Properly handle matched and meta fields, always return sentiment aggregations

1 year ago · f4273e4453
parent c67d89c978
commit f4273e4453
2 changed files with 17 additions and 8 deletions
--- a/core/db/elastic.py
+++ b/core/db/elastic.py
@ -358,12 +358,12 @@ class ElasticsearchBackend(StorageBackend):
            add_top.append(range_query)
        self.add_bool(search_query, add_bool)
        self.add_top(search_query, add_top)
-        if "sentiment" in data:
-            search_query["aggs"] = {
-                "avg_sentiment": {
-                    "avg": {"field": "sentiment"},
-                }
+        # if "sentiment" in data:
+        search_query["aggs"] = {
+            "avg_sentiment": {
+                "avg": {"field": "sentiment"},
            }
+        }

        return search_query

@ -374,8 +374,12 @@ class ElasticsearchBackend(StorageBackend):
        for index, (meta, result) in result_map.items():
            # Default to true, if no aggs are found, we still want to match
            match = True
+            print("RULE OBJECT", rule_object.aggs)
+            print("META", meta)
            for agg_name, (operator, number) in rule_object.aggs.items():
-                if agg_name in meta:
+                print("AGG NAME", agg_name, "OPERATOR", operator, "NUMBER", number)
+
+                if agg_name in meta["aggs"]:
                    agg_value = meta["aggs"][agg_name]["value"]

                    # TODO: simplify this, match is default to True
--- a/core/lib/rules.py
+++ b/core/lib/rules.py
@ -291,11 +291,12 @@ class NotificationRuleData(object):
        """
        new_aggs = {}
        for agg_name, agg in aggs.items():
+            print("ITER", agg_name, agg)
            # Already checked membership below
            op, value = self.aggs[agg_name]
            new_aggs[agg_name] = f"{agg['value']}{op}{value}"

-        return
+        return new_aggs

    def reform_matches(self, index, matches, meta, mode):
        if not isinstance(matches, list):
@ -362,6 +363,7 @@ class NotificationRuleData(object):
        # We hit the return above if we don't need to notify
        if "aggs" in meta and "matched" not in meta:
            meta["matched"] = self.format_aggs(meta["aggs"])
+            print("MATCHED", meta["matched"])
        rule_notify(self.object, index, message, meta)
        self.store_match(index, message)
        await self.ingest_matches(index, message, meta, mode)
@ -545,7 +547,10 @@ class NotificationRuleData(object):
                )
            if self.policy != "default":
                raise RuleParseError(
-                    f"Cannot use {self.cleaned_data['policy']} policy with on-demand rules",
+                    (
+                        f"Cannot use {self.cleaned_data['policy']} policy with "
+                        "on-demand rules"
+                    ),
                    "policy",
                )