props and thus no need to have it within a useMemo callback. - review changes * derive keys from operator entry field review changes * update type * use custom styles for aligning input fields review changes * add a custom type for trusted_apps operator undo changes from list plugin and server/lib/detection_engine refs 2ac56ee refs elastic/security-team/issues/543 * add wildcard entry type refs elastic/security-team/issues/543 refs #97623 (review) * use the new entry type refs elastic/security-team/issues/543 refs #97623 (review) * update tests refs elastic/security-team/issues/543 refs #97623 (review) * update name for wildcard type so that it can be used also for cased inputs refs elastic/security-team/issues/543 refs f9cb7ed * update artifacts to support wildcard entries refs elastic/security-team/issues/543 * add tests for list schemas refs f9cb7ed refs elastic/security-team/issues/543 * add placeholders for path values review changes /pull/97623#discussion_r620617999 * ignore type check for now * add type assertion refs 284352e * remove unnecessary test refs 2ac56ee * fix types refs f9cb7ed refs b3f5dc4 * add a note to entries review changes refs dbd3532 * remove redundant type assertions review changes refs bcf615a refs b3f5dc4 * move placeholder text logic to utils review changes /pull/97623#discussion_r621673881 refs 6f2d0d7 * pass the style as prop review changes * update api doc CI check suggestion * make placeholderText a function expression review suggestion /pull/97623/commits/2dc4fd390cf5ea0e4fa67b3f5fc2561cbb29555e * use semantic names for functions refs 330731e Co-authored-by: Kibana Machine <[email protected]> # Conflicts: # api_docs/security_solution.json
- Loading branch information
1 parent
6ab2912
commit ed51d31
Showing
30 changed files
with
678 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
21 changes: 21 additions & 0 deletions
21
x-pack/plugins/lists/common/schemas/types/endpoint/entry_match_wildcard.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import * as t from 'io-ts'; | ||
|
||
import { NonEmptyString } from '../../../shared_imports'; | ||
import { operatorIncluded } from '../../common/schemas'; | ||
|
||
export const endpointEntryMatchWildcard = t.exact( | ||
t.type({ | ||
field: NonEmptyString, | ||
operator: operatorIncluded, | ||
type: t.keyof({ wildcard: null }), | ||
value: NonEmptyString, | ||
}) | ||
); | ||
export type EndpointEntryMatchWildcard = t.TypeOf<typeof endpointEntryMatchWildcard>; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
22 changes: 22 additions & 0 deletions
22
x-pack/plugins/lists/common/schemas/types/entry_match_wildcard.mock.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { ENTRY_VALUE, FIELD, OPERATOR, WILDCARD } from '../../constants.mock'; | ||
|
||
import { EntryMatchWildcard } from './entry_match_wildcard'; | ||
|
||
export const getEntryMatchWildcardMock = (): EntryMatchWildcard => ({ | ||
field: FIELD, | ||
operator: OPERATOR, | ||
type: WILDCARD, | ||
value: ENTRY_VALUE, | ||
}); | ||
|
||
export const getEntryMatchWildcardExcludeMock = (): EntryMatchWildcard => ({ | ||
...getEntryMatchWildcardMock(), | ||
operator: 'excluded', | ||
}); |
106 changes: 106 additions & 0 deletions
106
x-pack/plugins/lists/common/schemas/types/entry_match_wildcard.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { pipe } from 'fp-ts/lib/pipeable'; | ||
import { left } from 'fp-ts/lib/Either'; | ||
|
||
import { foldLeftRight, getPaths } from '../../shared_imports'; | ||
|
||
import { getEntryMatchWildcardMock } from './entry_match_wildcard.mock'; | ||
import { EntryMatchWildcard, entriesMatchWildcard } from './entry_match_wildcard'; | ||
|
||
describe('entriesMatchWildcard', () => { | ||
test('it should validate an entry', () => { | ||
const payload = getEntryMatchWildcardMock(); | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual([]); | ||
expect(message.schema).toEqual(payload); | ||
}); | ||
|
||
test('it should validate when operator is "included"', () => { | ||
const payload = getEntryMatchWildcardMock(); | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual([]); | ||
expect(message.schema).toEqual(payload); | ||
}); | ||
|
||
test('it should validate when "operator" is "excluded"', () => { | ||
const payload = getEntryMatchWildcardMock(); | ||
payload.operator = 'excluded'; | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual([]); | ||
expect(message.schema).toEqual(payload); | ||
}); | ||
|
||
test('it should FAIL validation when "field" is empty string', () => { | ||
const payload: Omit<EntryMatchWildcard, 'field'> & { field: string } = { | ||
...getEntryMatchWildcardMock(), | ||
field: '', | ||
}; | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "field"']); | ||
expect(message.schema).toEqual({}); | ||
}); | ||
|
||
test('it should FAIL validation when "value" is not string', () => { | ||
const payload: Omit<EntryMatchWildcard, 'value'> & { value: string[] } = { | ||
...getEntryMatchWildcardMock(), | ||
value: ['some value'], | ||
}; | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual([ | ||
'Invalid value "["some value"]" supplied to "value"', | ||
]); | ||
expect(message.schema).toEqual({}); | ||
}); | ||
|
||
test('it should FAIL validation when "value" is empty string', () => { | ||
const payload: Omit<EntryMatchWildcard, 'value'> & { value: string } = { | ||
...getEntryMatchWildcardMock(), | ||
value: '', | ||
}; | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "value"']); | ||
expect(message.schema).toEqual({}); | ||
}); | ||
|
||
test('it should FAIL validation when "type" is not "wildcard"', () => { | ||
const payload: Omit<EntryMatchWildcard, 'type'> & { type: string } = { | ||
...getEntryMatchWildcardMock(), | ||
type: 'match', | ||
}; | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual(['Invalid value "match" supplied to "type"']); | ||
expect(message.schema).toEqual({}); | ||
}); | ||
|
||
test('it should strip out extra keys', () => { | ||
const payload: EntryMatchWildcard & { | ||
extraKey?: string; | ||
} = getEntryMatchWildcardMock(); | ||
payload.extraKey = 'some value'; | ||
const decoded = entriesMatchWildcard.decode(payload); | ||
const message = pipe(decoded, foldLeftRight); | ||
|
||
expect(getPaths(left(message.errors))).toEqual([]); | ||
expect(message.schema).toEqual(getEntryMatchWildcardMock()); | ||
}); | ||
}); |
21 changes: 21 additions & 0 deletions
21
x-pack/plugins/lists/common/schemas/types/entry_match_wildcard.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import * as t from 'io-ts'; | ||
|
||
import { NonEmptyString } from '../../shared_imports'; | ||
import { operator } from '../common/schemas'; | ||
|
||
export const entriesMatchWildcard = t.exact( | ||
t.type({ | ||
field: NonEmptyString, | ||
operator, | ||
type: t.keyof({ wildcard: null }), | ||
value: NonEmptyString, | ||
}) | ||
); | ||
export type EntryMatchWildcard = t.TypeOf<typeof entriesMatchWildcard>; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.