[Security Solution][Exceptions] - Adds missing not expressions (#137463)

## Summary Addresses issue #137440 In new UI, missed some of the `not` translations. Updated UI and added unit tests for each expression.
2025-04-23 17:28:26 -04:00 · 2022-07-28 10:37:00 -07:00 · 2022-07-28 10:37:00 -07:00 · da589a1146
commit da589a1146
parent c81fd867c0
3 changed files with 105 additions and 10 deletions
--- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item_card/exception_item_card_conditions.test.tsx
+++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item_card/exception_item_card_conditions.test.tsx
@ -73,6 +73,24 @@ describe('ExceptionItemCardConditions', () => {
              type: 'match',
              value: 'host',
            },
+            {
+              field: 'host.name',
+              operator: 'excluded',
+              type: 'match',
+              value: 'host',
+            },
+            {
+              field: 'host.name',
+              operator: 'included',
+              type: 'match_any',
+              value: ['foo', 'bar'],
+            },
+            {
+              field: 'host.name',
+              operator: 'excluded',
+              type: 'match_any',
+              value: ['foo', 'bar'],
+            },
            {
              field: 'user.name',
              operator: 'included',
@ -80,19 +98,21 @@ describe('ExceptionItemCardConditions', () => {
              value: 'foo*',
            },
            {
-              field: 'host.name',
-              list: {
-                id: 'ips.txt',
-                type: 'keyword',
-              },
-              operator: 'included',
-              type: 'list',
+              field: 'user.name',
+              operator: 'excluded',
+              type: 'wildcard',
+              value: 'foo*',
            },
            {
              field: 'threat.indicator.port',
              operator: 'included',
              type: 'exists',
            },
+            {
+              field: 'threat.indicator.port',
+              operator: 'excluded',
+              type: 'exists',
+            },
            {
              entries: [
                {
@ -113,20 +133,79 @@ describe('ExceptionItemCardConditions', () => {

    // Text is gonna look a bit off unformatted
    expect(wrapper.find('[data-test-subj="exceptionItemConditions-os"]').exists()).toBeFalsy();
+    // MATCH
    expect(
      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(0).text()
    ).toEqual(' host.nameIS host');
    expect(
      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(1).text()
-    ).toEqual('AND user.nameMATCHES foo*');
+    ).toEqual('AND host.nameIS NOT host');
+
+    // MATCH_ANY
    expect(
      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(2).text()
-    ).toEqual('AND host.nameincluded in ips.txt');
+    ).toEqual('AND host.nameis one of foobar');
    expect(
      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(3).text()
-    ).toEqual('AND threat.indicator.portexists ');
+    ).toEqual('AND host.nameis not one of foobar');
+
+    // WILDCARD
    expect(
      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(4).text()
+    ).toEqual('AND user.nameMATCHES foo*');
+    expect(
+      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(5).text()
+    ).toEqual('AND user.nameDOES NOT MATCH foo*');
+
+    // EXISTS
+    expect(
+      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(6).text()
+    ).toEqual('AND threat.indicator.portexists ');
+    expect(
+      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(7).text()
+    ).toEqual('AND threat.indicator.portdoes not exist ');
+
+    // NESTED
+    expect(
+      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(8).text()
    ).toEqual('AND file.Ext.code_signature  validIS true');
  });
+
+  it('it renders list conditions', () => {
+    const wrapper = mount(
+      <TestProviders>
+        <ExceptionItemCardConditions
+          entries={[
+            {
+              field: 'host.name',
+              list: {
+                id: 'ips.txt',
+                type: 'keyword',
+              },
+              operator: 'included',
+              type: 'list',
+            },
+            {
+              field: 'host.name',
+              list: {
+                id: 'ips.txt',
+                type: 'keyword',
+              },
+              operator: 'excluded',
+              type: 'list',
+            },
+          ]}
+          dataTestSubj="exceptionItemConditions"
+        />
+      </TestProviders>
+    );
+
+    // Text is gonna look a bit off unformatted
+    expect(
+      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(0).text()
+    ).toEqual(' host.nameincluded in ips.txt');
+    expect(
+      wrapper.find('[data-test-subj="exceptionItemConditions-condition"]').at(1).text()
+    ).toEqual('AND host.nameis not included in ips.txt');
+  });
 });
--- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item_card/exception_item_card_conditions.tsx
+++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item_card/exception_item_card_conditions.tsx
@ -42,6 +42,8 @@ const OPERATOR_TYPE_LABELS_EXCLUDED = Object.freeze({
  [ListOperatorTypeEnum.MATCH_ANY]: i18n.CONDITION_OPERATOR_TYPE_NOT_MATCH_ANY,
  [ListOperatorTypeEnum.MATCH]: i18n.CONDITION_OPERATOR_TYPE_NOT_MATCH,
  [ListOperatorTypeEnum.WILDCARD]: i18n.CONDITION_OPERATOR_TYPE_WILDCARD_DOES_NOT_MATCH,
+  [ListOperatorTypeEnum.EXISTS]: i18n.CONDITION_OPERATOR_TYPE_DOES_NOT_EXIST,
+  [ListOperatorTypeEnum.LIST]: i18n.CONDITION_OPERATOR_TYPE_NOT_IN_LIST,
 });

 const EuiFlexGroupNested = styled(EuiFlexGroup)`
--- a/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item_card/translations.ts
+++ b/x-pack/plugins/security_solution/public/common/components/exceptions/viewer/exception_item_card/translations.ts
@ -104,6 +104,13 @@ export const CONDITION_OPERATOR_TYPE_EXISTS = i18n.translate(
  }
 );

+export const CONDITION_OPERATOR_TYPE_DOES_NOT_EXIST = i18n.translate(
+  'xpack.securitySolution.exceptions.exceptionItem.conditions.existsOperator.not',
+  {
+    defaultMessage: 'does not exist',
+  }
+);
+
 export const CONDITION_OPERATOR_TYPE_LIST = i18n.translate(
  'xpack.securitySolution.exceptions.exceptionItem.conditions.listOperator',
  {
@ -111,6 +118,13 @@ export const CONDITION_OPERATOR_TYPE_LIST = i18n.translate(
  }
 );

+export const CONDITION_OPERATOR_TYPE_NOT_IN_LIST = i18n.translate(
+  'xpack.securitySolution.exceptions.exceptionItem.conditions.listOperator.not',
+  {
+    defaultMessage: 'is not included in',
+  }
+);
+
 export const CONDITION_AND = i18n.translate(
  'xpack.securitySolution.exceptions.exceptionItem.conditions.and',
  {