apply unmute migration to all security rules

elastic · May 4, 2023 · 5c55432 · 5c55432
1 parent a4c9472
commit 5c55432
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 33 deletions.
diff --git a/x-pack/plugins/alerting/server/saved_objects/migrations/8.8/index.ts b/x-pack/plugins/alerting/server/saved_objects/migrations/8.8/index.ts
@@ -76,10 +76,7 @@ function addSecuritySolutionActionsFrequency(
 function unmuteSecuritySolutionCustomRules(
   doc: SavedObjectUnsanitizedDoc<RawRule>
 ): SavedObjectUnsanitizedDoc<RawRule> {
-  // only security custom rules were muted if there is no actions prior 8.8
-  // there is no reason to unmute prebuilt rules
-  // "doc.attributes.params.immutable" is set to "true" for prebuilt rules
-  if (!isDetectionEngineAADRuleType(doc) || doc.attributes.params.immutable) {
+  if (!isDetectionEngineAADRuleType(doc)) {
     return doc;
   }
 

diff --git a/x-pack/plugins/alerting/server/saved_objects/migrations/index.test.ts b/x-pack/plugins/alerting/server/saved_objects/migrations/index.test.ts
@@ -2736,21 +2736,6 @@ describe('successful migrations', () => {
         }
       );
 
-      test('ignores prebuilt rules', () => {
-        const migration880 = getMigrations(encryptedSavedObjectsSetup, {}, isPreconfigured)[
-          '8.8.0'
-        ];
-
-        const rule = getMockData({
-          alertTypeId: ruleTypeMappings.query,
-          muteAll: true,
-          params: { immutable: true },
-        });
-        const migratedAlert880 = migration880(rule, migrationContext);
-
-        expect(migratedAlert880.attributes.muteAll).toBeTruthy();
-      });
-
       test('ignores non security rules', () => {
         const migration880 = getMigrations(encryptedSavedObjectsSetup, {}, isPreconfigured)[
           '8.8.0'

diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group4/migrations.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group4/migrations.ts
@@ -693,25 +693,26 @@ export default function createGetTests({ getService }: FtrProviderContext) {
       ]);
     });
 
-    it('8.8 unmutes only security custom rules', async () => {
-      const nonSecurityRuleId = 'alert:74f3e6d7-b7bb-477d-ac28-92ee22728e6e';
-      const securityImmutableRuleId = 'alert:8990af61-c09a-11ec-9164-4bfd6fc32c43';
+    it('8.8 unmutes only security rules', async () => {
       const securityCustomRuleId = 'alert:88bc8c21-07ba-42eb-ad9c-06820275ac10';
+      const securityImmutableRuleId = 'alert:8990af61-c09a-11ec-9164-4bfd6fc32c43';
+      const nonSecurityRuleId = 'alert:74f3e6d7-b7bb-477d-ac28-92ee22728e6e';
 
-      const { docs } = await es.mget({
+      const { docs } = await es.mget<{ alert: RawRule }>({
         index: ALERTING_CASES_SAVED_OBJECT_INDEX,
-        body: { ids: [securityCustomRuleId, nonSecurityRuleId, securityImmutableRuleId] },
+        body: { ids: [securityCustomRuleId, securityImmutableRuleId, nonSecurityRuleId] },
       });
 
-      expect(
-        (docs[0] as estypes.GetGetResult<{ alert: RawRule }>)?._source?.alert.muteAll
-      ).toBeFalsy();
-      expect(
-        (docs[1] as estypes.GetGetResult<{ alert: RawRule }>)?._source?.alert.muteAll
-      ).toBeTruthy();
-      expect(
-        (docs[2] as estypes.GetGetResult<{ alert: RawRule }>)?._source?.alert.muteAll
-      ).toBeTruthy();
+      const securityCustomRuleMuteAll =
+        '_source' in docs[0] ? docs[0]._source?.alert.muteAll : undefined;
+      const securityImmutableRuleMuteAll =
+        '_source' in docs[1] ? docs[1]._source?.alert.muteAll : undefined;
+      const nonSecurityRuleMuteAll =
+        '_source' in docs[2] ? docs[2]._source?.alert.muteAll : undefined;
+
+      expect(securityCustomRuleMuteAll).toBeFalsy();
+      expect(securityImmutableRuleMuteAll).toBeFalsy();
+      expect(nonSecurityRuleMuteAll).toBeTruthy();
     });
   });
 }