Add tests for updateAlertEventStatus

elastic · Mar 21, 2022 · a61c73e · a61c73e
1 parent 26f0b5f
commit a61c73e
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 4 deletions.
diff --git a/x-pack/plugins/session_view/common/constants.ts b/x-pack/plugins/session_view/common/constants.ts
@@ -13,6 +13,11 @@ export const ALERTS_INDEX = '.siem-signals-default';
 export const ENTRY_SESSION_ENTITY_ID_PROPERTY = 'process.entry_leader.entity_id';
 export const ALERT_UUID_PROPERTY = 'kibana.alert.uuid';
 export const KIBANA_DATE_FORMAT = 'MMM DD, YYYY @ hh:mm:ss.SSS';
+export const ALERT_STATUS = {
+  OPEN: 'open',
+  ACKNOWLEDGED: 'acknowledged',
+  CLOSED: 'closed',
+};
 
 // We fetch a large number of events per page to mitigate a few design caveats in session viewer
 // 1. Due to the hierarchical nature of the data (e.g we are rendering a time ordered pid tree) there are common scenarios where there

diff --git a/x-pack/plugins/session_view/public/components/process_tree/helpers.test.ts b/x-pack/plugins/session_view/public/components/process_tree/helpers.test.ts
@@ -5,11 +5,15 @@
  * 2.0.
  */
 import {
-  mockData,
+  mockEvents,
+  mockAlerts,
   mockProcessMap,
 } from '../../../common/mocks/constants/session_view_process.mock';
-import { Process, ProcessMap } from '../../../common/types/process_tree';
+import { Process, ProcessMap, ProcessEvent } from '../../../common/types/process_tree';
+import { ALERT_STATUS } from '../../../common/constants';
+import { UpdateAlertStatus } from '../../types';
 import {
+  updateAlertEventStatus,
   updateProcessMap,
   buildProcessTree,
   searchProcessTree,
@@ -20,8 +24,6 @@ const SESSION_ENTITY_ID = '3d0192c6-7c54-5ee6-a110-3539a7cf42bc';
 const SEARCH_QUERY = 'vi';
 const SEARCH_RESULT_PROCESS_ID = '8e4daeb2-4a4e-56c4-980e-f0dcfdbc3727';
 
-const mockEvents = mockData[0].events;
-
 describe('process tree hook helpers tests', () => {
   let processMap: ProcessMap;
 
@@ -73,4 +75,46 @@ describe('process tree hook helpers tests', () => {
     // session leader should have autoExpand to be true
     expect(processMap[SESSION_ENTITY_ID].autoExpand).toBeTruthy();
   });
+
+  it('updateAlertEventStatus works', () => {
+    const events: ProcessEvent[] = JSON.parse(JSON.stringify([...mockEvents, ...mockAlerts]));
+    const updatedAlertsStatus: UpdateAlertStatus = {
+      [mockAlerts[0].kibana?.alert.uuid!]: {
+        status: ALERT_STATUS.CLOSED,
+        processEntityId: mockAlerts[0].process.entity_id,
+      },
+      [mockAlerts[1].kibana?.alert.uuid!]: {
+        status: ALERT_STATUS.ACKNOWLEDGED,
+        processEntityId: mockAlerts[1].process.entity_id,
+      },
+    };
+
+    expect(
+      events.find(
+        (event) =>
+          event.kibana?.alert.uuid && event.kibana?.alert.uuid === mockAlerts[0].kibana?.alert.uuid
+      )?.kibana?.alert.workflow_status
+    ).toEqual(ALERT_STATUS.OPEN);
+    expect(
+      events.find(
+        (event) =>
+          event.kibana?.alert.uuid && event.kibana?.alert.uuid === mockAlerts[1].kibana?.alert.uuid
+      )?.kibana?.alert.workflow_status
+    ).toEqual(ALERT_STATUS.OPEN);
+
+    updateAlertEventStatus(events, updatedAlertsStatus);
+
+    expect(
+      events.find(
+        (event) =>
+          event.kibana?.alert.uuid && event.kibana?.alert.uuid === mockAlerts[0].kibana?.alert.uuid
+      )?.kibana?.alert.workflow_status
+    ).toEqual(ALERT_STATUS.CLOSED);
+    expect(
+      events.find(
+        (event) =>
+          event.kibana?.alert.uuid && event.kibana?.alert.uuid === mockAlerts[1].kibana?.alert.uuid
+      )?.kibana?.alert.workflow_status
+    ).toEqual(ALERT_STATUS.ACKNOWLEDGED);
+  });
 });