[Security Solution][Investigations] - Fix column toggle #158780
Conversation
michaelolo24
added
bug
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
| // get the latest columns provided by client and | ||
| if (didDefaultColumnChange) { | ||
| defaultColumnsRef.current = defaultColumns; | ||
| setColumnsPopulated(false); |
There was a problem hiding this comment.
It looks like that this useEffect was moved below with some modification.
Actually removing this line would cause below line to not execute which enriches fields with its datatype. With new change, the ordering of fields such as timestamp breaks. See video below
const populatedColumns = populateColumns(columns, browserFields, defaultColumns);Screen.Recording.2023-06-01.at.11.08.58.mov
There was a problem hiding this comment.
I think I understand the problem and it seems to be 2 pronged.
-
Trigger Actions alert table does natively supported changing columns from the client side. So I added a work around, that we will provide a unique set of columns
per IDand that is how we achieve columns difference between Event Rendered View v/s Grid View.- Now here, for a single ID ( i.e. gridView ) we are changing the columns for grid View from the client side (i.e. security solution ) which is causing weird issues even if I add above line :
setColumnsPopulated(false)
- Now here, for a single ID ( i.e. gridView ) we are changing the columns for grid View from the client side (i.e. security solution ) which is causing weird issues even if I add above line :
-
Secondly, single source of truth on the storage is maintained by
Triggers action alert table. Changing security solution columns state does will not have impact because if we add a field from field browser, it will only changetrigger-actionsstate of columns not security solutioncolumnsstate. Currently, there is no sync.
Currently, only safe way seems to me is to get handle onToggleColumn function, create a context in Security Solution and then use that toggle function anywhere to add columns to the table. This is because trigger actions table wants to handle how the columns are changed in the table.
Please let me know if something does not make sense.. we can have a meeting.
There was a problem hiding this comment.
Thanks for the write up, it does make sense. Took a second pass at it if you have some time!
michaelolo24
force-pushed
the
fix-toggle-column
branch
from
250e50c
to
8f5741b
Compare
…-ref HEAD~1..HEAD --fix'
| const oldColumnIds = defaultColumnsRef.current.map((column) => column.id); | ||
| const addedColumnIds = difference(newColumnIds, oldColumnIds); | ||
| const removedColumnIds = difference(oldColumnIds, newColumnIds); | ||
| return addedColumnIds.concat(removedColumnIds); |
There was a problem hiding this comment.
Although, this seems a little hacky, I do not see any other good alternative without making Contexts in Security Solution. It seems to be working well for me. It will good to add cypress tests for this.
| @@ -210,9 +210,10 @@ export const AlertsTableComponent: FC<DetectionEngineAlertTableProps> = ({ | |||
| return undefined; | |||
| }, [isEventRenderedView]); | |||
|
|
|||
| const dataTableStorage = getDataTablesInStorageByIds(storage, [TableId.alertsOnAlertsPage]); | |||
There was a problem hiding this comment.
@logeekal this may be a much much more involved change from what I'm seeing. From what I can tell only pulling in the initial columns like this is necessary for the table to properly own control to set the columns, but haven't dug into exactly what the table is doing under the hood to manage these changes. My changes here break the tests, because the expected table updates on load aren't happening properly on the Rule details page, even though the tableId should account for the table settings for that table. Returning this to how it was previously fixes the tests, but, since localStorage updates aren't listened to, the security_solution column toggle functionality doesn't work. Also fyi @kqualters-elastic .
...I may be missing something, but wanted to drop details about what I'm seeing just in case I have to start my leave early next week
There was a problem hiding this comment.
Hey @michaelolo24, I am not sure I fully understand but I tested it in rule details page and it seems to be working fine. I see that you have removed the hard coding of TableId.alertsOnAlertsPage , which is great. Could you please point me to exact scenarios that fail.
💔 Build FailedFailed CI StepsTest Failures
Metrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: |
michaelolo24
removed
the
bug
|
Closing as this issue was completed in a separate PR |
Summary
Addresses #155243
Checklist
Delete any items that are not applicable to this PR.
Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.
When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:
For maintainers