fix(UI): Conditional error message based on ruleType for PZ Create Rule functionality Fixes BED-7291

[slimi-so]

Description

*- In bh-shared-ui RuleForm component pass ruleType vlaue into handleError and getErrorMessage utility functions, handleCreateRule and handlePatchRule dependency arrays

• In bh-shared-ui utils file:
  • In handleError util function pass in optionalParams optional function param object value with ruleType optional key to pass to getErrorMessage helper function
  • In getErrorMessage util function utilize ruleType to conditionally return specific message strings based on ruleType value of SeedTypeObjectId vs. SeedTypeCypher vs. no ruleType val passed in*

Motivation and Context

Resolves <BED-7291>

Why is this change required? What problem does it solve?
It was giving wrong error message for creating rule with empty Object ID in Privilege Zones page. Now it gives the correct error message for trying to create a rule with empty Object ID in Privilege Zones page

How Has This Been Tested?

Please describe in detail how you tested your changes.
Include details of your testing environment, and the tests you ran to
see how your change affects other areas of the code, etc.
By manual testing in browser and by unit tests

Screenshots (optional):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• I have met the contributing prerequisites
  • Assigned myself to this PR
  • Added the appropriate labels
  • Associated an issue: Issues and Pull Requests README #672
  • Read the Contributing guide: https://github.com/SpecterOps/BloodHound/wiki/Contributing
• I have ensured that related documentation is up-to-date
  • Open API docs
  • Code comments (GoDocs / JSDocs)
• I have followed proper test practices
  • Added/updated tests to cover my changes
  • All new and existing tests passed

Summary by CodeRabbit

• New Features

  • Added OpenGraph tag to API documentation taxonomy.

• Bug Fixes

  • Enhanced error messages during rule creation with context-specific information.

• Tests

  • Added test coverage for rule creation error handling and expanded error message validation.

• Style

  • Fixed formatting inconsistencies in license headers.

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes enhance error handling in the PrivilegeZones Save workflow by adding ruleType context to error messages for Cypher and Object ID seed types. Test coverage is expanded for error scenarios, utility functions are extended with specialized error messaging logic, and a minor OpenAPI schema update adds OpenGraph tagging.

Changes

Cohort / File(s)	Summary
Go Configuration Updates packages/go/chow/ingestvalidator/schema.go, packages/go/openapi/doc/openapi.json	License header formatting change and addition of "OpenGraph" tag to Community & Enterprise OpenAPI tag groups.
Component Exports packages/javascript/bh-shared-ui/src/components/index.ts	Reordered export statement for ConditionalTooltip to follow CommunityIcon; no functional impact.
RuleForm Error Handling packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/RuleForm/RuleForm.tsx, RuleForm.test.tsx	Updated error handling to pass ruleType context to error messages; added test case for rule creation failure; dependency arrays updated to include ruleType.
Error Utilities Expansion packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts, utils.test.ts	Extended getErrorMessage and handleError functions with optional ruleType parameter for seed-type-specific error messages; expanded test coverage for Object ID and Cypher seed error paths.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• refactor: Change error message when the user do not run a cypher before saving a rule BED-6921 #2177 — Introduces/expands getErrorMessage and handles seeds-required/Cypher-specific messages in utils.ts error handling
• BED-6659 more verbiage alignment #2029 — Modifies the same utils.ts file and error-handling functions (handleError/getErrorMessage)
• chore: Run prepare-for-codereview BED-7271 #2318 — Adjusts barrel export ordering within packages/javascript/bh-shared-ui/src/components/index.ts

Suggested labels

bug, user interface

Suggested reviewers

• specter-flq
• Holocraft
• urangel

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description check	✅ Passed	The PR description includes all required template sections: detailed description of changes, motivation/context with ticket reference, testing approach, and completed checklist items with proper documentation updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title accurately summarizes the main change: adding conditional error messages based on ruleType for PZ Create Rule functionality, which aligns with all file changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch BED-7291-create-rule-error-msg

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts (1)

133-157: SeedTypeCypher test and fallback test assert the same string — indirect evidence of a redundant branch.

Lines 133-144 (ruleType: SeedTypeCypher) and lines 146-157 (no ruleType) expect an identical message. This confirms that the explicit SeedTypeCypher branch in utils.ts (lines 28-30) is currently a no-op when SeedTypesMap[SeedTypeCypher] === "Cypher". Consider adding a comment in utils.ts explaining the intent of that branch (e.g., anticipated future rename of the Cypher seed type label), or collapsing it into the fallback.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts`
around lines 133 - 157, Tests show identical expected messages for the
SeedTypeCypher-specific branch and the undefined fallback, indicating the
SeedTypeCypher branch in utils.ts (see handleError and SeedTypesMap /
SeedTypeCypher usage) is redundant; either collapse the conditional into the
fallback or keep the branch but add a clear comment above the SeedTypeCypher
case explaining the intent (e.g., anticipating a future label/name change for
the Cypher seed type) so it’s not mistaken for dead code—update handleError
accordingly and adjust or annotate the SeedTypeCypher logic to reflect the
chosen approach.

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/RuleForm/RuleForm.test.tsx (1)

443-475: Tighten the ruleType assertion and suppress console.error.

Two minor issues:

1. Loose assertion (line 472): expect.any(Number) only confirms a number was passed. Since the form initialises with ruleType: SeedTypeObjectId (= 1) and the test never changes the seed type, assert the exact value to catch regressions:

💡 More precise assertion

-                expect.objectContaining({ ruleType: expect.any(Number) })
+                expect.objectContaining({ ruleType: SeedTypeObjectId })

Add the import at the top of the file (already imported on line 18, so no change needed there for SeedTypeCypher; add SeedTypeObjectId):

-import { AssetGroupTagSelector, AssetGroupTagSelectorAutoCertifyAllMembers, SeedTypeCypher } from 'js-client-library';
+import { AssetGroupTagSelector, AssetGroupTagSelectorAutoCertifyAllMembers, SeedTypeCypher, SeedTypeObjectId } from 'js-client-library';

2. Missing console.error suppression: handleError calls console.error(error) internally. The 400 mock response will surface in test output. Other error-path tests in this file (e.g. line 229) silence it with console.error = vi.fn().

💡 Suppress console noise

+        console.error = vi.fn();
         vi.mocked(useParams).mockReturnValue({ zoneId: '1', ruleId: undefined });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/RuleForm/RuleForm.test.tsx`
around lines 443 - 475, Update the failing test to (1) assert the exact ruleType
value instead of expect.any(Number) by checking for SeedTypeObjectId (ensure
SeedTypeObjectId is imported/available in the test) when verifying
handleErrorSpy, and (2) mute console.error before triggering the error path
(e.g., set console.error = vi.fn() or similar) so the mocked 400 response
doesn't print noise; locate the assertion that calls handleErrorSpy and the test
setup block that triggers the POST error in RuleForm.test.tsx to apply these
changes.

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts (1)

28-31: Remove redundant SeedTypeCypher branch—it produces the same output as the fallback.

The else if (ruleType === SeedTypeCypher) branch at lines 28–29 generates an identical string to the default fallback at line 31. Since SeedTypesMap[SeedTypeCypher] evaluates to 'Cypher', both code paths produce 'To save a {entity} created using Cypher, the Cypher must be run first. Click "Run" to continue'. Tests at lines 133–144 and 146–157 confirm this equivalence. Simplify by removing the dead branch unless forward-compatibility with future SeedTypesMap changes is intentional.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts`
around lines 28 - 31, The branch checking for SeedTypeCypher is redundant
because SeedTypesMap[SeedTypeCypher] equals 'Cypher' and produces the same
message as the fallback; remove the else if (ruleType === SeedTypeCypher) branch
and return the default fallback message for Cypher cases instead, keeping the
code that uses ruleType, SeedTypesMap and entity intact so other seed types
still get special messages (update any affected unit tests referencing
SeedTypeCypher if necessary).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts`:
- Around line 205-208: The test currently asserts a hardcoded "To create"
message while calling getErrorMessage('seeds are required', 'updating', 'zone',
SeedTypeObjectId), so update the expectation to reflect the passed action;
change the expected string to use the action ("updating") for the Object ID
message (i.e., make the expected message match what getErrorMessage will return
once the verb is driven by the action parameter) so the test aligns with
getErrorMessage and SeedTypeObjectId usage.

In `@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts`:
- Around line 26-27: The message for the Object ID branch currently hardcodes
"To create" and ignores the action parameter (seen in handlePatchRule and the
ruleType/SeedTypeObjectId branch), so update the template to use the passed-in
action (e.g., `${action} a ${entity} using ${SeedTypesMap[SeedTypeObjectId]},
add at least one object using the field below.`) so the text reflects creating
vs updating; adjust any tests expecting the previous fixed wording if needed.

---

Nitpick comments:
In
`@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/RuleForm/RuleForm.test.tsx`:
- Around line 443-475: Update the failing test to (1) assert the exact ruleType
value instead of expect.any(Number) by checking for SeedTypeObjectId (ensure
SeedTypeObjectId is imported/available in the test) when verifying
handleErrorSpy, and (2) mute console.error before triggering the error path
(e.g., set console.error = vi.fn() or similar) so the mocked 400 response
doesn't print noise; locate the assertion that calls handleErrorSpy and the test
setup block that triggers the POST error in RuleForm.test.tsx to apply these
changes.

In
`@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts`:
- Around line 133-157: Tests show identical expected messages for the
SeedTypeCypher-specific branch and the undefined fallback, indicating the
SeedTypeCypher branch in utils.ts (see handleError and SeedTypesMap /
SeedTypeCypher usage) is redundant; either collapse the conditional into the
fallback or keep the branch but add a clear comment above the SeedTypeCypher
case explaining the intent (e.g., anticipating a future label/name change for
the Cypher seed type) so it’s not mistaken for dead code—update handleError
accordingly and adjust or annotate the SeedTypeCypher logic to reflect the
chosen approach.

In `@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts`:
- Around line 28-31: The branch checking for SeedTypeCypher is redundant because
SeedTypesMap[SeedTypeCypher] equals 'Cypher' and produces the same message as
the fallback; remove the else if (ruleType === SeedTypeCypher) branch and return
the default fallback message for Cypher cases instead, keeping the code that
uses ruleType, SeedTypesMap and entity intact so other seed types still get
special messages (update any affected unit tests referencing SeedTypeCypher if
necessary).

---

ℹ️ Review info

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e80426f and 016a3b2.

📒 Files selected for processing (7)

• packages/go/chow/ingestvalidator/schema.go
• packages/go/openapi/doc/openapi.json
• packages/javascript/bh-shared-ui/src/components/index.ts
• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/RuleForm/RuleForm.test.tsx
• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/RuleForm/RuleForm.tsx
• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts
• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Test confirms action is ignored in the Object ID message — downstream corroboration of the utils.ts issue.

The assertion expect(result).toBe('To create a zone using Object ID, ...') with action: 'updating' passed in explicitly documents that the hardcoded "To create" verb in utils.ts line 27 ignores action. This aligns with the minor issue flagged in utils.ts. If that verb is corrected there, update this test expectation accordingly.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts`
around lines 205 - 208, The test currently asserts a hardcoded "To create"
message while calling getErrorMessage('seeds are required', 'updating', 'zone',
SeedTypeObjectId), so update the expectation to reflect the passed action;
change the expected string to use the action ("updating") for the Object ID
message (i.e., make the expected message match what getErrorMessage will return
once the verb is driven by the action parameter) so the test aligns with
getErrorMessage and SeedTypeObjectId usage.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Hardcoded "To create" ignores the action parameter in the Object ID branch.

For the patch/update flow, handlePatchRule can reach this message with action = 'updating', yet the returned string always says "To create a ...". The utils.test.ts at line 205-208 already confirms this by calling with action: 'updating' while expecting "To create a zone...".

Either incorporate action into the message, or accept that the verb is intentionally fixed (and remove action from the template here). As-is it's misleading on the update path.

💡 Suggested fix to use action context

-            if (ruleType === SeedTypeObjectId) {
-                return `To create a ${entity} using ${SeedTypesMap[SeedTypeObjectId]}, add at least one object using the field below.`;
+            if (ruleType === SeedTypeObjectId) {
+                return `To ${action} a ${entity} using ${SeedTypesMap[SeedTypeObjectId]}, add at least one object using the field below.`;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (ruleType === SeedTypeObjectId) {
	return `To create a ${entity} using ${SeedTypesMap[SeedTypeObjectId]}, add at least one object using the field below.`;
	if (ruleType === SeedTypeObjectId) {
	return `To ${action} a ${entity} using ${SeedTypesMap[SeedTypeObjectId]}, add at least one object using the field below.`;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts`
around lines 26 - 27, The message for the Object ID branch currently hardcodes
"To create" and ignores the action parameter (seen in handlePatchRule and the
ruleType/SeedTypeObjectId branch), so update the template to use the passed-in
action (e.g., `${action} a ${entity} using ${SeedTypesMap[SeedTypeObjectId]},
add at least one object using the field below.`) so the text reflects creating
vs updating; adjust any tests expecting the previous fixed wording if needed.

[specter-flq]

Not fully read on the context of this feature, but for this default returned error should we consider something a bit more generic ? Seems like if there was an error that wasn't related to Cypher that did not match an above case, it would show as related to a Cypher which would not necessarily be true.

[specter-flq]

This is an interesting comment from coderabbit, seems like the bug addressed in this PR is related to creating and updating. Yet when updating the error includes "To create" which could be misleading. Maybe something like the cypher one? where it says To save a... So it would say To save a rule using ObjectID... in either created or updating and it would make sense.