Implement deleting database matches

1 year ago · c67d89c978
parent 9a8bb9027f
commit c67d89c978
2 changed files with 34 additions and 2 deletions
--- a/core/db/elastic.py
+++ b/core/db/elastic.py
@ -79,6 +79,21 @@ class ElasticsearchBackend(StorageBackend):
                index=settings.INDEX_RULE_STORAGE, mappings=mapping["mappings"]
            )

+    def delete_rule_entries(self, rule_id):
+        """
+        Delete all entries for a given rule.
+        :param rule_id: The rule ID to delete.
+        """
+        if self.client is None:
+            self.initialise()
+        search_query = self.construct_query(None, None, blank=True)
+        search_query["query"]["bool"]["must"].append(
+            {"match_phrase": {"rule_id": rule_id}}
+        )
+        return self.client.delete_by_query(
+            index=settings.INDEX_RULE_STORAGE, body=search_query
+        )
+
    def construct_context_query(
        self, index, net, channel, src, num, size, type=None, nicks=None
    ):
--- a/core/lib/rules.py
+++ b/core/lib/rules.py
@ -196,6 +196,13 @@ class NotificationRuleData(object):
        if self.object is not None:
            self.populate_matched()

+    def clear_database_matches(self):
+        """
+        Delete all matches for this rule.
+        """
+        rule_id = str(self.object.id)
+        self.db.delete_rule_entries(rule_id)
+
    def populate_matched(self):
        """
        On first creation, the match field is None. We need to populate it with
@ -401,7 +408,9 @@ class NotificationRuleData(object):

        """
        current_match = self.get_match(index)
-        log.debug(f"Rule not matched: {index} - current match: {current_match}: {message}")
+        log.debug(
+            f"Rule not matched: {index} - current match: {current_match}: {message}"
+        )

        last_run_had_matches = current_match is True
        initial = current_match is None
@ -419,7 +428,10 @@ class NotificationRuleData(object):
            # Never notify for empty matches on default policy
            rule_notify(self.object, index, "no_match", None)
            await self.ingest_matches(
-                index=index, matches=[{"msg": None}], meta={"msg": message}, mode="schedule"
+                index=index,
+                matches=[{"msg": None}],
+                meta={"msg": message},
+                mode="schedule",
            )

    async def run_schedule(self):
@ -446,9 +458,14 @@ class NotificationRuleData(object):
                    if "match" in meta["aggs"][agg_name]:
                        aggs_for_index.append(meta["aggs"][agg_name]["match"])

+            print("aggs_for_index", aggs_for_index)
+            print("self aggs", self.aggs.keys())
+
            # All required aggs are present
            if len(aggs_for_index) == len(self.aggs.keys()):
+                print("Key len match")
                if all(aggs_for_index):
+                    print("all aggs for index true")
                    # All aggs have matched
                    await self.rule_matched(
                        index, results[: self.object.amount], meta, mode="schedule"