[Security Solution][Case] Fix subcases bugs on detections and case view #91836
Conversation
cnasikas
added
Team:Security
|
Pinging @elastic/kibana-security (Team:Security) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
azasypkin
added
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
cnasikas
changed the title
cnasikas
added
Team:Threat Hunting
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
cnasikas
changed the title
cnasikas
added
the
bug
cnasikas
force-pushed
the
fix_subcases_bugs
branch
from
b73f02f
to
348772a
Compare
cnasikas
force-pushed
the
fix_subcases_bugs
branch
from
13b811b
to
41fd862
Compare
x-pack/plugins/security_solution/public/cases/components/create/form_context.tsx
Show resolved
Hide resolved
...ck/plugins/security_solution/public/cases/components/timeline_actions/add_to_case_action.tsx
Show resolved
Hide resolved
cnasikas
force-pushed
the
fix_subcases_bugs
branch
from
e6c44b9
to
6131afa
Compare
There was a problem hiding this comment.
Nice work here!
I tested a couple things:
Manually adding alerts to case
- Collections are disabled ✅
- Sub cases are clickable ✅
One UX improvement here I think would be to use a different color for the disabled rows in the table. Currently it looks like the collections are already selected. I'm not sure how much work that'd be to change though.
Navigating to a collection
- No longer shows the status ✅
Adding/editing a comment on a sub case ✅
User actions are shown for sub case ✅
Manually attaching an alert for a sub case ✅
I'm not sure if this was something we were trying to address in this PR but an empty collection has it's status displayed and is selectable for bulk actions. I think that might be an existing issue though. I added it to the meta ticket here: #91843
| onStatusChanged={changeStatus} | ||
| disabled={!userCanCrud} | ||
| isLoading={isLoading && updateKey === 'status'} | ||
| {(caseData.type !== CaseType.collection || hasDataToPush) && ( |
There was a problem hiding this comment.
I was trying to find a better way to do this instead of having the double checks but couldn't think of one haha 👍
There was a problem hiding this comment.
Me too. I fought a lot with this :)
| @@ -29,7 +29,7 @@ export const useCreateCaseModal = ({ | |||
| const closeModal = useCallback(() => setIsModalOpen(false), []); | |||
| const openModal = useCallback(() => setIsModalOpen(true), []); | |||
| const onSuccess = useCallback( | |||
| (theCase) => { | |||
| async (theCase) => { | |||
There was a problem hiding this comment.
Do we need the async here? Do we need an await on one of the calls?
There was a problem hiding this comment.
form_context.tsx expects onSuccess: (theCase: Case) => Promise<void> and waits for the onSuccess to be fulfilled. Do you think it shouldn't?
|
@jonathan-buttner Thank you so much for testing!!
You are right. I think we should discuss it with @monina-n and address it on another PR.
Yes, it wasn't supposed to be addressed in this PR. Maybe this #91863 gonna address it. |
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: cc @cnasikas |
…ew (elastic#91836) Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co> # Conflicts: # x-pack/plugins/security_solution/public/cases/components/status/config.ts
…bana into task-manager/docs-monitoring * 'task-manager/docs-monitoring' of github.com:gmmorris/kibana: (40 commits) [Security Solution][Case][Bug] Improve case logging (elastic#91924) [Alerts][Doc] Added README documentation for alerts plugin status and framework health checks configuration options. (elastic#92761) Add warning for EQL and Threshold rules if exception list contains value list items (elastic#92914) [Security Solution][Case] Fix subcases bugs on detections and case view (elastic#91836) [APM] Always allow access to Profiling via URL (elastic#92889) [Vega] Allow image loading without CORS policy by changing the default to crossOrigin=null (elastic#91991) skip flaky suite (elastic#92114) [APM] Fix for default fields in correlations view (elastic#91868) (elastic#92090) chore(NA): bump bazelisk to v1.7.5 (elastic#92905) [Maps] fix selecting EMS basemap does not populate input (elastic#92711) API docs (elastic#92827) [kbn/test] add import/export support to KbnClient (elastic#92526) Test fix management scripted field filter functional test and unskip it (elastic#92756) [App Search] Create Curation view/functionality (elastic#92560) [Reporting/Discover] include the document's entire set of fields (elastic#92730) [Fleet] Add new index to fleet for artifacts being served out of fleet-server (elastic#92860) [Alerts][Doc] Added README documentation for API key invalidation configuration options. (elastic#92757) [Discover][docs] Add search for relevance (elastic#90611) [Alerts][Docs] Extended README.md and the user docs with the licensing information. (elastic#92564) [7.12][Telemetry] Security telemetry allowlist fix. (elastic#92850) ...
…ew (elastic#91836) Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co> # Conflicts: # x-pack/plugins/security_solution/public/cases/components/status/config.ts
Summary
Fixes a list of bugs on detections and case view:
[request query.subCaseId]: definition for this key is missingCaseResponseRtand the backend is sending aCollectionWithSubCaseResponseRtMeta: #91843
Checklist
Delete any items that are not applicable to this PR.
For maintainers