[Security Solution][Detections][Tech Debt] - Move to using common io-ts types #75009
Conversation
| * @param signal to cancel request | ||
| * | ||
| * @throws An error if response is not OK | ||
| */ | ||
| export const addRule = async ({ rule, signal }: AddRulesProps): Promise<NewRule> => | ||
| KibanaServices.get().http.fetch<NewRule>(DETECTION_ENGINE_RULES_URL, { | ||
| method: rule.id != null ? 'PUT' : 'POST', |
There was a problem hiding this comment.
Neither CreateRuleSchema or UpdateRuleSchema require the presence of an id so this check was no longer valid.
| @@ -325,7 +325,7 @@ export const sortFieldOrUndefined = t.union([sort_field, t.undefined]); | |||
| export type SortFieldOrUndefined = t.TypeOf<typeof sortFieldOrUndefined>; | |||
|
|
|||
| export const sort_order = t.keyof({ asc: null, desc: null }); | |||
| export type sortOrder = t.TypeOf<typeof sort_order>; | |||
| export type SortOrder = t.TypeOf<typeof sort_order>; | |||
There was a problem hiding this comment.
I think this was just a typo? Seems like all other typescript ones are uppercase.
yctercero
added
release_note:skip
|
Pinging @elastic/siem (Team:SIEM) |
| /** | ||
| * Patch provided Rule | ||
| * Patch provided rule |
There was a problem hiding this comment.
If we're going to discourage usage of patch in a certain way, we should probably limit the schema so that we can only patch the fields that we're expecting to be patched.
There was a problem hiding this comment.
That's a good call. I think it's particular to the way we built the UI (need to double check that) so maybe creating a limited schema in the front end makes sense.
There was a problem hiding this comment.
If I recall correctly, usage of patch was highly discouraged in general... so maybe worth discussing limiting on the backend too? Shouldn't block this PR, but if we could prevent someone from trying to use the API in ways that could be detrimental, I think that could be worthwhile.
There was a problem hiding this comment.
Sorry, just circling back on this PR now. I think that's definitely a good point that we should discuss. I added it to our team discussion for next week.
| signal, | ||
| }); | ||
|
|
||
| const createRuleWithValidation = async ({ rule, signal }: CreateRulesProps): Promise<RulesSchema> => |
There was a problem hiding this comment.
Is the idea that we're validating on the FE and on the BE? Does that buy us anything to be able to validate from the UI?
There was a problem hiding this comment.
@peluja1012 Any opinions on this? IMO it's simpler, more readable, and more maintainable if we only validate in one place (the backend APIs).
There was a problem hiding this comment.
We still get the benefit of using common types on both API and UI code... that buys us a lot in terms of static type consistency. Once we start doing dynamic validation though, I feel like we're starting to hit the other side of the cost/benefit curve.
There was a problem hiding this comment.
I decided to remove these here for now. I think you bring up a lot of valid points that can be addressed separately if we decide to go down that route.
| @@ -4,36 +4,7 @@ | |||
| * you may not use this file except in compliance with the Elastic License. | |||
| */ | |||
|
|
|||
| import { NewRule, FetchRulesResponse, Rule } from './types'; | |||
|
|
|||
| export const ruleMock: NewRule = { | |||
There was a problem hiding this comment.
Moving towards using the already created mocks next to the schema files.
| fetchMock.mockResolvedValue(getRulesSchemaMock()); | ||
| }); | ||
|
|
||
| test('POSTs rule', async () => { |
There was a problem hiding this comment.
The test name here says POST, but the test is checking for PUT
|
@elasticmachine merge upstream |
💚 Build SucceededBuild metrics@kbn/optimizer bundle module count
async chunks size
page load bundle size
distributable file count
History
To update your PR or re-run it, just comment with: |
…ts types (elastic#75009) ## Summary Part of the DE tech debt includes moving to use the common io-ts types in the UI. Currently, we are using some of them in some places and other times we're using the front end defined typescript types. This means that changes often have to be done on both ends, validation isn't being done at the UI boundary on request or response. Using the common types could help us avoid bugs moving forward. Obviously, there's a lot of code to touch so trying to just do it piece by piece. This PR addresses the following: - Replaced uses of `NewRule` with common type `CreateRuleSchema` and `UpdateRuleSchema`. These were being combined a bit - Split `usePersistRule` which was used for both `POST` and `PUT` into two hooks - `useCreateRule` and `useUpdateRule`. - The logic for combining these two relied on checking for the existence of an `id` - if present it would `PUT`, otherwise it would `POST`. - However, `id` is not a required property for either of these, so it's not reliable - Updated the rule edit flow to use `useUpdateRule` - Updated the rule creation flow to use `useCreateRule`
* master: (47 commits) Do not require id & description when creating a logstash pipeline (elastic#76616) Remove commented src/core/tsconfig file (elastic#76792) Replaced whitelistedHosts with allowedHosts in actions ascii docs (elastic#76731) [Dashboard First] Genericize Attribute Service (elastic#76057) [ci-metrics] unify distributable file count metrics (elastic#76448) [Security Solution][Detections] Handle conflicts on alert status update (elastic#75492) [eslint] convert to @typescript-eslint/no-unused-expressions (elastic#76471) [DOCS] Add default time range filter to advanced settings (elastic#76414) [Security Solution] Refactor NetworkTopNFlow to use Search Strategy (elastic#76249) [Dashboard] Update Index Patterns when Child Index Patterns Change (elastic#76356) [ML] Add option to Advanced Settings to set default time range filter for AD jobs (elastic#76347) Add CSM app to CODEOWNERS (elastic#76793) [Security Solution][Exceptions] - Updates exception item find sort field (elastic#76685) [Security Solution][Detections][Tech Debt] - Move to using common io-ts types (elastic#75009) [Lens] Drag dimension to replace (elastic#75895) URI encode the index names we fetch in the fetchIndices lib function. (elastic#76584) [Security Solution] Resolver retrieve entity id of documents without field mapped (elastic#76562) [Ingest Manager] validate agent route using AJV instead kbn-config-schema (elastic#76546) Updated non-dev usages of node-forge (elastic#76699) [Ingest Pipelines] Processor forms for processors K-S (elastic#75638) ...
…ts types (#75009) (#76780) ## Summary Part of the DE tech debt includes moving to use the common io-ts types in the UI. Currently, we are using some of them in some places and other times we're using the front end defined typescript types. This means that changes often have to be done on both ends, validation isn't being done at the UI boundary on request or response. Using the common types could help us avoid bugs moving forward. Obviously, there's a lot of code to touch so trying to just do it piece by piece. This PR addresses the following: - Replaced uses of `NewRule` with common type `CreateRuleSchema` and `UpdateRuleSchema`. These were being combined a bit - Split `usePersistRule` which was used for both `POST` and `PUT` into two hooks - `useCreateRule` and `useUpdateRule`. - The logic for combining these two relied on checking for the existence of an `id` - if present it would `PUT`, otherwise it would `POST`. - However, `id` is not a required property for either of these, so it's not reliable - Updated the rule edit flow to use `useUpdateRule` - Updated the rule creation flow to use `useCreateRule`
MindyRS
added
the
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Summary
Part of the DE tech debt includes moving to use the common io-ts types in the UI. Currently, we are using some of them in some places and other times we're using the front end defined typescript types. This means that changes often have to be done on both ends, validation isn't being done at the UI boundary on request or response. Using the common types could help us avoid bugs moving forward. Obviously, there's a lot of code to touch so trying to just do it piece by piece. This PR addresses the following:
NewRulewith common typeCreateRuleSchemaandUpdateRuleSchema. These were being combined a bitusePersistRulewhich was used for bothPOSTandPUTinto two hooks -useCreateRuleanduseUpdateRule.id- if present it wouldPUT, otherwise it wouldPOST.idis not a required property for either of these, so it's not reliableuseUpdateRuleuseCreateRuleAdded request and response validation for ruleEdit: decided not to do this to move this PR forward, may need more discussion as to the pros/cons of added io-ts validation in the frontPUT,POST, andPATCHTesting
Checklist