Skip to content

Commit

Permalink
[Security Solution] add an excess validation instead of the exact mat…
Browse files Browse the repository at this point in the history
…ch (elastic#76472)

* add an excess validation instead of the exact match

* fix readble type + unit test

* review I

* remove buildRouteValidation to use buildRouteValidationWithExcess
  • Loading branch information
XavierM committed Sep 3, 2020
1 parent e9268ad commit 92bc6d2
Show file tree
Hide file tree
Showing 17 changed files with 442 additions and 172 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import path, { join, resolve } from 'path';
import * as rt from 'io-ts';
import stream from 'stream';

import {
TIMELINE_DRAFT_URL,
Expand All @@ -20,8 +21,8 @@ import { requestMock } from '../../../detection_engine/routes/__mocks__';
import { updateTimelineSchema } from '../schemas/update_timelines_schema';
import { createTimelineSchema } from '../schemas/create_timelines_schema';
import { GetTimelineByIdSchemaQuery } from '../schemas/get_timeline_by_id_schema';
import { getReadables } from '../utils/common';

const readable = new stream.Readable();
export const getExportTimelinesRequest = () =>
requestMock.create({
method: 'get',
Expand All @@ -34,15 +35,20 @@ export const getExportTimelinesRequest = () =>
},
});

export const getImportTimelinesRequest = (filename?: string) =>
requestMock.create({
export const getImportTimelinesRequest = async (fileName?: string) => {
const dir = resolve(join(__dirname, '../../../detection_engine/rules/prepackaged_timelines'));
const file = fileName ?? 'index.ndjson';
const dataPath = path.join(dir, file);
const readable = await getReadables(dataPath);
return requestMock.create({
method: 'post',
path: TIMELINE_IMPORT_URL,
query: { overwrite: false },
body: {
file: { ...readable, hapi: { filename: filename ?? 'filename.ndjson' } },
file: { ...readable, hapi: { filename: file } },
},
});
};

export const inputTimeline: SavedTimeline = {
columns: [
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes
import { TIMELINE_DRAFT_URL } from '../../../../common/constants';
import { buildFrameworkRequest } from './utils/common';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
import { getDraftTimeline, resetTimeline, getTimeline, persistTimeline } from '../saved_object';
import { draftTimelineDefaults } from '../default_timeline';
import { cleanDraftTimelineSchema } from './schemas/clean_draft_timelines_schema';
Expand All @@ -26,7 +26,7 @@ export const cleanDraftTimelinesRoute = (
{
path: TIMELINE_DRAFT_URL,
validate: {
body: buildRouteValidation(cleanDraftTimelineSchema),
body: buildRouteValidationWithExcess(cleanDraftTimelineSchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { TIMELINE_URL } from '../../../../common/constants';

import { ConfigType } from '../../..';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';

import { transformError, buildSiemResponse } from '../../detection_engine/routes/utils';

Expand All @@ -31,7 +31,7 @@ export const createTimelinesRoute = (
{
path: TIMELINE_URL,
validate: {
body: buildRouteValidation(createTimelineSchema),
body: buildRouteValidationWithExcess(createTimelineSchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ describe('export timelines', () => {
const result = server.validate(request);

expect(result.badRequest.mock.calls[0][0]).toEqual(
'Invalid value "undefined" supplied to "file_name"'
'Invalid value {"id":"someId"}, excess properties: ["id"]'
);
});

Expand All @@ -110,7 +110,7 @@ describe('export timelines', () => {
const result = server.validate(request);

expect(result.badRequest.mock.calls[0][0]).toEqual(
'Invalid value "someId" supplied to "ids",Invalid value "someId" supplied to "ids",Invalid value "{"ids":"someId"}" supplied to "(Partial<{ ids: (Array<string> | null) }> | null)"'
'Invalid value "someId" supplied to "ids"'
);
});
});
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import {
exportTimelinesQuerySchema,
exportTimelinesRequestBodySchema,
} from './schemas/export_timelines_schema';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
import { buildFrameworkRequest } from './utils/common';
import { SetupPlugins } from '../../../plugin';

Expand All @@ -27,8 +27,8 @@ export const exportTimelinesRoute = (
{
path: TIMELINE_EXPORT_URL,
validate: {
query: buildRouteValidation(exportTimelinesQuerySchema),
body: buildRouteValidation(exportTimelinesRequestBodySchema),
query: buildRouteValidationWithExcess(exportTimelinesQuerySchema),
body: buildRouteValidationWithExcess(exportTimelinesRequestBodySchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes
import { TIMELINE_DRAFT_URL } from '../../../../common/constants';
import { buildFrameworkRequest } from './utils/common';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
import { getDraftTimeline, persistTimeline } from '../saved_object';
import { draftTimelineDefaults } from '../default_timeline';
import { getDraftTimelineSchema } from './schemas/get_draft_timelines_schema';
Expand All @@ -24,7 +24,7 @@ export const getDraftTimelinesRoute = (
{
path: TIMELINE_DRAFT_URL,
validate: {
query: buildRouteValidation(getDraftTimelineSchema),
query: buildRouteValidationWithExcess(getDraftTimelineSchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import { TIMELINE_URL } from '../../../../common/constants';

import { ConfigType } from '../../..';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';

import { buildSiemResponse, transformError } from '../../detection_engine/routes/utils';

Expand All @@ -28,7 +28,7 @@ export const getTimelineRoute = (
router.get(
{
path: `${TIMELINE_URL}`,
validate: { query: buildRouteValidation(getTimelineByIdSchemaQuery) },
validate: { query: buildRouteValidationWithExcess(getTimelineByIdSchemaQuery) },
options: {
tags: ['access:securitySolution'],
},
Expand Down
Loading

0 comments on commit 92bc6d2

Please sign in to comment.