Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Display readonly placeholders when field value is empty #203826

Merged
merged 6 commits into from
Dec 13, 2024

Conversation

nikitaindik
Copy link
Contributor

@nikitaindik nikitaindik commented Dec 11, 2024

Partially addresses: #171520

Summary

This PR updates readonly components of the Rule Upgrade flyout to display placeholders in cases when a field value is empty.

Changes

  • Added placeholders to readonly components in the Rule Upgrade flyout
  • Simplified Storybook stories to make them more readable and less dependent on flyout context
  • Added stories that showcase empty states. You can run Storybook with yarn storybook security_solution.

Screenshots

Before / After
Scherm­afbeelding 2024-12-12 om 00 05 56

Work started on 11-Dec-2024

@nikitaindik nikitaindik added release_note:skip Skip the PR/issue when compiling release notes v9.0.0 Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area backport:version Backport to applied version labels v8.18.0 labels Dec 11, 2024
@nikitaindik nikitaindik self-assigned this Dec 11, 2024
@nikitaindik nikitaindik force-pushed the placeholders-for-empty-fields branch 2 times, most recently from d0fc648 to 3698520 Compare December 11, 2024 22:59
@nikitaindik nikitaindik marked this pull request as ready for review December 11, 2024 22:59
@nikitaindik nikitaindik requested a review from a team as a code owner December 11, 2024 22:59
@nikitaindik nikitaindik requested a review from maximpn December 11, 2024 22:59
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@nikitaindik nikitaindik requested a review from a team as a code owner December 12, 2024 08:31
Copy link
Contributor

@maximpn maximpn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nikitaindik I looked at the diff and tested the PR locally. UI looks much nicer with empty values placeholders 👍

I've noticed a problem with note and setup fields. These fields allow space characters. A bunch of spaces look like an empty value. Spaces don't provide any value and we should interpret that fields as empty when values contain only space characters. trim() should help with that.

I tested only UI. Rule upgrade is blocked by #203634. The following diffable rule fields were tested

Optional fields

  • investigation_fields
  • rule_name_override
  • timestamp_override
  • timeline_template
  • building_block
  • alert_suppression
  • threat_indicator_path
  • data_source

String fields allowing empty strings

  • ⚠️ note space characters produce visually appearing empty result
  • ⚠️ setup space characters produce visually appearing empty result

Array fields allowing empty arrays

  • tags
  • references
  • false_positives
  • threat
  • related_integrations
  • required_fields
  • severity_mapping
  • risk_score_mapping

export const BUILDING_BLOCK_DISABLED_FIELD_DESCRIPTION = i18n.translate(
'xpack.securitySolution.detectionEngine.ruleDetails.buildingBlockDisabledFieldDescription',
{
defaultMessage: 'Will not mark alerts as "building block" alerts',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally we should have a sentence without negation but we don't have a term normal alerts. It's better to consult with docs folks regarding this text.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Discussed this with Georgii. Decided to make add it as an item into the docs ticket.

@nikitaindik nikitaindik requested a review from maximpn December 13, 2024 16:18
@nikitaindik
Copy link
Contributor Author

@maximpn Thx for the review. I've addressed the feedback.

Copy link
Contributor

@maximpn maximpn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nikitaindik Thanks for addressing my comments 👍

I see the build failed due to a single occurrence of isBuildingBlockEnabled not replaced with type.

@@ -294,7 +303,7 @@ const prepareAboutSectionListItems = (
title: (
<span data-test-subj="buildingBlockPropertyTitle">{i18n.BUILDING_BLOCK_FIELD_LABEL}</span>
),
description: <BuildingBlock />,
description: <BuildingBlock isBuildingBlockEnabled={true} />,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
description: <BuildingBlock isBuildingBlockEnabled={true} />,
description: <BuildingBlock type="default" />,

@nikitaindik nikitaindik removed the request for review from a team December 13, 2024 18:20
@nikitaindik nikitaindik enabled auto-merge (squash) December 13, 2024 18:20
@nikitaindik nikitaindik merged commit 27fe7e4 into elastic:main Dec 13, 2024
9 checks passed
@kibanamachine
Copy link
Contributor

Starting backport for target branches: 8.x

https://github.com/elastic/kibana/actions/runs/12322291412

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 6404 6407 +3

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 14.7MB 14.7MB +1.7KB

History

cc @nikitaindik

kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Dec 13, 2024
… empty (elastic#203826)

**Partially addresses: elastic#171520

## Summary
This PR updates readonly components of the Rule Upgrade flyout to
display placeholders in cases when a field value is empty.

## Changes
 - Added placeholders to readonly components in the Rule Upgrade flyout
- Simplified Storybook stories to make them more readable and less
dependent on flyout context
- Added stories that showcase empty states. You can run Storybook with
`yarn storybook security_solution`.

## Screenshots
**Before / After**
<img width="2560" alt="Scherm­afbeelding 2024-12-12 om 00 05 56"
src="https://github.com/user-attachments/assets/e85a4514-4861-4be7-b0d2-534f7ad2d8cf"
/>

Work started on 11-Dec-2024

(cherry picked from commit 27fe7e4)
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.x

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Dec 13, 2024
…lue is empty (#203826) (#204279)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] Display readonly placeholders when field value is
empty (#203826)](#203826)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Nikita
Indik","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-13T20:06:40Z","message":"[Security
Solution] Display readonly placeholders when field value is empty
(#203826)\n\n**Partially addresses:
https://github.com/elastic/kibana/issues/171520**\r\n\r\n##
Summary\r\nThis PR updates readonly components of the Rule Upgrade
flyout to\r\ndisplay placeholders in cases when a field value is
empty.\r\n\r\n## Changes\r\n - Added placeholders to readonly components
in the Rule Upgrade flyout\r\n- Simplified Storybook stories to make
them more readable and less\r\ndependent on flyout context\r\n- Added
stories that showcase empty states. You can run Storybook with\r\n`yarn
storybook security_solution`.\r\n\r\n## Screenshots\r\n**Before /
After**\r\n<img width=\"2560\" alt=\"Scherm­afbeelding 2024-12-12 om 00
05
56\"\r\nsrc=\"https://github.com/user-attachments/assets/e85a4514-4861-4be7-b0d2-534f7ad2d8cf\"\r\n/>\r\n\r\nWork
started on
11-Dec-2024","sha":"27fe7e49e53807597ab47aca7ecfe40ac8d6e5fd","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection
Rules","backport:version","v8.18.0"],"title":"[Security Solution]
Display readonly placeholders when field value is
empty","number":203826,"url":"https://github.com/elastic/kibana/pull/203826","mergeCommit":{"message":"[Security
Solution] Display readonly placeholders when field value is empty
(#203826)\n\n**Partially addresses:
https://github.com/elastic/kibana/issues/171520**\r\n\r\n##
Summary\r\nThis PR updates readonly components of the Rule Upgrade
flyout to\r\ndisplay placeholders in cases when a field value is
empty.\r\n\r\n## Changes\r\n - Added placeholders to readonly components
in the Rule Upgrade flyout\r\n- Simplified Storybook stories to make
them more readable and less\r\ndependent on flyout context\r\n- Added
stories that showcase empty states. You can run Storybook with\r\n`yarn
storybook security_solution`.\r\n\r\n## Screenshots\r\n**Before /
After**\r\n<img width=\"2560\" alt=\"Scherm­afbeelding 2024-12-12 om 00
05
56\"\r\nsrc=\"https://github.com/user-attachments/assets/e85a4514-4861-4be7-b0d2-534f7ad2d8cf\"\r\n/>\r\n\r\nWork
started on
11-Dec-2024","sha":"27fe7e49e53807597ab47aca7ecfe40ac8d6e5fd"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/203826","number":203826,"mergeCommit":{"message":"[Security
Solution] Display readonly placeholders when field value is empty
(#203826)\n\n**Partially addresses:
https://github.com/elastic/kibana/issues/171520**\r\n\r\n##
Summary\r\nThis PR updates readonly components of the Rule Upgrade
flyout to\r\ndisplay placeholders in cases when a field value is
empty.\r\n\r\n## Changes\r\n - Added placeholders to readonly components
in the Rule Upgrade flyout\r\n- Simplified Storybook stories to make
them more readable and less\r\ndependent on flyout context\r\n- Added
stories that showcase empty states. You can run Storybook with\r\n`yarn
storybook security_solution`.\r\n\r\n## Screenshots\r\n**Before /
After**\r\n<img width=\"2560\" alt=\"Scherm­afbeelding 2024-12-12 om 00
05
56\"\r\nsrc=\"https://github.com/user-attachments/assets/e85a4514-4861-4be7-b0d2-534f7ad2d8cf\"\r\n/>\r\n\r\nWork
started on
11-Dec-2024","sha":"27fe7e49e53807597ab47aca7ecfe40ac8d6e5fd"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Nikita Indik <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:version Backport to applied version labels Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area release_note:skip Skip the PR/issue when compiling release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.18.0 v9.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants