conditionally show correlation rule output

panther_analysis_tool/backend/client.py

@@ -241,6 +241,7 @@ class BulkUploadResponse:
     data_models: BulkUploadStatistics
     lookup_tables: BulkUploadStatistics
     global_helpers: BulkUploadStatistics
+    correlation_rules: BulkUploadStatistics
 
 
 @dataclass(frozen=True)
@@ -447,6 +448,28 @@ class GenerateEnrichedEventResponse:
     enriched_event: Dict[str, Any]  # json
 
 
+@dataclass(frozen=True)
+class FeatureFlagWithDefault:
+    flag: str
+    default_treatment: Optional[bool] = None
+
+
+@dataclass(frozen=True)
+class FeatureFlagTreatment:
+    flag: str
+    treatment: bool
+
+
+@dataclass(frozen=True)
+class FeatureFlagsParams:
+    flags: List[FeatureFlagWithDefault]
+
+
+@dataclass(frozen=True)
+class FeatureFlagsResponse:
+    flags: List[FeatureFlagTreatment]
+
+
 class Client(ABC):
     @abstractmethod
     def check(self) -> BackendCheckResponse:
@@ -530,6 +553,10 @@ def generate_enriched_event_input(
     ) -> BackendResponse[GenerateEnrichedEventResponse]:
         pass
 
+    @abstractmethod
+    def feature_flags(self, params: FeatureFlagsParams) -> BackendResponse[FeatureFlagsResponse]:
+        pass
+
 
 def backend_response_failed(resp: BackendResponse) -> bool:
     return resp.status_code >= 400 or resp.data.get("statusCode", 0) >= 400
@@ -546,6 +573,7 @@ def to_bulk_upload_response(data: Any) -> BackendResponse[BulkUploadResponse]:
             data_models=BulkUploadStatistics(**data.get("dataModels", default_stats)),
             lookup_tables=BulkUploadStatistics(**data.get("lookupTables", default_stats)),
             global_helpers=BulkUploadStatistics(**data.get("globalHelpers", default_stats)),
+            correlation_rules=BulkUploadStatistics(**data.get("correlationRules", default_stats)),
         ),
     )
 

panther_analysis_tool/backend/graphql/feature_flags.graphql

@@ -0,0 +1,8 @@
+query GetFeatureFlags($input: GetFeatureFlagsInput!) {
+    featureFlags(input: $input) {
+        flags {
+            flag
+            treatment
+        }
+    }
+}

panther_analysis_tool/backend/lambda_client.py

@@ -37,6 +37,8 @@
     DeleteDetectionsResponse,
     DeleteSavedQueriesParams,
     DeleteSavedQueriesResponse,
+    FeatureFlagsParams,
+    FeatureFlagsResponse,
     GenerateEnrichedEventParams,
     GenerateEnrichedEventResponse,
     GetRuleBodyParams,
@@ -334,3 +336,6 @@ def generate_enriched_event_input(
         self, params: GenerateEnrichedEventParams
     ) -> BackendResponse[GenerateEnrichedEventResponse]:
         raise BaseException("enrich-test-data is not supported with lambda client")
+
+    def feature_flags(self, params: FeatureFlagsParams) -> BackendResponse[FeatureFlagsResponse]:
+        raise BaseException("feature-flags is not supported with lambda client")

panther_analysis_tool/backend/mocks.py

@@ -11,6 +11,8 @@
 from panther_analysis_tool.backend.client import (
     DeleteDetectionsParams,
     DeleteSavedQueriesParams,
+    FeatureFlagsParams,
+    FeatureFlagsResponse,
     GenerateEnrichedEventParams,
     GenerateEnrichedEventResponse,
     GetRuleBodyParams,
@@ -87,3 +89,6 @@ def generate_enriched_event_input(
         self, params: GenerateEnrichedEventParams
     ) -> BackendResponse[GenerateEnrichedEventResponse]:
         pass
+
+    def feature_flags(self, params: FeatureFlagsParams) -> BackendResponse[FeatureFlagsResponse]:
+        pass

panther_analysis_tool/backend/public_api_client.py

@@ -44,6 +44,9 @@
     DeleteDetectionsResponse,
     DeleteSavedQueriesParams,
     DeleteSavedQueriesResponse,
+    FeatureFlagsParams,
+    FeatureFlagsResponse,
+    FeatureFlagTreatment,
     GenerateEnrichedEventParams,
     GenerateEnrichedEventResponse,
     GetRuleBodyParams,
@@ -139,6 +142,9 @@ def stop_replay_mutation(self) -> DocumentNode:
     def generate_enriched_event_query(self) -> DocumentNode:
         return self._load("generate_enriched_event")
 
+    def feature_flags_query(self) -> DocumentNode:
+        return self._load("feature_flags")
+
     def _load(self, name: str) -> DocumentNode:
         if name not in self._cache:
             self._cache[name] = Path(_get_graphql_content_filepath(name)).read_text()
@@ -536,6 +542,29 @@ def generate_enriched_event_input(
             ),
         )
 
+    def feature_flags(self, params: FeatureFlagsParams) -> BackendResponse[FeatureFlagsResponse]:
+        query = self._requests.feature_flags_query()
+        query_input = {
+            "input": {
+                "flags": [
+                    {"flag": flag.flag, "defaultTreatment": flag.default_treatment}
+                    for flag in params.flags
+                ]
+            }
+        }
+        res = self._safe_execute(query, variable_values=query_input)
+        data = res.data.get("featureFlags", {})  # type: ignore
+
+        return BackendResponse(
+            status_code=200,
+            data=FeatureFlagsResponse(
+                flags=[
+                    FeatureFlagTreatment(flag=flag.get("flag"), treatment=flag.get("treatment"))
+                    for flag in data.get("flags") or []
+                ]
+            ),
+        )
+
     def _execute(
         self,
         request: DocumentNode,

panther_analysis_tool/constants.py

@@ -102,3 +102,6 @@ class ReplayStatus:
     ERROR_COMPUTATION = "ERROR_COMPUTATION"
     EVALUATION_IN_PROGRESS = "EVALUATION_IN_PROGRESS"
     COMPUTATION_IN_PROGRESS = "COMPUTATION_IN_PROGRESS"
+
+
+ENABLE_CORRELATION_RULES_FLAG = "EnableCorrelationRules"