starred/CIPP

Fork 0

mirror of https://github.com/KelvinTegelaar/CIPP.git synced 2026-04-25 08:16:01 +03:00

[PR #976] [MERGED] Security incidents #3080

New issue

Closed

opened 2026-03-02 13:56:46 +03:00 by kerem · 0 comments

kerem commented

2026-03-02 13:56:46 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/KelvinTegelaar/CIPP/pull/976
Author: @knightian
Created: 6/19/2022
Status: ✅ Merged
Merged: 6/19/2022
Merged by: @KelvinTegelaar

Base: dev ← Head: security_incidents

📝 Commits (6)

63119e9 Adding in security stuff and tidying UI a bit WIP not ready for merge
4510e78 not ready for merge yet
043d19b Merge remote-tracking branch 'upstream/dev' into security_incidents
3201e31 ready for merge
bdaa98f a quick fix to allow us to completely unset a classification & determination if we want to
f499401 remove unused icon causing bigger problems then reasonably required..... this is why Elom Musk warned us about AI

📊 Changes

12 files changed (+604 additions, -58 deletions)

View changed files

📝 src/_nav.js (+43 -21)
➕ src/components/tables/CellTip.js (+35 -0)
📝 src/components/tables/index.js (+3 -0)
📝 src/components/utilities/CippActionsOffcanvas.js (+89 -24)
➕ src/components/utilities/CippCamelCase.js (+19 -0)
➕ src/data/classificationDetermination.json (+5 -0)
📝 src/routes.js (+12 -6)
📝 src/scss/_custom.scss (+10 -0)
📝 src/store/api/security.js (+46 -1)
📝 src/views/security/defender/ListDefender.js (+0 -0)
📝 src/views/security/incidents/ListAlerts.js (+15 -6)
➕ src/views/security/incidents/ListIncidents.js (+327 -0)

📄 Description

[Send to dev branch this time 👀]

Rejig UI:

Defender IS a Security item, moved into security
Pulled alerts out of reports and moved into a group named Incidents & Alerts, this actually mirrors the MSFT security centre that is doing exactly this same thing, I think with the introduction of the incidents view it is good to maintain some consistency between MSFT UX and here if we can, MSFT spend bulk money on UX design so let's leverage from it :D

Added a CellTip.js object, this allows for a react tooltip to popup when we hover over rows. This is to combat those rows that are just truncating information leaving us with no way to see initially. I have put these tooltips into Incidents and Alerts views for now. Also widened some table rows to show more important info.

On CippActionsOffCanvas,js I have added a new action type actionSelectable. This is a select (dropdown) that we can use, I am using it to mimic exactly how MSFT are allowing us to select classification/determination in the security centre for my new incidents view. I probably aged 3 years making this, see example picture:

New Views:

ListIncidents.js <- As the name sounds, lists incidents. Incidents are containers of alerts which can be classified and assigned. Better than dealing with individual alerts when you're getting smashed by them.

Regarding incidents, incidents can be:

Assigned to self (In the future I would like to expand this to allow assigning of any user with posible alert to user that they have been assigned?)
Status set to active, inProgress, resolved
Classification & Determination can be set as allowed by MSFT API, values match what is allowed by MSFT (anything else fails)

Misc:

In utilities added CippCamelCase.js it contains a function that takes any string and converts it into a camel case string with no spaces and a few other chars stripped, I needed this to send appropriate values back to MSFT API.

classificationDetermination.json contains the data presented for selection in the classification/determination selectable, and is the only legit data accepted by the MSFT that I know of. Cannot add our own values it seems.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/KelvinTegelaar/CIPP/pull/976 **Author:** [@knightian](https://github.com/knightian) **Created:** 6/19/2022 **Status:** ✅ Merged **Merged:** 6/19/2022 **Merged by:** [@KelvinTegelaar](https://github.com/KelvinTegelaar) **Base:** `dev` ← **Head:** `security_incidents` --- ### 📝 Commits (6) - [`63119e9`](https://github.com/KelvinTegelaar/CIPP/commit/63119e90651e20024ae6f96f9e8d2e49640d8b90) Adding in security stuff and tidying UI a bit WIP not ready for merge - [`4510e78`](https://github.com/KelvinTegelaar/CIPP/commit/4510e781d1ce5b61c6281821bf1a02563e458673) not ready for merge yet - [`043d19b`](https://github.com/KelvinTegelaar/CIPP/commit/043d19b7df6d126f3e403d0c9632409e2b68ea0d) Merge remote-tracking branch 'upstream/dev' into security_incidents - [`3201e31`](https://github.com/KelvinTegelaar/CIPP/commit/3201e31e7b66c3b671b8c22b2156046b35bb56bc) ready for merge - [`bdaa98f`](https://github.com/KelvinTegelaar/CIPP/commit/bdaa98f24c7d483512564232390fa63eb6ef42b4) a quick fix to allow us to completely unset a classification & determination if we want to - [`f499401`](https://github.com/KelvinTegelaar/CIPP/commit/f4994014b1ecc075986fb335fc302aee6ce06836) remove unused icon causing bigger problems then reasonably required..... this is why Elom Musk warned us about AI ### 📊 Changes **12 files changed** (+604 additions, -58 deletions) <details> <summary>View changed files</summary> 📝 `src/_nav.js` (+43 -21) ➕ `src/components/tables/CellTip.js` (+35 -0) 📝 `src/components/tables/index.js` (+3 -0) 📝 `src/components/utilities/CippActionsOffcanvas.js` (+89 -24) ➕ `src/components/utilities/CippCamelCase.js` (+19 -0) ➕ `src/data/classificationDetermination.json` (+5 -0) 📝 `src/routes.js` (+12 -6) 📝 `src/scss/_custom.scss` (+10 -0) 📝 `src/store/api/security.js` (+46 -1) 📝 `src/views/security/defender/ListDefender.js` (+0 -0) 📝 `src/views/security/incidents/ListAlerts.js` (+15 -6) ➕ `src/views/security/incidents/ListIncidents.js` (+327 -0) </details> ### 📄 Description [Send to dev branch this time 👀] **Rejig UI:** Defender IS a Security item, moved into security Pulled alerts out of reports and moved into a group named Incidents & Alerts, this actually mirrors the MSFT security centre that is doing exactly this same thing, I think with the introduction of the incidents view it is good to maintain some consistency between MSFT UX and here if we can, MSFT spend bulk money on UX design so let's leverage from it :D Added a CellTip.js object, this allows for a react tooltip to popup when we hover over rows. This is to combat those rows that are just truncating information leaving us with no way to see initially. I have put these tooltips into Incidents and Alerts views for now. Also widened some table rows to show more important info. On CippActionsOffCanvas,js I have added a new action type actionSelectable. This is a select (dropdown) that we can use, I am using it to mimic exactly how MSFT are allowing us to select classification/determination in the security centre for my new incidents view. I probably aged 3 years making this, see example picture: <img width="392" alt="Screen Shot 2022-06-19 at 8 41 26 pm" src="https://user-images.githubusercontent.com/72685601/174477045-9f62c7eb-252b-4ebf-b940-0516f8d22374.png"> **New Views:** ListIncidents.js <- As the name sounds, lists incidents. Incidents are containers of alerts which can be classified and assigned. Better than dealing with individual alerts when you're getting smashed by them. Regarding incidents, incidents can be: * Assigned to self (In the future I would like to expand this to allow assigning of any user with posible alert to user that they have been assigned?) * Status set to active, inProgress, resolved * Classification & Determination can be set as allowed by MSFT API, values match what is allowed by MSFT (anything else fails) **Misc:** In utilities added CippCamelCase.js it contains a function that takes any string and converts it into a camel case string with no spaces and a few other chars stripped, I needed this to send appropriate values back to MSFT API. classificationDetermination.json contains the data presented for selection in the classification/determination selectable, and is the only legit data accepted by the MSFT that I know of. Cannot add our own values it seems. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

kerem

2026-03-02 13:56:46 +03:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/CIPP#3080

No description provided.

Rows
Columns