[Cases] IBM Resilient form improvements#238869
Conversation
PhilippeOberti
left a comment
PhilippeOberti
left a comment
There was a problem hiding this comment.
Code review only (only Cypress files modified). LGTM for the @elastic/security-threat-hunting-investigations team!
christineweng
left a comment
christineweng
left a comment
There was a problem hiding this comment.
Desk tested and LGTM, left some nit comments.
The json editor is also used in Edit connector -> Test, I wonder if it should be replaced by the new fields as well
...atform/plugins/shared/cases/public/components/connectors/resilient/additional_form_field.tsx
Show resolved
Hide resolved
...tform/plugins/shared/cases/public/components/connectors/resilient/additional_form_fields.tsx
Outdated
Show resolved
Hide resolved
x-pack/platform/plugins/shared/cases/public/components/connectors/constants.ts
Outdated
Show resolved
Hide resolved
| signal?: AbortSignal; | ||
| } | ||
|
|
||
| export async function getIncidentTypes({ http, connectorId, signal }: Props) { |
There was a problem hiding this comment.
I did a lookup on getIncidentTypes and found that under stack_connectors there is another api for this (and severity as well), do you know why there were 2?
x-pack/platform/plugins/shared/stack_connectors/public/connector_types/resilient/api.ts
There was a problem hiding this comment.
Yeah, they're separate forms in separate plugins, see: #238869
@christineweng That form is not owned by us and there's no easy way to share the form since these are different plugins. From what I understand, the Response Ops team is working on improving the connector forms as well so I did not want to interfere. |
banderror
left a comment
banderror
left a comment
There was a problem hiding this comment.
Approving changes to x-pack/solutions/security/test/security_solution_cypress/cypress/objects/case.ts
janmonschke
added
the
ci:cloud-persist-deployment
elastic-vault-github-plugin-prod
bot
requested a review
from a team
as a code owner
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Module Count
Async chunks
Count of Enzyme imports
Unknown metric groupsESLint disabled line counts
References to deprecated APIs
Total ESLint disabled count
History
cc @janmonschke |
## Summary Fixes: elastic#240446 This PR provides an improved experience of editing IBM resilient fields. Instead of editing IBM resilient fields with a JSON editor, this PR adds dynamic form elements for the IBM resilient fields. ### Demo https://github.com/user-attachments/assets/aedd61e4-9566-4196-b24e-52d4cd85e925 ### Other changes - Removed `useGetIncidentTypes` and `useGetSeverity` since they can both be obtained via `useGetFields`. This also removes the API calls from 3 to just a single one. - The connector preview is now a proper table and all connector previews have been changed. ### Testing - Add an IBM Resilient connector (hmu in Slack for credentials) - Create case, add additional fields to the connector, hit save - Observe that the fields and their values are shown in the case page - Edit the additional fields to your liking (adding, removing, editing) and make sure the changes are saved when pushing to IBM Resilient --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
6 participants
Summary
Fixes: #240446
This PR provides an improved experience of editing IBM resilient fields.
Instead of editing IBM resilient fields with a JSON editor, this PR adds dynamic form elements for the IBM resilient fields.
Demo
Screen.Recording.2025-11-18.at.13.36.36.mov
Other changes
useGetIncidentTypesanduseGetSeveritysince they can both be obtained viauseGetFields. This also removes the API calls from 3 to just a single one.Testing