[Security Solution]Fix incorrect number of invalid connectors is shown on the toast message #152313
Conversation
WafaaNasr
added
release_note:skip
There was a problem hiding this comment.
@WafaaNasr thank you for fixing this bug 🙏 Let's just explore edge cases to make sure there are no bugs here.
| const { error } = connectorError; | ||
| let concatenatedActionIds: string = ''; | ||
| const mappedErrors = actionConnectorsErrors.map((connectorError) => { | ||
| const { id, error } = connectorError as ImportResponseError; |
There was a problem hiding this comment.
Why isn't it possible to just calculate the number of errors? Can we get more than one error per connector?
Generally speaking ImportRulesResponseError | ImportResponseError only differs by id and rule_id which come from BulkError (just the fact BulkError allows to omit both id and rule_id which is not supposed to happen I expect but it's another story). If we still support rule_id (most probably for backwards compatibility) can we have a situation when it's in use and this code is gonna fail? If it's not a case so then we should remove rule_id so as ImportResponseError type casting won't be necessary.
There was a problem hiding this comment.
Why isn't it possible to just calculate the number of errors? Can we get more than one error per connector?
-Yes true.
Forex. if the user has rule to import in one file, and this rule has 3 connectors.
For instance, if 2 of them have missing connectors, what will happen as per the Old workflow=> One error message will be generated with the count of the failing connectors, and one error object will be pushed in the array.
2 connectors are missing. Connector ids missing are: X, Y
And just to clarify the id here is the action-connectors id not the rule_id
There was a problem hiding this comment.
Hey @maximpn ! rule_id was initially created to act as a signature id so that a rule could be recognized, say, across platforms. This allows sigma, snort, suricata etc to identify a rule with a singular "signature id" that is never regenerated over time. So the concept of rule_id should hopefully stick around the solution unless platform has come up with a way for it to be supported more globally within a saved object. This comes in very handy on import when a user could be importing a rule they've ported over from elsewhere and want to maintain it's reference to the signature id. I don't think it would be in our interest to remove it's use. Like @WafaaNasr pointed out, the id she references is to the connector, the rule_id points back to the rule that had an action pointing to said connector so the user knows which rule was the source of the error.
If there's a worry that id would not exist in connectorError because it ends up being ImportRulesResponseError vs ImportResponseError maybe we can add a check for id != null.
If there's larger refactoring you think is necessary (this route is now a bit dated and could benefit from refactoring as it's complexity has grown a lot), feel free to create a ticket and we can keep discussing what the response should look like and how rule_id fits into the import use case.
There was a problem hiding this comment.
Hey @yctercero, thank you for the explanation! My concern is misleading types as BulkError at backend and ImportRulesResponseError at frontend don't look related to the connectors. ImportResponseError looks too generic (by name). According to what I see in the code it's pretty easy to use some tailored for connectors error type which action_connectors_errors will use.
Absence of such a type leads to reusing id and rule_id fields to store serialized arrays in a case of missing connectors. I'm afraid it doesn't match with SO importer errors so that importer seems to returning an error per connector. Merging it now and creating a ticket looks like adding a technical debt while we already have it a lot.
There was a problem hiding this comment.
There's definitely refactoring needed overall on import. It used to just be rules and now is exceptions, actions and connectors. With the added comments, we can certainly look to simplify and refactor this flow.
There was a problem hiding this comment.
I understand the concern with creating technical debt. As we are far into the BCs, adding scope in this bug fix can also open us up to further bugs. Our team is working on documenting this route, the technical debt and suggested updates. I can be sure to make reference back to your concerns to ensure they're addressed in any upcoming refactors.
There was a problem hiding this comment.
Thank you @maximpn !
| @@ -178,6 +178,7 @@ describe('checkRuleExceptionReferences', () => { | |||
| '1 connector is missing. Connector id missing is: cabc78e0-9031-11ed-b076-53cc4d57aaf1', | |||
| status_code: 404, | |||
| }, | |||
| id: 'cabc78e0-9031-11ed-b076-53cc4d57aaf1', | |||
There was a problem hiding this comment.
Interesting, you provide both id and rule_id in tests while it should be one of them according to the operated types. See my question regarding them above.
There was a problem hiding this comment.
They are different id is the actionConnectors ids and the rule_id is the rule to be imported.
And we need it, in case the user has multiple rules in one file and not all of them are failing
There was a problem hiding this comment.
I see. For some reason actionsImporter returns a comma separated list of connector identifiers in id field and we don't have any breakdown on this. So this list corresponds to a rule.
| @@ -40,6 +40,7 @@ export const handleActionsHaveNoConnectors = ( | |||
| : 'connector is missing. Connector id missing is:'; | |||
| errors.push( | |||
| createBulkErrorObject({ | |||
| id: actionsIds.join(), | |||
There was a problem hiding this comment.
As id field stores a serialized array it worth to have a comment in BulkError and ImportResponseError to highlight that fact it can contain more than one identifier in a case of missing connectors.
There was a problem hiding this comment.
We'll go ahead and add a comment there. Looks like rule_id has been used this way for a bit. Will be sure to document.
There was a problem hiding this comment.
Please review bc5547c
| @@ -40,6 +40,7 @@ export const handleActionsHaveNoConnectors = ( | |||
| : 'connector is missing. Connector id missing is:'; | |||
| errors.push( | |||
| createBulkErrorObject({ | |||
| id: actionsIds.join(), | |||
| statusCode: 404, | |||
| message: `${actionsIds.length} ${errorMessage} ${actionsIds.join(', ')}`, | |||
| ruleId: ruleIds, | |||
There was a problem hiding this comment.
As rule_id field stores a serialized array it worth to have a comment in BulkError and ImportRuleResponseError to highlight that fact it can contain more than one identifier in a case of missing connectors.
There was a problem hiding this comment.
We'll go ahead and add a comment there. Looks like rule_id has been used this way for a bit. Will be sure to document.
There was a problem hiding this comment.
Please review here bc5547c
|
@elasticmachine merge upstream |
…/WafaaNasr/kibana into fix-incorrect-invalid-connectors
💚 Build Succeeded
Metrics [docs]Async chunks
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: cc @WafaaNasr |
There was a problem hiding this comment.
@WafaaNasr Thank you for addressing my comments 👍 I've created a refactoring ticket so the rest of my concerns should be addressed there.
…n on the toast message (elastic#152313) ## Summary - Addresses elastic#151988 Before the fix, the number of missing connectors was always 1, even if the message says the invalid connectors are more  After,  ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit c0d2b0f)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…s shown on the toast message (#152313) (#152661) # Backport This will backport the following commits from `main` to `8.7`: - [[Security Solution]Fix incorrect number of invalid connectors is shown on the toast message (#152313)](#152313) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Wafaa Nasr","email":"wafaa.nasr@elastic.co"},"sourceCommit":{"committedDate":"2023-03-06T08:24:00Z","message":"[Security Solution]Fix incorrect number of invalid connectors is shown on the toast message (#152313)\n\n## Summary\r\n\r\n- Addresses https://github.com/elastic/kibana/issues/151988\r\n\r\nBefore the fix, the number of missing connectors was always 1, even if\r\nthe message says the invalid connectors are more\r\n\r\n\r\n\r\nAfter,\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>","sha":"c0d2b0f5cc7d5915f9f3894cdccfc7513a61cdc6","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Security Solution Platform","backport:prev-minor","ci:cloud-deploy","v8.7.0","v8.8.0"],"number":152313,"url":"https://github.com/elastic/kibana/pull/152313","mergeCommit":{"message":"[Security Solution]Fix incorrect number of invalid connectors is shown on the toast message (#152313)\n\n## Summary\r\n\r\n- Addresses https://github.com/elastic/kibana/issues/151988\r\n\r\nBefore the fix, the number of missing connectors was always 1, even if\r\nthe message says the invalid connectors are more\r\n\r\n\r\n\r\nAfter,\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>","sha":"c0d2b0f5cc7d5915f9f3894cdccfc7513a61cdc6"}},"sourceBranch":"main","suggestedTargetBranches":["8.7"],"targetPullRequestStates":[{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/152313","number":152313,"mergeCommit":{"message":"[Security Solution]Fix incorrect number of invalid connectors is shown on the toast message (#152313)\n\n## Summary\r\n\r\n- Addresses https://github.com/elastic/kibana/issues/151988\r\n\r\nBefore the fix, the number of missing connectors was always 1, even if\r\nthe message says the invalid connectors are more\r\n\r\n\r\n\r\nAfter,\r\n\r\n\r\n\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>","sha":"c0d2b0f5cc7d5915f9f3894cdccfc7513a61cdc6"}}]}] BACKPORT--> Co-authored-by: Wafaa Nasr <wafaa.nasr@elastic.co>
…n on the toast message (elastic#152313) ## Summary - Addresses elastic#151988 Before the fix, the number of missing connectors was always 1, even if the message says the invalid connectors are more  After,  ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
\r\n\r\n\r\n###](https://user-images.githubusercontent.com/12671903/221798261-8fb7ba28-3a1a-4269-9e00-a540f7febb1b.png)\r\n\r\nAfter,\r\n\r\n\r\n\r\n\r\n\r\n###){kind=link}
Summary
Before the fix, the number of missing connectors was always 1, even if the message says the invalid connectors are more
After,
Checklist