Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] add an excess validation instead of the exact match #76472

Merged
merged 8 commits into from
Sep 3, 2020
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import path, { join, resolve } from 'path';
import * as rt from 'io-ts';
import stream from 'stream';

import {
TIMELINE_DRAFT_URL,
Expand All @@ -20,8 +21,8 @@ import { requestMock } from '../../../detection_engine/routes/__mocks__';
import { updateTimelineSchema } from '../schemas/update_timelines_schema';
import { createTimelineSchema } from '../schemas/create_timelines_schema';
import { GetTimelineByIdSchemaQuery } from '../schemas/get_timeline_by_id_schema';
import { getReadables } from '../utils/common';

const readable = new stream.Readable();
export const getExportTimelinesRequest = () =>
requestMock.create({
method: 'get',
Expand All @@ -34,15 +35,20 @@ export const getExportTimelinesRequest = () =>
},
});

export const getImportTimelinesRequest = (filename?: string) =>
requestMock.create({
export const getImportTimelinesRequest = async (fileName?: string) => {
const dir = resolve(join(__dirname, '../../../detection_engine/rules/prepackaged_timelines'));
const file = fileName ?? 'index.ndjson';
const dataPath = path.join(dir, file);
const readable = await getReadables(dataPath);
return requestMock.create({
method: 'post',
path: TIMELINE_IMPORT_URL,
query: { overwrite: false },
body: {
file: { ...readable, hapi: { filename: filename ?? 'filename.ndjson' } },
file: { ...readable, hapi: { filename: file } },
},
});
};

export const inputTimeline: SavedTimeline = {
columns: [
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes
import { TIMELINE_DRAFT_URL } from '../../../../common/constants';
import { buildFrameworkRequest } from './utils/common';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
import { getDraftTimeline, resetTimeline, getTimeline, persistTimeline } from '../saved_object';
import { draftTimelineDefaults } from '../default_timeline';
import { cleanDraftTimelineSchema } from './schemas/clean_draft_timelines_schema';
Expand All @@ -26,7 +26,7 @@ export const cleanDraftTimelinesRoute = (
{
path: TIMELINE_DRAFT_URL,
validate: {
body: buildRouteValidation(cleanDraftTimelineSchema),
body: buildRouteValidationWithExcess(cleanDraftTimelineSchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { TIMELINE_URL } from '../../../../common/constants';

import { ConfigType } from '../../..';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';

import { transformError, buildSiemResponse } from '../../detection_engine/routes/utils';

Expand All @@ -31,7 +31,7 @@ export const createTimelinesRoute = (
{
path: TIMELINE_URL,
validate: {
body: buildRouteValidation(createTimelineSchema),
body: buildRouteValidationWithExcess(createTimelineSchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ describe('export timelines', () => {
const result = server.validate(request);

expect(result.badRequest.mock.calls[0][0]).toEqual(
'Invalid value "undefined" supplied to "file_name"'
'Invalid value {"id":"someId"}, excess properties: ["id"]'
);
});

Expand All @@ -110,7 +110,7 @@ describe('export timelines', () => {
const result = server.validate(request);

expect(result.badRequest.mock.calls[0][0]).toEqual(
'Invalid value "someId" supplied to "ids",Invalid value "{"ids":"someId"}" supplied to "(Partial<{ ids: (Array<string> | null) }> | null)"'
'Invalid value "someId" supplied to "ids"'
);
});
});
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import {
exportTimelinesQuerySchema,
exportTimelinesRequestBodySchema,
} from './schemas/export_timelines_schema';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
import { buildFrameworkRequest } from './utils/common';
import { SetupPlugins } from '../../../plugin';

Expand All @@ -27,8 +27,8 @@ export const exportTimelinesRoute = (
{
path: TIMELINE_EXPORT_URL,
validate: {
query: buildRouteValidation(exportTimelinesQuerySchema),
body: buildRouteValidation(exportTimelinesRequestBodySchema),
query: buildRouteValidationWithExcess(exportTimelinesQuerySchema),
body: buildRouteValidationWithExcess(exportTimelinesRequestBodySchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import { transformError, buildSiemResponse } from '../../detection_engine/routes
import { TIMELINE_DRAFT_URL } from '../../../../common/constants';
import { buildFrameworkRequest } from './utils/common';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';
import { getDraftTimeline, persistTimeline } from '../saved_object';
import { draftTimelineDefaults } from '../default_timeline';
import { getDraftTimelineSchema } from './schemas/get_draft_timelines_schema';
Expand All @@ -24,7 +24,7 @@ export const getDraftTimelinesRoute = (
{
path: TIMELINE_DRAFT_URL,
validate: {
query: buildRouteValidation(getDraftTimelineSchema),
query: buildRouteValidationWithExcess(getDraftTimelineSchema),
},
options: {
tags: ['access:securitySolution'],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import { TIMELINE_URL } from '../../../../common/constants';

import { ConfigType } from '../../..';
import { SetupPlugins } from '../../../plugin';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
import { buildRouteValidationWithExcess } from '../../../utils/build_validation/route_validation';

import { buildSiemResponse, transformError } from '../../detection_engine/routes/utils';

Expand All @@ -28,7 +28,7 @@ export const getTimelineRoute = (
router.get(
{
path: `${TIMELINE_URL}`,
validate: { query: buildRouteValidation(getTimelineByIdSchemaQuery) },
validate: { query: buildRouteValidationWithExcess(getTimelineByIdSchemaQuery) },
options: {
tags: ['access:securitySolution'],
},
Expand Down
Loading