[Security Solution][Exceptions] - Exceptions modal pt 2 #70886
Conversation
|
Some things I observed that needs to be addressed that isn't in checklist above:
|
dplumlee
force-pushed
the
exception-modal-2
branch
from
7a7d454
to
800d8b8
Compare
.../plugins/security_solution/public/common/components/exceptions/add_exception_modal/index.tsx
Outdated
Show resolved
Hide resolved
dplumlee
force-pushed
the
exception-modal-2
branch
from
ec7e94d
to
163701d
Compare
dplumlee
changed the title
|
Pinging @elastic/siem (Team:SIEM) |
|
|
||
| function doesFieldNameExist(exceptionEntry: Entry) { | ||
| return indexPatterns.fields.find(({ name }) => name === exceptionEntry.field) === undefined; | ||
| } |
There was a problem hiding this comment.
Is this named right? It looks like it seeing if there is nothing here through the check against undefined? As if it is saying "doesFieldNameNotExist"?
Some pointers/nits (nothing to hold this up), I would still suggest we follow the flow of most of the code base looking at == null rather than something as specific as undefined since == null will catch both null and undefined values. Most of the other plugins and core code base typically follow that pattern.
I would also use a .some vs. a .find() === undefined if that makes more semantic sense within arrays. Most of the times these days I rarely find a reason to use a for loop instead of one of the more semantic array methods such as .some, .every, .map, .reduce, .flat. etc.... I still sometimes need to use a .forEach or for of but I almost always use it as a last resort and try to see if there's a more semantic loop from the array that makes sense first.
Even looking above this at the loops above it, I mentally rewrite it in my mind as a series of .some() loops as it seems to be doing a series of loops looking for the first entry to become true to return true but if it cannot find it, then it returns false.
For pure functions, I would be careful of introducing functions within functions. They're harder to isolate and test vs pulling the function out and then testing outside of the original function. Since they're pure functions, I don't really worry about other people calling them if they want to as it doesn't have side effects.
Although we don't have strict linter rules around ES2015+ style fat arrows vs. function names, I would stick to one style within a file when you can and use for example the ES2015+ style.
I still recommend to define the return types within TypeScript for functions as it makes it easier to keep other maintainers from accidentally introducing a new return type by accident.
| @@ -65,7 +66,7 @@ interface AddExceptionModalProps { | |||
| nonEcsData: TimelineNonEcsData[]; | |||
| }; | |||
| onCancel: () => void; | |||
| onConfirm: () => void; | |||
| onConfirm: (didCloseAlert?: boolean) => void; | |||
There was a problem hiding this comment.
It seems from all the uses of onConfirm that the boolean argument is always present, do we need the ??
| const enrichExceptionItems = useCallback(() => { | ||
| let enriched: Array<ExceptionListItemSchema | CreateExceptionListItemSchema> = []; | ||
| enriched = | ||
| comment !== '' | ||
| ? enrichExceptionItemsWithComments(exceptionItemsToAdd, [{ comment }]) | ||
| : exceptionItemsToAdd; | ||
| if (exceptionListType === 'endpoint') { | ||
| const osTypes = alertData ? ['windows'] : ['windows', 'macos', 'linux']; | ||
| const osTypes = alertData ? retrieveAlertOsTypes() : ['windows', 'macos', 'linux']; |
There was a problem hiding this comment.
Nit: Might be able to just clean up a bit and add the alertData check within retrieveAlertOsTypes so if someone else later uses it they don't need to remember to make this check?
| @@ -248,6 +258,36 @@ describe('Exception helpers', () => { | |||
| }); | |||
| }); | |||
|
|
|||
| describe('#getEntryValue', () => { | |||
| @@ -278,27 +318,33 @@ describe('Exception helpers', () => { | |||
|
|
|||
| describe('#getOperatingSystems', () => { | |||
There was a problem hiding this comment.
Should this be formatOperatingSystems?
| const item = data.find((d) => d.field === fieldName); | ||
| if (item != null && item.value != null) { | ||
| return item.value; | ||
| } | ||
| return undefined; | ||
| return []; | ||
| }; | ||
|
|
||
| export const entryHasListType = ( | ||
| exceptionItems: Array<ExceptionListItemSchema | CreateExceptionListItemSchema> | ||
| ) => { | ||
| for (const { entries } of exceptionItems) { | ||
| for (const exceptionEntry of entries ?? []) { |
There was a problem hiding this comment.
entries gets defaulted to empty array, does Typescript show an error without the ?? [] because then I'm wondering if we missed something somewhere.
There was a problem hiding this comment.
since we type CreateExceptionListItemSchema as a potential type within the array, it's doesn't hasn't been defaulted yet
There was a problem hiding this comment.
Ah, gotcha. Is this being used to check exceptions created within the builder? If that's the case I would type it to ExceptionsBuilderExceptionItem[]. That uses ExceptionListItemBuilderSchema | CreateExceptionListItemBuilderSchema and CreateExceptionListItemBuilderSchema is
xport type CreateExceptionListItemBuilderSchema = Omit<
CreateExceptionListItemSchema,
'meta' | 'entries'
> & {
meta: { temporaryUuid: string };
entries: BuilderEntry[];
};
But I guess, that's only if it's being used in the builder.
There was a problem hiding this comment.
Nah, only being used in both versions of the exception modals so it's usually being passed that exceptionItemsToAdd we define with the same Array<ExceptionListItemSchema | CreateExceptionListItemSchema> type in component state
| @@ -323,20 +338,20 @@ export const getAlertActions = ({ | |||
| } | |||
| }, | |||
| id: 'addEndpointException', | |||
| isActionDisabled: () => !canUserCRUD || !hasIndexWrite, | |||
| isActionDisabled: () => !canUserCRUD || !hasIndexWrite || isEndpointAlert() === false, | |||
There was a problem hiding this comment.
Super nit: I see sometimes we check for falsiness using ! and other times we do === false, is there a specific reason for one over the other throughout? Same with checking for true. I think I've noticed that in the codebase when wanting to check if something exists we use != null to check for both null or undefined. That way when I see someone use ! I usually assume that value is a boolean.
| closeAddExceptionModal(); | ||
| }, [closeAddExceptionModal]); | ||
| const onAddExceptionConfirm = useCallback( | ||
| (didCloseAlert?: boolean) => { |
There was a problem hiding this comment.
Nit: I might make this explicit and remove the ?
There was a problem hiding this comment.
LGTM. Thanks for the changes! I chatted with @peluja1012 about the index/autocomplete weirdness. I don't think it's related to any of the code, but maybe it's something we can circle back on.
💚 Build SucceededBuild metrics
History
To update your PR or re-run it, just comment with: |
…11y-overlay * 'master' of github.com:elastic/kibana: (33 commits) address index templates feedback (elastic#71353) Upgrade EUI to v26.3.1 (elastic#70243) [build] Creates Linux aarch64 archive (elastic#69165) [SIEM][Detection Engine] Fixes skipped tests (elastic#71347) [SIEM][Detection Engine][Lists] Adds read_privileges route for lists and list items [kbn/optimizer] implement "requiredBundles" property of KP plugins (elastic#70911) [Security Solution][Exceptions] - Exceptions modal pt 2 (elastic#70886) [ML] DF Analytics: stop status polling when job stopped (elastic#71159) [SIEM][CASE] IBM Resilient Connector (elastic#66385) jenkins_xpack_saved_objects_field_metrics.sh expects to be run from the KIBANA_DIR in CI Deduplication of entries and items before sending to endpoint (elastic#71297) [services/remote/webdriver] fix eslint error (elastic#71346) send slack notifications on visual baseline failures fix visual regression job (elastic#70999) [Ingest Manager] Add schema to usageCollector. (elastic#71219) [ftr] use typed chromeOptions object, adding TEST_BROWSER_BINARY_PATH (elastic#71279) [Ingest Manager] Fix limited packages incorrect response (elastic#71292) Support multiple features declaring same properties (elastic#71106) [Security_Solution][Resolver]Add beta badge to Resolver panel (elastic#71183) [DOCS] Clarify trial subscription levels (elastic#70636) ...
* master: (78 commits) Bump lodash package version (elastic#71392) refactor: 💡 use allow-list in AppArch codebase (elastic#71400) improve bugfix 7198 test stability (elastic#71250) [Security Solution][Ingest Manager][Endpoint] Optional ingest manager (elastic#71198) [Metrics UI] Round metric threshold time buckets to nearest unit (elastic#71172) [Security Solution][Endpoint] Policy creation callback fixes + Improved error handling in user manifest loop (elastic#71269) [Security Solution] Allow to configure Event Renderers settings (elastic#69693) Fix a11y keyboard overlay (elastic#71214) [APM] UI text updates (elastic#71333) [Logs UI] Limit `extendDatemath` to valid ranges (elastic#71113) [SIEM] fix tooltip of notes (elastic#71342) address index templates feedback (elastic#71353) Upgrade EUI to v26.3.1 (elastic#70243) [build] Creates Linux aarch64 archive (elastic#69165) [SIEM][Detection Engine] Fixes skipped tests (elastic#71347) [SIEM][Detection Engine][Lists] Adds read_privileges route for lists and list items [kbn/optimizer] implement "requiredBundles" property of KP plugins (elastic#70911) [Security Solution][Exceptions] - Exceptions modal pt 2 (elastic#70886) [ML] DF Analytics: stop status polling when job stopped (elastic#71159) [SIEM][CASE] IBM Resilient Connector (elastic#66385) ...
MindyRS
added
the
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Summary
Part 2 of the exceptions modal feature. Adds on more functionality and tests to the exceptions modal, and switches certain patterns from a testing convention to what they will be in actual usage.
windows. It doesn’t use alert data.Alerts are generated when the….text should also appear when editing endpoint exceptionsshouldBulkCloseis trueenrichExceptionItemsfunction to the helpers file. Use it in both edit and add modal.getOperatingSystemshelper, OS should change tomacOS. Try to consolidate with the other OS helperentryHasListType[Security Solution][Exceptions] - Exception Modal Part I #70639 (comment)getMappedNonEcsValuehelper [Security Solution][Exceptions] - Exception Modal Part I #70639 (comment)Coming in Part 3
Checklist
Delete any items that are not applicable to this PR.
For maintainers