Skip to content

Commit 0d189f6

Browse files
nazargesyknazargesyk
committed
Merge branch 'prod' into gis-7683
1 parent 9985f6b commit 0d189f6

File tree

8 files changed

+32
-12
lines changed

8 files changed

+32
-12
lines changed

uncoder-core/app/translator/core/tokenizer.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,8 @@
3131
from app.translator.core.mapping import SourceMapping
3232
from app.translator.core.models.field import Field, FieldValue, Keyword
3333
from app.translator.core.models.functions.base import Function
34+
from app.translator.core.models.functions.eval import EvalArg
35+
from app.translator.core.models.functions.rename import RenameArg
3436
from app.translator.core.models.functions.sort import SortArg
3537
from app.translator.core.models.identifier import Identifier
3638
from app.translator.core.str_value_manager import StrValue, StrValueManager
@@ -323,6 +325,11 @@ def get_field_tokens_from_func_args(
323325
result.extend(self.get_field_tokens_from_func_args(args=arg.by_clauses))
324326
elif isinstance(arg, SortArg):
325327
result.append(arg.field)
328+
elif isinstance(arg, RenameArg):
329+
result.append(arg.field_)
330+
elif isinstance(arg, EvalArg):
331+
result.append(arg.field_)
332+
result.extend(self.get_field_tokens_from_func_args(args=arg.expression))
326333
return result
327334

328335
@staticmethod

uncoder-core/app/translator/platforms/base/spl/const.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
FIELD_PATTERN = r"(?P<___group_name___>[a-zA-Z0-9.\-_{}]+)"
2+
DOUBLE_QUOTES_VALUE_PATTERN = r'"(?P<___group_name___>(?:[:a-zA-Z*0-9=+%#\-_/,;`?~‘○×\'.<>$&^@!\]\[(){}\s]|\\\"|\\)*)"' # noqa: RUF001
3+
SINGLE_QUOTES_VALUE_PATTERN = r"'(?P<___group_name___>(?:[:a-zA-Z*0-9=+%#\-_/,;`?~‘○×\".<>$&^@!\]\[(){}\s]|\\\'|\\)*)'" # noqa: RUF001
4+
NO_QUOTES_VALUES_PATTERN = (
5+
r"(?P<___group_name___>(?:[:a-zA-Z*0-9+%#\-_/,.$&^@!]|\\\s|\\=|\\!=|\\<|\\<=|\\>|\\>=|\\\\)+)"
6+
)
7+
NUM_VALUE_PATTERN = r"(?P<___group_name___>\d+(?:\.\d+)?)"

uncoder-core/app/translator/platforms/base/spl/tokenizer.py

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,11 @@
2525
from app.translator.core.models.field import FieldValue, Keyword
2626
from app.translator.core.models.identifier import Identifier
2727
from app.translator.core.tokenizer import QueryTokenizer
28+
from app.translator.platforms.base.spl.const import DOUBLE_QUOTES_VALUE_PATTERN as D_Q_V_PATTERN
29+
from app.translator.platforms.base.spl.const import FIELD_PATTERN
30+
from app.translator.platforms.base.spl.const import NO_QUOTES_VALUES_PATTERN as NO_Q_V_PATTERN
31+
from app.translator.platforms.base.spl.const import NUM_VALUE_PATTERN as N_V_PATTERN
32+
from app.translator.platforms.base.spl.const import SINGLE_QUOTES_VALUE_PATTERN as S_Q_V_PATTERN
2833
from app.translator.platforms.base.spl.escape_manager import spl_escape_manager
2934
from app.translator.tools.utils import get_match_group
3035

@@ -40,13 +45,11 @@ class SplTokenizer(QueryTokenizer, ANDLogicOperatorMixin):
4045
}
4146
multi_value_operators_map: ClassVar[dict[str, str]] = {"in": OperatorType.EQ}
4247

43-
field_pattern = r"(?P<field_name>[a-zA-Z0-9\.\-_\{\}]+)"
44-
num_value_pattern = rf"(?P<{ValueType.number_value}>\d+(?:\.\d+)*)(?=$|\s|\))"
45-
double_quotes_value_pattern = rf'"(?P<{ValueType.double_quotes_value}>(?:[:a-zA-Z\*0-9=+%#\-_/,;`\?~‘○×\'\.<>$&^@!\]\[\(\)\{{\}}\s]|\\\"|\\)*)"\s*' # noqa: E501, RUF001
46-
single_quotes_value_pattern = (
47-
rf"'(?P<{ValueType.single_quotes_value}>(?:[:a-zA-Z\*0-9=+%#\-_/,;\"\.<>$&^@!\(\)\{{\}}\s]|\\\'|\\)*)'\s*"
48-
)
49-
no_quotes_value_pattern = rf"(?P<{ValueType.no_quotes_value}>(?:[:a-zA-Z\*0-9+%#\-_/,\.$&^@!]|\\\s|\\=|\\!=|\\<|\\<=|\\>|\\>=|\\\\)+)(?=$|\s|\))" # noqa: E501
48+
field_pattern = FIELD_PATTERN.replace("___group_name___", "field_name")
49+
num_value_pattern = rf"{N_V_PATTERN.replace('___group_name___', ValueType.number_value)}(?=$|\s|\))"
50+
double_quotes_value_pattern = rf"{D_Q_V_PATTERN.replace('___group_name___', ValueType.double_quotes_value)}\s*"
51+
single_quotes_value_pattern = rf"{S_Q_V_PATTERN.replace('___group_name___', ValueType.single_quotes_value)}\s*"
52+
no_quotes_value_pattern = rf"{NO_Q_V_PATTERN.replace('___group_name___', ValueType.no_quotes_value)}(?=$|\s|\))"
5053
_value_pattern = (
5154
rf"{num_value_pattern}|{no_quotes_value_pattern}|{double_quotes_value_pattern}|{single_quotes_value_pattern}"
5255
)

uncoder-core/app/translator/platforms/crowdstrike/renders/crowdstrike.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,4 +41,4 @@ class CrowdStrikeQueryRender(SplQueryRender):
4141

4242
def __init__(self):
4343
super().__init__()
44-
self.platform_functions.manager.init_search_func_render(self)
44+
self.platform_functions.manager.post_init_configure(self)

uncoder-core/app/translator/platforms/logscale/renders/logscale.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -106,7 +106,7 @@ class LogScaleQueryRender(PlatformQueryRender):
106106

107107
def __init__(self):
108108
super().__init__()
109-
self.platform_functions.manager.init_search_func_render(self)
109+
self.platform_functions.manager.post_init_configure(self)
110110

111111
def wrap_with_comment(self, value: str) -> str:
112112
return f"/* {value} */"

uncoder-core/app/translator/platforms/microsoft/renders/microsoft_sentinel.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -136,7 +136,7 @@ class MicrosoftSentinelQueryRender(PlatformQueryRender):
136136

137137
def __init__(self):
138138
super().__init__()
139-
self.platform_functions.manager.init_search_func_render(self)
139+
self.platform_functions.manager.post_init_configure(self)
140140

141141
def generate_prefix(self, log_source_signature: LogSourceSignature) -> str:
142142
return str(log_source_signature)

uncoder-core/app/translator/platforms/opensearch/renders/opensearch_rule.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,10 @@ class OpenSearchRuleRender(OpenSearchQueryRender):
5050

5151
field_value_map = OpenSearchRuleFieldValue(or_token=or_token)
5252
query_pattern = "{prefix} {query} {functions}"
53-
fields: dict = {}
53+
54+
def __init__(self):
55+
super().__init__()
56+
self.fields = {}
5457

5558
def finalize_query(
5659
self,

uncoder-core/app/translator/platforms/splunk/renders/splunk.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,4 +40,4 @@ class SplunkQueryRender(SplQueryRender):
4040

4141
def __init__(self):
4242
super().__init__()
43-
self.platform_functions.manager.init_search_func_render(self)
43+
self.platform_functions.manager.post_init_configure(self)

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy