refactor: Change error message when the user do not run a cypher before saving a rule BED-6921

[LucasParraF]

Description

On Privilege Zone, when a user is creating a rule using cypher and they attempt to move forward without running the cypher query first, we are displaying the following message "An unexpected error occurred while creating the rule. Message: seeds are required. Please try again.". We want to change the verbiage displayed to be more clear to the user on what should be done.

Motivation and Context

Resolves https://specterops.atlassian.net/browse/BED-6921

How Has This Been Tested?

Tested locally

Screenshots (optional):

Types of changes

• Chore (a change that does not modify the application functionality)

Checklist:

• I have met the contributing prerequisites
  • Assigned myself to this PR
  • Added the appropriate labels
  • Associated an issue: Issues and Pull Requests README #672
  • Read the Contributing guide: https://github.com/SpecterOps/BloodHound/wiki/Contributing
• I have ensured that related documentation is up-to-date
  • Open API docs
  • Code comments (GoDocs / JSDocs)
• I have followed proper test practices
  • Added/updated tests to cover my changes
  • All new and existing tests passed

Summary by CodeRabbit

• Bug Fixes

  • Improved error messaging for Privilege Zones, including a specific guidance when seeds/Cypher are required.

• Refactor

  • Centralized and simplified API error mapping for more consistent user-facing notifications.

• Tests

  • Added tests covering multiple API error scenarios to verify displayed messages and notification behavior.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Added an internal helper to centralize API error-message mapping for privilege-zone save error handling, refactored handleError to use it (including a specific "seeds are required" case), and added unit tests covering multiple Axios-like error shapes and notification outcomes.

Changes

Cohort / File(s)	Summary
Error handling helper packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts	Added internal getErrorMessage to centralize API error message mapping and refactored handleError to use it; introduced a specific case for API message seeds are required while preserving fallback behavior.
Unit tests packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts	New tests for handleError exercising various Axios-like error shapes (response.errors array, name-unique errors, Cypher-related seeds are required, and statusText-only) and asserting notification messages and options.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Review branching and exact message text in getErrorMessage.
• Verify tests exercise edge cases (missing fields, different response shapes) and that notificationOptions are consistent.
• Ensure no regressions in callers of handleError.

Poem

🐇 I hop through code with a curious cheer,

I bundled errors so messages are clear,
When seeds are missing I whisper of Cypher,
A tidy little fix from a debugging sniffer,
Carrot crumbs lead to tests passing near.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title clearly describes the main change: updating error messaging for Cypher prerequisite validation in Privilege Zone rule creation.
Description check	✅ Passed	The PR description includes the required template sections with adequate detail, but the 'How Has This Been Tested?' section lacks specificity about the actual test coverage.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch BED-6921-Change-error-message-when-the-user-do-not-run-a-cypher-before-saving-a-rule

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 31424a5 and 25ff7df.

📒 Files selected for processing (1)

• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Build BloodHound Container Image / Build and Package Container
• GitHub Check: build-ui
• GitHub Check: run-tests
• GitHub Check: run-analysis

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts (1)

44-44: Minor: Consider consistent capitalization of "Cypher".

The term "cypher" appears lowercase twice in this message. Cypher is typically capitalized as a proper noun (the query language name). Consider updating for consistency.

-                    message = `To save a ${entity} created using cypher, the cypher must be run first. Click "Update Sample Results" to continue`;
+                    message = `To save a ${entity} created using Cypher, the Cypher query must be run first. Click "Update Sample Results" to continue`;

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8f5be43 and c681e63.

📒 Files selected for processing (1)

• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: jvacca-specterops
Repo: SpecterOps/BloodHound PR: 1823
File: packages/javascript/bh-shared-ui/src/commonSearchesAGT.ts:184-187
Timestamp: 2025-08-27T21:15:32.207Z
Learning: In the BloodHound codebase, syntax fixes for invalid Cypher patterns (like `*..` → `*1..`) may be considered out of scope for specific PRs, even when flagged during review.

📚 Learning: 2025-09-08T19:01:53.112Z

Learnt from: jvacca-specterops
Repo: SpecterOps/BloodHound PR: 1823
File: packages/javascript/bh-shared-ui/src/views/Explore/ExploreSearch/CypherSearch.tsx:108-148
Timestamp: 2025-09-08T19:01:53.112Z
Learning: In BloodHound's CypherSearch component (packages/javascript/bh-shared-ui/src/views/Explore/ExploreSearch/CypherSearch.tsx), the sharing state reset for sharedIds and isPublic after the two-step permissions update is handled elsewhere in the codebase, so additional state reset callbacks in the updateQueryPermissions function are not needed.

Applied to files:

• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts

🔇 Additional comments (1)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts (1)

38-50: Button label and error handling verified.

The button label "Update Sample Results" is correctly referenced and exists in the codebase. The error handling code defensively manages unknown API messages by falling back to a generic error message if the API response doesn't match the expected cases. The code is sound.

[urangel]

Could we make this switch statement logic a small function and add a unit test for it please? Something like apiErrorMessageToDisplay

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts (1)

41-41: Consider a more specific type for improved type safety.

The any type works for testing purposes but could be replaced with a more specific type using TypeScript's utility types.

Consider this alternative:

-// 'any' type used as an easy way to make errors optional
-const mockAxiosStatusTextOnly: any = cloneDeep(mockAxiosError);
+// Create a mock without the errors array to test statusText fallback
+const mockAxiosStatusTextOnly = cloneDeep(mockAxiosError) as typeof mockAxiosError & {
+    response: Omit<typeof mockAxiosError.response, 'data'> & {
+        data: Partial<typeof mockAxiosError.response.data>;
+    };
+};

However, given this is test code and the intent is clear, the current approach is acceptable.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c681e63 and 31424a5.

📒 Files selected for processing (2)

• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts (1 hunks)
• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: jvacca-specterops
Repo: SpecterOps/BloodHound PR: 1823
File: packages/javascript/bh-shared-ui/src/commonSearchesAGT.ts:184-187
Timestamp: 2025-08-27T21:15:32.207Z
Learning: In the BloodHound codebase, syntax fixes for invalid Cypher patterns (like `*..` → `*1..`) may be considered out of scope for specific PRs, even when flagged during review.

🧬 Code graph analysis (1)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts (1)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.ts (1)

• handleError (33-57)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Build BloodHound Container Image / Build and Package Container
• GitHub Check: run-analysis
• GitHub Check: build-ui
• GitHub Check: run-tests

🔇 Additional comments (2)

packages/javascript/bh-shared-ui/src/views/PrivilegeZones/Save/utils.test.ts (2)

47-56: LGTM!

The test constants are well-structured and align with the expected notification format from the handleError implementation.

---

58-114: Excellent test coverage for the new Cypher error handling!

The test suite comprehensively covers multiple error scenarios including the new feature for PR BED-6921. The Cypher-specific test (lines 92-103) correctly validates that when seeds are required is returned by the API, users receive actionable guidance: "To save a rule created using Cypher, the Cypher must be run first."

All test cases properly verify the notification callback parameters (message, key, options) and follow a consistent, maintainable pattern.

[urangel]

Thank you for including these tests!