Skip to content

Commit

Permalink
[8.x] [SecuritySolution] Update file validation because the file type…
Browse files Browse the repository at this point in the history
… is empty on windows (#199791) (#200189)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[SecuritySolution] Update file validation because the file type is
empty on windows
(#199791)](#199791)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Pablo
Machado","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-14T13:55:21Z","message":"[SecuritySolution]
Update file validation because the file type is empty on windows
(#199791)\n\n## Summary\r\n\r\nBug: On Windows, we can't select TSV
files or drag them to the file\r\npicker. This error happens because we
have a validation for the file\r\ntype, and for some reason, on Windows,
it is an empty string 🤡 .\r\n\r\nI updated the file validation logic to
allow empty strings for file\r\ntypes and added one extra value to the
acceptable types, `.tsv`. So,\r\nwhen the mime type checks fail, it will
accept any files with the `tsv`\r\nextension.\r\n\r\n\r\nI desk-tested
it on Windows-edge, Windows-chrome, Mac-chrome and
it\r\nworks.\r\n\r\n### How to test it?\r\n* ON A WINDOWS MACHINE\r\n*
Open the security solution app and navigate to the entity store
page\r\n* Drag a TSV file created on a Windows machine; the file should
be\r\naccepted\r\n* Click on the \"select file\" button and select a TSV
file created on a\r\nWindows machine\r\n* Both methods should allow you
to select the file, and you should be\r\nable to proceed with the bulk
upload\r\n\r\n#### Do I need to checkout your code and start
kibana?\r\nIf you are a lazy person like me, you can test the feature
using the\r\ncloud
deployment\r\n[here](https://kibana-pr-199791.kb.us-west2.gcp.elastic-cloud.com/app/security/entity_analytics_entity_store).\r\nYou
can get the login/password using Vault. The instructions are on
the\r\nlatest Cloud Deployment link, or ask me for
credentials.\r\n\r\n#### What if I don't have a Windows machine?\r\nBuy
one. I am kidding. 🤡 \r\nYou can follow
[this\r\ntutorial](https://github.com/elastic/security-team/blob/main/tools/sec-eng-prod/sep-vms/README.md#setup)\r\nto
deploy it to gcloud, and connect to it using RDP.\r\nBut If you are lazy
like me, you can ask me for my Windows 11 cloud\r\ndeployment
credentials.\r\n\r\n_Obs. You need an app to access the cloud deployment
via RDP. The\r\n\"Windows App\" can be easily downloaded from the App
Store on Mac._\r\n\r\n### Checklist\r\n\r\nDelete any items that are not
applicable to this PR.\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] This was
checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)","sha":"ac32a056ef6897d0b685da8b444c399294a5e53e","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","Team:
SecuritySolution","Theme: entity_analytics","Feature:Entity
Analytics","Team:Entity
Analytics","backport:version","v8.17.0","v8.16.1"],"title":"[SecuritySolution]
Update file validation because the file type is empty on
windows","number":199791,"url":"https://github.com/elastic/kibana/pull/199791","mergeCommit":{"message":"[SecuritySolution]
Update file validation because the file type is empty on windows
(#199791)\n\n## Summary\r\n\r\nBug: On Windows, we can't select TSV
files or drag them to the file\r\npicker. This error happens because we
have a validation for the file\r\ntype, and for some reason, on Windows,
it is an empty string 🤡 .\r\n\r\nI updated the file validation logic to
allow empty strings for file\r\ntypes and added one extra value to the
acceptable types, `.tsv`. So,\r\nwhen the mime type checks fail, it will
accept any files with the `tsv`\r\nextension.\r\n\r\n\r\nI desk-tested
it on Windows-edge, Windows-chrome, Mac-chrome and
it\r\nworks.\r\n\r\n### How to test it?\r\n* ON A WINDOWS MACHINE\r\n*
Open the security solution app and navigate to the entity store
page\r\n* Drag a TSV file created on a Windows machine; the file should
be\r\naccepted\r\n* Click on the \"select file\" button and select a TSV
file created on a\r\nWindows machine\r\n* Both methods should allow you
to select the file, and you should be\r\nable to proceed with the bulk
upload\r\n\r\n#### Do I need to checkout your code and start
kibana?\r\nIf you are a lazy person like me, you can test the feature
using the\r\ncloud
deployment\r\n[here](https://kibana-pr-199791.kb.us-west2.gcp.elastic-cloud.com/app/security/entity_analytics_entity_store).\r\nYou
can get the login/password using Vault. The instructions are on
the\r\nlatest Cloud Deployment link, or ask me for
credentials.\r\n\r\n#### What if I don't have a Windows machine?\r\nBuy
one. I am kidding. 🤡 \r\nYou can follow
[this\r\ntutorial](https://github.com/elastic/security-team/blob/main/tools/sec-eng-prod/sep-vms/README.md#setup)\r\nto
deploy it to gcloud, and connect to it using RDP.\r\nBut If you are lazy
like me, you can ask me for my Windows 11 cloud\r\ndeployment
credentials.\r\n\r\n_Obs. You need an app to access the cloud deployment
via RDP. The\r\n\"Windows App\" can be easily downloaded from the App
Store on Mac._\r\n\r\n### Checklist\r\n\r\nDelete any items that are not
applicable to this PR.\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] This was
checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)","sha":"ac32a056ef6897d0b685da8b444c399294a5e53e"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199791","number":199791,"mergeCommit":{"message":"[SecuritySolution]
Update file validation because the file type is empty on windows
(#199791)\n\n## Summary\r\n\r\nBug: On Windows, we can't select TSV
files or drag them to the file\r\npicker. This error happens because we
have a validation for the file\r\ntype, and for some reason, on Windows,
it is an empty string 🤡 .\r\n\r\nI updated the file validation logic to
allow empty strings for file\r\ntypes and added one extra value to the
acceptable types, `.tsv`. So,\r\nwhen the mime type checks fail, it will
accept any files with the `tsv`\r\nextension.\r\n\r\n\r\nI desk-tested
it on Windows-edge, Windows-chrome, Mac-chrome and
it\r\nworks.\r\n\r\n### How to test it?\r\n* ON A WINDOWS MACHINE\r\n*
Open the security solution app and navigate to the entity store
page\r\n* Drag a TSV file created on a Windows machine; the file should
be\r\naccepted\r\n* Click on the \"select file\" button and select a TSV
file created on a\r\nWindows machine\r\n* Both methods should allow you
to select the file, and you should be\r\nable to proceed with the bulk
upload\r\n\r\n#### Do I need to checkout your code and start
kibana?\r\nIf you are a lazy person like me, you can test the feature
using the\r\ncloud
deployment\r\n[here](https://kibana-pr-199791.kb.us-west2.gcp.elastic-cloud.com/app/security/entity_analytics_entity_store).\r\nYou
can get the login/password using Vault. The instructions are on
the\r\nlatest Cloud Deployment link, or ask me for
credentials.\r\n\r\n#### What if I don't have a Windows machine?\r\nBuy
one. I am kidding. 🤡 \r\nYou can follow
[this\r\ntutorial](https://github.com/elastic/security-team/blob/main/tools/sec-eng-prod/sep-vms/README.md#setup)\r\nto
deploy it to gcloud, and connect to it using RDP.\r\nBut If you are lazy
like me, you can ask me for my Windows 11 cloud\r\ndeployment
credentials.\r\n\r\n_Obs. You need an app to access the cloud deployment
via RDP. The\r\n\"Windows App\" can be easily downloaded from the App
Store on Mac._\r\n\r\n### Checklist\r\n\r\nDelete any items that are not
applicable to this PR.\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] This was
checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)","sha":"ac32a056ef6897d0b685da8b444c399294a5e53e"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Pablo Machado <[email protected]>
  • Loading branch information
kibanamachine and machadoum authored Nov 19, 2024
1 parent 99e3f67 commit 0ee05fe
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,11 @@
* 2.0.
*/

export const SUPPORTED_FILE_TYPES = ['text/csv', 'text/plain', 'text/tab-separated-values'];
export const SUPPORTED_FILE_TYPES = [
'text/csv',
'text/plain',
'text/tab-separated-values',
'.tsv', // Useful for Windows when it can't recognise the file extension.
'.csv', // Useful for Windows when it can't recognise the file extension.
];
export const SUPPORTED_FILE_EXTENSIONS = ['CSV', 'TXT', 'TSV'];
Original file line number Diff line number Diff line change
Expand Up @@ -37,12 +37,13 @@ describe('useFileValidation', () => {
test('should call onError when an error occurs', () => {
const onErrorMock = jest.fn();
const onCompleteMock = jest.fn();
const invalidFileType = 'invalid file type';

const { result } = renderHook(
() => useFileValidation({ onError: onErrorMock, onComplete: onCompleteMock }),
{ wrapper: TestProviders }
);
result.current(new File([invalidLine], 'test.csv'));
result.current(new File([invalidLine], 'test.csv', { type: invalidFileType }));

expect(onErrorMock).toHaveBeenCalled();
expect(onCompleteMock).not.toHaveBeenCalled();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,14 @@ describe('validateFile', () => {
expect(result.valid).toBe(true);
});

it('should return valid if the mime type is empty (Windows)', () => {
const file = new File(['file content'], 'test.csv', { type: '' });

const result = validateFile(file, formatBytes);

expect(result.valid).toBe(true);
});

it('should return an error message if the file type is invalid', () => {
const file = new File(['file content'], 'test.txt', { type: 'invalid-type' });

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,10 @@ export const validateFile = (
file: File,
formatBytes: (bytes: number) => string
): { valid: false; errorMessage: string; code: string } | { valid: true } => {
if (!SUPPORTED_FILE_TYPES.includes(file.type)) {
if (
file.type !== '' && // file.type might be an empty string on windows
!SUPPORTED_FILE_TYPES.includes(file.type)
) {
return {
valid: false,
code: 'unsupported_file_type',
Expand Down

0 comments on commit 0ee05fe

Please sign in to comment.