elastic · WafaaNasr · Nov 16, 2023 · Nov 16, 2023 · Nov 16, 2023 · Nov 16, 2023
@@ -473,4 +473,6 @@ enabled:
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/prebuilt_rules/update_prebuilt_rules_package/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/prebuilt_rules/update_prebuilt_rules_package/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_execution_logic/configs/serverless.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_execution_logic/configs/ess.config.ts
+  - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_execution_logic/configs/ess.config.ts
+  - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/serverless.config.ts
+  - x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles/configs/ess.config.ts
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -1386,6 +1386,7 @@ x-pack/test/security_solution_api_integration/test_suites/detections_response/de
 x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation @elastic/security-detection-engine
 x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions @elastic/security-detection-engine
 x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/alerts @elastic/security-detection-engine
+x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/user_roles  @elastic/security-detection-engine
 /x-pack/plugins/security_solution/server/lib/detection_engine/scripts/roles_users @elastic/security-detection-engine
 
 ## Security Threat Intelligence - Under Security Platform

diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts
@@ -14,7 +14,6 @@ export default ({ loadTestFile }: FtrProviderContext): void => {
     // action migration code. We are monitoring legacy action telemetry to clean up once we see their
     // existence being near 0.
 
-    loadTestFile(require.resolve('./check_privileges'));
     loadTestFile(require.resolve('./create_rules_bulk'));
     loadTestFile(require.resolve('./delete_rules'));
     loadTestFile(require.resolve('./delete_rules_bulk'));

diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/index.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/group10/index.ts
@@ -25,7 +25,5 @@ export default ({ loadTestFile }: FtrProviderContext): void => {
     loadTestFile(require.resolve('./perform_bulk_action'));
     loadTestFile(require.resolve('./perform_bulk_action_dry_run'));
     loadTestFile(require.resolve('./patch_rules'));
-    loadTestFile(require.resolve('./read_privileges'));
-    loadTestFile(require.resolve('./throttle'));
   });
 };
diff --git a/x-pack/test/detection_engine_api_integration/utils/index.ts b/x-pack/test/detection_engine_api_integration/utils/index.ts
@@ -15,7 +15,6 @@ export * from './create_exception_list_item';
 export * from './create_legacy_rule_action';
 export * from './create_new_action';
 export * from './create_rule';
-export * from './create_rule_with_auth';
 export * from './create_rule_with_exception_entries';
 export * from './create_rule_saved_object';
 export * from './create_signals_index';

diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json
@@ -88,7 +88,11 @@
     "rule_execution_logic:runner:serverless": "npm run run-tests:dr:default rule_execution_logic serverless serverlessEnv",
     "rule_execution_logic:qa:serverless": "npm run run-tests:dr:default rule_execution_logic serverless qaEnv",
     "rule_execution_logic:server:ess": "npm run initialize-server:dr:default rule_execution_logic ess",
-    "rule_execution_logic:runner:ess": "npm run run-tests:dr:default rule_execution_logic ess essEnv"
-
+    "rule_execution_logic:runner:ess": "npm run run-tests:dr:default rule_execution_logic ess essEnv",
+    "user_roles:server:serverless": "npm run initialize-server:dr:default user_roles serverless",
+    "user_roles:runner:serverless": "npm run run-tests:dr:default user_roles serverless serverlessEnv",
+    "user_roles:qa:serverless": "npm run run-tests:dr:default user_roles serverless qaEnv",
+    "user_roles:server:ess": "npm run initialize-server:dr:default user_roles ess",
+    "user_roles:runner:ess": "npm run run-tests:dr:default user_roles ess essEnv"
   }
 }
diff --git a/...on_api_integration/test_suites/detections_response/default_license/actions/add_actions.ts b/...on_api_integration/test_suites/detections_response/default_license/actions/add_actions.ts
@@ -6,7 +6,7 @@
  */
 
 import expect from 'expect';
-
+import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common';
 import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants';
 import {
   deleteAllRules,
@@ -55,7 +55,7 @@ export default ({ getService }: FtrProviderContext) => {
         const { body } = await supertest
           .post(DETECTION_ENGINE_RULES_URL)
           .set('kbn-xsrf', 'true')
-          .set('elastic-api-version', '2023-10-31')
+          .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
           .send(
             getCustomQueryRuleParams({
               actions: [ruleAction],
@@ -74,7 +74,7 @@ export default ({ getService }: FtrProviderContext) => {
         } = await supertest
           .post(DETECTION_ENGINE_RULES_URL)
           .set('kbn-xsrf', 'true')
-          .set('elastic-api-version', '2023-10-31')
+          .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
           .send(
             getCustomQueryRuleParams({
               index: ['logs-test'],
@@ -108,7 +108,7 @@ export default ({ getService }: FtrProviderContext) => {
         } = await supertest
           .post(DETECTION_ENGINE_RULES_URL)
           .set('kbn-xsrf', 'true')
-          .set('elastic-api-version', '2023-10-31')
+          .set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
           .send(
             getCustomQueryRuleParams({
               index: ['logs-test'],

diff --git a/...ity_and_spaces/group1/check_privileges.ts → ...fault_license/actions/check_privileges.ts b/...ity_and_spaces/group1/check_privileges.ts → ...fault_license/actions/check_privileges.ts
@@ -9,31 +9,34 @@ import expect from '@kbn/expect';
 import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants';
 import { ROLES } from '@kbn/security-solution-plugin/common/test';
 import { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine';
-import { FtrProviderContext } from '../../common/ftr_provider_context';
+
 import {
-  createSignalsIndex,
+  createAlertsIndex,
   deleteAllRules,
   waitForRulePartialFailure,
-  getRuleForSignalTesting,
+  getRuleForAlertTesting,
   createRuleWithAuth,
-  getThresholdRuleForSignalTesting,
+  getThresholdRuleForAlertTesting,
   deleteAllAlerts,
 } from '../../utils';
-import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution';
+import {
+  createUserAndRole,
+  deleteUserAndRole,
+} from '../../../../../common/services/security_solution';
 
-// eslint-disable-next-line import/no-default-export
+import { FtrProviderContext } from '../../../../ftr_provider_context';
 export default ({ getService }: FtrProviderContext) => {
   const supertest = getService('supertest');
   const esArchiver = getService('esArchiver');
   const supertestWithoutAuth = getService('supertestWithoutAuth');
   const log = getService('log');
   const es = getService('es');
 
-  describe('check_privileges', () => {
+  describe('@ess @serverless @brokenInServerless check_privileges', () => {
     before(async () => {
       await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
       await esArchiver.load('x-pack/test/functional/es_archives/security_solution/alias');
-      await createSignalsIndex(supertest, log);
+      await createAlertsIndex(supertest, log);
     });
 
     after(async () => {
@@ -60,7 +63,7 @@ export default ({ getService }: FtrProviderContext) => {
       indexTestCases.forEach((index) => {
         it(`for KQL rule with index param: ${index}`, async () => {
           const rule = {
-            ...getRuleForSignalTesting(index),
+            ...getRuleForAlertTesting(index),
             query: 'process.executable: "/usr/bin/sudo"',
           };
           await createUserAndRole(getService, ROLES.detections_admin);
@@ -96,7 +99,7 @@ export default ({ getService }: FtrProviderContext) => {
       thresholdIndexTestCases.forEach((index) => {
         it(`for threshold rule with index param: ${index}`, async () => {
           const rule: ThresholdRuleCreateProps = {
-            ...getThresholdRuleForSignalTesting(index),
+            ...getThresholdRuleForAlertTesting(index),
             threshold: {
               field: [],
               value: 700,

diff --git a/...solution_api_integration/test_suites/detections_response/default_license/actions/index.ts b/...solution_api_integration/test_suites/detections_response/default_license/actions/index.ts
@@ -11,5 +11,7 @@ export default function ({ loadTestFile }: FtrProviderContext) {
     loadTestFile(require.resolve('./add_actions'));
     loadTestFile(require.resolve('./update_actions'));
     loadTestFile(require.resolve('./migrations'));
+    loadTestFile(require.resolve('./throttle'));
+    loadTestFile(require.resolve('./check_privileges'));
   });
 }