[Security Solution] [Security assistant] Fixes errors when creating c…

…onversations with special characters in the title (elastic#197319) ### [Security Solution] [Security assistant] Fixes errors when creating conversations with special characters in the title This PR fixes an [issue](elastic/security-team#10284) in the security assistant where attempting to create conversations with special characters in the title, i.e. a `:`, resulted in an `Error creating conversation with title...` toaster. ### Desk testing To reproduce, simulate generation of a title with special characters: 1) Edit `x-pack/plugins/security_solution/public/attack_discovery/attack_discovery_panel/view_in_ai_assistant/use_view_in_ai_assistant.ts` change the following line: from ```ts const lastFive = attackDiscovery.id ? ` - ${attackDiscovery.id.slice(-5)}` : ''; ``` to ```ts const lastFive = attackDiscovery.id ? ` - test: "${attackDiscovery.id.slice(-5)}"` : ''; ``` 2) Navigate to Security > Attack discovery 3) Click the `View in AI Assistant` link for any attack discovery **Expected result** - The assistant flyout opens without errors **Actual result** - The assistant flyout opens with a toaster error like the following example: ``` Error creating conversation with title Sophisticated Multi-Stage Attack Detected - test: "7a882" ```
andrew-goldstein · Oct 23, 2024 · a2a43e7 · a2a43e7
1 parent a6dc47d
commit a2a43e7
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 1 deletion.
diff --git a/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.test.ts b/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.test.ts
@@ -100,6 +100,52 @@ describe('Create conversation route', () => {
 
       expect(result.badRequest).toHaveBeenCalled();
     });
+
+    test('escapes colons when querying for existing titles', async () => {
+      const request = requestMock.create({
+        method: 'post',
+        path: ELASTIC_AI_ASSISTANT_CONVERSATIONS_URL,
+        body: {
+          ...getCreateConversationSchemaMock(),
+          title: 'test: Malware infection: with credential theft attempt - 2875e', // <-- contains colons
+        },
+      });
+
+      await server.inject(request, requestContextMock.convertContext(context));
+
+      expect(
+        clients.elasticAssistant.getAIAssistantConversationsDataClient.findDocuments
+      ).toHaveBeenCalledWith({
+        fields: ['title'],
+        filter:
+          'users:{ name: "my_username" } AND title:test\\: Malware infection\\: with credential theft attempt - 2875e',
+        page: 1,
+        perPage: 100,
+      });
+    });
+
+    test('escapes quotes when querying for existing titles', async () => {
+      const request = requestMock.create({
+        method: 'post',
+        path: ELASTIC_AI_ASSISTANT_CONVERSATIONS_URL,
+        body: {
+          ...getCreateConversationSchemaMock(),
+          title: '"Malware infection with credential theft attempt - 2875e"', // <-- contains quotes
+        },
+      });
+
+      await server.inject(request, requestContextMock.convertContext(context));
+
+      expect(
+        clients.elasticAssistant.getAIAssistantConversationsDataClient.findDocuments
+      ).toHaveBeenCalledWith({
+        fields: ['title'],
+        filter:
+          'users:{ name: "my_username" } AND title:\\"Malware infection with credential theft attempt - 2875e\\"',
+        page: 1,
+        perPage: 100,
+      });
+    });
   });
   describe('conversation containing messages', () => {
     const getMessage = (role: string = 'user') => ({

diff --git a/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.ts b/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.ts
@@ -14,6 +14,8 @@ import {
   API_VERSIONS,
 } from '@kbn/elastic-assistant-common';
 import { buildRouteValidationWithZod } from '@kbn/elastic-assistant-common/impl/schemas/common';
+import { escapeKuery } from '@kbn/es-query';
+
 import { ElasticAssistantPluginRouter } from '../../types';
 import { buildResponse } from '../utils';
 import { performChecks } from '../helpers';
@@ -58,10 +60,13 @@ export const createConversationRoute = (router: ElasticAssistantPluginRouter): v
           const userFilter = currentUser?.username
             ? `name: "${currentUser?.username}"`
             : `id: "${currentUser?.profile_uid}"`;
+
+          const escapedTitle = escapeKuery(request.body.title);
+
           const result = await dataClient?.findDocuments({
             perPage: 100,
             page: 1,
-            filter: `users:{ ${userFilter} } AND title:${request.body.title}`,
+            filter: `users:{ ${userFilter} } AND title:${escapedTitle}`,
             fields: ['title'],
           });
           if (result?.data != null && result.total > 0) {