diff --git a/.buildkite/ftr_configs.yml b/.buildkite/ftr_configs.yml index 0f7a75bde1869..5690baa326b92 100644 --- a/.buildkite/ftr_configs.yml +++ b/.buildkite/ftr_configs.yml @@ -473,4 +473,6 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/prebuilt_rules/update_prebuilt_rules_package/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/prebuilt_rules/update_prebuilt_rules_package/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_execution_logic/configs/serverless.config.ts - - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_execution_logic/configs/ess.config.ts \ No newline at end of file + - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_execution_logic/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/ess.config.ts diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 109bab65da3d2..3900fc90d9bca 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1386,6 +1386,7 @@ x-pack/test/security_solution_api_integration/test_suites/detections_response/de x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation @elastic/security-detection-engine x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions @elastic/security-detection-engine x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/alerts @elastic/security-detection-engine +x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles @elastic/security-detection-engine /x-pack/plugins/security_solution/server/lib/detection_engine/scripts/roles_users @elastic/security-detection-engine ## Security Threat Intelligence - Under Security Platform diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts index 44d912f3271c6..d3e83305ad11e 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts @@ -14,7 +14,6 @@ export default ({ loadTestFile }: FtrProviderContext): void => { // action migration code. We are monitoring legacy action telemetry to clean up once we see their // existence being near 0. - loadTestFile(require.resolve('./check_privileges')); loadTestFile(require.resolve('./create_rules_bulk')); loadTestFile(require.resolve('./delete_rules')); loadTestFile(require.resolve('./delete_rules_bulk')); diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/index.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/index.ts index c894596977061..70b50d7f5aef3 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/index.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/index.ts @@ -25,7 +25,5 @@ export default ({ loadTestFile }: FtrProviderContext): void => { loadTestFile(require.resolve('./perform_bulk_action')); loadTestFile(require.resolve('./perform_bulk_action_dry_run')); loadTestFile(require.resolve('./patch_rules')); - loadTestFile(require.resolve('./read_privileges')); - loadTestFile(require.resolve('./throttle')); }); }; diff --git a/x-pack/test/detection_engine_api_integration/utils/index.ts b/x-pack/test/detection_engine_api_integration/utils/index.ts index 1c62f3dc2c123..770906789f328 100644 --- a/x-pack/test/detection_engine_api_integration/utils/index.ts +++ b/x-pack/test/detection_engine_api_integration/utils/index.ts @@ -15,7 +15,6 @@ export * from './create_exception_list_item'; export * from './create_legacy_rule_action'; export * from './create_new_action'; export * from './create_rule'; -export * from './create_rule_with_auth'; export * from './create_rule_with_exception_entries'; export * from './create_rule_saved_object'; export * from './create_signals_index'; diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json index 95b8972021d56..0b2fb7c4416c4 100644 --- a/x-pack/test/security_solution_api_integration/package.json +++ b/x-pack/test/security_solution_api_integration/package.json @@ -88,7 +88,11 @@ "rule_execution_logic:runner:serverless": "npm run run-tests:dr:default rule_execution_logic serverless serverlessEnv", "rule_execution_logic:qa:serverless": "npm run run-tests:dr:default rule_execution_logic serverless qaEnv", "rule_execution_logic:server:ess": "npm run initialize-server:dr:default rule_execution_logic ess", - "rule_execution_logic:runner:ess": "npm run run-tests:dr:default rule_execution_logic ess essEnv" - + "rule_execution_logic:runner:ess": "npm run run-tests:dr:default rule_execution_logic ess essEnv", + "user_roles:server:serverless": "npm run initialize-server:dr:default user_roles serverless", + "user_roles:runner:serverless": "npm run run-tests:dr:default user_roles serverless serverlessEnv", + "user_roles:qa:serverless": "npm run run-tests:dr:default user_roles serverless qaEnv", + "user_roles:server:ess": "npm run initialize-server:dr:default user_roles ess", + "user_roles:runner:ess": "npm run run-tests:dr:default user_roles ess essEnv" } } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/add_actions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/add_actions.ts index 8046eb89e0a28..1e4b1692cf9fc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/add_actions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/add_actions.ts @@ -6,7 +6,7 @@ */ import expect from 'expect'; - +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { deleteAllRules, @@ -55,7 +55,7 @@ export default ({ getService }: FtrProviderContext) => { const { body } = await supertest .post(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') .send( getCustomQueryRuleParams({ actions: [ruleAction], @@ -74,7 +74,7 @@ export default ({ getService }: FtrProviderContext) => { } = await supertest .post(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') .send( getCustomQueryRuleParams({ index: ['logs-test'], @@ -108,7 +108,7 @@ export default ({ getService }: FtrProviderContext) => { } = await supertest .post(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') .send( getCustomQueryRuleParams({ index: ['logs-test'], diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/check_privileges.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/check_privileges.ts similarity index 89% rename from x-pack/test/detection_engine_api_integration/security_and_spaces/group1/check_privileges.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/check_privileges.ts index 3a016fe68618d..cbcd75074b57c 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/check_privileges.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/check_privileges.ts @@ -9,19 +9,22 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; import { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; + import { - createSignalsIndex, + createAlertsIndex, deleteAllRules, waitForRulePartialFailure, - getRuleForSignalTesting, + getRuleForAlertTesting, createRuleWithAuth, - getThresholdRuleForSignalTesting, + getThresholdRuleForAlertTesting, deleteAllAlerts, } from '../../utils'; -import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution'; +import { + createUserAndRole, + deleteUserAndRole, +} from '../../../../../common/services/security_solution'; -// eslint-disable-next-line import/no-default-export +import { FtrProviderContext } from '../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const esArchiver = getService('esArchiver'); @@ -29,11 +32,11 @@ export default ({ getService }: FtrProviderContext) => { const log = getService('log'); const es = getService('es'); - describe('check_privileges', () => { + describe('@ess @serverless @brokenInServerless check_privileges', () => { before(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); await esArchiver.load('x-pack/test/functional/es_archives/security_solution/alias'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); after(async () => { @@ -60,7 +63,7 @@ export default ({ getService }: FtrProviderContext) => { indexTestCases.forEach((index) => { it(`for KQL rule with index param: ${index}`, async () => { const rule = { - ...getRuleForSignalTesting(index), + ...getRuleForAlertTesting(index), query: 'process.executable: "/usr/bin/sudo"', }; await createUserAndRole(getService, ROLES.detections_admin); @@ -96,7 +99,7 @@ export default ({ getService }: FtrProviderContext) => { thresholdIndexTestCases.forEach((index) => { it(`for threshold rule with index param: ${index}`, async () => { const rule: ThresholdRuleCreateProps = { - ...getThresholdRuleForSignalTesting(index), + ...getThresholdRuleForAlertTesting(index), threshold: { field: [], value: 700, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/index.ts index 5c26d445eb158..4eb7f7eac6978 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/index.ts @@ -11,5 +11,7 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./add_actions')); loadTestFile(require.resolve('./update_actions')); loadTestFile(require.resolve('./migrations')); + loadTestFile(require.resolve('./throttle')); + loadTestFile(require.resolve('./check_privileges')); }); } diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/throttle.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/throttle.ts similarity index 78% rename from x-pack/test/detection_engine_api_integration/security_and_spaces/group10/throttle.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/throttle.ts index 34984d4ea0dc8..ee5d81b9f29fb 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/throttle.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/throttle.ts @@ -13,20 +13,24 @@ import { NOTIFICATION_THROTTLE_NO_ACTIONS, NOTIFICATION_THROTTLE_RULE, } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; import { - createSignalsIndex, + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; +import { + createAlertsIndex, deleteAllRules, deleteAllAlerts, getWebHookAction, getRuleWithWebHookAction, createRule, getSimpleRule, - getRule, + fetchRule, updateRule, } from '../../utils'; -// eslint-disable-next-line import/no-default-export +import { FtrProviderContext } from '../../../../ftr_provider_context'; + export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); @@ -45,10 +49,10 @@ export default ({ getService }: FtrProviderContext) => { * https://www.elastic.co/guide/en/kibana/current/mute-all-alerts-api.html * https://www.elastic.co/guide/en/security/current/rules-api-create.html */ - describe('throttle', () => { + describe('@ess @serverless throttle', () => { describe('adding actions', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -62,13 +66,17 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); const rule = await createRule(supertest, log, getRuleWithWebHookAction(hookAction.id)); const { body: { mute_all: muteAll, notify_when: notifyWhen, actions }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(actions.length).to.eql(1); expect(actions[0].frequency).to.eql({ @@ -87,7 +95,9 @@ export default ({ getService }: FtrProviderContext) => { const rule = await createRule(supertest, log, ruleWithThrottle); const { body: { mute_all: muteAll, notify_when: notifyWhen }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(notifyWhen).to.eql(null); }); @@ -97,6 +107,7 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -107,7 +118,9 @@ export default ({ getService }: FtrProviderContext) => { const rule = await createRule(supertest, log, ruleWithThrottle); const { body: { mute_all: muteAll, notify_when: notifyWhen }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(notifyWhen).to.eql(null); }); @@ -120,7 +133,9 @@ export default ({ getService }: FtrProviderContext) => { const rule = await createRule(supertest, log, ruleWithThrottle); const { body: { mute_all: muteAll, notify_when: notifyWhen }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(notifyWhen).to.eql(null); }); @@ -140,6 +155,8 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -150,7 +167,9 @@ export default ({ getService }: FtrProviderContext) => { const rule = await createRule(supertest, log, ruleWithThrottle); const { body: { mute_all: muteAll, notify_when: notifyWhen, actions }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(actions.length).to.eql(1); expect(actions[0].frequency).to.eql({ @@ -169,7 +188,9 @@ export default ({ getService }: FtrProviderContext) => { const rule = await createRule(supertest, log, ruleWithThrottle); const { body: { mute_all: muteAll, notify_when: notifyWhen }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(notifyWhen).to.eql(null); }); @@ -179,6 +200,8 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -189,7 +212,9 @@ export default ({ getService }: FtrProviderContext) => { const rule = await createRule(supertest, log, ruleWithThrottle); const { body: { mute_all: muteAll, notify_when: notifyWhen, actions }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(actions.length).to.eql(1); expect(actions[0].frequency).to.eql({ @@ -207,11 +232,13 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); const rule = await createRule(supertest, log, getRuleWithWebHookAction(hookAction.id)); - const readRule = await getRule(supertest, log, rule.rule_id); + const readRule = await fetchRule(supertest, { ruleId: rule.rule_id }); expect(readRule.throttle).to.eql(undefined); }); @@ -221,7 +248,7 @@ export default ({ getService }: FtrProviderContext) => { throttle: NOTIFICATION_THROTTLE_NO_ACTIONS, }; const rule = await createRule(supertest, log, ruleWithThrottle); - const readRule = await getRule(supertest, log, rule.rule_id); + const readRule = await fetchRule(supertest, { ruleId: rule.rule_id }); expect(readRule.throttle).to.eql(undefined); }); @@ -232,7 +259,7 @@ export default ({ getService }: FtrProviderContext) => { throttle: NOTIFICATION_THROTTLE_RULE, }; const rule = await createRule(supertest, log, ruleWithThrottle); - const readRule = await getRule(supertest, log, rule.rule_id); + const readRule = await fetchRule(supertest, { ruleId: rule.rule_id }); expect(readRule.throttle).to.eql(undefined); }); @@ -241,6 +268,8 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -248,9 +277,11 @@ export default ({ getService }: FtrProviderContext) => { await supertest .post(`/api/alerting/rule/${rule.id}/_mute_all`) .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send() .expect(204); - const readRule = await getRule(supertest, log, rule.rule_id); + const readRule = await fetchRule(supertest, { ruleId: rule.rule_id }); expect(readRule.throttle).to.eql(undefined); }); }); @@ -261,13 +292,15 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); const ruleWithWebHookAction = getRuleWithWebHookAction(hookAction.id); await createRule(supertest, log, ruleWithWebHookAction); ruleWithWebHookAction.name = 'some other name'; - const updated = await updateRule(supertest, log, ruleWithWebHookAction); + const updated = await updateRule(supertest, ruleWithWebHookAction); expect(updated.throttle).to.eql(undefined); }); @@ -276,16 +309,20 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); const ruleWithWebHookAction = getRuleWithWebHookAction(hookAction.id); await createRule(supertest, log, ruleWithWebHookAction); ruleWithWebHookAction.name = 'some other name'; - const updated = await updateRule(supertest, log, ruleWithWebHookAction); + const updated = await updateRule(supertest, ruleWithWebHookAction); const { body: { mute_all: muteAll, notify_when: notifyWhen }, - } = await supertest.get(`/api/alerting/rule/${updated.id}`); + } = await supertest + .get(`/api/alerting/rule/${updated.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(notifyWhen).to.eql(null); }); @@ -296,13 +333,15 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); const ruleWithWebHookAction = getRuleWithWebHookAction(hookAction.id); await createRule(supertest, log, ruleWithWebHookAction); ruleWithWebHookAction.actions = []; - const updated = await updateRule(supertest, log, ruleWithWebHookAction); + const updated = await updateRule(supertest, ruleWithWebHookAction); expect(updated.throttle).to.eql(undefined); }); }); @@ -313,6 +352,8 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -322,10 +363,11 @@ export default ({ getService }: FtrProviderContext) => { await supertest .patch(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ rule_id: rule.rule_id, name: 'some other name' }) .expect(200); - const readRule = await getRule(supertest, log, rule.rule_id); + const readRule = await fetchRule(supertest, { ruleId: rule.rule_id }); expect(readRule.throttle).to.eql(undefined); }); @@ -334,6 +376,8 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -343,12 +387,15 @@ export default ({ getService }: FtrProviderContext) => { await supertest .patch(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ rule_id: rule.rule_id, name: 'some other name' }) .expect(200); const { body: { mute_all: muteAll, notify_when: notifyWhen }, - } = await supertest.get(`/api/alerting/rule/${rule.id}`); + } = await supertest + .get(`/api/alerting/rule/${rule.id}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(muteAll).to.eql(false); expect(notifyWhen).to.eql(null); }); @@ -359,6 +406,8 @@ export default ({ getService }: FtrProviderContext) => { const { body: hookAction } = await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(getWebHookAction()) .expect(200); @@ -368,10 +417,11 @@ export default ({ getService }: FtrProviderContext) => { await supertest .patch(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ rule_id: rule.rule_id, actions: [] }) .expect(200); - const readRule = await getRule(supertest, log, rule.rule_id); + const readRule = await fetchRule(supertest, { ruleId: rule.rule_id }); expect(readRule.throttle).to.eql(undefined); }); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/ess.config.ts new file mode 100644 index 0000000000000..59e01e74c719c --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/ess.config.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../config/ess/config.base.trial') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: 'Detection Engine ESS - User roles API Integration Tests', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/serverless.config.ts new file mode 100644 index 0000000000000..d8e9843c3eb92 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/serverless.config.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../config/serverless/config.base'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: 'Detection Engine Serverless - User roles API Integration Tests', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/index.ts new file mode 100644 index 0000000000000..7c1d0fe7cc751 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../ftr_provider_context'; + +export default ({ loadTestFile }: FtrProviderContext): void => { + describe('Detection User Roles APIs', function () { + loadTestFile(require.resolve('./read_privileges')); + }); +}; diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/read_privileges.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/read_privileges.ts similarity index 98% rename from x-pack/test/detection_engine_api_integration/security_and_spaces/group10/read_privileges.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/read_privileges.ts index b95c6771367f4..ee55d4ebfb331 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/read_privileges.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/read_privileges.ts @@ -9,15 +9,17 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_PRIVILEGES_URL } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution'; +import { + createUserAndRole, + deleteUserAndRole, +} from '../../../../../common/services/security_solution'; +import { FtrProviderContext } from '../../../../ftr_provider_context'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const supertestWithoutAuth = getService('supertestWithoutAuth'); - describe('read_privileges', () => { + describe('@ess @serverless @brokenInServerless read_privileges', () => { it('should return expected privileges for elastic admin', async () => { const { body } = await supertest.get(DETECTION_ENGINE_PRIVILEGES_URL).send().expect(200); expect(body).to.eql({ diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_action.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_action.ts index 1ddce1f07114c..79ea9738372f0 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_action.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/create_new_action.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { RuleAction } from '@kbn/security-solution-plugin/common/api/detection_engine'; import type SuperTest from 'supertest'; @@ -23,7 +24,7 @@ export const createWebHookRuleAction = async ( await supertest .post('/api/actions/action') .set('kbn-xsrf', 'true') - .set('x-elastic-internal-origin', 'foo') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'foo') .send(getWebHookAction()) .expect(200) ).body; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule.ts index cd3fb09ced4e9..ac6e44b2aab83 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import type { ToolingLog } from '@kbn/tooling-log'; import type SuperTest from 'supertest'; import type { @@ -35,7 +36,7 @@ export const createRule = async ( const response = await supertest .post(route) .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') + .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31') .send(rule); if (response.status === 409) { if (rule.rule_id != null) { diff --git a/x-pack/test/detection_engine_api_integration/utils/create_rule_with_auth.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/create_rule_with_auth.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_auth.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts index 193d1a4090dc2..00e5fa399bd04 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts @@ -31,8 +31,10 @@ export * from './get_saved_query_rule_for_alert_testing'; export * from './get_rule_so_by_id'; export * from './create_rule_saved_object'; export * from './get_rule_with_legacy_investigation_fields'; +export * from './create_rule_with_auth'; export * from './preview_rule'; export * from './preview_rule_with_exception_entries'; export * from './patch_rule'; export * from './generate_event'; + export * from './prebuilt_rules';