Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Refactor forms logic on Rule Creation, Edit and Details pages, and overlap with Bulk Actions #151202

Open
spong opened this issue Feb 14, 2023 · 2 comments
Open

[Security Solution] Refactor forms logic on Rule Creation, Edit and Details pages, and overlap with Bulk Actions #151202

spong opened this issue Feb 14, 2023 · 2 comments
Labels
Feature:Rule Actions Security Solution Rule Actions feature Feature:Rule Creation Security Solution Detection Rule Creation Feature:Rule Details Security Solution Detection Rule Details refactoring Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. technical debt Improvement of the software architecture and operational architecture

Comments

@spong
Copy link
Member

spong commented Feb 14, 2023
edited

Creating this issue as an outcome of working #149885 and complexities in tracking down the root cause of stale events in the Edit Rule Actions flow as detailed in #142217.

It's been some time (~3 years) since the Rule Creation/Edit flows (and subsequently Rule Details as it's a read-only representation of the former) were created, and since then there have been continuous updates and enhancements to the underlying ES UI: Form lib (internal docs). This tech debt issue is for revisiting our architecture between these pages/flows, and refactoring to have a better integration between the form lib, the trigger_actions_ui components used for actions, and the different security components used here and within the Bulk Actions flyout.

For additional context, please see the following issues/PR's:

And note that as per the form libs docs:

Unless your parent component needs to be aware of every field value change in the form (which should rarely be needed), you don't want to use the useFormData() hook and forward the data from there. This would create unnecessary re-renders. Instead it is better to forward the getFormData() handler on the form.

Please see these references of useFormData in the about, define, schedule, and actions steps.

Additionally, there are a few inconsistencies in how we manage errors between the Bulk Actions flyout UI and the Edit Rule UI. Currently the Edit Rule UI will validate the whole action on connector selection and display the error callout immediately (instead of waiting for form submission or loss of focus from the new fields just added), and the Bulk Actions UI does the opposite and doesn't always show the error and will fall back to showing an error toast from the failed http request (not always validating on submit, depends on form state).
@spong spong added triage_needed technical debt Improvement of the software architecture and operational architecture Feature:Detection Rules Anything related to Security Solution's Detection Rules Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Actions Security Solution Rule Actions feature Team:Detection Rule Management Security Detection Rule Management Team Feature:Rule Creation Security Solution Detection Rule Creation Feature:Rule Details Security Solution Detection Rule Details labels Feb 14, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@spong spong changed the title [Security Solution] Refactor Rule Edit and Rule Details pages [Security Solution] Refactor forms logic on Rule Creation, Edit and Details pages Feb 14, 2023
@spong spong changed the title [Security Solution] Refactor forms logic on Rule Creation, Edit and Details pages [Security Solution] Refactor forms logic on Rule Creation, Edit and Details pages, and overlap with Bulk Actions Feb 14, 2023
@spong spong mentioned this issue Feb 16, 2023
Merged
@banderror banderror added refactoring and removed triage_needed Feature:Detection Rules Anything related to Security Solution's Detection Rules labels Mar 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature:Rule Actions Security Solution Rule Actions feature Feature:Rule Creation Security Solution Detection Rule Creation Feature:Rule Details Security Solution Detection Rule Details refactoring Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. technical debt Improvement of the software architecture and operational architecture
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@spong @banderror @elasticmachine