-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solutions][Detections] - Fix exception list table referential deletion #87231
Conversation
Tangential to this PR, but just commenting since I saw it in testing, but the I remember seeing a similar issue way back when with the Also, looks like that |
...ists/server/scripts/exception_lists/new/references/exception_list_item_1_non_value_list.json
Show resolved
Hide resolved
..._solution/public/detections/pages/detection_engine/rules/all/exceptions/exceptions_table.tsx
Show resolved
Hide resolved
...urity_solution/public/detections/pages/detection_engine/rules/all/exceptions/translations.ts
Outdated
Show resolved
Hide resolved
...urity_solution/public/detections/pages/detection_engine/rules/all/exceptions/translations.ts
Outdated
Show resolved
Hide resolved
..._solution/public/detections/pages/detection_engine/rules/all/exceptions/exceptions_table.tsx
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked out, tested locally, and performed code review -- LGTM! 👍 All worked as expected (thanks for the setup scripts! :), and even hairy corner cases like starting to delete an exception list with multiple references, then wiping out one of the referenced Rules in another tab worked as expected. Thanks @yctercero! 🙂
Pinging @elastic/siem (Team:SIEM) |
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]Async chunks
Distributable file count
History
To update your PR or re-run it, just comment with: |
…al deletion (elastic#87231) ### Summary This PR concentrates on fixing the deletion on the exceptions list table view. This fix is intermediary and a more thorough, backend solution is needed. Currently, if you delete an exception list, it deletes the exception list SO, but does not remove references to it from rules. This PR allows for a quick fix conducting this logic client side.
…al deletion (elastic#87231) ### Summary This PR concentrates on fixing the deletion on the exceptions list table view. This fix is intermediary and a more thorough, backend solution is needed. Currently, if you delete an exception list, it deletes the exception list SO, but does not remove references to it from rules. This PR allows for a quick fix conducting this logic client side.
…al deletion (#87231) (#87357) ### Summary This PR concentrates on fixing the deletion on the exceptions list table view. This fix is intermediary and a more thorough, backend solution is needed. Currently, if you delete an exception list, it deletes the exception list SO, but does not remove references to it from rules. This PR allows for a quick fix conducting this logic client side.
…al deletion (#87231) (#87358) ### Summary This PR concentrates on fixing the deletion on the exceptions list table view. This fix is intermediary and a more thorough, backend solution is needed. Currently, if you delete an exception list, it deletes the exception list SO, but does not remove references to it from rules. This PR allows for a quick fix conducting this logic client side.
Summary
This PR concentrates on fixing the deletion on the exceptions list table view. This fix is intermediary and a more thorough, backend solution is needed. Currently, if you delete an exception list, it deletes the exception list SO, but does not remove references to it from rules. This PR allows for a quick fix conducting this logic client side. This is not ideal as we want to provide referential integrity api side. The current logic is as follows upon hitting "delete" on the exceptions list table:
deleteExceptionList
calledTesting
To test, navigate to the lists plugins scripts and run the following to create 3 exception lists:
Take note of the
id
s of the lists created above. You'll need to add the exception listid
s to the files noted in the below script for creating the rules. Navigate to the detections plugins scripts and run the following to create 2 rules that make reference to the newly created exception lists:Additional notes:
Screenshots
Modal shown when references exist
Error shown if rule patch error occurs during reference deletion
Checklist