Add validation for threat intel source config #1393
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Joanne Wang <[email protected]>
jowg-amazon
requested review from
amsiglan,
AWSHurneyt,
getsaurabh02,
lezzago,
praveensameneni,
sbcd90,
eirsep,
engechas,
goyamegh and
riysaxen-amzn
as code owners
eirsep
approved these changes
Oct 25, 2024
Signed-off-by: Joanne Wang <[email protected]>
AWSHurneyt
reviewed
Oct 29, 2024
| @@ -24,7 +24,19 @@ public class SourceConfigDtoValidator { | |||
| public List<String> validateSourceConfigDto(SATIFSourceConfigDto sourceConfigDto) { | |||
There was a problem hiding this comment.
As a follow-up item, let's add validation for the refresh frequency.
| @@ -24,7 +24,19 @@ public class SourceConfigDtoValidator { | |||
| public List<String> validateSourceConfigDto(SATIFSourceConfigDto sourceConfigDto) { | |||
| List<String> errorMsgs = new ArrayList<>(); | |||
|
|
|||
| if (sourceConfigDto.getIocTypes().isEmpty()) { | |||
| if (sourceConfigDto.getName() == null || sourceConfigDto.getName().isEmpty()) { | |||
There was a problem hiding this comment.
@jowg-amazon could we add length restrictions? The frontend uses this validation for names.
https://github.com/opensearch-project/security-analytics-dashboards-plugin/blob/main/public/utils/validation.ts#L7C14-L7C33
There was a problem hiding this comment.
added validation for names based on how frontend currently validates the name
| errorMsgs.add("Name must not be empty"); | ||
| } | ||
|
|
||
| if (sourceConfigDto.getFormat() == null || sourceConfigDto.getFormat().isEmpty()) { |
There was a problem hiding this comment.
We may need to add length validation for this as well. Unless this gets validated somewhere downstream, the config could be created via backend API with something like 300k characters; which could disrupt functionality.
There was a problem hiding this comment.
Added length validation
Signed-off-by: Joanne Wang <[email protected]>
Added parsing tests to make sure null fields can be parsed |
AWSHurneyt
approved these changes
Oct 30, 2024
eirsep
approved these changes
Oct 30, 2024
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser Signed-off-by: Joanne Wang <[email protected]> * add parsing tests Signed-off-by: Joanne Wang <[email protected]> * add additional validation Signed-off-by: Joanne Wang <[email protected]> --------- Signed-off-by: Joanne Wang <[email protected]> (cherry picked from commit 364f42d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser Signed-off-by: Joanne Wang <[email protected]> * add parsing tests Signed-off-by: Joanne Wang <[email protected]> * add additional validation Signed-off-by: Joanne Wang <[email protected]> --------- Signed-off-by: Joanne Wang <[email protected]> (cherry picked from commit 364f42d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser Signed-off-by: Joanne Wang <[email protected]> * add parsing tests Signed-off-by: Joanne Wang <[email protected]> * add additional validation Signed-off-by: Joanne Wang <[email protected]> --------- Signed-off-by: Joanne Wang <[email protected]> (cherry picked from commit 364f42d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser Signed-off-by: Joanne Wang <[email protected]> * add parsing tests Signed-off-by: Joanne Wang <[email protected]> * add additional validation Signed-off-by: Joanne Wang <[email protected]> --------- Signed-off-by: Joanne Wang <[email protected]> (cherry picked from commit 364f42d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser Signed-off-by: Joanne Wang <[email protected]> * add parsing tests Signed-off-by: Joanne Wang <[email protected]> * add additional validation Signed-off-by: Joanne Wang <[email protected]> --------- Signed-off-by: Joanne Wang <[email protected]> (cherry picked from commit 364f42d) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
jowg-amazon
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser * add parsing tests * add additional validation --------- (cherry picked from commit 364f42d) Signed-off-by: Joanne Wang <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
jowg-amazon
pushed a commit
that referenced
this pull request
Oct 30, 2024
* add validation for source config and allow null to be read in parser * add parsing tests * add additional validation --------- (cherry picked from commit 364f42d) Signed-off-by: Joanne Wang <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
AWSHurneyt
pushed a commit
that referenced
this pull request
Oct 31, 2024
* add validation for source config and allow null to be read in parser * add parsing tests * add additional validation --------- (cherry picked from commit 364f42d) Signed-off-by: Joanne Wang <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
AWSHurneyt
pushed a commit
that referenced
this pull request
Oct 31, 2024
* add validation for source config and allow null to be read in parser * add parsing tests * add additional validation --------- (cherry picked from commit 364f42d) Signed-off-by: Joanne Wang <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
AWSHurneyt
pushed a commit
that referenced
this pull request
Oct 31, 2024
* add validation for source config and allow null to be read in parser * add parsing tests * add additional validation --------- (cherry picked from commit 364f42d) Signed-off-by: Joanne Wang <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Add source config validation so source config cannot be created without valid
name,type,format,source, andioc type. Additionally allows source configs with null values to still be read and deleted.Related Issues
Resolves #1366
Check List
--signoff.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.