Skip to content

Commit

Permalink
[Entity Analytics] Remove internal asset criticality APIs
Browse files Browse the repository at this point in the history
  • Loading branch information
@hop-dev
hop-dev committed Jul 11, 2024
1 parent 57be31c commit 7500f38
Show file tree
Hide file tree
Showing 6 changed files with 211 additions and 382 deletions.
4 changes: 1 addition & 3 deletions x-pack/plugins/security_solution/common/entity_analytics/asset_criticality/constants.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,11 @@
* 2.0.
*/

export const ASSET_CRITICALITY_INTERNAL_URL = `/internal/asset_criticality` as const;
const ASSET_CRITICALITY_INTERNAL_URL = `/internal/asset_criticality` as const;
export const ASSET_CRITICALITY_INTERNAL_PRIVILEGES_URL =
`${ASSET_CRITICALITY_INTERNAL_URL}/privileges` as const;
export const ASSET_CRITICALITY_INTERNAL_STATUS_URL =
`${ASSET_CRITICALITY_INTERNAL_URL}/status` as const;
export const ASSET_CRITICALITY_INTERNAL_CSV_UPLOAD_URL =
`${ASSET_CRITICALITY_INTERNAL_URL}/upload_csv` as const;

export const ASSET_CRITICALITY_PUBLIC_URL = `/api/asset_criticality` as const;
export const ASSET_CRITICALITY_PUBLIC_CSV_UPLOAD_URL =
Expand Down
116 changes: 39 additions & 77 deletions .../plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/delete.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,12 @@
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { IKibanaResponse, KibanaResponseFactory, Logger } from '@kbn/core/server';
import type { Logger } from '@kbn/core/server';
import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { SecuritySolutionRequestHandlerContext } from '../../../../types';
import {
ASSET_CRITICALITY_PUBLIC_URL,
ASSET_CRITICALITY_INTERNAL_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
Expand All @@ -23,79 +21,6 @@ import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';

type DeleteHandler = (
context: SecuritySolutionRequestHandlerContext,
request: {
query: DeleteAssetCriticalityRecord;
},
response: KibanaResponseFactory
) => Promise<IKibanaResponse>;

const handler: (logger: Logger) => DeleteHandler =
(logger) => async (context, request, response) => {
const securitySolution = await context.securitySolution;

securitySolution.getAuditLogger()?.log({
message: 'User attempted to un-assign asset criticality from an entity',
event: {
action: AssetCriticalityAuditActions.ASSET_CRITICALITY_UNASSIGN,
category: AUDIT_CATEGORY.DATABASE,
type: AUDIT_TYPE.DELETION,
outcome: AUDIT_OUTCOME.UNKNOWN,
},
});

const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);

const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();
await assetCriticalityClient.delete(
{
idField: request.query.id_field,
idValue: request.query.id_value,
},
request.query.refresh
);

return response.ok();
} catch (e) {
const error = transformError(e);

return siemResponse.error({
statusCode: error.statusCode,
body: { message: error.message, full_error: JSON.stringify(e) },
bypassErrorFormat: true,
});
}
};

export const assetCriticalityInternalDeleteRoute = (
router: EntityAnalyticsRoutesDeps['router'],
logger: Logger
) => {
router.versioned
.delete({
access: 'internal',
path: ASSET_CRITICALITY_INTERNAL_URL,
options: {
tags: ['access:securitySolution', `access:${APP_ID}-entity-analytics`],
},
})
.addVersion(
{
version: API_VERSIONS.internal.v1,
validate: {
request: {
query: buildRouteValidationWithZod(DeleteAssetCriticalityRecord),
},
},
},
handler(logger)
);
};

export const assetCriticalityPublicDeleteRoute = (
router: EntityAnalyticsRoutesDeps['router'],
logger: Logger
Expand All @@ -117,6 +42,43 @@ export const assetCriticalityPublicDeleteRoute = (
},
},
},
handler(logger)
async (context, request, response) => {
const securitySolution = await context.securitySolution;

securitySolution.getAuditLogger()?.log({
message: 'User attempted to un-assign asset criticality from an entity',
event: {
action: AssetCriticalityAuditActions.ASSET_CRITICALITY_UNASSIGN,
category: AUDIT_CATEGORY.DATABASE,
type: AUDIT_TYPE.DELETION,
outcome: AUDIT_OUTCOME.UNKNOWN,
},
});

const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);

const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();
await assetCriticalityClient.delete(
{
idField: request.query.id_field,
idValue: request.query.id_value,
},
request.query.refresh
);

return response.ok();
} catch (e) {
const error = transformError(e);

return siemResponse.error({
statusCode: error.statusCode,
body: { message: error.message, full_error: JSON.stringify(e) },
bypassErrorFormat: true,
});
}
}
);
};
114 changes: 39 additions & 75 deletions x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/get.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,11 @@
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { IKibanaResponse, KibanaResponseFactory, Logger } from '@kbn/core/server';
import type { Logger } from '@kbn/core/server';
import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { SecuritySolutionRequestHandlerContext } from '../../../../types';
import {
ASSET_CRITICALITY_INTERNAL_URL,
ASSET_CRITICALITY_PUBLIC_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
Expand All @@ -22,77 +20,6 @@ import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setti
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
type GetHandler = (
context: SecuritySolutionRequestHandlerContext,
request: {
query: AssetCriticalityRecordIdParts;
},
response: KibanaResponseFactory
) => Promise<IKibanaResponse>;

const handler: (logger: Logger) => GetHandler = (logger) => async (context, request, response) => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);

const securitySolution = await context.securitySolution;
const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();
const record = await assetCriticalityClient.get({
idField: request.query.id_field,
idValue: request.query.id_value,
});

if (!record) {
return response.notFound();
}

securitySolution.getAuditLogger()?.log({
message: 'User accessed the criticality level for an entity',
event: {
action: AssetCriticalityAuditActions.ASSET_CRITICALITY_GET,
category: AUDIT_CATEGORY.DATABASE,
type: AUDIT_TYPE.ACCESS,
outcome: AUDIT_OUTCOME.SUCCESS,
},
});

return response.ok({ body: record });
} catch (e) {
const error = transformError(e);

return siemResponse.error({
statusCode: error.statusCode,
body: { message: error.message, full_error: JSON.stringify(e) },
bypassErrorFormat: true,
});
}
};

export const assetCriticalityInternalGetRoute = (
router: EntityAnalyticsRoutesDeps['router'],
logger: Logger
) => {
router.versioned
.get({
access: 'internal',
path: ASSET_CRITICALITY_INTERNAL_URL,
options: {
tags: ['access:securitySolution', `access:${APP_ID}-entity-analytics`],
},
})
.addVersion(
{
version: API_VERSIONS.internal.v1,
validate: {
request: {
query: buildRouteValidationWithZod(AssetCriticalityRecordIdParts),
},
},
},
handler(logger)
);
};

export const assetCriticalityPublicGetRoute = (
router: EntityAnalyticsRoutesDeps['router'],
Expand All @@ -115,6 +42,43 @@ export const assetCriticalityPublicGetRoute = (
},
},
},
handler(logger)
async (context, request, response) => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);

const securitySolution = await context.securitySolution;
const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();
const record = await assetCriticalityClient.get({
idField: request.query.id_field,
idValue: request.query.id_value,
});

if (!record) {
return response.notFound();
}

securitySolution.getAuditLogger()?.log({
message: 'User accessed the criticality level for an entity',
event: {
action: AssetCriticalityAuditActions.ASSET_CRITICALITY_GET,
category: AUDIT_CATEGORY.DATABASE,
type: AUDIT_TYPE.ACCESS,
outcome: AUDIT_OUTCOME.SUCCESS,
},
});

return response.ok({ body: record });
} catch (e) {
const error = transformError(e);

return siemResponse.error({
statusCode: error.statusCode,
body: { message: error.message, full_error: JSON.stringify(e) },
bypassErrorFormat: true,
});
}
}
);
};
16 changes: 4 additions & 12 deletions ...server/lib/entity_analytics/asset_criticality/routes/register_asset_criticality_routes.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,11 @@
* 2.0.
*/
import { assetCriticalityInternalStatusRoute } from './status';
import { assetCriticalityPublicUpsertRoute, assetCriticalityInternalUpsertRoute } from './upsert';
import { assetCriticalityInternalGetRoute, assetCriticalityPublicGetRoute } from './get';
import { assetCriticalityPublicDeleteRoute, assetCriticalityInternalDeleteRoute } from './delete';
import { assetCriticalityPublicUpsertRoute } from './upsert';
import { assetCriticalityPublicGetRoute } from './get';
import { assetCriticalityPublicDeleteRoute } from './delete';
import { assetCriticalityInternalPrivilegesRoute } from './privileges';
import {
assetCriticalityInternalCSVUploadRoute,
assetCriticalityPublicCSVUploadRoute,
} from './upload_csv';
import { assetCriticalityPublicCSVUploadRoute } from './upload_csv';
import { assetCriticalityPublicListRoute } from './list';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { assetCriticalityPublicBulkUploadRoute } from './bulk_upload';
Expand All @@ -24,13 +21,8 @@ export const registerAssetCriticalityRoutes = ({
getStartServices,
}: EntityAnalyticsRoutesDeps) => {
// Internal routes
assetCriticalityInternalCSVUploadRoute(router, logger, config, getStartServices);
assetCriticalityInternalDeleteRoute(router, logger);
assetCriticalityInternalGetRoute(router, logger);
assetCriticalityInternalPrivilegesRoute(router, logger, getStartServices);
assetCriticalityInternalStatusRoute(router, logger);
assetCriticalityInternalUpsertRoute(router, logger);

// Public routes
assetCriticalityPublicCSVUploadRoute(router, logger, config, getStartServices);
assetCriticalityPublicBulkUploadRoute(router, logger, config);
Expand Down
Loading

0 comments on commit 7500f38

Please sign in to comment.