* modifies 'Creates and activates a new custom rule' test to cover 'import query from saved timeline' functionality
* adds missing files
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* WIP: Move routes to new API, license and other checks inbound
* Move license checks over to np licensing observable
* Fix license checks + remove older modules
* Fixing check_license tests, move to TS/Jest
* Fix licensing setup for mocks
* Move job.test.ts over to np
* WIP: move user checks to higher-order func
* Move more handler logic over to Response factory vs Boom
* Major refactor to consolidate types, remove facades, and udpate helpers
* Fix validation for dates in immediate exports
* Linter fix on check license test
* Fix job generation tests
* Move deps => setupDeps
* fix api test
* fix jobs test
* authorized_user_pre_routing and tests
* Fixing duplicate identifiers
* Fix licensing implementation changes
* WIP: Moving license over to async/observables
* Fix disabled-security case
* finish auth_user_pre_routing cleanup - no more license check
* WIP: Fixing final api tests
* Trying to get schema differences in alignment
* Reverting back to previous generation handler
* Fix final API tests
* Final API test fixes, few more hardening tests and better error messages
* Simplify lower-level module implementation (core only interface) + test updates
* Push some core logic into plugin
* Move some core logic up to plugin
* Marking private setupDeps + downstream fixes
* revert logger as a param
Co-authored-by: Timothy Sullivan <tsullivan@elastic.co>
The combination of using object destructuring and numeric object keys in the reducer for LoadingIndicatorContext caused it so the loading indicator would not disappear in 7.8 in Safari even though there were no more loading statuses.
Optimization changes between 7.8 and master may be why this is only appears on 7.8.
Update this reducer to stringify the key and `lodash.pick` only the true values so the only pairs in the object are ones with `true` as the value.
Fixes#67334.
* introduce lists plugin for use by executor
* adds getListClient function on setup
* refactors searchAfterBulkCreate to integrate with the lists plugin so we only generate signals from events not in the list
* fixes type check issues
* fixes unit tests, adds field and other parameters for using lists in executor.
* cleaning up types and exports, updates to match new contracts with lists client from master
* prior to this commit the refactored while loop was doing more search after loops than it needed to and this fixes two bugs in the list filter function where we were returning the wrong count, and we were not accessing the right field on the event
* exception lists are optional
* use exceptions list format, this works with given sample query in scripts
* updates tests and fixes type issues
* updates README doc in detection engine with example for rule with list exception
* adds one test and removes commented out code
* fix sample rule json from 30s to 5m
* fix sample rule json from 30s to 5m
* remove unused import
* more cleanup
* e2e test for prepackaged rules was failing because lists was undefined in the siem plugin and was preventing the registration of the rule alert type. I removed this but once lists is ready for prime time we should consider adding the null check back
* can't reuse the same env var since the tests are setting the ELASTIC_XPACK_SIEM_LISTS_FEATURE env var to true without enabling the lists plugin
* fixes from pr review, still needs more TLC
* exports listspluginsetup type from top-level in lists plugin, fixes logic for empty exceptions list, updates types
* utilize type.is to remove as casting, also do null checks and throw an error when exceptionItem is malformed. This will change in the very near future once the new json format for exception lists is incorporated
* fix type issues after merging master into branch
* update mock
* remove bad null check for ml plugin before registering rule alert type in siem plugin
* prettier linting
* adds test for filter events with list
* pr comments
* adds logic for included vs excluded and updates tests
* update test cases for search after bulk create to default to included for exception lists
* filter out non-list exception items from the loop
## Summary
Adds the REST and API routes for find and filter for exception lists and value lists
* Fixes bugs with string parameters for the _find with exception lists
* Adds the _find for the value based lists
* More scripts for how to filter things for both list values and exception lists
* Misc type script fixes
* Adds a cursor to move from the previous page to the next page
* Adds name space 'agnostic' vs. 'single' feature for exception_lists
**REST API's:**
```ts
POST /api/lists/_find
POST /api/lists/items/_find
POST /api/exception_lists/_find
POST /api/exception_lists/items/_find
```
**Parameters you can send:**
* sort
* sort_order
* filter
* page
* per_page
* list_id (for list items only and required)
* cursor (for finding the next page or advancing to deep pages)
**See test scripts below:**
```sh
find_exception_list_items_by_filter.sh
find_exception_lists_by_filter.sh
find_list_items.sh
find_list_items_with_cursor.sh
find_list_items_with_sort.sh
find_list_items_with_sort_cursor.sh
find_lists.sh
find_lists_with_cursor.sh
find_lists_with_filter.sh
find_lists_with_sort.sh
find_lists_with_sort_cursor.sh
```
### Checklist
Note: Unit tests are left out as this is blocking people but I will be adding tests as this is being reviewed unless someone needs these features now. This is still all behind a feature flag and considered to be in the area of proof of concept and not production ready until more tests and end to tests are added.
- [ ] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
* use start API to populate request context
* remove client creation from uiSettings service setup API
* remove __internals.uiSettings
* update ui_settings mixin tests
