tests

x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/logic/detection_rules_client/converters/normalize_rule_params.ts

@@ -39,6 +39,7 @@ export const normalizeRuleSource = ({
 export const normalizeRuleParams = (params: BaseRuleParams) => {
   return {
     ...params,
+    // Fields to normalize
     ruleSource: normalizeRuleSource({
       immutable: params.immutable,
       ruleSource: params.ruleSource,

x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/utils/validate.test.ts

@@ -8,85 +8,15 @@
 import { transformValidateBulkError } from './validate';
 import type { BulkError } from '../../routes/utils';
 import { getRuleMock } from '../../routes/__mocks__/request_responses';
-import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock';
-import { getThreatMock } from '../../../../../common/detection_engine/schemas/types/threat.mock';
 import { getQueryRuleParams } from '../../rule_schema/mocks';
-import type { RuleResponse } from '../../../../../common/api/detection_engine/model/rule_schema';
-
-export const ruleOutput = (): RuleResponse => ({
-  actions: [],
-  author: ['Elastic'],
-  building_block_type: 'default',
-  created_at: '2019-12-13T16:40:33.400Z',
-  updated_at: '2019-12-13T16:40:33.400Z',
-  created_by: 'elastic',
-  description: 'Detecting root and admin users',
-  enabled: true,
-  false_positives: [],
-  from: 'now-6m',
-  id: '04128c15-0d1b-4716-a4c5-46997ac7f3bd',
-  immutable: false,
-  interval: '5m',
-  rule_id: 'rule-1',
-  language: 'kuery',
-  license: 'Elastic License',
-  output_index: '.siem-signals',
-  max_signals: 10000,
-  risk_score: 50,
-  risk_score_mapping: [],
-  name: 'Detect Root/Admin Users',
-  query: 'user.name: root or user.name: admin',
-  references: ['http://example.com', 'https://example.com'],
-  severity: 'high',
-  severity_mapping: [],
-  updated_by: 'elastic',
-  tags: [],
-  to: 'now',
-  type: 'query',
-  throttle: undefined,
-  threat: getThreatMock(),
-  version: 1,
-  revision: 0,
-  filters: [
-    {
-      query: {
-        match_phrase: {
-          'host.name': 'some-host',
-        },
-      },
-    },
-  ],
-  exceptions_list: getListArrayMock(),
-  index: ['auditbeat-*', 'filebeat-*', 'packetbeat-*', 'winlogbeat-*'],
-  meta: {
-    someMeta: 'someField',
-  },
-  note: '# Investigative notes',
-  timeline_title: 'some-timeline-title',
-  timeline_id: 'some-timeline-id',
-  related_integrations: [],
-  required_fields: [],
-  response_actions: undefined,
-  setup: '',
-  outcome: undefined,
-  alias_target_id: undefined,
-  alias_purpose: undefined,
-  rule_name_override: undefined,
-  timestamp_override: undefined,
-  timestamp_override_fallback_disabled: undefined,
-  namespace: undefined,
-  data_view_id: undefined,
-  saved_id: undefined,
-  alert_suppression: undefined,
-  investigation_fields: undefined,
-});
+import { getOutputRuleAlertForRest } from '../../routes/__mocks__/utils';
 
 describe('validate', () => {
   describe('transformValidateBulkError', () => {
     test('it should do a validation correctly of a rule id', () => {
       const ruleAlert = getRuleMock(getQueryRuleParams());
       const validatedOrError = transformValidateBulkError('rule-1', ruleAlert);
-      expect(validatedOrError).toEqual(ruleOutput());
+      expect(validatedOrError).toEqual(getOutputRuleAlertForRest());
     });
 
     test('it should do an in-validation correctly of a rule id', () => {