Validating detection, name and author fields for Rules Create and Upd…

…ate operations (opensearch-project#86) * rule fields validation Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> * validating imported file and content Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com> Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
riysaxen-amzn · Nov 7, 2022 · f689d3b · f689d3b
1 parent 249bb26
commit f689d3b
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 37 deletions.
diff --git a/public/pages/Rules/containers/ImportRule/ImportRule.tsx b/public/pages/Rules/containers/ImportRule/ImportRule.tsx
@@ -10,7 +10,7 @@ import { EuiButton, EuiFilePicker, EuiFlexGroup, EuiFlexItem, EuiSpacer } from '
 import { BREADCRUMBS, ROUTES } from '../../../../utils/constants';
 import { Rule } from '../../../../../models/interfaces';
 import { RouteComponentProps } from 'react-router-dom';
-import { load, safeDump } from 'js-yaml';
+import { dump, load } from 'js-yaml';
 import { ContentPanel } from '../../../../components/ContentPanel';
 import { NotificationsStart } from 'opensearch-dashboards/public';
 import { errorNotificationToast } from '../../../../utils/helpers';
@@ -34,41 +34,55 @@ export const ImportRule: React.FC<ImportRuleProps> = ({ history, services, notif
       let reader = new FileReader();
       reader.readAsText(files[0]);
       reader.onload = function () {
-        const yamlContent: any = reader.result;
-        const jsonContent = load(yamlContent);
-        let detectionYaml = '';
-        if (jsonContent.detection) {
-          try {
-            detectionYaml = safeDump(jsonContent.detection);
-          } catch (error: any) {}
-        }
+        try {
+          const yamlContent: any = reader.result;
 
-        const rule: Rule = {
-          id: '25b9c01c-350d-4b95-bed1-836d04a4f324',
-          category: '',
-          title: jsonContent.title || '',
-          description: jsonContent.description || '',
-          status: jsonContent.status || '',
-          author: jsonContent.author || '',
-          references:
-            jsonContent.references?.map((reference: string) => ({ value: reference })) || [],
-          tags: jsonContent.tags?.map((tag: string) => ({ value: tag })) || [],
-          log_source: jsonContent.logsource || '',
-          detection: detectionYaml,
-          level: jsonContent.level || '',
-          false_positives:
-            jsonContent.falsepositives?.map((falsePositive: string) => ({
-              value: falsePositive,
-            })) || [],
-        };
-        setContent(
-          <RuleEditor
-            title="Import a rule"
-            services={services}
-            FooterActions={footerActions}
-            rule={rule}
-          />
-        );
+          if (!yamlContent) {
+            setFileError('Invalid content in file');
+            return;
+          }
+
+          const jsonContent = load(yamlContent);
+
+          if (!jsonContent) {
+            setFileError('Invalid yaml content');
+            return;
+          }
+
+          let detectionYaml = '';
+          if (jsonContent.detection) {
+            detectionYaml = dump(jsonContent.detection);
+          }
+
+          const rule: Rule = {
+            id: '25b9c01c-350d-4b95-bed1-836d04a4f324',
+            category: '',
+            title: jsonContent.title || '',
+            description: jsonContent.description || '',
+            status: jsonContent.status || '',
+            author: jsonContent.author || '',
+            references:
+              jsonContent.references?.map((reference: string) => ({ value: reference })) || [],
+            tags: jsonContent.tags?.map((tag: string) => ({ value: tag })) || [],
+            log_source: jsonContent.logsource || '',
+            detection: detectionYaml,
+            level: jsonContent.level || '',
+            false_positives:
+              jsonContent.falsepositives?.map((falsePositive: string) => ({
+                value: falsePositive,
+              })) || [],
+          };
+          setContent(
+            <RuleEditor
+              title="Import a rule"
+              services={services}
+              FooterActions={footerActions}
+              rule={rule}
+            />
+          );
+        } catch (error: any) {
+          setFileError('Invalid file content');
+        }
       };
     } else {
       setFileError(files.length > 0 ? 'Only yaml files are accepted' : '');

diff --git a/public/pages/Rules/utils/helpers.tsx b/public/pages/Rules/utils/helpers.tsx
@@ -11,6 +11,8 @@ import { Search } from '@opensearch-project/oui/src/eui_components/basic_table';
 import { RuleItemInfoBase } from '../models/types';
 import { Rule } from '../../../../models/interfaces';
 import { NotificationsStart } from 'opensearch-dashboards/public';
+import { validateName } from '../../../utils/validation';
+import { dump, load } from 'js-yaml';
 
 export interface RuleTableItem {
   title: string;
@@ -112,13 +114,24 @@ export function validateRule(
 ): boolean {
   const invalidFields = [];
 
-  if (!rule.title) invalidFields.push('Rule name');
+  if (!rule.title || !validateName(rule.title))
+    invalidFields.push('Rule name (Only use letters, numbers and -, _)');
   if (!rule.category) invalidFields.push('Log type');
   if (!rule.detection) invalidFields.push('Detection');
   if (!rule.level) invalidFields.push('Rule level');
-  if (!rule.author) invalidFields.push('Author');
+  if (!rule.author || !validateName(rule.author))
+    invalidFields.push('Author (Only use letters, numbers and -, _)');
   if (!rule.status) invalidFields.push('Rule status');
 
+  if (rule.detection) {
+    try {
+      const json = load(rule.detection);
+      dump(json);
+    } catch (error: any) {
+      invalidFields.push('Detection');
+    }
+  }
+
   if (invalidFields.length > 0) {
     errorNotificationToast(
       notifications!,