github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 01:13:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Cloud Security] FTRs for Accessing Pages with Custom Roles (#184622)

Browse source
This commit is contained in:
Ido Cohen 2024-06-06 13:06:39 +03:00 committed by GitHub
parent 28a01c1424
commit a03f3bce7d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 1019 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

46
x-pack/plugins/cloud_security_posture/common/dev_docs/__auto_generated_csp_requirements_test_coverage.md
View file

@ -7,7 +7,7 @@ You can also check out the dedicated app view, which enables easier search and f
## Directory: x-pack/plugins/cloud_security_posture
**Total Tests:** 444 | **Skipped:** 5 (1.13%) | **Todo:** 0 (0.00%)
**Total Tests:** 458 | **Skipped:** 5 (1.09%) | **Todo:** 0 (0.00%)
![](https://img.shields.io/badge/UT-brightgreen) ![](https://img.shields.io/badge/HAS-SKIP-yellow)
@ -69,7 +69,6 @@ You can also check out the dedicated app view, which enables easier search and f
| [useNavigateFindings](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | describe | | |
| [creates a URL to findings page with correct path, filter and dataViewId](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [creates a URL to findings page with correct path and negated filter](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [creates a URL to findings resource page with correct path and filter](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [creates a URL to vulnerabilities page with correct path, filter and dataViewId](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [useUrlQuery](x-pack/plugins/cloud_security_posture/public/common/hooks/use_url_query.test.ts) | describe | | |
| [uses default query when no query is provided](x-pack/plugins/cloud_security_posture/public/common/hooks/use_url_query.test.ts) | it | | |
@ -266,6 +265,14 @@ You can also check out the dedicated app view, which enables easier search and f
| [Should return undefined when datastream is undefined](x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/utils.test.ts) | it | | |
| [Should return undefined when stream is undefined](x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/utils.test.ts) | it | | |
| [Should return undefined when stream.var is invalid](x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/utils.test.ts) | it | | |
| [NoFindingsStates](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | describe | | |
| [should show the indexing notification when CSPM is not installed and KSPM is indexing](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [should show the indexing notification when KSPM is not installed and CSPM is indexing](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [should show the indexing timout notification when CSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [should show the indexing timout notification when KSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [should show the unprivileged notification when CSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [should show the unprivileged notification when KSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [should show the not-installed notification when CSPM and KSPM status is not-installed](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [<BenchmarksTable />](x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx) | describe | | |
| [renders cis integration name](x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx) | it | | |
| [renders benchmark version](x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx) | it | | |
@ -335,6 +342,13 @@ You can also check out the dedicated app view, which enables easier search and f
| [<Rules />](x-pack/plugins/cloud_security_posture/public/pages/rules/rules.test.tsx) | describe | | |
| [calls Benchmark API](x-pack/plugins/cloud_security_posture/public/pages/rules/rules.test.tsx) | it | | |
| [Display success state when result request is resolved](x-pack/plugins/cloud_security_posture/public/pages/rules/rules.test.tsx) | it | | |
| [use_change_csp_rule_state](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | describe | | |
| [should call http.post with the correct parameters](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [should cancel queries and update query data onMutate](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [should invalidate queries onSettled](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [should restore previous query data onError](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [creates the new cache with rules in a unmute state](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [<VulnerabilityFindingFlyout/>](x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx) | describe | | |
| [Header Info](x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx) | describe | | |
| [displays text details flyout header info](x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx) | it | | |
@ -464,9 +478,9 @@ You can also check out the dedicated app view, which enables easier search and f
## Directory: x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture
**Total Tests:** 37 | **Skipped:** 4 (10.81%) | **Todo:** 0 (0.00%)
**Total Tests:** 37 | **Skipped:** 0 (0.00%) | **Todo:** 0 (0.00%)
![](https://img.shields.io/badge/FTR-blue) ![](https://img.shields.io/badge/SERVERLESS-pink) ![](https://img.shields.io/badge/API-INTEGRATION-purple) ![](https://img.shields.io/badge/HAS-SKIP-yellow)
![](https://img.shields.io/badge/FTR-blue) ![](https://img.shields.io/badge/SERVERLESS-pink) ![](https://img.shields.io/badge/API-INTEGRATION-purple)
<details>
<summary>Test Details</summary>
@ -490,10 +504,10 @@ You can also check out the dedicated app view, which enables easier search and f
| [Should return 200 status code and paginate rules with a limit of PerPage](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/find_csp_benchmark_rule.ts) | it | | |
| [cloud_security_posture](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/index.ts) | describe | | |
| [GET /internal/cloud_security_posture/status](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | describe | | |
| [STATUS = INDEXED TEST](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | describe | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
| [STATUS = INDEXED TEST](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | describe | | |
| [Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | | |
| [Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | | |
| [Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | | |
| [GET /internal/cloud_security_posture/status](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts) | describe | | |
| [STATUS = INDEXING TEST](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts) | describe | | |
| [Return kspm status indexing when logs-cloud_security_posture.findings_latest-default doesn](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts) | it | | |
@ -654,15 +668,21 @@ You can also check out the dedicated app view, which enables easier search and f
## Directory: x-pack/test/cloud_security_posture_functional
**Total Tests:** 190 | **Skipped:** 37 (19.47%) | **Todo:** 2 (1.05%)
**Total Tests:** 202 | **Skipped:** 41 (20.30%) | **Todo:** 3 (1.49%)
![](https://img.shields.io/badge/FTR-blue) ![](https://img.shields.io/badge/HAS-TODO-green) ![](https://img.shields.io/badge/HAS-SKIP-yellow)
![](https://img.shields.io/badge/FTR-blue) ![](https://img.shields.io/badge/HAS-SKIP-yellow) ![](https://img.shields.io/badge/HAS-TODO-green)
<details>
<summary>Test Details</summary>
| Test Label | Type | Skipped | Todo |
|------------|------|---------|------|
| [Access with custom roles](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | describe | | |
| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Access with custom roles - rule page](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | describe | | |
| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it | | |
| [Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Test adding Cloud Security Posture Integrations CNVM](x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts) | describe | | |
| [CNVM AWS](x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts) | describe | | |
| [Hyperlink on PostInstallation Modal should have the correct URL](x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts) | it | | |
@ -748,6 +768,9 @@ You can also check out the dedicated app view, which enables easier search and f
| [displays accurate summary compliance score](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | | |
| [TODO - Cloud Dashboard](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | describe | | ![](https://img.shields.io/badge/todo-green) |
| [todo - displays accurate summary compliance score](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | | ![](https://img.shields.io/badge/todo-green) |
| [Access with custom roles](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | describe | | |
| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | | |
| [todo - Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | ![](https://img.shields.io/badge/todo-green) |
| [Findings Page - Alerts](x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts) | describe | | |
| [Create detection rule](x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts) | describe | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Creates a detection rule from the Take Action button and navigates to rule page](x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts) | it | ![](https://img.shields.io/badge/skipped-yellow) | |
@ -796,6 +819,9 @@ You can also check out the dedicated app view, which enables easier search and f
| [Reset fields to default](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
| [Findings Page - support muting rules](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | describe | | |
| [verify only enabled rules appears](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
| [Access with custom roles](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | describe | | |
| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
| [Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
| [Cloud Security Posture](x-pack/test/cloud_security_posture_functional/pages/index.ts) | describe | | |
| [Cloud Posture Rules Page](x-pack/test/cloud_security_posture_functional/pages/rules.ts) | describe | ![](https://img.shields.io/badge/skipped-yellow) | |
| [Rules Page - Rules Counters](x-pack/test/cloud_security_posture_functional/pages/rules.ts) | describe | ![](https://img.shields.io/badge/skipped-yellow) | |

671
x-pack/plugins/cloud_security_posture/common/scripts/__auto_generated_csp_test_log.json
View file

@ -1148,7 +1148,6 @@
"describe('useNavigateFindings')",
" it('creates a URL to findings page with correct path, filter and dataViewId')",
" it('creates a URL to findings page with correct path and negated filter')",
" it('creates a URL to findings resource page with correct path and filter')",
" it('creates a URL to vulnerabilities page with correct path, filter and dataViewId')"
],
"testSuits": [
@ -1182,16 +1181,6 @@
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-a-url-to-findings-resource-page-with-correct-path-and-filter",
"rawLine": " it('creates a URL to findings resource page with correct path and filter', () => {",
"line": " it('creates a URL to findings resource page with correct path and filter')",
"label": "creates a URL to findings resource page with correct path and filter",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-a-url-to-vulnerabilities-page-with-correct-path,-filter-and-dataviewid",
"rawLine": " it('creates a URL to vulnerabilities page with correct path, filter and dataViewId', () => {",
@ -1234,16 +1223,6 @@
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-a-url-to-findings-resource-page-with-correct-path-and-filter",
"rawLine": " it('creates a URL to findings resource page with correct path and filter', () => {",
"line": " it('creates a URL to findings resource page with correct path and filter')",
"label": "creates a URL to findings resource page with correct path and filter",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-a-url-to-vulnerabilities-page-with-correct-path,-filter-and-dataviewid",
"rawLine": " it('creates a URL to vulnerabilities page with correct path, filter and dataViewId', () => {",
@ -5695,6 +5674,190 @@
}
]
},
{
"filePath": "x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx",
"fileName": "no_findings_states.test.tsx",
"directory": "x-pack/plugins/cloud_security_posture",
"tags": [
"UT"
],
"lines": [
"describe('NoFindingsStates')",
" it('should show the indexing notification when CSPM is not installed and KSPM is indexing')",
" it('should show the indexing notification when KSPM is not installed and CSPM is indexing')",
" it('should show the indexing timout notification when CSPM is status is index-timeout')",
" it('should show the indexing timout notification when KSPM is status is index-timeout')",
" it('should show the unprivileged notification when CSPM is status is index-timeout')",
" it('should show the unprivileged notification when KSPM is status is index-timeout')",
" it('should show the not-installed notification when CSPM and KSPM status is not-installed')"
],
"testSuits": [
{
"id": "nofindingsstates",
"rawLine": "describe('NoFindingsStates', () => {",
"line": "describe('NoFindingsStates')",
"label": "NoFindingsStates",
"indent": 0,
"type": "describe",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-notification-when-cspm-is-not-installed-and-kspm-is-indexing",
"rawLine": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing', async () => {",
"line": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing')",
"label": "should show the indexing notification when CSPM is not installed and KSPM is indexing",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-notification-when-kspm-is-not-installed-and-cspm-is-indexing",
"rawLine": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing', async () => {",
"line": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing')",
"label": "should show the indexing notification when KSPM is not installed and CSPM is indexing",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-timout-notification-when-cspm-is-status-is-index-timeout",
"rawLine": " it('should show the indexing timout notification when CSPM is status is index-timeout', async () => {",
"line": " it('should show the indexing timout notification when CSPM is status is index-timeout')",
"label": "should show the indexing timout notification when CSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-timout-notification-when-kspm-is-status-is-index-timeout",
"rawLine": " it('should show the indexing timout notification when KSPM is status is index-timeout', async () => {",
"line": " it('should show the indexing timout notification when KSPM is status is index-timeout')",
"label": "should show the indexing timout notification when KSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-unprivileged-notification-when-cspm-is-status-is-index-timeout",
"rawLine": " it('should show the unprivileged notification when CSPM is status is index-timeout', async () => {",
"line": " it('should show the unprivileged notification when CSPM is status is index-timeout')",
"label": "should show the unprivileged notification when CSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-unprivileged-notification-when-kspm-is-status-is-index-timeout",
"rawLine": " it('should show the unprivileged notification when KSPM is status is index-timeout', async () => {",
"line": " it('should show the unprivileged notification when KSPM is status is index-timeout')",
"label": "should show the unprivileged notification when KSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-not-installed-notification-when-cspm-and-kspm-status-is-not-installed",
"rawLine": " it('should show the not-installed notification when CSPM and KSPM status is not-installed', async () => {",
"line": " it('should show the not-installed notification when CSPM and KSPM status is not-installed')",
"label": "should show the not-installed notification when CSPM and KSPM status is not-installed",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
}
],
"tree": [
{
"id": "nofindingsstates",
"rawLine": "describe('NoFindingsStates', () => {",
"line": "describe('NoFindingsStates')",
"label": "NoFindingsStates",
"indent": 0,
"type": "describe",
"isSkipped": false,
"isTodo": false,
"children": [
{
"id": "should-show-the-indexing-notification-when-cspm-is-not-installed-and-kspm-is-indexing",
"rawLine": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing', async () => {",
"line": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing')",
"label": "should show the indexing notification when CSPM is not installed and KSPM is indexing",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-notification-when-kspm-is-not-installed-and-cspm-is-indexing",
"rawLine": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing', async () => {",
"line": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing')",
"label": "should show the indexing notification when KSPM is not installed and CSPM is indexing",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-timout-notification-when-cspm-is-status-is-index-timeout",
"rawLine": " it('should show the indexing timout notification when CSPM is status is index-timeout', async () => {",
"line": " it('should show the indexing timout notification when CSPM is status is index-timeout')",
"label": "should show the indexing timout notification when CSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-indexing-timout-notification-when-kspm-is-status-is-index-timeout",
"rawLine": " it('should show the indexing timout notification when KSPM is status is index-timeout', async () => {",
"line": " it('should show the indexing timout notification when KSPM is status is index-timeout')",
"label": "should show the indexing timout notification when KSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-unprivileged-notification-when-cspm-is-status-is-index-timeout",
"rawLine": " it('should show the unprivileged notification when CSPM is status is index-timeout', async () => {",
"line": " it('should show the unprivileged notification when CSPM is status is index-timeout')",
"label": "should show the unprivileged notification when CSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-unprivileged-notification-when-kspm-is-status-is-index-timeout",
"rawLine": " it('should show the unprivileged notification when KSPM is status is index-timeout', async () => {",
"line": " it('should show the unprivileged notification when KSPM is status is index-timeout')",
"label": "should show the unprivileged notification when KSPM is status is index-timeout",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-show-the-not-installed-notification-when-cspm-and-kspm-status-is-not-installed",
"rawLine": " it('should show the not-installed notification when CSPM and KSPM status is not-installed', async () => {",
"line": " it('should show the not-installed notification when CSPM and KSPM status is not-installed')",
"label": "should show the not-installed notification when CSPM and KSPM status is not-installed",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
}
]
}
]
},
{
"filePath": "x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx",
"fileName": "benchmarks_table.test.tsx",
@ -7330,6 +7493,169 @@
}
]
},
{
"filePath": "x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx",
"fileName": "use_change_csp_rule_state.test.tsx",
"directory": "x-pack/plugins/cloud_security_posture",
"tags": [
"UT"
],
"lines": [
"describe('use_change_csp_rule_state')",
" it('should call http.post with the correct parameters')",
" it('should cancel queries and update query data onMutate')",
" it('should invalidate queries onSettled')",
" it('should restore previous query data onError')",
" it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState')",
" it('creates the new cache with rules in a unmute state')"
],
"testSuits": [
{
"id": "use_change_csp_rule_state",
"rawLine": "describe('use_change_csp_rule_state', () => {",
"line": "describe('use_change_csp_rule_state')",
"label": "use_change_csp_rule_state",
"indent": 0,
"type": "describe",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-call-http.post-with-the-correct-parameters",
"rawLine": " it('should call http.post with the correct parameters', async () => {",
"line": " it('should call http.post with the correct parameters')",
"label": "should call http.post with the correct parameters",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-cancel-queries-and-update-query-data-onmutate",
"rawLine": " it('should cancel queries and update query data onMutate', async () => {",
"line": " it('should cancel queries and update query data onMutate')",
"label": "should cancel queries and update query data onMutate",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-invalidate-queries-onsettled",
"rawLine": " it('should invalidate queries onSettled', async () => {",
"line": " it('should invalidate queries onSettled')",
"label": "should invalidate queries onSettled",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-restore-previous-query-data-onerror",
"rawLine": " it('should restore previous query data onError', async () => {",
"line": " it('should restore previous query data onError')",
"label": "should restore previous query data onError",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-the-new-set-of-cache-rules-in-a-muted-state-when-calling-createruleswithupdatedstate",
"rawLine": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState', async () => {",
"line": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState')",
"label": "creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-the-new-cache-with-rules-in-a-unmute-state",
"rawLine": " it('creates the new cache with rules in a unmute state', async () => {",
"line": " it('creates the new cache with rules in a unmute state')",
"label": "creates the new cache with rules in a unmute state",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
}
],
"tree": [
{
"id": "use_change_csp_rule_state",
"rawLine": "describe('use_change_csp_rule_state', () => {",
"line": "describe('use_change_csp_rule_state')",
"label": "use_change_csp_rule_state",
"indent": 0,
"type": "describe",
"isSkipped": false,
"isTodo": false,
"children": [
{
"id": "should-call-http.post-with-the-correct-parameters",
"rawLine": " it('should call http.post with the correct parameters', async () => {",
"line": " it('should call http.post with the correct parameters')",
"label": "should call http.post with the correct parameters",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-cancel-queries-and-update-query-data-onmutate",
"rawLine": " it('should cancel queries and update query data onMutate', async () => {",
"line": " it('should cancel queries and update query data onMutate')",
"label": "should cancel queries and update query data onMutate",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-invalidate-queries-onsettled",
"rawLine": " it('should invalidate queries onSettled', async () => {",
"line": " it('should invalidate queries onSettled')",
"label": "should invalidate queries onSettled",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "should-restore-previous-query-data-onerror",
"rawLine": " it('should restore previous query data onError', async () => {",
"line": " it('should restore previous query data onError')",
"label": "should restore previous query data onError",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-the-new-set-of-cache-rules-in-a-muted-state-when-calling-createruleswithupdatedstate",
"rawLine": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState', async () => {",
"line": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState')",
"label": "creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "creates-the-new-cache-with-rules-in-a-unmute-state",
"rawLine": " it('creates the new cache with rules in a unmute state', async () => {",
"line": " it('creates the new cache with rules in a unmute state')",
"label": "creates the new cache with rules in a unmute state",
"indent": 2,
"type": "it",
"isSkipped": false,
"isTodo": false
}
]
}
]
},
{
"filePath": "x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx",
"fileName": "vulnerability_finding_flyout.test.tsx",
@ -10683,12 +11009,11 @@
"tags": [
"FTR",
"SERVERLESS",
"API INTEGRATION",
"HAS SKIP"
"API INTEGRATION"
],
"lines": [
" describe('GET /internal/cloud_security_posture/status')",
" describe.skip('STATUS = INDEXED TEST')",
" describe('STATUS = INDEXED TEST')",
" it(`Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents`)",
" it(`Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents`)",
" it(`Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents`)"
@ -10706,12 +11031,12 @@
},
{
"id": "status-=-indexed-test",
"rawLine": " describe.skip('STATUS = INDEXED TEST', () => {",
"line": " describe.skip('STATUS = INDEXED TEST')",
"rawLine": " describe('STATUS = INDEXED TEST', () => {",
"line": " describe('STATUS = INDEXED TEST')",
"label": "STATUS = INDEXED TEST",
"indent": 4,
"type": "describe",
"isSkipped": true,
"isSkipped": false,
"isTodo": false
},
{
@ -10758,12 +11083,12 @@
"children": [
{
"id": "status-=-indexed-test",
"rawLine": " describe.skip('STATUS = INDEXED TEST', () => {",
"line": " describe.skip('STATUS = INDEXED TEST')",
"rawLine": " describe('STATUS = INDEXED TEST', () => {",
"line": " describe('STATUS = INDEXED TEST')",
"label": "STATUS = INDEXED TEST",
"indent": 4,
"type": "describe",
"isSkipped": true,
"isSkipped": false,
"isTodo": false,
"children": [
{
@ -10773,7 +11098,7 @@
"label": "Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents",
"indent": 6,
"type": "it",
"isSkipped": true,
"isSkipped": false,
"isTodo": false
},
{
@ -10783,7 +11108,7 @@
"label": "Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents",
"indent": 6,
"type": "it",
"isSkipped": true,
"isSkipped": false,
"isTodo": false
},
{
@ -10793,7 +11118,7 @@
"label": "Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents",
"indent": 6,
"type": "it",
"isSkipped": true,
"isSkipped": false,
"isTodo": false
}
]
@ -13678,6 +14003,151 @@
}
]
},
{
"filePath": "x-pack/test/cloud_security_posture_functional/pages/benchmark.ts",
"fileName": "benchmark.ts",
"directory": "x-pack/test/cloud_security_posture_functional",
"tags": [
"FTR",
"HAS SKIP"
],
"lines": [
" describe('Access with custom roles')",
" it.skip('Access with valid user role')",
" it.skip('Access with invalid user role')",
" describe('Access with custom roles - rule page')",
" it('Access with valid user role')",
" it.skip('Access with invalid user role')"
],
"testSuits": [
{
"id": "access-with-custom-roles",
"rawLine": " describe('Access with custom roles', async () => {",
"line": " describe('Access with custom roles')",
"label": "Access with custom roles",
"indent": 2,
"type": "describe",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-valid-user-role",
"rawLine": " it.skip('Access with valid user role', async () => {",
"line": " it.skip('Access with valid user role')",
"label": "Access with valid user role",
"indent": 4,
"type": "it",
"isSkipped": true,
"isTodo": false
},
{
"id": "access-with-invalid-user-role",
"rawLine": " it.skip('Access with invalid user role', async () => {});",
"line": " it.skip('Access with invalid user role')",
"label": "Access with invalid user role",
"indent": 4,
"type": "it",
"isSkipped": true,
"isTodo": false
},
{
"id": "access-with-custom-roles---rule-page",
"rawLine": " describe('Access with custom roles - rule page', async () => {",
"line": " describe('Access with custom roles - rule page')",
"label": "Access with custom roles - rule page",
"indent": 4,
"type": "describe",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-valid-user-role",
"rawLine": " it('Access with valid user role', async () => {",
"line": " it('Access with valid user role')",
"label": "Access with valid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-invalid-user-role",
"rawLine": " it.skip('Access with invalid user role', async () => {});",
"line": " it.skip('Access with invalid user role')",
"label": "Access with invalid user role",
"indent": 6,
"type": "it",
"isSkipped": true,
"isTodo": false
}
],
"tree": [
{
"id": "access-with-custom-roles",
"rawLine": " describe('Access with custom roles', async () => {",
"line": " describe('Access with custom roles')",
"label": "Access with custom roles",
"indent": 2,
"type": "describe",
"isSkipped": false,
"isTodo": false,
"children": [
{
"id": "access-with-valid-user-role",
"rawLine": " it.skip('Access with valid user role', async () => {",
"line": " it.skip('Access with valid user role')",
"label": "Access with valid user role",
"indent": 4,
"type": "it",
"isSkipped": true,
"isTodo": false
},
{
"id": "access-with-invalid-user-role",
"rawLine": " it.skip('Access with invalid user role', async () => {});",
"line": " it.skip('Access with invalid user role')",
"label": "Access with invalid user role",
"indent": 4,
"type": "it",
"isSkipped": true,
"isTodo": false
},
{
"id": "access-with-custom-roles---rule-page",
"rawLine": " describe('Access with custom roles - rule page', async () => {",
"line": " describe('Access with custom roles - rule page')",
"label": "Access with custom roles - rule page",
"indent": 4,
"type": "describe",
"isSkipped": false,
"isTodo": false,
"children": [
{
"id": "access-with-valid-user-role",
"rawLine": " it('Access with valid user role', async () => {",
"line": " it('Access with valid user role')",
"label": "Access with valid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-invalid-user-role",
"rawLine": " it.skip('Access with invalid user role', async () => {});",
"line": " it.skip('Access with invalid user role')",
"label": "Access with invalid user role",
"indent": 6,
"type": "it",
"isSkipped": true,
"isTodo": false
}
]
}
]
}
]
},
{
"filePath": "x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts",
"fileName": "cis_integration_cnvm.ts",
@ -15516,6 +15986,7 @@
"directory": "x-pack/test/cloud_security_posture_functional",
"tags": [
"FTR",
"HAS SKIP",
"HAS TODO"
],
"lines": [
@ -15523,7 +15994,10 @@
" describe('Kubernetes Dashboard')",
" it('displays accurate summary compliance score')",
" describe('TODO - Cloud Dashboard', () => {",
" it('todo - displays accurate summary compliance score', async () => {});"
" it('todo - displays accurate summary compliance score', async () => {});",
" describe('Access with custom roles')",
" it('Access with valid user role')",
" it.skip('todo - Access with invalid user role')"
],
"testSuits": [
{
@ -15575,6 +16049,36 @@
"type": "it",
"isSkipped": false,
"isTodo": true
},
{
"id": "access-with-custom-roles",
"rawLine": " describe('Access with custom roles', async () => {",
"line": " describe('Access with custom roles')",
"label": "Access with custom roles",
"indent": 4,
"type": "describe",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-valid-user-role",
"rawLine": " it('Access with valid user role', async () => {",
"line": " it('Access with valid user role')",
"label": "Access with valid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "todo---access-with-invalid-user-role",
"rawLine": " it.skip('todo - Access with invalid user role', async () => {});",
"line": " it.skip('todo - Access with invalid user role')",
"label": "todo - Access with invalid user role",
"indent": 6,
"type": "it",
"isSkipped": true,
"isTodo": true
}
],
"tree": [
@ -15631,6 +16135,38 @@
"isTodo": true
}
]
},
{
"id": "access-with-custom-roles",
"rawLine": " describe('Access with custom roles', async () => {",
"line": " describe('Access with custom roles')",
"label": "Access with custom roles",
"indent": 4,
"type": "describe",
"isSkipped": false,
"isTodo": false,
"children": [
{
"id": "access-with-valid-user-role",
"rawLine": " it('Access with valid user role', async () => {",
"line": " it('Access with valid user role')",
"label": "Access with valid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "todo---access-with-invalid-user-role",
"rawLine": " it.skip('todo - Access with invalid user role', async () => {});",
"line": " it.skip('todo - Access with invalid user role')",
"label": "todo - Access with invalid user role",
"indent": 6,
"type": "it",
"isSkipped": true,
"isTodo": true
}
]
}
]
}
@ -16393,7 +16929,10 @@
" it('Remove fields from the Findings DataTable')",
" it('Reset fields to default')",
" describe('Findings Page - support muting rules')",
" it(`verify only enabled rules appears`)"
" it(`verify only enabled rules appears`)",
" describe('Access with custom roles')",
" it('Access with valid user role')",
" it('Access with invalid user role')"
],
"testSuits": [
{
@ -16565,6 +17104,36 @@
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-custom-roles",
"rawLine": " describe('Access with custom roles', async () => {",
"line": " describe('Access with custom roles')",
"label": "Access with custom roles",
"indent": 4,
"type": "describe",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-valid-user-role",
"rawLine": " it('Access with valid user role', async () => {",
"line": " it('Access with valid user role')",
"label": "Access with valid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-invalid-user-role",
"rawLine": " it('Access with invalid user role', async () => {",
"line": " it('Access with invalid user role')",
"label": "Access with invalid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
}
],
"tree": [
@ -16751,6 +17320,38 @@
"isTodo": false
}
]
},
{
"id": "access-with-custom-roles",
"rawLine": " describe('Access with custom roles', async () => {",
"line": " describe('Access with custom roles')",
"label": "Access with custom roles",
"indent": 4,
"type": "describe",
"isSkipped": false,
"isTodo": false,
"children": [
{
"id": "access-with-valid-user-role",
"rawLine": " it('Access with valid user role', async () => {",
"line": " it('Access with valid user role')",
"label": "Access with valid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
},
{
"id": "access-with-invalid-user-role",
"rawLine": " it('Access with invalid user role', async () => {",
"line": " it('Access with invalid user role')",
"label": "Access with invalid user role",
"indent": 6,
"type": "it",
"isSkipped": false,
"isTodo": false
}
]
}
]
},

4
x-pack/plugins/cloud_security_posture/server/create_transforms/latest_findings_transform.ts
View file

@ -16,7 +16,7 @@ const LATEST_FINDINGS_TRANSFORM_V830 = 'cloud_security_posture.findings_latest-d
const LATEST_FINDINGS_TRANSFORM_V840 = 'cloud_security_posture.findings_latest-default-8.4.0';
const LATEST_FINDINGS_TRANSFORM_V880 = 'cloud_security_posture.findings_latest-default-8.8.0';
const CURRENT_FINDINGS_TRANSFORM = 'cloud_security_posture.findings_latest-default-8.15.0';
const CURRENT_FINDINGS_TRANSFORM_VERSION = 'cloud_security_posture.findings_latest-default-8.15.0';
export const DEPRECATED_FINDINGS_TRANSFORMS_VERSION = [
LATEST_FINDINGS_TRANSFORM_V830,
@ -25,7 +25,7 @@ export const DEPRECATED_FINDINGS_TRANSFORMS_VERSION = [
];
export const latestFindingsTransform: TransformPutTransformRequest = {
transform_id: CURRENT_FINDINGS_TRANSFORM,
transform_id: CURRENT_FINDINGS_TRANSFORM_VERSION,
description: 'Defines findings transformation to view only the latest finding per resource',
source: {
index: FINDINGS_INDEX_PATTERN,

5
x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts
View file

@ -13,14 +13,15 @@ import {
VULNERABILITIES_INDEX_PATTERN,
} from '../../common/constants';
const CURRENT_VULN_VERSION = 'cloud_security_posture.vulnerabilities_latest-default-8.15.0';
const CURRENT_VULN_TRANSFORM_VERSION =
'cloud_security_posture.vulnerabilities_latest-default-8.15.0';
export const DEPRECATED_VULN_TRANSFORM_VERSIONS = [
'cloud_security_posture.vulnerabilities_latest-default-8.8.0',
];
export const latestVulnerabilitiesTransform: TransformPutTransformRequest = {
transform_id: CURRENT_VULN_VERSION,
transform_id: CURRENT_VULN_TRANSFORM_VERSION,
description:
'Defines vulnerabilities transformation to view only the latest vulnerability per resource',
source: {

59
x-pack/test/cloud_security_posture_functional/page_objects/benchmark_page.ts Normal file
View file

@ -0,0 +1,59 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
ELASTIC_HTTP_VERSION_HEADER,
X_ELASTIC_INTERNAL_ORIGIN_REQUEST,
} from '@kbn/core-http-common';
import type { FtrProviderContext } from '../ftr_provider_context';
export const CSP_BECNHMARK_TABLE = 'csp_benchmarks_table';
export function BenchmarkPagePageProvider({ getService, getPageObjects }: FtrProviderContext) {
const testSubjects = getService('testSubjects');
const PageObjects = getPageObjects(['common', 'header']);
const retry = getService('retry');
const supertest = getService('supertest');
const log = getService('log');
/**
* required before indexing findings
*/
const waitForPluginInitialized = (): Promise<void> =>
retry.try(async () => {
log.debug('Check CSP plugin is initialized');
const response = await supertest
.get('/internal/cloud_security_posture/status?check=init')
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);
expect(response.body).to.eql({ isPluginInitialized: true });
log.debug('CSP plugin is initialized');
});
const benchmarkPage = {
doesBenchmarkTableExists: async () => {
return await testSubjects.find('csp_benchmarks_table');
},
};
const navigateToBenchnmarkPage = async () => {
await PageObjects.common.navigateToUrl(
'securitySolution', // Defined in Security Solution plugin
`cloud_security_posture/benchmarks/`,
{ shouldUseHashForSubUrl: false }
);
await PageObjects.header.waitUntilLoadingHasFinished();
};
return {
waitForPluginInitialized,
navigateToBenchnmarkPage,
benchmarkPage,
};
}

5
x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts
View file

@ -337,6 +337,10 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider
return trueOrFalse;
};
const getUnprivilegedPrompt = async () => {
return await testSubjects.find('status-api-unprivileged');
};
return {
navigateToLatestFindingsPage,
navigateToLatestVulnerabilitiesPage,
@ -356,5 +360,6 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider
findingsGrouping,
createDataTableObject,
isLatestFindingsTableThere,
getUnprivilegedPrompt,
};
}

4
x-pack/test/cloud_security_posture_functional/page_objects/index.ts
View file

@ -10,6 +10,8 @@ import { FindingsPageProvider } from './findings_page';
import { CspDashboardPageProvider } from './csp_dashboard_page';
import { AddCisIntegrationFormPageProvider } from './add_cis_integration_form_page';
import { VulnerabilityDashboardPageProvider } from './vulnerability_dashboard_page_object';
import { BenchmarkPagePageProvider } from './benchmark_page';
import { CspSecurityCommonProvider } from './security_common';
import { RulePagePageProvider } from './rule_page';
export const cloudSecurityPosturePageObjects = {
@ -18,6 +20,8 @@ export const cloudSecurityPosturePageObjects = {
cisAddIntegration: AddCisIntegrationFormPageProvider,
vulnerabilityDashboard: VulnerabilityDashboardPageProvider,
rule: RulePagePageProvider,
benchmark: BenchmarkPagePageProvider,
cspSecurity: CspSecurityCommonProvider,
};
export const pageObjects = {
...xpackFunctionalPageObjects,

128
x-pack/test/cloud_security_posture_functional/page_objects/security_common.ts Normal file
View file

@ -0,0 +1,128 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { FtrProviderContext } from '../ftr_provider_context';
export function CspSecurityCommonProvider({ getPageObjects, getService }: FtrProviderContext) {
const security = getService('security');
const pageObjects = getPageObjects(['security']);
const roles = [
{
name: 'csp_viewer',
elasticsearch: {
indices: [
{
names: ['logs-cloud_security_posture.findings-*'],
privileges: ['read'],
},
{
names: ['logs-cloud_security_posture.findings_latest-*'],
privileges: ['read'],
},
{
names: ['logs-cloud_security_posture.scores-*'],
privileges: ['read'],
},
],
},
kibana: [
{
base: ['all'],
spaces: ['*'],
},
],
},
{
name: 'missing_access_findings_latest_role',
elasticsearch: {
indices: [
{
names: ['logs-cloud_security_posture.findings-*'],
privileges: ['read'],
},
{
names: ['logs-cloud_security_posture.scores-*'],
privileges: ['read'],
},
],
},
kibana: [
{
base: ['all'],
spaces: ['*'],
},
],
},
];
const users = [
{
name: 'csp_read_user',
full_name: 'csp viewer',
password: 'test123',
roles: ['csp_viewer'],
},
{
name: 'csp_missing_latest_findings_access_user',
full_name: 'missing latest findings index access',
password: 'csp123',
roles: ['missing_access_findings_latest_role'],
},
];
return {
async createRoles() {
for (const role of roles) {
await security.role.create(role.name, {
elasticsearch: role.elasticsearch,
kibana: role.kibana,
});
}
},
async createUsers() {
for (const user of users) {
await security.user.create(user.name, {
password: user.password,
roles: user.roles,
full_name: user.full_name,
});
}
},
async login(user: string) {
await pageObjects.security.login(user, this.getPasswordForUser(user), {
expectSpaceSelector: false,
});
},
async logout() {
await pageObjects.security.forceLogout();
},
async cleanRoles() {
for (const role of roles) {
await security.role.delete(role.name);
}
},
async cleanUsers() {
for (const user of users) {
await security.user.delete(user.name);
}
},
getPasswordForUser(user: string): string {
const userConfig = users.find((u) => u.name === user);
if (userConfig === undefined) {
throw new Error(`Can't log in user ${user} - not defined`);
}
return userConfig.password;
},
};
}

79
x-pack/test/cloud_security_posture_functional/pages/benchmark.ts Normal file
View file

@ -0,0 +1,79 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import { k8sFindingsMock } from '../mocks/latest_findings_mock';
import type { FtrProviderContext } from '../ftr_provider_context';
// eslint-disable-next-line import/no-default-export
export default function ({ getPageObjects, getService }: FtrProviderContext) {
const kibanaServer = getService('kibanaServer');
const pageObjects = getPageObjects([
'common',
'cspSecurity',
'cloudPostureDashboard',
'rule',
'benchmark',
'findings',
]);
describe('Access with custom roles', async () => {
let cspSecurity = pageObjects.cspSecurity;
let rule: typeof pageObjects.rule;
let benchmark: typeof pageObjects.benchmark;
let findings: typeof pageObjects.findings;
before(async () => {
benchmark = pageObjects.benchmark;
cspSecurity = pageObjects.cspSecurity;
await benchmark.waitForPluginInitialized();
await kibanaServer.savedObjects.clean({
types: ['cloud-security-posture-settings'],
});
});
// Blocked by https://github.com/elastic/kibana/issues/184621
it.skip('Access with valid user role', async () => {
await cspSecurity.logout();
await cspSecurity.login('csp_read_user');
await benchmark.navigateToBenchnmarkPage();
expect(await benchmark.benchmarkPage.doesBenchmarkTableExists());
});
// Blocked by https://github.com/elastic/kibana/issues/184621
it.skip('Access with invalid user role', async () => {});
// The entire describe block bellow should move to rule.ts byt the page test is blocked by:
// FLAKY: https://github.com/elastic/kibana/issues/178413
describe('Access with custom roles - rule page', async () => {
before(async () => {
findings = pageObjects.findings;
rule = pageObjects.rule;
await findings.index.add(k8sFindingsMock);
});
after(async () => {
await findings.index.remove();
});
afterEach(async () => {
// force logout to prevent the next test from failing
await cspSecurity.logout();
});
it('Access with valid user role', async () => {
await cspSecurity.logout();
await cspSecurity.login('csp_read_user');
await rule.navigateToRulePage('cis_k8s', '1.0.1');
expect(await rule.rulePage.toggleBulkActionButton());
});
// Blocked by https://github.com/elastic/kibana/issues/184621
it.skip('Access with invalid user role', async () => {});
});
});
}

27
x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts
View file

@ -12,7 +12,7 @@ import type { FtrProviderContext } from '../ftr_provider_context';
// eslint-disable-next-line import/no-default-export
export default function ({ getPageObjects, getService }: FtrProviderContext) {
const retry = getService('retry');
const pageObjects = getPageObjects(['common', 'cloudPostureDashboard', 'header']);
const pageObjects = getPageObjects(['common', 'cspSecurity', 'cloudPostureDashboard', 'header']);
const chance = new Chance();
const data = [
@ -36,10 +36,13 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
this.tags(['cloud_security_posture_compliance_dashboard']);
let cspDashboard: typeof pageObjects.cloudPostureDashboard;
let dashboard: typeof pageObjects.cloudPostureDashboard.dashboard;
let cspSecurity = pageObjects.cspSecurity;
before(async () => {
cspDashboard = pageObjects.cloudPostureDashboard;
dashboard = pageObjects.cloudPostureDashboard.dashboard;
cspSecurity = pageObjects.cspSecurity;
await cspDashboard.waitForPluginInitialized();
await cspDashboard.index.add(data);
@ -66,5 +69,27 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
// describe('TODO - Cloud Dashboard', () => {
// it('todo - displays accurate summary compliance score', async () => {});
// });
describe('Access with custom roles', async () => {
this.afterEach(async () => {
// force logout to prevent the next test from failing
await cspSecurity.logout();
});
it('Access with valid user role', async () => {
await cspSecurity.logout();
await cspSecurity.login('csp_read_user');
await cspDashboard.navigateToComplianceDashboardPage();
await retry.waitFor(
'Cloud posture integration dashboard to be displayed',
async () => !!dashboard.getIntegrationDashboardContainer()
);
const scoreElement = await dashboard.getKubernetesComplianceScore();
expect((await scoreElement.getVisibleText()) === '0%').to.be(true); // based on the ingested findings
});
// Blocked by https://github.com/elastic/kibana/issues/184621
it.skip('todo - Access with invalid user role', async () => {});
});
});
}

29
x-pack/test/cloud_security_posture_functional/pages/findings.ts
View file

@ -23,7 +23,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
const retry = getService('retry');
const supertest = getService('supertest');
const kibanaServer = getService('kibanaServer');
const pageObjects = getPageObjects(['common', 'findings', 'header']);
const pageObjects = getPageObjects(['common', 'cspSecurity', 'findings', 'header']);
const chance = new Chance();
const timeFiveHoursAgo = (Date.now() - 18000000).toString();
@ -120,6 +120,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
let findings: typeof pageObjects.findings;
let latestFindingsTable: typeof findings.latestFindingsTable;
let distributionBar: typeof findings.distributionBar;
let cspSecurity = pageObjects.cspSecurity;
beforeEach(async () => {
await kibanaServer.savedObjects.clean({
@ -129,6 +130,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
findings = pageObjects.findings;
latestFindingsTable = findings.latestFindingsTable;
distributionBar = findings.distributionBar;
cspSecurity = pageObjects.cspSecurity;
// Before we start any test we must wait for cloud_security_posture plugin to complete its initialization
await findings.waitForPluginInitialized();
@ -391,5 +393,30 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
expect(await latestFindingsTable.getFindingsCount('passed')).to.eql(passedFindingsCount);
});
});
describe('Access with custom roles', async () => {
this.afterEach(async () => {
// force logout to prevent the next test from failing
await cspSecurity.logout();
});
it('Access with valid user role', async () => {
await cspSecurity.logout();
await cspSecurity.login('csp_read_user');
await findings.navigateToLatestFindingsPage();
pageObjects.header.waitUntilLoadingHasFinished();
expect(await latestFindingsTable.getRowsCount()).to.be.greaterThan(0);
});
it('Access with invalid user role', async () => {
await cspSecurity.logout();
await cspSecurity.login('csp_missing_latest_findings_access_user');
await findings.navigateToLatestFindingsPage();
pageObjects.header.waitUntilLoadingHasFinished();
expect(await findings.getUnprivilegedPrompt());
});
});
});
}

2
x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts
View file

@ -158,6 +158,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
});
after(async () => {
await findings.navigateToLatestFindingsPage();
await pageObjects.header.waitUntilLoadingHasFinished();
const groupSelector = await findings.groupSelector();
await groupSelector.openDropDown();
await groupSelector.setValue('None');

12
x-pack/test/cloud_security_posture_functional/pages/index.ts
View file

@ -8,8 +8,17 @@
import { FtrProviderContext } from '../ftr_provider_context';
// eslint-disable-next-line import/no-default-export
export default function ({ loadTestFile }: FtrProviderContext) {
export default function ({ getPageObjects, loadTestFile }: FtrProviderContext) {
const pageObjects = getPageObjects(['cspSecurity']);
describe('Cloud Security Posture', function () {
let cspSecurity = pageObjects.cspSecurity;
before(async () => {
cspSecurity = pageObjects.cspSecurity;
await cspSecurity.createRoles();
await cspSecurity.createUsers();
});
loadTestFile(require.resolve('./rules'));
loadTestFile(require.resolve('./findings_onboarding'));
loadTestFile(require.resolve('./findings'));
@ -26,5 +35,6 @@ export default function ({ loadTestFile }: FtrProviderContext) {
loadTestFile(require.resolve('./findings_old_data'));
loadTestFile(require.resolve('./vulnerabilities'));
loadTestFile(require.resolve('./vulnerabilities_grouping'));
loadTestFile(require.resolve('./benchmark'));
});
}