github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Detection Engine][FTR] Add FTR exception list tests for Serverless prebuilt roles (#198420)

Browse source 
## Summary

Adds FTR tests that check our Serverless prebuilt roles against our
exception list endpoints.

We have had little coverage or visibility to know if any changes made in
elasticsearch-controller introduce a bug in our prebuilt roles.

We could certainly discuss how such tests should be organized - I chose
to create an `authentication` folder that then has a matching folder for
the other sections and a file for each prebuilt role. With us nearing
GA, I'd like to prioritize having coverage and following up with any
improvements.
This commit is contained in:
Yara Tercero 2024-11-06 09:38:01 -08:00 committed by GitHub
parent cc66320e97
commit 4c649d9f14
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
47 changed files with 4879 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.buildkite/ftr_security_serverless_configs.yml
View file

@ -11,7 +11,6 @@ disabled:
- x-pack/test/osquery_cypress/serverless_cli_config.ts
- x-pack/test/security_solution_cypress/serverless_config.ts
# Playwright
- x-pack/test/security_solution_playwright/serverless_config.ts
@ -93,6 +92,9 @@ enabled:
- x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts

45
.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml
View file

@ -50,6 +50,51 @@ steps:
- exit_status: '1'
limit: 2
- label: Running exception_lists:auth:lists:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:lists:qa:serverless
key: exception_lists:auth:lists:qa:serverless
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
preemptible: true
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2
- label: Running exception_lists:auth:common:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:common:qa:serverless
key: exception_lists:auth:common:qa:serverless
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
preemptible: true
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2
- label: Running exception_lists:auth:items:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:items:qa:serverless
key: exception_lists:auth:items:qa:serverless
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
preemptible: true
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2
- label: Running lists_items:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh lists_items:qa:serverless
key: lists_items:qa:serverless

82
.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml
View file

@ -1,12 +1,12 @@
steps:
- group: "Cypress MKI - Detection Engine"
- group: 'Cypress MKI - Detection Engine'
key: cypress_test_detections_engine
steps:
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine
label: "Cypress MKI - Detection Engine"
label: 'Cypress MKI - Detection Engine'
key: test_detection_engine
env:
BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine"
BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine'
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
@ -17,10 +17,10 @@ steps:
parallelism: 1
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions
label: "Cypress MKI - Detection Engine - Exceptions"
label: 'Cypress MKI - Detection Engine - Exceptions'
key: test_detection_engine_exceptions
env:
BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine"
BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine'
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
@ -30,7 +30,7 @@ steps:
timeout_in_minutes: 300
parallelism: 1
- group: "API MKI - Detection Engine"
- group: 'API MKI - Detection Engine'
key: api_test_detections_engine
steps:
- label: Running exception_lists_items:qa:serverless:release
@ -44,7 +44,49 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_lists:auth:lists:qa:serverless:release
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:lists:qa:serverless:release
key: exception_lists:auth:lists:qa:serverless:release
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2
- label: Running exception_lists:common:lists:qa:serverless:release
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:common:lists:qa:serverless:release
key: exception_lists:common:lists:qa:serverless:release
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2
- label: Running exception_lists:items:lists:qa:serverless:release
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:items:lists:qa:serverless:release
key: exception_lists:items:lists:qa:serverless:release
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2
- label: Running lists_items:qa:serverless:release
@ -58,7 +100,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running user_roles:qa:serverless:release
@ -72,7 +114,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running telemetry:qa:serverless:release
@ -86,7 +128,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_workflows:essentials:qa:serverless:release
@ -100,7 +142,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_operators_date_types:essentials:qa:serverless:release
@ -156,7 +198,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_operators_keyword:essentials:qa:serverless:release
@ -170,7 +212,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_operators_ips:essentials:qa:serverless:release
@ -184,7 +226,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_operators_long:essentials:qa:serverless:release
@ -198,7 +240,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running exception_operators_text:essentials:qa:serverless:release
@ -212,7 +254,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running actions:qa:serverless:release
@ -226,7 +268,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running alerts:qa:serverless:release
@ -240,7 +282,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running alerts:essentials:qa:serverless:release
@ -254,7 +296,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
- label: Running rule_execution_logic:eql:qa:serverless:release
@ -366,5 +408,5 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

18
x-pack/test/security_solution_api_integration/package.json
View file

@ -36,6 +36,9 @@
"initialize-server:lists:complete": "node ./scripts/index.js server lists_and_exception_lists trial_license_complete_tier",
"run-tests:lists:complete": "node ./scripts/index.js runner lists_and_exception_lists trial_license_complete_tier",
"initialize-server:lists:essentials_only": "node ./scripts/index.js server lists_and_exception_lists essentials_tier",
"run-tests:lists:essentials_only": "node ./scripts/index.js runner lists_and_exception_lists essentials_tier",
"initialize-server:edr-workflows": "node ./scripts/index.js server edr_workflows trial_license_complete_tier",
"run-tests:edr-workflows": "node ./scripts/index.js runner edr_workflows trial_license_complete_tier",
@ -136,6 +139,21 @@
"edr_workflows:response_actions:server:ess": "npm run initialize-server:edr-workflows response_actions ess",
"edr_workflows:response_actions:runner:ess": "npm run run-tests:edr-workflows response_actions ess essEnv",
"exception_lists:auth:lists:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/lists serverless",
"exception_lists:auth:lists:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless serverlessEnv",
"exception_lists:auth:lists:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless qaPeriodicEnv",
"exception_lists:auth:lists:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless qaEnv",
"exception_lists:auth:common:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/common serverless",
"exception_lists:auth:common:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless serverlessEnv",
"exception_lists:auth:common:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless qaPeriodicEnv",
"exception_lists:auth:common:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless qaEnv",
"exception_lists:auth:items:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/items serverless",
"exception_lists:auth:items:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless serverlessEnv",
"exception_lists:auth:items:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless qaPeriodicEnv",
"exception_lists:auth:items:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless qaEnv",
"exception_lists_items:server:serverless": "npm run initialize-server:lists:complete exception_lists_items serverless",
"exception_lists_items:runner:serverless": "npm run run-tests:lists:complete exception_lists_items serverless serverlessEnv",
"exception_lists_items:qa:serverless": "npm run run-tests:lists:complete exception_lists_items serverless qaPeriodicEnv",

111
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts Normal file
View file

@ -0,0 +1,111 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
describe('@serverless @serverlessQA admin exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for admin', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await admin
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for admin', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await admin
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for admin', async () => {
await admin
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

16
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { createTestConfig } from '../../../../../../../config/serverless/config.base.essentials';
export default createTestConfig({
testFiles: [require.resolve('..')],
junit: {
reportName:
'Detection Engine - Exception List and Items Authentication Tests - Serverless Env - Essentials Tier',
},
});

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let editor: TestAgent;
describe('@serverless @serverlessQA editor exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
editor = await utils.createSuperTest('editor');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for editor', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await editor
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for editor', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await editor
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for editor', async () => {
await editor
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let endpointOperationsAnalyst: TestAgent;
describe('@serverless @serverlessQA endpoint_operations_analyst exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
endpointOperationsAnalyst = await utils.createSuperTest('endpoint_operations_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await endpointOperationsAnalyst
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await endpointOperationsAnalyst
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
await endpointOperationsAnalyst
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let endpointPolicyManager: TestAgent;
describe('@serverless @serverlessQA endpoint_policy_manager exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
endpointPolicyManager = await utils.createSuperTest('endpoint_policy_manager');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await endpointPolicyManager
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await endpointPolicyManager
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
await endpointPolicyManager
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

24
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts Normal file
View file

@ -0,0 +1,24 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('Exception list and items APIs Authentication - Complete Tier', function () {
loadTestFile(require.resolve('./tier_1_analyst'));
loadTestFile(require.resolve('./tier_2_analyst'));
loadTestFile(require.resolve('./threat_intel_analyst'));
loadTestFile(require.resolve('./tier_3_analyst'));
loadTestFile(require.resolve('./viewer'));
loadTestFile(require.resolve('./rule_author'));
loadTestFile(require.resolve('./soc_manager'));
loadTestFile(require.resolve('./endpoint_operations_analyst'));
loadTestFile(require.resolve('./endpoint_policy_manager'));
loadTestFile(require.resolve('./platform_engineer'));
loadTestFile(require.resolve('./editor'));
loadTestFile(require.resolve('./admin'));
});
}

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let platformEngineer: TestAgent;
describe('@serverless @serverlessQA platform_engineer exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
platformEngineer = await utils.createSuperTest('platform_engineer');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for platform_engineer', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await platformEngineer
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for platform_engineer', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await platformEngineer
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for platform_engineer', async () => {
await platformEngineer
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let ruleAuthor: TestAgent;
describe('@serverless @serverlessQA rule_author exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
ruleAuthor = await utils.createSuperTest('rule_author');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for rule_author', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await ruleAuthor
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for rule_author', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await ruleAuthor
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for rule_author', async () => {
await ruleAuthor
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let socManager: TestAgent;
describe('@serverless @serverlessQA soc_manager exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
socManager = await utils.createSuperTest('soc_manager');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for soc_manager', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await socManager
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for soc_manager', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await socManager
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for soc_manager', async () => {
await socManager
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let threatIntelAnalyst: TestAgent;
describe('@serverless @serverlessQA threat_intelligence_analyst exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
threatIntelAnalyst = await utils.createSuperTest('threat_intelligence_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await threatIntelAnalyst
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await threatIntelAnalyst
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
await threatIntelAnalyst
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t1Analyst: TestAgent;
describe('@serverless @serverlessQA t1_analyst exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t1Analyst = await utils.createSuperTest('t1_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 403 for t1_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await t1Analyst
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('export exception list', () => {
it('should return 200 for t1_analyst', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await t1Analyst
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 403 for t1_analyst', async () => {
await t1Analyst
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(403);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t2Analyst: TestAgent;
describe('@serverless @serverlessQA t2_analyst exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t2Analyst = await utils.createSuperTest('t2_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 403 for t2_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await t2Analyst
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('export exception list', () => {
it('should return 200 for t2_analyst', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await t2Analyst
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 403 for t2_analyst', async () => {
await t2Analyst
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(403);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t3Analyst: TestAgent;
describe('@serverless @serverlessQA t3_analyst exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t3Analyst = await utils.createSuperTest('t3_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 200 for t3_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await t3Analyst
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('export exception list', () => {
it('should return 200 for t3_analyst', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await t3Analyst
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 200 for t3_analyst', async () => {
await t3Analyst
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(200);
});
});
});
};

113
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts Normal file
View file

@ -0,0 +1,113 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getImportExceptionsListItemSchemaMock,
getImportExceptionsListSchemaMock,
toNdJsonString,
} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let viewer: TestAgent;
describe('@serverless @serverlessQA viewer exception list and item API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
viewer = await utils.createSuperTest('viewer');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('duplicate exception list', () => {
it('should return 403 for viewer', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListDetectionSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send({
...getCreateExceptionListItemMinimalSchemaMock(),
list_id: getCreateExceptionListDetectionSchemaMock().list_id,
})
.expect(200);
await viewer
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('export exception list', () => {
it('should return 200 for viewer', async () => {
const { body } = await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await viewer
.post(
`${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('import exception list', () => {
it('should return 403 for viewer', async () => {
await viewer
.post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`)
.set('kbn-xsrf', 'true')
.attach(
'file',
Buffer.from(
toNdJsonString([
getImportExceptionsListSchemaMock('test_list_id'),
getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'),
])
),
'exceptions.ndjson'
)
.expect('Content-Type', 'application/json; charset=utf-8')
.expect(403);
});
});
});
};

150
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts Normal file
View file

@ -0,0 +1,150 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
describe('@serverless @serverlessQA admin exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for admin', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for admin', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await admin
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for admin', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for admin', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await admin
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for admin', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await admin
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

16
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { createTestConfig } from '../../../../../../../config/serverless/config.base.essentials';
export default createTestConfig({
testFiles: [require.resolve('..')],
junit: {
reportName:
'Detection Engine - Exception Items Authentication Tests - Serverless Env - Essentials Tier',
},
});

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let editor: TestAgent;
describe('@serverless @serverlessQA editor exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
editor = await utils.createSuperTest('editor');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for editor', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await editor
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for editor', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await editor
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for editor', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await editor
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for editor', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await editor
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for editor', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await editor
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let endpointOperationsAnalyst: TestAgent;
describe('@serverless @serverlessQA endpoint_operations_analyst exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
endpointOperationsAnalyst = await utils.createSuperTest('endpoint_operations_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointOperationsAnalyst
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await endpointOperationsAnalyst
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointOperationsAnalyst
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await endpointOperationsAnalyst
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await endpointOperationsAnalyst
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let endpointPolicyManager: TestAgent;
describe('@serverless @serverlessQA endpoint_policy_manager exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
endpointPolicyManager = await utils.createSuperTest('endpoint_policy_manager');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for endpoint_policy_manager', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointPolicyManager
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await endpointPolicyManager
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for endpoint_policy_manager', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointPolicyManager
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await endpointPolicyManager
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await endpointPolicyManager
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

24
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts Normal file
View file

@ -0,0 +1,24 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('Exception items APIs Authentication - Complete Tier', function () {
loadTestFile(require.resolve('./tier_1_analyst'));
loadTestFile(require.resolve('./tier_2_analyst'));
loadTestFile(require.resolve('./threat_intel_analyst'));
loadTestFile(require.resolve('./tier_3_analyst'));
loadTestFile(require.resolve('./viewer'));
loadTestFile(require.resolve('./rule_author'));
loadTestFile(require.resolve('./soc_manager'));
loadTestFile(require.resolve('./endpoint_operations_analyst'));
loadTestFile(require.resolve('./endpoint_policy_manager'));
loadTestFile(require.resolve('./platform_engineer'));
loadTestFile(require.resolve('./editor'));
loadTestFile(require.resolve('./admin'));
});
}

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let platformEngineer: TestAgent;
describe('@serverless @serverlessQA platform_engineer exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
platformEngineer = await utils.createSuperTest('platform_engineer');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for platform_engineer', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await platformEngineer
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for platform_engineer', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await platformEngineer
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for platform_engineer', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await platformEngineer
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for platform_engineer', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await platformEngineer
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for platform_engineer', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await platformEngineer
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let ruleAuthor: TestAgent;
describe('@serverless @serverlessQA rule_author exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
ruleAuthor = await utils.createSuperTest('rule_author');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for rule_author', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await ruleAuthor
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for rule_author', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await ruleAuthor
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for rule_author', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await ruleAuthor
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for rule_author', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await ruleAuthor
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for rule_author', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await ruleAuthor
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let socManager: TestAgent;
describe('@serverless @serverlessQA soc_manager exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
socManager = await utils.createSuperTest('soc_manager');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for soc_manager', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await socManager
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for soc_manager', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await socManager
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for soc_manager', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await socManager
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for soc_manager', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await socManager
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for soc_manager', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await socManager
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let threatIntelAnalyst: TestAgent;
describe('@serverless @serverlessQA threat_intelligence_analyst exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
threatIntelAnalyst = await utils.createSuperTest('threat_intelligence_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await threatIntelAnalyst
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await threatIntelAnalyst
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await threatIntelAnalyst
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await threatIntelAnalyst
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await threatIntelAnalyst
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t1Analyst: TestAgent;
describe('@serverless @serverlessQA t1_analyst exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t1Analyst = await utils.createSuperTest('t1_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 403 for t1_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t1Analyst
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(403);
});
});
describe('delete exception item', () => {
it('should return 403 for t1_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await t1Analyst
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('find exception item', () => {
it('should return 200 for t1_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t1Analyst
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for t1_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await t1Analyst
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 403 for t1_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await t1Analyst
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(403);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t2Analyst: TestAgent;
describe('@serverless @serverlessQA t2_analyst exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t2Analyst = await utils.createSuperTest('t2_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 403 for t2_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t2Analyst
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(403);
});
});
describe('delete exception item', () => {
it('should return 403 for t2_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await t2Analyst
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('find exception item', () => {
it('should return 200 for t2_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t2Analyst
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for t2_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await t2Analyst
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 403 for t2_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await t2Analyst
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(403);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t3Analyst: TestAgent;
describe('@serverless @serverlessQA t3_analyst exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t3Analyst = await utils.createSuperTest('t3_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 200 for t3_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t3Analyst
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception item', () => {
it('should return 200 for t3_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await t3Analyst
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception item', () => {
it('should return 200 for t3_analyst', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t3Analyst
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for t3_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await t3Analyst
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 200 for t3_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await t3Analyst
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

152
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts Normal file
View file

@ -0,0 +1,152 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let viewer: TestAgent;
describe('@serverless @serverlessQA viewer exception items API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
viewer = await utils.createSuperTest('viewer');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception item', () => {
it('should return 403 for viewer', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await viewer
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(403);
});
});
describe('delete exception item', () => {
it('should return 403 for viewer', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create an exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// delete the exception list item by its item_id
await viewer
.delete(
`${EXCEPTION_LIST_ITEM_URL}?item_id=${
getCreateExceptionListItemMinimalSchemaMock().item_id
}`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('find exception item', () => {
it('should return 200 for viewer', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await viewer
.get(
`${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${
getCreateExceptionListMinimalSchemaMock().list_id
}`
)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
});
});
describe('read exception item', () => {
it('should return 200 for viewer', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item to read
const { body: createListBody } = await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
await viewer
.get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception item', () => {
it('should return 403 for viewer', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// create a simple exception list item
await admin
.post(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListItemMinimalSchemaMock())
.expect(200);
// update a exception list item's name
const updatedList: UpdateExceptionListItemSchema = {
...getUpdateMinimalExceptionListItemSchemaMock(),
name: 'some other name',
};
await viewer
.put(EXCEPTION_LIST_ITEM_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(403);
});
});
});
};

116
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts Normal file
View file

@ -0,0 +1,116 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
describe('@serverless @serverlessQA admin exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for admin', async () => {
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for admin', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for admin', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await admin
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for admin', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await admin
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for admin', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await admin.put(EXCEPTION_LIST_URL).set('kbn-xsrf', 'true').send(updatedList).expect(200);
});
});
});
};

16
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { createTestConfig } from '../../../../../../../config/serverless/config.base.essentials';
export default createTestConfig({
testFiles: [require.resolve('..')],
junit: {
reportName:
'Detection Engine - Exception List Authentication Tests - Serverless Env - Essentials Tier',
},
});

118
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts Normal file
View file

@ -0,0 +1,118 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let editor: TestAgent;
describe('@serverless @serverlessQA editor exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
editor = await utils.createSuperTest('editor');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for editor', async () => {
await editor
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for editor', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await editor
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for editor', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await editor
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for editor', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await editor
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for editor', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await editor.put(EXCEPTION_LIST_URL).set('kbn-xsrf', 'true').send(updatedList).expect(200);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let endpointOperationsAnalyst: TestAgent;
describe('@serverless @serverlessQA endpoint_operations_analyst exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
endpointOperationsAnalyst = await utils.createSuperTest('endpoint_operations_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
await endpointOperationsAnalyst
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointOperationsAnalyst
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await endpointOperationsAnalyst
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointOperationsAnalyst
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for endpoint_operations_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await endpointOperationsAnalyst
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let endpointPolicyManager: TestAgent;
describe('@serverless @serverlessQA endpoint_policy_manager exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
endpointPolicyManager = await utils.createSuperTest('endpoint_policy_manager');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
await endpointPolicyManager
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointPolicyManager
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await endpointPolicyManager
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await endpointPolicyManager
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for endpoint_policy_manager', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await endpointPolicyManager
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

24
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts Normal file
View file

@ -0,0 +1,24 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('Exception list APIs Authentication - Complete Tier', function () {
loadTestFile(require.resolve('./tier_1_analyst'));
loadTestFile(require.resolve('./tier_2_analyst'));
loadTestFile(require.resolve('./threat_intel_analyst'));
loadTestFile(require.resolve('./tier_3_analyst'));
loadTestFile(require.resolve('./viewer'));
loadTestFile(require.resolve('./rule_author'));
loadTestFile(require.resolve('./soc_manager'));
loadTestFile(require.resolve('./endpoint_operations_analyst'));
loadTestFile(require.resolve('./endpoint_policy_manager'));
loadTestFile(require.resolve('./platform_engineer'));
loadTestFile(require.resolve('./editor'));
loadTestFile(require.resolve('./admin'));
});
}

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let platformEngineer: TestAgent;
describe('@serverless @serverlessQA platform_engineer exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
platformEngineer = await utils.createSuperTest('platform_engineer');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for platform_engineer', async () => {
await platformEngineer
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for platform_engineer', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await platformEngineer
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for platform_engineer', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await platformEngineer
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for platform_engineer', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await platformEngineer
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for platform_engineer', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await platformEngineer
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let ruleAuthor: TestAgent;
describe('@serverless @serverlessQA rule_author exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
ruleAuthor = await utils.createSuperTest('rule_author');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for rule_author', async () => {
await ruleAuthor
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for rule_author', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await ruleAuthor
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for rule_author', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await ruleAuthor
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for rule_author', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await ruleAuthor
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for rule_author', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await ruleAuthor
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let socManager: TestAgent;
describe('@serverless @serverlessQA soc_manager exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
socManager = await utils.createSuperTest('soc_manager');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for soc_manager', async () => {
await socManager
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for soc_manager', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await socManager
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for soc_manager', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await socManager
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for soc_manager', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await socManager
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for soc_manager', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await socManager
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let threatIntelAnalyst: TestAgent;
describe('@serverless @serverlessQA threat_intelligence_analyst exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
threatIntelAnalyst = await utils.createSuperTest('threat_intelligence_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
await threatIntelAnalyst
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await threatIntelAnalyst
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await threatIntelAnalyst
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await threatIntelAnalyst
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for threat_intelligence_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await threatIntelAnalyst
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t1Analyst: TestAgent;
describe('@serverless @serverlessQA t1_analyst exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t1Analyst = await utils.createSuperTest('t1_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 403 for t1_analyst', async () => {
await t1Analyst
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(403);
});
});
describe('delete exception list', () => {
it('should return 403 for t1_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t1Analyst
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('find exception list', () => {
it('should return 200 for t1_analyst', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await t1Analyst
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for t1_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t1Analyst
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 403 for t1_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await t1Analyst
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(403);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t2Analyst: TestAgent;
describe('@serverless @serverlessQA t2_analyst exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t2Analyst = await utils.createSuperTest('t2_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 403 for t2_analyst', async () => {
await t2Analyst
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(403);
});
});
describe('delete exception list', () => {
it('should return 403 for t2_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t2Analyst
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('find exception list', () => {
it('should return 200 for t2_analyst', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await t2Analyst
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for t2_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t2Analyst
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 403 for t2_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await t2Analyst
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(403);
});
});
});
};

122
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts Normal file
View file

@ -0,0 +1,122 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let t3Analyst: TestAgent;
describe('@serverless @serverlessQA t3_analyst exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
t3Analyst = await utils.createSuperTest('t3_analyst');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 200 for t3_analyst', async () => {
await t3Analyst
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
});
});
describe('delete exception list', () => {
it('should return 200 for t3_analyst', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t3Analyst
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('find exception list', () => {
it('should return 200 for t3_analyst', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await t3Analyst
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for t3_analyst', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await t3Analyst
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 200 for t3_analyst', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await t3Analyst
.put(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(updatedList)
.expect(200);
});
});
});
};

118
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts Normal file
View file

@ -0,0 +1,118 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from 'expect';
import TestAgent from 'supertest/lib/agent';
import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants';
import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock';
import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import { deleteAllExceptions } from '../../../../utils';
export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const utils = getService('securitySolutionUtils');
let admin: TestAgent;
let viewer: TestAgent;
describe('@serverless @serverlessQA viewer exception list API behaviors', () => {
before(async () => {
admin = await utils.createSuperTest('admin');
viewer = await utils.createSuperTest('viewer');
await deleteAllExceptions(admin, log);
});
afterEach(async () => {
await deleteAllExceptions(admin, log);
});
describe('create exception list', () => {
it('should return 403 for viewer', async () => {
await viewer
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(403);
});
});
describe('delete exception list', () => {
it('should return 403 for viewer', async () => {
// create an exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await viewer
.delete(
`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`
)
.set('kbn-xsrf', 'true')
.expect(403);
});
});
describe('find exception list', () => {
it('should return 200 for viewer', async () => {
// add a single exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// query the single exception list from _find
const { body } = await viewer
.get(`${EXCEPTION_LIST_URL}/_find`)
.set('kbn-xsrf', 'true')
.send()
.expect(200);
expect(body.total).toEqual(1);
});
});
describe('read exception list', () => {
it('should return 200 for viewer', async () => {
// create a simple exception list to read
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
await viewer
.get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`)
.set('kbn-xsrf', 'true')
.expect(200);
});
});
describe('update exception list', () => {
it('should return 403 for viewer', async () => {
// create a simple exception list
await admin
.post(EXCEPTION_LIST_URL)
.set('kbn-xsrf', 'true')
.send(getCreateExceptionListMinimalSchemaMock())
.expect(200);
// update a exception list's name
const updatedList: UpdateExceptionListSchema = {
...getUpdateMinimalExceptionListSchemaMock(),
name: 'some other name',
};
await viewer.put(EXCEPTION_LIST_URL).set('kbn-xsrf', 'true').send(updatedList).expect(403);
});
});
});
};

7
x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts
View file

@ -13,7 +13,10 @@ import {
EXCEPTION_LIST_URL,
} from '@kbn/securitysolution-list-constants';
import { getExceptionResponseMockWithoutAutoGeneratedValues } from '@kbn/lists-plugin/common/schemas/response/exception_list_schema.mock';
import { getCreateExceptionListDetectionSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import {
getCreateExceptionListDetectionSchemaMock,
getCreateExceptionListMinimalSchemaMock,
} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock';
import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock';
import { deleteAllExceptions, removeExceptionListServerGeneratedProperties } from '../../../utils';
@ -76,7 +79,7 @@ export default ({ getService }: FtrProviderContext) => {
const { body: listBody } = await supertest
.post(
`${EXCEPTION_LIST_URL}/_duplicate?list_id=${
getCreateExceptionListDetectionSchemaMock().list_id
getCreateExceptionListMinimalSchemaMock().list_id
}&namespace_type=single&include_expired_exceptions=true`
)
.set('kbn-xsrf', 'true')