Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Protect: Refactor useProtectData hook #38637

Conversation

nateweller
Copy link
Contributor

@nateweller nateweller commented Jul 31, 2024

The intention of this PR is to enable the ability to access assorted threat counts, ultimately to disable status filters that have no related threats under the current selected category.

Also improves performance and usability of the hook.

Proposed changes:

  • Moves all filtering of threat data to the useProtectData() hook.
  • Updates the useProtectData() hook to use a single memo-ized loop to generate and filter all threats in one go.
  • Adds counts property to useProtectData() hook, which tracks the amount of total and currently filtered threats across categories.
  • Consolidates core, plugins, themes, files, and database properties into a threats property in useProtectData()'s return value.
  • Updates the application based on changes to the hook.
  • Disables the threat status filter buttons when no threats are available for the button's related filter.

Other information:

  • Have you written new tests for your changes, if applicable?
  • Have you checked the E2E test CI results, and verified that your changes do not break them?
  • Have you tested your changes on WordPress.com, if applicable (if so, you'll see a generated comment below with a script to run)?

Jetpack product discussion

N/A

Does this pull request change what data or activity we track or use?

No

Testing instructions:

  • Smoke test the scanner view in Jetpack Protect - start with a blank JN site, free plan, and work your way to a paid plan with threats both active and in history.

@nateweller nateweller requested a review from a team July 31, 2024 03:14
@nateweller nateweller self-assigned this Jul 31, 2024
@github-actions github-actions bot added the [Plugin] Protect A plugin with features to protect a site: brute force protection, security scanning, and a WAF. label Jul 31, 2024
Copy link
Contributor

github-actions bot commented Jul 31, 2024

Thank you for your PR!

When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:

  • ✅ Include a description of your PR changes.
  • ✅ Add a "[Status]" label (In Progress, Needs Team Review, ...).
  • ✅ Add testing instructions.
  • ✅ Specify whether this PR includes any changes to data or privacy.
  • 🔴 Add changelog entries to affected projects

This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖


The e2e test report can be found here. Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available.


🔴 Action required: Please add missing changelog entries for the following projects: projects/plugins/protect

Use the Jetpack CLI tool to generate changelog entries by running the following command: jetpack changelog add.
Guidelines: /docs/writing-a-good-changelog-entry.md


Once your PR is ready for review, check one last time that all required checks appearing at the bottom of this PR are passing or skipped.
Then, add the "[Status] Needs Team Review" label and ask someone from your team review the code. Once reviewed, it can then be merged.
If you need an extra review from someone familiar with the codebase, you can update the labels from "[Status] Needs Team Review" to "[Status] Needs Review", and in that case Jetpack Approvers will do a final review of your PR.


Protect plugin:

  • Next scheduled release: August 12, 2024.

If you have any questions about the release process, please ask in the #jetpack-releases channel on Slack.

@dkmyta dkmyta mentioned this pull request Aug 1, 2024
3 tasks
@nateweller nateweller force-pushed the add/protect-threat-history branch from aa4673e to ef2b246 Compare August 1, 2024 21:23
@nateweller nateweller force-pushed the add/protect-threat-history-hooks-refactor branch 3 times, most recently from 3cc2669 to d330262 Compare August 1, 2024 23:04
@nateweller nateweller marked this pull request as ready for review August 2, 2024 00:14
Copy link
Contributor

@dkmyta dkmyta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On a fresh JT instance, without an upgrade, I can see that the initial Protect status report has been generated (properly set in the jetpackProtectInitialState var, JPDB, and in the jetpack_protect_status option), however, the Summary and ThreatsList components are empty:

Screen Shot on 2024-08-02 at 10-56-48

Also wanted to note as it may be related to the change, the Scan UI was initially in an error state briefly before entering the scanning state.

@dkmyta dkmyta added [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! and removed [Status] Needs Team Review labels Aug 2, 2024
@nateweller
Copy link
Contributor Author

Looks like the issue is that the hook is now only providing the extensions that have threats, I will fix that up.

The flash of the error state appears to be on the project branch, will make a PR or issue for that as well.

@nateweller nateweller requested a review from dkmyta August 2, 2024 21:40
@nateweller
Copy link
Contributor Author

nateweller commented Aug 2, 2024

@dkmyta PR has been updated with a fix 👍

179e916

@nateweller nateweller added [Status] Needs Team Review and removed [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! [Status] In Progress labels Aug 2, 2024
@github-actions github-actions bot added the [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! label Aug 2, 2024
@nateweller nateweller force-pushed the add/protect-threat-history branch from ef2b246 to 92949ab Compare August 4, 2024 18:35
@nateweller nateweller added this to the protect/3.0.0 milestone Aug 4, 2024
@nateweller nateweller force-pushed the add/protect-threat-history branch from 9d976a8 to 15538a8 Compare August 6, 2024 21:34
@nateweller nateweller force-pushed the add/protect-threat-history-hooks-refactor branch from 28fc596 to 86e5844 Compare August 6, 2024 21:42
Copy link
Contributor

@dkmyta dkmyta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code is clean and initial testing in a functioning environment shows it works.

I noticed something though that may be related to the current updates or may be more related to the prior addition of scanError selector and related adjustments. Manually setting the error var in useProtectData and visiting the ScanHistoryRoute component displays the ErrorScreen. Similarly, setting the scanError selector to return an error works. However, when simulating an actual error (for example updating my hosts file to point at public-api.wordpress.com but not running my sandbox to make wpcom requests fail provides for some unexpected results) first the ScanRoute component displays an empty list, with some relevant data missing:
Screen Shot on 2024-08-06 at 14-39-06

Then shortly after (likely after the first status poll) the error display:
Screen Shot on 2024-08-06 at 14-39-30

The ScanHistoryRoute performs similarly. I can see in both cases that the status and scanHistory initial state variables are populated correctly with error details so it would seem this maybe be more related to the frontend handling of such data.

Perhaps this is not the best way to generate an actual error but I think it does uncover that there is an issue.

@dkmyta
Copy link
Contributor

dkmyta commented Aug 7, 2024

Perhaps not specific to these changes, but similar to the issue with the filters routes, we'll need to redirect #/scan/history and /ignored or /fixed to #/scan if a user does not have an upgrade. Currently, visiting these routes without a paid plan is possible, the page is blank and we're hit with a bunch of console errors attempting to access properties of undefined (threats).

Interestingly enough, we do have a block for this in ScanHistoryRoute, but it doesn't seem to apply I suppose because the error takes precedence. Looks like it comes down to the fact that we still attempt to use scanHistory data (even though its set to false when ! hasRequiredPlan) in useProtectData on line 32 here:

	const { counts, results, error, lastChecked, hasUncheckedItems } = useMemo( () => {
		// This hook can provide data from two sources: the current scan or the scan history.
		const data = sourceType === 'history' ? { ...scanHistory } : { ...status };

@nateweller
Copy link
Contributor Author

@dkmyta Added a PaidPlanGate component that we can wrap around any route that requires a plan: ea79065

@nateweller nateweller requested a review from dkmyta August 7, 2024 18:23
Comment on lines 202 to 205
if ( statusIsFetching ) {
return <Spinner />;
}

Copy link
Contributor

@dkmyta dkmyta Aug 8, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this scenario ever occur on its own or will scanInProgress always be set when statusIsFetching is? If it can occur, then I think we need to update the display, as it is currently:
Screen Shot 2024-08-08 at 09 12 18

@nateweller nateweller force-pushed the add/protect-threat-history branch from 15538a8 to fd3d09a Compare August 8, 2024 20:54
@nateweller nateweller force-pushed the add/protect-threat-history-hooks-refactor branch 5 times, most recently from 3bfe9ae to 8c869aa Compare August 8, 2024 21:08
@nateweller nateweller force-pushed the add/protect-threat-history-hooks-refactor branch from 8c869aa to f2a8039 Compare August 8, 2024 21:53
@nateweller nateweller requested a review from dkmyta August 8, 2024 22:10
Copy link
Contributor

@dkmyta dkmyta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good!

@nateweller nateweller merged commit 3155dca into add/protect-threat-history Aug 9, 2024
47 of 49 checks passed
@nateweller nateweller deleted the add/protect-threat-history-hooks-refactor branch August 9, 2024 01:35
@github-actions github-actions bot removed [Status] Needs Team Review [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! labels Aug 9, 2024
nateweller added a commit that referenced this pull request Aug 9, 2024
nateweller added a commit that referenced this pull request Aug 9, 2024
dkmyta added a commit that referenced this pull request Aug 19, 2024
…38815)

* Add TypeScript support to Jetpack Protect

* Downgrade typescript to 5.0.4, to match other monorepo projects

* Add TypeScript support to Jetpack Protect

* Init feature branch

* Protect: Add Scan_History class (#37903)

* Protect: Add Scan History UI (#37988)

* changelog

* Protect: Separate scanner and history views via React Router and UI adjustments (#38325)

* Run ./tools/fixup-project-versions.sh

* Restore project versions

* Run ./tools/fixup-project-versions.sh

* Remove todo comment (#38628)

* Fix History error state, add access points, and fix hidden filters (#38656)

* Only display the manual scan message under the scanner threats list (#38626)

* Protect: Add unignore threat capabilities (#38094)

* Add Scan_History class

* changelog

* Update changelog

* Merge trunk, fix versions

* Add initial UI for scan history

* Add firstDetected and fixedOn details to threat cards

* Fix ignored message

* Fix console error

* Adjust wording and styles

* Optimize

* Fix firstDetected and fixedOn property retrieval issues, add todos

* Remove unneeded ref

* Consolidate scan history UI to existing components

* Remove todos

* Return false for scanHistory when upgrade is missing

* Manage ScanPage states when viewing history

* Move source data logic to useProtectData hook

* Improve Summary component Button logic

* ScanPage refactoring

* Reapply missing scanIsUnavailable check

* Add comments

* Hide ignore when viewing threats, and clear history cache when updating or fixing

* Add unignore actions and conditional handling to the UI

* Add null coalescing to core threat prop assignment

* Fix core threat normalization

* Optimizations and refactoring

* Revert standarization, and use conditionals

* Add dummy arg to avoid bad translation minification

* Changlog entry

* Move viewingScanHistory out of initial state

* Use threat status over lack of fixedOn to display unignore button

* Add foundation for unignore request

* Remove need for signature_id

* Add TypeScript support to Jetpack Protect

* Downgrade typescript to 5.0.4, to match other monorepo projects

* Add TypeScript support to Jetpack Protect

* Init feature branch

* Protect: Add Scan_History class (#37903)

* Protect: Add Scan History UI (#37988)

* Init feature branch

* Init feature branch

* Init feature branch

* Use react router for threat history, separate scan and history root components, minor UI adjustments

* changelog

* Add dummy args to avoid bad minification

* Hide scan section navigation when user has no plan

* Wrap ScanButton with forwardRef

* Add onboarding popover to Scan Now button in empty state

* Fix filtering of core threat history

* Redirect to /scan from /scan/history when user has no plan

* Fix animation glitch in onboarding popover

* Remove unnecessary additions

* Further removals after failed base merge

* More removals

* Add todos

* Use status to conditional render unignore action button

* Move ignore/unignore actions to dedicated modals

* Add TypeScript support to Jetpack Protect

* Downgrade typescript to 5.0.4, to match other monorepo projects

* Add TypeScript support to Jetpack Protect

* Init feature branch

* Protect: Add Scan_History class (#37903)

* Protect: Add Scan History UI (#37988)

* changelog

* Protect: Separate scanner and history views via React Router and UI adjustments (#38325)

* Run ./tools/fixup-project-versions.sh

* Restore project versions

* Run ./tools/fixup-project-versions.sh

* Remove todo comment (#38628)

* Remove changelog

* Display fix threat button only for current threats

* Further unification

* Refresh scan history after unignore

* Update projects/plugins/protect/src/js/components/unignore-threat-modal/index.jsx

Co-authored-by: Nate Weller <[email protected]>

* Fix lint errors

---------

Co-authored-by: Nate Weller <[email protected]>
Co-authored-by: Nate Weller <[email protected]>

* Do not show scan error when optimistically scanning (#38703)

* Refactor useProtectData hook (#38637)

* Fixup project versions

* Update deactivation method to delete relevant options

* changelog

* Simplify

* Remove changelog entries

* Remove changelog entries

* Remove changelog entries

* changelog

* Revert unintended Jetpack changes

---------

Co-authored-by: Nate Weller <[email protected]>
Co-authored-by: Nate Weller <[email protected]>
pkuliga pushed a commit that referenced this pull request Aug 23, 2024
…38815)

* Add TypeScript support to Jetpack Protect

* Downgrade typescript to 5.0.4, to match other monorepo projects

* Add TypeScript support to Jetpack Protect

* Init feature branch

* Protect: Add Scan_History class (#37903)

* Protect: Add Scan History UI (#37988)

* changelog

* Protect: Separate scanner and history views via React Router and UI adjustments (#38325)

* Run ./tools/fixup-project-versions.sh

* Restore project versions

* Run ./tools/fixup-project-versions.sh

* Remove todo comment (#38628)

* Fix History error state, add access points, and fix hidden filters (#38656)

* Only display the manual scan message under the scanner threats list (#38626)

* Protect: Add unignore threat capabilities (#38094)

* Add Scan_History class

* changelog

* Update changelog

* Merge trunk, fix versions

* Add initial UI for scan history

* Add firstDetected and fixedOn details to threat cards

* Fix ignored message

* Fix console error

* Adjust wording and styles

* Optimize

* Fix firstDetected and fixedOn property retrieval issues, add todos

* Remove unneeded ref

* Consolidate scan history UI to existing components

* Remove todos

* Return false for scanHistory when upgrade is missing

* Manage ScanPage states when viewing history

* Move source data logic to useProtectData hook

* Improve Summary component Button logic

* ScanPage refactoring

* Reapply missing scanIsUnavailable check

* Add comments

* Hide ignore when viewing threats, and clear history cache when updating or fixing

* Add unignore actions and conditional handling to the UI

* Add null coalescing to core threat prop assignment

* Fix core threat normalization

* Optimizations and refactoring

* Revert standarization, and use conditionals

* Add dummy arg to avoid bad translation minification

* Changlog entry

* Move viewingScanHistory out of initial state

* Use threat status over lack of fixedOn to display unignore button

* Add foundation for unignore request

* Remove need for signature_id

* Add TypeScript support to Jetpack Protect

* Downgrade typescript to 5.0.4, to match other monorepo projects

* Add TypeScript support to Jetpack Protect

* Init feature branch

* Protect: Add Scan_History class (#37903)

* Protect: Add Scan History UI (#37988)

* Init feature branch

* Init feature branch

* Init feature branch

* Use react router for threat history, separate scan and history root components, minor UI adjustments

* changelog

* Add dummy args to avoid bad minification

* Hide scan section navigation when user has no plan

* Wrap ScanButton with forwardRef

* Add onboarding popover to Scan Now button in empty state

* Fix filtering of core threat history

* Redirect to /scan from /scan/history when user has no plan

* Fix animation glitch in onboarding popover

* Remove unnecessary additions

* Further removals after failed base merge

* More removals

* Add todos

* Use status to conditional render unignore action button

* Move ignore/unignore actions to dedicated modals

* Add TypeScript support to Jetpack Protect

* Downgrade typescript to 5.0.4, to match other monorepo projects

* Add TypeScript support to Jetpack Protect

* Init feature branch

* Protect: Add Scan_History class (#37903)

* Protect: Add Scan History UI (#37988)

* changelog

* Protect: Separate scanner and history views via React Router and UI adjustments (#38325)

* Run ./tools/fixup-project-versions.sh

* Restore project versions

* Run ./tools/fixup-project-versions.sh

* Remove todo comment (#38628)

* Remove changelog

* Display fix threat button only for current threats

* Further unification

* Refresh scan history after unignore

* Update projects/plugins/protect/src/js/components/unignore-threat-modal/index.jsx

Co-authored-by: Nate Weller <[email protected]>

* Fix lint errors

---------

Co-authored-by: Nate Weller <[email protected]>
Co-authored-by: Nate Weller <[email protected]>

* Do not show scan error when optimistically scanning (#38703)

* Refactor useProtectData hook (#38637)

* Fixup project versions

* Update deactivation method to delete relevant options

* changelog

* Simplify

* Remove changelog entries

* Remove changelog entries

* Remove changelog entries

* changelog

* Revert unintended Jetpack changes

---------

Co-authored-by: Nate Weller <[email protected]>
Co-authored-by: Nate Weller <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
[Plugin] Protect A plugin with features to protect a site: brute force protection, security scanning, and a WAF. [Type] Janitorial
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants