From 5d84e0853e566b0774cd4694057464b5f6fe7d9d Mon Sep 17 00:00:00 2001
From: Gavin Reynolds <greynolds@pagerduty.com>
Date: Thu, 21 Mar 2024 10:55:04 +0000
Subject: [PATCH] custom details are in both body.cef_details.details and
 body.details for events... however body.cef_details.details can be null if
 the alert is from an email

Signed-off-by: Gavin Reynolds <greynolds@pagerduty.com>
---
 src/config/column-generator.jsx   |  6 +++++-
 src/mocks/incidents.test.js       | 21 +++++++++++++--------
 src/redux/incidents/sagas.js      | 12 +++++++++---
 src/redux/incidents/sagas.test.js |  2 +-
 4 files changed, 28 insertions(+), 13 deletions(-)

diff --git a/src/config/column-generator.jsx b/src/config/column-generator.jsx
index 26110e95..00d4167b 100644
--- a/src/config/column-generator.jsx
+++ b/src/config/column-generator.jsx
@@ -773,7 +773,11 @@ export const customAlertColumnForSavedColumn = (savedColumn) => {
     return null;
   }
   const accessor = (incident) => {
-    const path = `alerts[*].body.cef_details.${accessorPath}`;
+    // custom details are in both body.cef_details.details and body.details for events
+    // but only body.details is guaranteed to exist, and won't be null
+    // body.cef_details.details can be null if the alert is from an email
+    // const path = `alerts[*].body.cef_details.${accessorPath}`;
+    const path = `alerts[*].body.${accessorPath}`;
     let result = null;
     try {
       result = JSONPath({
diff --git a/src/mocks/incidents.test.js b/src/mocks/incidents.test.js
index 6e7f7430..3182c045 100644
--- a/src/mocks/incidents.test.js
+++ b/src/mocks/incidents.test.js
@@ -22,6 +22,14 @@ const generateMockAlert = () => {
   const message = faker.commerce.productDescription();
   const uuid = faker.string.uuid();
   const link = faker.internet.url();
+  const customDetails = {
+    quote,
+    'some obsecure field': uuid,
+    link,
+    object_details: {
+      key1: 'value1',
+    },
+  };
   return {
     type: 'alert',
     id: alertId,
@@ -30,18 +38,15 @@ const generateMockAlert = () => {
     created_at: createdAt,
     body: {
       contexts: [],
+      // custom details are in both body.cef_details.details and body.details for events
+      // but only body.details is guaranteed to exist, and won't be null
+      // body.cef_details.details can be null if the alert is from an email
+      details: customDetails,
       cef_details: {
         contexts: [],
         dedup_key: alertId,
         description: title,
-        details: {
-          quote,
-          'some obsecure field': uuid,
-          link,
-          object_details: {
-            key1: 'value1',
-          },
-        },
+        details: customDetails,
         event_class: jobType,
         message,
         mutations: [
diff --git a/src/redux/incidents/sagas.js b/src/redux/incidents/sagas.js
index d3cd0b76..0a517596 100644
--- a/src/redux/incidents/sagas.js
+++ b/src/redux/incidents/sagas.js
@@ -498,7 +498,10 @@ export function* filterIncidentsImpl() {
           // Handle case when '[*]' accessors are used
           const strippedAccessor = col.accessorPath.replace(/([[*\]])/g, '.');
           return (
-            `alerts.body.cef_details.${strippedAccessor}`
+            // custom details are in both body.cef_details.details and body.details for events
+            // but only body.details is guaranteed to exist, and won't be null
+            // body.cef_details.details can be null if the alert is from an email
+            `alerts.body.${strippedAccessor}`
               .split('.')
               // Handle case when special character is wrapped in quotation marks
               .map((a) => (a.includes("'") ? a.replaceAll("'", '') : a))
@@ -523,8 +526,11 @@ export function* filterIncidentsImpl() {
           const incidentAlertsForSearch = incidentAlerts[incident.id] instanceof Array ? incidentAlerts[incident.id] : [];
           const incidentAlertsForSearchWithFlattedCustomDetails = incidentAlertsForSearch.map(
             (alert) => {
-              const flattedCustomDetails = alert.body?.cef_details
-                ? Object.values(flattenObject(alert.body.cef_details)).join(' ')
+              // custom details are in both body.cef_details.details and body.details for events
+              // but only body.details is guaranteed to exist, and won't be null
+              // body.cef_details.details can be null if the alert is from an email
+              const flattedCustomDetails = alert.body?.details
+                ? Object.values(flattenObject(alert.body.details)).join(' ')
                 : '';
               return {
                 ...alert,
diff --git a/src/redux/incidents/sagas.test.js b/src/redux/incidents/sagas.test.js
index d3b7c3c1..b0202b57 100644
--- a/src/redux/incidents/sagas.test.js
+++ b/src/redux/incidents/sagas.test.js
@@ -154,7 +154,7 @@ describe('Sagas: Incidents', () => {
   it('filterIncidents: Search by Alert Custom Detail Field', () => {
     const mockIncident = mockIncidents[0];
     const customField = 'some obsecure field';
-    const customFieldValue = mockIncident.alerts[0].body.cef_details.details[customField];
+    const customFieldValue = mockIncident.alerts[0].body.details[customField];
     const expectedIncidentResult = [mockIncident];
     return expectSaga(filterIncidents)
       .withReducer(incidents)