From e75e3db83576a7562a8c2e1f753420f1d3ee0c6f Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Mon, 1 Mar 2021 12:09:39 -0700 Subject: [PATCH] Changes out the default arrays and adds types (#93063) ## Summary Follow up from: https://github.com/elastic/kibana/pull/92928 Removes the default arrays and adds typing to the rule schema in order to see which ones require default arrays vs. which ones can/should be defaulted as `undefined`. Updates unit tests. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- .../signals/build_bulk_body.test.ts | 21 ------------------- .../signals/build_rule.test.ts | 12 ----------- .../detection_engine/signals/build_rule.ts | 15 ++++++++----- 3 files changed, 10 insertions(+), 38 deletions(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts index 08e3335170897..362c368881b37 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts @@ -131,9 +131,6 @@ describe('buildBulkBody', () => { created_at: fakeSignalSourceHit.signal.rule?.created_at, updated_at: fakeSignalSourceHit.signal.rule?.updated_at, exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, depth: 1, }, @@ -256,9 +253,6 @@ describe('buildBulkBody', () => { created_at: fakeSignalSourceHit.signal.rule?.created_at, updated_at: fakeSignalSourceHit.signal.rule?.updated_at, exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, threshold_result: { terms: [ @@ -380,9 +374,6 @@ describe('buildBulkBody', () => { throttle: 'no_actions', threat: [], exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, depth: 1, }, @@ -494,9 +485,6 @@ describe('buildBulkBody', () => { updated_at: fakeSignalSourceHit.signal.rule?.updated_at, throttle: 'no_actions', exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, depth: 1, }, @@ -601,9 +589,6 @@ describe('buildBulkBody', () => { created_at: fakeSignalSourceHit.signal.rule?.created_at, throttle: 'no_actions', exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, depth: 1, }, @@ -707,9 +692,6 @@ describe('buildBulkBody', () => { created_at: fakeSignalSourceHit.signal.rule?.created_at, throttle: 'no_actions', exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, depth: 1, }, @@ -813,9 +795,6 @@ describe('buildBulkBody', () => { created_at: fakeSignalSourceHit.signal.rule?.created_at, throttle: 'no_actions', exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }, depth: 1, }, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts index 40cc15786392c..48e04df3704ab 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts @@ -105,9 +105,6 @@ describe('buildRule', () => { ], exceptions_list: getListArrayMock(), version: 1, - threat_filters: [], - threat_index: [], - threat_mapping: [], }; expect(rule).toEqual(expected); }); @@ -166,9 +163,6 @@ describe('buildRule', () => { created_at: rule.created_at, throttle: 'no_actions', exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }; expect(rule).toEqual(expected); }); @@ -227,9 +221,6 @@ describe('buildRule', () => { created_at: rule.created_at, throttle: 'no_actions', exceptions_list: getListArrayMock(), - threat_filters: [], - threat_index: [], - threat_mapping: [], }; expect(rule).toEqual(expected); }); @@ -292,9 +283,6 @@ describe('buildRule', () => { throttle: 'no_actions', exceptions_list: getListArrayMock(), version: 1, - threat_filters: [], - threat_index: [], - threat_mapping: [], }; expect(rule).toEqual(expected); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts index 167724836e01c..0681a5dddb127 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts @@ -64,9 +64,14 @@ export const buildRule = ({ ruleNameMapping: ruleParams.ruleNameOverride, }); - const meta = { ...ruleParams.meta, ...riskScoreMeta, ...severityMeta, ...ruleNameMeta }; + const meta: RulesSchema['meta'] = { + ...ruleParams.meta, + ...riskScoreMeta, + ...severityMeta, + ...ruleNameMeta, + }; - const rule = { + const rule: RulesSchema = { id, rule_id: ruleParams.ruleId ?? '(unknown rule_id)', actions, @@ -103,11 +108,11 @@ export const buildRule = ({ created_by: createdBy, updated_by: updatedBy, threat: ruleParams.threat ?? [], - threat_mapping: ruleParams.threatMapping ?? [], - threat_filters: ruleParams.threatFilters ?? [], + threat_mapping: ruleParams.threatMapping, + threat_filters: ruleParams.threatFilters, threat_indicator_path: ruleParams.threatIndicatorPath, threat_query: ruleParams.threatQuery, - threat_index: ruleParams.threatIndex ?? [], + threat_index: ruleParams.threatIndex, threat_language: ruleParams.threatLanguage, timestamp_override: ruleParams.timestampOverride, throttle,