update(userspace/engine): allow overwriting rules with enabled flag only

This allows defining rules that simply enable/disable already defined rules, like the following: - rule: A rule enabled by default enabled: false - rule: A rule disabled by default enabled: true Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
2025-09-13 13:32:50 +00:00 · 2021-11-15 18:36:38 +00:00
parent 7dcf8f4bf7
commit eec2f5062f
1 changed files with 19 additions and 8 deletions
--- a/userspace/engine/lua/rule_loader.lua
+++ b/userspace/engine/lua/rule_loader.lua
@@ -542,10 +542,6 @@ function load_rules_doc(rules_mgr, doc, load_state)
 	    return false, build_error_with_context(v['context'], "Rule name is empty"), warnings
 	 end

-	 if (v['condition'] == nil and v['exceptions'] == nil) then
-	    return false, build_error_with_context(v['context'], "Rule must have exceptions or condition property"), warnings
-	 end
-
 	 -- By default, if a rule's condition refers to an unknown
 	 -- filter like evt.type, etc the loader throws an error.
 	 if v['skip-if-unknown-filter'] == nil then
@@ -611,6 +607,9 @@ function load_rules_doc(rules_mgr, doc, load_state)
 		  return false, build_error_with_context(v['context'], "Rule " ..v['rule'].. " has 'append' key but no rule by that name already exists"), warnings
 	       end
 	    else
+          if (v['condition'] == nil and next(v['exceptions']) == nil) then
+             return false, build_error_with_context(v['context'], "Appended rule must have exceptions or condition property"), warnings
+          end

 	       if next(v['exceptions']) ~= nil then

@@ -663,13 +662,24 @@ function load_rules_doc(rules_mgr, doc, load_state)
 	    end

 	 else
-
+       local err = nil
 	    for j, field in ipairs({'condition', 'output', 'desc', 'priority'}) do
-	       if (v[field] == nil) then
-		  return false, build_error_with_context(v['context'], "Rule must have property "..field), warnings
+	       if (err == nil and v[field] == nil) then
+		       err = build_error_with_context(v['context'], "Rule must have property "..field)
 	       end
 	    end

+       -- Handle spacial case where "enabled" flag is defined only
+       if (err ~= nil) then
+          if (v['enabled'] == nil) then
+            return false, err, warnings
+          else 
+             if state.rules_by_name[v['rule']] == nil then
+                return false, build_error_with_context(v['context'], "Rule " ..v['rule'].. " has 'enabled' key only, but no rule by that name already exists"), warnings
+             end
+             state.rules_by_name[v['rule']]['enabled'] = v['enabled']
+          end
+       else
       -- Convert the priority-as-string to a priority-as-number now
 	    v['priority_num'] = priorities[v['priority']]

@@ -694,6 +704,7 @@ function load_rules_doc(rules_mgr, doc, load_state)
 	       state.skipped_rules_by_name[v['rule']] = v
 	    end
       end
+	 end
      else
 	 local context = v['context']