[Security Solution] [Platform] Fix bug where rule form would remove index field when switching between index pattern + data view #134783
Conversation
…l / undefined in the defaultValues prop
|
@elasticmachine merge upstream |
dhurley14
changed the title
dhurley14
added
v8.4.0
Feature:Detection Rules
| @@ -200,6 +207,101 @@ describe('Custom query rules', () => { | |||
| cy.get(ALERT_GRID_CELL).contains(this.rule.name); | |||
| }); | |||
| }); | |||
| describe.skip('Custom detection rules creation with data view', () => { | |||
There was a problem hiding this comment.
Can you add a note about why these were skipped, and delete the commented code?
x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/index.tsx
Outdated
Show resolved
Hide resolved
…re adding an exception from the rule details table alerts table would not utilize the data view defined on that rule when rendering available fields to define an exception on.
…bana into fix-dataview-index-form-bug
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
| @@ -176,14 +176,29 @@ export const AddExceptionFlyout = memo(function AddExceptionFlyout({ | |||
|
|
|||
| useEffect(() => { | |||
| const fetchSingleDataView = async () => { | |||
| if (dataViewId != null && dataViewId !== '') { | |||
| const dv = await data.dataViews.get(dataViewId); | |||
| const notNullDataViewId = | |||
There was a problem hiding this comment.
Hey, I have a couple of questions here.
If I look at the type AddExceptionFlyoutProps, I seedataViewId?: string;
meaning that it can be string or undefined, but in the code, you are explicitly checking for null, does there some specific reason for that?
nit: Personally I often found it difficult to read nested ternary expressions, I maybe use for this case something like:
const notNullDataViewId = dataViewId || maybeRule?.data_view_id || null
There was a problem hiding this comment.
I agree the ternary isn't the clearest. I'll try to re-work it. Where exactly am I doing and explicit null check? Having trouble finding that. Looks like all the checks are nullish != not !== or were you referencing somewhere else?
There was a problem hiding this comment.
Oh, I get it! It was != not !== :)
| }, [data.dataViews, dataViewId, setIndexPattern]); | ||
| }, [data.dataViews, dataViewId, maybeRule?.data_view_id, setIndexPattern]); | ||
|
|
||
| const getIndexPattern = useCallback( |
There was a problem hiding this comment.
Also here, do we really need to use getIndexPattern as a function and useCallback here?
I saw that we invoke this function once, and exactly in this component render
Probably is simplier way to write this is -
const selectedIndexPattern= (dataViewId || maybeRule?.data_view_id) ? indexPattern
: indexIndexPatterns
There was a problem hiding this comment.
Pulled down and tested - just wanted to confirm that the following is all desired behavior:
- in rule creation:
- switching between data views and index patterns resets the index patterns to the default
- in rule edit:
- (rule using data views) switching from data views to index patterns and back, index patterns show up as empty and data views remains as original value
- (rule using index patterns) switching from index pattern to data views, my index pattern is back to the default index pattern
I know the original bug was that the form would blow up switching from the edit tabs and such, so definitely fixed here! Thanks for fighting through the forms code on this one.
x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts
Outdated
Show resolved
Hide resolved
|
@elasticmachine merge upstream |
Looks like some kind of flake with cypress. These tests are passing locally.. |
💛 Build succeeded, but was flakyFailed CI StepsTest Failures
Metrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: cc @dhurley14 |
There was a problem hiding this comment.
Code review LGTM! Didn't check out and test as looked like other reviewers already took care of that. Thanks for this fix @dhurley14! 🚀
Summary
Fixes: #135513
reset index field on rule form to empty array when it presents as null / undefined in the defaultValues prop.
Cypress tests were added as "skip" for now. Will work on them at a later date.
Checklist
Delete any items that are not applicable to this PR.