[Canvas] Sanitize workpad before sending to API#57704
Merged
crob611 merged 3 commits intoelastic:masterfrom Feb 21, 2020
Merged
[Canvas] Sanitize workpad before sending to API#57704crob611 merged 3 commits intoelastic:masterfrom
crob611 merged 3 commits intoelastic:masterfrom
Conversation
Contributor
|
Pinging @elastic/kibana-canvas (Team:Canvas) |
crob611
commented
Feb 14, 2020
| /* | ||
| Remove any top level keys from the workpad which will be rejected by validation | ||
| */ | ||
| const validKeys = [ |
Contributor
Author
There was a problem hiding this comment.
Ideally this should come from the WorkpadSchema that is in the new plugin, but the kbn-config-schema uses JOI under the hood, so I don't think pulling it into the browser is ideal?
Contributor
Author
|
@elasticmachine merge upstream |
Contributor
Author
|
@elasticmachine merge upstream |
Contributor
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
crob611
pushed a commit
to crob611/kibana
that referenced
this pull request
Feb 21, 2020
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
crob611
pushed a commit
to crob611/kibana
that referenced
this pull request
Feb 21, 2020
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
mbondyra
added a commit
to mbondyra/kibana
that referenced
this pull request
Feb 21, 2020
…_improve-advanced-settings-save * commit '02efb01c481f9f24d8d707f06dfc68b2fb805001': (43 commits) [Endpoint] Add a flyout to alert list. (elastic#57926) Make sure index pattern has fields before parsing (elastic#58242) Sanitize workpad before sending to API (elastic#57704) [ML] Transform: Support multi-line JSON notation in advanced editor (elastic#58015) [Endpoint] Refactor Management List Tests (elastic#58148) [kbn/optimizer] include bootstrap cache key in optimizer cache key (elastic#58176) Do not refresh color scale on each lookup (elastic#57792) Updating to @elastic/lodash@3.10.1-kibana4 (elastic#54662) Trigger context (elastic#57870) [ML] Transforms: Adds clone feature to transforms list. (elastic#57837) [ML] New Platform server shim: update fields service routes (elastic#58060) [Endpoint] EMT-184: change endpoints to metadata up and down the code base. (elastic#58038) document difference between log record formats (elastic#57798) Expose elasticsearch config schema (elastic#57655) [ui/agg_response/tabify] update types for search/expressions/build_tabular_inspector_data.ts (elastic#58130) [SIEM] Cleans Cypress tests code (elastic#58134) fix: 🐛 make dev server Storybook builds work again (elastic#58188) Prevent core savedObjects plugin from being overridden (elastic#58193) Expose serverBasePath on client-side (elastic#58070) Fix legend sizing on area charts (elastic#58083) ...
crob611
pushed a commit
that referenced
this pull request
Feb 21, 2020
crob611
pushed a commit
that referenced
this pull request
Feb 21, 2020
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Feb 24, 2020
…-out-of-legacy * 'master' of github.com:elastic/kibana: [SIEM] [Case] Enable case by default. Snake to camel on UI (elastic#57936) [File upload] Update remaining File Upload dependencies for NP migration (elastic#58128) Use EuiTokens for ES field types (elastic#57911) Added UI support for the default action group for Alert Type Model (elastic#57603) force savedObject API consumers to define SO type explicitly (elastic#58022) Update dependency @elastic/charts to ^17.1.1 (elastic#57634) [Endpoint] Add a flyout to alert list. (elastic#57926) Make sure index pattern has fields before parsing (elastic#58242) Sanitize workpad before sending to API (elastic#57704) [ML] Transform: Support multi-line JSON notation in advanced editor (elastic#58015) [Endpoint] Refactor Management List Tests (elastic#58148) [kbn/optimizer] include bootstrap cache key in optimizer cache key (elastic#58176) Do not refresh color scale on each lookup (elastic#57792) Updating to @elastic/lodash@3.10.1-kibana4 (elastic#54662) Trigger context (elastic#57870) [ML] Transforms: Adds clone feature to transforms list. (elastic#57837) [ML] New Platform server shim: update fields service routes (elastic#58060) [Endpoint] EMT-184: change endpoints to metadata up and down the code base. (elastic#58038)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Workpads created before 7.6 from a template probably have a "displayName" and "help" attribute. This is not a valid attribute on a workpad, and the new route validation schema will fail if it sees these.
This PR adds a simple method to sanitize workpads before shipping them off to the api to make sure that any non-expected keys are removed so as to not fail the route. This impacts both updating existing workpads with bad keys, and trying to import a workpad that was exported from a previous version with a bad key.