Skip to content

Commit

Permalink
[8.13] [Security Solution] Fix rule filters on the Rule Details page (#…
Browse files Browse the repository at this point in the history
…177081) (#177242)

# Backport

This will backport the following commits from `main` to `8.13`:
- [[Security Solution] Fix rule filters on the Rule Details page
(#177081)](#177081)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Georgii
Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-02-19T21:26:12Z","message":"[Security
Solution] Fix rule filters on the Rule Details page
(#177081)\n\n**Fixes:
https://github.com/elastic/kibana/issues/141458**\r\n**Fixes:
https://github.com/elastic/kibana/issues/176866**\r\n\r\n##
Summary\r\n\r\nFixes the bugs above by changing the `Filters`
component:\r\n\r\n- from using lower-level components like
`FilterBadgeGroup` and custom\r\nrendering\r\n- to using a higher-level
`FilterItems` component that's used inside a\r\nlarger component
`QueryBar` (see the first screenshot below) on the Rule\r\nCreation /
Editing pages\r\n\r\nNote that for some reason the end result still does
not fully equal to\r\nhow filters look on the Rule Creation / Editing
pages, where there are\r\nfewer warnings. It's hard to say which
rendering is the right one.\r\n\r\n## Screenshots\r\n\r\n**How filters
look on the Rule Creation / Editing pages:**\r\n\r\n<img width=\"989\"
alt=\"Screenshot 2024-02-15 at 21 25
00\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/01ca468f-be99-469a-8d75-ee5aa1a31fb0\">\r\n\r\n**Rule
Details page BEFORE the fix:**\r\n\r\n<img width=\"1792\"
alt=\"Screenshot 2024-02-15 at 21 23
46\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/d0e2aa6e-3050-4327-8025-f37125498fd6\">\r\n<img
width=\"1792\" alt=\"Screenshot 2024-02-15 at 21 24
02\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/a89302b2-f991-4547-bdac-c0f5a594a881\">\r\n<img
width=\"1792\" alt=\"Screenshot 2024-02-15 at 21 24
18\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/49c16b02-8d82-4f93-932f-3846880a0457\">\r\n\r\n**Rule
Details page AFTER the fix 1 (filters use non-existing fields
and\r\nshow warnings):**\r\n\r\n<img width=\"1790\" alt=\"Screenshot
2024-02-15 at 21 28
46\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/e229b4ff-6ee7-4444-b5c1-deb00d2b9b39\">\r\n\r\n**Rule
Details page AFTER the fix 2 (filters use existing fields and\r\nlook
normal):**\r\n\r\n<img width=\"1792\" alt=\"Screenshot 2024-02-15 at 21
37
45\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/b10905e7-803d-4404-aa02-8692ff964891\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] Any UI
touched in this PR is usable by keyboard only (learn more\r\nabout
[keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n-
[ ] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n\r\n###
For maintainers\r\n\r\n- [x] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"26726625394dfc4a5143dd1e1c895487c2f90380","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:medium","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Rule Details","8.13
candidate","v8.13.0","v8.12.2","v8.14.0"],"title":"[Security Solution]
Fix rule filters on the Rule Details
page","number":177081,"url":"https://github.com/elastic/kibana/pull/177081","mergeCommit":{"message":"[Security
Solution] Fix rule filters on the Rule Details page
(#177081)\n\n**Fixes:
https://github.com/elastic/kibana/issues/141458**\r\n**Fixes:
https://github.com/elastic/kibana/issues/176866**\r\n\r\n##
Summary\r\n\r\nFixes the bugs above by changing the `Filters`
component:\r\n\r\n- from using lower-level components like
`FilterBadgeGroup` and custom\r\nrendering\r\n- to using a higher-level
`FilterItems` component that's used inside a\r\nlarger component
`QueryBar` (see the first screenshot below) on the Rule\r\nCreation /
Editing pages\r\n\r\nNote that for some reason the end result still does
not fully equal to\r\nhow filters look on the Rule Creation / Editing
pages, where there are\r\nfewer warnings. It's hard to say which
rendering is the right one.\r\n\r\n## Screenshots\r\n\r\n**How filters
look on the Rule Creation / Editing pages:**\r\n\r\n<img width=\"989\"
alt=\"Screenshot 2024-02-15 at 21 25
00\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/01ca468f-be99-469a-8d75-ee5aa1a31fb0\">\r\n\r\n**Rule
Details page BEFORE the fix:**\r\n\r\n<img width=\"1792\"
alt=\"Screenshot 2024-02-15 at 21 23
46\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/d0e2aa6e-3050-4327-8025-f37125498fd6\">\r\n<img
width=\"1792\" alt=\"Screenshot 2024-02-15 at 21 24
02\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/a89302b2-f991-4547-bdac-c0f5a594a881\">\r\n<img
width=\"1792\" alt=\"Screenshot 2024-02-15 at 21 24
18\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/49c16b02-8d82-4f93-932f-3846880a0457\">\r\n\r\n**Rule
Details page AFTER the fix 1 (filters use non-existing fields
and\r\nshow warnings):**\r\n\r\n<img width=\"1790\" alt=\"Screenshot
2024-02-15 at 21 28
46\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/e229b4ff-6ee7-4444-b5c1-deb00d2b9b39\">\r\n\r\n**Rule
Details page AFTER the fix 2 (filters use existing fields and\r\nlook
normal):**\r\n\r\n<img width=\"1792\" alt=\"Screenshot 2024-02-15 at 21
37
45\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/b10905e7-803d-4404-aa02-8692ff964891\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] Any UI
touched in this PR is usable by keyboard only (learn more\r\nabout
[keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n-
[ ] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n\r\n###
For maintainers\r\n\r\n- [x] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"26726625394dfc4a5143dd1e1c895487c2f90380"}},"sourceBranch":"main","suggestedTargetBranches":["8.13","8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/177081","number":177081,"mergeCommit":{"message":"[Security
Solution] Fix rule filters on the Rule Details page
(#177081)\n\n**Fixes:
https://github.com/elastic/kibana/issues/141458**\r\n**Fixes:
https://github.com/elastic/kibana/issues/176866**\r\n\r\n##
Summary\r\n\r\nFixes the bugs above by changing the `Filters`
component:\r\n\r\n- from using lower-level components like
`FilterBadgeGroup` and custom\r\nrendering\r\n- to using a higher-level
`FilterItems` component that's used inside a\r\nlarger component
`QueryBar` (see the first screenshot below) on the Rule\r\nCreation /
Editing pages\r\n\r\nNote that for some reason the end result still does
not fully equal to\r\nhow filters look on the Rule Creation / Editing
pages, where there are\r\nfewer warnings. It's hard to say which
rendering is the right one.\r\n\r\n## Screenshots\r\n\r\n**How filters
look on the Rule Creation / Editing pages:**\r\n\r\n<img width=\"989\"
alt=\"Screenshot 2024-02-15 at 21 25
00\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/01ca468f-be99-469a-8d75-ee5aa1a31fb0\">\r\n\r\n**Rule
Details page BEFORE the fix:**\r\n\r\n<img width=\"1792\"
alt=\"Screenshot 2024-02-15 at 21 23
46\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/d0e2aa6e-3050-4327-8025-f37125498fd6\">\r\n<img
width=\"1792\" alt=\"Screenshot 2024-02-15 at 21 24
02\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/a89302b2-f991-4547-bdac-c0f5a594a881\">\r\n<img
width=\"1792\" alt=\"Screenshot 2024-02-15 at 21 24
18\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/49c16b02-8d82-4f93-932f-3846880a0457\">\r\n\r\n**Rule
Details page AFTER the fix 1 (filters use non-existing fields
and\r\nshow warnings):**\r\n\r\n<img width=\"1790\" alt=\"Screenshot
2024-02-15 at 21 28
46\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/e229b4ff-6ee7-4444-b5c1-deb00d2b9b39\">\r\n\r\n**Rule
Details page AFTER the fix 2 (filters use existing fields and\r\nlook
normal):**\r\n\r\n<img width=\"1792\" alt=\"Screenshot 2024-02-15 at 21
37
45\"\r\nsrc=\"https://github.com/elastic/kibana/assets/7359339/b10905e7-803d-4404-aa02-8692ff964891\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] Any UI
touched in this PR is usable by keyboard only (learn more\r\nabout
[keyboard accessibility](https://webaim.org/techniques/keyboard/))\r\n-
[ ] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n\r\n###
For maintainers\r\n\r\n- [x] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"26726625394dfc4a5143dd1e1c895487c2f90380"}}]}]
BACKPORT-->

Co-authored-by: Georgii Gorbachev <[email protected]>
  • Loading branch information
kibanamachine and banderror authored Feb 19, 2024
1 parent dca2f55 commit 7476496
Show file tree
Hide file tree
Showing 2 changed files with 101 additions and 69 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import { useEuiTheme } from '@elastic/eui';
import { css } from '@emotion/css';
import { useMemo } from 'react';

export const useFiltersStyles = () => {
return useMemo(
() => ({
flexGroup: css`
max-width: 600px;
`,
}),
[]
);
};

export const useQueryStyles = () => {
return useMemo(
() => ({
content: css`
white-space: pre-wrap;
`,
}),
[]
);
};

export const useRequiredFieldsStyles = () => {
const { euiTheme } = useEuiTheme();
return useMemo(
() => ({
fieldTypeText: css({
fontFamily: euiTheme.font.familyCode,
display: 'inline',
}),
}),
[euiTheme.font.familyCode]
);
};
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,13 @@

import React from 'react';
import { isEmpty } from 'lodash/fp';
import styled from 'styled-components';
import {
EuiDescriptionList,
EuiText,
EuiFlexGrid,
EuiFlexItem,
EuiFlexGroup,
EuiLoadingSpinner,
EuiBadge,
} from '@elastic/eui';
import type { EuiDescriptionListProps } from '@elastic/eui';
import type {
Expand All @@ -25,9 +23,10 @@ import type {
import type { Filter } from '@kbn/es-query';
import type { SavedQuery } from '@kbn/data-plugin/public';
import { mapAndFlattenFilters } from '@kbn/data-plugin/public';
import type { DataView } from '@kbn/data-views-plugin/public';
import { FieldIcon } from '@kbn/react-field';
import { castEsToKbnFieldTypeName } from '@kbn/field-types';
import { FilterBadgeGroup } from '@kbn/unified-search-plugin/public';
import { FilterItems } from '@kbn/unified-search-plugin/public';
import type {
AlertSuppressionMissingFieldsStrategy,
RequiredFieldArray,
Expand Down Expand Up @@ -55,6 +54,11 @@ import { BadgeList } from './badge_list';
import { DEFAULT_DESCRIPTION_LIST_COLUMN_WIDTHS } from './constants';
import * as i18n from './translations';
import { useAlertSuppression } from '../../logic/use_alert_suppression';
import {
useFiltersStyles,
useQueryStyles,
useRequiredFieldsStyles,
} from './rule_definition_section.styles';

interface SavedQueryNameProps {
savedQueryName: string;
Expand All @@ -66,12 +70,6 @@ const SavedQueryName = ({ savedQueryName }: SavedQueryNameProps) => (
</EuiText>
);

const EuiBadgeWrap = styled(EuiBadge)`
.euiBadge__text {
white-space: pre-wrap !important;
}
`;

interface FiltersProps {
filters: Filter[];
dataViewId?: string;
Expand All @@ -80,51 +78,42 @@ interface FiltersProps {
}

const Filters = ({ filters, dataViewId, index, 'data-test-subj': dataTestSubj }: FiltersProps) => {
const flattenedFilters = mapAndFlattenFilters(filters);

const { indexPattern } = useRuleIndexPattern({
dataSourceType: dataViewId ? DataSourceType.DataView : DataSourceType.IndexPatterns,
index: index ?? [],
dataViewId,
});

const flattenedFilters = mapAndFlattenFilters(filters);
const styles = useFiltersStyles();

return (
<EuiFlexGroup wrap responsive={false} gutterSize="xs" data-test-subj={dataTestSubj}>
{flattenedFilters.map((filter, idx) => {
const displayContent = filter.meta.alias ? (
filter.meta.alias
) : (
<FilterBadgeGroup filters={[filter]} dataViews={[indexPattern]} />
);
return (
<EuiFlexItem
grow={false}
key={`filter-${idx}`}
css={{ width: '100%' }}
data-test-subj={`filterItem-${filter.meta.key}`}
>
<EuiBadgeWrap color="hollow">
{indexPattern != null ? displayContent : <EuiLoadingSpinner size="m" />}
</EuiBadgeWrap>
</EuiFlexItem>
);
})}
<EuiFlexGroup
data-test-subj={dataTestSubj}
className={styles.flexGroup}
wrap
responsive={false}
gutterSize="xs"
>
<FilterItems filters={flattenedFilters} indexPatterns={[indexPattern as DataView]} readOnly />
</EuiFlexGroup>
);
};

const QueryContent = styled.div`
white-space: pre-wrap;
`;

interface QueryProps {
query: string;
'data-test-subj'?: string;
}

const Query = ({ query, 'data-test-subj': dataTestSubj = 'query' }: QueryProps) => (
<QueryContent data-test-subj={dataTestSubj}>{query}</QueryContent>
);
const Query = ({ query, 'data-test-subj': dataTestSubj = 'query' }: QueryProps) => {
const styles = useQueryStyles();
return (
<div data-test-subj={dataTestSubj} className={styles.content}>
{query}
</div>
);
};

interface IndexProps {
index: string[];
Expand Down Expand Up @@ -260,42 +249,40 @@ const RuleType = ({ type }: RuleTypeProps) => (
<EuiText size="s">{getRuleTypeDescription(type)}</EuiText>
);

const StyledFieldTypeText = styled(EuiText)`
font-size: ${({ theme }) => theme.eui.euiFontSizeXS};
font-family: ${({ theme }) => theme.eui.euiCodeFontFamily};
display: inline;
`;

interface RequiredFieldsProps {
requiredFields: RequiredFieldArray;
}

const RequiredFields = ({ requiredFields }: RequiredFieldsProps) => (
<EuiFlexGrid gutterSize={'s'} data-test-subj="requiredFieldsPropertyValue">
{requiredFields.map((rF, index) => (
<EuiFlexItem grow={false} key={rF.name}>
<EuiFlexGroup alignItems="center" gutterSize={'xs'}>
<EuiFlexItem grow={false}>
<FieldIcon
data-test-subj="field-type-icon"
type={castEsToKbnFieldTypeName(rF.type)}
label={rF.type}
/>
</EuiFlexItem>
<EuiFlexItem grow={false}>
<StyledFieldTypeText
grow={false}
size={'s'}
data-test-subj="requiredFieldsPropertyValueItem"
>
{` ${rF.name}${index + 1 !== requiredFields.length ? ', ' : ''}`}
</StyledFieldTypeText>
</EuiFlexItem>
</EuiFlexGroup>
</EuiFlexItem>
))}
</EuiFlexGrid>
);
const RequiredFields = ({ requiredFields }: RequiredFieldsProps) => {
const styles = useRequiredFieldsStyles();
return (
<EuiFlexGrid data-test-subj="requiredFieldsPropertyValue" gutterSize={'s'}>
{requiredFields.map((rF, index) => (
<EuiFlexItem grow={false} key={rF.name}>
<EuiFlexGroup alignItems="center" gutterSize={'xs'}>
<EuiFlexItem grow={false}>
<FieldIcon
data-test-subj="field-type-icon"
type={castEsToKbnFieldTypeName(rF.type)}
label={rF.type}
/>
</EuiFlexItem>
<EuiFlexItem grow={false}>
<EuiText
data-test-subj="requiredFieldsPropertyValueItem"
className={styles.fieldTypeText}
grow={false}
size="xs"
>
{` ${rF.name}${index + 1 !== requiredFields.length ? ', ' : ''}`}
</EuiText>
</EuiFlexItem>
</EuiFlexGroup>
</EuiFlexItem>
))}
</EuiFlexGrid>
);
};

interface TimelineTitleProps {
timelineTitle: string;
Expand Down

0 comments on commit 7476496

Please sign in to comment.