-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution][Detections] Refactor ML calls for newest ML permissions #74582
Changes from all commits
7e7e013
12a6077
5be0906
d3e0460
49ca692
e5a842f
36d9d4b
d195945
a527d5d
9fc91f3
bd2c199
12f27ac
23beb1f
f4781c2
62b479f
66365dc
f376baa
404974c
96f3608
f7aa1fd
be0a06c
7f6aaae
70b7821
b41dfd3
15f26ec
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { emptyMlCapabilities } from './empty_ml_capabilities'; | ||
import { hasMlLicense } from './has_ml_license'; | ||
|
||
describe('hasMlLicense', () => { | ||
test('it returns false when license is not platinum or trial', () => { | ||
const capabilities = { ...emptyMlCapabilities, isPlatinumOrTrialLicense: false }; | ||
expect(hasMlLicense(capabilities)).toEqual(false); | ||
}); | ||
|
||
test('it returns true when license is platinum or trial', () => { | ||
const capabilities = { ...emptyMlCapabilities, isPlatinumOrTrialLicense: true }; | ||
expect(hasMlLicense(capabilities)).toEqual(true); | ||
}); | ||
}); |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { MlCapabilitiesResponse } from '../../../ml/common/types/capabilities'; | ||
|
||
export const hasMlLicense = (capabilities: MlCapabilitiesResponse): boolean => | ||
capabilities.isPlatinumOrTrialLicense; |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { HttpSetup } from '../../../../../../../../src/core/public'; | ||
import { MlSummaryJob } from '../../../../../../ml/public'; | ||
|
||
export interface GetJobsSummaryArgs { | ||
http: HttpSetup; | ||
jobIds?: string[]; | ||
signal: AbortSignal; | ||
} | ||
|
||
/** | ||
* Fetches a summary of all ML jobs currently installed | ||
* | ||
* @param http HTTP Service | ||
* @param jobIds Array of job IDs to filter against | ||
* @param signal to cancel request | ||
* | ||
* @throws An error if response is not OK | ||
*/ | ||
export const getJobsSummary = async ({ | ||
http, | ||
jobIds, | ||
signal, | ||
}: GetJobsSummaryArgs): Promise<MlSummaryJob[]> => | ||
http.fetch<MlSummaryJob[]>('/api/ml/jobs/jobs_summary', { | ||
method: 'POST', | ||
body: JSON.stringify({ jobIds: jobIds ?? [] }), | ||
asSystemRequest: true, | ||
signal, | ||
}); |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { useAsync, withOptionalSignal } from '../../../../shared_imports'; | ||
import { getJobsSummary } from '../api/get_jobs_summary'; | ||
|
||
const _getJobsSummary = withOptionalSignal(getJobsSummary); | ||
|
||
export const useGetJobsSummary = () => useAsync(_getJobsSummary); | ||
Comment on lines
+10
to
+12
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Really liking how the new composable hooks are turning out. Keeps the actual API request logic small and easy to grok, while making creating specific hooks like above super simple. Autocomplete is all 👍 too, so that's nice as well. Thanks for all the effort here @rylnd 🙂 |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { getMlCapabilities } from '../api/get_ml_capabilities'; | ||
import { useAsync, withOptionalSignal } from '../../../../shared_imports'; | ||
|
||
const _getMlCapabilities = withOptionalSignal(getMlCapabilities); | ||
|
||
export const useGetMlCapabilities = () => useAsync(_getMlCapabilities); |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,99 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { renderHook } from '@testing-library/react-hooks'; | ||
|
||
import { hasMlUserPermissions } from '../../../../../common/machine_learning/has_ml_user_permissions'; | ||
import { hasMlLicense } from '../../../../../common/machine_learning/has_ml_license'; | ||
import { isSecurityJob } from '../../../../../common/machine_learning/is_security_job'; | ||
import { useAppToasts } from '../../../hooks/use_app_toasts'; | ||
import { useAppToastsMock } from '../../../hooks/use_app_toasts.mock'; | ||
import { mockJobsSummaryResponse } from '../../ml_popover/api.mock'; | ||
import { getJobsSummary } from '../api/get_jobs_summary'; | ||
import { useInstalledSecurityJobs } from './use_installed_security_jobs'; | ||
|
||
jest.mock('../../../../../common/machine_learning/has_ml_user_permissions'); | ||
jest.mock('../../../../../common/machine_learning/has_ml_license'); | ||
jest.mock('../../../hooks/use_app_toasts'); | ||
jest.mock('../api/get_jobs_summary'); | ||
|
||
describe('useInstalledSecurityJobs', () => { | ||
let appToastsMock: jest.Mocked<ReturnType<typeof useAppToastsMock.create>>; | ||
|
||
beforeEach(() => { | ||
appToastsMock = useAppToastsMock.create(); | ||
(useAppToasts as jest.Mock).mockReturnValue(appToastsMock); | ||
(getJobsSummary as jest.Mock).mockResolvedValue(mockJobsSummaryResponse); | ||
}); | ||
|
||
describe('when the user has permissions', () => { | ||
beforeEach(() => { | ||
(hasMlUserPermissions as jest.Mock).mockReturnValue(true); | ||
(hasMlLicense as jest.Mock).mockReturnValue(true); | ||
}); | ||
|
||
it('returns jobs and permissions', async () => { | ||
const { result, waitForNextUpdate } = renderHook(() => useInstalledSecurityJobs()); | ||
await waitForNextUpdate(); | ||
|
||
expect(result.current.jobs).toHaveLength(3); | ||
expect(result.current.jobs).toEqual( | ||
expect.arrayContaining([ | ||
{ | ||
datafeedId: 'datafeed-siem-api-rare_process_linux_ecs', | ||
datafeedIndices: ['auditbeat-*'], | ||
datafeedState: 'stopped', | ||
description: 'SIEM Auditbeat: Detect unusually rare processes on Linux (beta)', | ||
earliestTimestampMs: 1557353420495, | ||
groups: ['siem'], | ||
hasDatafeed: true, | ||
id: 'siem-api-rare_process_linux_ecs', | ||
isSingleMetricViewerJob: true, | ||
jobState: 'closed', | ||
latestTimestampMs: 1557434782207, | ||
memory_status: 'hard_limit', | ||
processed_record_count: 582251, | ||
}, | ||
]) | ||
); | ||
expect(result.current.isMlUser).toEqual(true); | ||
expect(result.current.isLicensed).toEqual(true); | ||
}); | ||
|
||
it('filters out non-security jobs', async () => { | ||
const { result, waitForNextUpdate } = renderHook(() => useInstalledSecurityJobs()); | ||
await waitForNextUpdate(); | ||
|
||
expect(result.current.jobs.length).toBeGreaterThan(0); | ||
expect(result.current.jobs.every(isSecurityJob)).toEqual(true); | ||
}); | ||
|
||
it('renders a toast error if the ML call fails', async () => { | ||
(getJobsSummary as jest.Mock).mockRejectedValue('whoops'); | ||
const { waitForNextUpdate } = renderHook(() => useInstalledSecurityJobs()); | ||
await waitForNextUpdate(); | ||
|
||
expect(appToastsMock.addError).toHaveBeenCalledWith('whoops', { | ||
title: 'Security job fetch failure', | ||
}); | ||
Comment on lines
+74
to
+81
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We've had a gap in our coverage around the ML hooks for a long time, so awesome to see these tests! 🚀 🎉 |
||
}); | ||
}); | ||
|
||
describe('when the user does not have valid permissions', () => { | ||
beforeEach(() => { | ||
(hasMlUserPermissions as jest.Mock).mockReturnValue(false); | ||
(hasMlLicense as jest.Mock).mockReturnValue(false); | ||
}); | ||
|
||
it('returns empty jobs and false predicates', () => { | ||
const { result } = renderHook(() => useInstalledSecurityJobs()); | ||
|
||
expect(result.current.jobs).toEqual([]); | ||
expect(result.current.isMlUser).toEqual(false); | ||
expect(result.current.isLicensed).toEqual(false); | ||
}); | ||
}); | ||
}); |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License; | ||
* you may not use this file except in compliance with the Elastic License. | ||
*/ | ||
|
||
import { useEffect, useState } from 'react'; | ||
|
||
import { MlSummaryJob } from '../../../../../../ml/public'; | ||
import { hasMlUserPermissions } from '../../../../../common/machine_learning/has_ml_user_permissions'; | ||
import { hasMlLicense } from '../../../../../common/machine_learning/has_ml_license'; | ||
import { isSecurityJob } from '../../../../../common/machine_learning/is_security_job'; | ||
import { useAppToasts } from '../../../hooks/use_app_toasts'; | ||
import { useHttp } from '../../../lib/kibana'; | ||
import { useMlCapabilities } from './use_ml_capabilities'; | ||
import * as i18n from '../translations'; | ||
import { useGetJobsSummary } from './use_get_jobs_summary'; | ||
|
||
export interface UseInstalledSecurityJobsReturn { | ||
loading: boolean; | ||
jobs: MlSummaryJob[]; | ||
isMlUser: boolean; | ||
isLicensed: boolean; | ||
} | ||
|
||
/** | ||
* Returns a collection of installed ML jobs (MlSummaryJob) relevant to | ||
* Security Solution, i.e. all installed jobs in the `security` ML group. | ||
* Use the corresponding helper functions to filter the job list as | ||
* necessary (running jobs, etc). | ||
* | ||
*/ | ||
export const useInstalledSecurityJobs = (): UseInstalledSecurityJobsReturn => { | ||
const [jobs, setJobs] = useState<MlSummaryJob[]>([]); | ||
const { addError } = useAppToasts(); | ||
const mlCapabilities = useMlCapabilities(); | ||
const http = useHttp(); | ||
const { error, loading, result, start } = useGetJobsSummary(); | ||
|
||
const isMlUser = hasMlUserPermissions(mlCapabilities); | ||
const isLicensed = hasMlLicense(mlCapabilities); | ||
|
||
useEffect(() => { | ||
if (isMlUser && isLicensed) { | ||
start({ http }); | ||
} | ||
}, [http, isMlUser, isLicensed, start]); | ||
|
||
useEffect(() => { | ||
if (result) { | ||
const securityJobs = result.filter(isSecurityJob); | ||
setJobs(securityJobs); | ||
} | ||
}, [result]); | ||
|
||
useEffect(() => { | ||
if (error) { | ||
addError(error, { title: i18n.SIEM_JOB_FETCH_FAILURE }); | ||
} | ||
}, [addError, error]); | ||
|
||
return { isLicensed, isMlUser, jobs, loading }; | ||
}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
++ for refactoring to leverage
useAppToasts
, thanks!