[Security Solution][Detections] Prevent rules from being created with…

… a blank name or description (#82087) (#82319) * Prevent rules from being created with a blank name or description Our validations were a little lax here. While the fields did not cause any errors as they're still strings, the lack of content causes some UX weirdness that we should prevent. Closes #81319 * Fix unit tests for rule updates Adding in the other required fields here to get a more concise error. Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
elastic · Nov 2, 2020 · 3aec8c3 · 3aec8c3
1 parent fc4a04b
commit 3aec8c3
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 2 deletions.
diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts
@@ -14,6 +14,7 @@ import { UUID } from '../types/uuid';
 import { IsoDateString } from '../types/iso_date_string';
 import { PositiveIntegerGreaterThanZero } from '../types/positive_integer_greater_than_zero';
 import { PositiveInteger } from '../types/positive_integer';
+import { NonEmptyString } from '../types/non_empty_string';
 import { parseScheduleDates } from '../../parse_schedule_dates';
 
 export const author = t.array(t.string);
@@ -28,7 +29,7 @@ export type BuildingBlockType = t.TypeOf<typeof building_block_type>;
 export const buildingBlockTypeOrUndefined = t.union([building_block_type, t.undefined]);
 export type BuildingBlockTypeOrUndefined = t.TypeOf<typeof buildingBlockTypeOrUndefined>;
 
-export const description = t.string;
+export const description = NonEmptyString;
 export type Description = t.TypeOf<typeof description>;
 
 export const descriptionOrUndefined = t.union([description, t.undefined]);
@@ -216,7 +217,7 @@ export type MaxSignals = t.TypeOf<typeof max_signals>;
 export const maxSignalsOrUndefined = t.union([max_signals, t.undefined]);
 export type MaxSignalsOrUndefined = t.TypeOf<typeof maxSignalsOrUndefined>;
 
-export const name = t.string;
+export const name = NonEmptyString;
 export type Name = t.TypeOf<typeof name>;
 
 export const nameOrUndefined = t.union([name, t.undefined]);

diff --git a/...ins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts b/...ins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts
@@ -1231,6 +1231,34 @@ describe('create rules schema', () => {
       expect(message.schema).toEqual({});
     });
 
+    test('empty name is not valid', () => {
+      const payload: CreateRulesSchema = {
+        ...getCreateRulesSchemaMock(),
+        name: '',
+      };
+
+      const decoded = createRulesSchema.decode(payload);
+      const checked = exactCheck(payload, decoded);
+      const message = pipe(checked, foldLeftRight);
+      expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "name"']);
+      expect(message.schema).toEqual({});
+    });
+
+    test('empty description is not valid', () => {
+      const payload: CreateRulesSchema = {
+        ...getCreateRulesSchemaMock(),
+        description: '',
+      };
+
+      const decoded = createRulesSchema.decode(payload);
+      const checked = exactCheck(payload, decoded);
+      const message = pipe(checked, foldLeftRight);
+      expect(getPaths(left(message.errors))).toEqual([
+        'Invalid value "" supplied to "description"',
+      ]);
+      expect(message.schema).toEqual({});
+    });
+
     test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note] does validate', () => {
       const payload: CreateRulesSchema = {
         rule_id: 'rule-1',

diff --git a/...gins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts b/...gins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts
@@ -832,6 +832,32 @@ describe('patch_rules_schema', () => {
     expect(message.schema).toEqual({});
   });
 
+  test('name cannot be an empty string', () => {
+    const payload: PatchRulesSchema = {
+      ...getPatchRulesSchemaMock(),
+      name: '',
+    };
+
+    const decoded = patchRulesSchema.decode(payload);
+    const checked = exactCheck(payload, decoded);
+    const message = pipe(checked, foldLeftRight);
+    expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "name"']);
+    expect(message.schema).toEqual({});
+  });
+
+  test('description cannot be an empty string', () => {
+    const payload: PatchRulesSchema = {
+      ...getPatchRulesSchemaMock(),
+      description: '',
+    };
+
+    const decoded = patchRulesSchema.decode(payload);
+    const checked = exactCheck(payload, decoded);
+    const message = pipe(checked, foldLeftRight);
+    expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "description"']);
+    expect(message.schema).toEqual({});
+  });
+
   test('threat is not defaulted to empty array on patch', () => {
     const payload: PatchRulesSchema = {
       id: 'b8f95e17-681f-407f-8a5e-b832a77d3831',

diff --git a/...ins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts b/...ins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts
@@ -125,6 +125,38 @@ describe('update rules schema', () => {
     expect(message.schema).toEqual({});
   });
 
+  test('name cannot be an empty string', () => {
+    const payload: UpdateRulesSchema = {
+      description: 'some description',
+      name: '',
+      risk_score: 50,
+      severity: 'low',
+      type: 'query',
+    };
+
+    const decoded = updateRulesSchema.decode(payload);
+    const checked = exactCheck(payload, decoded);
+    const message = pipe(checked, foldLeftRight);
+    expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "name"']);
+    expect(message.schema).toEqual({});
+  });
+
+  test('description cannot be an empty string', () => {
+    const payload: UpdateRulesSchema = {
+      description: '',
+      name: 'rule name',
+      risk_score: 50,
+      severity: 'low',
+      type: 'query',
+    };
+
+    const decoded = updateRulesSchema.decode(payload);
+    const checked = exactCheck(payload, decoded);
+    const message = pipe(checked, foldLeftRight);
+    expect(getPaths(left(message.errors))).toEqual(['Invalid value "" supplied to "description"']);
+    expect(message.schema).toEqual({});
+  });
+
   test('[rule_id, description, from, to, name] does not validate', () => {
     const payload: Partial<UpdateRulesSchema> = {
       rule_id: 'rule-1',