[Security Solution][Exceptions] - Require non empty entries and non empty string values in exception list items (#72748) (#72780)

## Summary

This PR updates the exception list entries schemas.

- **Prior:** `entries` could be `undefined` or empty array on `ExceptionListItemSchema`
  - **Now:** `entries` is a required field that cannot be empty - there's really no use for an item without `entries`

- **Prior:** `field` and `value` could be empty string in `EntryMatch`
  - **Now:** `field` and `value` can no longer be empty strings

- **Prior:** `field` could be empty string and `value` could be empty array in `EntryMatchAny`
  - **Now:** `field` and `value` can no longer be empty string and array respectively

- **Prior:** `field` and `list.id` could be empty string in `EntryList`
  - **Now:** `field` and `list.id` can no longer be empty strings

- **Prior:** `field` could be empty string in `EntryExists`
  - **Now:** `field` can no longer be empty string

- **Prior:** `field` could be empty string in `EntryNested`
  - **Now:** `field` can no longer be empty string

- **Prior:** `entries` could be empty array in `EntryNested`
  - **Now:** `entries` can no longer be empty array

Author: yctercero

x-pack/plugins/lists/common/schemas/request/create_endpoint_list_item_schema.test.ts

@@ -142,7 +142,7 @@ describe('create_endpoint_list_item_schema', () => {
     expect(message.schema).toEqual({});
   });
 
-  test('it should validate an undefined for "entries" but return an array', () => {
+  test('it should NOT validate an undefined for "entries"', () => {
     const inputPayload = getCreateEndpointListItemSchemaMock();
     const outputPayload = getCreateEndpointListItemSchemaMock();
     delete inputPayload.entries;
@@ -151,8 +151,10 @@ describe('create_endpoint_list_item_schema', () => {
     const checked = exactCheck(inputPayload, decoded);
     const message = pipe(checked, foldLeftRight);
     delete (message.schema as CreateEndpointListItemSchema).item_id;
-    expect(getPaths(left(message.errors))).toEqual([]);
-    expect(message.schema).toEqual(outputPayload);
+    expect(getPaths(left(message.errors))).toEqual([
+      'Invalid value "undefined" supplied to "entries"',
+    ]);
+    expect(message.schema).toEqual({});
   });
 
   test('it should validate an undefined for "tags" but return an array and generate a correct body not counting the auto generated uuid', () => {

x-pack/plugins/lists/common/schemas/request/create_endpoint_list_item_schema.ts

@@ -20,14 +20,15 @@ import {
   tags,
 } from '../common/schemas';
 import { RequiredKeepUndefined } from '../../types';
-import { CreateCommentsArray, DefaultCreateCommentsArray, DefaultEntryArray } from '../types';
+import { CreateCommentsArray, DefaultCreateCommentsArray, nonEmptyEntriesArray } from '../types';
 import { EntriesArray } from '../types/entries';
 import { DefaultUuid } from '../../siem_common_deps';
 
 export const createEndpointListItemSchema = t.intersection([
   t.exact(
     t.type({
       description,
+      entries: nonEmptyEntriesArray,
       name,
       type: exceptionListItemType,
     })
@@ -36,7 +37,6 @@ export const createEndpointListItemSchema = t.intersection([
     t.partial({
       _tags, // defaults to empty array if not set during decode
       comments: DefaultCreateCommentsArray, // defaults to empty array if not set during decode
-      entries: DefaultEntryArray, // defaults to empty array if not set during decode
       item_id: DefaultUuid, // defaults to GUID (uuid v4) if not set during decode
       meta, // defaults to undefined if not set during decode
       tags, // defaults to empty array if not set during decode

x-pack/plugins/lists/common/schemas/request/create_exception_list_item_schema.test.ts

@@ -130,7 +130,7 @@ describe('create_exception_list_item_schema', () => {
     expect(message.schema).toEqual({});
   });
 
-  test('it should validate an undefined for "entries" but return an array', () => {
+  test('it should NOT validate an undefined for "entries"', () => {
     const inputPayload = getCreateExceptionListItemSchemaMock();
     const outputPayload = getCreateExceptionListItemSchemaMock();
     delete inputPayload.entries;
@@ -139,8 +139,10 @@ describe('create_exception_list_item_schema', () => {
     const checked = exactCheck(inputPayload, decoded);
     const message = pipe(checked, foldLeftRight);
     delete (message.schema as CreateExceptionListItemSchema).item_id;
-    expect(getPaths(left(message.errors))).toEqual([]);
-    expect(message.schema).toEqual(outputPayload);
+    expect(getPaths(left(message.errors))).toEqual([
+      'Invalid value "undefined" supplied to "entries"',
+    ]);
+    expect(message.schema).toEqual({});
   });
 
   test('it should validate an undefined for "namespace_type" but return enum "single" and generate a correct body not counting the auto generated uuid', () => {

x-pack/plugins/lists/common/schemas/request/create_exception_list_item_schema.ts

@@ -25,8 +25,8 @@ import { RequiredKeepUndefined } from '../../types';
 import {
   CreateCommentsArray,
   DefaultCreateCommentsArray,
-  DefaultEntryArray,
   NamespaceType,
+  nonEmptyEntriesArray,
 } from '../types';
 import { EntriesArray } from '../types/entries';
 import { DefaultUuid } from '../../siem_common_deps';
@@ -35,6 +35,7 @@ export const createExceptionListItemSchema = t.intersection([
   t.exact(
     t.type({
       description,
+      entries: nonEmptyEntriesArray,
       list_id,
       name,
       type: exceptionListItemType,
@@ -44,7 +45,6 @@ export const createExceptionListItemSchema = t.intersection([
     t.partial({
       _tags, // defaults to empty array if not set during decode
       comments: DefaultCreateCommentsArray, // defaults to empty array if not set during decode
-      entries: DefaultEntryArray, // defaults to empty array if not set during decode
       item_id: DefaultUuid, // defaults to GUID (uuid v4) if not set during decode
       meta, // defaults to undefined if not set during decode
       namespace_type, // defaults to 'single' if not set during decode

x-pack/plugins/lists/common/schemas/request/update_endpoint_list_item_schema.test.ts

@@ -97,16 +97,18 @@ describe('update_endpoint_list_item_schema', () => {
     expect(message.schema).toEqual(outputPayload);
   });
 
-  test('it should accept an undefined for "entries" but return an array', () => {
+  test('it should NOT accept an undefined for "entries"', () => {
     const inputPayload = getUpdateEndpointListItemSchemaMock();
     const outputPayload = getUpdateEndpointListItemSchemaMock();
     delete inputPayload.entries;
     outputPayload.entries = [];
     const decoded = updateEndpointListItemSchema.decode(inputPayload);
     const checked = exactCheck(inputPayload, decoded);
     const message = pipe(checked, foldLeftRight);
-    expect(getPaths(left(message.errors))).toEqual([]);
-    expect(message.schema).toEqual(outputPayload);
+    expect(getPaths(left(message.errors))).toEqual([
+      'Invalid value "undefined" supplied to "entries"',
+    ]);
+    expect(message.schema).toEqual({});
   });
 
   test('it should accept an undefined for "tags" but return an array', () => {

x-pack/plugins/lists/common/schemas/request/update_endpoint_list_item_schema.ts

@@ -22,16 +22,17 @@ import {
 } from '../common/schemas';
 import { RequiredKeepUndefined } from '../../types';
 import {
-  DefaultEntryArray,
   DefaultUpdateCommentsArray,
   EntriesArray,
   UpdateCommentsArray,
+  nonEmptyEntriesArray,
 } from '../types';
 
 export const updateEndpointListItemSchema = t.intersection([
   t.exact(
     t.type({
       description,
+      entries: nonEmptyEntriesArray,
       name,
       type: exceptionListItemType,
     })
@@ -41,7 +42,6 @@ export const updateEndpointListItemSchema = t.intersection([
       _tags, // defaults to empty array if not set during decode
       _version, // defaults to undefined if not set during decode
       comments: DefaultUpdateCommentsArray, // defaults to empty array if not set during decode
-      entries: DefaultEntryArray, // defaults to empty array if not set during decode
       id, // defaults to undefined if not set during decode
       item_id: t.union([t.string, t.undefined]),
       meta, // defaults to undefined if not set during decode

x-pack/plugins/lists/common/schemas/request/update_exception_list_item_schema.test.ts

@@ -97,16 +97,18 @@ describe('update_exception_list_item_schema', () => {
     expect(message.schema).toEqual(outputPayload);
   });
 
-  test('it should accept an undefined for "entries" but return an array', () => {
+  test('it should NOT accept an undefined for "entries"', () => {
     const inputPayload = getUpdateExceptionListItemSchemaMock();
     const outputPayload = getUpdateExceptionListItemSchemaMock();
     delete inputPayload.entries;
     outputPayload.entries = [];
     const decoded = updateExceptionListItemSchema.decode(inputPayload);
     const checked = exactCheck(inputPayload, decoded);
     const message = pipe(checked, foldLeftRight);
-    expect(getPaths(left(message.errors))).toEqual([]);
-    expect(message.schema).toEqual(outputPayload);
+    expect(getPaths(left(message.errors))).toEqual([
+      'Invalid value "undefined" supplied to "entries"',
+    ]);
+    expect(message.schema).toEqual({});
   });
 
   test('it should accept an undefined for "namespace_type" but return enum "single"', () => {

x-pack/plugins/lists/common/schemas/request/update_exception_list_item_schema.ts

@@ -23,17 +23,18 @@ import {
 } from '../common/schemas';
 import { RequiredKeepUndefined } from '../../types';
 import {
-  DefaultEntryArray,
   DefaultUpdateCommentsArray,
   EntriesArray,
   NamespaceType,
   UpdateCommentsArray,
+  nonEmptyEntriesArray,
 } from '../types';
 
 export const updateExceptionListItemSchema = t.intersection([
   t.exact(
     t.type({
       description,
+      entries: nonEmptyEntriesArray,
       name,
       type: exceptionListItemType,
     })
@@ -43,7 +44,6 @@ export const updateExceptionListItemSchema = t.intersection([
       _tags, // defaults to empty array if not set during decode
       _version, // defaults to undefined if not set during decode
       comments: DefaultUpdateCommentsArray, // defaults to empty array if not set during decode
-      entries: DefaultEntryArray, // defaults to empty array if not set during decode
       id, // defaults to undefined if not set during decode
       item_id: t.union([t.string, t.undefined]),
       meta, // defaults to undefined if not set during decode