From 8bbb01a4475703ab973ec719222b0347aa63632f Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Fri, 13 Oct 2023 16:29:02 -0700 Subject: [PATCH 01/29] wip: grouping --- .../latest_findings_container.tsx | 190 ++++++++++++++++++ 1 file changed, 190 insertions(+) diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index 9abae7af4a211..6f36676de8c6d 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -9,6 +9,7 @@ import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elast import { i18n } from '@kbn/i18n'; import { DataTableRecord } from '@kbn/discover-utils/types'; import { Filter, Query } from '@kbn/es-query'; +import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolution-grouping'; import { TimestampTableCell } from '../../../components/timestamp_table_cell'; import { CspEvaluationBadge } from '../../../components/csp_evaluation_badge'; import type { Evaluation } from '../../../../common/types'; @@ -27,6 +28,7 @@ import { CloudSecurityDefaultColumn, } from '../../../components/cloud_security_data_table'; import { FindingsRuleFlyout } from '../findings_flyout/findings_flyout'; +import { useFindingsByResource } from '../latest_findings_by_resource/use_findings_by_resource'; const getDefaultQuery = ({ query, @@ -107,6 +109,12 @@ const customCellRenderer = (rows: DataTableRecord[]) => ({ ), }); +export const FINDINGS_UNIT = (totalCount: number) => + i18n.translate('xpack.csp.findings.unit', { + values: { totalCount }, + defaultMessage: `{totalCount, plural, =1 {finding} other {findings}}`, + }); + export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { const cloudPostureTable = useCloudPostureTable({ dataView, @@ -115,6 +123,188 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { defaultQuery: getDefaultQuery, }); + const { query, sort } = cloudPostureTable; + + const grouping = useGrouping({ + componentProps: { + // groupPanelRenderer: renderGroupPanel, + // groupStatsRenderer: getStats, + // onGroupToggle, + unit: FINDINGS_UNIT, + }, + defaultGroupingOptions: [ + { + label: 'Rule Name', + key: 'kibana.alert.rule.name', + }, + ], + fields: dataView.fields, + groupingId: 'latestFindings', + maxGroupingLevels: 2, + onGroupChange: (params) => { + console.log('onGroupChange', params); + }, + onOptionsChange: (options) => { + console.log('onOptionsChange', options); + }, + }); + + const groupingQuery = getGroupingQuery({ + additionalFilters: [], + from: 'now-1y', + groupByField: grouping.selectedGroups.join(','), + uniqueValue: grouping.selectedGroups.join(','), + to: 'now', + // groupByField, + // pageNumber, + // rootAggregations, + // runtimeMappings, + // size = DEFAULT_GROUP_BY_FIELD_SIZE, + // sort, + // statsAggregations, + // to, + // uniqueValue, + }); + + console.log({ groupingQuery }); + console.log({ grouping }); + console.log(grouping.selectedGroups); + + const { data } = useFindingsByResource({ + sortDirection: cloudPostureTable.urlQuery.sort.direction, + query, + enabled: true, + }); + + console.log({ data }); + + const GroupSelector = () => grouping.groupSelector; + + return ( + <> + {/* */} + {grouping.getGrouping({ + activePage: 0, + data: { + groupsCount: { + value: 1, + }, + groupByFields: { + buckets: [ + { + key: ['Vulnerability: CVE-2022-28734'], + doc_count: 41, + hostsCountAggregation: { + value: 25, + }, + ruleTags: { + doc_count_error_upper_bound: 0, + sum_other_doc_count: 0, + buckets: [ + { + key: 'CNVM', + doc_count: 41, + }, + { + key: 'CVE-2022-28734', + doc_count: 41, + }, + { + key: 'Cloud Security', + doc_count: 41, + }, + { + key: 'Data Source: Cloud Native Vulnerability Management', + doc_count: 41, + }, + { + key: 'OS: Linux', + doc_count: 41, + }, + { + key: 'Use Case: Vulnerability', + doc_count: 41, + }, + ], + }, + unitsCount: { + value: 41, + }, + description: { + doc_count_error_upper_bound: 0, + sum_other_doc_count: 0, + buckets: [ + { + key: "Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata.", + doc_count: 41, + }, + ], + }, + severitiesSubAggregation: { + doc_count_error_upper_bound: 0, + sum_other_doc_count: 0, + buckets: [ + { + key: 'critical', + doc_count: 18, + }, + { + key: 'medium', + doc_count: 13, + }, + { + key: 'high', + doc_count: 10, + }, + ], + }, + countSeveritySubAggregation: { + value: 3, + }, + usersCountAggregation: { + value: 0, + }, + selectedGroup: 'kibana.alert.rule.name', + key_as_string: 'Vulnerability: CVE-2022-28734', + }, + ], + }, + unitsCount: { + value: 41, + }, + }, + groupingLevel: 0, + inspectButton: undefined, + isLoading: false, + itemsPerPage: 10, + onChangeGroupsItemsPerPage: () => { + console.log('onChangeGroupsItemsPerPage'); + }, + onChangeGroupsPage: () => { + console.log('onChangeGroupsPage'); + }, + renderChildComponent: (groupFilter) => { + return
{JSON.stringify(groupFilter)}
; + }, + onGroupClose: () => { + console.log('onGroupClose'); + }, + selectedGroup: 'kibana.alert.rule.name', + // selectedGroup: 'kibana.alert.rule.name', + takeActionItems: () => [], + })} + + ); +}; + +export const LatestFindingsContainerOld = ({ dataView }: FindingsBaseProps) => { + const cloudPostureTable = useCloudPostureTable({ + dataView, + paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, + columnsLocalStorageKey, + defaultQuery: getDefaultQuery, + }); + const { query, sort, queryError, setUrlQuery, filters, getRowsFromPages } = cloudPostureTable; const { From c40e2fc59b09ad35c16757fd22c32b7c434d2032 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Tue, 17 Oct 2023 11:38:55 -0700 Subject: [PATCH 02/29] group selector fix --- .../src/components/group_selector/index.tsx | 7 +++++-- .../src/hooks/use_get_group_selector.tsx | 14 +++++++++----- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx index 3fa82f7f8af20..84532a3802985 100644 --- a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx +++ b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx @@ -57,7 +57,10 @@ const GroupSelectorComponent = ({ }, ...options.map((o) => ({ 'data-test-subj': `panel-${o.key}`, - disabled: groupsSelected.length === maxGroupingLevels && !isGroupSelected(o.key), + disabled: + maxGroupingLevels > 1 && + groupsSelected.length === maxGroupingLevels && + !isGroupSelected(o.key), name: o.label, onClick: () => onGroupChange(o.key), icon: isGroupSelected(o.key) ? 'check' : 'empty', @@ -66,7 +69,7 @@ const GroupSelectorComponent = ({ 'data-test-subj': `panel-custom`, name: i18n.CUSTOM_FIELD, icon: 'empty', - disabled: groupsSelected.length === maxGroupingLevels, + disabled: maxGroupingLevels > 1 && groupsSelected.length === maxGroupingLevels, panel: 'customPanel', hasPanel: true, }, diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx index d50809c99fb3f..7aede5c249ad0 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx @@ -120,10 +120,14 @@ export const useGetGroupSelector = ({ return; } - const newSelectedGroups = isNoneGroup([groupSelection]) - ? [groupSelection] - : [...selectedGroups.filter((selectedGroup) => selectedGroup !== 'none'), groupSelection]; - setSelectedGroups(newSelectedGroups); + if (maxGroupingLevels === 1) { + setSelectedGroups([groupSelection]); + } else { + const newSelectedGroups = isNoneGroup([groupSelection]) + ? [groupSelection] + : [...selectedGroups.filter((selectedGroup) => selectedGroup !== 'none'), groupSelection]; + setSelectedGroups(newSelectedGroups); + } // built-in telemetry: UI-counter tracker?.( @@ -133,7 +137,7 @@ export const useGetGroupSelector = ({ onGroupChange?.({ tableId: groupingId, groupByField: groupSelection }); }, - [groupingId, onGroupChange, selectedGroups, setSelectedGroups, tracker] + [groupingId, maxGroupingLevels, onGroupChange, selectedGroups, setSelectedGroups, tracker] ); useEffect(() => { From 0ac7e9ed218b557941db700537d80054fe222eb0 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Tue, 17 Oct 2023 11:39:22 -0700 Subject: [PATCH 03/29] WIP: group selector on findings page --- .../additional_controls.tsx | 25 +- .../cloud_security_data_table.tsx | 2 + .../cloud_security_data_table/use_styles.ts | 3 - .../latest_findings_container.tsx | 243 +++++++++--------- .../latest_findings/use_grouped_findings.tsx | 126 +++++++++ 5 files changed, 266 insertions(+), 133 deletions(-) create mode 100644 x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx index 61a85e9993ecf..3ed680c4d8317 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx @@ -12,6 +12,7 @@ import numeral from '@elastic/numeral'; import { FieldsSelectorModal } from './fields_selector'; import { FindingsGroupBySelector } from '../../pages/configurations/layout/findings_group_by_selector'; import { useStyles } from './use_styles'; +import { AnyAsyncThunk } from '@reduxjs/toolkit/dist/matchers'; const formatNumber = (value: number) => { return value < 1000 ? value : numeral(value).format('0.0a'); @@ -24,6 +25,7 @@ export const AdditionalControls = ({ columns, onAddColumn, onRemoveColumn, + groupSelector, }: { total: number; title: string; @@ -31,6 +33,7 @@ export const AdditionalControls = ({ columns: string[]; onAddColumn: (column: string) => void; onRemoveColumn: (column: string) => void; + groupSelector: any; }) => { const styles = useStyles(); @@ -39,6 +42,24 @@ export const AdditionalControls = ({ const closeModal = () => setIsFieldSelectorModalVisible(false); const showModal = () => setIsFieldSelectorModalVisible(true); + const GroupSelector = () => { + if (groupSelector === null) { + return null; + } + if (groupSelector) { + return ( + + {groupSelector} + + ); + } + return ( + + ; + + ); + }; + return ( <> {isFieldSelectorModalVisible && ( @@ -66,9 +87,7 @@ export const AdditionalControls = ({ })} - - - + ); }; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx index 12afa013aed18..422dd7dc268ed 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx @@ -86,6 +86,7 @@ export const CloudSecurityDataTable = ({ loadMore, title, customCellRenderer, + groupSelector, ...rest }: CloudSecurityDataGridProps) => { const { @@ -213,6 +214,7 @@ export const CloudSecurityDataTable = ({ columns={currentColumns} onAddColumn={onAddColumn} onRemoveColumn={onRemoveColumn} + groupSelector={groupSelector} /> ); diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/use_styles.ts b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/use_styles.ts index b3b0fa1b172b1..3919e01af7753 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/use_styles.ts +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/use_styles.ts @@ -23,9 +23,6 @@ export const useStyles = () => { border-bottom: none; margin-bottom: ${euiTheme.size.s}; border-top: none; - & .euiButtonEmpty { - font-weight: ${euiTheme.font.weight.bold}; - } } & .euiDataGrid--headerUnderline .euiDataGridHeaderCell { border-bottom: ${euiTheme.border.width.thick} solid ${euiTheme.colors.fullShade}; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index 6f36676de8c6d..420407927caf2 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -4,12 +4,13 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React, { useMemo } from 'react'; +import React, { useEffect, useMemo } from 'react'; import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { DataTableRecord } from '@kbn/discover-utils/types'; import { Filter, Query } from '@kbn/es-query'; import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolution-grouping'; +import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; import { TimestampTableCell } from '../../../components/timestamp_table_cell'; import { CspEvaluationBadge } from '../../../components/csp_evaluation_badge'; import type { Evaluation } from '../../../../common/types'; @@ -28,7 +29,8 @@ import { CloudSecurityDefaultColumn, } from '../../../components/cloud_security_data_table'; import { FindingsRuleFlyout } from '../findings_flyout/findings_flyout'; -import { useFindingsByResource } from '../latest_findings_by_resource/use_findings_by_resource'; +// import { useFindingsByResource } from '../latest_findings_by_resource/use_findings_by_resource'; +import { useGroupedFindings } from './use_grouped_findings'; const getDefaultQuery = ({ query, @@ -47,7 +49,7 @@ const getDefaultQuery = ({ const defaultColumns: CloudSecurityDefaultColumn[] = [ { id: 'result.evaluation', width: 80 }, { id: 'resource.id' }, - { id: 'resource.name' }, + { id: 'resource.id' }, { id: 'resource.sub_type' }, { id: 'rule.benchmark.rule_number' }, { id: 'rule.name' }, @@ -116,14 +118,14 @@ export const FINDINGS_UNIT = (totalCount: number) => }); export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { - const cloudPostureTable = useCloudPostureTable({ - dataView, - paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, - columnsLocalStorageKey, - defaultQuery: getDefaultQuery, - }); + // const cloudPostureTable = useCloudPostureTable({ + // dataView, + // paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, + // columnsLocalStorageKey, + // defaultQuery: getDefaultQuery, + // }); - const { query, sort } = cloudPostureTable; + // const { query, sort } = cloudPostureTable; const grouping = useGrouping({ componentProps: { @@ -134,28 +136,31 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { }, defaultGroupingOptions: [ { - label: 'Rule Name', - key: 'kibana.alert.rule.name', + label: 'Resource', + key: 'resource.id', }, ], fields: dataView.fields, - groupingId: 'latestFindings', - maxGroupingLevels: 2, - onGroupChange: (params) => { - console.log('onGroupChange', params); - }, - onOptionsChange: (options) => { - console.log('onOptionsChange', options); - }, + groupingId: 'cspLatestFindings', + maxGroupingLevels: 1, + // onGroupChange: (params) => { + // console.log('onGroupChange', params); + // }, + // onOptionsChange: (options) => { + // console.log('onOptionsChange', options); + // }, }); + const selectedGroup = grouping.selectedGroups[0]; + const isNoneSelected = isNoneGroup(grouping.selectedGroups); + console.log({ selectedGroup }); + const groupingQuery = getGroupingQuery({ additionalFilters: [], from: 'now-1y', - groupByField: grouping.selectedGroups.join(','), - uniqueValue: grouping.selectedGroups.join(','), + groupByField: selectedGroup, + uniqueValue: selectedGroup, to: 'now', - // groupByField, // pageNumber, // rootAggregations, // runtimeMappings, @@ -166,116 +171,38 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { // uniqueValue, }); - console.log({ groupingQuery }); - console.log({ grouping }); - console.log(grouping.selectedGroups); - - const { data } = useFindingsByResource({ - sortDirection: cloudPostureTable.urlQuery.sort.direction, - query, - enabled: true, + const { data, isFetching } = useGroupedFindings({ + // sortDirection: cloudPostureTable.urlQuery.sort.direction, + query: groupingQuery, + enabled: !isNoneSelected, }); - console.log({ data }); + const aggs = useMemo( + // queriedGroup because `selectedGroup` updates before the query response + () => + parseGroupingQuery( + // fallback to selectedGroup if queriedGroup.current is null, this happens in tests + selectedGroup, + selectedGroup, + data + ), + [data, selectedGroup] + ); - const GroupSelector = () => grouping.groupSelector; + if (isNoneSelected) { + return ( + + ); + } return ( <> - {/* */} {grouping.getGrouping({ activePage: 0, - data: { - groupsCount: { - value: 1, - }, - groupByFields: { - buckets: [ - { - key: ['Vulnerability: CVE-2022-28734'], - doc_count: 41, - hostsCountAggregation: { - value: 25, - }, - ruleTags: { - doc_count_error_upper_bound: 0, - sum_other_doc_count: 0, - buckets: [ - { - key: 'CNVM', - doc_count: 41, - }, - { - key: 'CVE-2022-28734', - doc_count: 41, - }, - { - key: 'Cloud Security', - doc_count: 41, - }, - { - key: 'Data Source: Cloud Native Vulnerability Management', - doc_count: 41, - }, - { - key: 'OS: Linux', - doc_count: 41, - }, - { - key: 'Use Case: Vulnerability', - doc_count: 41, - }, - ], - }, - unitsCount: { - value: 41, - }, - description: { - doc_count_error_upper_bound: 0, - sum_other_doc_count: 0, - buckets: [ - { - key: "Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata.", - doc_count: 41, - }, - ], - }, - severitiesSubAggregation: { - doc_count_error_upper_bound: 0, - sum_other_doc_count: 0, - buckets: [ - { - key: 'critical', - doc_count: 18, - }, - { - key: 'medium', - doc_count: 13, - }, - { - key: 'high', - doc_count: 10, - }, - ], - }, - countSeveritySubAggregation: { - value: 3, - }, - usersCountAggregation: { - value: 0, - }, - selectedGroup: 'kibana.alert.rule.name', - key_as_string: 'Vulnerability: CVE-2022-28734', - }, - ], - }, - unitsCount: { - value: 41, - }, - }, + data: aggs, groupingLevel: 0, inspectButton: undefined, - isLoading: false, + isLoading: isFetching, itemsPerPage: 10, onChangeGroupsItemsPerPage: () => { console.log('onChangeGroupsItemsPerPage'); @@ -284,20 +211,81 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { console.log('onChangeGroupsPage'); }, renderChildComponent: (groupFilter) => { - return
{JSON.stringify(groupFilter)}
; + console.log({ groupFilter }); + return ; }, onGroupClose: () => { console.log('onGroupClose'); }, - selectedGroup: 'kibana.alert.rule.name', - // selectedGroup: 'kibana.alert.rule.name', + selectedGroup, + // selectedGroup: 'resource.id', takeActionItems: () => [], })} ); }; -export const LatestFindingsContainerOld = ({ dataView }: FindingsBaseProps) => { +export const LatestFindingsContainerTable = ({ dataView, filter }: FindingsBaseProps) => { + const cloudPostureTable = useCloudPostureTable({ + dataView, + paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, + columnsLocalStorageKey, + defaultQuery: getDefaultQuery, + }); + + const { query, sort, queryError, setUrlQuery, getRowsFromPages } = cloudPostureTable; + + useEffect(() => { + setUrlQuery({ + filters: filter, + }); + }, [filter, setUrlQuery]); + + const { + data, + error: fetchError, + isFetching, + fetchNextPage, + } = useLatestFindings({ + query, + sort, + enabled: !queryError, + }); + + const rows = useMemo(() => getRowsFromPages(data?.pages), [data?.pages, getRowsFromPages]); + + const error = fetchError || queryError; + const total = data?.pages[0].total || 0; + + return ( + + + + {error && } + {!error && ( + <> + + + + )} + + ); +}; + +export const LatestFindingsContainerOld = ({ dataView, groupSelector }: FindingsBaseProps) => { const cloudPostureTable = useCloudPostureTable({ dataView, paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, @@ -365,6 +353,7 @@ export const LatestFindingsContainerOld = ({ dataView }: FindingsBaseProps) => { loadMore={fetchNextPage} title={title} customCellRenderer={customCellRenderer} + groupSelector={groupSelector} /> )} diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx new file mode 100644 index 0000000000000..af5f6fe62b395 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx @@ -0,0 +1,126 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { SearchResponse } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import { IKibanaSearchResponse } from '@kbn/data-plugin/public'; +import { GroupingAggregation } from '@kbn/securitysolution-grouping'; +import { GenericBuckets } from '@kbn/securitysolution-grouping/src'; +import { useQuery } from '@tanstack/react-query'; +import { lastValueFrom } from 'rxjs'; +import { CSP_LATEST_FINDINGS_DATA_VIEW } from '../../../../common/constants'; +import { useKibana } from '../../../common/hooks/use_kibana'; +import { showErrorToast } from '../../../common/utils/show_error_toast'; + +// Elasticsearch returns `null` when a sub-aggregation cannot be computed +type NumberOrNull = number | null; + +export interface FindingsGroupingAggregation { + unitsCount?: { + value?: NumberOrNull; + }; + description?: { + buckets?: GenericBuckets[]; + }; + severitiesSubAggregation?: { + buckets?: GenericBuckets[]; + }; + countSeveritySubAggregation?: { + value?: NumberOrNull; + }; + usersCountAggregation?: { + value?: NumberOrNull; + }; + hostsCountAggregation?: { + value?: NumberOrNull; + }; + ipsCountAggregation?: { + value?: NumberOrNull; + }; + rulesCountAggregation?: { + value?: NumberOrNull; + }; + ruleTags?: { + doc_count_error_upper_bound?: number; + sum_other_doc_count?: number; + buckets?: GenericBuckets[]; + }; + stackByMultipleFields1?: { + buckets?: GenericBuckets[]; + doc_count_error_upper_bound?: number; + sum_other_doc_count?: number; + }; +} + +export const getGroupedFindingsQuery = (query: any) => ({ + index: CSP_LATEST_FINDINGS_DATA_VIEW, + ...query, +}); + +export const useGroupedFindings = ({ query, enabled = true }: any) => { + const { + data, + notifications: { toasts }, + } = useKibana().services; + + return useQuery( + ['csp_grouped_findings', { query }], + async () => { + const { + rawResponse: { aggregations }, + } = await lastValueFrom( + data.search.search< + {}, + IKibanaSearchResponse< + SearchResponse<{}, GroupingAggregation> + > + >({ + params: getGroupedFindingsQuery(query), + }) + ); + + if (!aggregations) throw new Error('Failed to aggregate by, missing resource id'); + + // if ( + // !Array.isArray(aggregations.resources.buckets) || + // !Array.isArray(aggregations.count.buckets) + // ) + // throw new Error('Failed to group by, missing resource id'); + + // const page = aggregations.resources.buckets.map(createFindingsByResource); + + // const aggs = parseGroupingQuery( + // // fallback to selectedGroup if queriedGroup.current is null, this happens in tests + // queriedGroup.current === null ? selectedGroup : queriedGroup.current, + // uniqueValue, + // alertsGroupsData?.aggregations + // ); + + return aggregations; + // return { + // ...aggregations, + // groupByFields: { + // ...aggregations.groupByFields, + // buckets: [ + // ...aggregations.groupByFields.buckets.map((bucket) => ({ + // ...bucket, + // unitsCount: { + // value: 2, + // }, + // selectedGroup: 'resource.id', + // key_as_string: 'Vulnerability: CVE-2022-28734', + // key: ['Vulnerability: CVE-2022-28734'], + // })), + // ], + // }, + // }; + }, + { + onError: (err: Error) => showErrorToast(toasts, err), + enabled, + } + ); +}; From bb7f3082a88cde94bd511328f944ff9b8d1bcd17 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 18 Oct 2023 12:11:55 -0700 Subject: [PATCH 04/29] adding more group by fields --- .../latest_findings/latest_findings_container.tsx | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index 420407927caf2..d0b8c5e90e3f6 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -139,6 +139,18 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { label: 'Resource', key: 'resource.id', }, + { + label: 'Rule name', + key: 'rule.name', + }, + { + label: 'Cloud account', + key: 'cloud.account.name', + }, + { + label: 'Kubernetes cluster', + key: 'orchestrator.cluster.name', + }, ], fields: dataView.fields, groupingId: 'cspLatestFindings', From c9f251ee99bad7280cc5c04e679ec13167fcee9a Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Mon, 23 Oct 2023 15:51:07 -0700 Subject: [PATCH 05/29] add non url additional filters --- .../use_cloud_posture_table.ts | 11 ++- .../hooks/use_cloud_posture_table/utils.ts | 21 +++-- .../public/common/types.ts | 5 ++ .../latest_findings_container.tsx | 76 ++++++++++--------- .../latest_findings/use_grouped_findings.tsx | 33 +------- 5 files changed, 67 insertions(+), 79 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts index 0becb56e6ec22..c6de939ae8059 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts @@ -6,7 +6,7 @@ */ import { Dispatch, SetStateAction, useCallback } from 'react'; import { type DataView } from '@kbn/data-views-plugin/common'; -import { BoolQuery } from '@kbn/es-query'; +import { BoolQuery, Filter } from '@kbn/es-query'; import { CriteriaWithPagination } from '@elastic/eui'; import { DataTableRecord } from '@kbn/discover-utils/types'; import { useUrlQuery } from '../use_url_query'; @@ -21,7 +21,7 @@ export interface CloudPostureTableResult { sort: any; // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable filters: any[]; - query?: { bool: BoolQuery }; + query: { bool: BoolQuery }; queryError?: Error; pageIndex: number; // TODO: remove any, urlQuery is an object with query fields but we also add custom fields to it, need to assert usages @@ -48,12 +48,14 @@ export const useCloudPostureTable = ({ dataView, paginationLocalStorageKey, columnsLocalStorageKey, + additionalFilters, }: { // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable defaultQuery?: (params: any) => any; dataView: DataView; paginationLocalStorageKey: string; columnsLocalStorageKey?: string; + additionalFilters?: Filter; }): CloudPostureTableResult => { const getPersistedDefaultQuery = usePersistedQuery(defaultQuery); const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); @@ -117,6 +119,7 @@ export const useCloudPostureTable = ({ dataView, filters: urlQuery.filters, query: urlQuery.query, + ...(additionalFilters ? { additionalFilters: [additionalFilters] } : {}), }); const handleUpdateQuery = useCallback( @@ -133,12 +136,14 @@ export const useCloudPostureTable = ({ }) .flat() || []; + const queryError = baseEsQuery instanceof Error ? baseEsQuery : undefined; + return { setUrlQuery, sort: urlQuery.sort, filters: urlQuery.filters, query: baseEsQuery.query, - queryError: baseEsQuery.error, + queryError, pageIndex: urlQuery.pageIndex, urlQuery, setTableOptions, diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts index 2d3f9b1c7605c..0ce63a26a5dc1 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts @@ -23,15 +23,13 @@ const getBaseQuery = ({ filters, config, }: FindingsBaseURLQuery & FindingsBaseProps & FindingsBaseESQueryConfig) => { + console.log('filters', filters); try { return { query: buildEsQuery(dataView, query, filters, config), // will throw for malformed query }; } catch (error) { - return { - query: undefined, - error: error instanceof Error ? error : new Error('Unknown Error'), - }; + throw new Error(error); } }; @@ -59,6 +57,7 @@ export const useBaseEsQuery = ({ dataView, filters, query, + additionalFilters, }: FindingsBaseURLQuery & FindingsBaseProps) => { const { notifications: { toasts }, @@ -70,8 +69,14 @@ export const useBaseEsQuery = ({ const allowLeadingWildcards = uiSettings.get('query:allowLeadingWildcards'); const config: EsQueryConfig = useMemo(() => ({ allowLeadingWildcards }), [allowLeadingWildcards]); const baseEsQuery = useMemo( - () => getBaseQuery({ dataView, filters, query, config }), - [dataView, filters, query, config] + () => + getBaseQuery({ + dataView, + filters: filters.concat(additionalFilters ?? []).flat(), + query, + config, + }), + [dataView, filters, additionalFilters, query, config] ); /** @@ -83,7 +88,7 @@ export const useBaseEsQuery = ({ }, [filters, filterManager, queryString, query]); const handleMalformedQueryError = () => { - const error = baseEsQuery.error; + const error = baseEsQuery instanceof Error ? baseEsQuery : undefined; if (error) { toasts.addError(error, { title: i18n.translate('xpack.csp.findings.search.queryErrorToastMessage', { @@ -94,7 +99,7 @@ export const useBaseEsQuery = ({ } }; - useEffect(handleMalformedQueryError, [baseEsQuery.error, toasts]); + useEffect(handleMalformedQueryError, [baseEsQuery, toasts]); return baseEsQuery; }; diff --git a/x-pack/plugins/cloud_security_posture/public/common/types.ts b/x-pack/plugins/cloud_security_posture/public/common/types.ts index 6ebfe7c7a0fa3..8617c74a03181 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/types.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/types.ts @@ -14,6 +14,11 @@ export type FindingsGroupByKind = 'default' | 'resource'; export interface FindingsBaseURLQuery { query: Query; filters: Filter[]; + /** + * Filters that are part of the query + * but not persisted in the URL or in the Filter Manager + */ + additionalFilters?: Filter[]; } export interface FindingsBaseProps { diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index d0b8c5e90e3f6..cec257f839449 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -4,13 +4,18 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React, { useEffect, useMemo } from 'react'; +import React, { useEffect, useMemo, useState } from 'react'; import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { DataTableRecord } from '@kbn/discover-utils/types'; -import { Filter, Query } from '@kbn/es-query'; +import { buildEsQuery, Filter, Query } from '@kbn/es-query'; import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolution-grouping'; import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; +import { useUrlQuery } from '../../../common/hooks/use_url_query'; +import { + useBaseEsQuery, + usePersistedQuery, +} from '../../../common/hooks/use_cloud_posture_table/utils'; import { TimestampTableCell } from '../../../components/timestamp_table_cell'; import { CspEvaluationBadge } from '../../../components/csp_evaluation_badge'; import type { Evaluation } from '../../../../common/types'; @@ -118,14 +123,17 @@ export const FINDINGS_UNIT = (totalCount: number) => }); export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { - // const cloudPostureTable = useCloudPostureTable({ - // dataView, - // paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, - // columnsLocalStorageKey, - // defaultQuery: getDefaultQuery, - // }); + const getPersistedDefaultQuery = usePersistedQuery(getDefaultQuery); + const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); + + const [activePage, setActivePage] = useState(0); + const [pageSize, setPageSize] = useState(10); - // const { query, sort } = cloudPostureTable; + const baseEsQuery = useBaseEsQuery({ + dataView, + filters: urlQuery.filters, + query: urlQuery.query, + }); const grouping = useGrouping({ componentProps: { @@ -155,12 +163,12 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { fields: dataView.fields, groupingId: 'cspLatestFindings', maxGroupingLevels: 1, - // onGroupChange: (params) => { - // console.log('onGroupChange', params); - // }, - // onOptionsChange: (options) => { - // console.log('onOptionsChange', options); - // }, + onGroupChange: (params) => { + console.log('onGroupChange', params); + }, + onOptionsChange: (options) => { + console.log('onOptionsChange', options); + }, }); const selectedGroup = grouping.selectedGroups[0]; @@ -168,15 +176,15 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { console.log({ selectedGroup }); const groupingQuery = getGroupingQuery({ - additionalFilters: [], - from: 'now-1y', + additionalFilters: [baseEsQuery.query], groupByField: selectedGroup, uniqueValue: selectedGroup, + from: 'now-1y', to: 'now', - // pageNumber, + pageNumber: activePage, // rootAggregations, // runtimeMappings, - // size = DEFAULT_GROUP_BY_FIELD_SIZE, + size: pageSize, // sort, // statsAggregations, // to, @@ -203,27 +211,30 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { if (isNoneSelected) { return ( - + <> + + + ); } return ( <> + {grouping.getGrouping({ - activePage: 0, + activePage, data: aggs, groupingLevel: 0, inspectButton: undefined, isLoading: isFetching, - itemsPerPage: 10, - onChangeGroupsItemsPerPage: () => { - console.log('onChangeGroupsItemsPerPage'); + itemsPerPage: pageSize, + onChangeGroupsItemsPerPage: (size) => { + setPageSize(size); }, - onChangeGroupsPage: () => { - console.log('onChangeGroupsPage'); + onChangeGroupsPage: (index) => { + setActivePage(index); }, renderChildComponent: (groupFilter) => { - console.log({ groupFilter }); return ; }, onGroupClose: () => { @@ -243,15 +254,10 @@ export const LatestFindingsContainerTable = ({ dataView, filter }: FindingsBaseP paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, columnsLocalStorageKey, defaultQuery: getDefaultQuery, + additionalFilters: filter, }); - const { query, sort, queryError, setUrlQuery, getRowsFromPages } = cloudPostureTable; - - useEffect(() => { - setUrlQuery({ - filters: filter, - }); - }, [filter, setUrlQuery]); + const { query, sort, queryError, getRowsFromPages } = cloudPostureTable; const { data, @@ -271,7 +277,6 @@ export const LatestFindingsContainerTable = ({ dataView, filter }: FindingsBaseP return ( - {error && } {!error && ( @@ -340,7 +345,6 @@ export const LatestFindingsContainerOld = ({ dataView, groupSelector }: Findings return ( - {error && } {!error && ( diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx index af5f6fe62b395..7c6b347cf7ece 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx @@ -58,6 +58,7 @@ export interface FindingsGroupingAggregation { export const getGroupedFindingsQuery = (query: any) => ({ index: CSP_LATEST_FINDINGS_DATA_VIEW, ...query, + size: 0, }); export const useGroupedFindings = ({ query, enabled = true }: any) => { @@ -84,39 +85,7 @@ export const useGroupedFindings = ({ query, enabled = true }: any) => { if (!aggregations) throw new Error('Failed to aggregate by, missing resource id'); - // if ( - // !Array.isArray(aggregations.resources.buckets) || - // !Array.isArray(aggregations.count.buckets) - // ) - // throw new Error('Failed to group by, missing resource id'); - - // const page = aggregations.resources.buckets.map(createFindingsByResource); - - // const aggs = parseGroupingQuery( - // // fallback to selectedGroup if queriedGroup.current is null, this happens in tests - // queriedGroup.current === null ? selectedGroup : queriedGroup.current, - // uniqueValue, - // alertsGroupsData?.aggregations - // ); - return aggregations; - // return { - // ...aggregations, - // groupByFields: { - // ...aggregations.groupByFields, - // buckets: [ - // ...aggregations.groupByFields.buckets.map((bucket) => ({ - // ...bucket, - // unitsCount: { - // value: 2, - // }, - // selectedGroup: 'resource.id', - // key_as_string: 'Vulnerability: CVE-2022-28734', - // key: ['Vulnerability: CVE-2022-28734'], - // })), - // ], - // }, - // }; }, { onError: (err: Error) => showErrorToast(toasts, err), From 4fd1510a4a3a7b7b04f30661ccdd22397ac6751b Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 14:24:36 -0700 Subject: [PATCH 06/29] adding custom title --- .../src/hooks/use_get_group_selector.tsx | 3 +++ .../kbn-securitysolution-grouping/src/hooks/use_grouping.tsx | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx index 7aede5c249ad0..b543bff5af449 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx @@ -30,6 +30,7 @@ export interface UseGetGroupSelectorArgs { event: string | string[], count?: number | undefined ) => void; + title?: string; } interface UseGetGroupSelectorStateless @@ -84,6 +85,7 @@ export const useGetGroupSelector = ({ onGroupChange, onOptionsChange, tracker, + title, }: UseGetGroupSelectorArgs) => { const { activeGroups: selectedGroups, options } = groupByIdSelector({ groups: groupingState }, groupingId) ?? defaultGroup; @@ -188,6 +190,7 @@ export const useGetGroupSelector = ({ fields, maxGroupingLevels, options, + title, }} /> ); diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx index a744fc6c4ff7c..dfde9506ae4c2 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx @@ -72,6 +72,7 @@ interface GroupingArgs { event: string | string[], count?: number | undefined ) => void; + title?: string; } /** @@ -85,6 +86,7 @@ interface GroupingArgs { * @param onGroupChange callback executed when selected group is changed, used for tracking * @param onOptionsChange callback executed when grouping options are changed, used for consumer grouping selector * @param tracker telemetry handler + * @param title title of the grouping selector component * @returns {@link Grouping} the grouping constructor { getGrouping, groupSelector, pagination, selectedGroups } */ export const useGrouping = ({ @@ -96,6 +98,7 @@ export const useGrouping = ({ onGroupChange, onOptionsChange, tracker, + title, }: GroupingArgs): Grouping => { const [groupingState, dispatch] = useReducer(groupsReducerWithStorage, initialState); const { activeGroups: selectedGroups } = useMemo( @@ -125,6 +128,7 @@ export const useGrouping = ({ onGroupChange, onOptionsChange, tracker, + title, }); const getGrouping = useCallback( From fd4e071ca365e0c3eec5c575d7d952f63016f7fd Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 14:25:42 -0700 Subject: [PATCH 07/29] additional filters --- .../hooks/use_cloud_posture_table/use_cloud_posture_table.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts index c6de939ae8059..443d0d7215f3a 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts @@ -49,13 +49,14 @@ export const useCloudPostureTable = ({ paginationLocalStorageKey, columnsLocalStorageKey, additionalFilters, + pageIndexUrlSuffix = '', }: { // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable defaultQuery?: (params: any) => any; dataView: DataView; paginationLocalStorageKey: string; columnsLocalStorageKey?: string; - additionalFilters?: Filter; + additionalFilters?: Filter[]; }): CloudPostureTableResult => { const getPersistedDefaultQuery = usePersistedQuery(defaultQuery); const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); @@ -119,7 +120,7 @@ export const useCloudPostureTable = ({ dataView, filters: urlQuery.filters, query: urlQuery.query, - ...(additionalFilters ? { additionalFilters: [additionalFilters] } : {}), + ...(additionalFilters ? { additionalFilters } : {}), }); const handleUpdateQuery = useCallback( From 40a7797982c51a1aaf44396b3777a54060b942c2 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 14:26:08 -0700 Subject: [PATCH 08/29] datatable group component --- .../additional_controls.tsx | 14 +++----------- .../cloud_security_data_table.tsx | 12 +++++++++++- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx index 3ed680c4d8317..6b9e48e7738e5 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx @@ -10,9 +10,7 @@ import { EuiButtonEmpty, EuiFlexItem } from '@elastic/eui'; import { type DataView } from '@kbn/data-views-plugin/common'; import numeral from '@elastic/numeral'; import { FieldsSelectorModal } from './fields_selector'; -import { FindingsGroupBySelector } from '../../pages/configurations/layout/findings_group_by_selector'; import { useStyles } from './use_styles'; -import { AnyAsyncThunk } from '@reduxjs/toolkit/dist/matchers'; const formatNumber = (value: number) => { return value < 1000 ? value : numeral(value).format('0.0a'); @@ -33,7 +31,7 @@ export const AdditionalControls = ({ columns: string[]; onAddColumn: (column: string) => void; onRemoveColumn: (column: string) => void; - groupSelector: any; + groupSelector?: JSX.Element; }) => { const styles = useStyles(); @@ -43,9 +41,6 @@ export const AdditionalControls = ({ const showModal = () => setIsFieldSelectorModalVisible(true); const GroupSelector = () => { - if (groupSelector === null) { - return null; - } if (groupSelector) { return ( @@ -53,11 +48,8 @@ export const AdditionalControls = ({ ); } - return ( - - ; - - ); + + return null; }; return ( diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx index 6aac11bd78ed5..f83df97e8deab 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx @@ -73,6 +73,15 @@ interface CloudSecurityDataGridProps { */ loadMore: () => void; 'data-test-subj'?: string; + /** + * This is the component that will be rendered in the group selector. + * This component will receive the current group and a function to change the group. + */ + groupSelector?: JSX.Element; + /** + * Height override for the data grid. + */ + height?: number; } export const CloudSecurityDataTable = ({ @@ -87,6 +96,7 @@ export const CloudSecurityDataTable = ({ title, customCellRenderer, groupSelector, + height, ...rest }: CloudSecurityDataGridProps) => { const { @@ -222,7 +232,7 @@ export const CloudSecurityDataTable = ({ // Change the height of the grid to fit the page // If there are filters, leave space for the filter bar // Todo: Replace this component with EuiAutoSizer - height: `calc(100vh - ${filters.length > 0 ? 443 : 403}px)`, + height: height ?? `calc(100vh - ${filters.length > 0 ? 443 : 403}px)`, }; const rowHeightState = From bd80f343ed2ee579df93cb78ebc41d3752cd011f Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 14:26:45 -0700 Subject: [PATCH 09/29] clean up code --- .../latest_findings_container.tsx | 169 +++++++++++------- .../latest_findings/use_grouped_findings.tsx | 37 +--- 2 files changed, 108 insertions(+), 98 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index cec257f839449..47fc9a783ca89 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -8,9 +8,10 @@ import React, { useEffect, useMemo, useState } from 'react'; import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { DataTableRecord } from '@kbn/discover-utils/types'; -import { buildEsQuery, Filter, Query } from '@kbn/es-query'; +import { Filter, Query } from '@kbn/es-query'; import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolution-grouping'; import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; +import * as uuid from 'uuid'; import { useUrlQuery } from '../../../common/hooks/use_url_query'; import { useBaseEsQuery, @@ -34,7 +35,6 @@ import { CloudSecurityDefaultColumn, } from '../../../components/cloud_security_data_table'; import { FindingsRuleFlyout } from '../findings_flyout/findings_flyout'; -// import { useFindingsByResource } from '../latest_findings_by_resource/use_findings_by_resource'; import { useGroupedFindings } from './use_grouped_findings'; const getDefaultQuery = ({ @@ -122,98 +122,102 @@ export const FINDINGS_UNIT = (totalCount: number) => defaultMessage: `{totalCount, plural, =1 {finding} other {findings}}`, }); +const defaultGroupingOptions = [ + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByResource', { + defaultMessage: 'Resource', + }), + key: 'resource.name', + }, + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByRuleName', { + defaultMessage: 'Rule name', + }), + key: 'rule.name', + }, + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByCloudAccount', { + defaultMessage: 'Cloud account', + }), + key: 'cloud.account.name', + }, + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByKubernetesCluster', { + defaultMessage: 'Kubernetes cluster', + }), + key: 'orchestrator.cluster.name', + }, +]; + +const groupingTitle = i18n.translate('xpack.csp.findings.latestFindings.groupBy', { + defaultMessage: 'Group findings by', +}); + export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { const getPersistedDefaultQuery = usePersistedQuery(getDefaultQuery); const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); - const [activePage, setActivePage] = useState(0); const [pageSize, setPageSize] = useState(10); - const baseEsQuery = useBaseEsQuery({ + const { query } = useBaseEsQuery({ dataView, filters: urlQuery.filters, query: urlQuery.query, }); + /** + * Reset the active page when the filters or query change + * This is needed because the active page is not automatically reset when the filters or query change + */ + useEffect(() => { + setActivePage(0); + }, [urlQuery.filters, urlQuery.query]); + const grouping = useGrouping({ componentProps: { - // groupPanelRenderer: renderGroupPanel, - // groupStatsRenderer: getStats, - // onGroupToggle, unit: FINDINGS_UNIT, }, - defaultGroupingOptions: [ - { - label: 'Resource', - key: 'resource.id', - }, - { - label: 'Rule name', - key: 'rule.name', - }, - { - label: 'Cloud account', - key: 'cloud.account.name', - }, - { - label: 'Kubernetes cluster', - key: 'orchestrator.cluster.name', - }, - ], + defaultGroupingOptions, fields: dataView.fields, groupingId: 'cspLatestFindings', maxGroupingLevels: 1, - onGroupChange: (params) => { - console.log('onGroupChange', params); - }, - onOptionsChange: (options) => { - console.log('onOptionsChange', options); + title: groupingTitle, + onGroupChange: () => { + setActivePage(0); }, }); const selectedGroup = grouping.selectedGroups[0]; const isNoneSelected = isNoneGroup(grouping.selectedGroups); - console.log({ selectedGroup }); + + const uniqueValue = useMemo(() => `${selectedGroup}-${uuid.v4()}`, [selectedGroup]); const groupingQuery = getGroupingQuery({ - additionalFilters: [baseEsQuery.query], + additionalFilters: [query], groupByField: selectedGroup, - uniqueValue: selectedGroup, + uniqueValue, from: 'now-1y', to: 'now', - pageNumber: activePage, - // rootAggregations, - // runtimeMappings, + pageNumber: activePage * pageSize, size: pageSize, - // sort, - // statsAggregations, - // to, - // uniqueValue, + sort: [{ _key: { order: 'asc' } }], }); const { data, isFetching } = useGroupedFindings({ - // sortDirection: cloudPostureTable.urlQuery.sort.direction, query: groupingQuery, enabled: !isNoneSelected, }); const aggs = useMemo( - // queriedGroup because `selectedGroup` updates before the query response - () => - parseGroupingQuery( - // fallback to selectedGroup if queriedGroup.current is null, this happens in tests - selectedGroup, - selectedGroup, - data - ), - [data, selectedGroup] + () => parseGroupingQuery(selectedGroup, uniqueValue, data), + [data, selectedGroup, uniqueValue] ); if (isNoneSelected) { return ( <> - + ); } @@ -235,20 +239,29 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { setActivePage(index); }, renderChildComponent: (groupFilter) => { - return ; - }, - onGroupClose: () => { - console.log('onGroupClose'); + return ( + + ); }, + onGroupClose: () => {}, selectedGroup, - // selectedGroup: 'resource.id', takeActionItems: () => [], })} ); }; -export const LatestFindingsContainerTable = ({ dataView, filter }: FindingsBaseProps) => { +export const LatestFindingsTable = ({ + dataView, + filter, +}: FindingsBaseProps & { + filter: Filter[]; +}) => { const cloudPostureTable = useCloudPostureTable({ dataView, paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, @@ -294,7 +307,7 @@ export const LatestFindingsContainerTable = ({ dataView, filter }: FindingsBaseP loadMore={fetchNextPage} title={title} customCellRenderer={customCellRenderer} - groupSelector={null} + height={512} /> )} @@ -302,12 +315,24 @@ export const LatestFindingsContainerTable = ({ dataView, filter }: FindingsBaseP ); }; -export const LatestFindingsContainerOld = ({ dataView, groupSelector }: FindingsBaseProps) => { +export const LatestFindingsContainerTable = ({ + dataView, + groupSelector, + height, + showDistributionBar = true, + additionalFilters, +}: FindingsBaseProps & { + groupSelector?: JSX.Element; + height?: number; + showDistributionBar?: boolean; + additionalFilters?: Filter[]; +}) => { const cloudPostureTable = useCloudPostureTable({ dataView, paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, columnsLocalStorageKey, defaultQuery: getDefaultQuery, + additionalFilters, }); const { query, sort, queryError, setUrlQuery, filters, getRowsFromPages } = cloudPostureTable; @@ -345,18 +370,25 @@ export const LatestFindingsContainerOld = ({ dataView, groupSelector }: Findings return ( - - {error && } + {error && ( + <> + + + + )} {!error && ( <> - {total > 0 && ( - + {showDistributionBar && total > 0 && ( + <> + + + + )} - )} diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx index 7c6b347cf7ece..bd529cede5ca6 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx @@ -8,7 +8,7 @@ import { SearchResponse } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; import { IKibanaSearchResponse } from '@kbn/data-plugin/public'; import { GroupingAggregation } from '@kbn/securitysolution-grouping'; -import { GenericBuckets } from '@kbn/securitysolution-grouping/src'; +import { GenericBuckets, GroupingQuery } from '@kbn/securitysolution-grouping/src'; import { useQuery } from '@tanstack/react-query'; import { lastValueFrom } from 'rxjs'; import { CSP_LATEST_FINDINGS_DATA_VIEW } from '../../../../common/constants'; @@ -22,42 +22,17 @@ export interface FindingsGroupingAggregation { unitsCount?: { value?: NumberOrNull; }; - description?: { - buckets?: GenericBuckets[]; - }; - severitiesSubAggregation?: { - buckets?: GenericBuckets[]; - }; - countSeveritySubAggregation?: { - value?: NumberOrNull; - }; - usersCountAggregation?: { - value?: NumberOrNull; - }; - hostsCountAggregation?: { + groupsCount?: { value?: NumberOrNull; }; - ipsCountAggregation?: { - value?: NumberOrNull; - }; - rulesCountAggregation?: { - value?: NumberOrNull; - }; - ruleTags?: { - doc_count_error_upper_bound?: number; - sum_other_doc_count?: number; + groupByFields?: { buckets?: GenericBuckets[]; }; - stackByMultipleFields1?: { - buckets?: GenericBuckets[]; - doc_count_error_upper_bound?: number; - sum_other_doc_count?: number; - }; } -export const getGroupedFindingsQuery = (query: any) => ({ - index: CSP_LATEST_FINDINGS_DATA_VIEW, +export const getGroupedFindingsQuery = (query: GroupingQuery) => ({ ...query, + index: CSP_LATEST_FINDINGS_DATA_VIEW, size: 0, }); @@ -90,6 +65,8 @@ export const useGroupedFindings = ({ query, enabled = true }: any) => { { onError: (err: Error) => showErrorToast(toasts, err), enabled, + // This allows the UI to keep the previous data while the new data is being fetched + keepPreviousData: true, } ); }; From befa48990ac644b47735662f8a1eb01e3e5e6442 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 25 Oct 2023 21:34:37 +0000 Subject: [PATCH 10/29] [CI] Auto-commit changed files from 'node scripts/lint_ts_projects --fix' --- x-pack/plugins/cloud_security_posture/tsconfig.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/cloud_security_posture/tsconfig.json b/x-pack/plugins/cloud_security_posture/tsconfig.json index 113ddcb92202a..592e4139e8492 100755 --- a/x-pack/plugins/cloud_security_posture/tsconfig.json +++ b/x-pack/plugins/cloud_security_posture/tsconfig.json @@ -60,7 +60,8 @@ "@kbn/ui-actions-plugin", "@kbn/core-http-server-mocks", "@kbn/field-formats-plugin", - "@kbn/data-view-field-editor-plugin" + "@kbn/data-view-field-editor-plugin", + "@kbn/securitysolution-grouping" ], "exclude": ["target/**/*"] } From 2f761d50bf3954b3dea411d1c9c82e86a0253463 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 14:43:05 -0700 Subject: [PATCH 11/29] add more information to disabled --- .../src/components/group_selector/index.tsx | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx index 84532a3802985..162e4e81a49e3 100644 --- a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx +++ b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx @@ -43,8 +43,17 @@ const GroupSelectorComponent = ({ [groupsSelected] ); - const panels: EuiContextMenuPanelDescriptor[] = useMemo( - () => [ + const panels: EuiContextMenuPanelDescriptor[] = useMemo(() => { + const isOptionDisabled = (key?: string) => { + // Do not disable when maxGroupingLevels is 1 to allow toggling between groups + if (maxGroupingLevels === 1) { + return false; + } + // Disable all non selected options when the maxGroupingLevels is reached + return groupsSelected.length === maxGroupingLevels && (key ? !isGroupSelected(key) : true); + }; + + return [ { id: 'firstPanel', title: i18n.SELECT_FIELD(maxGroupingLevels), @@ -57,10 +66,7 @@ const GroupSelectorComponent = ({ }, ...options.map((o) => ({ 'data-test-subj': `panel-${o.key}`, - disabled: - maxGroupingLevels > 1 && - groupsSelected.length === maxGroupingLevels && - !isGroupSelected(o.key), + disabled: isOptionDisabled(o.key), name: o.label, onClick: () => onGroupChange(o.key), icon: isGroupSelected(o.key) ? 'check' : 'empty', @@ -69,7 +75,7 @@ const GroupSelectorComponent = ({ 'data-test-subj': `panel-custom`, name: i18n.CUSTOM_FIELD, icon: 'empty', - disabled: maxGroupingLevels > 1 && groupsSelected.length === maxGroupingLevels, + disabled: isOptionDisabled(), panel: 'customPanel', hasPanel: true, }, @@ -90,9 +96,8 @@ const GroupSelectorComponent = ({ /> ), }, - ], - [fields, groupsSelected.length, isGroupSelected, maxGroupingLevels, onGroupChange, options] - ); + ]; + }, [fields, groupsSelected.length, isGroupSelected, maxGroupingLevels, onGroupChange, options]); const selectedOptions = useMemo( () => options.filter((groupOption) => isGroupSelected(groupOption.key)), [isGroupSelected, options] From ec0dbdfbdd58f24ad831361a631681c0845467f4 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 22:25:36 -0700 Subject: [PATCH 12/29] code clean up --- .../src/hooks/use_get_group_selector.tsx | 1 + .../kbn-securitysolution-grouping/src/hooks/use_grouping.tsx | 2 +- .../hooks/use_cloud_posture_table/use_cloud_posture_table.ts | 1 - .../public/common/hooks/use_cloud_posture_table/utils.ts | 1 - .../cloud_security_posture/public/components/empty_state.tsx | 4 +++- .../latest_findings/latest_findings_container.tsx | 2 +- 6 files changed, 6 insertions(+), 5 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx index b543bff5af449..573c5280667b5 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx @@ -122,6 +122,7 @@ export const useGetGroupSelector = ({ return; } + // Simulate a toggle behavior when maxGroupingLevels is 1 if (maxGroupingLevels === 1) { setSelectedGroups([groupSelection]); } else { diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx index dfde9506ae4c2..997dd0895e35e 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx @@ -86,7 +86,7 @@ interface GroupingArgs { * @param onGroupChange callback executed when selected group is changed, used for tracking * @param onOptionsChange callback executed when grouping options are changed, used for consumer grouping selector * @param tracker telemetry handler - * @param title title of the grouping selector component + * @param title of the grouping selector component * @returns {@link Grouping} the grouping constructor { getGrouping, groupSelector, pagination, selectedGroups } */ export const useGrouping = ({ diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts index 443d0d7215f3a..7172adbf26947 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts @@ -49,7 +49,6 @@ export const useCloudPostureTable = ({ paginationLocalStorageKey, columnsLocalStorageKey, additionalFilters, - pageIndexUrlSuffix = '', }: { // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable defaultQuery?: (params: any) => any; diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts index 0ce63a26a5dc1..292a0007f519a 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts @@ -23,7 +23,6 @@ const getBaseQuery = ({ filters, config, }: FindingsBaseURLQuery & FindingsBaseProps & FindingsBaseESQueryConfig) => { - console.log('filters', filters); try { return { query: buildEsQuery(dataView, query, filters, config), // will throw for malformed query diff --git a/x-pack/plugins/cloud_security_posture/public/components/empty_state.tsx b/x-pack/plugins/cloud_security_posture/public/components/empty_state.tsx index 9c38e635062f7..43f39023c9c32 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/empty_state.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/empty_state.tsx @@ -30,7 +30,9 @@ export const EmptyState = ({ && > .euiEmptyPrompt__main { gap: ${euiTheme.size.xl}; } - margin-top: ${euiTheme.size.xxxl}}; + && { + margin-top: ${euiTheme.size.xxxl}}; + } `} data-test-subj={EMPTY_STATE_TEST_SUBJ} icon={ diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index 47fc9a783ca89..3c7ab70286b29 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -54,7 +54,7 @@ const getDefaultQuery = ({ const defaultColumns: CloudSecurityDefaultColumn[] = [ { id: 'result.evaluation', width: 80 }, { id: 'resource.id' }, - { id: 'resource.id' }, + { id: 'resource.name' }, { id: 'resource.sub_type' }, { id: 'rule.benchmark.rule_number' }, { id: 'rule.name' }, From d55081c479da438c2e7c23f8494d5546603a5b56 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 25 Oct 2023 22:31:48 -0700 Subject: [PATCH 13/29] hiding take action button --- .../latest_findings/latest_findings_container.tsx | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index 3c7ab70286b29..aa9299177ba5a 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -12,6 +12,7 @@ import { Filter, Query } from '@kbn/es-query'; import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolution-grouping'; import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; import * as uuid from 'uuid'; +import { css } from '@emotion/react'; import { useUrlQuery } from '../../../common/hooks/use_url_query'; import { useBaseEsQuery, @@ -223,7 +224,13 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { } return ( - <> +
{grouping.getGrouping({ activePage, @@ -252,7 +259,7 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { selectedGroup, takeActionItems: () => [], })} - +
); }; From 59cf7e39daea154c3d87d8e4bb7ac762a4f3c461 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Fri, 10 Nov 2023 18:27:46 -0800 Subject: [PATCH 14/29] addressing PR review suggestions --- .../src/components/group_selector/index.tsx | 3 +- .../src/components/translations.ts | 4 ++ .../src/hooks/use_get_group_selector.tsx | 20 ++++----- .../public/common/types.ts | 3 +- .../additional_controls.tsx | 32 +++++++-------- .../cloud_security_data_table.tsx | 6 +-- .../latest_findings_container.tsx | 41 +++++++++++-------- .../latest_findings/use_grouped_findings.tsx | 8 +++- 8 files changed, 67 insertions(+), 50 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx index 162e4e81a49e3..ffec5db362066 100644 --- a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx +++ b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.tsx @@ -56,7 +56,8 @@ const GroupSelectorComponent = ({ return [ { id: 'firstPanel', - title: i18n.SELECT_FIELD(maxGroupingLevels), + title: + maxGroupingLevels === 1 ? i18n.SELECT_SINGLE_FIELD : i18n.SELECT_FIELD(maxGroupingLevels), items: [ { 'data-test-subj': 'panel-none', diff --git a/packages/kbn-securitysolution-grouping/src/components/translations.ts b/packages/kbn-securitysolution-grouping/src/components/translations.ts index c2e0f13e325a5..de5337db904da 100644 --- a/packages/kbn-securitysolution-grouping/src/components/translations.ts +++ b/packages/kbn-securitysolution-grouping/src/components/translations.ts @@ -32,6 +32,10 @@ export const SELECT_FIELD = (groupingLevelsCount: number) => defaultMessage: 'Select up to {groupingLevelsCount} groupings', }); +export const SELECT_SINGLE_FIELD = i18n.translate('grouping.groupBySingleField', { + defaultMessage: 'Select grouping', +}); + export const NONE = i18n.translate('grouping.noneGroupByOptionName', { defaultMessage: 'None', }); diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx index 573c5280667b5..d3e518a48fe59 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.tsx @@ -112,20 +112,20 @@ export const useGetGroupSelector = ({ const onChange = useCallback( (groupSelection: string) => { - if (selectedGroups.find((selected) => selected === groupSelection)) { - const groups = selectedGroups.filter((selectedGroup) => selectedGroup !== groupSelection); - if (groups.length === 0) { - setSelectedGroups(['none']); - } else { - setSelectedGroups(groups); - } - return; - } - // Simulate a toggle behavior when maxGroupingLevels is 1 if (maxGroupingLevels === 1) { setSelectedGroups([groupSelection]); } else { + if (selectedGroups.find((selected) => selected === groupSelection)) { + const groups = selectedGroups.filter((selectedGroup) => selectedGroup !== groupSelection); + if (groups.length === 0) { + setSelectedGroups(['none']); + } else { + setSelectedGroups(groups); + } + return; + } + const newSelectedGroups = isNoneGroup([groupSelection]) ? [groupSelection] : [...selectedGroups.filter((selectedGroup) => selectedGroup !== 'none'), groupSelection]; diff --git a/x-pack/plugins/cloud_security_posture/public/common/types.ts b/x-pack/plugins/cloud_security_posture/public/common/types.ts index 8617c74a03181..d35127a410a09 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/types.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/types.ts @@ -15,8 +15,7 @@ export interface FindingsBaseURLQuery { query: Query; filters: Filter[]; /** - * Filters that are part of the query - * but not persisted in the URL or in the Filter Manager + * Filters that are part of the query but not persisted in the URL or in the Filter Manager */ additionalFilters?: Filter[]; } diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx index 6b9e48e7738e5..b1f79779e65e4 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/additional_controls.tsx @@ -16,6 +16,16 @@ const formatNumber = (value: number) => { return value < 1000 ? value : numeral(value).format('0.0a'); }; +const GroupSelectorWrapper: React.FC = ({ children }) => { + const styles = useStyles(); + + return ( + + {children} + + ); +}; + export const AdditionalControls = ({ total, title, @@ -23,7 +33,7 @@ export const AdditionalControls = ({ columns, onAddColumn, onRemoveColumn, - groupSelector, + groupSelectorComponent, }: { total: number; title: string; @@ -31,27 +41,13 @@ export const AdditionalControls = ({ columns: string[]; onAddColumn: (column: string) => void; onRemoveColumn: (column: string) => void; - groupSelector?: JSX.Element; + groupSelectorComponent?: JSX.Element; }) => { - const styles = useStyles(); - const [isFieldSelectorModalVisible, setIsFieldSelectorModalVisible] = useState(false); const closeModal = () => setIsFieldSelectorModalVisible(false); const showModal = () => setIsFieldSelectorModalVisible(true); - const GroupSelector = () => { - if (groupSelector) { - return ( - - {groupSelector} - - ); - } - - return null; - }; - return ( <> {isFieldSelectorModalVisible && ( @@ -79,7 +75,9 @@ export const AdditionalControls = ({ })}
- + {groupSelectorComponent && ( + {groupSelectorComponent} + )} ); }; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx index 34a9f14562968..71d18342890c3 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx @@ -73,7 +73,7 @@ interface CloudSecurityDataGridProps { * This is the component that will be rendered in the group selector. * This component will receive the current group and a function to change the group. */ - groupSelector?: JSX.Element; + groupSelectorComponent?: JSX.Element; /** * Height override for the data grid. */ @@ -91,7 +91,7 @@ export const CloudSecurityDataTable = ({ loadMore, title, customCellRenderer, - groupSelector, + groupSelectorComponent, height, ...rest }: CloudSecurityDataGridProps) => { @@ -220,7 +220,7 @@ export const CloudSecurityDataTable = ({ columns={currentColumns} onAddColumn={onAddColumn} onRemoveColumn={onRemoveColumn} - groupSelector={groupSelector} + groupSelectorComponent={groupSelectorComponent} /> ); diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index aa9299177ba5a..6e44e751bd484 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -13,6 +13,7 @@ import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolutio import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; import * as uuid from 'uuid'; import { css } from '@emotion/react'; +import { LATEST_FINDINGS_RETENTION_POLICY } from '../../../../common/constants'; import { useUrlQuery } from '../../../common/hooks/use_url_query'; import { useBaseEsQuery, @@ -154,11 +155,16 @@ const groupingTitle = i18n.translate('xpack.csp.findings.latestFindings.groupBy' defaultMessage: 'Group findings by', }); +const DEFAULT_PAGE_SIZE = 10; +const DEFAULT_TABLE_HEIGHT = 512; +const GROUPING_ID = 'cspLatestFindings'; +const MAX_GROUPING_LEVELS = 1; + export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { const getPersistedDefaultQuery = usePersistedQuery(getDefaultQuery); const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); - const [activePage, setActivePage] = useState(0); - const [pageSize, setPageSize] = useState(10); + const [activePageIndex, setActivePageIndex] = useState(0); + const [pageSize, setPageSize] = useState(DEFAULT_PAGE_SIZE); const { query } = useBaseEsQuery({ dataView, @@ -171,7 +177,7 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { * This is needed because the active page is not automatically reset when the filters or query change */ useEffect(() => { - setActivePage(0); + setActivePageIndex(0); }, [urlQuery.filters, urlQuery.query]); const grouping = useGrouping({ @@ -180,11 +186,11 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { }, defaultGroupingOptions, fields: dataView.fields, - groupingId: 'cspLatestFindings', - maxGroupingLevels: 1, + groupingId: GROUPING_ID, + maxGroupingLevels: MAX_GROUPING_LEVELS, title: groupingTitle, onGroupChange: () => { - setActivePage(0); + setActivePageIndex(0); }, }); @@ -197,9 +203,9 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { additionalFilters: [query], groupByField: selectedGroup, uniqueValue, - from: 'now-1y', + from: `now-${LATEST_FINDINGS_RETENTION_POLICY}`, to: 'now', - pageNumber: activePage * pageSize, + pageNumber: activePageIndex * pageSize, size: pageSize, sort: [{ _key: { order: 'asc' } }], }); @@ -218,7 +224,10 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { return ( <> - + ); } @@ -233,7 +242,7 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { > {grouping.getGrouping({ - activePage, + activePage: activePageIndex, data: aggs, groupingLevel: 0, inspectButton: undefined, @@ -243,14 +252,14 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { setPageSize(size); }, onChangeGroupsPage: (index) => { - setActivePage(index); + setActivePageIndex(index); }, renderChildComponent: (groupFilter) => { return ( ); @@ -314,7 +323,7 @@ export const LatestFindingsTable = ({ loadMore={fetchNextPage} title={title} customCellRenderer={customCellRenderer} - height={512} + height={DEFAULT_TABLE_HEIGHT} /> )} @@ -324,12 +333,12 @@ export const LatestFindingsTable = ({ export const LatestFindingsContainerTable = ({ dataView, - groupSelector, + groupSelectorComponent, height, showDistributionBar = true, additionalFilters, }: FindingsBaseProps & { - groupSelector?: JSX.Element; + groupSelectorComponent?: JSX.Element; height?: number; showDistributionBar?: boolean; additionalFilters?: Filter[]; @@ -408,7 +417,7 @@ export const LatestFindingsContainerTable = ({ loadMore={fetchNextPage} title={title} customCellRenderer={customCellRenderer} - groupSelector={groupSelector} + groupSelectorComponent={groupSelectorComponent} height={height} /> diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx index bd529cede5ca6..66b1faf5060c9 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx @@ -36,7 +36,13 @@ export const getGroupedFindingsQuery = (query: GroupingQuery) => ({ size: 0, }); -export const useGroupedFindings = ({ query, enabled = true }: any) => { +export const useGroupedFindings = ({ + query, + enabled = true, +}: { + query: GroupingQuery; + enabled: boolean; +}) => { const { data, notifications: { toasts }, From 5abda9858eea998f76ca27fe22c14f5a39815ee3 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Sun, 12 Nov 2023 20:14:58 -0800 Subject: [PATCH 15/29] splitting and optimizing code --- .../common/constants.ts | 2 +- .../cloud_security_grouping.tsx | 60 +++++ .../cloud_security_grouping/index.ts | 9 + .../use_cloud_security_grouping.ts | 92 +++++++ .../latest_findings/constants.ts | 71 ++++++ .../latest_findings_container.tsx | 228 ++++++------------ 6 files changed, 302 insertions(+), 160 deletions(-) create mode 100644 x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx create mode 100644 x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/index.ts create mode 100644 x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts create mode 100644 x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/constants.ts diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index 1cc356cbfd5e3..5987881aed444 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -45,7 +45,7 @@ export const LATEST_FINDINGS_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture. export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-cloud_security_posture.findings_latest-*'; export const LATEST_FINDINGS_INDEX_DEFAULT_NS = 'logs-cloud_security_posture.findings_latest-default'; -export const LATEST_FINDINGS_RETENTION_POLICY = '26h'; +export const LATEST_FINDINGS_RETENTION_POLICY = '26y'; export const BENCHMARK_SCORE_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture.scores'; export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-cloud_security_posture.scores-*'; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx new file mode 100644 index 0000000000000..00b96e77d6402 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx @@ -0,0 +1,60 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { useGrouping } from '@kbn/securitysolution-grouping'; +import { ParsedGroupingAggregation } from '@kbn/securitysolution-grouping/src'; +import { Filter } from '@kbn/es-query'; +import React from 'react'; +import { css } from '@emotion/react'; + +interface CloudSecurityGroupingProps { + data: ParsedGroupingAggregation; + renderChildComponent: (groupFilter: Filter[]) => JSX.Element; + grouping: ReturnType; + activePageIndex: number; + isFetching: boolean; + pageSize: number; + onChangeGroupsItemsPerPage: (size: number) => void; + onChangeGroupsPage: (index: number) => void; + selectedGroup: string; +} + +export const CloudSecurityGrouping = ({ + data, + renderChildComponent, + grouping, + activePageIndex, + isFetching, + pageSize, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + selectedGroup, +}: CloudSecurityGroupingProps) => { + return ( +
+ {grouping.getGrouping({ + activePage: activePageIndex, + data, + groupingLevel: 0, + inspectButton: undefined, + isLoading: isFetching, + itemsPerPage: pageSize, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + renderChildComponent, + onGroupClose: () => {}, + selectedGroup, + takeActionItems: () => [], + })} +
+ ); +}; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/index.ts b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/index.ts new file mode 100644 index 0000000000000..35a321d06119d --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { useCloudSecurityGrouping } from './use_cloud_security_grouping'; +export { CloudSecurityGrouping } from './cloud_security_grouping'; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts new file mode 100644 index 0000000000000..1235291e62515 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts @@ -0,0 +1,92 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { useEffect, useMemo, useState } from 'react'; +import { isNoneGroup, useGrouping } from '@kbn/securitysolution-grouping'; +import * as uuid from 'uuid'; +import type { DataView } from '@kbn/data-views-plugin/common'; +import { useUrlQuery } from '../../common/hooks/use_url_query'; +import { + useBaseEsQuery, + usePersistedQuery, +} from '../../common/hooks/use_cloud_posture_table/utils'; +import { FindingsBaseURLQuery } from '../../common/types'; + +const DEFAULT_PAGE_SIZE = 10; +const GROUPING_ID = 'cspLatestFindings'; +const MAX_GROUPING_LEVELS = 1; + +export const useCloudSecurityGrouping = ({ + dataView, + groupingTitle, + defaultGroupingOptions, + getDefaultQuery, + unit, +}: { + dataView: DataView; + groupingTitle: string; + defaultGroupingOptions: Array<{ label: string; key: string }>; + getDefaultQuery: (params: FindingsBaseURLQuery) => FindingsBaseURLQuery; + unit: (count: number) => string; +}) => { + const getPersistedDefaultQuery = usePersistedQuery(getDefaultQuery); + const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); + const [activePageIndex, setActivePageIndex] = useState(0); + const [pageSize, setPageSize] = useState(DEFAULT_PAGE_SIZE); + + const { query } = useBaseEsQuery({ + dataView, + filters: urlQuery.filters, + query: urlQuery.query, + }); + + /** + * Reset the active page when the filters or query change + * This is needed because the active page is not automatically reset when the filters or query change + */ + useEffect(() => { + setActivePageIndex(0); + }, [urlQuery.filters, urlQuery.query]); + + const grouping = useGrouping({ + componentProps: { + unit, + }, + defaultGroupingOptions, + fields: dataView.fields, + groupingId: GROUPING_ID, + maxGroupingLevels: MAX_GROUPING_LEVELS, + title: groupingTitle, + onGroupChange: () => { + setActivePageIndex(0); + }, + }); + + const selectedGroup = grouping.selectedGroups[0]; + const isNoneSelected = isNoneGroup(grouping.selectedGroups); + + const uniqueValue = useMemo(() => `${selectedGroup}-${uuid.v4()}`, [selectedGroup]); + + const onChangeGroupsItemsPerPage = (size: number) => { + setActivePageIndex(0); + setPageSize(size); + }; + + const onChangeGroupsPage = (index: number) => setActivePageIndex(index); + + return { + activePageIndex, + grouping, + pageSize, + query, + selectedGroup, + setUrlQuery, + uniqueValue, + isNoneSelected, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + }; +}; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/constants.ts b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/constants.ts new file mode 100644 index 0000000000000..54884856fccf1 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/constants.ts @@ -0,0 +1,71 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; +import { FindingsBaseURLQuery } from '../../../common/types'; +import { CloudSecurityDefaultColumn } from '../../../components/cloud_security_data_table'; + +export const FINDINGS_UNIT = (totalCount: number) => + i18n.translate('xpack.csp.findings.unit', { + values: { totalCount }, + defaultMessage: `{totalCount, plural, =1 {finding} other {findings}}`, + }); + +export const defaultGroupingOptions = [ + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByResource', { + defaultMessage: 'Resource', + }), + key: 'resource.name', + }, + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByRuleName', { + defaultMessage: 'Rule name', + }), + key: 'rule.name', + }, + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByCloudAccount', { + defaultMessage: 'Cloud account', + }), + key: 'cloud.account.name', + }, + { + label: i18n.translate('xpack.csp.findings.latestFindings.groupByKubernetesCluster', { + defaultMessage: 'Kubernetes cluster', + }), + key: 'orchestrator.cluster.name', + }, +]; + +export const groupingTitle = i18n.translate('xpack.csp.findings.latestFindings.groupBy', { + defaultMessage: 'Group findings by', +}); + +export const DEFAULT_TABLE_HEIGHT = 512; + +export const getDefaultQuery = ({ + query, + filters, +}: FindingsBaseURLQuery): FindingsBaseURLQuery & { + sort: string[][]; +} => ({ + query, + filters, + sort: [['@timestamp', 'desc']], +}); + +export const defaultColumns: CloudSecurityDefaultColumn[] = [ + { id: 'result.evaluation', width: 80 }, + { id: 'resource.id' }, + { id: 'resource.name' }, + { id: 'resource.sub_type' }, + { id: 'rule.benchmark.rule_number' }, + { id: 'rule.name' }, + { id: 'rule.section' }, + { id: '@timestamp' }, +]; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index 6e44e751bd484..b79c5e1441e5d 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -4,25 +4,22 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React, { useEffect, useMemo, useState } from 'react'; +import React, { useCallback, useMemo } from 'react'; import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { DataTableRecord } from '@kbn/discover-utils/types'; -import { Filter, Query } from '@kbn/es-query'; -import { isNoneGroup, useGrouping, getGroupingQuery } from '@kbn/securitysolution-grouping'; +import { Filter } from '@kbn/es-query'; +import { getGroupingQuery } from '@kbn/securitysolution-grouping'; import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; -import * as uuid from 'uuid'; -import { css } from '@emotion/react'; -import { LATEST_FINDINGS_RETENTION_POLICY } from '../../../../common/constants'; -import { useUrlQuery } from '../../../common/hooks/use_url_query'; import { - useBaseEsQuery, - usePersistedQuery, -} from '../../../common/hooks/use_cloud_posture_table/utils'; + CloudSecurityGrouping, + useCloudSecurityGrouping, +} from '../../../components/cloud_security_grouping'; +import { LATEST_FINDINGS_RETENTION_POLICY } from '../../../../common/constants'; import { TimestampTableCell } from '../../../components/timestamp_table_cell'; import { CspEvaluationBadge } from '../../../components/csp_evaluation_badge'; import type { Evaluation } from '../../../../common/types'; -import type { FindingsBaseProps, FindingsBaseURLQuery } from '../../../common/types'; +import type { FindingsBaseProps } from '../../../common/types'; import { FindingsSearchBar } from '../layout/findings_search_bar'; import * as TEST_SUBJECTS from '../test_subjects'; import { useLatestFindings } from './use_latest_findings'; @@ -32,37 +29,17 @@ import { ErrorCallout } from '../layout/error_callout'; import { LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY } from '../../../common/constants'; import { CspFinding } from '../../../../common/schemas/csp_finding'; import { useCloudPostureTable } from '../../../common/hooks/use_cloud_posture_table'; -import { - CloudSecurityDataTable, - CloudSecurityDefaultColumn, -} from '../../../components/cloud_security_data_table'; +import { CloudSecurityDataTable } from '../../../components/cloud_security_data_table'; import { FindingsRuleFlyout } from '../findings_flyout/findings_flyout'; import { useGroupedFindings } from './use_grouped_findings'; - -const getDefaultQuery = ({ - query, - filters, -}: { - query: Query; - filters: Filter[]; -}): FindingsBaseURLQuery & { - sort: string[][]; -} => ({ - query, - filters, - sort: [['@timestamp', 'desc']], -}); - -const defaultColumns: CloudSecurityDefaultColumn[] = [ - { id: 'result.evaluation', width: 80 }, - { id: 'resource.id' }, - { id: 'resource.name' }, - { id: 'resource.sub_type' }, - { id: 'rule.benchmark.rule_number' }, - { id: 'rule.name' }, - { id: 'rule.section' }, - { id: '@timestamp' }, -]; +import { + FINDINGS_UNIT, + groupingTitle, + defaultGroupingOptions, + getDefaultQuery, + DEFAULT_TABLE_HEIGHT, + defaultColumns, +} from './constants'; /** * Type Guard for checking if the given source is a CspFinding @@ -118,87 +95,26 @@ const customCellRenderer = (rows: DataTableRecord[]) => ({ ), }); -export const FINDINGS_UNIT = (totalCount: number) => - i18n.translate('xpack.csp.findings.unit', { - values: { totalCount }, - defaultMessage: `{totalCount, plural, =1 {finding} other {findings}}`, - }); - -const defaultGroupingOptions = [ - { - label: i18n.translate('xpack.csp.findings.latestFindings.groupByResource', { - defaultMessage: 'Resource', - }), - key: 'resource.name', - }, - { - label: i18n.translate('xpack.csp.findings.latestFindings.groupByRuleName', { - defaultMessage: 'Rule name', - }), - key: 'rule.name', - }, - { - label: i18n.translate('xpack.csp.findings.latestFindings.groupByCloudAccount', { - defaultMessage: 'Cloud account', - }), - key: 'cloud.account.name', - }, - { - label: i18n.translate('xpack.csp.findings.latestFindings.groupByKubernetesCluster', { - defaultMessage: 'Kubernetes cluster', - }), - key: 'orchestrator.cluster.name', - }, -]; - -const groupingTitle = i18n.translate('xpack.csp.findings.latestFindings.groupBy', { - defaultMessage: 'Group findings by', -}); - -const DEFAULT_PAGE_SIZE = 10; -const DEFAULT_TABLE_HEIGHT = 512; -const GROUPING_ID = 'cspLatestFindings'; -const MAX_GROUPING_LEVELS = 1; - export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { - const getPersistedDefaultQuery = usePersistedQuery(getDefaultQuery); - const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); - const [activePageIndex, setActivePageIndex] = useState(0); - const [pageSize, setPageSize] = useState(DEFAULT_PAGE_SIZE); - - const { query } = useBaseEsQuery({ + const { + activePageIndex, + grouping, + pageSize, + query, + selectedGroup, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + setUrlQuery, + uniqueValue, + isNoneSelected, + } = useCloudSecurityGrouping({ dataView, - filters: urlQuery.filters, - query: urlQuery.query, - }); - - /** - * Reset the active page when the filters or query change - * This is needed because the active page is not automatically reset when the filters or query change - */ - useEffect(() => { - setActivePageIndex(0); - }, [urlQuery.filters, urlQuery.query]); - - const grouping = useGrouping({ - componentProps: { - unit: FINDINGS_UNIT, - }, + groupingTitle, defaultGroupingOptions, - fields: dataView.fields, - groupingId: GROUPING_ID, - maxGroupingLevels: MAX_GROUPING_LEVELS, - title: groupingTitle, - onGroupChange: () => { - setActivePageIndex(0); - }, + getDefaultQuery, + unit: FINDINGS_UNIT, }); - const selectedGroup = grouping.selectedGroups[0]; - const isNoneSelected = isNoneGroup(grouping.selectedGroups); - - const uniqueValue = useMemo(() => `${selectedGroup}-${uuid.v4()}`, [selectedGroup]); - const groupingQuery = getGroupingQuery({ additionalFilters: [query], groupByField: selectedGroup, @@ -215,11 +131,25 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { enabled: !isNoneSelected, }); - const aggs = useMemo( + const groupData = useMemo( () => parseGroupingQuery(selectedGroup, uniqueValue, data), [data, selectedGroup, uniqueValue] ); + const renderChildComponent = useCallback( + (groupFilters: Filter[]) => { + return ( + + ); + }, + [dataView] + ); + if (isNoneSelected) { return ( <> @@ -233,41 +163,19 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { } return ( -
+
- {grouping.getGrouping({ - activePage: activePageIndex, - data: aggs, - groupingLevel: 0, - inspectButton: undefined, - isLoading: isFetching, - itemsPerPage: pageSize, - onChangeGroupsItemsPerPage: (size) => { - setPageSize(size); - }, - onChangeGroupsPage: (index) => { - setActivePageIndex(index); - }, - renderChildComponent: (groupFilter) => { - return ( - - ); - }, - onGroupClose: () => {}, - selectedGroup, - takeActionItems: () => [], - })} +
); }; @@ -307,8 +215,9 @@ export const LatestFindingsTable = ({ return ( - {error && } - {!error && ( + {error ? ( + + ) : ( <> { + const onDistributionBarClick = (evaluation: Evaluation) => { setUrlQuery({ filters: getFilters({ filters, @@ -384,21 +293,22 @@ export const LatestFindingsContainerTable = ({ }); }; + const canShowDistributionBar = showDistributionBar && total > 0; + return ( - {error && ( + {error ? ( <> - )} - {!error && ( + ) : ( <> - {showDistributionBar && total > 0 && ( + {canShowDistributionBar && ( <> From dcde804cac1e136336553cb8638ef2f87a01751d Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Sun, 12 Nov 2023 23:48:22 -0800 Subject: [PATCH 16/29] splitting code into hooks and components --- .../latest_findings_container.tsx | 338 ++---------------- .../latest_findings/latest_findings_table.tsx | 148 ++++++++ .../use_latest_findings_grouping.tsx | 71 ++++ .../use_latest_findings_table.tsx | 86 +++++ 4 files changed, 340 insertions(+), 303 deletions(-) create mode 100644 x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_table.tsx create mode 100644 x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx create mode 100644 x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index b79c5e1441e5d..f8ad0e140aaea 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -4,142 +4,20 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import React, { useCallback, useMemo } from 'react'; -import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import { DataTableRecord } from '@kbn/discover-utils/types'; +import React, { useCallback } from 'react'; import { Filter } from '@kbn/es-query'; -import { getGroupingQuery } from '@kbn/securitysolution-grouping'; -import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; -import { - CloudSecurityGrouping, - useCloudSecurityGrouping, -} from '../../../components/cloud_security_grouping'; -import { LATEST_FINDINGS_RETENTION_POLICY } from '../../../../common/constants'; -import { TimestampTableCell } from '../../../components/timestamp_table_cell'; -import { CspEvaluationBadge } from '../../../components/csp_evaluation_badge'; -import type { Evaluation } from '../../../../common/types'; +import { CloudSecurityGrouping } from '../../../components/cloud_security_grouping'; import type { FindingsBaseProps } from '../../../common/types'; import { FindingsSearchBar } from '../layout/findings_search_bar'; -import * as TEST_SUBJECTS from '../test_subjects'; -import { useLatestFindings } from './use_latest_findings'; -import { FindingsDistributionBar } from '../layout/findings_distribution_bar'; -import { getFilters } from '../utils/utils'; -import { ErrorCallout } from '../layout/error_callout'; -import { LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY } from '../../../common/constants'; -import { CspFinding } from '../../../../common/schemas/csp_finding'; -import { useCloudPostureTable } from '../../../common/hooks/use_cloud_posture_table'; -import { CloudSecurityDataTable } from '../../../components/cloud_security_data_table'; -import { FindingsRuleFlyout } from '../findings_flyout/findings_flyout'; -import { useGroupedFindings } from './use_grouped_findings'; -import { - FINDINGS_UNIT, - groupingTitle, - defaultGroupingOptions, - getDefaultQuery, - DEFAULT_TABLE_HEIGHT, - defaultColumns, -} from './constants'; - -/** - * Type Guard for checking if the given source is a CspFinding - */ -const isCspFinding = (source: Record | undefined): source is CspFinding => { - return source?.result?.evaluation !== undefined; -}; - -/** - * This Wrapper component renders the children if the given row is a CspFinding - * it uses React's Render Props pattern - */ -const CspFindingRenderer = ({ - row, - children, -}: { - row: DataTableRecord; - children: ({ finding }: { finding: CspFinding }) => JSX.Element; -}) => { - const source = row.raw._source; - const finding = isCspFinding(source) && (source as CspFinding); - if (!finding) return <>; - return children({ finding }); -}; - -/** - * Flyout component for the latest findings table - */ -const flyoutComponent = (row: DataTableRecord, onCloseFlyout: () => void): JSX.Element => { - return ( - - {({ finding }) => } - - ); -}; - -const columnsLocalStorageKey = 'cloudPosture:latestFindings:columns'; - -const title = i18n.translate('xpack.csp.findings.latestFindings.tableRowTypeLabel', { - defaultMessage: 'Findings', -}); - -const customCellRenderer = (rows: DataTableRecord[]) => ({ - 'result.evaluation': ({ rowIndex }: EuiDataGridCellValueElementProps) => ( - - {({ finding }) => } - - ), - '@timestamp': ({ rowIndex }: EuiDataGridCellValueElementProps) => ( - - {({ finding }) => } - - ), -}); +import { DEFAULT_TABLE_HEIGHT } from './constants'; +import { useLatestFindingsGrouping } from './use_latest_findings_grouping'; +import { LatestFindingsTable } from './latest_findings_table'; export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { - const { - activePageIndex, - grouping, - pageSize, - query, - selectedGroup, - onChangeGroupsItemsPerPage, - onChangeGroupsPage, - setUrlQuery, - uniqueValue, - isNoneSelected, - } = useCloudSecurityGrouping({ - dataView, - groupingTitle, - defaultGroupingOptions, - getDefaultQuery, - unit: FINDINGS_UNIT, - }); - - const groupingQuery = getGroupingQuery({ - additionalFilters: [query], - groupByField: selectedGroup, - uniqueValue, - from: `now-${LATEST_FINDINGS_RETENTION_POLICY}`, - to: 'now', - pageNumber: activePageIndex * pageSize, - size: pageSize, - sort: [{ _key: { order: 'asc' } }], - }); - - const { data, isFetching } = useGroupedFindings({ - query: groupingQuery, - enabled: !isNoneSelected, - }); - - const groupData = useMemo( - () => parseGroupingQuery(selectedGroup, uniqueValue, data), - [data, selectedGroup, uniqueValue] - ); - const renderChildComponent = useCallback( (groupFilters: Filter[]) => { return ( - { [dataView] ); - if (isNoneSelected) { + const { + canRenderGrouping, + groupData, + grouping, + isFetching, + activePageIndex, + pageSize, + selectedGroup, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + setUrlQuery, + } = useLatestFindingsGrouping({ dataView }); + + if (canRenderGrouping) { return ( - <> +
- - +
); } return ( -
+ <> - -
- ); -}; - -export const LatestFindingsTable = ({ - dataView, - filter, -}: FindingsBaseProps & { - filter: Filter[]; -}) => { - const cloudPostureTable = useCloudPostureTable({ - dataView, - paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, - columnsLocalStorageKey, - defaultQuery: getDefaultQuery, - additionalFilters: filter, - }); - - const { query, sort, queryError, getRowsFromPages } = cloudPostureTable; - - const { - data, - error: fetchError, - isFetching, - fetchNextPage, - } = useLatestFindings({ - query, - sort, - enabled: !queryError, - }); - - const rows = useMemo(() => getRowsFromPages(data?.pages), [data?.pages, getRowsFromPages]); - - const error = fetchError || queryError; - const total = data?.pages[0].total || 0; - - return ( - - - {error ? ( - - ) : ( - <> - - - - )} - - ); -}; - -export const LatestFindingsContainerTable = ({ - dataView, - groupSelectorComponent, - height, - showDistributionBar = true, - additionalFilters, -}: FindingsBaseProps & { - groupSelectorComponent?: JSX.Element; - height?: number; - showDistributionBar?: boolean; - additionalFilters?: Filter[]; -}) => { - const cloudPostureTable = useCloudPostureTable({ - dataView, - paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, - columnsLocalStorageKey, - defaultQuery: getDefaultQuery, - additionalFilters, - }); - - const { query, sort, queryError, setUrlQuery, filters, getRowsFromPages } = cloudPostureTable; - - const { - data, - error: fetchError, - isFetching, - fetchNextPage, - } = useLatestFindings({ - query, - sort, - enabled: !queryError, - }); - - const rows = useMemo(() => getRowsFromPages(data?.pages), [data?.pages, getRowsFromPages]); - - const error = fetchError || queryError; - - const passed = data?.pages[0].count.passed || 0; - const failed = data?.pages[0].count.failed || 0; - const total = data?.pages[0].total || 0; - - const onDistributionBarClick = (evaluation: Evaluation) => { - setUrlQuery({ - filters: getFilters({ - filters, - dataView, - field: 'result.evaluation', - value: evaluation, - negate: false, - }), - }); - }; - - const canShowDistributionBar = showDistributionBar && total > 0; - - return ( - - {error ? ( - <> - - - - ) : ( - <> - {canShowDistributionBar && ( - <> - - - - - )} - - - )} - + + ); }; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_table.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_table.tsx new file mode 100644 index 0000000000000..16b9aa687b98e --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_table.tsx @@ -0,0 +1,148 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { Filter } from '@kbn/es-query'; +import { DataTableRecord } from '@kbn/discover-utils/types'; +import { i18n } from '@kbn/i18n'; +import { EuiDataGridCellValueElementProps, EuiFlexItem, EuiSpacer } from '@elastic/eui'; +import React from 'react'; +import { FindingsBaseProps } from '../../../common/types'; +import * as TEST_SUBJECTS from '../test_subjects'; +import { FindingsDistributionBar } from '../layout/findings_distribution_bar'; +import { ErrorCallout } from '../layout/error_callout'; +import { CloudSecurityDataTable } from '../../../components/cloud_security_data_table'; +import { getDefaultQuery, defaultColumns } from './constants'; +import { useLatestFindingsTable } from './use_latest_findings_table'; +import { TimestampTableCell } from '../../../components/timestamp_table_cell'; +import { CspEvaluationBadge } from '../../../components/csp_evaluation_badge'; +import { CspFinding } from '../../../../common/schemas/csp_finding'; +import { FindingsRuleFlyout } from '../findings_flyout/findings_flyout'; + +type LatestFindingsTableProps = FindingsBaseProps & { + groupSelectorComponent?: JSX.Element; + height?: number; + showDistributionBar?: boolean; + additionalFilters?: Filter[]; +}; + +/** + * Type Guard for checking if the given source is a CspFinding + */ +const isCspFinding = (source: Record | undefined): source is CspFinding => { + return source?.result?.evaluation !== undefined; +}; + +/** + * This Wrapper component renders the children if the given row is a CspFinding + * it uses React's Render Props pattern + */ +const CspFindingRenderer = ({ + row, + children, +}: { + row: DataTableRecord; + children: ({ finding }: { finding: CspFinding }) => JSX.Element; +}) => { + const source = row.raw._source; + const finding = isCspFinding(source) && (source as CspFinding); + if (!finding) return <>; + return children({ finding }); +}; + +/** + * Flyout component for the latest findings table + */ +const flyoutComponent = (row: DataTableRecord, onCloseFlyout: () => void): JSX.Element => { + return ( + + {({ finding }) => } + + ); +}; + +const title = i18n.translate('xpack.csp.findings.latestFindings.tableRowTypeLabel', { + defaultMessage: 'Findings', +}); + +const customCellRenderer = (rows: DataTableRecord[]) => ({ + 'result.evaluation': ({ rowIndex }: EuiDataGridCellValueElementProps) => ( + + {({ finding }) => } + + ), + '@timestamp': ({ rowIndex }: EuiDataGridCellValueElementProps) => ( + + {({ finding }) => } + + ), +}); + +export const LatestFindingsTable = ({ + dataView, + groupSelectorComponent, + height, + showDistributionBar = true, + additionalFilters, +}: LatestFindingsTableProps) => { + const { + cloudPostureTable, + rows, + error, + isFetching, + fetchNextPage, + passed, + failed, + total, + canShowDistributionBar, + onDistributionBarClick, + } = useLatestFindingsTable({ + dataView, + getDefaultQuery, + additionalFilters, + showDistributionBar, + }); + + return ( + + {error ? ( + <> + + + + ) : ( + <> + {canShowDistributionBar && ( + <> + + + + + )} + + + )} + + ); +}; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx new file mode 100644 index 0000000000000..711e90c1e8422 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx @@ -0,0 +1,71 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { getGroupingQuery } from '@kbn/securitysolution-grouping'; +import { parseGroupingQuery } from '@kbn/securitysolution-grouping/src'; +import { useMemo } from 'react'; +import { DataView } from '@kbn/data-views-plugin/common'; +import { LATEST_FINDINGS_RETENTION_POLICY } from '../../../../common/constants'; +import { useGroupedFindings } from './use_grouped_findings'; +import { FINDINGS_UNIT, groupingTitle, defaultGroupingOptions, getDefaultQuery } from './constants'; +import { useCloudSecurityGrouping } from '../../../components/cloud_security_grouping'; + +export const useLatestFindingsGrouping = ({ dataView }: { dataView: DataView }) => { + const { + activePageIndex, + grouping, + pageSize, + query, + selectedGroup, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + setUrlQuery, + uniqueValue, + isNoneSelected, + } = useCloudSecurityGrouping({ + dataView, + groupingTitle, + defaultGroupingOptions, + getDefaultQuery, + unit: FINDINGS_UNIT, + }); + + const groupingQuery = getGroupingQuery({ + additionalFilters: [query], + groupByField: selectedGroup, + uniqueValue, + from: `now-${LATEST_FINDINGS_RETENTION_POLICY}`, + to: 'now', + pageNumber: activePageIndex * pageSize, + size: pageSize, + sort: [{ _key: { order: 'asc' } }], + }); + + const { data, isFetching } = useGroupedFindings({ + query: groupingQuery, + enabled: !isNoneSelected, + }); + + const groupData = useMemo( + () => parseGroupingQuery(selectedGroup, uniqueValue, data), + [data, selectedGroup, uniqueValue] + ); + + const canRenderGrouping = !isNoneSelected; + + return { + canRenderGrouping, + groupData, + grouping, + isFetching, + activePageIndex, + pageSize, + selectedGroup, + onChangeGroupsItemsPerPage, + onChangeGroupsPage, + setUrlQuery, + }; +}; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx new file mode 100644 index 0000000000000..92c63e2935515 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx @@ -0,0 +1,86 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { DataView } from '@kbn/data-views-plugin/common'; +import { Filter } from '@kbn/es-query'; +import { useMemo } from 'react'; +import { FindingsBaseURLQuery } from '../../../common/types'; +import { Evaluation } from '../../../../common/types'; +import { LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY } from '../../../common/constants'; +import { useCloudPostureTable } from '../../../common/hooks/use_cloud_posture_table'; +import { getFilters } from '../utils/get_filters'; +import { useLatestFindings } from './use_latest_findings'; + +const columnsLocalStorageKey = 'cloudPosture:latestFindings:columns'; + +export const useLatestFindingsTable = ({ + dataView, + getDefaultQuery, + additionalFilters, + showDistributionBar, +}: { + dataView: DataView; + getDefaultQuery: (params: FindingsBaseURLQuery) => FindingsBaseURLQuery; + additionalFilters?: Filter[]; + showDistributionBar?: boolean; +}) => { + const cloudPostureTable = useCloudPostureTable({ + dataView, + paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, + columnsLocalStorageKey, + defaultQuery: getDefaultQuery, + additionalFilters, + }); + + const { query, sort, queryError, setUrlQuery, filters, getRowsFromPages } = cloudPostureTable; + + const { + data, + error: fetchError, + isFetching, + fetchNextPage, + } = useLatestFindings({ + query, + sort, + enabled: !queryError, + }); + + const rows = useMemo(() => getRowsFromPages(data?.pages), [data?.pages, getRowsFromPages]); + + const error = fetchError || queryError; + + const passed = data?.pages[0].count.passed || 0; + const failed = data?.pages[0].count.failed || 0; + const total = data?.pages[0].total || 0; + + const onDistributionBarClick = (evaluation: Evaluation) => { + setUrlQuery({ + filters: getFilters({ + filters, + dataView, + field: 'result.evaluation', + value: evaluation, + negate: false, + }), + }); + }; + + const canShowDistributionBar = showDistributionBar && total > 0; + + return { + cloudPostureTable, + rows, + error, + isFetching, + fetchNextPage, + passed, + failed, + total, + canShowDistributionBar, + onDistributionBarClick, + }; +}; From 97c19a375a7125aa012c4dbef4f69a0fd72c4c90 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Mon, 13 Nov 2023 01:59:09 -0800 Subject: [PATCH 17/29] addressing pr comments, removing anys --- .../use_cloud_posture_table.ts | 32 ++++++++----------- .../hooks/use_cloud_posture_table/utils.ts | 8 ++--- .../public/common/types.ts | 2 +- .../latest_findings_container.tsx | 12 ++++--- .../latest_findings/latest_findings_table.tsx | 6 ++-- .../use_latest_findings_grouping.tsx | 5 ++- .../use_latest_findings_table.tsx | 6 ++-- 7 files changed, 35 insertions(+), 36 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts index 7172adbf26947..59ac5a741379f 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts @@ -13,28 +13,25 @@ import { useUrlQuery } from '../use_url_query'; import { usePageSize } from '../use_page_size'; import { getDefaultQuery, useBaseEsQuery, usePersistedQuery } from './utils'; import { LOCAL_STORAGE_DATA_TABLE_COLUMNS_KEY } from '../../constants'; +import { FindingsBaseURLQuery } from '../../types'; + +type URLQuery = FindingsBaseURLQuery & Record; export interface CloudPostureTableResult { - // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable - setUrlQuery: (query: any) => void; - // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable - sort: any; - // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable - filters: any[]; + setUrlQuery: (query: Record) => void; + sort: string[][]; + filters: Filter[]; query: { bool: BoolQuery }; queryError?: Error; pageIndex: number; - // TODO: remove any, urlQuery is an object with query fields but we also add custom fields to it, need to assert usages - urlQuery: any; + urlQuery: URLQuery; setTableOptions: (options: CriteriaWithPagination) => void; - // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable - handleUpdateQuery: (query: any) => void; + handleUpdateQuery: (query: URLQuery) => void; pageSize: number; setPageSize: Dispatch>; onChangeItemsPerPage: (newPageSize: number) => void; onChangePage: (newPageIndex: number) => void; - // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable - onSort: (sort: any) => void; + onSort: (sort: string[]) => void; onResetFilters: () => void; columnsLocalStorageKey: string; getRowsFromPages: (data: Array<{ page: DataTableRecord[] }> | undefined) => DataTableRecord[]; @@ -48,17 +45,16 @@ export const useCloudPostureTable = ({ dataView, paginationLocalStorageKey, columnsLocalStorageKey, - additionalFilters, + nonPersistedFilters, }: { - // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable - defaultQuery?: (params: any) => any; + defaultQuery?: (params: FindingsBaseURLQuery) => FindingsBaseURLQuery; dataView: DataView; paginationLocalStorageKey: string; columnsLocalStorageKey?: string; - additionalFilters?: Filter[]; + nonPersistedFilters?: Filter[]; }): CloudPostureTableResult => { const getPersistedDefaultQuery = usePersistedQuery(defaultQuery); - const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); + const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); const { pageSize, setPageSize } = usePageSize(paginationLocalStorageKey); const onChangeItemsPerPage = useCallback( @@ -119,7 +115,7 @@ export const useCloudPostureTable = ({ dataView, filters: urlQuery.filters, query: urlQuery.query, - ...(additionalFilters ? { additionalFilters } : {}), + ...(nonPersistedFilters ? { nonPersistedFilters } : {}), }); const handleUpdateQuery = useCallback( diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts index 292a0007f519a..e86d2a77589b0 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts @@ -54,9 +54,9 @@ export const getPaginationQuery = ({ export const useBaseEsQuery = ({ dataView, - filters, + filters = [], query, - additionalFilters, + nonPersistedFilters, }: FindingsBaseURLQuery & FindingsBaseProps) => { const { notifications: { toasts }, @@ -71,11 +71,11 @@ export const useBaseEsQuery = ({ () => getBaseQuery({ dataView, - filters: filters.concat(additionalFilters ?? []).flat(), + filters: filters.concat(nonPersistedFilters ?? []).flat(), query, config, }), - [dataView, filters, additionalFilters, query, config] + [dataView, filters, nonPersistedFilters, query, config] ); /** diff --git a/x-pack/plugins/cloud_security_posture/public/common/types.ts b/x-pack/plugins/cloud_security_posture/public/common/types.ts index d35127a410a09..a4c26643293fd 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/types.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/types.ts @@ -17,7 +17,7 @@ export interface FindingsBaseURLQuery { /** * Filters that are part of the query but not persisted in the URL or in the Filter Manager */ - additionalFilters?: Filter[]; + nonPersistedFilters?: Filter[]; } export interface FindingsBaseProps { diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx index f8ad0e140aaea..613594c66e939 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/latest_findings_container.tsx @@ -6,6 +6,7 @@ */ import React, { useCallback } from 'react'; import { Filter } from '@kbn/es-query'; +import { defaultLoadingRenderer } from '../../../components/cloud_posture_page'; import { CloudSecurityGrouping } from '../../../components/cloud_security_grouping'; import type { FindingsBaseProps } from '../../../common/types'; import { FindingsSearchBar } from '../layout/findings_search_bar'; @@ -19,7 +20,7 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { return ( @@ -29,7 +30,7 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { ); const { - canRenderGrouping, + isGroupSelect, groupData, grouping, isFetching, @@ -39,10 +40,13 @@ export const LatestFindingsContainer = ({ dataView }: FindingsBaseProps) => { onChangeGroupsItemsPerPage, onChangeGroupsPage, setUrlQuery, + isGroupLoading, } = useLatestFindingsGrouping({ dataView }); - if (canRenderGrouping) { - return ( + if (isGroupSelect) { + return isGroupLoading ? ( + defaultLoadingRenderer() + ) : (
{ const { cloudPostureTable, @@ -102,7 +102,7 @@ export const LatestFindingsTable = ({ } = useLatestFindingsTable({ dataView, getDefaultQuery, - additionalFilters, + nonPersistedFilters, showDistributionBar, }); diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx index 711e90c1e8422..0675f05804884 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx @@ -54,10 +54,7 @@ export const useLatestFindingsGrouping = ({ dataView }: { dataView: DataView }) [data, selectedGroup, uniqueValue] ); - const canRenderGrouping = !isNoneSelected; - return { - canRenderGrouping, groupData, grouping, isFetching, @@ -67,5 +64,7 @@ export const useLatestFindingsGrouping = ({ dataView }: { dataView: DataView }) onChangeGroupsItemsPerPage, onChangeGroupsPage, setUrlQuery, + isGroupSelect: !isNoneSelected, + isGroupLoading: !data, }; }; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx index 92c63e2935515..5568a484a18ea 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx @@ -20,12 +20,12 @@ const columnsLocalStorageKey = 'cloudPosture:latestFindings:columns'; export const useLatestFindingsTable = ({ dataView, getDefaultQuery, - additionalFilters, + nonPersistedFilters, showDistributionBar, }: { dataView: DataView; getDefaultQuery: (params: FindingsBaseURLQuery) => FindingsBaseURLQuery; - additionalFilters?: Filter[]; + nonPersistedFilters?: Filter[]; showDistributionBar?: boolean; }) => { const cloudPostureTable = useCloudPostureTable({ @@ -33,7 +33,7 @@ export const useLatestFindingsTable = ({ paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, columnsLocalStorageKey, defaultQuery: getDefaultQuery, - additionalFilters, + nonPersistedFilters, }); const { query, sort, queryError, setUrlQuery, filters, getRowsFromPages } = cloudPostureTable; From be967d22a3b663e2aeec57dd784a926e76f3cf8c Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 00:04:00 -0800 Subject: [PATCH 18/29] findings grouping FTR tests --- .../cloud_security_grouping.tsx | 1 + .../page_objects/findings_page.ts | 42 +++ .../pages/findings.ts | 24 -- .../pages/findings_grouping.ts | 310 ++++++++++++++++++ .../pages/index.ts | 1 + 5 files changed, 354 insertions(+), 24 deletions(-) create mode 100644 x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx index 00b96e77d6402..067046ce5457a 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/cloud_security_grouping.tsx @@ -35,6 +35,7 @@ export const CloudSecurityGrouping = ({ }: CloudSecurityGroupingProps) => { return (
({ + async getElement() { + return await testSubjects.find(testSubj); + }, + async setValue(value: string) { + const contextMenu = await testSubjects.find('groupByContextMenu'); + const menuItems = await contextMenu.findAllByCssSelector('button.euiContextMenuItem'); + const menuItemsOptions = await Promise.all(menuItems.map((item) => item.getVisibleText())); + const menuItemValueIndex = menuItemsOptions.findIndex((item) => item === value); + await menuItems[menuItemValueIndex].click(); + return await testSubjects.missingOrFail('is-loading-grouping-table', { timeout: 5000 }); + }, + async openDropDown() { + const element = await this.getElement(); + await element.click(); + }, + }); + + const findingsGrouping = async (testSubj = 'cloudSecurityGrouping') => ({ + async getElement() { + return await testSubjects.find(testSubj); + }, + async getGroupCount() { + const element = await this.getElement(); + const groupCount = await element.findByTestSubject('group-count'); + return await groupCount.getVisibleText(); + }, + async getUnitCount() { + const element = await this.getElement(); + const unitCount = await element.findByTestSubject('unit-count'); + return await unitCount.getVisibleText(); + }, + async getRowAtIndex(rowIndex: number) { + const element = await this.getElement(); + const row = await element.findAllByTestSubject('grouping-accordion'); + return await row[rowIndex]; + }, + }); + return { navigateToLatestFindingsPage, navigateToVulnerabilities, @@ -426,5 +465,8 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider misconfigurationsFlyout, toastMessage, detectionRuleApi, + groupSelector, + findingsGrouping, + createDataTableObject, }; } diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings.ts b/x-pack/test/cloud_security_posture_functional/pages/findings.ts index 69c1fd6949f51..24ce9897d2169 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings.ts @@ -13,7 +13,6 @@ import type { FtrProviderContext } from '../ftr_provider_context'; export default function ({ getPageObjects, getService }: FtrProviderContext) { const queryBar = getService('queryBar'); const filterBar = getService('filterBar'); - const comboBox = getService('comboBox'); const retry = getService('retry'); const pageObjects = getPageObjects(['common', 'findings', 'header']); const chance = new Chance(); @@ -94,24 +93,15 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { const ruleName1 = data[0].rule.name; const ruleName2 = data[1].rule.name; - const resourceId1 = data[0].resource.id; - const ruleSection1 = data[0].rule.section; - - const benchMarkName = data[0].rule.benchmark.name; - describe('Findings Page', function () { this.tags(['cloud_security_posture_findings']); let findings: typeof pageObjects.findings; let latestFindingsTable: typeof findings.latestFindingsTable; - let findingsByResourceTable: typeof findings.findingsByResourceTable; - let resourceFindingsTable: typeof findings.resourceFindingsTable; let distributionBar: typeof findings.distributionBar; before(async () => { findings = pageObjects.findings; latestFindingsTable = findings.latestFindingsTable; - findingsByResourceTable = findings.findingsByResourceTable; - resourceFindingsTable = findings.resourceFindingsTable; distributionBar = findings.distributionBar; // Before we start any test we must wait for cloud_security_posture plugin to complete its initialization @@ -219,19 +209,5 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); }); }); - - describe('GroupBy', () => { - it('groups findings by resource', async () => { - await comboBox.set('findings_group_by_selector', 'Resource'); - expect( - await findingsByResourceTable.hasColumnValue('Applicable Benchmark', benchMarkName) - ).to.be(true); - }); - - it('navigates to resource findings page from resource id link', async () => { - await findingsByResourceTable.clickResourceIdLink(resourceId1, ruleSection1); - expect(await resourceFindingsTable.hasColumnValue('Rule Name', ruleName1)).to.be(true); - }); - }); }); } diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts new file mode 100644 index 0000000000000..cbd13ae54bec4 --- /dev/null +++ b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts @@ -0,0 +1,310 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import Chance from 'chance'; +import { asyncForEach } from '@kbn/std'; +import type { FtrProviderContext } from '../ftr_provider_context'; + +// eslint-disable-next-line import/no-default-export +export default function ({ getPageObjects, getService }: FtrProviderContext) { + const queryBar = getService('queryBar'); + const filterBar = getService('filterBar'); + const retry = getService('retry'); + const pageObjects = getPageObjects(['common', 'findings', 'header']); + const chance = new Chance(); + + // We need to use a dataset for the tests to run + // We intentionally make some fields start with a capital letter to test that the query bar is case-insensitive/case-sensitive + const data = [ + { + '@timestamp': '1695819664234', + resource: { id: chance.guid(), name: `kubelet`, sub_type: 'lower case sub type' }, + result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, + orchestrator: { + cluster: { + id: '1', + name: 'Cluster 1', + }, + }, + rule: { + name: 'Upper case rule name', + section: 'Upper case section', + benchmark: { + id: 'cis_k8s', + posture_type: 'kspm', + name: 'CIS Kubernetes V1.23', + version: 'v1.0.0', + }, + type: 'process', + }, + cluster_id: 'Upper case cluster id', + }, + { + '@timestamp': '1695819673242', + resource: { id: chance.guid(), name: `Pod`, sub_type: 'Upper case sub type' }, + result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, + cloud: { + account: { + id: '1', + name: 'Account 1', + }, + }, + rule: { + name: 'lower case rule name', + section: 'Another upper case section', + benchmark: { + id: 'cis_k8s', + posture_type: 'kspm', + name: 'CIS Kubernetes V1.23', + version: 'v1.0.0', + }, + type: 'process', + }, + cluster_id: 'Another Upper case cluster id', + }, + { + '@timestamp': '1695819676242', + resource: { id: chance.guid(), name: `process`, sub_type: 'another lower case type' }, + result: { evaluation: 'passed' }, + cloud: { + account: { + id: '1', + name: 'Account 1', + }, + }, + rule: { + name: 'Another upper case rule name', + section: 'lower case section', + benchmark: { + id: 'cis_k8s', + posture_type: 'kspm', + name: 'CIS Kubernetes V1.23', + version: 'v1.0.0', + }, + type: 'process', + }, + cluster_id: 'lower case cluster id', + }, + { + '@timestamp': '1695819680202', + resource: { id: chance.guid(), name: `process`, sub_type: 'Upper case type again' }, + result: { evaluation: 'failed' }, + cloud: { + account: { + id: '2', + name: 'Account 2', + }, + }, + rule: { + name: 'some lower case rule name', + section: 'another lower case section', + benchmark: { + id: 'cis_k8s', + posture_type: 'kspm', + name: 'CIS Kubernetes V1.23', + version: 'v1.0.0', + }, + type: 'process', + }, + cluster_id: 'another lower case cluster id', + }, + ]; + + const ruleName1 = data[0].rule.name; + + describe('Findings Page - Grouping', function () { + this.tags(['cloud_security_posture_findings_grouping']); + let findings: typeof pageObjects.findings; + + before(async () => { + findings = pageObjects.findings; + + // Before we start any test we must wait for cloud_security_posture plugin to complete its initialization + await findings.waitForPluginInitialized(); + + // Prepare mocked findings + await findings.index.remove(); + await findings.index.add(data); + + await findings.navigateToLatestFindingsPage(); + + await retry.waitFor( + 'Findings table to be loaded', + async () => (await findings.latestFindingsTable.getRowsCount()) === data.length + ); + pageObjects.header.waitUntilLoadingHasFinished(); + }); + + after(async () => { + await findings.index.remove(); + }); + + describe('Default Grouping', async () => { + it('groups findings by resource and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); + await groupSelector.openDropDown(); + await groupSelector.setValue('Resource'); + + const grouping = await findings.findingsGrouping(); + + const resourceOrder = ['Pod', 'kubelet', 'process']; + + await asyncForEach(resourceOrder, async (resourceName, index) => { + const groupName = await grouping.getRowAtIndex(index); + expect(await groupName.getVisibleText()).to.be(resourceName); + }); + + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('3 groups'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('4 findings'); + }); + it('groups findings by rule name and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); + await groupSelector.openDropDown(); + await groupSelector.setValue('Rule name'); + + const grouping = await findings.findingsGrouping(); + + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('4 groups'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('4 findings'); + + const ruleNameOrder = [ + 'Another upper case rule name', + 'Upper case rule name', + 'lower case rule name', + 'some lower case rule name', + ]; + + await asyncForEach(ruleNameOrder, async (resourceName, index) => { + const groupName = await grouping.getRowAtIndex(index); + expect(await groupName.getVisibleText()).to.be(resourceName); + }); + }); + it('groups findings by cloud account and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); + await groupSelector.setValue('Cloud account'); + + const grouping = await findings.findingsGrouping(); + + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('3 groups'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('4 findings'); + + const cloudNameOrder = ['Account 1', 'Account 2', '—']; + + await asyncForEach(cloudNameOrder, async (resourceName, index) => { + const groupName = await grouping.getRowAtIndex(index); + expect(await groupName.getVisibleText()).to.be(resourceName); + }); + }); + it('groups findings by Kubernetes cluster and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); + await groupSelector.setValue('Kubernetes cluster'); + + const grouping = await findings.findingsGrouping(); + + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('2 groups'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('4 findings'); + + const cloudNameOrder = ['Cluster 1', '—']; + + await asyncForEach(cloudNameOrder, async (resourceName, index) => { + const groupName = await grouping.getRowAtIndex(index); + expect(await groupName.getVisibleText()).to.be(resourceName); + }); + }); + }); + describe('SearchBar', () => { + it('add filter', async () => { + // Filter bar uses the field's customLabel in the DataView + const groupSelector = await findings.groupSelector(); + await groupSelector.setValue('Resource'); + + await filterBar.addFilter({ field: 'Rule Name', operation: 'is', value: ruleName1 }); + expect(await filterBar.hasFilter('rule.name', ruleName1)).to.be(true); + + const grouping = await findings.findingsGrouping(); + + const resourceOrder = ['kubelet']; + + await asyncForEach(resourceOrder, async (resourceName, index) => { + const groupName = await grouping.getRowAtIndex(index); + expect(await groupName.getVisibleText()).to.be(resourceName); + }); + + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('1 group'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('1 finding'); + }); + + it('remove filter', async () => { + await filterBar.removeFilter('rule.name'); + + expect(await filterBar.hasFilter('rule.name', ruleName1)).to.be(false); + + const grouping = await findings.findingsGrouping(); + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('3 groups'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('4 findings'); + }); + + it('set search query', async () => { + await queryBar.setQuery(ruleName1); + await queryBar.submitQuery(); + + const grouping = await findings.findingsGrouping(); + + const resourceOrder = ['kubelet']; + + await asyncForEach(resourceOrder, async (resourceName, index) => { + const groupName = await grouping.getRowAtIndex(index); + expect(await groupName.getVisibleText()).to.be(resourceName); + }); + + const groupCount = await grouping.getGroupCount(); + expect(groupCount).to.be('1 group'); + + const unitCount = await grouping.getUnitCount(); + expect(unitCount).to.be('1 finding'); + + await queryBar.setQuery(''); + await queryBar.submitQuery(); + + expect(await grouping.getGroupCount()).to.be('3 groups'); + expect(await grouping.getUnitCount()).to.be('4 findings'); + }); + }); + + describe('Group table', async () => { + it('shows findings table when expanding', async () => { + const grouping = await findings.findingsGrouping(); + const firstRow = await grouping.getRowAtIndex(0); + await (await firstRow.findByCssSelector('button')).click(); + const latestFindingsTable = findings.createDataTableObject('latest_findings_table'); + expect(await latestFindingsTable.getRowsCount()).to.be(1); + expect(await latestFindingsTable.hasColumnValue('rule.name', 'lower case rule name')).to.be( + true + ); + }); + }); + }); +} diff --git a/x-pack/test/cloud_security_posture_functional/pages/index.ts b/x-pack/test/cloud_security_posture_functional/pages/index.ts index 9d4e17ec0c88c..035f2b835492a 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/index.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/index.ts @@ -12,6 +12,7 @@ export default function ({ loadTestFile }: FtrProviderContext) { describe('Cloud Security Posture', function () { loadTestFile(require.resolve('./findings_onboarding')); loadTestFile(require.resolve('./findings')); + loadTestFile(require.resolve('./findings_grouping')); loadTestFile(require.resolve('./findings_alerts')); loadTestFile(require.resolve('./compliance_dashboard')); loadTestFile(require.resolve('./vulnerability_dashboard')); From 199f938fce6e9a8c42eb7cbc57bca3bb27af5d09 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 00:14:48 -0800 Subject: [PATCH 19/29] reverting change --- x-pack/plugins/cloud_security_posture/common/constants.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index 5987881aed444..1cc356cbfd5e3 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -45,7 +45,7 @@ export const LATEST_FINDINGS_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture. export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-cloud_security_posture.findings_latest-*'; export const LATEST_FINDINGS_INDEX_DEFAULT_NS = 'logs-cloud_security_posture.findings_latest-default'; -export const LATEST_FINDINGS_RETENTION_POLICY = '26y'; +export const LATEST_FINDINGS_RETENTION_POLICY = '26h'; export const BENCHMARK_SCORE_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture.scores'; export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-cloud_security_posture.scores-*'; From f51a462f2ccbc315814b59930900f90e5d348725 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 07:50:13 -0800 Subject: [PATCH 20/29] adding comments and time filtering --- .../use_cloud_security_grouping.ts | 8 ++++++- .../latest_findings/use_latest_findings.ts | 23 +++++++++++++++++-- .../use_latest_findings_grouping.tsx | 4 ++++ 3 files changed, 32 insertions(+), 3 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts index 1235291e62515..ae8aa55d39cbc 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts @@ -19,6 +19,9 @@ const DEFAULT_PAGE_SIZE = 10; const GROUPING_ID = 'cspLatestFindings'; const MAX_GROUPING_LEVELS = 1; +/* + Utility hook to handle the grouping logic of the cloud security components +*/ export const useCloudSecurityGrouping = ({ dataView, groupingTitle, @@ -66,10 +69,13 @@ export const useCloudSecurityGrouping = ({ }); const selectedGroup = grouping.selectedGroups[0]; - const isNoneSelected = isNoneGroup(grouping.selectedGroups); + // This is recommended by the grouping component to cover an edge case + // where the selectedGroup has multiple values const uniqueValue = useMemo(() => `${selectedGroup}-${uuid.v4()}`, [selectedGroup]); + const isNoneSelected = isNoneGroup(grouping.selectedGroups); + const onChangeGroupsItemsPerPage = (size: number) => { setActivePageIndex(0); setPageSize(size); diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings.ts b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings.ts index 9ce0292175839..0c0aee860d344 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings.ts +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings.ts @@ -16,7 +16,10 @@ import { CspFinding } from '../../../../common/schemas/csp_finding'; import { useKibana } from '../../../common/hooks/use_kibana'; import type { FindingsBaseEsQuery } from '../../../common/types'; import { getAggregationCount, getFindingsCountAggQuery } from '../utils/utils'; -import { CSP_LATEST_FINDINGS_DATA_VIEW } from '../../../../common/constants'; +import { + CSP_LATEST_FINDINGS_DATA_VIEW, + LATEST_FINDINGS_RETENTION_POLICY, +} from '../../../../common/constants'; import { MAX_FINDINGS_TO_LOAD } from '../../../common/constants'; import { showErrorToast } from '../../../common/utils/show_error_toast'; @@ -41,11 +44,27 @@ interface FindingsAggs { export const getFindingsQuery = ({ query, sort }: UseFindingsOptions, pageParam: any) => ({ index: CSP_LATEST_FINDINGS_DATA_VIEW, - query, sort: getMultiFieldsSort(sort), size: MAX_FINDINGS_TO_LOAD, aggs: getFindingsCountAggQuery(), ignore_unavailable: false, + query: { + ...query, + bool: { + ...query?.bool, + filter: [ + ...(query?.bool?.filter ?? []), + { + range: { + '@timestamp': { + gte: `now-${LATEST_FINDINGS_RETENTION_POLICY}`, + lte: 'now', + }, + }, + }, + ], + }, + }, ...(pageParam ? { search_after: pageParam } : {}), }); diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx index 0675f05804884..137716967460f 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_grouping.tsx @@ -13,6 +13,10 @@ import { useGroupedFindings } from './use_grouped_findings'; import { FINDINGS_UNIT, groupingTitle, defaultGroupingOptions, getDefaultQuery } from './constants'; import { useCloudSecurityGrouping } from '../../../components/cloud_security_grouping'; +/** + * Utility hook to get the latest findings grouping data + * for the findings page + */ export const useLatestFindingsGrouping = ({ dataView }: { dataView: DataView }) => { const { activePageIndex, From 1af2377217e0e28fe101352ce7ce340a5d1c75ca Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 09:06:52 -0800 Subject: [PATCH 21/29] revert use posture table --- .../use_cloud_posture_table.ts | 37 +++++++++---------- .../hooks/use_cloud_posture_table/utils.ts | 22 +++++------ 2 files changed, 27 insertions(+), 32 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts index 59ac5a741379f..0becb56e6ec22 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/use_cloud_posture_table.ts @@ -6,32 +6,35 @@ */ import { Dispatch, SetStateAction, useCallback } from 'react'; import { type DataView } from '@kbn/data-views-plugin/common'; -import { BoolQuery, Filter } from '@kbn/es-query'; +import { BoolQuery } from '@kbn/es-query'; import { CriteriaWithPagination } from '@elastic/eui'; import { DataTableRecord } from '@kbn/discover-utils/types'; import { useUrlQuery } from '../use_url_query'; import { usePageSize } from '../use_page_size'; import { getDefaultQuery, useBaseEsQuery, usePersistedQuery } from './utils'; import { LOCAL_STORAGE_DATA_TABLE_COLUMNS_KEY } from '../../constants'; -import { FindingsBaseURLQuery } from '../../types'; - -type URLQuery = FindingsBaseURLQuery & Record; export interface CloudPostureTableResult { - setUrlQuery: (query: Record) => void; - sort: string[][]; - filters: Filter[]; - query: { bool: BoolQuery }; + // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable + setUrlQuery: (query: any) => void; + // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable + sort: any; + // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable + filters: any[]; + query?: { bool: BoolQuery }; queryError?: Error; pageIndex: number; - urlQuery: URLQuery; + // TODO: remove any, urlQuery is an object with query fields but we also add custom fields to it, need to assert usages + urlQuery: any; setTableOptions: (options: CriteriaWithPagination) => void; - handleUpdateQuery: (query: URLQuery) => void; + // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable + handleUpdateQuery: (query: any) => void; pageSize: number; setPageSize: Dispatch>; onChangeItemsPerPage: (newPageSize: number) => void; onChangePage: (newPageIndex: number) => void; - onSort: (sort: string[]) => void; + // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable + onSort: (sort: any) => void; onResetFilters: () => void; columnsLocalStorageKey: string; getRowsFromPages: (data: Array<{ page: DataTableRecord[] }> | undefined) => DataTableRecord[]; @@ -45,16 +48,15 @@ export const useCloudPostureTable = ({ dataView, paginationLocalStorageKey, columnsLocalStorageKey, - nonPersistedFilters, }: { - defaultQuery?: (params: FindingsBaseURLQuery) => FindingsBaseURLQuery; + // TODO: Remove any when all finding tables are converted to CloudSecurityDataTable + defaultQuery?: (params: any) => any; dataView: DataView; paginationLocalStorageKey: string; columnsLocalStorageKey?: string; - nonPersistedFilters?: Filter[]; }): CloudPostureTableResult => { const getPersistedDefaultQuery = usePersistedQuery(defaultQuery); - const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); + const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); const { pageSize, setPageSize } = usePageSize(paginationLocalStorageKey); const onChangeItemsPerPage = useCallback( @@ -115,7 +117,6 @@ export const useCloudPostureTable = ({ dataView, filters: urlQuery.filters, query: urlQuery.query, - ...(nonPersistedFilters ? { nonPersistedFilters } : {}), }); const handleUpdateQuery = useCallback( @@ -132,14 +133,12 @@ export const useCloudPostureTable = ({ }) .flat() || []; - const queryError = baseEsQuery instanceof Error ? baseEsQuery : undefined; - return { setUrlQuery, sort: urlQuery.sort, filters: urlQuery.filters, query: baseEsQuery.query, - queryError, + queryError: baseEsQuery.error, pageIndex: urlQuery.pageIndex, urlQuery, setTableOptions, diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts index e86d2a77589b0..2d3f9b1c7605c 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_table/utils.ts @@ -28,7 +28,10 @@ const getBaseQuery = ({ query: buildEsQuery(dataView, query, filters, config), // will throw for malformed query }; } catch (error) { - throw new Error(error); + return { + query: undefined, + error: error instanceof Error ? error : new Error('Unknown Error'), + }; } }; @@ -54,9 +57,8 @@ export const getPaginationQuery = ({ export const useBaseEsQuery = ({ dataView, - filters = [], + filters, query, - nonPersistedFilters, }: FindingsBaseURLQuery & FindingsBaseProps) => { const { notifications: { toasts }, @@ -68,14 +70,8 @@ export const useBaseEsQuery = ({ const allowLeadingWildcards = uiSettings.get('query:allowLeadingWildcards'); const config: EsQueryConfig = useMemo(() => ({ allowLeadingWildcards }), [allowLeadingWildcards]); const baseEsQuery = useMemo( - () => - getBaseQuery({ - dataView, - filters: filters.concat(nonPersistedFilters ?? []).flat(), - query, - config, - }), - [dataView, filters, nonPersistedFilters, query, config] + () => getBaseQuery({ dataView, filters, query, config }), + [dataView, filters, query, config] ); /** @@ -87,7 +83,7 @@ export const useBaseEsQuery = ({ }, [filters, filterManager, queryString, query]); const handleMalformedQueryError = () => { - const error = baseEsQuery instanceof Error ? baseEsQuery : undefined; + const error = baseEsQuery.error; if (error) { toasts.addError(error, { title: i18n.translate('xpack.csp.findings.search.queryErrorToastMessage', { @@ -98,7 +94,7 @@ export const useBaseEsQuery = ({ } }; - useEffect(handleMalformedQueryError, [baseEsQuery, toasts]); + useEffect(handleMalformedQueryError, [baseEsQuery.error, toasts]); return baseEsQuery; }; From 1eb9ef26c2bb7fca07520fe60c040dea032a9370 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 09:07:12 -0800 Subject: [PATCH 22/29] add use posture data table --- .../use_cloud_posture_data_table/index.ts | 8 + .../use_cloud_posture_data_table.ts | 158 ++++++++++++++++++ .../use_cloud_posture_data_table/utils.ts | 128 ++++++++++++++ .../use_cloud_security_grouping.ts | 2 +- .../use_latest_findings_table.tsx | 4 +- 5 files changed, 297 insertions(+), 3 deletions(-) create mode 100644 x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/index.ts create mode 100644 x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/use_cloud_posture_data_table.ts create mode 100644 x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/utils.ts diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/index.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/index.ts new file mode 100644 index 0000000000000..60a917846dc99 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './use_cloud_posture_data_table'; diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/use_cloud_posture_data_table.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/use_cloud_posture_data_table.ts new file mode 100644 index 0000000000000..b7b928a208c0a --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/use_cloud_posture_data_table.ts @@ -0,0 +1,158 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { Dispatch, SetStateAction, useCallback } from 'react'; +import { type DataView } from '@kbn/data-views-plugin/common'; +import { BoolQuery, Filter } from '@kbn/es-query'; +import { CriteriaWithPagination } from '@elastic/eui'; +import { DataTableRecord } from '@kbn/discover-utils/types'; +import { useUrlQuery } from '../use_url_query'; +import { usePageSize } from '../use_page_size'; +import { getDefaultQuery, useBaseEsQuery, usePersistedQuery } from './utils'; +import { LOCAL_STORAGE_DATA_TABLE_COLUMNS_KEY } from '../../constants'; +import { FindingsBaseURLQuery } from '../../types'; + +type URLQuery = FindingsBaseURLQuery & Record; + +type SortOrder = [string, string]; + +export interface CloudPostureDataTableResult { + setUrlQuery: (query: Record) => void; + sort: SortOrder[]; + filters: Filter[]; + query: { bool: BoolQuery }; + queryError?: Error; + pageIndex: number; + urlQuery: URLQuery; + setTableOptions: (options: CriteriaWithPagination) => void; + handleUpdateQuery: (query: URLQuery) => void; + pageSize: number; + setPageSize: Dispatch>; + onChangeItemsPerPage: (newPageSize: number) => void; + onChangePage: (newPageIndex: number) => void; + onSort: (sort: string[][]) => void; + onResetFilters: () => void; + columnsLocalStorageKey: string; + getRowsFromPages: (data: Array<{ page: DataTableRecord[] }> | undefined) => DataTableRecord[]; +} + +/* + Hook for managing common table state and methods for the Cloud Posture DataTable +*/ +export const useCloudPostureDataTable = ({ + defaultQuery = getDefaultQuery, + dataView, + paginationLocalStorageKey, + columnsLocalStorageKey, + nonPersistedFilters, +}: { + defaultQuery?: (params: FindingsBaseURLQuery) => FindingsBaseURLQuery; + dataView: DataView; + paginationLocalStorageKey: string; + columnsLocalStorageKey?: string; + nonPersistedFilters?: Filter[]; +}): CloudPostureDataTableResult => { + const getPersistedDefaultQuery = usePersistedQuery(defaultQuery); + const { urlQuery, setUrlQuery } = useUrlQuery(getPersistedDefaultQuery); + const { pageSize, setPageSize } = usePageSize(paginationLocalStorageKey); + + const onChangeItemsPerPage = useCallback( + (newPageSize) => { + setPageSize(newPageSize); + setUrlQuery({ + pageIndex: 0, + pageSize: newPageSize, + }); + }, + [setPageSize, setUrlQuery] + ); + + const onResetFilters = useCallback(() => { + setUrlQuery({ + pageIndex: 0, + filters: [], + query: { + query: '', + language: 'kuery', + }, + }); + }, [setUrlQuery]); + + const onChangePage = useCallback( + (newPageIndex) => { + setUrlQuery({ + pageIndex: newPageIndex, + }); + }, + [setUrlQuery] + ); + + const onSort = useCallback( + (sort) => { + setUrlQuery({ + sort, + }); + }, + [setUrlQuery] + ); + + const setTableOptions = useCallback( + ({ page, sort }) => { + setPageSize(page.size); + setUrlQuery({ + sort, + pageIndex: page.index, + }); + }, + [setUrlQuery, setPageSize] + ); + + /** + * Page URL query to ES query + */ + const baseEsQuery = useBaseEsQuery({ + dataView, + filters: urlQuery.filters, + query: urlQuery.query, + ...(nonPersistedFilters ? { nonPersistedFilters } : {}), + }); + + const handleUpdateQuery = useCallback( + (query) => { + setUrlQuery({ ...query, pageIndex: 0 }); + }, + [setUrlQuery] + ); + + const getRowsFromPages = (data: Array<{ page: DataTableRecord[] }> | undefined) => + data + ?.map(({ page }: { page: DataTableRecord[] }) => { + return page; + }) + .flat() || []; + + const queryError = baseEsQuery instanceof Error ? baseEsQuery : undefined; + + return { + setUrlQuery, + sort: urlQuery.sort, + filters: urlQuery.filters, + query: baseEsQuery.query, + queryError, + pageIndex: urlQuery.pageIndex, + urlQuery, + setTableOptions, + handleUpdateQuery, + pageSize, + setPageSize, + onChangeItemsPerPage, + onChangePage, + onSort, + onResetFilters, + columnsLocalStorageKey: columnsLocalStorageKey || LOCAL_STORAGE_DATA_TABLE_COLUMNS_KEY, + getRowsFromPages, + }; +}; diff --git a/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/utils.ts b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/utils.ts new file mode 100644 index 0000000000000..e86d2a77589b0 --- /dev/null +++ b/x-pack/plugins/cloud_security_posture/public/common/hooks/use_cloud_posture_data_table/utils.ts @@ -0,0 +1,128 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useEffect, useCallback, useMemo } from 'react'; +import { buildEsQuery, EsQueryConfig } from '@kbn/es-query'; +import type { EuiBasicTableProps, Pagination } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { type Query } from '@kbn/es-query'; +import { useKibana } from '../use_kibana'; +import type { + FindingsBaseESQueryConfig, + FindingsBaseProps, + FindingsBaseURLQuery, +} from '../../types'; + +const getBaseQuery = ({ + dataView, + query, + filters, + config, +}: FindingsBaseURLQuery & FindingsBaseProps & FindingsBaseESQueryConfig) => { + try { + return { + query: buildEsQuery(dataView, query, filters, config), // will throw for malformed query + }; + } catch (error) { + throw new Error(error); + } +}; + +type TablePagination = NonNullable['pagination']>; + +export const getPaginationTableParams = ( + params: TablePagination & Pick, 'pageIndex' | 'pageSize'>, + pageSizeOptions = [10, 25, 100], + showPerPageOptions = true +): Required => ({ + ...params, + pageSizeOptions, + showPerPageOptions, +}); + +export const getPaginationQuery = ({ + pageIndex, + pageSize, +}: Required>) => ({ + from: pageIndex * pageSize, + size: pageSize, +}); + +export const useBaseEsQuery = ({ + dataView, + filters = [], + query, + nonPersistedFilters, +}: FindingsBaseURLQuery & FindingsBaseProps) => { + const { + notifications: { toasts }, + data: { + query: { filterManager, queryString }, + }, + uiSettings, + } = useKibana().services; + const allowLeadingWildcards = uiSettings.get('query:allowLeadingWildcards'); + const config: EsQueryConfig = useMemo(() => ({ allowLeadingWildcards }), [allowLeadingWildcards]); + const baseEsQuery = useMemo( + () => + getBaseQuery({ + dataView, + filters: filters.concat(nonPersistedFilters ?? []).flat(), + query, + config, + }), + [dataView, filters, nonPersistedFilters, query, config] + ); + + /** + * Sync filters with the URL query + */ + useEffect(() => { + filterManager.setAppFilters(filters); + queryString.setQuery(query); + }, [filters, filterManager, queryString, query]); + + const handleMalformedQueryError = () => { + const error = baseEsQuery instanceof Error ? baseEsQuery : undefined; + if (error) { + toasts.addError(error, { + title: i18n.translate('xpack.csp.findings.search.queryErrorToastMessage', { + defaultMessage: 'Query Error', + }), + toastLifeTimeMs: 1000 * 5, + }); + } + }; + + useEffect(handleMalformedQueryError, [baseEsQuery, toasts]); + + return baseEsQuery; +}; + +export const usePersistedQuery = (getter: ({ filters, query }: FindingsBaseURLQuery) => T) => { + const { + data: { + query: { filterManager, queryString }, + }, + } = useKibana().services; + + return useCallback( + () => + getter({ + filters: filterManager.getAppFilters(), + query: queryString.getQuery() as Query, + }), + [getter, filterManager, queryString] + ); +}; + +export const getDefaultQuery = ({ query, filters }: any): any => ({ + query, + filters, + sort: { field: '@timestamp', direction: 'desc' }, + pageIndex: 0, +}); diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts index ae8aa55d39cbc..d2783af516e35 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_grouping/use_cloud_security_grouping.ts @@ -12,7 +12,7 @@ import { useUrlQuery } from '../../common/hooks/use_url_query'; import { useBaseEsQuery, usePersistedQuery, -} from '../../common/hooks/use_cloud_posture_table/utils'; +} from '../../common/hooks/use_cloud_posture_data_table/utils'; import { FindingsBaseURLQuery } from '../../common/types'; const DEFAULT_PAGE_SIZE = 10; diff --git a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx index 5568a484a18ea..2bcc895ddd4b0 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings_table.tsx @@ -11,7 +11,7 @@ import { useMemo } from 'react'; import { FindingsBaseURLQuery } from '../../../common/types'; import { Evaluation } from '../../../../common/types'; import { LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY } from '../../../common/constants'; -import { useCloudPostureTable } from '../../../common/hooks/use_cloud_posture_table'; +import { useCloudPostureDataTable } from '../../../common/hooks/use_cloud_posture_data_table'; import { getFilters } from '../utils/get_filters'; import { useLatestFindings } from './use_latest_findings'; @@ -28,7 +28,7 @@ export const useLatestFindingsTable = ({ nonPersistedFilters?: Filter[]; showDistributionBar?: boolean; }) => { - const cloudPostureTable = useCloudPostureTable({ + const cloudPostureTable = useCloudPostureDataTable({ dataView, paginationLocalStorageKey: LOCAL_STORAGE_DATA_TABLE_PAGE_SIZE_KEY, columnsLocalStorageKey, From a145184ebbbfe86d8549afefbd8ba4961d6c9f6a Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 13:58:23 -0800 Subject: [PATCH 23/29] update FTR tests --- .../page_objects/findings_page.ts | 2 +- .../pages/findings_grouping.ts | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts b/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts index 9f94edaaec48e..76033f03484e1 100644 --- a/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts +++ b/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts @@ -410,7 +410,7 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider }, }); - const groupSelector = async (testSubj = 'group-selector-dropdown') => ({ + const groupSelector = (testSubj = 'group-selector-dropdown') => ({ async getElement() { return await testSubjects.find(testSubj); }, diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts index cbd13ae54bec4..0232af72d3e51 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts @@ -120,6 +120,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { describe('Findings Page - Grouping', function () { this.tags(['cloud_security_posture_findings_grouping']); let findings: typeof pageObjects.findings; + let groupSelector: ReturnType; before(async () => { findings = pageObjects.findings; @@ -133,6 +134,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { await findings.navigateToLatestFindingsPage(); + groupSelector = await findings.groupSelector(); + await retry.waitFor( 'Findings table to be loaded', async () => (await findings.latestFindingsTable.getRowsCount()) === data.length @@ -141,12 +144,13 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); after(async () => { + await groupSelector.openDropDown(); + await groupSelector.setValue('None'); await findings.index.remove(); }); describe('Default Grouping', async () => { it('groups findings by resource and sort case sensitive asc', async () => { - const groupSelector = await findings.groupSelector(); await groupSelector.openDropDown(); await groupSelector.setValue('Resource'); @@ -166,7 +170,6 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { expect(unitCount).to.be('4 findings'); }); it('groups findings by rule name and sort case sensitive asc', async () => { - const groupSelector = await findings.groupSelector(); await groupSelector.openDropDown(); await groupSelector.setValue('Rule name'); @@ -191,7 +194,6 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); }); it('groups findings by cloud account and sort case sensitive asc', async () => { - const groupSelector = await findings.groupSelector(); await groupSelector.setValue('Cloud account'); const grouping = await findings.findingsGrouping(); @@ -210,7 +212,6 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); }); it('groups findings by Kubernetes cluster and sort case sensitive asc', async () => { - const groupSelector = await findings.groupSelector(); await groupSelector.setValue('Kubernetes cluster'); const grouping = await findings.findingsGrouping(); @@ -231,10 +232,9 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); describe('SearchBar', () => { it('add filter', async () => { - // Filter bar uses the field's customLabel in the DataView - const groupSelector = await findings.groupSelector(); await groupSelector.setValue('Resource'); + // Filter bar uses the field's customLabel in the DataView await filterBar.addFilter({ field: 'Rule Name', operation: 'is', value: ruleName1 }); expect(await filterBar.hasFilter('rule.name', ruleName1)).to.be(true); From 975fd13919caa5fcf4cf77dc8c182b537c804e3c Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 15:22:55 -0800 Subject: [PATCH 24/29] update dashboard navigation --- .../dashboard_sections/summary_section.tsx | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/public/pages/compliance_dashboard/dashboard_sections/summary_section.tsx b/x-pack/plugins/cloud_security_posture/public/pages/compliance_dashboard/dashboard_sections/summary_section.tsx index 50d5493387466..a0170705b1ec5 100644 --- a/x-pack/plugins/cloud_security_posture/public/pages/compliance_dashboard/dashboard_sections/summary_section.tsx +++ b/x-pack/plugins/cloud_security_posture/public/pages/compliance_dashboard/dashboard_sections/summary_section.tsx @@ -21,11 +21,7 @@ import type { PosturePolicyTemplate, } from '../../../../common/types'; import { RisksTable } from '../compliance_charts/risks_table'; -import { - NavFilter, - useNavigateFindings, - useNavigateFindingsByResource, -} from '../../../common/hooks/use_navigate_findings'; +import { NavFilter, useNavigateFindings } from '../../../common/hooks/use_navigate_findings'; import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE, @@ -55,7 +51,6 @@ export const SummarySection = ({ complianceData: ComplianceDashboardData; }) => { const navToFindings = useNavigateFindings(); - const navToFindingsByResource = useNavigateFindingsByResource(); const cspmIntegrationLink = useCspIntegrationLink(CSPM_POLICY_TEMPLATE); const kspmIntegrationLink = useCspIntegrationLink(KSPM_POLICY_TEMPLATE); @@ -121,7 +116,7 @@ export const SummarySection = ({ { - navToFindingsByResource(getPolicyTemplateQuery(dashboardType)); + navToFindings(getPolicyTemplateQuery(dashboardType)); }} > {i18n.translate( @@ -138,7 +133,7 @@ export const SummarySection = ({ cspmIntegrationLink, dashboardType, kspmIntegrationLink, - navToFindingsByResource, + navToFindings, ] ); From 1c0308c206af0da4364edd1c3e0847f19cffc164 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 15:39:58 -0800 Subject: [PATCH 25/29] fix ci errors --- .../src/containers/query/types.ts | 4 ++-- .../kbn-securitysolution-grouping/src/hooks/use_grouping.tsx | 2 +- .../cloud_security_data_table/cloud_security_data_table.tsx | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/containers/query/types.ts b/packages/kbn-securitysolution-grouping/src/containers/query/types.ts index b208aef1e840b..69a284ecf7a59 100644 --- a/packages/kbn-securitysolution-grouping/src/containers/query/types.ts +++ b/packages/kbn-securitysolution-grouping/src/containers/query/types.ts @@ -19,11 +19,11 @@ type RunTimeMappings = | Record & { type: RuntimePrimitiveTypes }> | undefined; -interface BoolAgg { +export interface BoolAgg { bool: BoolQuery; } -interface RangeAgg { +export interface RangeAgg { range: { '@timestamp': { gte: string; lte: string } }; } diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx index 997dd0895e35e..045a379209043 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx @@ -19,7 +19,7 @@ import { Grouping as GroupingComponent } from '../components/grouping'; /** Interface for grouping object where T is the `GroupingAggregation` * @interface GroupingArgs */ -interface Grouping { +export interface Grouping { getGrouping: (props: DynamicGroupingProps) => React.ReactElement; groupSelector: React.ReactElement; selectedGroups: string[]; diff --git a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx index 71d18342890c3..50e81a0a0c7ec 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx +++ b/x-pack/plugins/cloud_security_posture/public/components/cloud_security_data_table/cloud_security_data_table.tsx @@ -228,7 +228,7 @@ export const CloudSecurityDataTable = ({ // Change the height of the grid to fit the page // If there are filters, leave space for the filter bar // Todo: Replace this component with EuiAutoSizer - height: height ?? `calc(100vh - ${filters.length > 0 ? 443 : 403}px)`, + height: height ?? `calc(100vh - ${filters?.length > 0 ? 443 : 403}px)`, }; const rowHeightState = 0; From 7bacb48ced3b32d8d4443944ecdbf606c8a7a911 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Wed, 15 Nov 2023 21:44:54 -0800 Subject: [PATCH 26/29] fixing ci and FTR tests --- .../src/hooks/use_grouping.tsx | 2 +- .../src/index.ts | 2 +- .../pages/findings.ts | 8 +++--- .../pages/findings_alerts.ts | 7 ++--- .../pages/findings_grouping.ts | 26 +++++++++---------- 5 files changed, 23 insertions(+), 22 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx index 045a379209043..997dd0895e35e 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx @@ -19,7 +19,7 @@ import { Grouping as GroupingComponent } from '../components/grouping'; /** Interface for grouping object where T is the `GroupingAggregation` * @interface GroupingArgs */ -export interface Grouping { +interface Grouping { getGrouping: (props: DynamicGroupingProps) => React.ReactElement; groupSelector: React.ReactElement; selectedGroups: string[]; diff --git a/packages/kbn-securitysolution-grouping/src/index.ts b/packages/kbn-securitysolution-grouping/src/index.ts index da07c1862da88..11f7058a155c9 100644 --- a/packages/kbn-securitysolution-grouping/src/index.ts +++ b/packages/kbn-securitysolution-grouping/src/index.ts @@ -9,5 +9,5 @@ export * from './components'; export * from './containers'; export * from './helpers'; -export * from './hooks/use_grouping'; +export { useGrouping, type DynamicGroupingProps } from './hooks/use_grouping'; export * from './hooks/types'; diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings.ts b/x-pack/test/cloud_security_posture_functional/pages/findings.ts index 24ce9897d2169..e0ce367a53532 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings.ts @@ -21,7 +21,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { // We intentionally make some fields start with a capital letter to test that the query bar is case-insensitive/case-sensitive const data = [ { - '@timestamp': '1695819664234', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `kubelet`, sub_type: 'lower case sub type' }, result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, rule: { @@ -38,7 +38,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'Upper case cluster id', }, { - '@timestamp': '1695819673242', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `Pod`, sub_type: 'Upper case sub type' }, result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, rule: { @@ -55,7 +55,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'Another Upper case cluster id', }, { - '@timestamp': '1695819676242', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `process`, sub_type: 'another lower case type' }, result: { evaluation: 'passed' }, rule: { @@ -72,7 +72,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'lower case cluster id', }, { - '@timestamp': '1695819680202', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `process`, sub_type: 'Upper case type again' }, result: { evaluation: 'failed' }, rule: { diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts index f346fc3d5c285..9b60c77c3ec15 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts @@ -19,6 +19,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { // We need to use a dataset for the tests to run const data = [ { + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `kubelet`, sub_type: 'lower case sub type' }, result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, rule: { @@ -40,7 +41,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'Upper case cluster id', }, { - '@timestamp': '2023-09-10T14:01:00.000Z', + '@timestamp': new Date(Date.now() - 60 * 60 * 1000).toISOString(), resource: { id: chance.guid(), name: `Pod`, sub_type: 'Upper case sub type' }, result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, rule: { @@ -62,7 +63,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'Another Upper case cluster id', }, { - '@timestamp': '2023-09-10T14:02:00.000Z', + '@timestamp': new Date(Date.now() - 60 * 60 * 1000).toISOString(), resource: { id: chance.guid(), name: `process`, sub_type: 'another lower case type' }, result: { evaluation: 'passed' }, rule: { @@ -84,7 +85,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'lower case cluster id', }, { - '@timestamp': '2023-09-10T14:03:00.000Z', + '@timestamp': new Date(Date.now() - 60 * 60 * 1000).toISOString(), resource: { id: chance.guid(), name: `process`, sub_type: 'Upper case type again' }, result: { evaluation: 'failed' }, rule: { diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts index 0232af72d3e51..b6b535a571535 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts @@ -22,7 +22,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { // We intentionally make some fields start with a capital letter to test that the query bar is case-insensitive/case-sensitive const data = [ { - '@timestamp': '1695819664234', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `kubelet`, sub_type: 'lower case sub type' }, result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, orchestrator: { @@ -45,7 +45,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'Upper case cluster id', }, { - '@timestamp': '1695819673242', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `Pod`, sub_type: 'Upper case sub type' }, result: { evaluation: chance.integer() % 2 === 0 ? 'passed' : 'failed' }, cloud: { @@ -68,7 +68,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'Another Upper case cluster id', }, { - '@timestamp': '1695819676242', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `process`, sub_type: 'another lower case type' }, result: { evaluation: 'passed' }, cloud: { @@ -91,7 +91,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { cluster_id: 'lower case cluster id', }, { - '@timestamp': '1695819680202', + '@timestamp': new Date().toISOString(), resource: { id: chance.guid(), name: `process`, sub_type: 'Upper case type again' }, result: { evaluation: 'failed' }, cloud: { @@ -120,7 +120,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { describe('Findings Page - Grouping', function () { this.tags(['cloud_security_posture_findings_grouping']); let findings: typeof pageObjects.findings; - let groupSelector: ReturnType; + // let groupSelector: ReturnType; before(async () => { findings = pageObjects.findings; @@ -133,17 +133,11 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { await findings.index.add(data); await findings.navigateToLatestFindingsPage(); - - groupSelector = await findings.groupSelector(); - - await retry.waitFor( - 'Findings table to be loaded', - async () => (await findings.latestFindingsTable.getRowsCount()) === data.length - ); - pageObjects.header.waitUntilLoadingHasFinished(); + await pageObjects.header.waitUntilLoadingHasFinished(); }); after(async () => { + const groupSelector = await findings.groupSelector(); await groupSelector.openDropDown(); await groupSelector.setValue('None'); await findings.index.remove(); @@ -151,6 +145,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { describe('Default Grouping', async () => { it('groups findings by resource and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); await groupSelector.openDropDown(); await groupSelector.setValue('Resource'); @@ -170,6 +165,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { expect(unitCount).to.be('4 findings'); }); it('groups findings by rule name and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); await groupSelector.openDropDown(); await groupSelector.setValue('Rule name'); @@ -194,6 +190,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); }); it('groups findings by cloud account and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); + await groupSelector.setValue('Cloud account'); const grouping = await findings.findingsGrouping(); @@ -212,6 +210,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); }); it('groups findings by Kubernetes cluster and sort case sensitive asc', async () => { + const groupSelector = await findings.groupSelector(); await groupSelector.setValue('Kubernetes cluster'); const grouping = await findings.findingsGrouping(); @@ -232,6 +231,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); describe('SearchBar', () => { it('add filter', async () => { + const groupSelector = await findings.groupSelector(); await groupSelector.setValue('Resource'); // Filter bar uses the field's customLabel in the DataView From ca4713c447e4df0dcb73a5974565b0000009c0f6 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Thu, 16 Nov 2023 01:04:13 -0800 Subject: [PATCH 27/29] fix CI types error --- .../kbn-securitysolution-grouping/src/hooks/use_grouping.tsx | 4 ++-- packages/kbn-securitysolution-grouping/src/index.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx index 997dd0895e35e..3ff2232acbd72 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_grouping.tsx @@ -19,7 +19,7 @@ import { Grouping as GroupingComponent } from '../components/grouping'; /** Interface for grouping object where T is the `GroupingAggregation` * @interface GroupingArgs */ -interface Grouping { +export interface UseGrouping { getGrouping: (props: DynamicGroupingProps) => React.ReactElement; groupSelector: React.ReactElement; selectedGroups: string[]; @@ -99,7 +99,7 @@ export const useGrouping = ({ onOptionsChange, tracker, title, -}: GroupingArgs): Grouping => { +}: GroupingArgs): UseGrouping => { const [groupingState, dispatch] = useReducer(groupsReducerWithStorage, initialState); const { activeGroups: selectedGroups } = useMemo( () => groupByIdSelector({ groups: groupingState }, groupingId) ?? defaultGroup, diff --git a/packages/kbn-securitysolution-grouping/src/index.ts b/packages/kbn-securitysolution-grouping/src/index.ts index 11f7058a155c9..da07c1862da88 100644 --- a/packages/kbn-securitysolution-grouping/src/index.ts +++ b/packages/kbn-securitysolution-grouping/src/index.ts @@ -9,5 +9,5 @@ export * from './components'; export * from './containers'; export * from './helpers'; -export { useGrouping, type DynamicGroupingProps } from './hooks/use_grouping'; +export * from './hooks/use_grouping'; export * from './hooks/types'; From 95f8cf49c80c36ba192328aa81b4957d49b0e3e1 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Thu, 16 Nov 2023 07:47:27 -0800 Subject: [PATCH 28/29] remove unused service from ftr --- .../cloud_security_posture_functional/pages/findings_grouping.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts index b6b535a571535..173630e56837e 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts @@ -14,7 +14,6 @@ import type { FtrProviderContext } from '../ftr_provider_context'; export default function ({ getPageObjects, getService }: FtrProviderContext) { const queryBar = getService('queryBar'); const filterBar = getService('filterBar'); - const retry = getService('retry'); const pageObjects = getPageObjects(['common', 'findings', 'header']); const chance = new Chance(); From 6ff86abf3b85a2de97658e942e4f6ab6d4980693 Mon Sep 17 00:00:00 2001 From: Paulo Henrique Date: Mon, 27 Nov 2023 15:27:28 -0800 Subject: [PATCH 29/29] adding maxGroupingLevels tests --- .../components/group_selector/index.test.tsx | 48 +++++++++++++++++++ .../src/hooks/use_get_group_selector.test.tsx | 28 +++++++++++ 2 files changed, 76 insertions(+) diff --git a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.test.tsx b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.test.tsx index 2172390f41e85..9f09e3b26ea49 100644 --- a/packages/kbn-securitysolution-grouping/src/components/group_selector/index.test.tsx +++ b/packages/kbn-securitysolution-grouping/src/components/group_selector/index.test.tsx @@ -124,4 +124,52 @@ describe('group selector', () => { ); expect(getByTestId('group-selector-dropdown').title).toEqual('Rule name, Host name'); }); + describe('when maxGroupingLevels is 1', () => { + it('Presents single option selector label when dropdown is clicked', () => { + const { getByTestId } = render( + + ); + fireEvent.click(getByTestId('group-selector-dropdown')); + expect(getByTestId('contextMenuPanelTitle').textContent).toMatch(/select grouping/i); + }); + it('Does not disable any options when maxGroupingLevels is 1 and one option is selected', () => { + const groupSelected = ['kibana.alert.rule.name']; + + const { getByTestId } = render( + + ); + + fireEvent.click(getByTestId('group-selector-dropdown')); + + [...testProps.options, { key: 'custom', label: 'Custom field' }].forEach((o) => { + expect(getByTestId(`panel-${o.key}`)).not.toHaveAttribute('disabled'); + }); + }); + }); + describe('when maxGroupingLevels is greater than 1', () => { + it('Presents select up to "X" groupings when dropdown is clicked', () => { + const { getByTestId } = render( + + ); + fireEvent.click(getByTestId('group-selector-dropdown')); + expect(getByTestId('contextMenuPanelTitle').textContent).toMatch(/select up to 3 groupings/i); + }); + it('Disables non-selected options when maxGroupingLevels is greater than 1 and the selects items reaches the maxGroupingLevels', () => { + const groupSelected = ['kibana.alert.rule.name', 'user.name']; + + const { getByTestId } = render( + + ); + + fireEvent.click(getByTestId('group-selector-dropdown')); + + [...testProps.options, { key: 'custom', label: 'Custom field' }].forEach((o) => { + if (groupSelected.includes(o.key) || o.key === 'none') { + expect(getByTestId(`panel-${o.key}`)).not.toHaveAttribute('disabled'); + } else { + expect(getByTestId(`panel-${o.key}`)).toHaveAttribute('disabled'); + } + }); + }); + }); }); diff --git a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.test.tsx b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.test.tsx index 36fe9badac55d..e6221c677b9d5 100644 --- a/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.test.tsx +++ b/packages/kbn-securitysolution-grouping/src/hooks/use_get_group_selector.test.tsx @@ -157,6 +157,34 @@ describe('Group Selector Hooks', () => { }); }); + it('On group change when maxGroupingLevels is 1, remove previously selected group', () => { + const testGroup = { + [groupingId]: { + ...defaultGroup, + options: defaultGroupingOptions, + activeGroups: ['host.name'], + }, + }; + const { result } = renderHook((props) => useGetGroupSelector(props), { + initialProps: { + ...defaultArgs, + maxGroupingLevels: 1, + groupingState: { + groupById: testGroup, + }, + }, + }); + act(() => result.current.props.onGroupChange('user.name')); + + expect(dispatch).toHaveBeenCalledWith({ + payload: { + id: groupingId, + activeGroups: ['user.name'], + }, + type: ActionType.updateActiveGroups, + }); + }); + it('On group change, resets active page, sets active group, and leaves options alone', () => { const testGroup = { [groupingId]: {