Github user merrimanr commented on a diff in the pull request:
https://github.com/apache/metron/pull/1190#discussion_r216091258
--- Diff:
metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/InMemoryMetaAlertDao.java
---
@@ -174,145 +193,29 @@ public SearchResponse
getAllMetaAlertsForAlert(String guid) throws InvalidSearch
@SuppressWarnings("unchecked")
@Override
- public MetaAlertCreateResponse createMetaAlert(MetaAlertCreateRequest
request)
- throws InvalidCreateException {
- List<GetRequest> alertRequests = request.getAlerts();
- if (alertRequests.isEmpty()) {
- MetaAlertCreateResponse response = new MetaAlertCreateResponse();
- response.setCreated(false);
- return response;
- }
- // Build meta alert json. Give it a reasonable GUID
- JSONObject metaAlert = new JSONObject();
- String metaAlertGuid =
- "meta_" +
(InMemoryDao.BACKING_STORE.get(getMetaAlertIndex()).size() + 1);
- metaAlert.put(GUID, metaAlertGuid);
-
- JSONArray groupsArray = new JSONArray();
- groupsArray.addAll(request.getGroups());
- metaAlert.put(MetaAlertConstants.GROUPS_FIELD, groupsArray);
-
- // Retrieve the alert for each guid
- // For the purpose of testing, we're just using guids for the alerts
field and grabbing the scores.
- JSONArray alertArray = new JSONArray();
- List<Double> threatScores = new ArrayList<>();
- Collection<String> alertGuids = new ArrayList<>();
- for (GetRequest alertRequest : alertRequests) {
- SearchRequest searchRequest = new SearchRequest();
-
searchRequest.setIndices(ImmutableList.of(alertRequest.getIndex().get()));
- searchRequest.setQuery("guid:" + alertRequest.getGuid());
- try {
- SearchResponse searchResponse = search(searchRequest);
- List<SearchResult> searchResults = searchResponse.getResults();
- if (searchResults.size() > 1) {
- throw new InvalidCreateException(
- "Found more than one result for: " + alertRequest.getGuid()
+ ". Values: "
- + searchResults
- );
- }
-
- if (searchResults.size() == 1) {
- SearchResult result = searchResults.get(0);
- alertArray.add(result.getSource());
- Double threatScore = Double
- .parseDouble(
-
result.getSource().getOrDefault(MetaAlertConstants.THREAT_FIELD_DEFAULT, "0")
- .toString());
-
- threatScores.add(threatScore);
- }
- } catch (InvalidSearchException e) {
- throw new InvalidCreateException("Unable to find guid: " +
alertRequest.getGuid(), e);
- }
- alertGuids.add(alertRequest.getGuid());
- }
-
- metaAlert.put(MetaAlertConstants.ALERT_FIELD, alertArray);
- metaAlert.putAll(new MetaScores(threatScores).getMetaScores());
- metaAlert.put(MetaAlertConstants.STATUS_FIELD,
MetaAlertStatus.ACTIVE.getStatusString());
-
- // Add the alert to the store, but make sure not to overwrite existing
results
-
InMemoryDao.BACKING_STORE.get(getMetaAlertIndex()).add(metaAlert.toJSONString());
-
- METAALERT_STORE.put(metaAlertGuid, new HashSet<>(alertGuids));
-
- MetaAlertCreateResponse createResponse = new MetaAlertCreateResponse();
- createResponse.setGuid(metaAlertGuid);
- createResponse.setCreated(true);
- return createResponse;
+ public Document createMetaAlert(MetaAlertCreateRequest request)
+ throws InvalidCreateException, IOException {
+ return metaAlertUpdateDao.createMetaAlert(request);
--- End diff --
Now we're delegating to the AbstractLuceneMetaAlertUpdateDao class instead
of duplicating it.
---
