[Security Solution][Bulk actions]- Fix bulk actions data views behavior #138448
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
yctercero
added
bug
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
dhurley14
approved these changes
Aug 9, 2022
💚 Build Succeeded
Metrics [docs]
To update your PR or re-run it, just comment with: cc @yctercero |
rylnd
approved these changes
Aug 9, 2022
| expect(editedRuleParams).toHaveProperty('index', ['test-*']); | ||
| }); | ||
|
|
||
| test('should set dataViewId to undefined and index to undefined if overwrite_data_views=true on delete_index_patterns action and rule had no index patterns to begin with', () => { |
| @@ -59,6 +71,10 @@ const applyBulkActionEditToRuleParams = ( | |||
| "Index patterns can't be overwritten. Machine learning rule doesn't have index patterns property" | |||
| ); | |||
|
|
|||
| if (ruleParams.dataViewId != null && !action.overwrite_data_views) { | |||
There was a problem hiding this comment.
Nit: maybe encapsulate this in a declarative helper? e.g.
Suggested change
| if (ruleParams.dataViewId != null && !action.overwrite_data_views) { | |
| if (actionNotValid(action, ruleParams)) { |
There was a problem hiding this comment.
👍🏽 I think there's a different helper method @banderror had suggested we could use. Can definitely cleanup/revisit post 8.4.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Aug 9, 2022
…or (elastic#138448) ## Summary Addresses [bug](elastic#138383) found where even when `overwrite_data_views` was false, the rule's `index` property was being modified. Please see added integration tests to understand desired behavior of changes. There is one edge case which is a bit weird, but I think too late to address in 8.4. If a user uses bulk delete on a rule with a data view and _no_ index patterns defined and `overwrite_data_views = true`, both data view and index will be set to `undefined`. Per our current behavior, a rule with no data source defaults to using the default index patterns. Not sure this is ideal, but it is in line with the behavior that already exists for a rule. (cherry picked from commit 9e8b5b9)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Aug 10, 2022
…or (elastic#138448) (elastic#138466) ## Summary Addresses [bug](elastic#138383) found where even when `overwrite_data_views` was false, the rule's `index` property was being modified. Please see added integration tests to understand desired behavior of changes. There is one edge case which is a bit weird, but I think too late to address in 8.4. If a user uses bulk delete on a rule with a data view and _no_ index patterns defined and `overwrite_data_views = true`, both data view and index will be set to `undefined`. Per our current behavior, a rule with no data source defaults to using the default index patterns. Not sure this is ideal, but it is in line with the behavior that already exists for a rule. (cherry picked from commit 9e8b5b9) Co-authored-by: Yara Tercero <[email protected]>
vitaliidm
added a commit
that referenced
this pull request
Sep 28, 2022
#141915) ## Summary - addresses #135201 - adds Data View cypress and integration tests according to [Data view Bulk Edit test plan](https://docs.google.com/document/d/116x7ITTTJQ6cTiwaGK831_f6Ox7XB3qyLiHxC3Cmf8w/edit#heading=h.j583i3o7bg2g) (internal document) - integration tests were added earlier in #138448
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 28, 2022
elastic#141915) ## Summary - addresses elastic#135201 - adds Data View cypress and integration tests according to [Data view Bulk Edit test plan](https://docs.google.com/document/d/116x7ITTTJQ6cTiwaGK831_f6Ox7XB3qyLiHxC3Cmf8w/edit#heading=h.j583i3o7bg2g) (internal document) - integration tests were added earlier in elastic#138448 (cherry picked from commit c7301e5)
kibanamachine
added a commit
that referenced
this pull request
Sep 29, 2022
#141915) (#142090) ## Summary - addresses #135201 - adds Data View cypress and integration tests according to [Data view Bulk Edit test plan](https://docs.google.com/document/d/116x7ITTTJQ6cTiwaGK831_f6Ox7XB3qyLiHxC3Cmf8w/edit#heading=h.j583i3o7bg2g) (internal document) - integration tests were added earlier in #138448 (cherry picked from commit c7301e5) Co-authored-by: Vitalii Dmyterko <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Addresses bug found where even when
overwrite_data_viewswas false, the rule'sindexproperty was being modified.Please see added integration tests to understand desired behavior of changes. There is one edge case which is a bit weird, but I think too late to address in 8.4. If a user uses bulk delete on a rule with a data view and no index patterns defined and
overwrite_data_views = true, both data view and index will be set toundefined. Per our current behavior, a rule with no data source defaults to using the default index patterns. Not sure this is ideal, but it is in line with the behavior that already exists for a rule.Checklist
For maintainers