Finish tests

madirey · madirey · commit 7dc1e975e657 · 2020-12-18T00:29:29.000Z
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/bulk_create_threshold_signals.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/bulk_create_threshold_signals.test.ts
@@ -4,12 +4,12 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import uuidv5 from 'uuid/v5';
 import { loggingSystemMock } from '../../../../../../../src/core/server/mocks';
 import { sampleDocNoSortId, sampleDocSearchResultsNoSortId } from './__mocks__/es_results';
-import { NAMESPACE_ID, transformThresholdResultsToEcs } from './bulk_create_threshold_signals';
+import { transformThresholdResultsToEcs } from './bulk_create_threshold_signals';
+import { calculateThresholdSignalUuid } from './utils';
 
-describe('', () => {
+describe('transformThresholdResultsToEcs', () => {
   it('should return transformed threshold results', () => {
     const threshold = {
       field: 'source.ip',
@@ -40,10 +40,10 @@ describe('', () => {
       undefined,
       loggingSystemMock.createLogger(),
       threshold,
-      'abcd',
+      '1234',
       undefined
     );
-    const _id = uuidv5(`abcd${startedAt}source.ip127.0.0.1`, NAMESPACE_ID);
+    const _id = calculateThresholdSignalUuid('1234', startedAt, 'source.ip', '127.0.0.1');
     expect(transformedResults).toEqual({
       took: 10,
       timed_out: false,
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/bulk_create_threshold_signals.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/bulk_create_threshold_signals.ts
@@ -4,7 +4,6 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-import uuidv5 from 'uuid/v5';
 import { get, isEmpty } from 'lodash/fp';
 import set from 'set-value';
 
@@ -18,11 +17,9 @@ import { RuleAlertAction } from '../../../../common/detection_engine/types';
 import { RuleTypeParams, RefreshTypes } from '../types';
 import { singleBulkCreate, SingleBulkCreateResponse } from './single_bulk_create';
 import { SignalSearchResponse, ThresholdAggregationBucket } from './types';
+import { calculateThresholdSignalUuid } from './utils';
 import { BuildRuleMessage } from './rule_messages';
 
-// used to generate constant Threshold Signals ID when run with the same params
-export const NAMESPACE_ID = '0684ec03-7201-4ee0-8ee0-3a3f6b2479b2';
-
 interface BulkCreateThresholdSignalsParams {
   actions: RuleAlertAction[];
   someResult: SignalSearchResponse;
@@ -83,7 +80,7 @@ const getTransformedHits = (
     return [
       {
         _index: inputIndex,
-        _id: uuidv5(`${ruleId}${startedAt}${threshold.field}`, NAMESPACE_ID),
+        _id: calculateThresholdSignalUuid(ruleId, startedAt, threshold.field),
         _source: source,
       },
     ];
@@ -111,7 +108,7 @@ const getTransformedHits = (
 
         return {
           _index: inputIndex,
-          _id: uuidv5(`${ruleId}${startedAt}${threshold.field}${key}`, NAMESPACE_ID),
+          _id: calculateThresholdSignalUuid(ruleId, startedAt, threshold.field, key),
           _source: source,
         };
       }
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.test.ts
@@ -36,6 +36,7 @@ import {
   mergeReturns,
   createTotalHitsFromSearchResult,
   lastValidDate,
+  calculateThresholdSignalUuid,
 } from './utils';
 import { BulkResponseErrorAggregation, SearchAfterAndBulkCreateReturnType } from './types';
 import {
@@ -1303,4 +1304,18 @@ describe('utils', () => {
       expect(result).toEqual(4);
     });
   });
+
+  describe('calculateThresholdSignalUuid', () => {
+    it('should generate a uuid without key', () => {
+      const startedAt = new Date('2020-12-17T16:27:00Z');
+      const signalUuid = calculateThresholdSignalUuid('abcd', startedAt, 'agent.name');
+      expect(signalUuid).toEqual('c0cbe4b7-48de-5734-ae81-d8de3e79839d');
+    });
+
+    it('should generate a uuid with key', () => {
+      const startedAt = new Date('2019-11-18T13:32:00Z');
+      const signalUuid = calculateThresholdSignalUuid('abcd', startedAt, 'host.ip', '1.2.3.4');
+      expect(signalUuid).toEqual('f568509e-b570-5d3c-a7ed-7c73fd29ddaf');
+    });
+  });
 });
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts
@@ -5,6 +5,7 @@
  */
 import { createHash } from 'crypto';
 import moment from 'moment';
+import uuidv5 from 'uuid/v5';
 import dateMath from '@elastic/datemath';
 
 import { TimestampOverrideOrUndefined } from '../../../../common/detection_engine/schemas/common/schemas';
@@ -661,3 +662,20 @@ export const createTotalHitsFromSearchResult = ({
       : searchResult.hits.total.value;
   return totalHits;
 };
+
+export const calculateThresholdSignalUuid = (
+  ruleId: string,
+  startedAt: Date,
+  thresholdField: string,
+  key?: string
+): string => {
+  // used to generate constant Threshold Signals ID when run with the same params
+  const NAMESPACE_ID = '0684ec03-7201-4ee0-8ee0-3a3f6b2479b2';
+
+  let baseString = `${ruleId}${startedAt}${thresholdField}`;
+  if (key != null) {
+    baseString = `${baseString}${key}`;
+  }
+
+  return uuidv5(baseString, NAMESPACE_ID);
+};
