Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] max_signals validation follow up fixes #182591

Closed
wants to merge 64 commits into from
Closed

[Security Solution] max_signals validation follow up fixes #182591

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
64 commits
Select commit Hold shift + click to select a range
15db4e4
exposes alerting config setting and creates form compoenent
dplumlee Mar 29, 2024
af60e77
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 2, 2024
bb5a1d2
changes user-facing language to max alerts
dplumlee Apr 2, 2024
8015b84
adds tests
dplumlee Apr 2, 2024
264cdb6
updates language
dplumlee Apr 2, 2024
69dc936
adds param to one million mock constructors
dplumlee Apr 2, 2024
ca8b462
updates types
dplumlee Apr 2, 2024
d396a12
updates tests and mocks
dplumlee Apr 3, 2024
07927d1
adds type
dplumlee Apr 3, 2024
3522cb7
updates tests
dplumlee Apr 3, 2024
1a1c121
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 9, 2024
0319c94
changes logic for max validations
dplumlee Apr 9, 2024
1749631
updates tests
dplumlee Apr 9, 2024
19ebcf0
adds warning state
dplumlee Apr 10, 2024
813c807
reset config value
dplumlee Apr 10, 2024
00e942a
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 11, 2024
cd4eb47
adds max_signals rule execution logic
dplumlee Apr 12, 2024
5ad1b65
updates tests and types
dplumlee Apr 12, 2024
ff4b232
adds cypress tests
dplumlee Apr 12, 2024
2053068
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 15, 2024
bec6bf7
updates test attributes
dplumlee Apr 15, 2024
aadde40
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 15, 2024
34588b2
updates warning design
dplumlee Apr 16, 2024
61fbdc1
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 16, 2024
7aaa62a
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 16, 2024
3e749f6
updates language
dplumlee Apr 16, 2024
bd01d55
updates attribute
dplumlee Apr 16, 2024
aa2c565
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 17, 2024
975490e
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 22, 2024
25c05e3
addresses comments
dplumlee Apr 22, 2024
b47deff
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 22, 2024
e709722
fixes execution logic
dplumlee Apr 22, 2024
9886913
strips out no longer needed rulesClient param
dplumlee Apr 22, 2024
89bd1e7
adds defaultable import export tests
dplumlee Apr 23, 2024
304db6f
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 24, 2024
db88782
addresses comments
dplumlee Apr 24, 2024
dd0a87e
updates tests
dplumlee Apr 24, 2024
bedbd7d
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 25, 2024
f400f99
changes defaulting logic one last time
dplumlee Apr 25, 2024
8add109
updates integration tests to match unified method
dplumlee Apr 25, 2024
e4e8af5
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 26, 2024
54b8041
fixes spelling mistakes
dplumlee Apr 26, 2024
ad64d19
addresses response ops changes
dplumlee Apr 26, 2024
1cb02a2
fixes test
dplumlee Apr 27, 2024
259d52e
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 29, 2024
bcca901
addresses comments
dplumlee Apr 30, 2024
346e10e
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee Apr 30, 2024
ce2f06e
adds test
dplumlee Apr 30, 2024
940f925
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 1, 2024
92d3ed2
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 1, 2024
b1ce138
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
995462b
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
69f4b87
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
dad1f8d
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
9244392
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
8d02476
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
d0e0432
Merge remote-tracking branch 'upstream/main' into max-signals-field-f…
dplumlee May 2, 2024
18a724f
Merge branch 'main' into max-signals-field-form-component
jpdjere May 3, 2024
0b71b77
Fix handling of 0 in form
jpdjere May 3, 2024
07d81e6
Added tests for form validation
jpdjere May 3, 2024
c850892
Remove empty line
jpdjere May 3, 2024
3df83f2
Cleans up Zod error message
jpdjere May 3, 2024
e37369f
Clean up zod error message
jpdjere May 3, 2024
96eb928
Merge branch 'main' into max-signals-follow-up-fixes
jpdjere May 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .../security_solution/common/api/detection_engine/model/rule_schema/common_attributes.gen.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,7 @@ export type AlertsIndexNamespace = z.infer<typeof AlertsIndexNamespace>;
export const AlertsIndexNamespace = z.string();

export type MaxSignals = z.infer<typeof MaxSignals>;
export const MaxSignals = z.number().int().min(1);
export const MaxSignals = z.number().int().min(1).max(1000);

export type ThreatSubtechnique = z.infer<typeof ThreatSubtechnique>;
export const ThreatSubtechnique = z.object({
Expand Down
13 changes: 13 additions & 0 deletions ...curity_solution/common/api/detection_engine/model/rule_schema/rule_request_schema.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -483,6 +483,19 @@ describe('rules schema', () => {
);
});

test('max_signals cannot be greater than 1000', () => {
const payload: RuleCreateProps = {
...getCreateRulesSchemaMock(),
max_signals: 1001,
};

const result = RuleCreateProps.safeParse(payload);
expectParseError(result);
expect(stringifyZodError(result.error)).toEqual(
'max_signals: Number must be less than or equal to 1000'
);
});

test('max_signals can be 1', () => {
const payload: RuleCreateProps = {
...getCreateRulesSchemaMock(),
Expand Down
11 changes: 10 additions & 1 deletion x-pack/plugins/security_solution/public/common/hooks/use_app_toasts.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,11 @@ export const appErrorToErrorStack = (error: AppError): Error => {
: '';
const stringifiedError = getStringifiedStack(error);
const adaptedError = new Error(
`${String(error.body.message).trim() !== '' ? error.body.message : error.message} ${statusCode}`
postprocessErrorString(
`${
String(error.body.message).trim() !== '' ? error.body.message : error.message
} ${statusCode}`
)
);
// Note although all the Typescript typings say that error.name is a string and exists, we still can encounter an undefined so we
// do an extra guard here and default to empty string if it is undefined
Expand Down Expand Up @@ -239,3 +243,8 @@ export const isEmptyObjectWhenStringified = (item: unknown): boolean => {
return false;
}
};

function postprocessErrorString(str: string): string {
// Remove the `[request body]` prefix added by Zod for request validation errors
return str.replace(/\[request body\]:/g, '');
}