[Security Solution][Exceptions] - Initial updates to exceptions viewer UX (#138770)

## Summary **API changes** - Adds API for determining the list-rule references. - Updates the exception items find api to include the `search` param which allows for simple search queries - used with the EUI search bar **UI updates** - Moved the exception components into new `rule_exceptions` folder per suggested folder structure updates listed [here](https://github.com/elastic/kibana/issues/138600) - Updates the rule details tabs to split endpoint and rule exceptions into their own tabs - Updates the viewer utilities header now that these different exception types are split - Updates exception item UI to match new designs - Updates the UI for when there are no items - Removes `use_exception_list_items` hook as it is no longer in use - Flyouts (add/edit) remain untouched
2025-06-27 18:51:07 -04:00 · 2022-09-08 13:41:52 -07:00 · 2022-09-08 13:41:52 -07:00 · 194e0d7144
commit 194e0d7144
parent 32491462a9
129 changed files with 4860 additions and 3940 deletions
--- a/packages/kbn-securitysolution-list-api/src/api/index.ts
+++ b/packages/kbn-securitysolution-list-api/src/api/index.ts
@ -34,8 +34,6 @@ import {
 import {
  ENDPOINT_LIST_URL,
  EXCEPTION_LIST_ITEM_URL,
-  EXCEPTION_LIST_NAMESPACE,
-  EXCEPTION_LIST_NAMESPACE_AGNOSTIC,
  EXCEPTION_LIST_URL,
 } from '@kbn/securitysolution-list-constants';
 import { toError, toPromise } from '../fp_utils';
@ -324,7 +322,8 @@ export { fetchExceptionListByIdWithValidation as fetchExceptionListById };
 * @param http Kibana http service
 * @param listIds ExceptionList list_ids (not ID)
 * @param namespaceTypes ExceptionList namespace_types
- * @param filterOptions optional - filter by field or tags
+ * @param search optional - simple search string
+ * @param filter optional
 * @param pagination optional
 * @param signal to cancel request
 *
@ -334,36 +333,20 @@ const fetchExceptionListsItemsByListIds = async ({
  http,
  listIds,
  namespaceTypes,
-  filterOptions,
+  filter,
  pagination,
+  search,
  signal,
 }: ApiCallByListIdProps): Promise<FoundExceptionListItemSchema> => {
-  const filters: string = filterOptions
-    .map<string>((filter, index) => {
-      const namespace = namespaceTypes[index];
-      const filterNamespace =
-        namespace === 'agnostic' ? EXCEPTION_LIST_NAMESPACE_AGNOSTIC : EXCEPTION_LIST_NAMESPACE;
-      const formattedFilters = [
-        ...(filter.filter.length
-          ? [`${filterNamespace}.attributes.entries.field:${filter.filter}*`]
-          : []),
-        ...(filter.tags.length
-          ? filter.tags.map((t) => `${filterNamespace}.attributes.tags:${t}`)
-          : []),
-      ];
-
-      return formattedFilters.join(' AND ');
-    })
-    .join(',');
-
  const query = {
    list_id: listIds.join(','),
    namespace_type: namespaceTypes.join(','),
    page: pagination.page ? `${pagination.page}` : '1',
    per_page: pagination.perPage ? `${pagination.perPage}` : '20',
+    search,
    sort_field: 'exception-list.created_at',
    sort_order: 'desc',
-    ...(filters.trim() !== '' ? { filter: filters } : {}),
+    filter,
  };

  return http.fetch<FoundExceptionListItemSchema>(`${EXCEPTION_LIST_ITEM_URL}/_find`, {
@ -374,11 +357,12 @@ const fetchExceptionListsItemsByListIds = async ({
 };

 const fetchExceptionListsItemsByListIdsWithValidation = async ({
-  filterOptions,
+  filter,
  http,
  listIds,
  namespaceTypes,
  pagination,
+  search,
  signal,
 }: ApiCallByListIdProps): Promise<FoundExceptionListItemSchema> =>
  flow(
@ -386,11 +370,12 @@ const fetchExceptionListsItemsByListIdsWithValidation = async ({
      tryCatch(
        () =>
          fetchExceptionListsItemsByListIds({
-            filterOptions,
+            filter,
            http,
            listIds,
            namespaceTypes,
            pagination,
+            search,
            signal,
          }),
        toError