diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.gen.ts deleted file mode 100644 index 3ef8b40c032a4..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.gen.ts +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Bulk Create API endpoint - * version: 2023-10-31 - */ - -import { z } from '@kbn/zod'; - -import { RuleCreateProps } from '../../../model/rule_schema/rule_schemas.gen'; -import { BulkCrudRulesResponse } from '../response_schema.gen'; - -export type BulkCreateRulesRequestBody = z.infer; -export const BulkCreateRulesRequestBody = z.array(RuleCreateProps); -export type BulkCreateRulesRequestBodyInput = z.input; - -export type BulkCreateRulesResponse = z.infer; -export const BulkCreateRulesResponse = BulkCrudRulesResponse; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.schema.yaml deleted file mode 100644 index 8b024946bc220..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.schema.yaml +++ /dev/null @@ -1,31 +0,0 @@ -openapi: 3.0.0 -info: - title: Bulk Create API endpoint - version: '2023-10-31' -paths: - /api/detection_engine/rules/_bulk_create: - post: - x-labels: [ess] - x-codegen-enabled: true - operationId: BulkCreateRules - deprecated: true - summary: Create multiple detection rules - description: Create new detection rules in bulk. - tags: - - Bulk API - requestBody: - description: A JSON array of rules, where each rule contains the required fields. - required: true - content: - application/json: - schema: - type: array - items: - $ref: '../../../model/rule_schema/rule_schemas.schema.yaml#/components/schemas/RuleCreateProps' - responses: - 200: - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '../response_schema.schema.yaml#/components/schemas/BulkCrudRulesResponse' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.test.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.test.ts deleted file mode 100644 index 52c7d5e097cc3..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_create_rules/bulk_create_rules_route.test.ts +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { expectParseError, expectParseSuccess, stringifyZodError } from '@kbn/zod-helpers'; -import { getCreateRulesSchemaMock } from '../../../model/rule_schema/mocks'; -import { BulkCreateRulesRequestBody } from './bulk_create_rules_route.gen'; - -// only the basics of testing are here. -// see: rule_schemas.test.ts for the bulk of the validation tests -// this just wraps createRulesSchema in an array -describe('Bulk create rules request schema', () => { - test('can take an empty array and validate it', () => { - const payload: BulkCreateRulesRequestBody = []; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('made up values do not validate for a single element', () => { - const payload: Array<{ madeUp: string }> = [{ madeUp: 'hi' }]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.type: Invalid discriminator value. Expected 'eql' | 'query' | 'saved_query' | 'threshold' | 'threat_match' | 'machine_learning' | 'new_terms' | 'esql'"` - ); - }); - - test('single array element does validate', () => { - const payload: BulkCreateRulesRequestBody = [getCreateRulesSchemaMock()]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('two array elements do validate', () => { - const payload: BulkCreateRulesRequestBody = [ - getCreateRulesSchemaMock(), - getCreateRulesSchemaMock(), - ]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('single array element with a missing value (risk_score) will not validate', () => { - const singleItem = getCreateRulesSchemaMock(); - // @ts-expect-error - delete singleItem.risk_score; - const payload: BulkCreateRulesRequestBody = [singleItem]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"0.risk_score: Required"`); - }); - - test('two array elements where the first is valid but the second is invalid (risk_score) will not validate', () => { - const singleItem = getCreateRulesSchemaMock(); - const secondItem = getCreateRulesSchemaMock(); - // @ts-expect-error - delete secondItem.risk_score; - const payload: BulkCreateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"1.risk_score: Required"`); - }); - - test('two array elements where the first is invalid (risk_score) but the second is valid will not validate', () => { - const singleItem = getCreateRulesSchemaMock(); - const secondItem = getCreateRulesSchemaMock(); - // @ts-expect-error - delete singleItem.risk_score; - const payload: BulkCreateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"0.risk_score: Required"`); - }); - - test('two array elements where both are invalid (risk_score) will not validate', () => { - const singleItem = getCreateRulesSchemaMock(); - const secondItem = getCreateRulesSchemaMock(); - // @ts-expect-error - delete singleItem.risk_score; - // @ts-expect-error - delete secondItem.risk_score; - const payload: BulkCreateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.risk_score: Required, 1.risk_score: Required"` - ); - }); - - test('extra keys are omitted from the payload', () => { - const singleItem = { - ...getCreateRulesSchemaMock(), - madeUpValue: 'something', - }; - const secondItem = { - ...getCreateRulesSchemaMock(), - madeUpValue: 'something', - }; - const payload: BulkCreateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual([getCreateRulesSchemaMock(), getCreateRulesSchemaMock()]); - }); - - test('You cannot set the severity to a value other than low, medium, high, or critical', () => { - const badSeverity = { ...getCreateRulesSchemaMock(), severity: 'madeup' }; - const payload = [badSeverity]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.severity: Invalid enum value. Expected 'low' | 'medium' | 'high' | 'critical', received 'madeup'"` - ); - }); - - test('You can set "note" to a string', () => { - const payload: BulkCreateRulesRequestBody = [ - { ...getCreateRulesSchemaMock(), note: '# test markdown' }, - ]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('You can set "note" to an empty string', () => { - const payload: BulkCreateRulesRequestBody = [{ ...getCreateRulesSchemaMock(), note: '' }]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('You cant set "note" to anything other than string', () => { - const payload = [ - { - ...getCreateRulesSchemaMock(), - note: { - something: 'some object', - }, - }, - ]; - - const result = BulkCreateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.note: Expected string, received object"` - ); - }); -}); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.gen.ts deleted file mode 100644 index 82d76911e9631..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.gen.ts +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Bulk Delete API endpoint - * version: 2023-10-31 - */ - -import { z } from '@kbn/zod'; - -import { RuleObjectId, RuleSignatureId } from '../../../model/rule_schema/common_attributes.gen'; -import { BulkCrudRulesResponse } from '../response_schema.gen'; - -export type BulkDeleteRulesRequestBody = z.infer; -export const BulkDeleteRulesRequestBody = z.array( - z.object({ - id: RuleObjectId.optional(), - rule_id: RuleSignatureId.optional(), - }) -); -export type BulkDeleteRulesRequestBodyInput = z.input; - -export type BulkDeleteRulesResponse = z.infer; -export const BulkDeleteRulesResponse = BulkCrudRulesResponse; - -export type BulkDeleteRulesPostRequestBody = z.infer; -export const BulkDeleteRulesPostRequestBody = z.array( - z.object({ - id: RuleObjectId.optional(), - rule_id: RuleSignatureId.optional(), - }) -); -export type BulkDeleteRulesPostRequestBodyInput = z.input; - -export type BulkDeleteRulesPostResponse = z.infer; -export const BulkDeleteRulesPostResponse = BulkCrudRulesResponse; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.schema.yaml deleted file mode 100644 index 095fe330f09ba..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.schema.yaml +++ /dev/null @@ -1,107 +0,0 @@ -openapi: 3.0.0 -info: - title: Bulk Delete API endpoint - version: '2023-10-31' -paths: - /api/detection_engine/rules/_bulk_delete: - delete: - x-labels: [ess] - x-codegen-enabled: true - operationId: BulkDeleteRules - deprecated: true - summary: Delete multiple detection rules - description: Delete detection rules in bulk. - tags: - - Bulk API - requestBody: - description: A JSON array of `id` or `rule_id` fields of the rules you want to delete. - required: true - content: - application/json: - schema: - type: array - items: - type: object - properties: - id: - $ref: '../../../model/rule_schema/common_attributes.schema.yaml#/components/schemas/RuleObjectId' - rule_id: - $ref: '../../../model/rule_schema/common_attributes.schema.yaml#/components/schemas/RuleSignatureId' - responses: - 200: - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '../response_schema.schema.yaml#/components/schemas/BulkCrudRulesResponse' - 400: - description: Invalid input data response - content: - application/json: - schema: - oneOf: - - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' - - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' - 401: - description: Unsuccessful authentication response - content: - application/json: - schema: - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' - 500: - description: Internal server error response - content: - application/json: - schema: - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' - - post: - x-labels: [ess] - x-codegen-enabled: true - operationId: BulkDeleteRulesPost - deprecated: true - summary: Delete multiple detection rules - description: Deletes multiple rules. - tags: - - Bulk API - requestBody: - description: A JSON array of `id` or `rule_id` fields of the rules you want to delete. - required: true - content: - application/json: - schema: - type: array - items: - type: object - properties: - id: - $ref: '../../../model/rule_schema/common_attributes.schema.yaml#/components/schemas/RuleObjectId' - rule_id: - $ref: '../../../model/rule_schema/common_attributes.schema.yaml#/components/schemas/RuleSignatureId' - responses: - 200: - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '../response_schema.schema.yaml#/components/schemas/BulkCrudRulesResponse' - 400: - description: Invalid input data response - content: - application/json: - schema: - oneOf: - - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' - - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' - 401: - description: Unsuccessful authentication response - content: - application/json: - schema: - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse' - 500: - description: Internal server error response - content: - application/json: - schema: - $ref: '../../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.test.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.test.ts deleted file mode 100644 index 90e5abf36163d..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_delete_rules/bulk_delete_rules_route.test.ts +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { expectParseError, expectParseSuccess, stringifyZodError } from '@kbn/zod-helpers'; -import { BulkDeleteRulesRequestBody } from './bulk_delete_rules_route.gen'; - -// only the basics of testing are here. -// see: query_rules_schema.test.ts for the bulk of the validation tests -// this just wraps queryRulesSchema in an array -describe('Bulk delete rules request schema', () => { - test('can take an empty array and validate it', () => { - const payload: BulkDeleteRulesRequestBody = []; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('non uuid being supplied to id does not validate', () => { - const payload: BulkDeleteRulesRequestBody = [ - { - id: '1', - }, - ]; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"0.id: Invalid uuid"`); - }); - - test('both rule_id and id being supplied do validate', () => { - const payload: BulkDeleteRulesRequestBody = [ - { - rule_id: '1', - id: 'c1e1b359-7ac1-4e96-bc81-c683c092436f', - }, - ]; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('only id validates with two elements', () => { - const payload: BulkDeleteRulesRequestBody = [ - { id: 'c1e1b359-7ac1-4e96-bc81-c683c092436f' }, - { id: 'c1e1b359-7ac1-4e96-bc81-c683c092436f' }, - ]; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('only rule_id validates', () => { - const payload: BulkDeleteRulesRequestBody = [ - { rule_id: 'c1e1b359-7ac1-4e96-bc81-c683c092436f' }, - ]; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('only rule_id validates with two elements', () => { - const payload: BulkDeleteRulesRequestBody = [ - { rule_id: 'c1e1b359-7ac1-4e96-bc81-c683c092436f' }, - { rule_id: '2' }, - ]; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('both id and rule_id validates with two separate elements', () => { - const payload: BulkDeleteRulesRequestBody = [ - { id: 'c1e1b359-7ac1-4e96-bc81-c683c092436f' }, - { rule_id: '2' }, - ]; - - const result = BulkDeleteRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); -}); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.gen.ts deleted file mode 100644 index 02158edd64e6d..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.gen.ts +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Bulk Patch API endpoint - * version: 2023-10-31 - */ - -import { z } from '@kbn/zod'; - -import { RulePatchProps } from '../../../model/rule_schema/rule_schemas.gen'; -import { BulkCrudRulesResponse } from '../response_schema.gen'; - -export type BulkPatchRulesRequestBody = z.infer; -export const BulkPatchRulesRequestBody = z.array(RulePatchProps); -export type BulkPatchRulesRequestBodyInput = z.input; - -export type BulkPatchRulesResponse = z.infer; -export const BulkPatchRulesResponse = BulkCrudRulesResponse; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.schema.yaml deleted file mode 100644 index 8c414965385f4..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.schema.yaml +++ /dev/null @@ -1,31 +0,0 @@ -openapi: 3.0.0 -info: - title: Bulk Patch API endpoint - version: '2023-10-31' -paths: - /api/detection_engine/rules/_bulk_update: - patch: - x-labels: [ess] - x-codegen-enabled: true - summary: Patch multiple detection rules - operationId: BulkPatchRules - deprecated: true - description: Update specific fields of existing detection rules using the `rule_id` or `id` field. - tags: - - Bulk API - requestBody: - description: A JSON array of rules, where each rule contains the required fields. - required: true - content: - application/json: - schema: - type: array - items: - $ref: '../../../model/rule_schema/rule_schemas.schema.yaml#/components/schemas/RulePatchProps' - responses: - 200: - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '../response_schema.schema.yaml#/components/schemas/BulkCrudRulesResponse' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.test.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.test.ts deleted file mode 100644 index d5325ad5ed13f..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_patch_rules/bulk_patch_rules_route.test.ts +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { expectParseError, expectParseSuccess, stringifyZodError } from '@kbn/zod-helpers'; -import type { PatchRuleRequestBody } from '../../crud/patch_rule/patch_rule_route.gen'; -import { BulkPatchRulesRequestBody } from './bulk_patch_rules_route.gen'; - -// only the basics of testing are here. -// see: patch_rules_schema.test.ts for the bulk of the validation tests -// this just wraps patchRulesSchema in an array -describe('Bulk patch rules request schema', () => { - test('can take an empty array and validate it', () => { - const payload: BulkPatchRulesRequestBody = []; - - const result = BulkPatchRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('single array of [id] does validate', () => { - const payload: BulkPatchRulesRequestBody = [{ id: '4125761e-51da-4de9-a0c8-42824f532ddb' }]; - - const result = BulkPatchRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('two arrays of [id] validate', () => { - const payload: BulkPatchRulesRequestBody = [ - { id: '4125761e-51da-4de9-a0c8-42824f532ddb' }, - { id: '192f403d-b285-4251-9e8b-785fcfcf22e8' }, - ]; - - const result = BulkPatchRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('can set "note" to be a string', () => { - const payload: BulkPatchRulesRequestBody = [ - { id: '4125761e-51da-4de9-a0c8-42824f532ddb' }, - { note: 'hi' }, - ]; - - const result = BulkPatchRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('can set "note" to be an empty string', () => { - const payload: BulkPatchRulesRequestBody = [ - { id: '4125761e-51da-4de9-a0c8-42824f532ddb' }, - { note: '' }, - ]; - - const result = BulkPatchRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('cannot set "note" to be anything other than a string', () => { - const payload: Array & { note?: object }> = [ - { id: '4125761e-51da-4de9-a0c8-42824f532ddb' }, - { note: { someprop: 'some value here' } }, - ]; - - const result = BulkPatchRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"1.note: Expected string, received object, 1.note: Expected string, received object, 1.note: Expected string, received object, 1.note: Expected string, received object, 1.note: Expected string, received object, and 3 more"` - ); - }); -}); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.gen.ts deleted file mode 100644 index be14f047b1b97..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.gen.ts +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Bulk Update API endpoint - * version: 2023-10-31 - */ - -import { z } from '@kbn/zod'; - -import { RuleUpdateProps } from '../../../model/rule_schema/rule_schemas.gen'; -import { BulkCrudRulesResponse } from '../response_schema.gen'; - -export type BulkUpdateRulesRequestBody = z.infer; -export const BulkUpdateRulesRequestBody = z.array(RuleUpdateProps); -export type BulkUpdateRulesRequestBodyInput = z.input; - -export type BulkUpdateRulesResponse = z.infer; -export const BulkUpdateRulesResponse = BulkCrudRulesResponse; diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.schema.yaml deleted file mode 100644 index 841abbaea8fcd..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.schema.yaml +++ /dev/null @@ -1,34 +0,0 @@ -openapi: 3.0.0 -info: - title: Bulk Update API endpoint - version: '2023-10-31' -paths: - /api/detection_engine/rules/_bulk_update: - put: - x-labels: [ess] - x-codegen-enabled: true - operationId: BulkUpdateRules - deprecated: true - summary: Update multiple detection rules - description: | - Update multiple detection rules using the `rule_id` or `id` field. The original rules are replaced, and all unspecified fields are deleted. - > info - > You cannot modify the `id` or `rule_id` values. - tags: - - Bulk API - requestBody: - description: A JSON array where each element includes the `id` or `rule_id` field of the rule you want to update and the fields you want to modify. - required: true - content: - application/json: - schema: - type: array - items: - $ref: '../../../model/rule_schema/rule_schemas.schema.yaml#/components/schemas/RuleUpdateProps' - responses: - 200: - description: Indicates a successful call. - content: - application/json: - schema: - $ref: '../response_schema.schema.yaml#/components/schemas/BulkCrudRulesResponse' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.test.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.test.ts deleted file mode 100644 index f7e193856d0ea..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/bulk_update_rules/bulk_update_rules_route.test.ts +++ /dev/null @@ -1,176 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { expectParseError, expectParseSuccess, stringifyZodError } from '@kbn/zod-helpers'; -import type { RuleUpdateProps } from '../../../model'; -import { getUpdateRulesSchemaMock } from '../../../model/rule_schema/mocks'; -import { BulkUpdateRulesRequestBody } from './bulk_update_rules_route.gen'; - -// only the basics of testing are here. -// see: update_rules_schema.test.ts for the bulk of the validation tests -// this just wraps updateRulesSchema in an array -describe('Bulk update rules request schema', () => { - test('can take an empty array and validate it', () => { - const payload: BulkUpdateRulesRequestBody = []; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('made up values do not validate for a single element', () => { - const payload: Array<{ madeUp: string }> = [{ madeUp: 'hi' }]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.type: Invalid discriminator value. Expected 'eql' | 'query' | 'saved_query' | 'threshold' | 'threat_match' | 'machine_learning' | 'new_terms' | 'esql'"` - ); - }); - - test('single array element does validate', () => { - const payload: BulkUpdateRulesRequestBody = [getUpdateRulesSchemaMock()]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('two array elements do validate', () => { - const payload: BulkUpdateRulesRequestBody = [ - getUpdateRulesSchemaMock(), - getUpdateRulesSchemaMock(), - ]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('single array element with a missing value (risk_score) will not validate', () => { - const singleItem = getUpdateRulesSchemaMock(); - // @ts-expect-error - delete singleItem.risk_score; - const payload: BulkUpdateRulesRequestBody = [singleItem]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"0.risk_score: Required"`); - }); - - test('two array elements where the first is valid but the second is invalid (risk_score) will not validate', () => { - const singleItem = getUpdateRulesSchemaMock(); - const secondItem = getUpdateRulesSchemaMock(); - // @ts-expect-error - delete secondItem.risk_score; - const payload: BulkUpdateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"1.risk_score: Required"`); - }); - - test('two array elements where the first is invalid (risk_score) but the second is valid will not validate', () => { - const singleItem = getUpdateRulesSchemaMock(); - const secondItem = getUpdateRulesSchemaMock(); - // @ts-expect-error - delete singleItem.risk_score; - const payload: BulkUpdateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot(`"0.risk_score: Required"`); - }); - - test('two array elements where both are invalid (risk_score) will not validate', () => { - const singleItem = getUpdateRulesSchemaMock(); - const secondItem = getUpdateRulesSchemaMock(); - // @ts-expect-error - delete singleItem.risk_score; - // @ts-expect-error - delete secondItem.risk_score; - const payload: BulkUpdateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.risk_score: Required, 1.risk_score: Required"` - ); - }); - - test('extra props will be omitted from the payload after validation', () => { - const singleItem: RuleUpdateProps & { madeUpValue: string } = { - ...getUpdateRulesSchemaMock(), - madeUpValue: 'something', - }; - const secondItem: RuleUpdateProps & { madeUpValue: string } = { - ...getUpdateRulesSchemaMock(), - madeUpValue: 'something', - }; - const payload: BulkUpdateRulesRequestBody = [singleItem, secondItem]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual([getUpdateRulesSchemaMock(), getUpdateRulesSchemaMock()]); - }); - - test('You cannot set the severity to a value other than low, medium, high, or critical', () => { - const badSeverity = { ...getUpdateRulesSchemaMock(), severity: 'madeup' }; - const payload = [badSeverity]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.severity: Invalid enum value. Expected 'low' | 'medium' | 'high' | 'critical', received 'madeup'"` - ); - }); - - test('You can set "namespace" to a string', () => { - const payload: BulkUpdateRulesRequestBody = [ - { ...getUpdateRulesSchemaMock(), namespace: 'a namespace' }, - ]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('You can set "note" to a string', () => { - const payload: BulkUpdateRulesRequestBody = [ - { ...getUpdateRulesSchemaMock(), note: '# test markdown' }, - ]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('You can set "note" to an empty string', () => { - const payload: BulkUpdateRulesRequestBody = [{ ...getUpdateRulesSchemaMock(), note: '' }]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('You cant set "note" to anything other than string', () => { - const payload = [ - { - ...getUpdateRulesSchemaMock(), - note: { - something: 'some object', - }, - }, - ]; - - const result = BulkUpdateRulesRequestBody.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.note: Expected string, received object"` - ); - }); -}); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.gen.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.gen.ts deleted file mode 100644 index 314f76abbe7bf..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.gen.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * NOTICE: Do not edit this file manually. - * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. - * - * info: - * title: Bulk Response Schema - * version: 8.9.0 - */ - -import { z } from '@kbn/zod'; - -import { RuleResponse } from '../../model/rule_schema/rule_schemas.gen'; -import { ErrorSchema } from '../../model/error_schema.gen'; - -export type BulkCrudRulesResponse = z.infer; -export const BulkCrudRulesResponse = z.array(z.union([RuleResponse, ErrorSchema])); diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.schema.yaml b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.schema.yaml deleted file mode 100644 index 30eedb8859c1f..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.schema.yaml +++ /dev/null @@ -1,14 +0,0 @@ -openapi: 3.0.0 -info: - title: Bulk Response Schema - version: 8.9.0 -paths: {} -components: - x-codegen-enabled: true - schemas: - BulkCrudRulesResponse: - type: array - items: - oneOf: - - $ref: '../../model/rule_schema/rule_schemas.schema.yaml#/components/schemas/RuleResponse' - - $ref: '../../model/error_schema.schema.yaml#/components/schemas/ErrorSchema' diff --git a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts b/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts deleted file mode 100644 index fb03c9c4b18ee..0000000000000 --- a/x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_crud/response_schema.test.ts +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ErrorSchema, RuleResponse } from '../../model'; -import { getErrorSchemaMock } from '../../model/error_schema.mock'; -import { getRulesSchemaMock } from '../../model/rule_schema/mocks'; - -import { expectParseError, expectParseSuccess, stringifyZodError } from '@kbn/zod-helpers'; -import { BulkCrudRulesResponse } from './response_schema.gen'; - -describe('Bulk CRUD rules response schema', () => { - test('it should validate a regular message and and error together with a uuid', () => { - const payload: BulkCrudRulesResponse = [getRulesSchemaMock(), getErrorSchemaMock()]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('it should validate a regular message and error together when the error has a non UUID', () => { - const payload: BulkCrudRulesResponse = [getRulesSchemaMock(), getErrorSchemaMock('fake id')]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('it should validate an error', () => { - const payload: BulkCrudRulesResponse = [getErrorSchemaMock('fake id')]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual(payload); - }); - - test('it should NOT validate a rule with a deleted value', () => { - const rule = getRulesSchemaMock(); - // @ts-expect-error - delete rule.name; - const payload: BulkCrudRulesResponse = [rule]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.name: Required, 0.error: Required, 0: Unrecognized key(s) in object: 'author', 'created_at', 'updated_at', 'created_by', 'description', 'enabled', 'false_positives', 'from', 'immutable', 'references', 'revision', 'severity', 'severity_mapping', 'updated_by', 'tags', 'to', 'threat', 'version', 'output_index', 'max_signals', 'risk_score', 'risk_score_mapping', 'rule_source', 'interval', 'exceptions_list', 'related_integrations', 'required_fields', 'setup', 'throttle', 'actions', 'building_block_type', 'note', 'license', 'outcome', 'alias_target_id', 'alias_purpose', 'timeline_id', 'timeline_title', 'meta', 'rule_name_override', 'timestamp_override', 'timestamp_override_fallback_disabled', 'namespace', 'investigation_fields', 'query', 'type', 'language', 'index', 'data_view_id', 'filters', 'saved_id', 'response_actions', 'alert_suppression'"` - ); - }); - - test('it should NOT validate an invalid error message with a deleted value', () => { - const error = getErrorSchemaMock('fake id'); - // @ts-expect-error - delete error.error; - const payload: BulkCrudRulesResponse = [error]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0.type: Invalid discriminator value. Expected 'eql' | 'query' | 'saved_query' | 'threshold' | 'threat_match' | 'machine_learning' | 'new_terms' | 'esql', 0.error: Required"` - ); - }); - - test('it should omit any extra rule props', () => { - const rule: RuleResponse & { invalid_extra_data?: string } = getRulesSchemaMock(); - rule.invalid_extra_data = 'invalid_extra_data'; - const payload: BulkCrudRulesResponse = [rule]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual([getRulesSchemaMock()]); - }); - - test('it should NOT validate a type of "query" when it has extra data next to a valid error', () => { - const rule: RuleResponse & { invalid_extra_data?: string } = getRulesSchemaMock(); - rule.invalid_extra_data = 'invalid_extra_data'; - const payload: BulkCrudRulesResponse = [getErrorSchemaMock(), rule]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseSuccess(result); - expect(result.data).toEqual([getErrorSchemaMock(), getRulesSchemaMock()]); - }); - - test('it should NOT validate an error when it has extra data', () => { - type InvalidError = ErrorSchema & { invalid_extra_data?: string }; - const error: InvalidError = getErrorSchemaMock(); - error.invalid_extra_data = 'invalid'; - const payload: BulkCrudRulesResponse = [error]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"0: Unrecognized key(s) in object: 'invalid_extra_data'"` - ); - }); - - test('it should NOT validate an error when it has extra data next to a valid payload element', () => { - type InvalidError = ErrorSchema & { invalid_extra_data?: string }; - const error: InvalidError = getErrorSchemaMock(); - error.invalid_extra_data = 'invalid'; - const payload: BulkCrudRulesResponse = [getRulesSchemaMock(), error]; - - const result = BulkCrudRulesResponse.safeParse(payload); - expectParseError(result); - expect(stringifyZodError(result.error)).toMatchInlineSnapshot( - `"1: Unrecognized key(s) in object: 'invalid_extra_data'"` - ); - }); -}); diff --git a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml index aa06e6b17ca00..a81500a69b2b7 100644 --- a/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml @@ -393,193 +393,6 @@ paths: tags: - Security Detections API - Bulk API - /api/detection_engine/rules/_bulk_create: - post: - deprecated: true - description: Create new detection rules in bulk. - operationId: BulkCreateRules - requestBody: - content: - application/json: - schema: - items: - $ref: '#/components/schemas/RuleCreateProps' - type: array - description: A JSON array of rules, where each rule contains the required fields. - required: true - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BulkCrudRulesResponse' - description: Indicates a successful call. - summary: Create multiple detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_bulk_delete: - delete: - deprecated: true - description: Delete detection rules in bulk. - operationId: BulkDeleteRules - requestBody: - content: - application/json: - schema: - items: - type: object - properties: - id: - $ref: '#/components/schemas/RuleObjectId' - rule_id: - $ref: '#/components/schemas/RuleSignatureId' - type: array - description: >- - A JSON array of `id` or `rule_id` fields of the rules you want to - delete. - required: true - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BulkCrudRulesResponse' - description: Indicates a successful call. - '400': - content: - application/json: - schema: - oneOf: - - $ref: '#/components/schemas/PlatformErrorResponse' - - $ref: '#/components/schemas/SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json: - schema: - $ref: '#/components/schemas/PlatformErrorResponse' - description: Unsuccessful authentication response - '500': - content: - application/json: - schema: - $ref: '#/components/schemas/SiemErrorResponse' - description: Internal server error response - summary: Delete multiple detection rules - tags: - - Security Detections API - - Bulk API - post: - deprecated: true - description: Deletes multiple rules. - operationId: BulkDeleteRulesPost - requestBody: - content: - application/json: - schema: - items: - type: object - properties: - id: - $ref: '#/components/schemas/RuleObjectId' - rule_id: - $ref: '#/components/schemas/RuleSignatureId' - type: array - description: >- - A JSON array of `id` or `rule_id` fields of the rules you want to - delete. - required: true - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BulkCrudRulesResponse' - description: Indicates a successful call. - '400': - content: - application/json: - schema: - oneOf: - - $ref: '#/components/schemas/PlatformErrorResponse' - - $ref: '#/components/schemas/SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json: - schema: - $ref: '#/components/schemas/PlatformErrorResponse' - description: Unsuccessful authentication response - '500': - content: - application/json: - schema: - $ref: '#/components/schemas/SiemErrorResponse' - description: Internal server error response - summary: Delete multiple detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_bulk_update: - patch: - deprecated: true - description: >- - Update specific fields of existing detection rules using the `rule_id` - or `id` field. - operationId: BulkPatchRules - requestBody: - content: - application/json: - schema: - items: - $ref: '#/components/schemas/RulePatchProps' - type: array - description: A JSON array of rules, where each rule contains the required fields. - required: true - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BulkCrudRulesResponse' - description: Indicates a successful call. - summary: Patch multiple detection rules - tags: - - Security Detections API - - Bulk API - put: - deprecated: true - description: > - Update multiple detection rules using the `rule_id` or `id` field. The - original rules are replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` or `rule_id` values. - operationId: BulkUpdateRules - requestBody: - content: - application/json: - schema: - items: - $ref: '#/components/schemas/RuleUpdateProps' - type: array - description: >- - A JSON array where each element includes the `id` or `rule_id` field - of the rule you want to update and the fields you want to modify. - required: true - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/BulkCrudRulesResponse' - description: Indicates a successful call. - summary: Update multiple detection rules - tags: - - Security Detections API - - Bulk API /api/detection_engine/rules/_export: post: description: > @@ -2118,12 +1931,6 @@ components: required: - id - skip_reason - BulkCrudRulesResponse: - items: - oneOf: - - $ref: '#/components/schemas/RuleResponse' - - $ref: '#/components/schemas/ErrorSchema' - type: array BulkDeleteRules: type: object properties: