From 57fe77517c403cdf6995678aa8a1bfa1700824ed Mon Sep 17 00:00:00 2001 From: Casey McGinley Date: Thu, 21 Nov 2024 13:10:03 -0800 Subject: [PATCH] Revert "TODO (revert): temporarily disabling some v" This reverts commit b3c6948488257a66b224774e4f89faa7a487c86d. --- .../detection_abstract.py | 37 +++++++++---------- contentctl/output/conf_writer.py | 5 +-- 2 files changed, 20 insertions(+), 22 deletions(-) diff --git a/contentctl/objects/abstract_security_content_objects/detection_abstract.py b/contentctl/objects/abstract_security_content_objects/detection_abstract.py index 738d7622..dc0350d5 100644 --- a/contentctl/objects/abstract_security_content_objects/detection_abstract.py +++ b/contentctl/objects/abstract_security_content_objects/detection_abstract.py @@ -569,26 +569,25 @@ def model_post_init(self, __context: Any) -> None: # 1 of the drilldowns contains the string Drilldown.SEARCH_PLACEHOLDER. # This is presently a requirement when 1 or more drilldowns are added to a detection. # Note that this is only required for production searches that are not hunting - - # TODO (cmcginley): commenting out for testing - # if self.type == AnalyticsType.Hunting.value or self.status != DetectionStatus.production.value: - # #No additional check need to happen on the potential drilldowns. - # pass - # else: - # found_placeholder = False - # if len(self.drilldown_searches) < 2: - # raise ValueError(f"This detection is required to have 2 drilldown_searches, but only has [{len(self.drilldown_searches)}]") - # for drilldown in self.drilldown_searches: - # if DRILLDOWN_SEARCH_PLACEHOLDER in drilldown.search: - # found_placeholder = True - # if not found_placeholder: - # raise ValueError("Detection has one or more drilldown_searches, but none of them " - # f"contained '{DRILLDOWN_SEARCH_PLACEHOLDER}. This is a requirement " - # "if drilldown_searches are defined.'") - # # Update the search fields with the original search, if required - # for drilldown in self.drilldown_searches: - # drilldown.perform_search_substitutions(self) + if self.type == AnalyticsType.Hunting.value or self.status != DetectionStatus.production.value: + #No additional check need to happen on the potential drilldowns. + pass + else: + found_placeholder = False + if len(self.drilldown_searches) < 2: + raise ValueError(f"This detection is required to have 2 drilldown_searches, but only has [{len(self.drilldown_searches)}]") + for drilldown in self.drilldown_searches: + if DRILLDOWN_SEARCH_PLACEHOLDER in drilldown.search: + found_placeholder = True + if not found_placeholder: + raise ValueError("Detection has one or more drilldown_searches, but none of them " + f"contained '{DRILLDOWN_SEARCH_PLACEHOLDER}. This is a requirement " + "if drilldown_searches are defined.'") + + # Update the search fields with the original search, if required + for drilldown in self.drilldown_searches: + drilldown.perform_search_substitutions(self) #For experimental purposes, add the default drilldowns #self.drilldown_searches.extend(Drilldown.constructDrilldownsFromDetection(self)) diff --git a/contentctl/output/conf_writer.py b/contentctl/output/conf_writer.py index a4d17e38..410ce4f6 100644 --- a/contentctl/output/conf_writer.py +++ b/contentctl/output/conf_writer.py @@ -232,9 +232,8 @@ def writeDashboardFiles(config:build, dashboards:list[Dashboard])->set[pathlib.P output_file_path = dashboard.getOutputFilepathRelativeToAppRoot(config) # Check that the full output path does not exist so that we are not having an # name collision with a file in app_template - # TODO (cmcginley): commenting out for testing - # if (config.getPackageDirectoryPath()/output_file_path).exists(): - # raise FileExistsError(f"ERROR: Overwriting Dashboard File {output_file_path}. Does this file exist in {config.getAppTemplatePath()} AND {config.path/'dashboards'}?") + if (config.getPackageDirectoryPath()/output_file_path).exists(): + raise FileExistsError(f"ERROR: Overwriting Dashboard File {output_file_path}. Does this file exist in {config.getAppTemplatePath()} AND {config.path/'dashboards'}?") ConfWriter.writeXmlFileHeader(output_file_path, config) dashboard.writeDashboardFile(ConfWriter.getJ2Environment(), config)