[Security Solution] Preparing Cypress for SAML changes (#172140)

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_status.cy.ts

@@ -247,7 +247,7 @@ describe.skip('Changing alert status', { tags: ['@ess', '@serverless'] }, () =>
       deleteAlertsAndRules();
       createRule(getNewRule());
       login(ROLES.reader);
-      visit(ALERTS_URL, { role: ROLES.reader });
+      visit(ALERTS_URL);
       waitForAlertsToPopulate();
     });
     it('should not allow users to change a single alert status', () => {

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts

@@ -25,7 +25,7 @@ import {
 
 const loadPageAsPlatformEngineerUser = (url: string) => {
   login(ROLES.soc_manager);
-  visit(url, { role: ROLES.soc_manager });
+  visit(url);
   waitForPageTitleToBeShown();
 };
 

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/missing_privileges_callout.cy.ts

@@ -25,13 +25,13 @@ import { ruleDetailsUrl } from '../../../urls/rule_details';
 
 const loadPageAsReadOnlyUser = (url: string) => {
   login(ROLES.t1_analyst);
-  visit(url, { role: ROLES.t1_analyst });
+  visit(url);
   waitForPageTitleToBeShown();
 };
 
 const loadPageAsPlatformEngineer = (url: string) => {
   login(ROLES.platform_engineer);
-  visit(url, { role: ROLES.platform_engineer });
+  visit(url);
   waitForPageTitleToBeShown();
 };
 

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts

@@ -33,7 +33,7 @@ describe('All rules - read only', { tags: ['@ess', '@serverless', '@skipInServer
 
   beforeEach(() => {
     login(ROLES.t1_analyst);
-    visitRulesManagementTable(ROLES.t1_analyst);
+    visitRulesManagementTable();
     cy.get(RULE_NAME).should('have.text', getNewRule().name);
   });
 

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_update_authorization.cy.ts

@@ -57,12 +57,12 @@ const RULE_2 = createRuleAssetSavedObject({
 
 const loadPageAsReadOnlyUser = (url: string) => {
   login(ROLES.t1_analyst);
-  visit(url, { role: ROLES.t1_analyst });
+  visit(url);
 };
 
 const loginPageAsWriteAuthorizedUser = (url: string) => {
   login(ROLES.t3_analyst);
-  visit(url, { role: ROLES.t3_analyst });
+  visit(url);
 };
 
 describe(

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts

@@ -148,7 +148,7 @@ describe(
     context('Restricted action privileges', () => {
       it("User with no privileges can't add rule actions", () => {
         login(ROLES.hunter_no_actions);
-        visitRulesManagementTable(ROLES.hunter_no_actions);
+        visitRulesManagementTable();
 
         expectManagementTableRules([
           ruleNameToAssert,

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_permissions.cy.ts

@@ -5,31 +5,24 @@
  * 2.0.
  */
 
-import { loginWithUser } from '../../../tasks/login';
-import { visitWithUser } from '../../../tasks/navigation';
+import { ROLES } from '@kbn/security-solution-plugin/common/test';
 
 import { hostsUrl } from '../../../urls/navigation';
 import { postDataView } from '../../../tasks/api_calls/common';
-import {
-  createUsersAndRoles,
-  secReadCasesAll,
-  secReadCasesAllUser,
-} from '../../../tasks/privileges';
 import { TOASTER } from '../../../screens/configure_cases';
+import { visit } from '../../../tasks/navigation';
+import { login } from '../../../tasks/login';
 
-const usersToCreate = [secReadCasesAllUser];
-const rolesToCreate = [secReadCasesAll];
 const dataViews = ['auditbeat-*,fakebeat-*', 'auditbeat-*,*beat*,siem-read*,.kibana*,fakebeat-*'];
 
-describe('Sourcerer permissions', { tags: ['@ess', '@skipInServerless'] }, () => {
+describe('Sourcerer permissions', { tags: ['@ess', '@brokenInServerless'] }, () => {
   before(() => {
     dataViews.forEach((dataView: string) => postDataView(dataView));
-    createUsersAndRoles(usersToCreate, rolesToCreate);
   });
 
-  it(`role(s) ${secReadCasesAllUser.roles.join()} shows error when user does not have permissions`, () => {
-    loginWithUser(secReadCasesAllUser);
-    visitWithUser(hostsUrl('allHosts'), secReadCasesAllUser);
+  it(`role Hunter No actions  shows error when user does not have permissions`, () => {
+    login(ROLES.hunter_no_actions);
+    visit(hostsUrl('allHosts'));
     cy.get(TOASTER).should('have.text', 'Write role required to generate data');
   });
 });

x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/permissions.cy.ts

@@ -16,7 +16,7 @@ describe('value list permissions', { tags: ['@ess', '@skipInServerless'] }, () =
   describe('user with restricted access role', () => {
     it('Does not allow a t1 analyst user to upload a value list', () => {
       login(ROLES.t1_analyst);
-      visit(RULES_MANAGEMENT_URL, { role: ROLES.t1_analyst });
+      visit(RULES_MANAGEMENT_URL);
       cy.get(VALUE_LISTS_MODAL_ACTIVATOR).should('have.attr', 'disabled');
     });
   });

x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/entity_analytics_management_page_privileges_callout.ts

@@ -18,7 +18,7 @@ import { ENTITY_ANALYTICS_MANAGEMENT_URL } from '../../urls/navigation';
 
 const loadPageAsUserWithNoPrivileges = () => {
   login(ROLES.no_risk_engine_privileges);
-  visit(ENTITY_ANALYTICS_MANAGEMENT_URL, { role: ROLES.no_risk_engine_privileges });
+  visit(ENTITY_ANALYTICS_MANAGEMENT_URL);
 };
 
 // this test suite doesn't run on serverless because it requires a custom role

x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts

@@ -55,7 +55,7 @@ describe('Exceptions viewer read only', { tags: ['@ess'] }, () => {
     });
 
     login(ROLES.t1_analyst);
-    visitRulesManagementTable(ROLES.t1_analyst);
+    visitRulesManagementTable();
     goToRuleDetailsOf('Test exceptions rule');
     goToExceptionsTab();
   });

x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts

@@ -32,7 +32,7 @@ describe('Shared exception lists - read only', { tags: ['@ess', '@skipInServerle
     createExceptionList(getExceptionList(), getExceptionList().list_id);
 
     login(ROLES.t1_analyst);
-    visit(EXCEPTIONS_URL, { role: ROLES.t1_analyst });
+    visit(EXCEPTIONS_URL);
 
     // Using cy.contains because we do not care about the exact text,
     // just checking number of lists shown

x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts

@@ -20,7 +20,7 @@ import { LOADING_INDICATOR } from '../../../screens/security_header';
 
 const loadDetectionsPage = (role: SecurityRoleName) => {
   login(role);
-  visit(ALERTS_URL, { role });
+  visit(ALERTS_URL);
   waitForAlertsToPopulate();
 };
 

x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/privileges.cy.ts

@@ -18,7 +18,7 @@ import {
   filterStatusOpen,
 } from '../../../tasks/create_new_case';
 import { login, loginWithUser } from '../../../tasks/login';
-import { visitWithUser } from '../../../tasks/navigation';
+import { visit } from '../../../tasks/navigation';
 import {
   createUsersAndRoles,
   deleteUsersAndRoles,
@@ -66,7 +66,7 @@ describe('Cases privileges', { tags: ['@ess'] }, () => {
   for (const user of [secAllUser, secReadCasesAllUser, secAllCasesNoDeleteUser]) {
     it(`User ${user.username} with role(s) ${user.roles.join()} can create a case`, () => {
       loginWithUser(user);
-      visitWithUser(CASES_URL, user);
+      visit(CASES_URL);
       goToCreateNewCase();
       fillCasesMandatoryfields(testCase);
       createCase();
@@ -80,7 +80,7 @@ describe('Cases privileges', { tags: ['@ess'] }, () => {
   for (const user of [secAllCasesOnlyReadDeleteUser]) {
     it(`User ${user.username} with role(s) ${user.roles.join()} cannot create a case`, () => {
       loginWithUser(user);
-      visitWithUser(CASES_URL, user);
+      visit(CASES_URL);
       cy.get(ALL_CASES_CREATE_NEW_CASE_BTN).should('not.exist');
     });
   }

x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/creation.cy.ts

@@ -90,7 +90,7 @@ describe('Timelines', (): void => {
     context('Privileges: READ', { tags: '@ess' }, () => {
       beforeEach(() => {
         login(ROLES.t1_analyst);
-        visitWithTimeRange(OVERVIEW_URL, { role: ROLES.t1_analyst });
+        visitWithTimeRange(OVERVIEW_URL);
       });
 
       it('should not be able to create/update timeline ', () => {

x-pack/test/security_solution_cypress/cypress/tasks/edit_rule.ts

@@ -5,13 +5,12 @@
  * 2.0.
  */
 
-import type { SecurityRoleName } from '@kbn/security-solution-plugin/common/test';
 import { BACK_TO_RULE_DETAILS, EDIT_SUBMIT_BUTTON } from '../screens/edit_rule';
 import { editRuleUrl } from '../urls/edit_rule';
 import { visit } from './navigation';
 
-export function visitEditRulePage(ruleId: string, role?: SecurityRoleName): void {
-  visit(editRuleUrl(ruleId), { role });
+export function visitEditRulePage(ruleId: string): void {
+  visit(editRuleUrl(ruleId));
 }
 
 export const saveEditedRule = () => {

x-pack/test/security_solution_cypress/cypress/tasks/login.ts

@@ -6,8 +6,6 @@
  */
 
 import * as yaml from 'js-yaml';
-import type { UrlObject } from 'url';
-import Url from 'url';
 import { LoginState } from '@kbn/security-plugin/common/login_state';
 import type { SecurityRoleName } from '@kbn/security-solution-plugin/common/test';
 import { KNOWN_SERVERLESS_ROLE_DEFINITIONS } from '@kbn/security-solution-plugin/common/test';
@@ -65,29 +63,6 @@ export const loginWithUser = (user: User): void => {
   loginWithUsernameAndPassword(user.username, user.password);
 };
 
-/**
- * cy.visit will default to the baseUrl which uses the default kibana test user
- * This function will override that functionality in cy.visit by building the baseUrl
- * directly from the environment variables set up in x-pack/test/security_solution_cypress/runner.ts
- *
- * @param role string role/user to log in with
- * @param route string route to visit
- */
-export const getUrlWithRoute = (role: SecurityRoleName, route: string): string => {
-  const url = Cypress.config().baseUrl;
-  const kibana = new URL(String(url));
-  const theUrl = `${Url.format({
-    auth: `${role}:changeme`,
-    username: role,
-    password: 'changeme',
-    protocol: kibana.protocol.replace(':', ''),
-    hostname: kibana.hostname,
-    port: kibana.port,
-  } as UrlObject)}${route.startsWith('/') ? '' : '/'}${route}`;
-  cy.log(`origin: ${theUrl}`);
-  return theUrl;
-};
-
 /**
  * Builds a URL with basic auth using the passed in user.
  *

x-pack/test/security_solution_cypress/cypress/tasks/navigation.ts

@@ -8,34 +8,24 @@
 import { encode } from '@kbn/rison';
 
 import { NEW_FEATURES_TOUR_STORAGE_KEYS } from '@kbn/security-solution-plugin/common/constants';
-import type { SecurityRoleName } from '@kbn/security-solution-plugin/common/test';
 import { GET_STARTED_URL, hostDetailsUrl, userDetailsUrl } from '../urls/navigation';
-import { constructUrlWithUser, getUrlWithRoute, User } from './login';
 
 export const visit = (
   url: string,
   options?: {
     visitOptions?: Partial<Cypress.VisitOptions>;
-    role?: SecurityRoleName;
   }
 ) => {
-  cy.visit(options?.role ? getUrlWithRoute(options.role, url) : url, {
+  cy.visit(url, {
     onBeforeLoad: disableNewFeaturesTours,
     ...options?.visitOptions,
   });
 };
 
-export const visitWithUser = (url: string, user: User) => {
-  cy.visit(constructUrlWithUser(user, url), {
-    onBeforeLoad: disableNewFeaturesTours,
-  });
-};
-
 export const visitWithTimeRange = (
   url: string,
   options?: {
     visitOptions?: Partial<Cypress.VisitOptions>;
-    role?: SecurityRoleName;
   }
 ) => {
   const timerangeConfig = {
@@ -57,7 +47,7 @@ export const visitWithTimeRange = (
     },
   });
 
-  cy.visit(options?.role ? getUrlWithRoute(options.role, url) : url, {
+  cy.visit(url, {
     ...options,
     qs: {
       ...options?.visitOptions?.qs,
@@ -74,9 +64,9 @@ export const visitWithTimeRange = (
   });
 };
 
-export const visitTimeline = (timelineId: string, role?: SecurityRoleName) => {
+export const visitTimeline = (timelineId: string) => {
   const route = `/app/security/timelines?timeline=(id:'${timelineId}',isOpen:!t)`;
-  cy.visit(role ? getUrlWithRoute(role, route) : route, {
+  cy.visit(route, {
     onBeforeLoad: disableNewFeaturesTours,
   });
 };

x-pack/test/security_solution_cypress/cypress/tasks/rule_details.ts

@@ -51,7 +51,7 @@ interface VisitRuleDetailsPageOptions {
 }
 
 export function visitRuleDetailsPage(ruleId: string, options?: VisitRuleDetailsPageOptions): void {
-  visit(ruleDetailsUrl(ruleId, options?.tab), { role: options?.role });
+  visit(ruleDetailsUrl(ruleId, options?.tab));
 }
 
 export const enablesRule = () => {

x-pack/test/security_solution_cypress/cypress/tasks/rules_management.ts

@@ -5,15 +5,14 @@
  * 2.0.
  */
 
-import type { SecurityRoleName } from '@kbn/security-solution-plugin/common/test';
 import { LAST_BREADCRUMB, RULE_MANAGEMENT_PAGE_BREADCRUMB } from '../screens/breadcrumbs';
 import { RULES_MANAGEMENT_URL } from '../urls/rules_management';
 import { resetRulesTableState } from './common';
 import { visit } from './navigation';
 
-export function visitRulesManagementTable(role?: SecurityRoleName): void {
+export function visitRulesManagementTable(): void {
   resetRulesTableState(); // Clear persistent rules filter data before page loading
-  visit(RULES_MANAGEMENT_URL, { role });
+  visit(RULES_MANAGEMENT_URL);
 }
 
 export function openRuleManagementPageViaBreadcrumbs(): void {