[Files] Do not doubly escape search queries (#159793)

## Summary Closes https://github.com/elastic/kibana/issues/159783 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
2025-04-23 09:19:04 -04:00 · 2023-06-19 14:19:26 +02:00 · 2023-06-19 14:19:26 +02:00 · 9fc99470a7
commit 9fc99470a7
parent b0604a833f
3 changed files with 22 additions and 8 deletions
--- a/src/plugins/files/server/file_client/file_metadata_client/adapters/query_filters.ts
+++ b/src/plugins/files/server/file_client/file_metadata_client/adapters/query_filters.ts
@ -7,7 +7,7 @@
 */

 import { pipe, forEach } from 'lodash/fp';
-import { escapeKuery, KueryNode, nodeBuilder, nodeTypes } from '@kbn/es-query';
+import { KueryNode, nodeBuilder, nodeTypes } from '@kbn/es-query';

 import { getFlattenedObject } from '@kbn/std';

@ -44,7 +44,7 @@ export function filterArgsToKuery({
        .map((value) =>
          nodeBuilder.is(
            `${attrPrefix}.${fieldName}`,
-            isWildcard ? nodeTypes.wildcard.buildNode(value) : escapeKuery(value)
+            isWildcard ? nodeTypes.wildcard.buildNode(value) : value
          )
        );
      kueryExpressions.push(nodeBuilder.or(orExpressions));
@ -56,10 +56,7 @@ export function filterArgsToKuery({
      const andExpressions = values
        .filter(Boolean)
        .map((value) =>
-          nodeTypes.function.buildNode(
-            'not',
-            nodeBuilder.is(`${attrPrefix}.${fieldName}`, escapeKuery(value))
-          )
+          nodeTypes.function.buildNode('not', nodeBuilder.is(`${attrPrefix}.${fieldName}`, value))
        );
      kueryExpressions.push(nodeBuilder.and(andExpressions));
    }
--- a/src/plugins/files/server/file_share_service/internal_file_share_service.ts
+++ b/src/plugins/files/server/file_share_service/internal_file_share_service.ts
@ -13,7 +13,7 @@ import {
  ISavedObjectsRepository,
  SavedObjectsErrorHelpers,
 } from '@kbn/core/server';
-import { nodeBuilder, escapeKuery } from '@kbn/es-query';
+import { nodeBuilder } from '@kbn/es-query';
 import { UsageCounter } from '@kbn/usage-collection-plugin/server';
 import type {
  Pagination,
@ -232,7 +232,7 @@ export class InternalFileShareService implements FileShareServiceStart {
      saved_objects: [share],
    } = await this.savedObjects.find<FileShare>({
      type: this.savedObjectsType,
-      filter: nodeBuilder.is(`${this.savedObjectsType}.attributes.token`, escapeKuery(token)),
+      filter: nodeBuilder.is(`${this.savedObjectsType}.attributes.token`, token),
    });

    if (!share) {
--- a/src/plugins/files/server/routes/file_kind/integration_tests/file_kind_http.test.ts
+++ b/src/plugins/files/server/routes/file_kind/integration_tests/file_kind_http.test.ts
@ -172,6 +172,23 @@ describe('File kind HTTP API', () => {
    expect(files3.length).toBe(2);
  });

+  test('can filter by mime type with special characters', async () => {
+    await createFile({ name: 'test', mimeType: 'image/x:123' });
+    await createFile({ name: 'test 2', mimeType: 'text/html' });
+
+    const {
+      body: { files },
+    } = await request
+      .post(root, `/api/files/files/${fileKind}/list`)
+      .send({
+        mimeType: 'image/x:123',
+      })
+      .expect(200);
+
+    expect(files.length).toBe(1);
+    expect(files[0]).toMatchObject({ name: 'test' });
+  });
+
  test('can filter by file extension', async () => {
    await createFile({ name: 'test', mimeType: 'image/png' });
    await createFile({ name: 'test 2', mimeType: 'text/html' });