[SECURITY_SOLUTION] delete advanced Policy fields when they are empty #84368
Conversation
kevinlog
added
v7.11.0
release_note:skip
|
@elasticmachine merge upstream |
| break; // We are looking at a non-empty section, so we can terminate. | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
Can this be covered by testing
There was a problem hiding this comment.
yes, I can write a test case for it
| if ( | ||
| newPolicyConfig[nextPath[nextPath.length - 1]] === undefined || | ||
| newPolicyConfig[nextPath[nextPath.length - 1]] === '' || | ||
| Object.keys(newPolicyConfig[nextPath[nextPath.length - 1]] as object).length === 0 |
There was a problem hiding this comment.
I'm assuming this casting here is safe at runtime? will it always be an object if defined at this point?
There was a problem hiding this comment.
'as object' ? Shouldn't it be 'as Object' ?
There was a problem hiding this comment.
I think both work. The type error I had on this went away after I added the cast
| Object.keys(newPolicyConfig[nextPath[nextPath.length - 1]] as object).length === 0 | ||
| ) { | ||
| if (nextPath[nextPath.length - 1] === 'advanced') { | ||
| newPolicyConfig[nextPath[nextPath.length - 1]] = undefined; |
There was a problem hiding this comment.
If I'm reading this right, it seems that if the key name is advanced we keep it, but set it to undefined, but any other key we delete it. Should the advanced key also be deleted? Or does that happen when you walk the path back to the prior level?
There was a problem hiding this comment.
the UI looks for an advanced key which will be initialized to undefined to start making decisions on how to render the form. This is essentially resetting if it's completely emptied out
There was a problem hiding this comment.
i'm also a little confused about the if/else logic here; maybe more comments would be clarifying
There was a problem hiding this comment.
added more comments
| } else { | ||
| delete newPolicyConfig[nextPath[nextPath.length - 1]]; | ||
| } | ||
| newPolicyConfig = obj; |
There was a problem hiding this comment.
I see this assignment multiple times, what does it do?
There was a problem hiding this comment.
it updates the reference to the area in the config as we follow the given path. Say our path is linux.advanced.config - we start at linux and access advanced, then we need to update the reference to access config in the next iteration.
| for (let i = 0; i < path.length - 1; i++) { | ||
| if (!newPolicyConfig[path[i]]) { | ||
| newPolicyConfig[path[i]] = {} as Record<string, unknown>; | ||
| } | ||
| newPolicyConfig = newPolicyConfig[path[i]] as Record<string, unknown>; | ||
| } | ||
| newPolicyConfig[path[path.length - 1]] = value; | ||
|
|
||
| // Then, if the user is deleting the value, then we need to ensure we clean up the config. | ||
| // We delete any sections are the empty, whether that be an empty string, empty object, or undefined. |
| Object.keys(newPolicyConfig[nextPath[nextPath.length - 1]] as object).length === 0 | ||
| ) { | ||
| if (nextPath[nextPath.length - 1] === 'advanced') { | ||
| newPolicyConfig[nextPath[nextPath.length - 1]] = undefined; |
There was a problem hiding this comment.
i'm also a little confused about the if/else logic here; maybe more comments would be clarifying
…kevinlog/kibana into bug/delete-empty-advanced-policy-fields
|
@elasticmachine merge upstream |
|
expected head sha didn’t match current head ref. |
|
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: |
* master: (28 commits) [Actions] fixes bug where severity is auto selected but not applied to the action in PagerDuty (elastic#84891) Only attempt to rollover signals index if version < builtin version (elastic#84982) skip flaky suite (elastic#84978) skip lens rollup tests Add geo containment tracking alert type (elastic#84151) Changed rollup tests to use test user rather than elastic super user. (elastic#79567) skip 'should allow creation of lens xy chart' elastic#84957 [APM] Add log_level/sanitize_field_names config options to Python Agent (elastic#84810) [Maps] geo line source (elastic#76572) [data.search] Move search method inside session service and add tests (elastic#84715) skip lens drag and drop test. elastic#84941 [Ingest Node Pipelines] Integrate painless autocomplete (elastic#84554) [Lens] allow drag and drop reorder on xyChart for y dimension (elastic#84640) [Lens] Fix error when selecting the current field again (elastic#84817) [Metrics UI] Add metadata tab to node details flyout (elastic#84454) [CI] Enables APM collection (elastic#81731) [Workplace Search] Migrate Sources Schema tree (elastic#84847) Disable checking for conflicts when copying saved objects (elastic#83575) [SECURITY_SOLUTION] delete advanced Policy fields when they are empty (elastic#84368) y18n 4.0.0 -> 4.0.1 (elastic#84905) ...
Summary
Fixes #84127
In the advanced Policy UI, we need to ensure that when fields are cleared out, we delete the relevant section in the advanced fields. Further, we need to ensure that we clean up any left over nested fields.
Initially, you will see no
advancedsection in the Policy yaml in Fleet:When a user adds "false" to a field, we should see this in the Policy yaml in Fleet (note that the field added is nested):
After the user deletes the field, the path is empty, everything should be cleaned up before going to the Agent/Endpoint:
Checklist
Delete any items that are not applicable to this PR.