Skip to content

Commit

Permalink
[Bug][Security Solution][Event Filters][Endpoint Exceptions] Wildcard…
Browse files Browse the repository at this point in the history
… warning should show when nested entries contain wildcards in value (elastic#190577)

## Summary

- [x] Fixes a bug, where the wildcard warning was not being shown for
`nested` entries with a wildcard
- [x] Unit test

## Screenshots

# Event Filters

![image](https://github.com/user-attachments/assets/c9066c86-b636-4ea5-b2c1-9f472b45d8ab)

# Endpoint Exceptions

![image](https://github.com/user-attachments/assets/5a48bd77-2290-46e9-b6f9-732299217a5c)
  • Loading branch information
parkiino authored Aug 28, 2024
1 parent 15deafa commit 30b5657
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 1 deletion.
40 changes: 40 additions & 0 deletions packages/kbn-securitysolution-list-utils/src/helpers/index.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,26 @@ describe('Helpers', () => {
])
).toBeTruthy();
});

test('it returns true if there are entries joined with an OR that have a wildcard and the wrong operator', () => {
expect(
hasWrongOperatorWithWildcard([
{
description: '',
name: '',
type: 'simple',
entries: [{ type: 'match', value: 'withwildcard?', field: '', operator: 'included' }],
},
{
description: '',
name: '',
type: 'simple',
entries: [{ type: 'match', value: 'withwildcard?*', field: '', operator: 'included' }],
},
])
).toBeTruthy();
});

test('it returns false if there are no exception entries with a wildcard and the wrong operator', () => {
expect(
hasWrongOperatorWithWildcard([
Expand All @@ -219,5 +239,25 @@ describe('Helpers', () => {
])
).toBeFalsy();
});

test('it returns true if there are nested entries with a wildcard and the wrong operator', () => {
expect(
hasWrongOperatorWithWildcard([
{
description: '',
name: '',
type: 'simple',
entries: [
{ type: 'match', value: 'nowildcard', field: '', operator: 'excluded' },
{
field: '',
type: 'nested',
entries: [{ type: 'match', value: 'wildcard?', field: '', operator: 'excluded' }],
},
],
},
])
).toBeTruthy();
});
});
});
11 changes: 10 additions & 1 deletion packages/kbn-securitysolution-list-utils/src/helpers/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1032,7 +1032,16 @@ export const getMappingConflictsInfo = (field: DataViewField): FieldConflictsInf
export const hasWrongOperatorWithWildcard = (
items: ExceptionsBuilderReturnExceptionItem[]
): boolean => {
const allEntries = items.flatMap((item) => item.entries);
// flattens array of multiple entries added with OR
const multipleEntries = items.flatMap((item) => item.entries);
// flattens nested entries
const allEntries = multipleEntries.flatMap((item) => {
if (item.type === 'nested') {
return item.entries;
}
return item;
});

return allEntries.some((e) => {
if (e.type !== 'list' && 'value' in e) {
return validateHasWildcardWithWrongOperator({
Expand Down

0 comments on commit 30b5657

Please sign in to comment.