[Security Solution][Cases] Re-enable timeline functionality #96496
Conversation
michaelolo24
added
v8.0.0
release_note:skip
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
michaelolo24
changed the title
| useInsertTimeline: jest.fn(), | ||
| }, | ||
| ui: { | ||
| renderInvestigateInTimelineActionComponent: (alertIds: string[]) => |
There was a problem hiding this comment.
alertIds does not appear to be used?
There was a problem hiding this comment.
removed, gracias
x-pack/plugins/cases/public/components/insert_timeline/index.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/cases/public/components/markdown_editor/editor.tsx
Outdated
Show resolved
Hide resolved
| export interface CursorPosition { | ||
| start: number; | ||
| end: number; | ||
| } | ||
|
|
||
| export type TemporaryProcessingPluginsType = [ |
|
@michaelolo24 @stephmilovic @XavierM I am wondering why we need to pass the UI markdown plugins as a prop in this PR? Shouldn't cases handle all the markdown plugins internally? If we need other plugins to define their own markdown plugins in cases, then I think we need to provide a markdown plugin registry as the |
Let's discuss it, Also see another drawback with the registry that each time a plugin want to use case they will have to register an action for the EUI markdown, I think that will be annoying. I think for now I agree that cases should handle the markdown internally and maybe we should only pass props from security solution to have the functionality to attach a timeline. |
Thanks @cnasikas & @XavierM, I'll update it to just pass down the timeline specific parts, rather than the whole plugins. Definitely cleaner that way. 👍🏾 |
michaelolo24
force-pushed
the
finish_timeline_integration
branch
from
b9a9959 to
a029589
Compare
michaelolo24
force-pushed
the
finish_timeline_integration
branch
from
a029589 to
f7423eb
Compare
x-pack/plugins/cases/public/components/all_cases/index.test.tsx
Outdated
Show resolved
Hide resolved
michaelolo24
force-pushed
the
finish_timeline_integration
branch
from
e205b8b to
fb6d973
Compare
| useFetchAlertData={useFetchAlertData} | ||
| userCanCrud={userCanCrud} | ||
| /> | ||
| <CasesTimelineIntegrationProvider timelineIntegration={timelineIntegration}> |
There was a problem hiding this comment.
I'm wondering if we should only render the CasesTimelineIntegrationProvider if timelineIntegration exists? I know you have the logic further down the line, but why go further down the line if we know timelineIntegration does not exist?
There was a problem hiding this comment.
Because InsertTimeline always needs it? should we have a boolean where InsertTimeline is to render it or not depending on the timelineIntegration props? or is it simpler just to keep it as is
There was a problem hiding this comment.
No it would still work without the provider since all the useTimelineContext()'s can be the default value of null. So I could do something like below and it would still work, but nothing would really be functionally different. The only difference would be CasesTimelineIntegrationContext not showing up in the tree anymore. It may be simpler to just keep it as is for now?
CasesTimelineIntegrationProvider = ({ children, timelineIntegration }) => {
const [activeTimelineIntegration] = useState(timelineIntegration ?? null);
return activeTimelineIntegration ? (
<CasesTimelineIntegrationContext.Provider value={activeTimelineIntegration}>
{children}
</CasesTimelineIntegrationContext.Provider>
) : (
<>{children}</>
);
};
useTimelineContext is used for InsertTimeline, but also all the editor plugin stuff, and the renderInvestigateInTimeline and renderTimelineDetailsPanel logic. Ideally once the timeline plugin is done we can just nuke all of that stuff. You can test it out by just setting the useState here to null:
There was a problem hiding this comment.
yeah i went in an passed null from create to see. im good w this
| export const usePlugins = () => { | ||
| const timelinePlugins = useTimelineContext()?.editor_plugins; | ||
|
|
||
| return useMemo(() => { |
There was a problem hiding this comment.
wondering if we should use useMemo here or not
There was a problem hiding this comment.
I can get rid of the useMemo, I'd just need to move all the getDefault* references out of the hook so a new reference isn't created every single time the hook is called because that caused an infinite loop to happen before 😂. I initially wanted to avoid mutating them as singleton's to guard against any weird bugs that may come up. For example, if someone was to navigate from the cases in one app instance that does have timeline enabled directly to cases in another app instance that doesn't have it enabled. New plugin instances would probably be created in that scenario depending on how navigation happens, but wanted to avoid potential bugs there.
There was a problem hiding this comment.
then leave it, i dont want a bug! lol
💛 Build succeeded, but was flaky
Test FailuresKibana Pipeline / general / Creates and activates a new EQL rule with a sequence.Detection rules, sequence EQL Creates and activates a new EQL rule with a sequenceStack TraceMetrics [docs]
History
To update your PR or re-run it, just comment with: |
Summary
This PR reintroduces the functionality necessary for inserting timeline into cases via comments as well as encapsulating any UI timeline components. The views that utilize this functionality
Create_CaseandCase_Detailsnow take in the below optional configuration. This logic will be able to be removed once timeline is moved into it's own plugin and we can import directly from there.Checklist