github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

test deprecated siem versions in some cy tests

Browse source
This commit is contained in:
Gergő Ábrahám 2025-06-18 16:01:20 +02:00
parent 88d0605b7b
commit 4b4f49ea3d
3 changed files with 347 additions and 258 deletions
Download patch file Download diff file Expand all files Collapse all files

16
x-pack/solutions/security/plugins/security_solution/public/management/cypress/common/constants.ts
View file

@ -20,3 +20,19 @@ export const KIBANA_KNOWN_DEFAULT_ACCOUNTS = {
system_indices_superuser: 'system_indices_superuser',
admin: 'admin',
} as const;
/**
* Siem feature versions to test.
*
* When a new `siem` version is implemented, please update the list below.
*/
export const SIEM_VERSIONS = [
// deprecated siem versions
'siem',
'siemV2',
// actual version, should equal to SECURITY_FEATURE_ID
'siemV3',
] as const;
export type SiemVersion = (typeof SIEM_VERSIONS)[number];

296
x-pack/solutions/security/plugins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts
View file

@ -5,7 +5,6 @@
* 2.0.
*/
import { getRoleWithArtifactReadPrivilege } from '../../fixtures/role_with_artifact_read_privilege';
import { login, ROLE } from '../../tasks/login';
import { loadPage } from '../../tasks/common';
@ -18,26 +17,59 @@ import {
import { performUserActions } from '../../tasks/perform_user_actions';
import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts';
import type { ReturnTypeFromChainable } from '../../types';
import { SIEM_VERSIONS, type SiemVersion } from '../../common/constants';
import { SECURITY_FEATURE_ID } from '../../../../../common';
import { getT1Analyst } from '../../../../../scripts/endpoint/common/roles_users';
const loginWithWriteAccess = (url: string) => {
login(ROLE.endpoint_policy_manager);
loadPage(url);
};
const loginWithReadAccess = (privilegePrefix: string, url: string) => {
const roleWithArtifactReadPrivilege = getRoleWithArtifactReadPrivilege(privilegePrefix);
login.withCustomRole({ name: 'roleWithArtifactReadPrivilege', ...roleWithArtifactReadPrivilege });
loadPage(url);
};
const loginWithoutAccess = (url: string) => {
login(ROLE.t1_analyst);
loadPage(url);
const loginWithArtifactAccess = (
siemVersion: SiemVersion,
privilegePrefix: string,
access: 'none' | 'read' | 'all'
) => {
const base = getT1Analyst();
const customRole: typeof base = {
...base,
kibana: [
{
...base.kibana[0],
feature: {
[siemVersion]: [
// siemVX: read
'read',
// none/read/all for selected artifact
...(access !== 'none' ? [`${privilegePrefix}${access}`] : []),
],
},
},
],
};
login.withCustomRole({ name: 'customRole', ...customRole });
};
/**
* Notes:
* ESS:
* - testing NONE, READ, WRITE privileges with custom roles
* - also, all SIEM feature versions are tested to check backward compatibility
*
* Serverless: a subset of tests.
* - only NONE and WRITE privileges are tested with predefined roles
* - and only the latest SIEM feature (SECURITY_FEATURE_ID)
*
* Possible improvement: use custom roles on serverless to test the same as on ESS.
*/
describe('Artifacts pages', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => {
let endpointData: ReturnTypeFromChainable<typeof indexEndpointHosts> | undefined;
const isServerless = Cypress.env('IS_SERVERLESS');
const siemVersionsToTest = isServerless ? [SECURITY_FEATURE_ID] : SIEM_VERSIONS;
let loginWithoutAccess: () => void;
let loginWithReadAccess: () => void;
let loginWithWriteAccess: () => void;
before(() => {
indexEndpointHosts().then((indexEndpoints) => {
endpointData = indexEndpoints;
@ -55,126 +87,158 @@ describe('Artifacts pages', { tags: ['@ess', '@serverless', '@skipInServerlessMK
endpointData = undefined;
});
for (const testData of getArtifactsListTestsData()) {
describe(`When on the ${testData.title} entries list`, () => {
describe('given there are no artifacts yet', () => {
it(`no access - should show no privileges callout`, () => {
loginWithoutAccess(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj('noPrivilegesPage').should('exist');
cy.getByTestSubj('empty-page-feature-action').should('exist');
cy.getByTestSubj(testData.emptyState).should('not.exist');
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
});
for (const siemVersion of siemVersionsToTest) {
describe(siemVersion, () => {
for (const testData of getArtifactsListTestsData()) {
describe(`When on the ${testData.title} entries list`, () => {
beforeEach(() => {
const { privilegePrefix } = testData;
it(
`read - should show empty state page if there is no ${testData.title} entry and the add button does not exist`,
// there is no such role in Serverless environment that only reads artifacts
{ tags: ['@skipInServerless'] },
() => {
loginWithReadAccess(
testData.privilegePrefix,
`/app/security/administration/${testData.urlPath}`
loginWithWriteAccess = () => {
if (isServerless) {
login(ROLE.endpoint_policy_manager);
} else {
loginWithArtifactAccess(siemVersion, privilegePrefix, 'all');
}
};
loginWithReadAccess = () => {
expect(isServerless, 'Testing read access is implemented only on ESS').to.equal(
false
);
loginWithArtifactAccess(siemVersion, privilegePrefix, 'read');
};
loginWithoutAccess = () => {
if (isServerless) {
login(ROLE.t1_analyst);
} else {
loginWithArtifactAccess(siemVersion, privilegePrefix, 'none');
}
};
});
describe('given there are no artifacts yet', () => {
it(`no access - should show no privileges callout`, () => {
loginWithoutAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj('noPrivilegesPage').should('exist');
cy.getByTestSubj('empty-page-feature-action').should('exist');
cy.getByTestSubj(testData.emptyState).should('not.exist');
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
});
it(
`read - should show empty state page if there is no ${testData.title} entry and the add button does not exist`,
// there is no such role in Serverless environment that only reads artifacts
{ tags: ['@skipInServerless'] },
() => {
loginWithReadAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj(testData.emptyState).should('exist');
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
}
);
cy.getByTestSubj(testData.emptyState).should('exist');
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
}
);
it(`write - should show empty state page if there is no ${testData.title} entry and the add button exists`, () => {
loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj(testData.emptyState).should('exist');
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('exist');
});
it(`write - should show empty state page if there is no ${testData.title} entry and the add button exists`, () => {
loginWithWriteAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj(testData.emptyState).should('exist');
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('exist');
});
it(`write - should create new ${testData.title} entry`, () => {
loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`);
// Opens add flyout
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).click();
it(`write - should create new ${testData.title} entry`, () => {
loginWithWriteAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
// Opens add flyout
cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).click();
performUserActions(testData.create.formActions);
performUserActions(testData.create.formActions);
// Submit create artifact form
cy.getByTestSubj(`${testData.pagePrefix}-flyout-submitButton`).click();
// Submit create artifact form
cy.getByTestSubj(`${testData.pagePrefix}-flyout-submitButton`).click();
// Check new artifact is in the list
for (const checkResult of testData.create.checkResults) {
cy.getByTestSubj(checkResult.selector).should('have.text', checkResult.value);
}
// Check new artifact is in the list
for (const checkResult of testData.create.checkResults) {
cy.getByTestSubj(checkResult.selector).should('have.text', checkResult.value);
}
// Title is shown after adding an item
cy.getByTestSubj('header-page-title').contains(testData.title);
});
});
// Title is shown after adding an item
cy.getByTestSubj('header-page-title').contains(testData.title);
});
});
describe('given there is an existing artifact', () => {
beforeEach(() => {
createArtifactList(testData.createRequestBody.list_id);
createPerPolicyArtifact(testData.artifactName, testData.createRequestBody);
});
describe('given there is an existing artifact', () => {
beforeEach(() => {
createArtifactList(testData.createRequestBody.list_id);
createPerPolicyArtifact(testData.artifactName, testData.createRequestBody);
});
it(
`read - should not be able to update/delete an existing ${testData.title} entry`,
// there is no such role in Serverless environment that only reads artifacts
{ tags: ['@skipInServerless'] },
() => {
loginWithReadAccess(
testData.privilegePrefix,
`/app/security/administration/${testData.urlPath}`
it(
`read - should not be able to update/delete an existing ${testData.title} entry`,
// there is no such role in Serverless environment that only reads artifacts
{ tags: ['@skipInServerless'] },
() => {
loginWithReadAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj('header-page-title').contains(testData.title);
cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).should(
'not.exist'
);
cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).should('not.exist');
cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).should(
'not.exist'
);
}
);
cy.getByTestSubj('header-page-title').contains(testData.title);
cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).should(
'not.exist'
it(
`read - should not be able to create a new ${testData.title} entry`,
// there is no such role in Serverless environment that only reads artifacts
{ tags: ['@skipInServerless'] },
() => {
loginWithReadAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
cy.getByTestSubj('header-page-title').contains(testData.title);
cy.getByTestSubj(`${testData.pagePrefix}-pageAddButton`).should('not.exist');
}
);
cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).should('not.exist');
cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).should('not.exist');
}
);
it(
`read - should not be able to create a new ${testData.title} entry`,
// there is no such role in Serverless environment that only reads artifacts
{ tags: ['@skipInServerless'] },
() => {
loginWithReadAccess(
testData.privilegePrefix,
`/app/security/administration/${testData.urlPath}`
);
cy.getByTestSubj('header-page-title').contains(testData.title);
cy.getByTestSubj(`${testData.pagePrefix}-pageAddButton`).should('not.exist');
}
);
it(`write - should be able to update an existing ${testData.title} entry`, () => {
loginWithWriteAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
// Opens edit flyout
cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).click();
cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).click();
it(`write - should be able to update an existing ${testData.title} entry`, () => {
loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`);
// Opens edit flyout
cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).click();
cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).click();
performUserActions(testData.update.formActions);
performUserActions(testData.update.formActions);
// Submit edit artifact form
cy.getByTestSubj(`${testData.pagePrefix}-flyout-submitButton`).click();
// Submit edit artifact form
cy.getByTestSubj(`${testData.pagePrefix}-flyout-submitButton`).click();
for (const checkResult of testData.update.checkResults) {
cy.getByTestSubj(checkResult.selector).should('have.text', checkResult.value);
}
for (const checkResult of testData.update.checkResults) {
cy.getByTestSubj(checkResult.selector).should('have.text', checkResult.value);
}
// Title still shown after editing an item
cy.getByTestSubj('header-page-title').contains(testData.title);
});
// Title still shown after editing an item
cy.getByTestSubj('header-page-title').contains(testData.title);
it(`write - should be able to delete the existing ${testData.title} entry`, () => {
loginWithWriteAccess();
loadPage(`/app/security/administration/${testData.urlPath}`);
// Remove it
cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).click();
cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).click();
cy.getByTestSubj(`${testData.pagePrefix}-deleteModal-submitButton`).click();
// No card visible after removing it
cy.getByTestSubj(testData.delete.card).should('not.exist');
// Empty state is displayed after removing last item
cy.getByTestSubj(testData.emptyState).should('exist');
});
});
});
it(`write - should be able to delete the existing ${testData.title} entry`, () => {
loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`);
// Remove it
cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).click();
cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).click();
cy.getByTestSubj(`${testData.pagePrefix}-deleteModal-submitButton`).click();
// No card visible after removing it
cy.getByTestSubj(testData.delete.card).should('not.exist');
// Empty state is displayed after removing last item
cy.getByTestSubj(testData.emptyState).should('exist');
});
});
}
});
}
});

293
x-pack/solutions/security/plugins/security_solution/public/management/cypress/e2e/endpoint_list/endpoints_rbac_mocked_data.cy.ts
View file

@ -13,19 +13,22 @@ import type { ReturnTypeFromChainable } from '../../types';
import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts';
import { login } from '../../tasks/login';
import { loadPage } from '../../tasks/common';
import { SIEM_VERSIONS, type SiemVersion } from '../../common/constants';
describe('Endpoints RBAC', { tags: ['@ess'] }, () => {
describe('Endpoints page RBAC', { tags: ['@ess'] }, () => {
type Privilege = 'all' | 'read' | 'none';
const PRIVILEGES: Privilege[] = ['none', 'read', 'all'];
const loginWithCustomRole: (privileges: {
integrationsPrivilege?: Privilege;
fleetPrivilege?: Privilege;
endpointPolicyManagementPrivilege?: Privilege;
integrationsPrivilege: Privilege;
fleetPrivilege: Privilege;
endpointPolicyManagementPrivilege: Privilege;
siemVersion: SiemVersion;
}) => void = ({
integrationsPrivilege = 'none',
fleetPrivilege = 'none',
endpointPolicyManagementPrivilege = 'none',
integrationsPrivilege,
fleetPrivilege,
endpointPolicyManagementPrivilege,
siemVersion,
}) => {
const base = getT1Analyst();
@ -35,9 +38,8 @@ describe('Endpoints RBAC', { tags: ['@ess'] }, () => {
{
...base.kibana[0],
feature: {
...base.kibana[0].feature,
[SECURITY_FEATURE_ID]: [
...base.kibana[0].feature[SECURITY_FEATURE_ID],
[siemVersion]: [
'all',
`endpoint_list_all`,
`policy_management_${endpointPolicyManagementPrivilege}`,
],
@ -51,151 +53,158 @@ describe('Endpoints RBAC', { tags: ['@ess'] }, () => {
login.withCustomRole({ name: 'customRole', ...customRole });
};
beforeEach(() => {
login();
it('latest siem version should be in version list', () => {
expect(SIEM_VERSIONS.at(-1)).to.equal(SECURITY_FEATURE_ID);
});
describe('neither Defend policy nor hosts are present', () => {
for (const endpointPolicyManagementPrivilege of PRIVILEGES) {
describe(`endpoint policy management privilege is ${endpointPolicyManagementPrivilege}`, () => {
for (const fleetPrivilege of PRIVILEGES) {
for (const integrationsPrivilege of PRIVILEGES) {
const shouldAllowOnboarding =
fleetPrivilege === 'all' && integrationsPrivilege === 'all';
for (const siemVersion of SIEM_VERSIONS) {
describe(siemVersion, () => {
describe('neither Defend policy nor hosts are present', () => {
for (const endpointPolicyManagementPrivilege of PRIVILEGES) {
describe(`endpoint policy management privilege is ${endpointPolicyManagementPrivilege}`, () => {
for (const fleetPrivilege of PRIVILEGES) {
for (const integrationsPrivilege of PRIVILEGES) {
const shouldAllowOnboarding =
fleetPrivilege === 'all' && integrationsPrivilege === 'all';
it(`should show onboarding screen ${
shouldAllowOnboarding ? 'with' : 'without'
} 'Add Elastic Defend' button with fleet:${fleetPrivilege} and integrations:${integrationsPrivilege}`, () => {
loginWithCustomRole({
endpointPolicyManagementPrivilege,
fleetPrivilege,
integrationsPrivilege,
});
it(`should show onboarding screen ${
shouldAllowOnboarding ? 'with' : 'without'
} 'Add Elastic Defend' button with fleet:${fleetPrivilege} and integrations:${integrationsPrivilege}`, () => {
loginWithCustomRole({
endpointPolicyManagementPrivilege,
fleetPrivilege,
integrationsPrivilege,
siemVersion,
});
loadPage(APP_ENDPOINTS_PATH);
loadPage(APP_ENDPOINTS_PATH);
cy.getByTestSubj('policyOnboardingInstructions').should('exist');
if (shouldAllowOnboarding) {
cy.getByTestSubj('onboardingStartButton').should('exist');
} else {
cy.getByTestSubj('onboardingStartButton').should('not.exist');
cy.getByTestSubj('policyOnboardingInstructions').should('exist');
if (shouldAllowOnboarding) {
cy.getByTestSubj('onboardingStartButton').should('exist');
} else {
cy.getByTestSubj('onboardingStartButton').should('not.exist');
}
});
}
});
}
}
});
}
});
}
});
describe('Defend policy is present, but no hosts', () => {
let loadedPolicyData: IndexedFleetEndpointPolicyResponse;
describe('Defend policy is present, but no hosts', () => {
let loadedPolicyData: IndexedFleetEndpointPolicyResponse;
before(() => {
cy.task(
'indexFleetEndpointPolicy',
{ policyName: 'tests-serverless' },
{ timeout: 5 * 60 * 1000 }
).then((res) => {
const response = res as IndexedFleetEndpointPolicyResponse;
loadedPolicyData = response;
});
});
after(() => {
if (loadedPolicyData) {
cy.task('deleteIndexedFleetEndpointPolicies', loadedPolicyData);
}
});
for (const endpointPolicyManagementPrivilege of PRIVILEGES) {
describe(`endpoint policy management privilege is ${endpointPolicyManagementPrivilege}`, () => {
for (const fleetPrivilege of PRIVILEGES) {
for (const integrationsPrivilege of PRIVILEGES) {
const shouldShowOnboardingSteps =
(fleetPrivilege === 'all' && integrationsPrivilege === 'read') ||
(fleetPrivilege === 'all' && integrationsPrivilege === 'all');
it(`should ${
shouldShowOnboardingSteps ? '' : ' NOT '
} show onboarding steps with fleet:${fleetPrivilege} and integrations:${integrationsPrivilege}`, () => {
loginWithCustomRole({
endpointPolicyManagementPrivilege,
fleetPrivilege,
integrationsPrivilege,
});
loadPage(APP_ENDPOINTS_PATH);
if (shouldShowOnboardingSteps) {
cy.getByTestSubj('emptyHostsTable').should('exist');
cy.getByTestSubj('onboardingSteps').should('exist');
} else {
// without correct privileges, fall back to empty policy table note showing that Fleet privilege is required
cy.getByTestSubj('emptyPolicyTable').should('exist');
cy.getByTestSubj('onboardingStartButton').should('not.exist');
}
});
}
}
});
}
});
describe('some hosts are enrolled', () => {
let endpointData: ReturnTypeFromChainable<typeof indexEndpointHosts>;
before(() => {
indexEndpointHosts({ count: 1 }).then((indexEndpoints) => {
endpointData = indexEndpoints;
});
});
after(() => {
if (endpointData) {
endpointData.cleanup();
// @ts-expect-error ignore setting to undefined
endpointData = undefined;
}
});
beforeEach(() => {
// if there is a request towards this API, it should return 200
cy.intercept(PACKAGE_POLICY_API_ROUTES.BULK_GET_PATTERN, (req) => {
req.on('response', (res) => {
expect(res.statusCode).to.equal(200);
before(() => {
cy.task(
'indexFleetEndpointPolicy',
{ policyName: 'tests-serverless' },
{ timeout: 5 * 60 * 1000 }
).then((res) => {
const response = res as IndexedFleetEndpointPolicyResponse;
loadedPolicyData = response;
});
});
});
});
for (const endpointPolicyManagementPrivilege of PRIVILEGES) {
describe(`endpoint policy management privilege is ${endpointPolicyManagementPrivilege}`, () => {
for (const fleetPrivilege of PRIVILEGES) {
for (const integrationsPrivilege of PRIVILEGES) {
const shouldProvidePolicyLink = endpointPolicyManagementPrivilege !== 'none';
it(`should show Endpoint list ${
shouldProvidePolicyLink ? 'with' : 'without'
} link to Endpoint Policy with fleet:${fleetPrivilege} and integrations:${integrationsPrivilege}`, () => {
loginWithCustomRole({
endpointPolicyManagementPrivilege,
fleetPrivilege,
integrationsPrivilege,
});
loadPage(APP_ENDPOINTS_PATH);
cy.getByTestSubj('policyNameCellLink').should('exist');
cy.getByTestSubj('policyNameCellLink').within(() => {
if (shouldProvidePolicyLink) {
cy.get('a').should('have.attr', 'href');
} else {
cy.get('a').should('not.exist');
}
});
});
after(() => {
if (loadedPolicyData) {
cy.task('deleteIndexedFleetEndpointPolicies', loadedPolicyData);
}
});
for (const endpointPolicyManagementPrivilege of PRIVILEGES) {
describe(`endpoint policy management privilege is ${endpointPolicyManagementPrivilege}`, () => {
for (const fleetPrivilege of PRIVILEGES) {
for (const integrationsPrivilege of PRIVILEGES) {
const shouldShowOnboardingSteps =
(fleetPrivilege === 'all' && integrationsPrivilege === 'read') ||
(fleetPrivilege === 'all' && integrationsPrivilege === 'all');
it(`should ${
shouldShowOnboardingSteps ? '' : ' NOT '
} show onboarding steps with fleet:${fleetPrivilege} and integrations:${integrationsPrivilege}`, () => {
loginWithCustomRole({
endpointPolicyManagementPrivilege,
fleetPrivilege,
integrationsPrivilege,
siemVersion,
});
loadPage(APP_ENDPOINTS_PATH);
if (shouldShowOnboardingSteps) {
cy.getByTestSubj('emptyHostsTable').should('exist');
cy.getByTestSubj('onboardingSteps').should('exist');
} else {
// without correct privileges, fall back to empty policy table note showing that Fleet privilege is required
cy.getByTestSubj('emptyPolicyTable').should('exist');
cy.getByTestSubj('onboardingStartButton').should('not.exist');
}
});
}
}
});
}
});
}
});
describe('some hosts are enrolled', () => {
let endpointData: ReturnTypeFromChainable<typeof indexEndpointHosts>;
before(() => {
indexEndpointHosts({ count: 1 }).then((indexEndpoints) => {
endpointData = indexEndpoints;
});
});
after(() => {
if (endpointData) {
endpointData.cleanup();
// @ts-expect-error ignore setting to undefined
endpointData = undefined;
}
});
beforeEach(() => {
// if there is a request towards this API, it should return 200
cy.intercept(PACKAGE_POLICY_API_ROUTES.BULK_GET_PATTERN, (req) => {
req.on('response', (res) => {
expect(res.statusCode).to.equal(200);
});
});
});
for (const endpointPolicyManagementPrivilege of PRIVILEGES) {
describe(`endpoint policy management privilege is ${endpointPolicyManagementPrivilege}`, () => {
for (const fleetPrivilege of PRIVILEGES) {
for (const integrationsPrivilege of PRIVILEGES) {
const shouldProvidePolicyLink = endpointPolicyManagementPrivilege !== 'none';
it(`should show Endpoint list ${
shouldProvidePolicyLink ? 'with' : 'without'
} link to Endpoint Policy with fleet:${fleetPrivilege} and integrations:${integrationsPrivilege}`, () => {
loginWithCustomRole({
endpointPolicyManagementPrivilege,
fleetPrivilege,
integrationsPrivilege,
siemVersion,
});
loadPage(APP_ENDPOINTS_PATH);
cy.getByTestSubj('policyNameCellLink').should('exist');
cy.getByTestSubj('policyNameCellLink').within(() => {
if (shouldProvidePolicyLink) {
cy.get('a').should('have.attr', 'href');
} else {
cy.get('a').should('not.exist');
}
});
});
}
}
});
}
});
});
}
});