Test for the type of function used to use findingIds

Signed-off-by: Ishan Bhat <[email protected]>

src/main/java/org/opensearch/securityanalytics/action/GetAlertsRequest.java

@@ -19,30 +19,38 @@
 public class GetAlertsRequest extends ActionRequest {
 
     private String detectorId;
+    private ArrayList<String> findingIds;
     private String logType;
     private Table table;
     private String severityLevel;
     private String alertState;
 
     public static final String DETECTOR_ID = "detector_id";
 
+
+    // Updated the constructor to include findingIds
     public GetAlertsRequest(
             String detectorId,
+            ArrayList<String> findingIds,
             String logType,
             Table table,
             String severityLevel,
             String alertState
     ) {
         super();
         this.detectorId = detectorId;
+        this.findingIds = findingIds;
         this.logType = logType;
         this.table = table;
         this.severityLevel = severityLevel;
         this.alertState = alertState;
     }
+
+    // Added the read for findingIds param
     public GetAlertsRequest(StreamInput sin) throws IOException {
         this(
                 sin.readOptionalString(),
+                sin.readOptionalList(),
                 sin.readOptionalString(),
                 Table.readFrom(sin),
                 sin.readString(),
@@ -61,9 +69,11 @@ public ActionRequestValidationException validate() {
         return validationException;
     }
 
+    // Added the writeTo for findingIds
     @Override
     public void writeTo(StreamOutput out) throws IOException {
         out.writeOptionalString(detectorId);
+        out.writeOptionalList(findingIds);
         out.writeOptionalString(logType);
         table.writeTo(out);
         out.writeString(severityLevel);
@@ -89,4 +99,9 @@ public String getAlertState() {
     public String getLogType() {
         return logType;
     }
+
+    // Getter Function for findingIds
+    public ArrayList<String> getFindingIds() {
+        return findingIds;
+    }
 }

src/main/java/org/opensearch/securityanalytics/action/GetFindingsRequest.java

@@ -22,22 +22,27 @@ public class GetFindingsRequest extends ActionRequest {
     private String detectorId;
     private Table table;
 
+
     public static final String DETECTOR_ID = "detector_id";
 
     public GetFindingsRequest(String detectorId) {
         super();
         this.detectorId = detectorId;
     }
+
     public GetFindingsRequest(StreamInput sin) throws IOException {
         this(
+
             sin.readOptionalString(),
+            // sin.readOptionalList for arraylist findingIds
             sin.readOptionalString(),
             Table.readFrom(sin)
         );
     }
 
     public GetFindingsRequest(String detectorId, String logType, Table table) {
         this.detectorId = detectorId;
+        // Updated param above
         this.logType = logType;
         this.table = table;
     }
@@ -57,6 +62,7 @@ public ActionRequestValidationException validate() {
     public void writeTo(StreamOutput out) throws IOException {
         out.writeOptionalString(detectorId);
         out.writeOptionalString(logType);
+        // Write the finding ids 
         table.writeTo(out);
     }
 
@@ -71,4 +77,5 @@ public String getLogType() {
     public Table getTable() {
         return table;
     }
+
 }

src/main/java/org/opensearch/securityanalytics/alerts/AlertsService.java

@@ -56,13 +56,15 @@ public AlertsService(Client client) {
      * Searches alerts generated by specific Detector
      *
      * @param detectorId id of Detector
+     * @param findingIds finding id of detector to search alerts on
      * @param table      group of search related parameters
      * @param severityLevel alert severity level
      * @param alertState current alert state
      * @param listener   ActionListener to get notified on response or error
      */
     public void getAlertsByDetectorId(
             String detectorId,
+            ArrayList<String> findingIds,
             Table table,
             String severityLevel,
             String alertState,
@@ -134,6 +136,8 @@ public void getAlertsByMonitorIds(
 
         org.opensearch.commons.alerting.action.GetAlertsRequest req =
                 new org.opensearch.commons.alerting.action.GetAlertsRequest(
+                        // Pass list of findingIds, needs to be created
+                        findingIds,
                         table,
                         severityLevel,
                         alertState,

src/main/java/org/opensearch/securityanalytics/findings/FindingsService.java

@@ -52,6 +52,8 @@ public FindingsService(Client client) {
      * @param table group of search related parameters
      * @param listener ActionListener to get notified on response or error
      */
+
+    // This is the function and add a new parameter for finding ids
     public void getFindingsByDetectorId(String detectorId, Table table, ActionListener<GetFindingsResponse> listener ) {
         this.client.execute(GetDetectorAction.INSTANCE, new GetDetectorRequest(detectorId, -3L), new ActionListener<>() {
 
@@ -131,7 +133,7 @@ public void getFindingsByMonitorIds(
 
         org.opensearch.commons.alerting.action.GetFindingsRequest req =
                 new org.opensearch.commons.alerting.action.GetFindingsRequest(
-                null,
+                null, // Need to pass the findingId as List but in api it is a sting[it will change]
                 table,
                 null,
                 findingIndexName,

src/main/java/org/opensearch/securityanalytics/resthandler/RestGetAlertsAction.java

@@ -34,6 +34,9 @@ public String getName() {
     protected RestChannelConsumer prepareRequest(RestRequest request, NodeClient client) throws IOException {
 
         String detectorId = request.param("detector_id", null);
+        // Need to add the param findingIds
+        List<String> findingIds = request.paramAsArrayList("findingIds", null);
+
         String detectorType = request.param("detectorType", null);
         String severityLevel = request.param("severityLevel", "ALL");
         String alertState = request.param("alertState", "ALL");
@@ -56,12 +59,14 @@ protected RestChannelConsumer prepareRequest(RestRequest request, NodeClient cli
 
         GetAlertsRequest req = new GetAlertsRequest(
                 detectorId,
+                findingIds, 
                 detectorType,
                 table,
                 severityLevel,
                 alertState
         );
 
+        // Request goes to TransportGetAlertsRequest class
         return channel -> client.execute(
                 GetAlertsAction.INSTANCE,
                 req,

src/main/java/org/opensearch/securityanalytics/resthandler/RestGetFindingsAction.java

@@ -52,10 +52,12 @@ protected RestChannelConsumer prepareRequest(RestRequest request, NodeClient cli
 
         GetFindingsRequest req = new GetFindingsRequest(
                 detectorId,
+                // Add finding ids
                 detectorType,
                 table
         );
 
+        // Request goes to TransportGetFindingsAction class
         return channel -> client.execute(
                 GetFindingsAction.INSTANCE,
                 req,

src/main/java/org/opensearch/securityanalytics/transport/TransportGetAlertsAction.java

@@ -74,6 +74,7 @@ public TransportGetAlertsAction(TransportService transportService, ActionFilters
         this.clusterService.getClusterSettings().addSettingsUpdateConsumer(SecurityAnalyticsSettings.FILTER_BY_BACKEND_ROLES, this::setFilterByEnabled);
     }
 
+    // The client request hits here
     @Override
     protected void doExecute(Task task, GetAlertsRequest request, ActionListener<GetAlertsResponse> actionListener) {
 
@@ -88,6 +89,8 @@ protected void doExecute(Task task, GetAlertsRequest request, ActionListener<Get
         if (request.getLogType() == null) {
             alertsService.getAlertsByDetectorId(
                     request.getDetectorId(),
+                    // Added the getFinding Ids param
+                    request.getFindingIds(),
                     request.getTable(),
                     request.getSeverityLevel(),
                     request.getAlertState(),
@@ -131,6 +134,7 @@ public void onResponse(SearchResponse searchResponse) {
                         }
                         alertsService.getAlerts(
                                 detectors,
+                                request.getFindingIds(),
                                 request.getLogType(),
                                 request.getTable(),
                                 request.getSeverityLevel(),

src/main/java/org/opensearch/securityanalytics/transport/TransportGetFindingsAction.java

@@ -93,6 +93,8 @@ public TransportGetFindingsAction(
         this.clusterService.getClusterSettings().addSettingsUpdateConsumer(SecurityAnalyticsSettings.FILTER_BY_BACKEND_ROLES, this::setFilterByEnabled);
     }
 
+
+// Request hits here
     @Override
     protected void doExecute(Task task, GetFindingsRequest request, ActionListener<GetFindingsResponse> actionListener) {
 
@@ -106,6 +108,7 @@ protected void doExecute(Task task, GetFindingsRequest request, ActionListener<G
 
         if (request.getLogType() == null) {
             findingsService.getFindingsByDetectorId(
+                    // request finding ids
                     request.getDetectorId(),
                     request.getTable(),
                     actionListener
@@ -146,6 +149,7 @@ public void onResponse(SearchResponse searchResponse) {
                             );
                             return;
                         }
+                        // Need to add finding Ids in this method too
                         findingsService.getFindings(
                                 detectors,
                                 request.getLogType(),