From 6685338dc15a85e0a0c742f7cea197c1ebcb052c Mon Sep 17 00:00:00 2001 From: Tomasz Ciecierski Date: Fri, 5 May 2023 10:25:06 +0200 Subject: [PATCH] apply comments, fix types and licenseSErvice --- .../public/action_results/translations.ts | 5 +++-- .../endpoint/endpoint_app_context_services.ts | 3 ++- .../routes/actions/response_actions.test.ts | 6 +----- .../endpoint/services/actions/create/index.ts | 20 ++++++++++++++----- .../security_solution/server/plugin.ts | 3 +-- 5 files changed, 22 insertions(+), 15 deletions(-) diff --git a/x-pack/plugins/osquery/public/action_results/translations.ts b/x-pack/plugins/osquery/public/action_results/translations.ts index b8cd98aae576a..0e2324ab3a4f7 100644 --- a/x-pack/plugins/osquery/public/action_results/translations.ts +++ b/x-pack/plugins/osquery/public/action_results/translations.ts @@ -28,13 +28,14 @@ const parametersNotFound = export const getSkippedQueryError = (error: string) => { if (error === platinumLicenseRequired) { return i18n.translate('xpack.osquery.liveQueryActionResults.table.wrongLicenseErrorText', { - defaultMessage: `${platinumLicenseRequired}`, + defaultMessage: 'At least Platinum license is required to use Response Actions.', }); } if (error === parametersNotFound) { return i18n.translate('xpack.osquery.liveQueryActionResults.table.skippedErrorText', { - defaultMessage: `${parametersNotFound}`, + defaultMessage: + "This query hasn't been called due to parameter used and its value not found in the alert.", }); } diff --git a/x-pack/plugins/security_solution/server/endpoint/endpoint_app_context_services.ts b/x-pack/plugins/security_solution/server/endpoint/endpoint_app_context_services.ts index eb04fd133a55e..73bd035aa6496 100644 --- a/x-pack/plugins/security_solution/server/endpoint/endpoint_app_context_services.ts +++ b/x-pack/plugins/security_solution/server/endpoint/endpoint_app_context_services.ts @@ -37,6 +37,7 @@ import type { EndpointAuthz } from '../../common/endpoint/types/authz'; import { calculateEndpointAuthz } from '../../common/endpoint/service/authz'; import type { FeatureUsageService } from './services/feature_usage/service'; import type { ExperimentalFeatures } from '../../common/experimental_features'; +import type { ActionCreateService } from './services'; import { doesArtifactHaveData } from './services'; import type { actionCreateService } from './services/actions'; @@ -237,7 +238,7 @@ export class EndpointAppContextService { return this.startDependencies.messageSigningService; } - public getActionCreateService(): ReturnType { + public getActionCreateService(): ActionCreateService { if (!this.startDependencies?.actionCreateService) { throw new EndpointAppContentServicesNotStartedError(); } diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts b/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts index 696222eab1ed7..b2bc7ea008b10 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts @@ -132,11 +132,7 @@ describe('Response actions', () => { endpointAppContextService.setup(createMockEndpointAppContextServiceSetupContract()); endpointAppContextService.start({ ...startContract, - actionCreateService: actionCreateService( - mockScopedClient.asInternalUser, - endpointContext, - licenseService - ), + actionCreateService: actionCreateService(mockScopedClient.asInternalUser, endpointContext), licenseService, }); diff --git a/x-pack/plugins/security_solution/server/endpoint/services/actions/create/index.ts b/x-pack/plugins/security_solution/server/endpoint/services/actions/create/index.ts index 1b8629c0ca1d9..8ab1ec7994381 100644 --- a/x-pack/plugins/security_solution/server/endpoint/services/actions/create/index.ts +++ b/x-pack/plugins/security_solution/server/endpoint/services/actions/create/index.ts @@ -68,12 +68,19 @@ interface CreateActionMetadata { enableActionsWithErrors?: boolean; } +export interface ActionCreateService { + createActionFromAlert: (payload: CreateActionPayload) => Promise; + createAction: ( + payload: CreateActionPayload, + metadata: CreateActionMetadata + ) => Promise; +} + export const actionCreateService = ( esClient: ElasticsearchClient, - endpointContext: EndpointAppContext, - licenseService: LicenseService -) => { - const createActionFromAlert = async (payload: CreateActionPayload) => { + endpointContext: EndpointAppContext +): ActionCreateService => { + const createActionFromAlert = async (payload: CreateActionPayload): Promise => { return createAction({ ...payload }, { minimumLicenseRequired: 'enterprise' }); }; @@ -86,6 +93,8 @@ export const actionCreateService = ( endpointContext.service.getFeatureUsageService().notifyUsage(featureKey); } + const licenseService = endpointContext.service.getLicenseService(); + const logger = endpointContext.logFactory.get('hostIsolation'); // fetch the Agent IDs to send the commands to @@ -341,11 +350,12 @@ interface CheckForAlertsArgs { licenseService: LicenseService; minimumLicenseRequired: LicenseType; } + const checkForAlertErrors = ({ agents, licenseService, minimumLicenseRequired = 'basic', -}: CheckForAlertsArgs) => { +}: CheckForAlertsArgs): string | undefined => { const licenseError = validateEndpointLicense(licenseService, minimumLicenseRequired); const agentsError = validateAgents(agents); diff --git a/x-pack/plugins/security_solution/server/plugin.ts b/x-pack/plugins/security_solution/server/plugin.ts index 223396e6d268a..b25b58c0045c2 100644 --- a/x-pack/plugins/security_solution/server/plugin.ts +++ b/x-pack/plugins/security_solution/server/plugin.ts @@ -506,8 +506,7 @@ export class Plugin implements ISecuritySolutionPlugin { messageSigningService: plugins.fleet?.messageSigningService, actionCreateService: actionCreateService( core.elasticsearch.client.asInternalUser, - this.endpointContext, - licenseService + this.endpointContext ), });