[Security Solution] Update CellActions field type to be FieldSpec #157243
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
machadoum
force-pushed
the
siem-explore-cell-actions-150347
branch
from
a3c227b to
3fea3f8
Compare
machadoum
changed the title
machadoum
force-pushed
the
siem-explore-cell-actions-150347
branch
4 times, most recently
from
c5a273b to
b7dea3d
Compare
machadoum
added
release_note:skip
machadoum
commented
May 12, 2023
| @@ -46,7 +47,7 @@ export const createShowTopNCellActionFactory = createCellActionFactory( | |||
| getDisplayNameTooltip: ({ field }) => SHOW_TOP(field.name), | |||
| isCompatible: async ({ field }) => | |||
| fieldHasCellActions(field.name) && | |||
| !UNSUPPORTED_FIELD_TYPES.includes(field.type) && | |||
| !UNSUPPORTED_FIELD_TYPES.includes(head(field.esTypes) ?? '') && | |||
There was a problem hiding this comment.
I updated the check to use esTypes and all CellActions calls to pass the rights types.
There was a problem hiding this comment.
Are we always going to check only the first element in esTypes?
machadoum
force-pushed
the
siem-explore-cell-actions-150347
branch
from
5843bab to
b5924eb
Compare
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
machadoum
force-pushed
the
siem-explore-cell-actions-150347
branch
from
730bbda to
5231efd
Compare
💔 Build Failed
Failed CI Steps
Test Failures
Metrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: cc @machadoum |
machadoum
force-pushed
the
siem-explore-cell-actions-150347
branch
from
5231efd to
b5924eb
Compare
|
I am moving this PR to #157834 |
machadoum
added a commit
that referenced
this pull request
Jun 22, 2023
…7243 (#157834) issue: #150347 ## Context Some Actions need to access `FieldSpec` data, which is not present on the `CellActions` API (`subType`and `isMapped`). So we are updating the `CellActions` `field` property to be compatible with `FieldSpec`. ## Summary This PR is the first step to fix #150347. * Updates the `CellActions` to support an array of data objects, each containing field (`FieldSpec`) and value * Create a new `SecurityCellActions` component that accepts a field name and loads `FieldSpec` from the Dataview. ## Examples Before: ```tsx <SecurityCellActions value={'admin'} field={{ name: 'user.name', type: 'keyword', searchable: true, aggregatable: true, ... }} /> ``` After: ```tsx <SecurityCellActions data={{ field: 'user.name', value: 'admin' }}/> ``` `SecurityCellActions` will load the spec from the Dataview and provide it to `CellActons`. `CellActons` now also support an of fields instead of only one field. It will be useful when rendering cell actions for aggregated data like on the Entity Analytic page. But for now, the actions are not supporting multiple values, we need to rewrite them #159480. ### Next steps We must refactor the Security Solution to get `FieldSpec` from the `DataView` instead of using BrowserFields. Ideally, we have to do that for every `CellAction` call so the actions can access the `subType` property. - [x] ~Refactor the Security Solution CellActions calls to get `FieldSpec` from the `DataView`~ - [x] Refactor data grid cell actions to get `FieldSpec` from the `DataView` - [ ] Rewrite actions to support multiple fields and use them on the investigation in timeline (.andFilters) - [ ] Fix #150347 using `subType` from `fieldSpec` - [ ] Fix #154714 using `isMapped` from `fieldSpec` ### Extra information *** Previously we were mixing `esTypes` and `kbnTypes`. For example, if the `esType` is a keyword the `kbnType` has to be a `string`. [Here](https://github.com/machadoum/kibana/blob/9799dbba27c5baf594357eae0bbfc79b4e7da77c/packages/kbn-field-types/src/types.ts#L22) you can check all possible ES and KBN types and [here](https://github.com/machadoum/kibana/blob/9799dbba27c5baf594357eae0bbfc79b4e7da77c/packages/kbn-field-types/src/kbn_field_types_factory.ts) you can see the mapping between esType and kbnType ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
issue: #150347
Context
Some Actions need to access
FieldSpecdata, which is not present on theCellActionsAPI (subTypeandisMapped). So we are updating theCellActionsfieldproperty to be compatible withFieldSpec.Summary
This PR is the first step to fix #150347.
CellActionsfield type toFieldSpecsearchableandaggregatbleto every CellActions call.SecurityCelActionscalls to provide the right Kibana and ES field typesesTypesandkbnTypes. For example, if theesTypeis a keyword thekbnTypehas to be astring.Here you can check all possible ES and KBN types and here you can see the mapping between esType and kbnType
Next steps
Add
subTypeproperty to allCellActionscalls so we can fix CellActions component should hide ShowTopN action for nested fields #150347We need to refactor the Security Solution to get
FieldSpecfrom theDataViewinstead of using BrowserFields. Ideally, we have to do that for everyCellActioncall so the actions have access to thesubTypeproperty.Add
isMappedto allCellActionscalls so we can fix [Security Solution] Disable filter cellActions for unmapped fields on Alerts table #154714Checklist