github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution] Add missing Exceptions API OpenAPI specifications (#185951)

Browse source 
**Resolves:** https://github.com/elastic/kibana/issues/183837

## Summary

This PR adds missing OpenAPI specifications for Exceptions API which are the following

- `POST /api/exception_lists/_export`
- `POST /api/exception_lists/_import`
- `POST /api/exception_lists`
- `GET /api/exception_lists`
- `PUT /api/exception_lists`
- `DELETE /api/exception_lists`
- `GET /api/exception_lists/_find`
- `POST /api/exception_lists/_duplicate`
- `POST /api/exception_lists/items`
- `GET /api/exception_lists/items`
- `PUT /api/exception_lists/items`
- `DELETE /api/exception_lists/items`
- `GET /api/exception_lists/items/_find`
- `GET /api/exception_lists/summary`
- `POST /api/exceptions/shared` 
- `POST /api/detection_engine/rules/{id}/exceptions`
This commit is contained in:
Maxim Palenov 2024-07-15 13:12:56 +02:00 committed by GitHub
parent 7d61b7e99f
commit 4d7c36cee9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
112 changed files with 4467 additions and 1056 deletions
Download patch file Download diff file Expand all files Collapse all files

11
.buildkite/scripts/steps/code_generation/security_solution_codegen.sh
View file

@ -6,17 +6,22 @@ source .buildkite/scripts/common/util.sh
echo --- Security Solution OpenAPI Code Generation
echo OpenAPI Common Package
echo -e "\n[Security Solution OpenAPI Code Generation] OpenAPI Common Package"
(cd packages/kbn-openapi-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
echo Lists API Common Package
echo -e "\n[Security Solution OpenAPI Code Generation] Lists Common Package\n"
(cd packages/kbn-securitysolution-lists-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
echo Security Solution Plugin
echo -e "\n[Security Solution OpenAPI Code Generation] Exceptions Common Package"
(cd packages/kbn-securitysolution-exceptions-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
echo -e "\n[Security Solution OpenAPI Code Generation] Security Solution Plugin"
(cd x-pack/plugins/security_solution && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true

2
.github/CODEOWNERS vendored
View file

@ -752,6 +752,7 @@ x-pack/packages/security-solution/data_table @elastic/security-threat-hunting-in
packages/kbn-securitysolution-ecs @elastic/security-threat-hunting-explore
packages/kbn-securitysolution-es-utils @elastic/security-detection-engine
packages/kbn-securitysolution-exception-list-components @elastic/security-detection-engine
packages/kbn-securitysolution-exceptions-common @elastic/security-detection-engine
packages/kbn-securitysolution-hook-utils @elastic/security-detection-engine
packages/kbn-securitysolution-io-ts-alerting-types @elastic/security-detection-engine
packages/kbn-securitysolution-io-ts-list-types @elastic/security-detection-engine
@ -1236,6 +1237,7 @@ x-pack/test/observability_ai_assistant_functional @elastic/obs-ai-assistant
/.buildkite/scripts/steps/esql_grammar_sync.sh @elastic/kibana-esql
/.buildkite/scripts/steps/esql_generate_function_metadata.sh @elastic/kibana-esql
/.buildkite/pipelines/esql_grammar_sync.yml @elastic/kibana-esql
/.buildkite/scripts/steps/code_generation/security_solution_codegen.sh @elastic/security-detection-rule-management
/kbn_pm/ @elastic/kibana-operations
/x-pack/dev-tools @elastic/kibana-operations
/catalog-info.yaml @elastic/kibana-operations @elastic/kibana-tech-leads

1
package.json
View file

@ -762,6 +762,7 @@
"@kbn/securitysolution-ecs": "link:packages/kbn-securitysolution-ecs",
"@kbn/securitysolution-es-utils": "link:packages/kbn-securitysolution-es-utils",
"@kbn/securitysolution-exception-list-components": "link:packages/kbn-securitysolution-exception-list-components",
"@kbn/securitysolution-exceptions-common": "link:packages/kbn-securitysolution-exceptions-common",
"@kbn/securitysolution-hook-utils": "link:packages/kbn-securitysolution-hook-utils",
"@kbn/securitysolution-io-ts-alerting-types": "link:packages/kbn-securitysolution-io-ts-alerting-types",
"@kbn/securitysolution-io-ts-list-types": "link:packages/kbn-securitysolution-io-ts-list-types",

9
packages/kbn-openapi-common/shared/index.ts Normal file
View file

@ -0,0 +1,9 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
export * from './path_params_replacer';

41
packages/kbn-openapi-common/shared/path_params_replacer.ts Normal file
View file

@ -0,0 +1,41 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/**
* Replaces placeholders in a path string with provided param value
*
* @param path Path string with placeholders for params
* @param params Object with params to replace
* @returns Path string with params replaced
*
* @example
* Having a path string `my/path/{param1}/to/{param2}` and params object
*
* ```ts
* const params = {
* param1: 'value1',
* param2: 'value2,
* }
* ```
*
* and invoking the function
*
* ```ts
* replaceParams('my/path/{param1}/to/{param2}', params);
* ```
*
* it will return `my/path/value1/to/value2`.
*
*/
export function replaceParams(path: string, params: Record<string, string | number>): string {
let output = path;
Object.entries(params).forEach(([param, value]) => {
output = path.replace(`{${param}}`, `${value}`);
});
return output;
}

16
packages/kbn-openapi-generator/src/template_service/templates/api_client_supertest.handlebars
View file

@ -8,6 +8,7 @@
{{> disclaimer}}
import { ELASTIC_HTTP_VERSION_HEADER, X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import { replaceParams } from '@kbn/openapi-common/shared';
import { FtrProviderContext } from 'x-pack/test/api_integration/ftr_provider_context';
{{#each operations}}
@ -50,18 +51,3 @@ export interface {{operationId}}Props {
}
{{/if}}
{{/each}}
/**
* Replaces placeholders in a path string with provided param value
*
* @param path Path string with placeholders for params
* @param params Object with params to replace
* @returns Path string with params replaced
*/
function replaceParams(path: string, params: Record<string, string | number>): string {
let output = path;
Object.entries(params).forEach(([param, value]) => {
output = path.replace(`{${param}}`, `${value}`);
});
return output;
}

20
packages/kbn-securitysolution-exceptions-common/README.md Normal file
View file

@ -0,0 +1,20 @@
# Security Solution Exceptions common package
The package contains common files for the Exceptions feature.
`common` in the name highlights that this package is intended to combine any common entities related to Exceptions in this package. E.g. the other `kbn-securitysolution-exception-list-*` packages
content should be moved here while `kbn-securitysolution-io-ts-list-types` package should be
gone eventually.
## API folder
`api` folder contains OpenAPI schemas for Security Solution Exceptions feature. There are automatically generated Zod schemas and TS types for each schemas located in corresponding
`*.gen.ts` files.
**Please add any Exceptions feature related schemas to this package.**
TS types and/or Zod schemas can be imported in a plugin or another package like
```ts
import { CreateExceptionRequestBody } from '@kbn/securitysolution-exceptions-common/api';
```

48
packages/kbn-securitysolution-exceptions-common/api/create_exception_list/create_exception_list.gen.ts Normal file
View file

@ -0,0 +1,48 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Create exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListHumanId,
ExceptionListName,
ExceptionListDescription,
ExceptionListType,
ExceptionNamespaceType,
ExceptionListOsTypeArray,
ExceptionListTags,
ExceptionListMeta,
ExceptionListVersion,
ExceptionList,
} from '../model/exception_list_common.gen';
export type CreateExceptionListRequestBody = z.infer<typeof CreateExceptionListRequestBody>;
export const CreateExceptionListRequestBody = z.object({
list_id: ExceptionListHumanId.optional(),
name: ExceptionListName,
description: ExceptionListDescription,
type: ExceptionListType,
namespace_type: ExceptionNamespaceType.optional().default('single'),
os_types: ExceptionListOsTypeArray.optional(),
tags: ExceptionListTags.optional().default([]),
meta: ExceptionListMeta.optional(),
version: ExceptionListVersion.optional().default(1),
});
export type CreateExceptionListRequestBodyInput = z.input<typeof CreateExceptionListRequestBody>;
export type CreateExceptionListResponse = z.infer<typeof CreateExceptionListResponse>;
export const CreateExceptionListResponse = ExceptionList;

85
packages/kbn-securitysolution-exceptions-common/api/create_exception_list/create_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,85 @@
openapi: 3.0.0
info:
title: Create exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists:
post:
x-labels: [serverless, ess]
operationId: CreateExceptionList
x-codegen-enabled: true
summary: Creates an exception list
tags:
- Exceptions API
requestBody:
description: Exception list's properties
required: true
content:
application/json:
schema:
type: object
properties:
list_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
name:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListName'
description:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListDescription'
type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListType'
namespace_type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: 'single'
os_types:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListOsTypeArray'
tags:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListTags'
default: []
meta:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListMeta'
version:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListVersion'
default: 1
required:
- name
- description
- type
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
409:
description: Exception list already exists response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

65
packages/kbn-securitysolution-exceptions-common/api/create_exception_list_item/create_exception_list_item.gen.ts Normal file
View file

@ -0,0 +1,65 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Create exception list item API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import { NonEmptyString } from '@kbn/openapi-common/schemas/primitives.gen';
import {
ExceptionListItemHumanId,
ExceptionListHumanId,
ExceptionListItemType,
ExceptionListItemName,
ExceptionListItemDescription,
ExceptionNamespaceType,
ExceptionListItemOsTypeArray,
ExceptionListItemTags,
ExceptionListItemMeta,
ExceptionListItem,
} from '../model/exception_list_common.gen';
import { ExceptionListItemEntryArray } from '../model/exception_list_item_entry.gen';
export type CreateExceptionListItemComment = z.infer<typeof CreateExceptionListItemComment>;
export const CreateExceptionListItemComment = z.object({
comment: NonEmptyString,
});
export type CreateExceptionListItemCommentArray = z.infer<
typeof CreateExceptionListItemCommentArray
>;
export const CreateExceptionListItemCommentArray = z.array(CreateExceptionListItemComment);
export type CreateExceptionListItemRequestBody = z.infer<typeof CreateExceptionListItemRequestBody>;
export const CreateExceptionListItemRequestBody = z.object({
item_id: ExceptionListItemHumanId.optional(),
list_id: ExceptionListHumanId,
type: ExceptionListItemType,
name: ExceptionListItemName,
description: ExceptionListItemDescription,
entries: ExceptionListItemEntryArray,
namespace_type: ExceptionNamespaceType.optional().default('single'),
os_types: ExceptionListItemOsTypeArray.optional().default([]),
tags: ExceptionListItemTags.optional().default([]),
meta: ExceptionListItemMeta.optional(),
expire_time: z.string().datetime().optional(),
comments: CreateExceptionListItemCommentArray.optional().default([]),
});
export type CreateExceptionListItemRequestBodyInput = z.input<
typeof CreateExceptionListItemRequestBody
>;
export type CreateExceptionListItemResponse = z.infer<typeof CreateExceptionListItemResponse>;
export const CreateExceptionListItemResponse = ExceptionListItem;

111
packages/kbn-securitysolution-exceptions-common/api/create_exception_list_item/create_exception_list_item.schema.yaml Normal file
View file

@ -0,0 +1,111 @@
openapi: 3.0.0
info:
title: Create exception list item API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/items:
post:
x-labels: [serverless, ess]
operationId: CreateExceptionListItem
x-codegen-enabled: true
summary: Creates an exception list item
tags:
- Exceptions API
requestBody:
description: Exception list item's properties
required: true
content:
application/json:
schema:
type: object
properties:
item_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemHumanId'
list_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemType'
name:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemName'
description:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemDescription'
entries:
$ref: '../model/exception_list_item_entry.schema.yaml#/components/schemas/ExceptionListItemEntryArray'
namespace_type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: 'single'
os_types:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemOsTypeArray'
default: []
tags:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemTags'
default: []
meta:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemMeta'
expire_time:
type: string
format: date-time
comments:
$ref: '#/components/schemas/CreateExceptionListItemCommentArray'
default: []
required:
- list_id
- type
- name
- description
- entries
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItem'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
409:
description: Exception list item already exists response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
components:
x-codegen-enabled: true
schemas:
CreateExceptionListItemComment:
type: object
properties:
comment:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
required:
- comment
CreateExceptionListItemCommentArray:
type: array
items:
$ref: '#/components/schemas/CreateExceptionListItemComment'

88
packages/kbn-securitysolution-exceptions-common/api/create_rule_exceptions/create_rule_exceptions.gen.ts Normal file
View file

@ -0,0 +1,88 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Create rule exception list items API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import { UUID, NonEmptyString } from '@kbn/openapi-common/schemas/primitives.gen';
import {
ExceptionListItem,
ExceptionListItemHumanId,
ExceptionListItemType,
ExceptionListItemName,
ExceptionListItemDescription,
ExceptionNamespaceType,
ExceptionListItemOsTypeArray,
ExceptionListItemTags,
ExceptionListItemMeta,
} from '../model/exception_list_common.gen';
import { ExceptionListItemEntryArray } from '../model/exception_list_item_entry.gen';
export type RuleId = z.infer<typeof RuleId>;
export const RuleId = UUID;
export type CreateRuleExceptionListItemComment = z.infer<typeof CreateRuleExceptionListItemComment>;
export const CreateRuleExceptionListItemComment = z.object({
comment: NonEmptyString,
});
export type CreateRuleExceptionListItemCommentArray = z.infer<
typeof CreateRuleExceptionListItemCommentArray
>;
export const CreateRuleExceptionListItemCommentArray = z.array(CreateRuleExceptionListItemComment);
export type CreateRuleExceptionListItemProps = z.infer<typeof CreateRuleExceptionListItemProps>;
export const CreateRuleExceptionListItemProps = z.object({
item_id: ExceptionListItemHumanId.optional(),
type: ExceptionListItemType,
name: ExceptionListItemName,
description: ExceptionListItemDescription,
entries: ExceptionListItemEntryArray,
namespace_type: ExceptionNamespaceType.optional().default('single'),
os_types: ExceptionListItemOsTypeArray.optional().default([]),
tags: ExceptionListItemTags.optional().default([]),
meta: ExceptionListItemMeta.optional(),
expire_time: z.string().datetime().optional(),
comments: CreateRuleExceptionListItemCommentArray.optional().default([]),
});
export type CreateRuleExceptionListItemsRequestParams = z.infer<
typeof CreateRuleExceptionListItemsRequestParams
>;
export const CreateRuleExceptionListItemsRequestParams = z.object({
/**
* Detection rule's identifier
*/
id: RuleId,
});
export type CreateRuleExceptionListItemsRequestParamsInput = z.input<
typeof CreateRuleExceptionListItemsRequestParams
>;
export type CreateRuleExceptionListItemsRequestBody = z.infer<
typeof CreateRuleExceptionListItemsRequestBody
>;
export const CreateRuleExceptionListItemsRequestBody = z.object({
items: z.array(CreateRuleExceptionListItemProps),
});
export type CreateRuleExceptionListItemsRequestBodyInput = z.input<
typeof CreateRuleExceptionListItemsRequestBody
>;
export type CreateRuleExceptionListItemsResponse = z.infer<
typeof CreateRuleExceptionListItemsResponse
>;
export const CreateRuleExceptionListItemsResponse = z.array(ExceptionListItem);

122
packages/kbn-securitysolution-exceptions-common/api/create_rule_exceptions/create_rule_exceptions.schema.yaml Normal file
View file

@ -0,0 +1,122 @@
openapi: 3.0.0
info:
title: Create rule exception list items API endpoint
version: '2023-10-31'
paths:
/api/detection_engine/rules/{id}/exceptions:
post:
x-labels: [serverless, ess]
operationId: CreateRuleExceptionListItems
x-codegen-enabled: true
summary: Creates rule exception list items
tags:
- Exceptions API
parameters:
- name: id
in: path
required: true
description: Detection rule's identifier
schema:
$ref: '#/components/schemas/RuleId'
requestBody:
description: Rule exception list items
required: true
content:
application/json:
schema:
type: object
properties:
items:
type: array
items:
$ref: '#/components/schemas/CreateRuleExceptionListItemProps'
required: [items]
responses:
200:
description: Successful response
content:
application/json:
schema:
type: array
items:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItem'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
components:
schemas:
RuleId:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/UUID'
CreateRuleExceptionListItemComment:
type: object
properties:
comment:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
required:
- comment
CreateRuleExceptionListItemCommentArray:
type: array
items:
$ref: '#/components/schemas/CreateRuleExceptionListItemComment'
CreateRuleExceptionListItemProps:
type: object
properties:
item_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemHumanId'
type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemType'
name:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemName'
description:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemDescription'
entries:
$ref: '../model/exception_list_item_entry.schema.yaml#/components/schemas/ExceptionListItemEntryArray'
namespace_type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: 'single'
os_types:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemOsTypeArray'
default: []
tags:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemTags'
default: []
meta:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemMeta'
expire_time:
type: string
format: date-time
comments:
$ref: '#/components/schemas/CreateRuleExceptionListItemCommentArray'
default: []
required:
- type
- name
- description
- entries

38
packages/kbn-securitysolution-exceptions-common/api/create_shared_exceptions_list/create_shared_exceptions_list.gen.ts Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Create shared exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListName,
ExceptionListDescription,
ExceptionList,
} from '../model/exception_list_common.gen';
export type CreateSharedExceptionListRequestBody = z.infer<
typeof CreateSharedExceptionListRequestBody
>;
export const CreateSharedExceptionListRequestBody = z.object({
name: ExceptionListName,
description: ExceptionListDescription,
});
export type CreateSharedExceptionListRequestBodyInput = z.input<
typeof CreateSharedExceptionListRequestBody
>;
export type CreateSharedExceptionListResponse = z.infer<typeof CreateSharedExceptionListResponse>;
export const CreateSharedExceptionListResponse = ExceptionList;

66
packages/kbn-securitysolution-exceptions-common/api/create_shared_exceptions_list/create_shared_exceptions_list.schema.yaml Normal file
View file

@ -0,0 +1,66 @@
openapi: 3.0.0
info:
title: Create shared exception list API endpoint
version: '2023-10-31'
paths:
/api/exceptions/shared:
post:
x-labels: [serverless, ess]
operationId: CreateSharedExceptionList
x-codegen-enabled: true
summary: Creates a shared exception list
tags:
- Exceptions API
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
name:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListName'
description:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListDescription'
required:
- name
- description
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
409:
description: Exception list already exists response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

42
packages/kbn-securitysolution-exceptions-common/api/delete_exception_list/delete_exception_list.gen.ts Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Delete exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListId,
ExceptionListHumanId,
ExceptionNamespaceType,
ExceptionList,
} from '../model/exception_list_common.gen';
export type DeleteExceptionListRequestQuery = z.infer<typeof DeleteExceptionListRequestQuery>;
export const DeleteExceptionListRequestQuery = z.object({
/**
* Either `id` or `list_id` must be specified
*/
id: ExceptionListId.optional(),
/**
* Either `id` or `list_id` must be specified
*/
list_id: ExceptionListHumanId.optional(),
namespace_type: ExceptionNamespaceType.optional().default('single'),
});
export type DeleteExceptionListRequestQueryInput = z.input<typeof DeleteExceptionListRequestQuery>;
export type DeleteExceptionListResponse = z.infer<typeof DeleteExceptionListResponse>;
export const DeleteExceptionListResponse = ExceptionList;

71
packages/kbn-securitysolution-exceptions-common/api/delete_exception_list/delete_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,71 @@
openapi: 3.0.0
info:
title: Delete exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists:
delete:
x-labels: [serverless, ess]
operationId: DeleteExceptionList
x-codegen-enabled: true
summary: Deletes an exception list
tags:
- Exceptions API
parameters:
- name: id
in: query
required: false
description: Either `id` or `list_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListId'
- name: list_id
in: query
required: false
description: Either `id` or `list_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
- name: namespace_type
in: query
required: false
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: single
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

46
packages/kbn-securitysolution-exceptions-common/api/delete_exception_list_item/delete_exception_list_item.gen.ts Normal file
View file

@ -0,0 +1,46 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Delete exception list item API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListItemId,
ExceptionListItemHumanId,
ExceptionNamespaceType,
ExceptionListItem,
} from '../model/exception_list_common.gen';
export type DeleteExceptionListItemRequestQuery = z.infer<
typeof DeleteExceptionListItemRequestQuery
>;
export const DeleteExceptionListItemRequestQuery = z.object({
/**
* Either `id` or `item_id` must be specified
*/
id: ExceptionListItemId.optional(),
/**
* Either `id` or `item_id` must be specified
*/
item_id: ExceptionListItemHumanId.optional(),
namespace_type: ExceptionNamespaceType.optional().default('single'),
});
export type DeleteExceptionListItemRequestQueryInput = z.input<
typeof DeleteExceptionListItemRequestQuery
>;
export type DeleteExceptionListItemResponse = z.infer<typeof DeleteExceptionListItemResponse>;
export const DeleteExceptionListItemResponse = ExceptionListItem;

71
packages/kbn-securitysolution-exceptions-common/api/delete_exception_list_item/delete_exception_list_item.schema.yaml Normal file
View file

@ -0,0 +1,71 @@
openapi: 3.0.0
info:
title: Delete exception list item API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/items:
delete:
x-labels: [serverless, ess]
operationId: DeleteExceptionListItem
x-codegen-enabled: true
summary: Deletes an exception list item
tags:
- Exceptions API
parameters:
- name: id
in: query
required: false
description: Either `id` or `item_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemId'
- name: item_id
in: query
required: false
description: Either `id` or `item_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemHumanId'
- name: namespace_type
in: query
required: false
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: single
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItem'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list item not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

43
packages/kbn-securitysolution-exceptions-common/api/duplicate_exception_list/duplicate_exception_list.gen.ts Normal file
View file

@ -0,0 +1,43 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Duplicate exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListHumanId,
ExceptionNamespaceType,
ExceptionList,
} from '../model/exception_list_common.gen';
export type DuplicateExceptionListRequestQuery = z.infer<typeof DuplicateExceptionListRequestQuery>;
export const DuplicateExceptionListRequestQuery = z.object({
/**
* Exception list's human identifier
*/
list_id: ExceptionListHumanId,
namespace_type: ExceptionNamespaceType,
/**
* Determines whether to include expired exceptions in the exported list
*/
include_expired_exceptions: z.enum(['true', 'false']).default('true'),
});
export type DuplicateExceptionListRequestQueryInput = z.input<
typeof DuplicateExceptionListRequestQuery
>;
export type DuplicateExceptionListResponse = z.infer<typeof DuplicateExceptionListResponse>;
export const DuplicateExceptionListResponse = ExceptionList;

71
packages/kbn-securitysolution-exceptions-common/api/duplicate_exception_list/duplicate_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,71 @@
openapi: 3.0.0
info:
title: Duplicate exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/_duplicate:
post:
operationId: DuplicateExceptionList
x-codegen-enabled: true
summary: Duplicates an exception list
tags:
- Exceptions API
parameters:
- name: list_id
in: query
required: true
description: Exception list's human identifier
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
- name: namespace_type
in: query
required: true
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
- name: include_expired_exceptions
in: query
required: true
description: Determines whether to include expired exceptions in the exported list
schema:
type: string
enum: ['true', 'false']
default: 'true'
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
405:
description: Exception list to duplicate not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

42
packages/kbn-securitysolution-exceptions-common/api/export_exception_list/export_exception_list.gen.ts Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Export exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListId,
ExceptionListHumanId,
ExceptionNamespaceType,
} from '../model/exception_list_common.gen';
export type ExportExceptionListRequestQuery = z.infer<typeof ExportExceptionListRequestQuery>;
export const ExportExceptionListRequestQuery = z.object({
/**
* Exception list's identifier
*/
id: ExceptionListId,
/**
* Exception list's human identifier
*/
list_id: ExceptionListHumanId,
namespace_type: ExceptionNamespaceType,
/**
* Determines whether to include expired exceptions in the exported list
*/
include_expired_exceptions: z.enum(['true', 'false']).default('true'),
});
export type ExportExceptionListRequestQueryInput = z.input<typeof ExportExceptionListRequestQuery>;

80
packages/kbn-securitysolution-exceptions-common/api/export_exception_list/export_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,80 @@
openapi: 3.0.0
info:
title: Export exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/_export:
post:
operationId: ExportExceptionList
x-codegen-enabled: true
summary: Exports an exception list
description: Exports an exception list and its associated items to an .ndjson file
tags:
- Exceptions API
parameters:
- name: id
in: query
required: true
description: Exception list's identifier
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListId'
- name: list_id
in: query
required: true
description: Exception list's human identifier
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
- name: namespace_type
in: query
required: true
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
- name: include_expired_exceptions
in: query
required: true
description: Determines whether to include expired exceptions in the exported list
schema:
type: string
enum: ['true', 'false']
default: 'true'
responses:
200:
description: Successful response
content:
application/ndjson:
schema:
type: string
format: binary
description: A `.ndjson` file containing specified exception list and its items
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

69
packages/kbn-securitysolution-exceptions-common/api/find_exception_list/find_exception_list.gen.ts Normal file
View file

@ -0,0 +1,69 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Find exception lists API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import { ArrayFromString } from '@kbn/zod-helpers';
import { ExceptionNamespaceType, ExceptionList } from '../model/exception_list_common.gen';
export type FindExceptionListsFilter = z.infer<typeof FindExceptionListsFilter>;
export const FindExceptionListsFilter = z.string();
export type FindExceptionListsRequestQuery = z.infer<typeof FindExceptionListsRequestQuery>;
export const FindExceptionListsRequestQuery = z.object({
/**
* Filters the returned results according to the value of the specified field.
Uses the `so type.field name:field` value syntax, where `so type` can be:
- `exception-list`: Specify a space-aware exception list.
- `exception-list-agnostic`: Specify an exception list that is shared across spaces.
*/
filter: FindExceptionListsFilter.optional(),
/**
* Determines whether the returned containers are Kibana associated with a Kibana space
or available in all spaces (`agnostic` or `single`)
*/
namespace_type: ArrayFromString(ExceptionNamespaceType).optional().default(['single']),
/**
* The page number to return
*/
page: z.coerce.number().int().min(1).optional(),
/**
* The number of exception lists to return per page
*/
per_page: z.coerce.number().int().min(1).optional(),
/**
* Determines which field is used to sort the results
*/
sort_field: z.string().optional(),
/**
* Determines the sort order, which can be `desc` or `asc`
*/
sort_order: z.enum(['desc', 'asc']).optional(),
});
export type FindExceptionListsRequestQueryInput = z.input<typeof FindExceptionListsRequestQuery>;
export type FindExceptionListsResponse = z.infer<typeof FindExceptionListsResponse>;
export const FindExceptionListsResponse = z.object({
data: z.array(ExceptionList),
page: z.number().int().min(1),
per_page: z.number().int().min(1),
total: z.number().int().min(0),
});

121
packages/kbn-securitysolution-exceptions-common/api/find_exception_list/find_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,121 @@
openapi: 3.0.0
info:
title: Find exception lists API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/items/_find:
get:
x-labels: [serverless, ess]
operationId: FindExceptionLists
x-codegen-enabled: true
summary: Finds exception lists
tags:
- Exceptions API
parameters:
- name: filter
in: query
required: false
description: |
Filters the returned results according to the value of the specified field.
Uses the `so type.field name:field` value syntax, where `so type` can be:
- `exception-list`: Specify a space-aware exception list.
- `exception-list-agnostic`: Specify an exception list that is shared across spaces.
schema:
$ref: '#/components/schemas/FindExceptionListsFilter'
- name: namespace_type
in: query
required: false
description: |
Determines whether the returned containers are Kibana associated with a Kibana space
or available in all spaces (`agnostic` or `single`)
schema:
type: array
items:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: [single]
- name: page
in: query
required: false
description: The page number to return
schema:
type: integer
minimum: 1
- name: per_page
in: query
required: false
description: The number of exception lists to return per page
schema:
type: integer
minimum: 1
- name: sort_field
in: query
required: false
description: Determines which field is used to sort the results
schema:
type: string
- name: sort_order
in: query
required: false
description: Determines the sort order, which can be `desc` or `asc`
schema:
type: string
enum: [desc, asc]
responses:
200:
description: Successful response
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
page:
type: integer
minimum: 1
per_page:
type: integer
minimum: 1
total:
type: integer
minimum: 0
required:
- data
- page
- per_page
- total
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
components:
schemas:
FindExceptionListsFilter:
type: string

78
packages/kbn-securitysolution-exceptions-common/api/find_exception_list_item/find_exception_list_item.gen.ts Normal file
View file

@ -0,0 +1,78 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Find exception list items API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import { ArrayFromString } from '@kbn/zod-helpers';
import { NonEmptyString } from '@kbn/openapi-common/schemas/primitives.gen';
import {
ExceptionListHumanId,
ExceptionNamespaceType,
ExceptionListItem,
} from '../model/exception_list_common.gen';
export type FindExceptionListItemsFilter = z.infer<typeof FindExceptionListItemsFilter>;
export const FindExceptionListItemsFilter = NonEmptyString;
export type FindExceptionListItemsRequestQuery = z.infer<typeof FindExceptionListItemsRequestQuery>;
export const FindExceptionListItemsRequestQuery = z.object({
/**
* List's id
*/
list_id: ArrayFromString(ExceptionListHumanId),
/**
* Filters the returned results according to the value of the specified field,
using the `<field name>:<field value>` syntax.
*/
filter: ArrayFromString(FindExceptionListItemsFilter).optional().default([]),
/**
* Determines whether the returned containers are Kibana associated with a Kibana space
or available in all spaces (`agnostic` or `single`)
*/
namespace_type: ArrayFromString(ExceptionNamespaceType).optional().default(['single']),
search: z.string().optional(),
/**
* The page number to return
*/
page: z.coerce.number().int().min(0).optional(),
/**
* The number of exception list items to return per page
*/
per_page: z.coerce.number().int().min(0).optional(),
/**
* Determines which field is used to sort the results
*/
sort_field: NonEmptyString.optional(),
/**
* Determines the sort order, which can be `desc` or `asc`
*/
sort_order: z.enum(['desc', 'asc']).optional(),
});
export type FindExceptionListItemsRequestQueryInput = z.input<
typeof FindExceptionListItemsRequestQuery
>;
export type FindExceptionListItemsResponse = z.infer<typeof FindExceptionListItemsResponse>;
export const FindExceptionListItemsResponse = z.object({
data: z.array(ExceptionListItem),
page: z.number().int().min(1),
per_page: z.number().int().min(1),
total: z.number().int().min(0),
pit: z.string().optional(),
});

141
packages/kbn-securitysolution-exceptions-common/api/find_exception_list_item/find_exception_list_item.schema.yaml Normal file
View file

@ -0,0 +1,141 @@
openapi: 3.0.0
info:
title: Find exception list items API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/items/_find:
get:
x-labels: [serverless, ess]
operationId: FindExceptionListItems
x-codegen-enabled: true
summary: Finds exception list items
tags:
- Exceptions API
parameters:
- name: list_id
in: query
required: true
description: List's id
schema:
type: array
items:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
- name: filter
in: query
required: false
description: |
Filters the returned results according to the value of the specified field,
using the `<field name>:<field value>` syntax.
schema:
type: array
items:
$ref: '#/components/schemas/FindExceptionListItemsFilter'
default: []
- name: namespace_type
in: query
required: false
description: |
Determines whether the returned containers are Kibana associated with a Kibana space
or available in all spaces (`agnostic` or `single`)
schema:
type: array
items:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: [single]
- name: search
in: query
required: false
schema:
type: string
- name: page
in: query
required: false
description: The page number to return
schema:
type: integer
minimum: 0
- name: per_page
in: query
required: false
description: The number of exception list items to return per page
schema:
type: integer
minimum: 0
- name: sort_field
in: query
required: false
description: Determines which field is used to sort the results
schema:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
- name: sort_order
in: query
required: false
description: Determines the sort order, which can be `desc` or `asc`
schema:
type: string
enum: [desc, asc]
responses:
200:
description: Successful response
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItem'
page:
type: integer
minimum: 1
per_page:
type: integer
minimum: 1
total:
type: integer
minimum: 0
pit:
type: string
required:
- data
- page
- per_page
- total
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
components:
schemas:
FindExceptionListItemsFilter:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'

70
packages/kbn-securitysolution-exceptions-common/api/import_exceptions/import_exceptions.gen.ts Normal file
View file

@ -0,0 +1,70 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Import exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import { BooleanFromString } from '@kbn/zod-helpers';
import {
ExceptionListId,
ExceptionListHumanId,
ExceptionListItemHumanId,
} from '../model/exception_list_common.gen';
export type ExceptionListsImportBulkError = z.infer<typeof ExceptionListsImportBulkError>;
export const ExceptionListsImportBulkError = z.object({
error: z.object({
status_code: z.number().int(),
message: z.string(),
}),
id: ExceptionListId.optional(),
list_id: ExceptionListHumanId.optional(),
item_id: ExceptionListItemHumanId.optional(),
});
export type ExceptionListsImportBulkErrorArray = z.infer<typeof ExceptionListsImportBulkErrorArray>;
export const ExceptionListsImportBulkErrorArray = z.array(ExceptionListsImportBulkError);
export type ImportExceptionListRequestQuery = z.infer<typeof ImportExceptionListRequestQuery>;
export const ImportExceptionListRequestQuery = z.object({
/**
* Determines whether existing exception lists with the same `list_id` are overwritten.
If any exception items have the same `item_id`, those are also overwritten.
*/
overwrite: BooleanFromString.optional().default(false),
overwrite_exceptions: BooleanFromString.optional().default(false),
overwrite_action_connectors: BooleanFromString.optional().default(false),
/**
* Determines whether the list being imported will have a new `list_id` generated.
Additional `item_id`'s are generated for each exception item. Both the exception
list and its items are overwritten.
*/
as_new_list: BooleanFromString.optional().default(false),
});
export type ImportExceptionListRequestQueryInput = z.input<typeof ImportExceptionListRequestQuery>;
export type ImportExceptionListResponse = z.infer<typeof ImportExceptionListResponse>;
export const ImportExceptionListResponse = z.object({
errors: ExceptionListsImportBulkErrorArray,
success: z.boolean(),
success_count: z.number().int().min(0),
success_exception_lists: z.boolean(),
success_count_exception_lists: z.number().int().min(0),
success_exception_list_items: z.boolean(),
success_count_exception_list_items: z.number().int().min(0),
});

141
packages/kbn-securitysolution-exceptions-common/api/import_exceptions/import_exceptions.schema.yaml Normal file
View file

@ -0,0 +1,141 @@
openapi: 3.0.0
info:
title: Import exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/_import:
post:
operationId: ImportExceptionList
x-codegen-enabled: true
summary: Imports an exception list
description: Imports an exception list and associated items
tags:
- Exceptions API
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
file:
type: string
format: binary
description: A `.ndjson` file containing the exception list
parameters:
- name: overwrite
in: query
required: false
description: |
Determines whether existing exception lists with the same `list_id` are overwritten.
If any exception items have the same `item_id`, those are also overwritten.
schema:
type: boolean
default: false
- name: overwrite_exceptions
in: query
required: false
schema:
type: boolean
default: false
- name: overwrite_action_connectors
in: query
required: false
schema:
type: boolean
default: false
- name: as_new_list
in: query
required: false
description: |
Determines whether the list being imported will have a new `list_id` generated.
Additional `item_id`'s are generated for each exception item. Both the exception
list and its items are overwritten.
schema:
type: boolean
default: false
responses:
200:
description: Successful response
content:
application/json:
schema:
type: object
properties:
errors:
$ref: '#/components/schemas/ExceptionListsImportBulkErrorArray'
success:
type: boolean
success_count:
type: integer
minimum: 0
success_exception_lists:
type: boolean
success_count_exception_lists:
type: integer
minimum: 0
success_exception_list_items:
type: boolean
success_count_exception_list_items:
type: integer
minimum: 0
required:
- errors
- success
- success_count
- success_exception_lists
- success_count_exception_lists
- success_exception_list_items
- success_count_exception_list_items
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
components:
schemas:
ExceptionListsImportBulkError:
type: object
properties:
error:
type: object
properties:
status_code:
type: integer
message:
type: string
required: [status_code, message]
id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListId'
list_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
item_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemHumanId'
required: [error]
ExceptionListsImportBulkErrorArray:
type: array
items:
$ref: '#/components/schemas/ExceptionListsImportBulkError'

26
packages/kbn-securitysolution-exceptions-common/api/index.ts Normal file
View file

@ -0,0 +1,26 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
export * from './model/exception_list_common.gen';
export * from './model/exception_list_item_entry.gen';
export * from './create_exception_list_item/create_exception_list_item.gen';
export * from './create_rule_exceptions/create_rule_exceptions.gen';
export * from './create_shared_exceptions_list/create_shared_exceptions_list.gen';
export * from './create_exception_list/create_exception_list.gen';
export * from './delete_exception_list_item/delete_exception_list_item.gen';
export * from './delete_exception_list/delete_exception_list.gen';
export * from './duplicate_exception_list/duplicate_exception_list.gen';
export * from './export_exception_list/export_exception_list.gen';
export * from './find_exception_list_item/find_exception_list_item.gen';
export * from './find_exception_list/find_exception_list.gen';
export * from './import_exceptions/import_exceptions.gen';
export * from './read_exception_list_item/read_exception_list_item.gen';
export * from './read_exception_list/read_exception_list.gen';
export * from './summary_exception_list/summary_exception_list.gen';
export * from './update_exception_list_item/update_exception_list_item.gen';
export * from './update_exception_list/update_exception_list.gen';

187
packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.gen.ts Normal file
View file

@ -0,0 +1,187 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Common Exception List Attributes
* version: not applicable
*/
import { z } from 'zod';
import { NonEmptyString } from '@kbn/openapi-common/schemas/primitives.gen';
import { ExceptionListItemEntryArray } from './exception_list_item_entry.gen';
export type ExceptionListId = z.infer<typeof ExceptionListId>;
export const ExceptionListId = NonEmptyString;
/**
* Human readable string identifier, e.g. `trusted-linux-processes`
*/
export type ExceptionListHumanId = z.infer<typeof ExceptionListHumanId>;
export const ExceptionListHumanId = NonEmptyString;
export type ExceptionListType = z.infer<typeof ExceptionListType>;
export const ExceptionListType = z.enum([
'detection',
'rule_default',
'endpoint',
'endpoint_trusted_apps',
'endpoint_events',
'endpoint_host_isolation_exceptions',
'endpoint_blocklists',
]);
export type ExceptionListTypeEnum = typeof ExceptionListType.enum;
export const ExceptionListTypeEnum = ExceptionListType.enum;
export type ExceptionListName = z.infer<typeof ExceptionListName>;
export const ExceptionListName = z.string();
export type ExceptionListDescription = z.infer<typeof ExceptionListDescription>;
export const ExceptionListDescription = z.string();
export type ExceptionListMeta = z.infer<typeof ExceptionListMeta>;
export const ExceptionListMeta = z.object({}).catchall(z.unknown());
/**
* Determines whether the exception container is available in all Kibana spaces or just the space
in which it is created, where:
- `single`: Only available in the Kibana space in which it is created.
- `agnostic`: Available in all Kibana spaces.
*/
export type ExceptionNamespaceType = z.infer<typeof ExceptionNamespaceType>;
export const ExceptionNamespaceType = z.enum(['agnostic', 'single']);
export type ExceptionNamespaceTypeEnum = typeof ExceptionNamespaceType.enum;
export const ExceptionNamespaceTypeEnum = ExceptionNamespaceType.enum;
export type ExceptionListTags = z.infer<typeof ExceptionListTags>;
export const ExceptionListTags = z.array(z.string());
export type ExceptionListOsType = z.infer<typeof ExceptionListOsType>;
export const ExceptionListOsType = z.enum(['linux', 'macos', 'windows']);
export type ExceptionListOsTypeEnum = typeof ExceptionListOsType.enum;
export const ExceptionListOsTypeEnum = ExceptionListOsType.enum;
export type ExceptionListOsTypeArray = z.infer<typeof ExceptionListOsTypeArray>;
export const ExceptionListOsTypeArray = z.array(ExceptionListOsType);
export type ExceptionListVersion = z.infer<typeof ExceptionListVersion>;
export const ExceptionListVersion = z.number().int().min(1);
export type ExceptionList = z.infer<typeof ExceptionList>;
export const ExceptionList = z.object({
id: ExceptionListId,
list_id: ExceptionListHumanId,
type: ExceptionListType,
name: ExceptionListName,
description: ExceptionListDescription,
immutable: z.boolean(),
namespace_type: ExceptionNamespaceType,
os_types: ExceptionListOsTypeArray.optional(),
tags: ExceptionListTags.optional(),
meta: ExceptionListMeta.optional(),
version: ExceptionListVersion,
_version: z.string().optional(),
tie_breaker_id: z.string(),
created_at: z.string().datetime(),
created_by: z.string(),
updated_at: z.string().datetime(),
updated_by: z.string(),
});
export type ExceptionListItemId = z.infer<typeof ExceptionListItemId>;
export const ExceptionListItemId = NonEmptyString;
export type ExceptionListItemHumanId = z.infer<typeof ExceptionListItemHumanId>;
export const ExceptionListItemHumanId = NonEmptyString;
export type ExceptionListItemType = z.infer<typeof ExceptionListItemType>;
export const ExceptionListItemType = z.literal('simple');
export type ExceptionListItemName = z.infer<typeof ExceptionListItemName>;
export const ExceptionListItemName = NonEmptyString;
export type ExceptionListItemDescription = z.infer<typeof ExceptionListItemDescription>;
export const ExceptionListItemDescription = z.string();
export type ExceptionListItemMeta = z.infer<typeof ExceptionListItemMeta>;
export const ExceptionListItemMeta = z.object({}).catchall(z.unknown());
export type ExceptionListItemTags = z.infer<typeof ExceptionListItemTags>;
export const ExceptionListItemTags = z.array(NonEmptyString);
export type ExceptionListItemOsType = z.infer<typeof ExceptionListItemOsType>;
export const ExceptionListItemOsType = z.enum(['linux', 'macos', 'windows']);
export type ExceptionListItemOsTypeEnum = typeof ExceptionListItemOsType.enum;
export const ExceptionListItemOsTypeEnum = ExceptionListItemOsType.enum;
export type ExceptionListItemOsTypeArray = z.infer<typeof ExceptionListItemOsTypeArray>;
export const ExceptionListItemOsTypeArray = z.array(ExceptionListOsType);
export type ExceptionListItemComment = z.infer<typeof ExceptionListItemComment>;
export const ExceptionListItemComment = z.object({
id: NonEmptyString,
comment: NonEmptyString,
created_at: z.string().datetime(),
created_by: NonEmptyString,
updated_at: z.string().datetime().optional(),
updated_by: NonEmptyString.optional(),
});
export type ExceptionListItemCommentArray = z.infer<typeof ExceptionListItemCommentArray>;
export const ExceptionListItemCommentArray = z.array(ExceptionListItemComment);
export type ExceptionListItem = z.infer<typeof ExceptionListItem>;
export const ExceptionListItem = z.object({
id: ExceptionListItemId,
item_id: ExceptionListItemHumanId,
list_id: ExceptionListHumanId,
type: ExceptionListItemType,
name: ExceptionListItemName,
description: ExceptionListItemDescription,
entries: ExceptionListItemEntryArray,
namespace_type: ExceptionNamespaceType,
os_types: ExceptionListItemOsTypeArray.optional(),
tags: ExceptionListItemTags.optional(),
meta: ExceptionListItemMeta.optional(),
expire_time: z.string().datetime().optional(),
comments: ExceptionListItemCommentArray,
_version: z.string().optional(),
tie_breaker_id: z.string(),
created_at: z.string().datetime(),
created_by: z.string(),
updated_at: z.string().datetime(),
updated_by: z.string(),
});
export type ExceptionListSO = z.infer<typeof ExceptionListSO>;
export const ExceptionListSO = z.object({
item_id: ExceptionListItemHumanId.optional(),
list_id: ExceptionListHumanId,
list_type: z.enum(['item', 'list']),
immutable: z.boolean().optional(),
type: ExceptionListItemType,
name: ExceptionListItemName,
description: ExceptionListItemDescription,
entries: ExceptionListItemEntryArray.optional(),
os_types: ExceptionListItemOsTypeArray.optional(),
tags: ExceptionListItemTags.optional(),
meta: ExceptionListItemMeta.optional(),
expire_time: z.string().datetime().optional(),
comments: ExceptionListItemCommentArray.optional(),
version: NonEmptyString.optional(),
tie_breaker_id: z.string(),
created_at: z.string().datetime(),
created_by: z.string(),
updated_by: z.string(),
});

301
packages/kbn-securitysolution-exceptions-common/api/model/exception_list_common.schema.yaml Normal file
View file

@ -0,0 +1,301 @@
openapi: 3.0.0
info:
title: Common Exception List Attributes
version: 'not applicable'
paths: {}
components:
x-codegen-enabled: true
schemas:
ExceptionListId:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
ExceptionListHumanId:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
description: Human readable string identifier, e.g. `trusted-linux-processes`
ExceptionListType:
type: string
enum:
- detection
- rule_default
- endpoint
- endpoint_trusted_apps
- endpoint_events
- endpoint_host_isolation_exceptions
- endpoint_blocklists
ExceptionListName:
type: string
ExceptionListDescription:
type: string
ExceptionListMeta:
type: object
additionalProperties: true
ExceptionNamespaceType:
type: string
enum:
- agnostic
- single
description: |
Determines whether the exception container is available in all Kibana spaces or just the space
in which it is created, where:
- `single`: Only available in the Kibana space in which it is created.
- `agnostic`: Available in all Kibana spaces.
ExceptionListTags:
type: array
items:
type: string
ExceptionListOsType:
type: string
enum:
- linux
- macos
- windows
ExceptionListOsTypeArray:
type: array
items:
$ref: '#/components/schemas/ExceptionListOsType'
ExceptionListVersion:
type: integer
minimum: 1
ExceptionList:
type: object
properties:
id:
$ref: '#/components/schemas/ExceptionListId'
list_id:
$ref: '#/components/schemas/ExceptionListHumanId'
type:
$ref: '#/components/schemas/ExceptionListType'
name:
$ref: '#/components/schemas/ExceptionListName'
description:
$ref: '#/components/schemas/ExceptionListDescription'
immutable:
type: boolean
namespace_type:
$ref: '#/components/schemas/ExceptionNamespaceType'
os_types:
$ref: '#/components/schemas/ExceptionListOsTypeArray'
tags:
$ref: '#/components/schemas/ExceptionListTags'
meta:
$ref: '#/components/schemas/ExceptionListMeta'
version:
$ref: '#/components/schemas/ExceptionListVersion'
_version:
type: string
tie_breaker_id:
type: string
created_at:
type: string
format: date-time
created_by:
type: string
updated_at:
type: string
format: date-time
updated_by:
type: string
required:
- id
- list_id
- type
- name
- description
- immutable
- namespace_type
- version
- tie_breaker_id
- created_at
- created_by
- updated_at
- updated_by
ExceptionListItemId:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
ExceptionListItemHumanId:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
ExceptionListItemType:
type: string
enum: [simple]
ExceptionListItemName:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
ExceptionListItemDescription:
type: string
ExceptionListItemMeta:
type: object
additionalProperties: true
ExceptionListItemTags:
type: array
items:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
ExceptionListItemOsType:
type: string
enum:
- linux
- macos
- windows
ExceptionListItemOsTypeArray:
type: array
items:
$ref: '#/components/schemas/ExceptionListOsType'
ExceptionListItemComment:
type: object
properties:
id:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
comment:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
created_at:
type: string
format: date-time
created_by:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
updated_at:
type: string
format: date-time
updated_by:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
required:
- id
- comment
- created_at
- created_by
ExceptionListItemCommentArray:
type: array
items:
$ref: '#/components/schemas/ExceptionListItemComment'
ExceptionListItem:
type: object
properties:
id:
$ref: '#/components/schemas/ExceptionListItemId'
item_id:
$ref: '#/components/schemas/ExceptionListItemHumanId'
list_id:
$ref: '#/components/schemas/ExceptionListHumanId'
type:
$ref: '#/components/schemas/ExceptionListItemType'
name:
$ref: '#/components/schemas/ExceptionListItemName'
description:
$ref: '#/components/schemas/ExceptionListItemDescription'
entries:
$ref: './exception_list_item_entry.schema.yaml#/components/schemas/ExceptionListItemEntryArray'
namespace_type:
$ref: '#/components/schemas/ExceptionNamespaceType'
os_types:
$ref: '#/components/schemas/ExceptionListItemOsTypeArray'
tags:
$ref: '#/components/schemas/ExceptionListItemTags'
meta:
$ref: '#/components/schemas/ExceptionListItemMeta'
expire_time:
type: string
format: date-time
comments:
$ref: '#/components/schemas/ExceptionListItemCommentArray'
_version:
type: string
tie_breaker_id:
type: string
created_at:
type: string
format: date-time
created_by:
type: string
updated_at:
type: string
format: date-time
updated_by:
type: string
required:
- id
- item_id
- list_id
- type
- name
- description
- entries
- namespace_type
- comments
- tie_breaker_id
- created_at
- created_by
- updated_at
- updated_by
ExceptionListSO:
type: object
properties:
item_id:
$ref: '#/components/schemas/ExceptionListItemHumanId'
list_id:
$ref: '#/components/schemas/ExceptionListHumanId'
list_type:
type: string
enum: [item, list]
immutable:
type: boolean
type:
$ref: '#/components/schemas/ExceptionListItemType'
name:
$ref: '#/components/schemas/ExceptionListItemName'
description:
$ref: '#/components/schemas/ExceptionListItemDescription'
entries:
$ref: './exception_list_item_entry.schema.yaml#/components/schemas/ExceptionListItemEntryArray'
os_types:
$ref: '#/components/schemas/ExceptionListItemOsTypeArray'
tags:
$ref: '#/components/schemas/ExceptionListItemTags'
meta:
$ref: '#/components/schemas/ExceptionListItemMeta'
expire_time:
type: string
format: date-time
comments:
$ref: '#/components/schemas/ExceptionListItemCommentArray'
version:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
tie_breaker_id:
type: string
created_at:
type: string
format: date-time
created_by:
type: string
updated_by:
type: string
required:
- list_id
- list_type
- type
- name
- description
- tie_breaker_id
- created_at
- created_by
- updated_at
- updated_by

99
packages/kbn-securitysolution-exceptions-common/api/model/exception_list_item_entry.gen.ts Normal file
View file

@ -0,0 +1,99 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Common Exception List Item Entry Attributes
* version: not applicable
*/
import { z } from 'zod';
import { NonEmptyString } from '@kbn/openapi-common/schemas/primitives.gen';
import { ListId, ListType } from '@kbn/securitysolution-lists-common/api/model/list_common.gen';
export type ExceptionListItemEntryOperator = z.infer<typeof ExceptionListItemEntryOperator>;
export const ExceptionListItemEntryOperator = z.enum(['excluded', 'included']);
export type ExceptionListItemEntryOperatorEnum = typeof ExceptionListItemEntryOperator.enum;
export const ExceptionListItemEntryOperatorEnum = ExceptionListItemEntryOperator.enum;
export type ExceptionListItemEntryMatch = z.infer<typeof ExceptionListItemEntryMatch>;
export const ExceptionListItemEntryMatch = z.object({
type: z.literal('match'),
field: NonEmptyString,
value: NonEmptyString,
operator: ExceptionListItemEntryOperator,
});
export type ExceptionListItemEntryMatchAny = z.infer<typeof ExceptionListItemEntryMatchAny>;
export const ExceptionListItemEntryMatchAny = z.object({
type: z.literal('match_any'),
field: NonEmptyString,
value: z.array(NonEmptyString).min(1),
operator: ExceptionListItemEntryOperator,
});
export type ExceptionListItemEntryList = z.infer<typeof ExceptionListItemEntryList>;
export const ExceptionListItemEntryList = z.object({
type: z.literal('list'),
field: NonEmptyString,
list: z.object({
id: ListId,
type: ListType,
}),
operator: ExceptionListItemEntryOperator,
});
export type ExceptionListItemEntryExists = z.infer<typeof ExceptionListItemEntryExists>;
export const ExceptionListItemEntryExists = z.object({
type: z.literal('exists'),
field: NonEmptyString,
operator: ExceptionListItemEntryOperator,
});
export type ExceptionListItemEntryNestedEntryItem = z.infer<
typeof ExceptionListItemEntryNestedEntryItem
>;
export const ExceptionListItemEntryNestedEntryItem = z.union([
ExceptionListItemEntryMatch,
ExceptionListItemEntryMatchAny,
ExceptionListItemEntryExists,
]);
export type ExceptionListItemEntryNested = z.infer<typeof ExceptionListItemEntryNested>;
export const ExceptionListItemEntryNested = z.object({
type: z.literal('nested'),
field: NonEmptyString,
entries: z.array(ExceptionListItemEntryNestedEntryItem).min(1),
});
export type ExceptionListItemEntryMatchWildcard = z.infer<
typeof ExceptionListItemEntryMatchWildcard
>;
export const ExceptionListItemEntryMatchWildcard = z.object({
type: z.literal('wildcard'),
field: NonEmptyString,
value: NonEmptyString,
operator: ExceptionListItemEntryOperator,
});
export type ExceptionListItemEntry = z.infer<typeof ExceptionListItemEntry>;
export const ExceptionListItemEntry = z.discriminatedUnion('type', [
ExceptionListItemEntryMatch,
ExceptionListItemEntryMatchAny,
ExceptionListItemEntryList,
ExceptionListItemEntryExists,
ExceptionListItemEntryNested,
ExceptionListItemEntryMatchWildcard,
]);
export type ExceptionListItemEntryArray = z.infer<typeof ExceptionListItemEntryArray>;
export const ExceptionListItemEntryArray = z.array(ExceptionListItemEntry);

147
packages/kbn-securitysolution-exceptions-common/api/model/exception_list_item_entry.schema.yaml Normal file
View file

@ -0,0 +1,147 @@
openapi: 3.0.0
info:
title: Common Exception List Item Entry Attributes
version: 'not applicable'
paths: {}
components:
x-codegen-enabled: true
schemas:
ExceptionListItemEntryOperator:
type: string
enum: [excluded, included]
ExceptionListItemEntryMatch:
type: object
properties:
type:
type: string
enum: [match]
field:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
value:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
operator:
$ref: '#/components/schemas/ExceptionListItemEntryOperator'
required:
- type
- field
- value
- operator
ExceptionListItemEntryMatchAny:
type: object
properties:
type:
type: string
enum: [match_any]
field:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
value:
type: array
items:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
minItems: 1
operator:
$ref: '#/components/schemas/ExceptionListItemEntryOperator'
required:
- type
- field
- value
- operator
ExceptionListItemEntryList:
type: object
properties:
type:
type: string
enum: [list]
field:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
list:
type: object
properties:
id:
$ref: '../../../kbn-securitysolution-lists-common/api/model/list_common.schema.yaml#/components/schemas/ListId'
type:
$ref: '../../../kbn-securitysolution-lists-common/api/model/list_common.schema.yaml#/components/schemas/ListType'
required: [id, type]
operator:
$ref: '#/components/schemas/ExceptionListItemEntryOperator'
required:
- type
- field
- list
- operator
ExceptionListItemEntryExists:
type: object
properties:
type:
type: string
enum: [exists]
field:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
operator:
$ref: '#/components/schemas/ExceptionListItemEntryOperator'
required:
- type
- field
- operator
ExceptionListItemEntryNestedEntryItem:
oneOf:
- $ref: '#/components/schemas/ExceptionListItemEntryMatch'
- $ref: '#/components/schemas/ExceptionListItemEntryMatchAny'
- $ref: '#/components/schemas/ExceptionListItemEntryExists'
ExceptionListItemEntryNested:
type: object
properties:
type:
type: string
enum: [nested]
field:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
entries:
type: array
items:
$ref: '#/components/schemas/ExceptionListItemEntryNestedEntryItem'
minItems: 1
required:
- type
- field
- entries
ExceptionListItemEntryMatchWildcard:
type: object
properties:
type:
type: string
enum: [wildcard]
field:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
value:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
operator:
$ref: '#/components/schemas/ExceptionListItemEntryOperator'
required:
- type
- field
- value
- operator
ExceptionListItemEntry:
discriminator:
propertyName: type
anyOf:
- $ref: '#/components/schemas/ExceptionListItemEntryMatch'
- $ref: '#/components/schemas/ExceptionListItemEntryMatchAny'
- $ref: '#/components/schemas/ExceptionListItemEntryList'
- $ref: '#/components/schemas/ExceptionListItemEntryExists'
- $ref: '#/components/schemas/ExceptionListItemEntryNested'
- $ref: '#/components/schemas/ExceptionListItemEntryMatchWildcard'
ExceptionListItemEntryArray:
type: array
items:
$ref: '#/components/schemas/ExceptionListItemEntry'

42
packages/kbn-securitysolution-exceptions-common/api/read_exception_list/read_exception_list.gen.ts Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Get exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListId,
ExceptionListHumanId,
ExceptionNamespaceType,
ExceptionList,
} from '../model/exception_list_common.gen';
export type GetExceptionListRequestQuery = z.infer<typeof GetExceptionListRequestQuery>;
export const GetExceptionListRequestQuery = z.object({
/**
* Either `id` or `list_id` must be specified
*/
id: ExceptionListId.optional(),
/**
* Either `id` or `list_id` must be specified
*/
list_id: ExceptionListHumanId.optional(),
namespace_type: ExceptionNamespaceType.optional().default('single'),
});
export type GetExceptionListRequestQueryInput = z.input<typeof GetExceptionListRequestQuery>;
export type GetExceptionListResponse = z.infer<typeof GetExceptionListResponse>;
export const GetExceptionListResponse = ExceptionList;

71
packages/kbn-securitysolution-exceptions-common/api/read_exception_list/read_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,71 @@
openapi: 3.0.0
info:
title: Get exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists:
get:
x-labels: [serverless, ess]
operationId: GetExceptionList
x-codegen-enabled: true
summary: Retrieves an exception list using its `id` or `list_id` field
tags:
- Exceptions API
parameters:
- name: id
in: query
required: false
description: Either `id` or `list_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListId'
- name: list_id
in: query
required: false
description: Either `id` or `list_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
- name: namespace_type
in: query
required: false
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: single
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list item not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

44
packages/kbn-securitysolution-exceptions-common/api/read_exception_list_item/read_exception_list_item.gen.ts Normal file
View file

@ -0,0 +1,44 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Get exception list item API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListItemId,
ExceptionListItemHumanId,
ExceptionNamespaceType,
ExceptionListItem,
} from '../model/exception_list_common.gen';
export type GetExceptionListItemRequestQuery = z.infer<typeof GetExceptionListItemRequestQuery>;
export const GetExceptionListItemRequestQuery = z.object({
/**
* Either `id` or `item_id` must be specified
*/
id: ExceptionListItemId.optional(),
/**
* Either `id` or `item_id` must be specified
*/
item_id: ExceptionListItemHumanId.optional(),
namespace_type: ExceptionNamespaceType.optional().default('single'),
});
export type GetExceptionListItemRequestQueryInput = z.input<
typeof GetExceptionListItemRequestQuery
>;
export type GetExceptionListItemResponse = z.infer<typeof GetExceptionListItemResponse>;
export const GetExceptionListItemResponse = ExceptionListItem;

71
packages/kbn-securitysolution-exceptions-common/api/read_exception_list_item/read_exception_list_item.schema.yaml Normal file
View file

@ -0,0 +1,71 @@
openapi: 3.0.0
info:
title: Get exception list item API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/items:
get:
x-labels: [serverless, ess]
operationId: GetExceptionListItem
x-codegen-enabled: true
summary: Gets an exception list item
tags:
- Exceptions API
parameters:
- name: id
in: query
required: false
description: Either `id` or `item_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemId'
- name: item_id
in: query
required: false
description: Either `id` or `item_id` must be specified
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemHumanId'
- name: namespace_type
in: query
required: false
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: single
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItem'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list item not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

54
packages/kbn-securitysolution-exceptions-common/api/summary_exception_list/summary_exception_list.gen.ts Normal file
View file

@ -0,0 +1,54 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Get exception list summary API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListId,
ExceptionListHumanId,
ExceptionNamespaceType,
} from '../model/exception_list_common.gen';
export type GetExceptionListSummaryRequestQuery = z.infer<
typeof GetExceptionListSummaryRequestQuery
>;
export const GetExceptionListSummaryRequestQuery = z.object({
/**
* Exception list's identifier generated upon creation
*/
id: ExceptionListId.optional(),
/**
* Exception list's human readable identifier
*/
list_id: ExceptionListHumanId.optional(),
namespace_type: ExceptionNamespaceType.optional().default('single'),
/**
* Search filter clause
*/
filter: z.string().optional(),
});
export type GetExceptionListSummaryRequestQueryInput = z.input<
typeof GetExceptionListSummaryRequestQuery
>;
export type GetExceptionListSummaryResponse = z.infer<typeof GetExceptionListSummaryResponse>;
export const GetExceptionListSummaryResponse = z.object({
windows: z.number().int().min(0).optional(),
linux: z.number().int().min(0).optional(),
macos: z.number().int().min(0).optional(),
total: z.number().int().min(0).optional(),
});

90
packages/kbn-securitysolution-exceptions-common/api/summary_exception_list/summary_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,90 @@
openapi: 3.0.0
info:
title: Get exception list summary API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/summary:
get:
x-labels: [serverless, ess]
operationId: GetExceptionListSummary
x-codegen-enabled: true
summary: Retrieves an exception list summary
tags:
- Exceptions API
parameters:
- name: id
in: query
required: false
description: Exception list's identifier generated upon creation
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListId'
- name: list_id
in: query
required: false
description: Exception list's human readable identifier
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
- name: namespace_type
in: query
required: false
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: single
- name: filter
in: query
required: false
description: Search filter clause
schema:
type: string
responses:
200:
description: Successful response
content:
application/json:
schema:
type: object
properties:
windows:
type: integer
minimum: 0
linux:
type: integer
minimum: 0
macos:
type: integer
minimum: 0
total:
type: integer
minimum: 0
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

51
packages/kbn-securitysolution-exceptions-common/api/update_exception_list/update_exception_list.gen.ts Normal file
View file

@ -0,0 +1,51 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Update exception list API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import {
ExceptionListId,
ExceptionListHumanId,
ExceptionListName,
ExceptionListDescription,
ExceptionListType,
ExceptionNamespaceType,
ExceptionListOsTypeArray,
ExceptionListTags,
ExceptionListMeta,
ExceptionListVersion,
ExceptionList,
} from '../model/exception_list_common.gen';
export type UpdateExceptionListRequestBody = z.infer<typeof UpdateExceptionListRequestBody>;
export const UpdateExceptionListRequestBody = z.object({
id: ExceptionListId.optional(),
list_id: ExceptionListHumanId.optional(),
name: ExceptionListName,
description: ExceptionListDescription,
type: ExceptionListType,
namespace_type: ExceptionNamespaceType.optional().default('single'),
os_types: ExceptionListOsTypeArray.optional().default([]),
tags: ExceptionListTags.optional(),
meta: ExceptionListMeta.optional(),
version: ExceptionListVersion.optional(),
_version: z.string().optional(),
});
export type UpdateExceptionListRequestBodyInput = z.input<typeof UpdateExceptionListRequestBody>;
export type UpdateExceptionListResponse = z.infer<typeof UpdateExceptionListResponse>;
export const UpdateExceptionListResponse = ExceptionList;

88
packages/kbn-securitysolution-exceptions-common/api/update_exception_list/update_exception_list.schema.yaml Normal file
View file

@ -0,0 +1,88 @@
openapi: 3.0.0
info:
title: Update exception list API endpoint
version: '2023-10-31'
paths:
/api/exception_lists:
put:
x-labels: [serverless, ess]
operationId: UpdateExceptionList
x-codegen-enabled: true
summary: Updates an exception list
tags:
- Exceptions API
requestBody:
description: Exception list's properties
required: true
content:
application/json:
schema:
type: object
properties:
id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListId'
list_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
name:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListName'
description:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListDescription'
type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListType'
namespace_type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: 'single'
os_types:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListOsTypeArray'
default: []
tags:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListTags'
meta:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListMeta'
version:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListVersion'
_version:
type: string
required:
- name
- description
- type
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionList'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

75
packages/kbn-securitysolution-exceptions-common/api/update_exception_list_item/update_exception_list_item.gen.ts Normal file
View file

@ -0,0 +1,75 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Update exception list item API endpoint
* version: 2023-10-31
*/
import { z } from 'zod';
import { NonEmptyString } from '@kbn/openapi-common/schemas/primitives.gen';
import {
ExceptionListItemId,
ExceptionListItemHumanId,
ExceptionListHumanId,
ExceptionListItemType,
ExceptionListItemName,
ExceptionListItemDescription,
ExceptionNamespaceType,
ExceptionListItemOsTypeArray,
ExceptionListItemTags,
ExceptionListItemMeta,
ExceptionListItem,
} from '../model/exception_list_common.gen';
import { ExceptionListItemEntryArray } from '../model/exception_list_item_entry.gen';
export type UpdateExceptionListItemComment = z.infer<typeof UpdateExceptionListItemComment>;
export const UpdateExceptionListItemComment = z.object({
id: NonEmptyString.optional(),
comment: NonEmptyString,
});
export type UpdateExceptionListItemCommentArray = z.infer<
typeof UpdateExceptionListItemCommentArray
>;
export const UpdateExceptionListItemCommentArray = z.array(UpdateExceptionListItemComment);
export type UpdateExceptionListItemRequestBody = z.infer<typeof UpdateExceptionListItemRequestBody>;
export const UpdateExceptionListItemRequestBody = z.object({
/**
* Either `id` or `item_id` must be specified
*/
id: ExceptionListItemId.optional(),
/**
* Either `id` or `item_id` must be specified
*/
item_id: ExceptionListItemHumanId.optional(),
list_id: ExceptionListHumanId.optional(),
type: ExceptionListItemType,
name: ExceptionListItemName,
description: ExceptionListItemDescription,
entries: ExceptionListItemEntryArray,
namespace_type: ExceptionNamespaceType.optional().default('single'),
os_types: ExceptionListItemOsTypeArray.optional().default([]),
tags: ExceptionListItemTags.optional(),
meta: ExceptionListItemMeta.optional(),
expire_time: z.string().datetime().optional(),
comments: UpdateExceptionListItemCommentArray.optional().default([]),
_version: z.string().optional(),
});
export type UpdateExceptionListItemRequestBodyInput = z.input<
typeof UpdateExceptionListItemRequestBody
>;
export type UpdateExceptionListItemResponse = z.infer<typeof UpdateExceptionListItemResponse>;
export const UpdateExceptionListItemResponse = ExceptionListItem;

117
packages/kbn-securitysolution-exceptions-common/api/update_exception_list_item/update_exception_list_item.schema.yaml Normal file
View file

@ -0,0 +1,117 @@
openapi: 3.0.0
info:
title: Update exception list item API endpoint
version: '2023-10-31'
paths:
/api/exception_lists/items:
put:
x-labels: [serverless, ess]
operationId: UpdateExceptionListItem
x-codegen-enabled: true
summary: Updates an exception list item
tags:
- Exceptions API
requestBody:
description: Exception list item's properties
required: true
content:
application/json:
schema:
type: object
properties:
id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemId'
description: Either `id` or `item_id` must be specified
item_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemHumanId'
description: Either `id` or `item_id` must be specified
list_id:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListHumanId'
type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemType'
name:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemName'
description:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemDescription'
entries:
$ref: '../model/exception_list_item_entry.schema.yaml#/components/schemas/ExceptionListItemEntryArray'
namespace_type:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionNamespaceType'
default: 'single'
os_types:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemOsTypeArray'
default: []
tags:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemTags'
meta:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItemMeta'
expire_time:
type: string
format: date-time
comments:
$ref: '#/components/schemas/UpdateExceptionListItemCommentArray'
default: []
_version:
type: string
required:
- type
- name
- description
- entries
responses:
200:
description: Successful response
content:
application/json:
schema:
$ref: '../model/exception_list_common.schema.yaml#/components/schemas/ExceptionListItem'
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
403:
description: Not enough privileges response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
404:
description: Exception list item not found response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../kbn-openapi-common/schemas/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
components:
x-codegen-enabled: true
schemas:
UpdateExceptionListItemComment:
type: object
properties:
id:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
comment:
$ref: '../../../kbn-openapi-common/schemas/primitives.schema.yaml#/components/schemas/NonEmptyString'
required:
- comment
UpdateExceptionListItemCommentArray:
type: array
items:
$ref: '#/components/schemas/UpdateExceptionListItemComment'

5
packages/kbn-securitysolution-exceptions-common/kibana.jsonc Normal file
View file

@ -0,0 +1,5 @@
{
"type": "shared-common",
"id": "@kbn/securitysolution-exceptions-common",
"owner": "@elastic/security-detection-engine"
}

10
packages/kbn-securitysolution-exceptions-common/package.json Normal file
View file

@ -0,0 +1,10 @@
{
"description": "Security Solution Exceptions common package",
"license": "SSPL-1.0 OR Elastic License 2.0",
"name": "@kbn/securitysolution-exceptions-common",
"private": true,
"version": "1.0.0",
"scripts": {
"openapi:generate": "node scripts/openapi_generate"
}
}

37
packages/kbn-securitysolution-exceptions-common/scripts/openapi_generate.js Normal file
View file

@ -0,0 +1,37 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
require('../../../src/setup_node_env');
const { join, resolve } = require('path');
const { generate } = require('@kbn/openapi-generator');
const { REPO_ROOT } = require('@kbn/repo-info');
const ROOT = resolve(__dirname, '..');
(async () => {
await generate({
title: 'OpenAPI Exceptions API Schemas',
rootDir: ROOT,
sourceGlob: './**/*.schema.yaml',
templateName: 'zod_operation_schema',
});
await generate({
title: 'Exceptions API client for tests',
rootDir: ROOT,
sourceGlob: './**/*.schema.yaml',
templateName: 'api_client_supertest',
skipLinting: true,
bundle: {
outFile: join(
REPO_ROOT,
'x-pack/test/api_integration/services/security_solution_exceptions_api.gen.ts'
),
},
});
})();

14
packages/kbn-securitysolution-exceptions-common/tsconfig.json Normal file
View file

@ -0,0 +1,14 @@
{
"compilerOptions": {
"outDir": "target/types",
"types": ["jest", "node"]
},
"exclude": ["target/**/*"],
"extends": "../../tsconfig.base.json",
"include": ["**/*.ts"],
"kbn_references": [
"@kbn/openapi-common",
"@kbn/zod-helpers",
"@kbn/securitysolution-lists-common"
]
}

1
packages/kbn-securitysolution-io-ts-list-types/src/request/index.ts
View file

@ -39,7 +39,6 @@ export * from './read_list_schema';
export * from './summary_exception_list_schema';
export * from './update_endpoint_list_item_schema';
export * from './update_exception_list_item_schema';
export * from './update_exception_list_item_validation';
export * from './update_exception_list_schema';
export * from './update_list_item_schema';
export * from './update_list_schema';

4
packages/kbn-securitysolution-io-ts-list-types/src/request/update_exception_list_item_schema/index.ts
View file

@ -7,9 +7,9 @@
*/
import * as t from 'io-ts';
import { ExceptionListItemEntryArray } from '@kbn/securitysolution-exceptions-common/api';
import { NamespaceType } from '../../common/default_namespace';
import { DefaultUpdateCommentsArray } from '../../common/default_update_comments_array';
import { EntriesArray } from '../../common/entries';
import { exceptionListItemType } from '../../common/exception_list_item_type';
import { nonEmptyEntriesArray } from '../../common/non_empty_entries_array';
import { OsTypeArray, osTypeArrayOrUndefined } from '../../common/os_type';
@ -57,7 +57,7 @@ export type UpdateExceptionListItemSchemaDecoded = Omit<
> & {
comments: UpdateCommentsArray;
tags: Tags;
entries: EntriesArray;
entries: ExceptionListItemEntryArray;
namespace_type: NamespaceType;
os_types: OsTypeArray;
expire_time: ExpireTimeOrUndefined;

45
packages/kbn-securitysolution-io-ts-list-types/src/request/update_exception_list_item_validation/index.test.ts
View file

@ -1,45 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
import { validateComments } from '.';
import { getUpdateExceptionListItemSchemaMock } from '../update_exception_list_item_schema/index.mock';
describe('update_exception_list_item_validation', () => {
describe('#validateComments', () => {
test('it returns no errors if comments is undefined', () => {
const payload = getUpdateExceptionListItemSchemaMock();
delete payload.comments;
const output = validateComments(payload);
expect(output).toEqual([]);
});
test('it returns no errors if new comments are append only', () => {
const payload = getUpdateExceptionListItemSchemaMock();
payload.comments = [
{ comment: 'Im an old comment', id: '1' },
{ comment: 'Im a new comment' },
];
const output = validateComments(payload);
expect(output).toEqual([]);
});
test('it returns error if comments are not append only', () => {
const payload = getUpdateExceptionListItemSchemaMock();
payload.comments = [
{ comment: 'Im an old comment', id: '1' },
{ comment: 'Im a new comment modifying the order of existing comments' },
{ comment: 'Im an old comment', id: '2' },
];
const output = validateComments(payload);
expect(output).toEqual(['item "comments" are append only']);
});
});
});

42
packages/kbn-securitysolution-io-ts-list-types/src/request/update_exception_list_item_validation/index.ts
View file

@ -1,42 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
import { UpdateExceptionListItemSchema } from '../update_exception_list_item_schema';
export const validateComments = (item: UpdateExceptionListItemSchema): string[] => {
if (item.comments == null) {
return [];
}
const [appendOnly] = item.comments.reduce(
(acc, comment) => {
const [, hasNewComments] = acc;
if (comment.id == null) {
return [true, true];
}
if (hasNewComments && comment.id != null) {
return [false, true];
}
return acc;
},
[true, false]
);
if (!appendOnly) {
return ['item "comments" are append only'];
} else {
return [];
}
};
export const updateExceptionListItemValidate = (
schema: UpdateExceptionListItemSchema
): string[] => {
return [...validateComments(schema)];
};

16
packages/kbn-securitysolution-io-ts-list-types/tsconfig.json
View file

@ -2,23 +2,17 @@
"extends": "../../tsconfig.base.json",
"compilerOptions": {
"outDir": "target/types",
"types": [
"jest",
"node"
]
"types": ["jest", "node"]
},
"include": [
"**/*.ts"
],
"include": ["**/*.ts"],
"kbn_references": [
"@kbn/securitysolution-io-ts-types",
"@kbn/securitysolution-io-ts-utils",
"@kbn/securitysolution-list-constants",
"@kbn/es-query",
"@kbn/core-http-browser",
"@kbn/core-notifications-browser"
"@kbn/core-notifications-browser",
"@kbn/securitysolution-exceptions-common"
],
"exclude": [
"target/**/*",
]
"exclude": ["target/**/*"]
}

2
packages/kbn-securitysolution-lists-common/api/find_list_item/find_list_item.gen.ts
View file

@ -30,7 +30,7 @@ export const FindListItemsFilter = z.string();
export type FindListItemsRequestQuery = z.infer<typeof FindListItemsRequestQuery>;
export const FindListItemsRequestQuery = z.object({
/**
* List's ide
* List's id
*/
list_id: ListId,
/**

2
packages/kbn-securitysolution-lists-common/api/find_list_item/find_list_item.schema.yaml
View file

@ -15,7 +15,7 @@ paths:
- name: list_id
in: query
required: true
description: List's ide
description: List's id
schema:
$ref: '../model/list_common.schema.yaml#/components/schemas/ListId'
- name: page

17
packages/kbn-securitysolution-lists-common/scripts/openapi_generate.js
View file

@ -7,8 +7,9 @@
*/
require('../../../src/setup_node_env');
const { resolve } = require('path');
const { join, resolve } = require('path');
const { generate } = require('@kbn/openapi-generator');
const { REPO_ROOT } = require('@kbn/repo-info');
const ROOT = resolve(__dirname, '..');
@ -19,4 +20,18 @@ const ROOT = resolve(__dirname, '..');
sourceGlob: './**/*.schema.yaml',
templateName: 'zod_operation_schema',
});
await generate({
title: 'Lists API client for tests',
rootDir: ROOT,
sourceGlob: './**/*.schema.yaml',
templateName: 'api_client_supertest',
skipLinting: true,
bundle: {
outFile: join(
REPO_ROOT,
'x-pack/test/api_integration/services/security_solution_lists_api.gen.ts'
),
},
});
})();

2
tsconfig.base.json
View file

@ -1498,6 +1498,8 @@
"@kbn/securitysolution-es-utils/*": ["packages/kbn-securitysolution-es-utils/*"],
"@kbn/securitysolution-exception-list-components": ["packages/kbn-securitysolution-exception-list-components"],
"@kbn/securitysolution-exception-list-components/*": ["packages/kbn-securitysolution-exception-list-components/*"],
"@kbn/securitysolution-exceptions-common": ["packages/kbn-securitysolution-exceptions-common"],
"@kbn/securitysolution-exceptions-common/*": ["packages/kbn-securitysolution-exceptions-common/*"],
"@kbn/securitysolution-hook-utils": ["packages/kbn-securitysolution-hook-utils"],
"@kbn/securitysolution-hook-utils/*": ["packages/kbn-securitysolution-hook-utils/*"],
"@kbn/securitysolution-io-ts-alerting-types": ["packages/kbn-securitysolution-io-ts-alerting-types"],

19
x-pack/plugins/lists/common/api/exceptions/create_exception_list_item/create_exception_list_item_route.ts
View file

@ -1,19 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
CreateExceptionListItemSchemaDecoded,
ExceptionListItemSchema,
createExceptionListItemSchema,
exceptionListItemSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export { createExceptionListItemSchema as createExceptionListItemRequest };
export type { CreateExceptionListItemSchemaDecoded as CreateExceptionListItemRequestDecoded };
export const createExceptionListItemResponse = exceptionListItemSchema;
export type CreateExceptionListItemResponse = ExceptionListItemSchema;

18
x-pack/plugins/lists/common/api/exceptions/delete_exception_list/delete_exception_list_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
DeleteExceptionListSchemaDecoded,
deleteExceptionListSchema,
exceptionListSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
deleteExceptionListSchema as deleteExceptionListRequestQuery,
exceptionListSchema as deleteExceptionListResponse,
};
export type { DeleteExceptionListSchemaDecoded as DeleteExceptionListRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/delete_exception_list_item/delete_exception_list_item_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
DeleteExceptionListItemSchemaDecoded,
deleteExceptionListItemSchema,
exceptionListItemSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
deleteExceptionListItemSchema as deleteExceptionListItemRequestQuery,
exceptionListItemSchema as deleteExceptionListItemResponse,
};
export type { DeleteExceptionListItemSchemaDecoded as DeleteExceptionListItemRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/duplicate_exception_list/duplicate_exception_list_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
DuplicateExceptionListQuerySchemaDecoded,
duplicateExceptionListQuerySchema,
exceptionListSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
duplicateExceptionListQuerySchema as duplicateExceptionListRequestQuery,
exceptionListSchema as duplicateExceptionListResponse,
};
export type { DuplicateExceptionListQuerySchemaDecoded as DuplicateExceptionListRequestQueryDecoded };

10
x-pack/plugins/lists/common/api/exceptions/export_exception_list/export_exception_list_route.ts
View file

@ -1,10 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { exportExceptionListQuerySchema } from '@kbn/securitysolution-io-ts-list-types';
export { exportExceptionListQuerySchema as exportExceptionListRequestQuery };

10
x-pack/plugins/lists/common/api/exceptions/export_list_item/export_list_item_route.ts
View file

@ -1,10 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { exportListItemQuerySchema } from '@kbn/securitysolution-io-ts-list-types';
export { exportListItemQuerySchema as exportListItemRequestQuery };

18
x-pack/plugins/lists/common/api/exceptions/find_exception_list/find_exception_list_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
FindExceptionListSchemaDecoded,
findExceptionListSchema,
foundExceptionListSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
findExceptionListSchema as findExceptionListRequestQuery,
foundExceptionListSchema as findExceptionListResponse,
};
export type { FindExceptionListSchemaDecoded as FindExceptionListRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/find_exception_list_item/find_exception_list_item_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
FindExceptionListItemSchemaDecoded,
findExceptionListItemSchema,
foundExceptionListItemSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
findExceptionListItemSchema as findExceptionListItemRequestQuery,
foundExceptionListItemSchema as findExceptionListItemResponse,
};
export type { FindExceptionListItemSchemaDecoded as FindExceptionListItemRequestQueryDecoded };

15
x-pack/plugins/lists/common/api/exceptions/import_exceptions/import_exceptions_route.ts
View file

@ -1,15 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { ImportQuerySchemaDecoded, importQuerySchema } from '@kbn/securitysolution-io-ts-types';
import { importExceptionsResponseSchema } from '@kbn/securitysolution-io-ts-list-types';
export {
importQuerySchema as importExceptionsRequestQuery,
importExceptionsResponseSchema as importExceptionsResponse,
};
export type { ImportQuerySchemaDecoded as ImportExceptionsRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/read_exception_list/read_exception_list_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
ReadExceptionListSchemaDecoded,
exceptionListSchema,
readExceptionListSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
readExceptionListSchema as readExceptionListRequestQuery,
exceptionListSchema as readExceptionListResponse,
};
export type { ReadExceptionListSchemaDecoded as ReadExceptionListRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/read_exception_list_item/read_exception_list_item_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
ReadExceptionListItemSchemaDecoded,
exceptionListItemSchema,
readExceptionListItemSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
readExceptionListItemSchema as readExceptionListItemRequestQuery,
exceptionListItemSchema as readExceptionListItemResponse,
};
export type { ReadExceptionListItemSchemaDecoded as ReadExceptionListItemRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/summary_exception_list/summary_exception_list_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
SummaryExceptionListSchemaDecoded,
exceptionListSummarySchema,
summaryExceptionListSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
summaryExceptionListSchema as summaryExceptionListRequestQuery,
exceptionListSummarySchema as summaryExceptionListResponse,
};
export type { SummaryExceptionListSchemaDecoded as SummaryExceptionListRequestQueryDecoded };

18
x-pack/plugins/lists/common/api/exceptions/update_exception_list/update_exception_list_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
UpdateExceptionListSchemaDecoded,
exceptionListSchema,
updateExceptionListSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
updateExceptionListSchema as updateExceptionListRequest,
exceptionListSchema as updateExceptionListResponse,
};
export type { UpdateExceptionListSchemaDecoded as UpdateExceptionListRequestDecoded };

18
x-pack/plugins/lists/common/api/exceptions/update_exception_list_item/update_exception_list_item_route.ts
View file

@ -1,18 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import {
UpdateExceptionListItemSchemaDecoded,
exceptionListItemSchema,
updateExceptionListItemSchema,
} from '@kbn/securitysolution-io-ts-list-types';
export {
updateExceptionListItemSchema as updateExceptionListItemRequest,
exceptionListItemSchema as updateExceptionListItemResponse,
};
export type { UpdateExceptionListItemSchemaDecoded as UpdateExceptionListItemRequestDecoded };

14
x-pack/plugins/lists/common/api/index.ts
View file

@ -7,24 +7,10 @@
export * from './exceptions/create_endpoint_list_item/create_endpoint_list_item_route';
export * from './exceptions/create_endpoint_list/create_endpoint_list_route';
export * from './exceptions/create_exception_list_item/create_exception_list_item_route';
export * from './exceptions/create_exception_list/create_exception_list_route';
export * from './exceptions/delete_endpoint_list_item/delete_endpoint_list_item_route';
export * from './exceptions/delete_exception_list_item/delete_exception_list_item_route';
export * from './exceptions/delete_exception_list/delete_exception_list_route';
export * from './exceptions/duplicate_exception_list/duplicate_exception_list_route';
export * from './exceptions/export_exception_list/export_exception_list_route';
export * from './exceptions/export_list_item/export_list_item_route';
export * from './exceptions/find_endpoint_list_item/find_endpoint_list_item_route';
export * from './exceptions/find_exception_list_item/find_exception_list_item_route';
export * from './exceptions/find_exception_list/find_exception_list_route';
export * from './exceptions/get_exception_filter/get_exception_filter_route';
export * from './exceptions/import_exceptions/import_exceptions_route';
export * from './exceptions/read_endpoint_list_item/read_endpoint_list_item_route';
export * from './exceptions/read_exception_list_item/read_exception_list_item_route';
export * from './exceptions/read_exception_list/read_exception_list_route';
export * from './exceptions/summary_exception_list/summary_exception_list_route';
export * from './exceptions/update_endpoint_list_item/update_endpoint_list_item_route';
export * from './exceptions/update_exception_list_item/update_exception_list_item_route';
export * from './exceptions/update_exception_list/update_exception_list_route';
export * from './values/find_lists_by_size/find_lists_by_size_route';

136
x-pack/plugins/lists/server/routes/create_exception_list_item_route.ts
View file

@ -5,18 +5,18 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { v4 as uuidv4 } from 'uuid';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
CreateExceptionListItemRequestBody,
CreateExceptionListItemResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
CreateExceptionListItemRequestDecoded,
createExceptionListItemRequest,
createExceptionListItemResponse,
} from '../../common/api';
import { buildRouteValidation, buildSiemResponse } from './utils';
import { buildSiemResponse } from './utils';
import { getExceptionListClient } from './utils/get_exception_list_client';
import { endpointDisallowedFields } from './endpoint_disallowed_fields';
import { validateEndpointExceptionItemEntries, validateExceptionListSize } from './validate';
@ -34,10 +34,7 @@ export const createExceptionListItemRoute = (router: ListsPluginRouter): void =>
{
validate: {
request: {
body: buildRouteValidation<
typeof createExceptionListItemRequest,
CreateExceptionListItemRequestDecoded
>(createExceptionListItemRequest),
body: buildRouteValidationWithZod(CreateExceptionListItemRequestBody),
},
},
version: '2023-10-31',
@ -53,7 +50,7 @@ export const createExceptionListItemRoute = (router: ListsPluginRouter): void =>
comments,
description,
entries,
item_id: itemId,
item_id: itemId = uuidv4(),
list_id: listId,
os_types: osTypes,
type,
@ -65,71 +62,74 @@ export const createExceptionListItemRoute = (router: ListsPluginRouter): void =>
listId,
namespaceType,
});
if (exceptionList == null) {
return siemResponse.error({
body: `exception list id: "${listId}" does not exist`,
statusCode: 404,
});
} else {
const exceptionListItem = await exceptionLists.getExceptionListItem({
id: undefined,
itemId,
namespaceType,
}
const exceptionListItem = await exceptionLists.getExceptionListItem({
id: undefined,
itemId,
namespaceType,
});
if (exceptionListItem != null) {
return siemResponse.error({
body: `exception list item id: "${itemId}" already exists`,
statusCode: 409,
});
if (exceptionListItem != null) {
return siemResponse.error({
body: `exception list item id: "${itemId}" already exists`,
statusCode: 409,
});
} else {
if (exceptionList.type === 'endpoint') {
const error = validateEndpointExceptionItemEntries(request.body.entries);
if (error != null) {
return siemResponse.error(error);
}
for (const entry of entries) {
if (endpointDisallowedFields.includes(entry.field)) {
return siemResponse.error({
body: `cannot add endpoint exception item on field ${entry.field}`,
statusCode: 400,
});
}
}
}
const createdList = await exceptionLists.createExceptionListItem({
comments,
description,
entries,
expireTime,
itemId,
listId,
meta,
name,
namespaceType,
osTypes,
tags,
type,
});
const [validated, errors] = validate(createdList, createExceptionListItemResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
const listSizeError = await validateExceptionListSize(
exceptionLists,
listId,
namespaceType
);
if (listSizeError != null) {
await exceptionLists.deleteExceptionListItemById({
id: createdList.id,
namespaceType,
});
return siemResponse.error(listSizeError);
}
return response.ok({ body: validated ?? {} });
}
if (exceptionList.type === 'endpoint') {
const error = validateEndpointExceptionItemEntries(request.body.entries);
if (error != null) {
return siemResponse.error(error);
}
for (const entry of entries) {
if (endpointDisallowedFields.includes(entry.field)) {
return siemResponse.error({
body: `cannot add endpoint exception item on field ${entry.field}`,
statusCode: 400,
});
}
}
}
const createdListItem = await exceptionLists.createExceptionListItem({
comments,
description,
entries,
expireTime,
itemId,
listId,
meta,
name,
namespaceType,
osTypes,
tags,
type,
});
const listSizeError = await validateExceptionListSize(
exceptionLists,
listId,
namespaceType
);
if (listSizeError != null) {
await exceptionLists.deleteExceptionListItemById({
id: createdListItem.id,
namespaceType,
});
return siemResponse.error(listSizeError);
}
return response.ok({
body: CreateExceptionListItemResponse.parse(createdListItem),
});
} catch (err) {
const error = transformError(err);
return siemResponse.error({

53
x-pack/plugins/lists/server/routes/create_exception_list_route.ts
View file

@ -5,14 +5,18 @@
* 2.0.
*/
import { v4 as uuidv4 } from 'uuid';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
CreateExceptionListRequestBody,
CreateExceptionListResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import { CreateExceptionListRequestDecoded, createExceptionListRequest } from '../../common/api';
import type { ListsPluginRouter } from '../types';
import { createExceptionListHandler } from '../handlers/create_exception_list_handler';
import { buildRouteValidation, buildSiemResponse } from './utils';
import { buildSiemResponse, getExceptionListClient } from './utils';
export const createExceptionListRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -27,10 +31,7 @@ export const createExceptionListRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
body: buildRouteValidation<
typeof createExceptionListRequest,
CreateExceptionListRequestDecoded
>(createExceptionListRequest),
body: buildRouteValidationWithZod(CreateExceptionListRequestBody),
},
},
version: '2023-10-31',
@ -38,7 +39,43 @@ export const createExceptionListRoute = (router: ListsPluginRouter): void => {
async (context, request, response) => {
const siemResponse = buildSiemResponse(response);
try {
return await createExceptionListHandler(context, request, response, siemResponse);
const {
name,
tags,
meta,
namespace_type: namespaceType,
description,
list_id: listId = uuidv4(),
type,
version,
} = request.body;
const exceptionLists = await getExceptionListClient(context);
const exceptionList = await exceptionLists.getExceptionList({
id: undefined,
listId,
namespaceType,
});
if (exceptionList != null) {
return siemResponse.error({
body: `exception list id: "${listId}" already exists`,
statusCode: 409,
});
}
const createdList = await exceptionLists.createExceptionList({
description,
immutable: false,
listId,
meta,
name,
namespaceType,
tags,
type,
version,
});
return response.ok({ body: CreateExceptionListResponse.parse(createdList) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

52
x-pack/plugins/lists/server/routes/delete_exception_list_item_route.ts
View file

@ -5,19 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
DeleteExceptionListItemRequestQuery,
DeleteExceptionListItemResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
DeleteExceptionListItemRequestQueryDecoded,
deleteExceptionListItemRequestQuery,
deleteExceptionListItemResponse,
} from '../../common/api';
import {
buildRouteValidation,
buildSiemResponse,
getErrorMessageExceptionListItem,
getExceptionListClient,
@ -36,10 +34,7 @@ export const deleteExceptionListItemRoute = (router: ListsPluginRouter): void =>
{
validate: {
request: {
query: buildRouteValidation<
typeof deleteExceptionListItemRequestQuery,
DeleteExceptionListItemRequestQueryDecoded
>(deleteExceptionListItemRequestQuery),
query: buildRouteValidationWithZod(DeleteExceptionListItemRequestQuery),
},
},
version: '2023-10-31',
@ -49,31 +44,28 @@ export const deleteExceptionListItemRoute = (router: ListsPluginRouter): void =>
try {
const exceptionLists = await getExceptionListClient(context);
const { item_id: itemId, id, namespace_type: namespaceType } = request.query;
if (itemId == null && id == null) {
return siemResponse.error({
body: 'Either "item_id" or "id" needs to be defined in the request',
statusCode: 400,
});
} else {
const deleted = await exceptionLists.deleteExceptionListItem({
id,
itemId,
namespaceType,
});
if (deleted == null) {
return siemResponse.error({
body: getErrorMessageExceptionListItem({ id, itemId }),
statusCode: 404,
});
} else {
const [validated, errors] = validate(deleted, deleteExceptionListItemResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
}
const deleted = await exceptionLists.deleteExceptionListItem({
id,
itemId,
namespaceType,
});
if (deleted == null) {
return siemResponse.error({
body: getErrorMessageExceptionListItem({ id, itemId }),
statusCode: 404,
});
}
return response.ok({ body: DeleteExceptionListItemResponse.parse(deleted) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

58
x-pack/plugins/lists/server/routes/delete_exception_list_route.ts
View file

@ -5,23 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
DeleteExceptionListRequestQuery,
DeleteExceptionListResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
DeleteExceptionListRequestQueryDecoded,
deleteExceptionListRequestQuery,
deleteExceptionListResponse,
} from '../../common/api';
import {
buildRouteValidation,
buildSiemResponse,
getErrorMessageExceptionList,
getExceptionListClient,
} from './utils';
import { buildSiemResponse, getErrorMessageExceptionList, getExceptionListClient } from './utils';
export const deleteExceptionListRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -36,10 +30,7 @@ export const deleteExceptionListRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof deleteExceptionListRequestQuery,
DeleteExceptionListRequestQueryDecoded
>(deleteExceptionListRequestQuery),
query: buildRouteValidationWithZod(DeleteExceptionListRequestQuery),
},
},
version: '2023-10-31',
@ -49,31 +40,28 @@ export const deleteExceptionListRoute = (router: ListsPluginRouter): void => {
try {
const exceptionLists = await getExceptionListClient(context);
const { list_id: listId, id, namespace_type: namespaceType } = request.query;
if (listId == null && id == null) {
return siemResponse.error({
body: 'Either "list_id" or "id" needs to be defined in the request',
statusCode: 400,
});
} else {
const deleted = await exceptionLists.deleteExceptionList({
id,
listId,
namespaceType,
});
if (deleted == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
} else {
const [validated, errors] = validate(deleted, deleteExceptionListResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
}
const deleted = await exceptionLists.deleteExceptionList({
id,
listId,
namespaceType,
});
if (deleted == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
}
return response.ok({ body: DeleteExceptionListResponse.parse(deleted) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

25
x-pack/plugins/lists/server/routes/duplicate_exception_list_route.ts
View file

@ -6,17 +6,16 @@
*/
import { transformError } from '@kbn/securitysolution-es-utils';
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
DuplicateExceptionListRequestQuery,
DuplicateExceptionListResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
DuplicateExceptionListRequestQueryDecoded,
duplicateExceptionListRequestQuery,
duplicateExceptionListResponse,
} from '../../common/api';
import { buildRouteValidation, buildSiemResponse, getExceptionListClient } from './utils';
import { buildSiemResponse, getExceptionListClient } from './utils';
export const duplicateExceptionsRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -31,10 +30,7 @@ export const duplicateExceptionsRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof duplicateExceptionListRequestQuery,
DuplicateExceptionListRequestQueryDecoded
>(duplicateExceptionListRequestQuery),
query: buildRouteValidationWithZod(DuplicateExceptionListRequestQuery),
},
},
version: '2023-10-31',
@ -83,12 +79,7 @@ export const duplicateExceptionsRoute = (router: ListsPluginRouter): void => {
});
}
const [validated, errors] = validate(duplicatedList, duplicateExceptionListResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
return response.ok({ body: DuplicateExceptionListResponse.parse(duplicatedList) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

7
x-pack/plugins/lists/server/routes/export_exception_list_route.ts
View file

@ -7,11 +7,12 @@
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import { ExportExceptionListRequestQuery } from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import { exportExceptionListRequestQuery } from '../../common/api';
import { buildRouteValidation, buildSiemResponse, getExceptionListClient } from './utils';
import { buildSiemResponse, getExceptionListClient } from './utils';
export const exportExceptionsRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -26,7 +27,7 @@ export const exportExceptionsRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation(exportExceptionListRequestQuery),
query: buildRouteValidationWithZod(ExportExceptionListRequestQuery),
},
},
version: '2023-10-31',

65
x-pack/plugins/lists/server/routes/find_exception_list_item_route.ts
View file

@ -5,18 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
FindExceptionListItemsRequestQuery,
FindExceptionListItemsResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
FindExceptionListItemRequestQueryDecoded,
findExceptionListItemRequestQuery,
findExceptionListItemResponse,
} from '../../common/api';
import { buildRouteValidation, buildSiemResponse, getExceptionListClient } from './utils';
import { buildSiemResponse, getExceptionListClient } from './utils';
export const findExceptionListItemRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -31,10 +30,7 @@ export const findExceptionListItemRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof findExceptionListItemRequestQuery,
FindExceptionListItemRequestQueryDecoded
>(findExceptionListItemRequestQuery),
query: buildRouteValidationWithZod(FindExceptionListItemsRequestQuery),
},
},
version: '2023-10-31',
@ -64,32 +60,29 @@ export const findExceptionListItemRoute = (router: ListsPluginRouter): void => {
body: `list_id and filter need to have the same comma separated number of values. Expected list_id length: ${listId.length} to equal filter length: ${filter.length}`,
statusCode: 400,
});
} else {
const exceptionListItems = await exceptionLists.findExceptionListsItem({
filter,
listId,
namespaceType,
page,
perPage,
pit: undefined,
search,
searchAfter: undefined,
sortField,
sortOrder,
});
if (exceptionListItems == null) {
return siemResponse.error({
body: `exception list id: "${listId}" does not exist`,
statusCode: 404,
});
}
const [validated, errors] = validate(exceptionListItems, findExceptionListItemResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
const exceptionListItems = await exceptionLists.findExceptionListsItem({
filter,
listId,
namespaceType,
page,
perPage,
pit: undefined,
search,
searchAfter: undefined,
sortField,
sortOrder,
});
if (exceptionListItems == null) {
return siemResponse.error({
body: `exception list id: "${listId}" does not exist`,
statusCode: 404,
});
}
return response.ok({ body: FindExceptionListItemsResponse.parse(exceptionListItems) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

26
x-pack/plugins/lists/server/routes/find_exception_list_route.ts
View file

@ -5,18 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
FindExceptionListsRequestQuery,
FindExceptionListsResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
FindExceptionListRequestQueryDecoded,
findExceptionListRequestQuery,
findExceptionListResponse,
} from '../../common/api';
import { buildRouteValidation, buildSiemResponse, getExceptionListClient } from './utils';
import { buildSiemResponse, getExceptionListClient } from './utils';
export const findExceptionListRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -31,10 +30,7 @@ export const findExceptionListRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof findExceptionListRequestQuery,
FindExceptionListRequestQueryDecoded
>(findExceptionListRequestQuery),
query: buildRouteValidationWithZod(FindExceptionListsRequestQuery),
},
},
version: '2023-10-31',
@ -61,12 +57,8 @@ export const findExceptionListRoute = (router: ListsPluginRouter): void => {
sortField,
sortOrder,
});
const [validated, errors] = validate(exceptionListItems, findExceptionListResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
return response.ok({ body: FindExceptionListsResponse.parse(exceptionListItems) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

27
x-pack/plugins/lists/server/routes/import_exceptions_route.ts
View file

@ -10,17 +10,16 @@ import { extname } from 'path';
import { schema } from '@kbn/config-schema';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
ImportExceptionListRequestQuery,
ImportExceptionListResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import { ConfigType } from '../config';
import {
ImportExceptionsRequestQueryDecoded,
importExceptionsRequestQuery,
importExceptionsResponse,
} from '../../common/api';
import { buildRouteValidation, buildSiemResponse, getExceptionListClient } from './utils';
import { buildSiemResponse, getExceptionListClient } from './utils';
/**
* Takes an ndjson file of exception lists and exception list items and
@ -45,10 +44,7 @@ export const importExceptionsRoute = (router: ListsPluginRouter, config: ConfigT
validate: {
request: {
body: schema.any(), // validation on file object is accomplished later in the handler.
query: buildRouteValidation<
typeof importExceptionsRequestQuery,
ImportExceptionsRequestQueryDecoded
>(importExceptionsRequestQuery),
query: buildRouteValidationWithZod(ImportExceptionListRequestQuery),
},
},
version: '2023-10-31',
@ -60,6 +56,7 @@ export const importExceptionsRoute = (router: ListsPluginRouter, config: ConfigT
try {
const { filename } = request.body.file.hapi;
const fileExtension = extname(filename).toLowerCase();
if (fileExtension !== '.ndjson') {
return siemResponse.error({
body: `Invalid file extension ${fileExtension}`,
@ -74,13 +71,7 @@ export const importExceptionsRoute = (router: ListsPluginRouter, config: ConfigT
overwrite: request.query.overwrite,
});
const [validated, errors] = validate(importsSummary, importExceptionsResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
return response.ok({ body: ImportExceptionListResponse.parse(importsSummary) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

56
x-pack/plugins/lists/server/routes/list/create_list_route.ts
View file

@ -46,34 +46,36 @@ export const createListRoute = (router: ListsPluginRouter): void => {
body: `To create a list, the data stream must exist first. Data stream "${lists.getListName()}" does not exist`,
statusCode: 400,
});
} else {
// needs to be migrated to data stream
if (!dataStreamExists && indexExists) {
await lists.migrateListIndexToDataStream();
}
if (id != null) {
const list = await lists.getList({ id });
if (list != null) {
return siemResponse.error({
body: `list id: "${id}" already exists`,
statusCode: 409,
});
}
}
const list = await lists.createList({
description,
deserializer,
id,
immutable: false,
meta,
name,
serializer,
type,
version,
});
return response.ok({ body: CreateListResponse.parse(list) });
}
// needs to be migrated to data stream
if (!dataStreamExists && indexExists) {
await lists.migrateListIndexToDataStream();
}
if (id != null) {
const list = await lists.getList({ id });
if (list != null) {
return siemResponse.error({
body: `list id: "${id}" already exists`,
statusCode: 409,
});
}
}
const list = await lists.createList({
description,
deserializer,
id,
immutable: false,
meta,
name,
serializer,
type,
version,
});
return response.ok({ body: CreateListResponse.parse(list) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

9
x-pack/plugins/lists/server/routes/list/delete_list_route.ts
View file

@ -116,16 +116,17 @@ export const deleteListRoute = (router: ListsPluginRouter): void => {
}
const deleted = await lists.deleteList({ id });
if (deleted == null) {
return siemResponse.error({
body: `list id: "${id}" was not found`,
statusCode: 404,
});
} else {
return response.ok({
body: DeleteListResponse.parse(deleted),
});
}
return response.ok({
body: DeleteListResponse.parse(deleted),
});
} catch (err) {
const error = transformError(err);
return siemResponse.error({

5
x-pack/plugins/lists/server/routes/list/patch_list_route.ts
View file

@ -48,14 +48,15 @@ export const patchListRoute = (router: ListsPluginRouter): void => {
}
const list = await lists.patchList({ _version, description, id, meta, name, version });
if (list == null) {
return siemResponse.error({
body: `list id: "${id}" not found`,
statusCode: 404,
});
} else {
return response.ok({ body: PatchListResponse.parse(list) });
}
return response.ok({ body: PatchListResponse.parse(list) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

5
x-pack/plugins/lists/server/routes/list/read_list_route.ts
View file

@ -38,14 +38,15 @@ export const readListRoute = (router: ListsPluginRouter): void => {
const { id } = request.query;
const lists = await getListClient(context);
const list = await lists.getList({ id });
if (list == null) {
return siemResponse.error({
body: `list id: "${id}" does not exist`,
statusCode: 404,
});
} else {
return response.ok({ body: GetListResponse.parse(list) });
}
return response.ok({ body: GetListResponse.parse(list) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

5
x-pack/plugins/lists/server/routes/list/update_list_route.ts
View file

@ -48,14 +48,15 @@ export const updateListRoute = (router: ListsPluginRouter): void => {
}
const list = await lists.updateList({ _version, description, id, meta, name, version });
if (list == null) {
return siemResponse.error({
body: `list id: "${id}" not found`,
statusCode: 404,
});
} else {
return response.ok({ body: UpdateListResponse.parse(list) });
}
return response.ok({ body: UpdateListResponse.parse(list) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

27
x-pack/plugins/lists/server/routes/list_index/export_list_item_route.ts
View file

@ -40,25 +40,26 @@ export const exportListItemRoute = (router: ListsPluginRouter): void => {
const { list_id: listId } = request.query;
const lists = await getListClient(context);
const list = await lists.getList({ id: listId });
if (list == null) {
return siemResponse.error({
body: `list_id: ${listId} does not exist`,
statusCode: 400,
});
} else {
// TODO: Allow the API to override the name of the file to export
const fileName = list.name;
const stream = new Stream.PassThrough();
lists.exportListItemsToStream({ listId, stream, stringToAppend: '\n' });
return response.ok({
body: stream,
headers: {
'Content-Disposition': `attachment; filename="${fileName}"`,
'Content-Type': 'application/ndjson',
},
});
}
// TODO: Allow the API to override the name of the file to export
const fileName = list.name;
const stream = new Stream.PassThrough();
lists.exportListItemsToStream({ listId, stream, stringToAppend: '\n' });
return response.ok({
body: stream,
headers: {
'Content-Disposition': `attachment; filename="${fileName}"`,
'Content-Type': 'application/ndjson',
},
});
} catch (err) {
const error = transformError(err);
return siemResponse.error({

27
x-pack/plugins/lists/server/routes/list_index/find_list_route.ts
View file

@ -58,25 +58,26 @@ export const findListRoute = (router: ListsPluginRouter): void => {
perPage,
sortField,
});
if (!isValid) {
return siemResponse.error({
body: errorMessage,
statusCode: 400,
});
} else {
const exceptionList = await lists.findList({
currentIndexPosition,
filter,
page,
perPage,
runtimeMappings: undefined,
searchAfter,
sortField,
sortOrder,
});
return response.ok({ body: FindListsResponse.parse(exceptionList) });
}
const exceptionList = await lists.findList({
currentIndexPosition,
filter,
page,
perPage,
runtimeMappings: undefined,
searchAfter,
sortField,
sortOrder,
});
return response.ok({ body: FindListsResponse.parse(exceptionList) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

51
x-pack/plugins/lists/server/routes/list_item/create_list_item_route.ts
View file

@ -41,41 +41,42 @@ export const createListItemRoute = (router: ListsPluginRouter): void => {
const { id, list_id: listId, value, meta, refresh } = request.body;
const lists = await getListClient(context);
const list = await lists.getList({ id: listId });
if (list == null) {
return siemResponse.error({
body: `list id: "${listId}" does not exist`,
statusCode: 404,
});
} else {
if (id != null) {
const listItem = await lists.getListItem({ id });
if (listItem != null) {
return siemResponse.error({
body: `list item id: "${id}" already exists`,
statusCode: 409,
});
}
}
const createdListItem = await lists.createListItem({
deserializer: list.deserializer,
id,
listId,
meta,
refresh,
serializer: list.serializer,
type: list.type,
value,
});
}
if (createdListItem != null) {
return response.ok({ body: CreateListItemResponse.parse(createdListItem) });
} else {
if (id != null) {
const listItem = await lists.getListItem({ id });
if (listItem != null) {
return siemResponse.error({
body: 'list item invalid',
statusCode: 400,
body: `list item id: "${id}" already exists`,
statusCode: 409,
});
}
}
const createdListItem = await lists.createListItem({
deserializer: list.deserializer,
id,
listId,
meta,
refresh,
serializer: list.serializer,
type: list.type,
value,
});
if (createdListItem != null) {
return response.ok({ body: CreateListItemResponse.parse(createdListItem) });
} else {
return siemResponse.error({
body: 'list item invalid',
statusCode: 400,
});
}
} catch (err) {
const error = transformError(err);
return siemResponse.error({

36
x-pack/plugins/lists/server/routes/list_item/delete_list_item_route.ts
View file

@ -48,32 +48,34 @@ export const deleteListItemRoute = (router: ListsPluginRouter): void => {
body: `list item with id: "${id}" not found`,
statusCode: 404,
});
} else {
return response.ok({ body: DeleteListItemResponse.parse(deleted) });
}
return response.ok({ body: DeleteListItemResponse.parse(deleted) });
} else if (listId != null && value != null) {
const list = await lists.getList({ id: listId });
if (list == null) {
return siemResponse.error({
body: `list_id: "${listId}" does not exist`,
statusCode: 404,
});
} else {
const deleted = await lists.deleteListItemByValue({
listId,
refresh: shouldRefresh,
type: list.type,
value,
});
if (deleted == null || deleted.length === 0) {
return siemResponse.error({
body: `list_id: "${listId}" with ${value} was not found`,
statusCode: 404,
});
} else {
return response.ok({ body: DeleteListItemResponse.parse(deleted) });
}
}
const deleted = await lists.deleteListItemByValue({
listId,
refresh: shouldRefresh,
type: list.type,
value,
});
if (deleted == null || deleted.length === 0) {
return siemResponse.error({
body: `list_id: "${listId}" with ${value} was not found`,
statusCode: 404,
});
}
return response.ok({ body: DeleteListItemResponse.parse(deleted) });
} else {
return siemResponse.error({
body: 'Either "list_id" or "id" needs to be defined in the request',

41
x-pack/plugins/lists/server/routes/list_item/find_list_item_route.ts
View file

@ -68,27 +68,28 @@ export const findListItemRoute = (router: ListsPluginRouter): void => {
body: errorMessage,
statusCode: 400,
});
} else {
const exceptionList = await lists.findListItem({
currentIndexPosition,
filter,
listId,
page,
perPage,
runtimeMappings: undefined,
searchAfter,
sortField,
sortOrder,
});
if (exceptionList == null) {
return siemResponse.error({
body: `list id: "${listId}" does not exist`,
statusCode: 404,
});
} else {
return response.ok({ body: FindListItemsResponse.parse(exceptionList) });
}
}
const exceptionList = await lists.findListItem({
currentIndexPosition,
filter,
listId,
page,
perPage,
runtimeMappings: undefined,
searchAfter,
sortField,
sortOrder,
});
if (exceptionList == null) {
return siemResponse.error({
body: `list id: "${listId}" does not exist`,
statusCode: 404,
});
}
return response.ok({ body: FindListItemsResponse.parse(exceptionList) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

5
x-pack/plugins/lists/server/routes/list_item/patch_list_item_route.ts
View file

@ -58,14 +58,15 @@ export const patchListItemRoute = (router: ListsPluginRouter): void => {
refresh: shouldRefresh,
value,
});
if (listItem == null) {
return siemResponse.error({
body: `list item id: "${id}" not found`,
statusCode: 404,
});
} else {
return response.ok({ body: PatchListItemResponse.parse(listItem) });
}
return response.ok({ body: PatchListItemResponse.parse(listItem) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

36
x-pack/plugins/lists/server/routes/list_item/read_list_item_route.ts
View file

@ -40,38 +40,42 @@ export const readListItemRoute = (router: ListsPluginRouter): void => {
try {
const { id, list_id: listId, value } = request.query;
const lists = await getListClient(context);
if (id != null) {
const listItem = await lists.getListItem({ id });
if (listItem == null) {
return siemResponse.error({
body: `list item id: "${id}" does not exist`,
statusCode: 404,
});
} else {
return response.ok({ body: GetListItemResponse.parse(listItem) });
}
return response.ok({ body: GetListItemResponse.parse(listItem) });
} else if (listId != null && value != null) {
const list = await lists.getList({ id: listId });
if (list == null) {
return siemResponse.error({
body: `list id: "${listId}" does not exist`,
statusCode: 404,
});
} else {
const listItem = await lists.getListItemByValue({
listId,
type: list.type,
value,
});
if (listItem.length === 0) {
return siemResponse.error({
body: `list_id: "${listId}" item of ${value} does not exist`,
statusCode: 404,
});
} else {
return response.ok({ body: GetListItemResponse.parse(listItem) });
}
}
const listItem = await lists.getListItemByValue({
listId,
type: list.type,
value,
});
if (listItem.length === 0) {
return siemResponse.error({
body: `list_id: "${listId}" item of ${value} does not exist`,
statusCode: 404,
});
}
return response.ok({ body: GetListItemResponse.parse(listItem) });
} else {
return siemResponse.error({
body: 'Either "list_id" or "id" needs to be defined in the request',

5
x-pack/plugins/lists/server/routes/list_item/update_list_item_route.ts
View file

@ -56,14 +56,15 @@ export const updateListItemRoute = (router: ListsPluginRouter): void => {
meta,
value,
});
if (listItem == null) {
return siemResponse.error({
body: `list item id: "${id}" not found`,
statusCode: 404,
});
} else {
return response.ok({ body: UpdateListItemResponse.parse(listItem) });
}
return response.ok({ body: UpdateListItemResponse.parse(listItem) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

57
x-pack/plugins/lists/server/routes/read_exception_list_item_route.ts
View file

@ -5,19 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
GetExceptionListItemRequestQuery,
GetExceptionListItemResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
ReadExceptionListItemRequestQueryDecoded,
readExceptionListItemRequestQuery,
readExceptionListItemResponse,
} from '../../common/api';
import {
buildRouteValidation,
buildSiemResponse,
getErrorMessageExceptionListItem,
getExceptionListClient,
@ -36,10 +34,7 @@ export const readExceptionListItemRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof readExceptionListItemRequestQuery,
ReadExceptionListItemRequestQueryDecoded
>(readExceptionListItemRequestQuery),
query: buildRouteValidationWithZod(GetExceptionListItemRequestQuery),
},
},
version: '2023-10-31',
@ -49,31 +44,25 @@ export const readExceptionListItemRoute = (router: ListsPluginRouter): void => {
try {
const { id, item_id: itemId, namespace_type: namespaceType } = request.query;
const exceptionLists = await getExceptionListClient(context);
if (id != null || itemId != null) {
const exceptionListItem = await exceptionLists.getExceptionListItem({
id,
itemId,
namespaceType,
});
if (exceptionListItem == null) {
return siemResponse.error({
body: getErrorMessageExceptionListItem({ id, itemId }),
statusCode: 404,
});
} else {
const [validated, errors] = validate(
exceptionListItem,
readExceptionListItemResponse
);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
} else {
if (id == null && itemId == null) {
return siemResponse.error({ body: 'id or item_id required', statusCode: 400 });
}
const exceptionListItem = await exceptionLists.getExceptionListItem({
id,
itemId,
namespaceType,
});
if (exceptionListItem == null) {
return siemResponse.error({
body: getErrorMessageExceptionListItem({ id, itemId }),
statusCode: 404,
});
}
return response.ok({ body: GetExceptionListItemResponse.parse(exceptionListItem) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

59
x-pack/plugins/lists/server/routes/read_exception_list_route.ts
View file

@ -5,23 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
GetExceptionListRequestQuery,
GetExceptionListResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
ReadExceptionListRequestQueryDecoded,
readExceptionListRequestQuery,
readExceptionListResponse,
} from '../../common/api';
import {
buildRouteValidation,
buildSiemResponse,
getErrorMessageExceptionList,
getExceptionListClient,
} from './utils';
import { buildSiemResponse, getErrorMessageExceptionList, getExceptionListClient } from './utils';
export const readExceptionListRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -36,10 +30,7 @@ export const readExceptionListRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof readExceptionListRequestQuery,
ReadExceptionListRequestQueryDecoded
>(readExceptionListRequestQuery),
query: buildRouteValidationWithZod(GetExceptionListRequestQuery),
},
},
version: '2023-10-31',
@ -49,28 +40,24 @@ export const readExceptionListRoute = (router: ListsPluginRouter): void => {
try {
const { id, list_id: listId, namespace_type: namespaceType } = request.query;
const exceptionLists = await getExceptionListClient(context);
if (id != null || listId != null) {
const exceptionList = await exceptionLists.getExceptionList({
id,
listId,
namespaceType,
});
if (exceptionList == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
} else {
const [validated, errors] = validate(exceptionList, readExceptionListResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
} else {
if (id == null && listId == null) {
return siemResponse.error({ body: 'id or list_id required', statusCode: 400 });
}
const exceptionList = await exceptionLists.getExceptionList({
id,
listId,
namespaceType,
});
if (exceptionList == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
}
return response.ok({ body: GetExceptionListResponse.parse(exceptionList) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

67
x-pack/plugins/lists/server/routes/summary_exception_list_route.ts
View file

@ -5,23 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
GetExceptionListSummaryRequestQuery,
GetExceptionListSummaryResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
SummaryExceptionListRequestQueryDecoded,
summaryExceptionListRequestQuery,
summaryExceptionListResponse,
} from '../../common/api';
import {
buildRouteValidation,
buildSiemResponse,
getErrorMessageExceptionList,
getExceptionListClient,
} from './utils';
import { buildSiemResponse, getErrorMessageExceptionList, getExceptionListClient } from './utils';
export const summaryExceptionListRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -36,10 +30,7 @@ export const summaryExceptionListRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
query: buildRouteValidation<
typeof summaryExceptionListRequestQuery,
SummaryExceptionListRequestQueryDecoded
>(summaryExceptionListRequestQuery),
query: buildRouteValidationWithZod(GetExceptionListSummaryRequestQuery),
},
},
version: '2023-10-31',
@ -49,32 +40,28 @@ export const summaryExceptionListRoute = (router: ListsPluginRouter): void => {
try {
const { id, list_id: listId, namespace_type: namespaceType, filter } = request.query;
const exceptionLists = await getExceptionListClient(context);
if (id != null || listId != null) {
const exceptionListSummary = await exceptionLists.getExceptionListSummary({
filter,
id,
listId,
namespaceType,
});
if (exceptionListSummary == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
} else {
const [validated, errors] = validate(
exceptionListSummary,
summaryExceptionListResponse
);
if (errors != null) {
return response.ok({ body: exceptionListSummary });
} else {
return response.ok({ body: validated ?? {} });
}
}
} else {
if (id == null && listId == null) {
return siemResponse.error({ body: 'id or list_id required', statusCode: 400 });
}
const exceptionListSummary = await exceptionLists.getExceptionListSummary({
filter,
id,
listId,
namespaceType,
});
if (exceptionListSummary == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
}
return response.ok({
body: GetExceptionListSummaryResponse.parse(exceptionListSummary),
});
} catch (err) {
const error = transformError(err);
return siemResponse.error({

94
x-pack/plugins/lists/server/routes/update_exception_list_item_route.ts
View file

@ -5,19 +5,18 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { updateExceptionListItemValidate } from '@kbn/securitysolution-io-ts-list-types';
import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
UpdateExceptionListItemRequestBody,
UpdateExceptionListItemResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
UpdateExceptionListItemRequestDecoded,
updateExceptionListItemRequest,
updateExceptionListItemResponse,
} from '../../common/api';
import { buildRouteValidation, buildSiemResponse } from './utils';
import { buildSiemResponse } from './utils';
import { validateCommentsToUpdate } from './utils/validate_comments_to_update';
import { getExceptionListClient } from '.';
@ -34,17 +33,14 @@ export const updateExceptionListItemRoute = (router: ListsPluginRouter): void =>
{
validate: {
request: {
body: buildRouteValidation<
typeof updateExceptionListItemRequest,
UpdateExceptionListItemRequestDecoded
>(updateExceptionListItemRequest),
body: buildRouteValidationWithZod(UpdateExceptionListItemRequestBody),
},
},
version: '2023-10-31',
},
async (context, request, response) => {
const siemResponse = buildSiemResponse(response);
const validationErrors = updateExceptionListItemValidate(request.body);
const validationErrors = validateCommentsToUpdate(request.body.comments);
if (validationErrors.length) {
return siemResponse.error({ body: validationErrors, statusCode: 400 });
}
@ -65,52 +61,44 @@ export const updateExceptionListItemRoute = (router: ListsPluginRouter): void =>
tags,
expire_time: expireTime,
} = request.body;
if (id == null && itemId == null) {
return siemResponse.error({
body: 'either id or item_id need to be defined',
statusCode: 404,
});
} else {
const exceptionLists = await getExceptionListClient(context);
const exceptionListItem = await exceptionLists.updateOverwriteExceptionListItem({
_version,
comments,
description,
entries,
expireTime,
id,
itemId,
meta,
name,
namespaceType,
osTypes,
tags,
type,
});
if (exceptionListItem == null) {
if (id != null) {
return siemResponse.error({
body: `exception list item id: "${id}" does not exist`,
statusCode: 404,
});
} else {
return siemResponse.error({
body: `exception list item item_id: "${itemId}" does not exist`,
statusCode: 404,
});
}
} else {
const [validated, errors] = validate(
exceptionListItem,
updateExceptionListItemResponse
);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
}
const exceptionLists = await getExceptionListClient(context);
const exceptionListItem = await exceptionLists.updateOverwriteExceptionListItem({
_version,
comments,
description,
entries,
expireTime,
id,
itemId,
meta,
name,
namespaceType,
osTypes,
tags,
type,
});
if (exceptionListItem == null) {
return siemResponse.error({
body:
id != null
? `exception list item id: "${id}" does not exist`
: `exception list item item_id: "${itemId}" does not exist`,
statusCode: 404,
});
}
return response.ok({
body: UpdateExceptionListItemResponse.parse(exceptionListItem),
});
} catch (err) {
const error = transformError(err);
return siemResponse.error({

74
x-pack/plugins/lists/server/routes/update_exception_list_route.ts
View file

@ -5,23 +5,17 @@
* 2.0.
*/
import { validate } from '@kbn/securitysolution-io-ts-utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
UpdateExceptionListRequestBody,
UpdateExceptionListResponse,
} from '@kbn/securitysolution-exceptions-common/api';
import type { ListsPluginRouter } from '../types';
import {
UpdateExceptionListRequestDecoded,
updateExceptionListRequest,
updateExceptionListResponse,
} from '../../common/api';
import {
buildRouteValidation,
buildSiemResponse,
getErrorMessageExceptionList,
getExceptionListClient,
} from './utils';
import { buildSiemResponse, getErrorMessageExceptionList, getExceptionListClient } from './utils';
export const updateExceptionListRoute = (router: ListsPluginRouter): void => {
router.versioned
@ -36,10 +30,7 @@ export const updateExceptionListRoute = (router: ListsPluginRouter): void => {
{
validate: {
request: {
body: buildRouteValidation<
typeof updateExceptionListRequest,
UpdateExceptionListRequestDecoded
>(updateExceptionListRequest),
body: buildRouteValidationWithZod(UpdateExceptionListRequestBody),
},
},
version: '2023-10-31',
@ -61,39 +52,36 @@ export const updateExceptionListRoute = (router: ListsPluginRouter): void => {
version,
} = request.body;
const exceptionLists = await getExceptionListClient(context);
if (id == null && listId == null) {
return siemResponse.error({
body: 'either id or list_id need to be defined',
statusCode: 404,
});
} else {
const list = await exceptionLists.updateExceptionList({
_version,
description,
id,
listId,
meta,
name,
namespaceType,
osTypes,
tags,
type,
version,
});
if (list == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
} else {
const [validated, errors] = validate(list, updateExceptionListResponse);
if (errors != null) {
return siemResponse.error({ body: errors, statusCode: 500 });
} else {
return response.ok({ body: validated ?? {} });
}
}
}
const list = await exceptionLists.updateExceptionList({
_version,
description,
id,
listId,
meta,
name,
namespaceType,
osTypes,
tags,
type,
version,
});
if (list == null) {
return siemResponse.error({
body: getErrorMessageExceptionList({ id, listId }),
statusCode: 404,
});
}
return response.ok({ body: UpdateExceptionListResponse.parse(list) });
} catch (err) {
const error = transformError(err);
return siemResponse.error({

30
x-pack/plugins/lists/server/routes/utils/validate_comments_to_update.test.ts Normal file
View file

@ -0,0 +1,30 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { validateCommentsToUpdate } from './validate_comments_to_update';
describe('update_exception_list_item_validation', () => {
describe('#validateComments', () => {
test('it returns no errors if new comments are append only', () => {
const comments = [{ comment: 'Im an old comment', id: '1' }, { comment: 'Im a new comment' }];
const output = validateCommentsToUpdate(comments);
expect(output).toEqual([]);
});
test('it returns error if comments are not append only', () => {
const comments = [
{ comment: 'Im an old comment', id: '1' },
{ comment: 'Im a new comment modifying the order of existing comments' },
{ comment: 'Im an old comment', id: '2' },
];
const output = validateCommentsToUpdate(comments);
expect(output).toEqual(['item "comments" are append only']);
});
});
});

Some files were not shown because too many files have changed in this diff Show more