[Security Solution][Entity details] - move osquery, response and inve…

…stigation guide related hooks and components to flyout folder (#190110)
elastic · Aug 19, 2024 · 04503bf · 04503bf
1 parent 35c0671
commit 04503bf
Show file tree

Hide file tree

Showing 12 changed files with 114 additions and 82 deletions.
diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/translations.ts b/x-pack/plugins/security_solution/public/common/components/event_details/translations.ts
@@ -7,28 +7,10 @@
 
 import { i18n } from '@kbn/i18n';
 
-export const INVESTIGATION_GUIDE = i18n.translate(
-  'xpack.securitySolution.alertDetails.overview.investigationGuide',
-  {
-    defaultMessage: 'Investigation guide',
-  }
-);
-
 export const TABLE = i18n.translate('xpack.securitySolution.eventDetails.table', {
   defaultMessage: 'Table',
 });
 
-export const OSQUERY_VIEW = i18n.translate('xpack.securitySolution.eventDetails.osqueryView', {
-  defaultMessage: 'Osquery Results',
-});
-
-export const RESPONSE_ACTIONS_VIEW = i18n.translate(
-  'xpack.securitySolution.eventDetails.responseActionsView',
-  {
-    defaultMessage: 'Response Results',
-  }
-);
-
 export const DESCRIPTION = i18n.translate('xpack.securitySolution.eventDetails.description', {
   defaultMessage: 'Description',
 });
@@ -48,20 +30,6 @@ export const RULE_TYPE = i18n.translate('xpack.securitySolution.detections.alert
   defaultMessage: 'Rule type',
 });
 
-export const MULTI_FIELD_TOOLTIP = i18n.translate(
-  'xpack.securitySolution.eventDetails.multiFieldTooltipContent',
-  {
-    defaultMessage: 'Multi-fields can have multiple values per field',
-  }
-);
-
-export const MULTI_FIELD_BADGE = i18n.translate(
-  'xpack.securitySolution.eventDetails.multiFieldBadge',
-  {
-    defaultMessage: 'multi-field',
-  }
-);
-
 export const ACTIONS = i18n.translate('xpack.securitySolution.eventDetails.table.actions', {
   defaultMessage: 'Actions',
 });

diff --git a/...gins/security_solution/public/common/components/markdown_editor/plugins/insight/index.tsx b/...gins/security_solution/public/common/components/markdown_editor/plugins/insight/index.tsx
@@ -42,7 +42,7 @@ import { useAppToasts } from '../../../../hooks/use_app_toasts';
 import { useKibana } from '../../../../lib/kibana';
 import { useInsightQuery } from './use_insight_query';
 import { useInsightDataProviders, type Provider } from './use_insight_data_providers';
-import { BasicAlertDataContext } from '../../../event_details/investigation_guide_view';
+import { BasicAlertDataContext } from '../../../../../flyout/document_details/left/components/investigation_guide_view';
 import { InvestigateInTimelineButton } from '../../../event_details/table/investigate_in_timeline_button';
 import {
   getTimeRangeSettings,

diff --git a/...s/security_solution/public/common/components/markdown_editor/plugins/osquery/renderer.tsx b/...s/security_solution/public/common/components/markdown_editor/plugins/osquery/renderer.tsx
@@ -13,7 +13,7 @@ import styled from 'styled-components';
 import { EuiButton, EuiToolTip } from '@elastic/eui';
 import type { EcsSecurityExtension as Ecs } from '@kbn/securitysolution-ecs';
 import { useUpsellingMessage } from '../../../../hooks/use_upselling';
-import { BasicAlertDataContext } from '../../../event_details/investigation_guide_view';
+import { BasicAlertDataContext } from '../../../../../flyout/document_details/left/components/investigation_guide_view';
 import { expandDottedObject } from '../../../../../../common/utils/expand_dotted';
 import OsqueryLogo from './osquery_icon/osquery.svg';
 import { OsqueryFlyout } from '../../../../../detections/components/osquery/osquery_flyout';

diff --git a/.../security_solution/public/flyout/document_details/left/components/investigation_guide.tsx b/.../security_solution/public/flyout/document_details/left/components/investigation_guide.tsx
@@ -10,7 +10,7 @@ import { FormattedMessage } from '@kbn/i18n-react';
 import { useInvestigationGuide } from '../../shared/hooks/use_investigation_guide';
 import { useDocumentDetailsContext } from '../../shared/context';
 import { INVESTIGATION_GUIDE_TEST_ID, INVESTIGATION_GUIDE_LOADING_TEST_ID } from './test_ids';
-import { InvestigationGuideView } from '../../../../common/components/event_details/investigation_guide_view';
+import { InvestigationGuideView } from './investigation_guide_view';
 import { FlyoutLoading } from '../../../shared/components/flyout_loading';
 
 /**

diff --git a/...details/investigation_guide_view.test.tsx → ...ponents/investigation_guide_view.test.tsx b/...details/investigation_guide_view.test.tsx → ...ponents/investigation_guide_view.test.tsx
@@ -8,7 +8,7 @@
 import React from 'react';
 import { render } from '@testing-library/react';
 import { InvestigationGuideView } from './investigation_guide_view';
-import type { UseBasicDataFromDetailsDataResult } from '../../../flyout/document_details/shared/hooks/use_basic_data_from_details_data';
+import type { UseBasicDataFromDetailsDataResult } from '../../shared/hooks/use_basic_data_from_details_data';
 
 const defaultProps = {
   basicData: {

diff --git a/...vent_details/investigation_guide_view.tsx → ...t/components/investigation_guide_view.tsx b/...vent_details/investigation_guide_view.tsx → ...t/components/investigation_guide_view.tsx
@@ -8,10 +8,17 @@
 import { EuiSpacer, EuiTitle, EuiText } from '@elastic/eui';
 import React, { createContext } from 'react';
 import styled from 'styled-components';
-import type { UseBasicDataFromDetailsDataResult } from '../../../flyout/document_details/shared/hooks/use_basic_data_from_details_data';
-import * as i18n from './translations';
-import { MarkdownRenderer } from '../markdown_editor';
-import { LineClamp } from '../line_clamp';
+import { i18n } from '@kbn/i18n';
+import type { UseBasicDataFromDetailsDataResult } from '../../shared/hooks/use_basic_data_from_details_data';
+import { LineClamp } from '../../../../common/components/line_clamp';
+import { MarkdownRenderer } from '../../../../common/components/markdown_editor';
+
+const INVESTIGATION_GUIDE = i18n.translate(
+  'xpack.securitySolution.flyout.left.investigationGuide',
+  {
+    defaultMessage: 'Investigation guide',
+  }
+);
 
 export const Indent = styled.div`
   padding: 0 8px;
@@ -43,7 +50,6 @@ interface InvestigationGuideViewProps {
 /**
  * Investigation guide that shows the markdown text of rule.note
  */
-// TODO: MOVE TO FLYOUT FOLDER - https://github.com/elastic/security-team/issues/7462
 const InvestigationGuideViewComponent: React.FC<InvestigationGuideViewProps> = ({
   basicData,
   ruleNote,
@@ -56,7 +62,7 @@ const InvestigationGuideViewComponent: React.FC<InvestigationGuideViewProps> = (
         <>
           <EuiSpacer size="l" />
           <EuiTitle size="xxxs" data-test-subj="summary-view-guide">
-            <h5>{i18n.INVESTIGATION_GUIDE}</h5>
+            <h5>{INVESTIGATION_GUIDE}</h5>
           </EuiTitle>
           <EuiSpacer size="s" />
         </>

diff --git a/...ins/security_solution/public/flyout/document_details/left/components/response_details.tsx b/...ins/security_solution/public/flyout/document_details/left/components/response_details.tsx
@@ -11,7 +11,7 @@ import styled from 'styled-components';
 import { FormattedMessage } from '@kbn/i18n-react';
 import { RESPONSE_DETAILS_TEST_ID } from './test_ids';
 import { useDocumentDetailsContext } from '../../shared/context';
-import { useResponseActionsView } from '../../../../common/components/event_details/response_actions_view';
+import { useResponseActionsView } from '../hooks/use_response_actions_view';
 
 const ExtendedFlyoutWrapper = styled.div`
  figure {

diff --git a/...rity_solution/public/flyout/document_details/left/hooks/use_response_actions_view.test.ts b/...rity_solution/public/flyout/document_details/left/hooks/use_response_actions_view.test.ts
@@ -0,0 +1,61 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { renderHook } from '@testing-library/react-hooks';
+import { useResponseActionsView } from './use_response_actions_view';
+import { mockSearchHit } from '../../shared/mocks/mock_search_hit';
+import { mockDataAsNestedObject } from '../../shared/mocks/mock_data_as_nested_object';
+import { useGetAutomatedActionList } from '../../../../management/hooks/response_actions/use_get_automated_action_list';
+import { useIsExperimentalFeatureEnabled } from '../../../../common/hooks/use_experimental_features';
+
+const ecsData = mockDataAsNestedObject;
+const rawEventData = mockSearchHit;
+
+jest.mock('../../../../common/hooks/use_experimental_features');
+jest.mock('../../../../management/hooks/response_actions/use_get_automated_action_list');
+
+describe('useResponseActionsView', () => {
+  it('should return the normal component', () => {
+    (useIsExperimentalFeatureEnabled as jest.Mock).mockReturnValue(true);
+    (useGetAutomatedActionList as jest.Mock).mockReturnValue({
+      data: [],
+      isFetched: true,
+    });
+
+    const { result } = renderHook(() =>
+      useResponseActionsView({
+        ecsData,
+        rawEventData,
+      })
+    );
+
+    expect(result.current.id).toEqual('response-actions-results-view');
+    expect(result.current.name).toEqual('Response Results');
+    expect(result.current.append).toBeDefined();
+    expect(result.current.content).toBeDefined();
+  });
+
+  it('returns early return if rawEventData is undefined', () => {
+    (useIsExperimentalFeatureEnabled as jest.Mock).mockReturnValue(true);
+    (useGetAutomatedActionList as jest.Mock).mockReturnValue({
+      data: [],
+      isFetched: true,
+    });
+
+    const { result } = renderHook(() =>
+      useResponseActionsView({
+        ecsData,
+        rawEventData: undefined,
+      })
+    );
+
+    expect(result.current.id).toEqual('response-actions-results-view');
+    expect(result.current.name).toEqual('Response Results');
+    expect(result.current.append).not.toBeDefined();
+    expect(result.current.content).toBeDefined();
+  });
+});
diff --git a/...s/event_details/response_actions_view.tsx → .../left/hooks/use_response_actions_view.tsx b/...s/event_details/response_actions_view.tsx → .../left/hooks/use_response_actions_view.tsx
@@ -5,23 +5,29 @@
  * 2.0.
  */
 
-import React, { useMemo, useState, useEffect } from 'react';
-import styled from 'styled-components';
+import React, { useState, useEffect } from 'react';
+import styled from '@emotion/styled';
 import type { EuiTabbedContentTab } from '@elastic/eui';
 import { EuiLink, EuiNotificationBadge, EuiSpacer } from '@elastic/eui';
 import type { Ecs } from '@kbn/cases-plugin/common';
 import { FormattedMessage } from '@kbn/i18n-react';
-import { RESPONSE_NO_DATA_TEST_ID } from '../../../flyout/document_details/left/components/test_ids';
-import type { SearchHit } from '../../../../common/search_strategy';
+import { i18n } from '@kbn/i18n';
+import { RESPONSE_NO_DATA_TEST_ID } from '../components/test_ids';
+import type { SearchHit } from '../../../../../common/search_strategy';
 import type {
   ExpandedEventFieldsObject,
   RawEventData,
-} from '../../../../common/types/response_actions';
-import { ResponseActionsResults } from '../response_actions/response_actions_results';
-import { expandDottedObject } from '../../../../common/utils/expand_dotted';
-import { useGetAutomatedActionList } from '../../../management/hooks/response_actions/use_get_automated_action_list';
-import { EventsViewType } from './event_details';
-import * as i18n from './translations';
+} from '../../../../../common/types/response_actions';
+import { ResponseActionsResults } from '../../../../common/components/response_actions/response_actions_results';
+import { expandDottedObject } from '../../../../../common/utils/expand_dotted';
+import { useGetAutomatedActionList } from '../../../../management/hooks/response_actions/use_get_automated_action_list';
+
+const RESPONSE_ACTIONS_VIEW = i18n.translate(
+  'xpack.securitySolution.flyout.response.responseActionsView',
+  {
+    defaultMessage: 'Response Results',
+  }
+);
 
 const TabContentWrapper = styled.div`
   height: 100%;
@@ -56,23 +62,29 @@ const EmptyResponseActions = () => {
   );
 };
 
-// TODO: MOVE TO FLYOUT FOLDER - https://github.com/elastic/security-team/issues/7462
+const viewData = {
+  id: 'response-actions-results-view',
+  name: RESPONSE_ACTIONS_VIEW,
+};
+
+export interface UseResponseActionsViewParams {
+  /**
+   * An object with top level fields from the ECS object
+   */
+  ecsData?: Ecs | null;
+  /**
+   * The actual raw document object
+   */
+  rawEventData: SearchHit | undefined;
+}
+
+/**
+ *
+ */
 export const useResponseActionsView = <T extends object = JSX.Element>({
   rawEventData,
   ecsData,
-}: {
-  ecsData?: Ecs | null;
-  rawEventData: SearchHit | undefined;
-}): EuiTabbedContentTab | undefined => {
-  // can not be moved outside of the component, because then EventsViewType throws runtime error regarding not being initialized yet
-  const viewData = useMemo(
-    () => ({
-      id: EventsViewType.responseActionsView,
-      'data-test-subj': 'responseActionsViewTab',
-      name: i18n.RESPONSE_ACTIONS_VIEW,
-    }),
-    []
-  );
+}: UseResponseActionsViewParams): EuiTabbedContentTab => {
   const expandedEventFieldsObject = rawEventData
     ? (expandDottedObject((rawEventData as RawEventData).fields) as ExpandedEventFieldsObject)
     : undefined;

diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json
@@ -35559,7 +35559,6 @@
     "xpack.securitySolution.alertCountByRuleByStatus.tooltipTitle": "Nom de règle",
     "xpack.securitySolution.alertDetails.overview.hostRiskDataTitle": "Données de risque de {riskEntity}",
     "xpack.securitySolution.alertDetails.overview.insights.suppressedAlertsCountTechnicalPreview": "Version d'évaluation technique",
-    "xpack.securitySolution.alertDetails.overview.investigationGuide": "Guide d'investigation",
     "xpack.securitySolution.alertDetails.summary.readLess": "Lire moins",
     "xpack.securitySolution.alertDetails.summary.readMore": "En savoir plus",
     "xpack.securitySolution.alerts.badge.readOnly.tooltip": "Impossible de mettre à jour les alertes",
@@ -38924,14 +38923,10 @@
     "xpack.securitySolution.event.summary.threat_indicator.showMatches": "Afficher les {count} alertes de correspondance d'indicateur",
     "xpack.securitySolution.eventDetails.alertReason": "Raison d'alerte",
     "xpack.securitySolution.eventDetails.description": "Description",
-    "xpack.securitySolution.eventDetails.multiFieldBadge": "champ multiple",
-    "xpack.securitySolution.eventDetails.multiFieldTooltipContent": "Les champs multiples peuvent avoir plusieurs valeurs.",
-    "xpack.securitySolution.eventDetails.osqueryView": "Résultats Osquery",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.executed": "a exécuté la commande {command}",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.failed": "n'a pas pu exécuter la commande {command}",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.pending": "exécute la commande {command}",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.tried": "a tenté d'exécuter la commande {command}",
-    "xpack.securitySolution.eventDetails.responseActionsView": "Résultats de la réponse",
     "xpack.securitySolution.eventDetails.summaryView": "résumé",
     "xpack.securitySolution.eventDetails.table": "Tableau",
     "xpack.securitySolution.eventDetails.table.actions": "Actions",

diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
@@ -35543,7 +35543,6 @@
     "xpack.securitySolution.alertCountByRuleByStatus.tooltipTitle": "ルール名",
     "xpack.securitySolution.alertDetails.overview.hostRiskDataTitle": "{riskEntity}リスクデータ",
     "xpack.securitySolution.alertDetails.overview.insights.suppressedAlertsCountTechnicalPreview": "テクニカルプレビュー",
-    "xpack.securitySolution.alertDetails.overview.investigationGuide": "調査ガイド",
     "xpack.securitySolution.alertDetails.summary.readLess": "表示を減らす",
     "xpack.securitySolution.alertDetails.summary.readMore": "続きを読む",
     "xpack.securitySolution.alerts.badge.readOnly.tooltip": "アラートを更新できません",
@@ -38905,14 +38904,10 @@
     "xpack.securitySolution.event.summary.threat_indicator.showMatches": "すべての{count}件のインジケーター一致アラートを表示",
     "xpack.securitySolution.eventDetails.alertReason": "アラートの理由",
     "xpack.securitySolution.eventDetails.description": "説明",
-    "xpack.securitySolution.eventDetails.multiFieldBadge": "複数フィールド",
-    "xpack.securitySolution.eventDetails.multiFieldTooltipContent": "複数フィールドにはフィールドごとに複数の値を入力できます",
-    "xpack.securitySolution.eventDetails.osqueryView": "Osquery結果",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.executed": "{command}コマンドを実行しました",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.failed": "{command}コマンドを実行できませんでした",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.pending": "{command}コマンドを実行しています",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.tried": "{command}コマンドを実行しようとしました",
-    "xpack.securitySolution.eventDetails.responseActionsView": "対応の結果",
     "xpack.securitySolution.eventDetails.summaryView": "まとめ",
     "xpack.securitySolution.eventDetails.table": "表",
     "xpack.securitySolution.eventDetails.table.actions": "アクション",

diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
@@ -35584,7 +35584,6 @@
     "xpack.securitySolution.alertCountByRuleByStatus.tooltipTitle": "规则名称",
     "xpack.securitySolution.alertDetails.overview.hostRiskDataTitle": "{riskEntity}风险数据",
     "xpack.securitySolution.alertDetails.overview.insights.suppressedAlertsCountTechnicalPreview": "技术预览",
-    "xpack.securitySolution.alertDetails.overview.investigationGuide": "调查指南",
     "xpack.securitySolution.alertDetails.summary.readLess": "阅读更少内容",
     "xpack.securitySolution.alertDetails.summary.readMore": "阅读更多内容",
     "xpack.securitySolution.alerts.badge.readOnly.tooltip": "无法更新告警",
@@ -38949,14 +38948,10 @@
     "xpack.securitySolution.event.summary.threat_indicator.showMatches": "显示所有 {count} 个指标匹配告警",
     "xpack.securitySolution.eventDetails.alertReason": "告警原因",
     "xpack.securitySolution.eventDetails.description": "描述",
-    "xpack.securitySolution.eventDetails.multiFieldBadge": "多字段",
-    "xpack.securitySolution.eventDetails.multiFieldTooltipContent": "多字段的每个字段可以有多个值",
-    "xpack.securitySolution.eventDetails.osqueryView": "Osquery 结果",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.executed": "已执行 {command} 命令",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.failed": "无法执行 {command} 命令",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.pending": "正在执行 {command} 命令",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.tried": "已尝试执行 {command} 命令",
-    "xpack.securitySolution.eventDetails.responseActionsView": "响应结果",
     "xpack.securitySolution.eventDetails.summaryView": "摘要",
     "xpack.securitySolution.eventDetails.table": "表",
     "xpack.securitySolution.eventDetails.table.actions": "操作",