[Cases] Fix bug when pushing a case and the closure option is set to automatic (#126705)

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
2025-04-24 01:38:56 -04:00 · 2022-03-03 16:55:17 +02:00 · 2022-03-03 16:55:17 +02:00 · 0c806e9e41
commit 0c806e9e41
parent 97adf28a72
2 changed files with 68 additions and 5 deletions
--- a/x-pack/plugins/cases/server/client/cases/push.ts
+++ b/x-pack/plugins/cases/server/client/cases/push.ts
@ -16,6 +16,7 @@ import {
  ExternalServiceResponse,
  CasesConfigureAttributes,
  ActionTypes,
+  OWNER_FIELD,
 } from '../../../common/api';

 import { createIncident, getCommentContextFromAttributes } from './utils';
@ -25,6 +26,7 @@ import { CasesClient, CasesClientArgs, CasesClientInternal } from '..';
 import { Operations } from '../../authorization';
 import { casesConnectors } from '../../connectors';
 import { getAlerts } from '../alerts/get';
+import { buildFilter } from '../utils';

 /**
 * Returns true if the case should be closed based on the configuration settings.
@ -139,12 +141,19 @@ export const push = async (

    /* End of push to external service */

+    const ownerFilter = buildFilter({
+      filters: theCase.owner,
+      field: OWNER_FIELD,
+      operator: 'or',
+      type: Operations.findConfigurations.savedObjectType,
+    });
+
    /* Start of update case with push information */
    const [myCase, myCaseConfigure, comments] = await Promise.all([
      caseService.getCase({
        id: caseId,
      }),
-      caseConfigureService.find({ unsecuredSavedObjectsClient }),
+      caseConfigureService.find({ unsecuredSavedObjectsClient, options: { filter: ownerFilter } }),
      caseService.getAllCaseComments({
        id: caseId,
        options: {
--- a/x-pack/test/cases_api_integration/security_and_spaces/tests/trial/cases/push_case.ts
+++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/trial/cases/push_case.ts
@ -33,6 +33,7 @@ import {
  getConnectorMappingsFromES,
  getCase,
  getServiceNowSimulationServer,
+  createConfiguration,
 } from '../../../../common/lib/utils';
 import { CaseConnector, CaseStatuses } from '../../../../../../plugins/cases/common/api';
 import {
@ -299,7 +300,7 @@ export default ({ getService }: FtrProviderContext): void => {

      it('should push a case that the user has permissions for', async () => {
        const { postedCase, connector } = await createCaseWithConnector({
-          supertest,
+          supertest: supertestWithoutAuth,
          serviceNowSimulatorURL,
          actionsRemover,
          auth: superUserSpace1Auth,
@ -315,7 +316,7 @@ export default ({ getService }: FtrProviderContext): void => {

      it('should not push a case that the user does not have permissions for', async () => {
        const { postedCase, connector } = await createCaseWithConnector({
-          supertest,
+          supertest: supertestWithoutAuth,
          serviceNowSimulatorURL,
          actionsRemover,
          auth: superUserSpace1Auth,
@ -336,7 +337,7 @@ export default ({ getService }: FtrProviderContext): void => {
          user.username
        } with role(s) ${user.roles.join()} - should NOT push a case`, async () => {
          const { postedCase, connector } = await createCaseWithConnector({
-            supertest,
+            supertest: supertestWithoutAuth,
            serviceNowSimulatorURL,
            actionsRemover,
            auth: superUserSpace1Auth,
@ -354,7 +355,7 @@ export default ({ getService }: FtrProviderContext): void => {

      it('should not push a case in a space that the user does not have permissions for', async () => {
        const { postedCase, connector } = await createCaseWithConnector({
-          supertest,
+          supertest: supertestWithoutAuth,
          serviceNowSimulatorURL,
          actionsRemover,
          auth: { user: superUser, space: 'space2' },
@ -368,6 +369,59 @@ export default ({ getService }: FtrProviderContext): void => {
          expectedHttpCode: 403,
        });
      });
+
+      it('should respect closure options of the current owner when pushing', async () => {
+        await createConfiguration(
+          supertestWithoutAuth,
+          {
+            ...getConfigurationRequest(),
+            owner: 'securitySolutionFixture',
+            closure_type: 'close-by-user',
+          },
+          200,
+          {
+            user: superUser,
+            space: 'space1',
+          }
+        );
+
+        await createConfiguration(
+          supertestWithoutAuth,
+          {
+            ...getConfigurationRequest(),
+            owner: 'observabilityFixture',
+            closure_type: 'close-by-pushing',
+          },
+          200,
+          {
+            user: superUser,
+            space: 'space1',
+          }
+        );
+
+        const { postedCase, connector } = await createCaseWithConnector({
+          supertest: supertestWithoutAuth,
+          serviceNowSimulatorURL,
+          actionsRemover,
+          auth: { user: superUser, space: 'space1' },
+        });
+
+        await pushCase({
+          supertest: supertestWithoutAuth,
+          caseId: postedCase.id,
+          connectorId: connector.id,
+          auth: { user: superUser, space: 'space1' },
+        });
+
+        const theCase = await getCase({
+          supertest: supertestWithoutAuth,
+          caseId: postedCase.id,
+          includeComments: false,
+          auth: { user: superUser, space: 'space1' },
+        });
+
+        expect(theCase.status).to.eql('open');
+      });
    });
  });
 };