forked from elastic/kibana
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.ts
More file actions
354 lines (304 loc) · 14.9 KB
/
index.ts
File metadata and controls
354 lines (304 loc) · 14.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { CasesFeaturesAllRequired } from '../ui/types';
export * from './owners';
export * from './files';
export * from './application';
export * from './observables';
export { LENS_ATTACHMENT_TYPE } from './visualizations';
/**
* Cases connector limits.
*/
export const MAX_OPEN_CASES = 20;
export const DEFAULT_MAX_OPEN_CASES = 5;
export const DEFAULT_DATE_FORMAT = 'dateFormat' as const;
export const DEFAULT_DATE_FORMAT_TZ = 'dateFormat:tz' as const;
/**
* Saved objects
*/
export const CASE_SAVED_OBJECT = 'cases' as const;
export const CASE_CONNECTOR_MAPPINGS_SAVED_OBJECT = 'cases-connector-mappings' as const;
export const CASE_USER_ACTION_SAVED_OBJECT = 'cases-user-actions' as const;
export const CASE_COMMENT_SAVED_OBJECT = 'cases-comments' as const;
export const CASE_ATTACHMENT_SAVED_OBJECT = 'cases-attachments' as const;
export const CASE_CONFIGURE_SAVED_OBJECT = 'cases-configure' as const;
export const CASE_RULES_SAVED_OBJECT = 'cases-rules' as const;
export const CASE_ID_INCREMENTER_SAVED_OBJECT = 'cases-incrementing-id' as const;
export const CASE_TEMPLATE_SAVED_OBJECT = 'cases-templates' as const;
export const CASE_TASK_SAVED_OBJECT = 'cases-tasks' as const;
export const CASE_TASK_TEMPLATE_SAVED_OBJECT = 'cases-task-templates' as const;
/**
* If more values are added here please also add them here: x-pack/test/cases_api_integration/common/plugins
*/
export const SAVED_OBJECT_TYPES = [
CASE_SAVED_OBJECT,
CASE_CONNECTOR_MAPPINGS_SAVED_OBJECT,
CASE_USER_ACTION_SAVED_OBJECT,
CASE_COMMENT_SAVED_OBJECT,
CASE_CONFIGURE_SAVED_OBJECT,
CASE_TEMPLATE_SAVED_OBJECT,
];
/**
* Case routes
*/
export const CASES_URL = '/api/cases' as const;
export const CASE_FIND_URL = `${CASES_URL}/_find` as const;
export const CASE_DETAILS_URL = `${CASES_URL}/{case_id}` as const;
export const CASE_CONFIGURE_URL = `${CASES_URL}/configure` as const;
export const CASE_CONFIGURE_DETAILS_URL = `${CASES_URL}/configure/{configuration_id}` as const;
export const CASE_CONFIGURE_CONNECTORS_URL = `${CASE_CONFIGURE_URL}/connectors` as const;
export const CASE_COMMENTS_URL = `${CASE_DETAILS_URL}/comments` as const;
export const CASE_FIND_ATTACHMENTS_URL = `${CASE_COMMENTS_URL}/_find` as const;
export const CASE_COMMENT_DETAILS_URL = `${CASE_DETAILS_URL}/comments/{comment_id}` as const;
export const CASE_COMMENT_DELETE_URL = `${CASE_DETAILS_URL}/comments/{comment_id}` as const;
export const CASE_PUSH_URL = `${CASE_DETAILS_URL}/connector/{connector_id}/_push` as const;
export const CASE_REPORTERS_URL = `${CASES_URL}/reporters` as const;
export const CASE_TAGS_URL = `${CASES_URL}/tags` as const;
export const CASE_USER_ACTIONS_URL = `${CASE_DETAILS_URL}/user_actions` as const;
export const CASE_FIND_USER_ACTIONS_URL = `${CASE_USER_ACTIONS_URL}/_find` as const;
export const CASE_ALERTS_URL = `${CASES_URL}/alerts/{alert_id}` as const;
export const CASE_DETAILS_ALERTS_URL = `${CASE_DETAILS_URL}/alerts` as const;
export const CASE_FILES_URL = `${CASE_DETAILS_URL}/files` as const;
/**
* Internal routes
*/
export const CASES_INTERNAL_URL = '/internal/cases' as const;
export const INTERNAL_BULK_CREATE_ATTACHMENTS_URL =
`${CASES_INTERNAL_URL}/{case_id}/attachments/_bulk_create` as const;
export const INTERNAL_BULK_GET_ATTACHMENTS_URL =
`${CASES_INTERNAL_URL}/{case_id}/attachments/_bulk_get` as const;
export const INTERNAL_SUGGEST_USER_PROFILES_URL =
`${CASES_INTERNAL_URL}/_suggest_user_profiles` as const;
export const INTERNAL_CONNECTORS_URL = `${CASES_INTERNAL_URL}/{case_id}/_connectors` as const;
export const INTERNAL_BULK_GET_CASES_URL = `${CASES_INTERNAL_URL}/_bulk_get` as const;
export const INTERNAL_GET_CASE_USER_ACTIONS_STATS_URL =
`${CASES_INTERNAL_URL}/{case_id}/user_actions/_stats` as const;
export const INTERNAL_CASE_USERS_URL = `${CASES_INTERNAL_URL}/{case_id}/_users` as const;
export const INTERNAL_DELETE_FILE_ATTACHMENTS_URL =
`${CASES_INTERNAL_URL}/{case_id}/attachments/files/_bulk_delete` as const;
export const INTERNAL_GET_CASE_CATEGORIES_URL = `${CASES_INTERNAL_URL}/categories` as const;
export const INTERNAL_CASE_METRICS_URL = `${CASES_INTERNAL_URL}/metrics` as const;
export const INTERNAL_CASE_METRICS_DETAILS_URL = `${CASES_INTERNAL_URL}/metrics/{case_id}` as const;
export const INTERNAL_CASE_SIMILAR_CASES_URL = `${CASES_INTERNAL_URL}/{case_id}/_similar` as const;
export const INTERNAL_PUT_CUSTOM_FIELDS_URL = `${CASES_INTERNAL_URL}/{case_id}/custom_fields/{custom_field_id}`;
export const INTERNAL_CASE_OBSERVABLES_URL = `${CASES_INTERNAL_URL}/{case_id}/observables` as const;
export const INTERNAL_CASE_OBSERVABLES_PATCH_URL =
`${INTERNAL_CASE_OBSERVABLES_URL}/{observable_id}` as const;
export const INTERNAL_CASE_OBSERVABLES_DELETE_URL =
`${INTERNAL_CASE_OBSERVABLES_URL}/{observable_id}` as const;
export const INTERNAL_CASE_FIND_USER_ACTIONS_URL =
`${CASES_INTERNAL_URL}/{case_id}/user_actions/_find` as const;
export const INTERNAL_CASE_GET_CASES_BY_ATTACHMENT_URL =
`${CASES_INTERNAL_URL}/case/attachments/_find_containing_all` as const;
export const INTERNAL_BULK_CREATE_CASE_OBSERVABLES_URL = `${CASES_INTERNAL_URL}/{case_id}/observables/_bulk_create`;
/**
* Task routes
*/
export const CASES_TASKS_URL = `${CASES_URL}/tasks` as const;
export const CASE_TASKS_URL = `${CASE_DETAILS_URL}/tasks` as const;
export const CASE_TASK_DETAILS_URL = `${CASE_TASKS_URL}/{task_id}` as const;
export const CASE_TASKS_BULK_CREATE_URL = `${CASE_TASKS_URL}/_bulk_create` as const;
export const CASE_TASKS_BULK_UPDATE_URL = `${CASE_TASKS_URL}/_bulk_update` as const;
export const CASE_TASKS_BULK_DELETE_URL = `${CASE_TASKS_URL}/_bulk_delete` as const;
export const CASE_TASKS_REORDER_URL = `${CASE_TASKS_URL}/_reorder` as const;
export const CASE_TASKS_APPLY_TEMPLATE_URL = `${CASE_TASKS_URL}/_apply_template` as const;
export const CASES_TASKS_MY_URL = `${CASES_TASKS_URL}/_my` as const;
export const CASES_TASKS_FIND_URL = `${CASES_TASKS_URL}/_find` as const;
/**
* Task template routes
*/
export const CASES_TASK_TEMPLATES_URL = `${CASES_URL}/task_templates` as const;
export const CASE_TASK_TEMPLATE_DETAILS_URL = `${CASES_TASK_TEMPLATES_URL}/{template_id}` as const;
export const INTERNAL_TEMPLATES_URL = `${CASES_INTERNAL_URL}/templates` as const;
export const INTERNAL_TEMPLATE_DETAILS_URL = `${INTERNAL_TEMPLATES_URL}/{template_id}` as const;
export const INTERNAL_BULK_DELETE_TEMPLATES_URL = `${INTERNAL_TEMPLATES_URL}/_bulk_delete` as const;
export const INTERNAL_BULK_EXPORT_TEMPLATES_URL = `${INTERNAL_TEMPLATES_URL}/_bulk_export` as const;
export const INTERNAL_TEMPLATE_TAGS_URL = `${INTERNAL_TEMPLATES_URL}/tags` as const;
export const INTERNAL_TEMPLATE_CREATORS_URL = `${INTERNAL_TEMPLATES_URL}/creators` as const;
/**
* Action routes
*/
export const ACTION_URL = '/api/actions' as const;
export const ACTION_TYPES_URL = `${ACTION_URL}/connector_types` as const;
export const CONNECTORS_URL = `${ACTION_URL}/connectors` as const;
/**
* Alerts
*/
export const MAX_ALERTS_PER_CASE = 1000 as const;
/**
* Searching
*/
export const MAX_DOCS_PER_PAGE = 10000 as const;
export const MAX_BULK_GET_ATTACHMENTS = 100 as const;
export const MAX_CONCURRENT_SEARCHES = 10 as const;
export const MAX_BULK_GET_CASES = 1000 as const;
export const MAX_COMMENTS_PER_PAGE = 100 as const;
export const MAX_CASES_PER_PAGE = 100 as const;
export const MAX_USER_ACTIONS_PER_PAGE = 100 as const;
export const MAX_CATEGORY_FILTER_LENGTH = 100 as const;
export const MAX_TAGS_FILTER_LENGTH = 100 as const;
export const MAX_ASSIGNEES_FILTER_LENGTH = 100 as const;
export const MAX_REPORTERS_FILTER_LENGTH = 100 as const;
export const MAX_SUPPORTED_CONNECTORS_RETURNED = 1000 as const;
/**
* Validation
*/
export const MAX_TITLE_LENGTH = 160 as const;
export const MAX_RULE_NAME_LENGTH = 100 as const;
export const MAX_SUFFIX_LENGTH = 60 as const;
export const MAX_CATEGORY_LENGTH = 50 as const;
export const MAX_DESCRIPTION_LENGTH = 30000 as const;
export const MAX_COMMENT_LENGTH = 30000 as const;
export const MAX_LENGTH_PER_TAG = 256 as const;
export const MAX_TAGS_PER_CASE = 200 as const;
export const MAX_DELETE_IDS_LENGTH = 100 as const;
export const MAX_SUGGESTED_PROFILES = 10 as const;
export const MAX_CASES_TO_UPDATE = 100 as const;
export const MAX_BULK_CREATE_ATTACHMENTS = 100 as const;
export const MAX_USER_ACTIONS_PER_CASE = 10000 as const;
export const MAX_PERSISTABLE_STATE_AND_EXTERNAL_REFERENCES = 100 as const;
export const MAX_CUSTOM_FIELDS_PER_CASE = 10 as const;
export const MAX_CUSTOM_FIELD_KEY_LENGTH = 36 as const; // uuidv4 length
export const MAX_CUSTOM_FIELD_LABEL_LENGTH = 50 as const;
export const MAX_CUSTOM_FIELD_TEXT_VALUE_LENGTH = 160 as const;
export const MAX_TEMPLATE_KEY_LENGTH = 36 as const; // uuidv4 length
export const MAX_TEMPLATE_NAME_LENGTH = 50 as const;
export const MAX_TEMPLATE_DESCRIPTION_LENGTH = 1000 as const;
export const MAX_TEMPLATES_LENGTH = 10 as const;
export const MAX_TEMPLATE_TAG_LENGTH = 50 as const;
export const MAX_TAGS_PER_TEMPLATE = 10 as const;
export const MAX_FILENAME_LENGTH = 160 as const;
export const MAX_CUSTOM_OBSERVABLE_TYPES_LABEL_LENGTH = 50 as const;
/**
* Cases features
*/
export const DEFAULT_FEATURES: CasesFeaturesAllRequired = Object.freeze({
alerts: { sync: true, enabled: true, isExperimental: false, read: true, all: true },
metrics: [],
observables: { enabled: true, autoExtract: false },
events: { enabled: false },
templates: { enabled: false },
});
/**
* Task manager
*/
export const CASES_TELEMETRY_TASK_NAME = 'cases-telemetry-task';
export const ANALYTICS_BACKFILL_TASK_TYPE = 'cai:cases_analytics_index_backfill';
export const ANALYTICS_SCHEDULER_TASK_TYPE = 'cai:cases_analytics_index_scheduler';
export const ANALYTICS_SYNCHRONIZATION_TASK_TYPE = 'cai:cases_analytics_index_synchronization';
/**
* Telemetry
*/
export const CASE_TELEMETRY_SAVED_OBJECT = 'cases-telemetry';
export const CASE_TELEMETRY_SAVED_OBJECT_ID = 'cases-telemetry';
/**
* Cases UI Capabilities
*/
export const CREATE_CASES_CAPABILITY = 'create_cases' as const;
export const READ_CASES_CAPABILITY = 'read_cases' as const;
export const UPDATE_CASES_CAPABILITY = 'update_cases' as const;
export const DELETE_CASES_CAPABILITY = 'delete_cases' as const;
export const PUSH_CASES_CAPABILITY = 'push_cases' as const;
export const CASES_SETTINGS_CAPABILITY = 'cases_settings' as const;
export const CASES_CONNECTORS_CAPABILITY = 'cases_connectors' as const;
export const CASES_REOPEN_CAPABILITY = 'case_reopen' as const;
export const CREATE_COMMENT_CAPABILITY = 'create_comment' as const;
export const ASSIGN_CASE_CAPABILITY = 'cases_assign' as const;
/**
* Cases API Tags
*/
/**
* This tag registered for the cases suggest user profiles API
*/
export const SUGGEST_USER_PROFILES_API_TAG = 'casesSuggestUserProfiles';
/**
* This tag is registered for the security bulk get API
*/
export const BULK_GET_USER_PROFILES_API_TAG = 'bulkGetUserProfiles';
/**
* This tag is registered for the connectors (configure) get API
*/
export const GET_CONNECTORS_CONFIGURE_API_TAG = 'casesGetConnectorsConfigure';
/**
* User profiles
*/
export const DEFAULT_USER_SIZE = 10;
export const MAX_ASSIGNEES_PER_CASE = 10;
export const NO_ASSIGNEES_FILTERING_KEYWORD = 'none';
export const KIBANA_SYSTEM_USERNAME = 'elastic/kibana';
export const MAX_OBSERVABLES_PER_CASE = 50;
/**
* Delays
*/
export const SEARCH_DEBOUNCE_MS = 500;
/**
* Local storage keys
*/
export const LOCAL_STORAGE_KEYS = {
casesTableColumns: 'cases.list.tableColumns',
casesTableFiltersConfig: 'cases.list.tableFiltersConfig',
casesTableState: 'cases.list.state',
templatesTableState: 'templates.list.state',
templatesYamlEditorCreateState: 'templates.yaml.editor.create',
templatesYamlEditorEditState: 'templates.yaml.editor.edit',
};
/**
* Connectors
*/
export enum CASES_CONNECTOR_SUB_ACTION {
RUN = 'run',
}
export const NONE_CONNECTOR_ID: string = 'none';
export const CASES_CONNECTOR_ID = '.cases';
export const CASES_CONNECTOR_TITLE = 'Cases';
export const CASES_CONNECTOR_TIME_WINDOW_REGEX = '^[1-9][0-9]*[d,w,h,m]$';
/**
* This field is used for authorization of the entities within the cases plugin. Each entity within Cases will have the owner field
* set to a string that represents the plugin that "owns" (i.e. the plugin that originally issued the POST request to
* create the entity) the entity.
*
* The Authorization class constructs a string composed of the operation being performed (createCase, getComment, etc),
* and the owner of the entity being acted upon or created. This string is then given to the Security plugin which
* checks to see if the user making the request has that particular string stored within it's privileges. If it does,
* then the operation succeeds, otherwise the operation fails.
*
* APIs that create/update an entity require that the owner field be passed in the body of the request.
* APIs that search for entities typically require that the owner be passed as a query parameter.
* APIs that specify an ID of an entity directly generally don't need to specify the owner field.
*
* For APIs that create/update an entity, the RBAC implementation checks to see if the user making the request has the
* correct privileges for performing that action (a create/update) for the specified owner.
* This check is done through the Security plugin's API.
*
* For APIs that search for entities, the RBAC implementation creates a filter for the saved objects query that limits
* the search to only owners that the user has access to. We also check that the objects returned by the saved objects
* API have the limited owner scope. If we find one that the user does not have permissions for, we throw a 403 error.
* The owner field that is passed in as a query parameter can be used to further limit the results. If a user attempts
* to pass an owner that they do not have access to, the owner is ignored.
*
* For APIs that retrieve/delete entities directly using their ID, the RBAC implementation requests the object first,
* and then checks to see if the user making the request has access to that operation and owner. If the user does, the
* operation continues, otherwise we throw a 403.
*/
export const OWNER_FIELD = 'owner';
export const MAX_OBSERVABLE_TYPE_KEY_LENGTH = 36;
export const MAX_OBSERVABLE_TYPE_LABEL_LENGTH = 50;
export const MAX_CUSTOM_OBSERVABLE_TYPES = 10;
/**
* EBT events
*/
export const CASE_PAGE_VIEW_EVENT_TYPE = 'case_page_view' as const;
export const CASE_ATTACH_EVENTS_EVENT_TYPE = 'case_attach_events' as const;
export const CASE_VIEW_ATTACHMENTS_TAB_CLICKED_EVENT_TYPE =
'case_view_attachments_tab_clicked' as const;
export const CASE_VIEW_ATTACHMENTS_SUB_TAB_CLICKED_EVENT_TYPE =
'case_view_attachments_sub_tab_clicked' as const;
/**
* Exporting this to make it easier to track the usage across the codebase
* via lsp references.
*/
export const CASE_EXTENDED_FIELDS = 'extended_fields' as const;