apply comments + refactor useAlertSuppression

elastic · Jan 23, 2024 · 055475d · 055475d
1 parent 665e1cb
commit 055475d
Show file tree

Hide file tree

Showing 6 changed files with 91 additions and 105 deletions.
diff --git a/...y_solution/public/detection_engine/rule_creation_ui/components/step_define_rule/index.tsx b/...y_solution/public/detection_engine/rule_creation_ui/components/step_define_rule/index.tsx
@@ -88,7 +88,7 @@ import { AlertSuppressionMissingFieldsStrategyEnum } from '../../../../../common
 import { DurationInput } from '../duration_input';
 import { MINIMUM_LICENSE_FOR_SUPPRESSION } from '../../../../../common/detection_engine/constants';
 import { useUpsellingMessage } from '../../../../common/hooks/use_upselling';
-import { useIsExperimentalFeatureEnabled } from '../../../../common/hooks/use_experimental_features';
+import { useAlertSuppression } from '../../../rule_management/hooks/use_alert_suppression';
 
 const CommonUseField = getUseField({ component: Field });
 
@@ -178,6 +178,7 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
   thresholdFields,
   enableThresholdSuppression,
 }) => {
+  const { isSuppressionEnabled } = useAlertSuppression(ruleType);
   const mlCapabilities = useMlCapabilities();
   const [openTimelineSearch, setOpenTimelineSearch] = useState(false);
   const [indexModified, setIndexModified] = useState(false);
@@ -186,10 +187,6 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
 
   const esqlQueryRef = useRef<DefineStepRule['queryBar'] | undefined>(undefined);
 
-  const isAlertSuppressionForIndicatorMatchRuleEnabled = useIsExperimentalFeatureEnabled(
-    'alertSuppressionForIndicatorMatchRuleEnabled'
-  );
-
   const isAlertSuppressionLicenseValid = license.isAtLeast(MINIMUM_LICENSE_FOR_SUPPRESSION);
 
   const isThresholdRule = getIsThresholdRule(ruleType);
@@ -813,11 +810,6 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
     [isUpdateView, mlCapabilities]
   );
 
-  const isAlertSuppressionEnabled =
-    isQueryRule(ruleType) ||
-    isThresholdRule ||
-    (isAlertSuppressionForIndicatorMatchRuleEnabled && isThreatMatchRule(ruleType));
-
   return (
     <>
       <StepContentWrapper addPadding={!isUpdateView}>
@@ -989,7 +981,7 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
           </RuleTypeEuiFormRow>
 
           <EuiSpacer size="m" />
-          <RuleTypeEuiFormRow $isVisible={isAlertSuppressionEnabled && isThresholdRule} fullWidth>
+          <RuleTypeEuiFormRow $isVisible={isSuppressionEnabled && isThresholdRule} fullWidth>
             <EuiToolTip content={alertSuppressionUpsellingMessage} position="right">
               <CommonUseField
                 path="enableThresholdSuppression"
@@ -1006,7 +998,7 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
           </RuleTypeEuiFormRow>
 
           <RuleTypeEuiFormRow
-            $isVisible={isAlertSuppressionEnabled && !isThresholdRule}
+            $isVisible={isSuppressionEnabled && !isThresholdRule}
             data-test-subj="alertSuppressionInput"
           >
             <UseField
@@ -1021,7 +1013,7 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
           </RuleTypeEuiFormRow>
 
           <IntendedRuleTypeEuiFormRow
-            $isVisible={isAlertSuppressionEnabled}
+            $isVisible={isSuppressionEnabled}
             data-test-subj="alertSuppressionDuration"
           >
             <UseMultiFields
@@ -1043,7 +1035,7 @@ const StepDefineRuleComponent: FC<StepDefineRuleProps> = ({
 
           <IntendedRuleTypeEuiFormRow
             // threshold rule does not have this suppression configuration
-            $isVisible={isAlertSuppressionEnabled && !isThresholdRule}
+            $isVisible={isSuppressionEnabled && !isThresholdRule}
             data-test-subj="alertSuppressionMissingFields"
             label={
               <span>

diff --git a/...blic/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx b/...blic/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx
@@ -54,7 +54,7 @@ import { TechnicalPreviewBadge } from '../../../../common/components/technical_p
 import { BadgeList } from './badge_list';
 import { DEFAULT_DESCRIPTION_LIST_COLUMN_WIDTHS } from './constants';
 import * as i18n from './translations';
-import { useAlertSuppression } from './use_alert_suppression';
+import { useAlertSuppression } from '../../hooks/use_alert_suppression';
 
 interface SavedQueryNameProps {
   savedQueryName: string;
@@ -738,7 +738,7 @@ export const RuleDefinitionSection = ({
     ruleType: rule.type,
   });
 
-  const { isSuppressionEnabled } = useAlertSuppression(rule);
+  const { isSuppressionEnabled } = useAlertSuppression(rule.type);
 
   const definitionSectionListItems = prepareDefinitionSectionListItems(
     rule,

diff --git a/...c/detection_engine/rule_management/components/rule_details/use_alert_suppression.test.tsx b/...c/detection_engine/rule_management/components/rule_details/use_alert_suppression.test.tsx
diff --git a/...public/detection_engine/rule_management/components/rule_details/use_alert_suppression.tsx b/...public/detection_engine/rule_management/components/rule_details/use_alert_suppression.tsx
diff --git a/...ity_solution/public/detection_engine/rule_management/hooks/use_alert_suppression.test.tsx b/...ity_solution/public/detection_engine/rule_management/hooks/use_alert_suppression.test.tsx
@@ -0,0 +1,51 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+import { renderHook } from '@testing-library/react-hooks';
+import type { Type } from '@kbn/securitysolution-io-ts-alerting-types';
+import { SuppressibleAlertRules } from '../../../../common/detection_engine/constants';
+import * as useIsExperimentalFeatureEnabledMock from '@kbn/security-solution-plugin/public/common/hooks/use_experimental_features';
+import { useAlertSuppression } from './use_alert_suppression';
+
+describe('useAlertSuppression', () => {
+  it('should return the correct isSuppressionEnabled value if rule Type exists in SuppressibleAlertRules and Feature Flag is enabled', () => {
+    jest
+      .spyOn(useIsExperimentalFeatureEnabledMock, 'useIsExperimentalFeatureEnabled')
+      .mockImplementation((featureFlagName: string) => {
+        return featureFlagName === 'alertSuppressionForIndicatorMatchRuleEnabled';
+      });
+    const { result } = renderHook(() => useAlertSuppression(SuppressibleAlertRules.THREAT_MATCH));
+
+    expect(result.current.isSuppressionEnabled).toBe(true);
+  });
+  it('should return the correct isSuppressionEnabled value if rule Type exists in SuppressibleAlertRules and Feature Flag is disabled', () => {
+    jest
+      .spyOn(useIsExperimentalFeatureEnabledMock, 'useIsExperimentalFeatureEnabled')
+      .mockImplementation((featureFlagName: string) => {
+        return featureFlagName !== 'alertSuppressionForIndicatorMatchRuleEnabled';
+      });
+    const { result } = renderHook(() => useAlertSuppression(SuppressibleAlertRules.THREAT_MATCH));
+
+    expect(result.current.isSuppressionEnabled).toBe(false);
+  });
+
+  it('should return the correct isSuppressionEnabled value if rule Type exists in SuppressibleAlertRules', () => {
+    const { result } = renderHook(() => useAlertSuppression(SuppressibleAlertRules.QUERY));
+
+    expect(result.current.isSuppressionEnabled).toBe(true);
+  });
+
+  it('should return false if rule type is not set', () => {
+    const { result } = renderHook(() => useAlertSuppression());
+    expect(result.current.isSuppressionEnabled).toBe(false);
+  });
+
+  it('should return false if rule type is not THREAT_MATCH', () => {
+    const { result } = renderHook(() => useAlertSuppression('OTHER_RULE_TYPE' as Type));
+
+    expect(result.current.isSuppressionEnabled).toBe(false);
+  });
+});
diff --git a/...security_solution/public/detection_engine/rule_management/hooks/use_alert_suppression.tsx b/...security_solution/public/detection_engine/rule_management/hooks/use_alert_suppression.tsx
@@ -0,0 +1,32 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+import { useCallback } from 'react';
+import { Type } from '@kbn/securitysolution-io-ts-alerting-types';
+import { isSuppressibleAlertRule } from '../../../../common/detection_engine/utils';
+import { SuppressibleAlertRules } from '../../../../common/detection_engine/constants';
+import { useIsExperimentalFeatureEnabled } from '../../../common/hooks/use_experimental_features';
+export interface UseAlertSuppressionReturn {
+  isSuppressionEnabled: boolean;
+}
+
+export const useAlertSuppression = (ruleType?: Type): UseAlertSuppressionReturn => {
+  const isThreatMatchRuleFFEnabled = useIsExperimentalFeatureEnabled(
+    'alertSuppressionForIndicatorMatchRuleEnabled'
+  );
+
+  const isSuppressionEnabledForRuleType = useCallback(() => {
+    if (!ruleType) return false;
+
+    if (ruleType === SuppressibleAlertRules.THREAT_MATCH) return isThreatMatchRuleFFEnabled;
+
+    return isSuppressibleAlertRule(ruleType);
+  }, [ruleType]);
+
+  return {
+    isSuppressionEnabled: isSuppressionEnabledForRuleType(),
+  };
+};