diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts index 1175734e7887..01bd3e946043 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts @@ -13,5 +13,6 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./perform_bulk_action_dry_run_ess')); loadTestFile(require.resolve('./perform_bulk_action')); loadTestFile(require.resolve('./perform_bulk_action_ess')); + loadTestFile(require.resolve('./perform_bulk_enable_disable.ts')); }); } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts index c6c85751593a..a0e62fbaaad7 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts @@ -273,42 +273,6 @@ export default ({ getService }: FtrProviderContext): void => { await fetchRule(ruleId).expect(404); }); - it('should enable rules', async () => { - const ruleId = 'ruleId'; - await createRule(supertest, log, getSimpleRule(ruleId)); - - const { body } = await postBulkAction() - .send({ query: '', action: BulkActionTypeEnum.enable }) - .expect(200); - - expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 }); - - // Check that the updated rule is returned with the response - expect(body.attributes.results.updated[0].enabled).toEqual(true); - - // Check that the updates have been persisted - const { body: ruleBody } = await fetchRule(ruleId).expect(200); - expect(ruleBody.enabled).toEqual(true); - }); - - it('should disable rules', async () => { - const ruleId = 'ruleId'; - await createRule(supertest, log, getSimpleRule(ruleId, true)); - - const { body } = await postBulkAction() - .send({ query: '', action: BulkActionTypeEnum.disable }) - .expect(200); - - expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 }); - - // Check that the updated rule is returned with the response - expect(body.attributes.results.updated[0].enabled).toEqual(false); - - // Check that the updates have been persisted - const { body: ruleBody } = await fetchRule(ruleId).expect(200); - expect(ruleBody.enabled).toEqual(false); - }); - it('should duplicate rules', async () => { const ruleId = 'ruleId'; const ruleToDuplicate = getCustomQueryRuleParams({ diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts new file mode 100644 index 000000000000..1baa69cd8dfb --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts @@ -0,0 +1,70 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import { BulkActionTypeEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management'; +import { getCustomQueryRuleParams, fetchRule } from '../../../utils'; +import { createRule, deleteAllRules } from '../../../../../../common/utils/security_solution'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; + +export default ({ getService }: FtrProviderContext): void => { + const supertest = getService('supertest'); + const securitySolutionApi = getService('securitySolutionApi'); + const log = getService('log'); + + describe('@ess @serverless @serverlessQA Bulk enable/disable', () => { + beforeEach(async () => { + await deleteAllRules(supertest, log); + }); + + it('should enable rules', async () => { + const ruleId = 'ruleId'; + await createRule( + supertest, + log, + getCustomQueryRuleParams({ rule_id: ruleId, enabled: false }) + ); + + const { body } = await securitySolutionApi.performRulesBulkAction({ + query: {}, + body: { action: BulkActionTypeEnum.enable }, + }); + + expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 }); + + // Check that the updated rule is returned with the response + expect(body.attributes.results.updated[0].enabled).toEqual(true); + + // Check that the updates have been persisted + const ruleBody = await fetchRule(supertest, { ruleId }); + expect(ruleBody.enabled).toEqual(true); + }); + + it('should disable rules', async () => { + const ruleId = 'ruleId'; + await createRule( + supertest, + log, + getCustomQueryRuleParams({ rule_id: ruleId, enabled: true }) + ); + + const { body } = await securitySolutionApi.performRulesBulkAction({ + query: {}, + body: { action: BulkActionTypeEnum.disable }, + }); + + expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 }); + + // Check that the updated rule is returned with the response + expect(body.attributes.results.updated[0].enabled).toEqual(false); + + // Check that the updates have been persisted + const ruleBody = await fetchRule(supertest, { ruleId }); + expect(ruleBody.enabled).toEqual(false); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts index 6d061b9b7609..3c10ba17dbdc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts @@ -68,7 +68,7 @@ export default ({ getService }: FtrProviderContext) => { }); }); - it('@serverless should give a 200 when trying to create a single Machine Learning rule since the license is essentials', async () => { + it('@serverless @serverlessQA should give a 200 when trying to create a single Machine Learning rule since the license is essentials', async () => { const { body } = await supertest .post(DETECTION_ENGINE_RULES_URL) .set('kbn-xsrf', 'true') diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts index 5bad760d3f91..9f1f662e40cb 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts @@ -39,7 +39,7 @@ export default ({ getService }: FtrProviderContext) => { const dataPathBuilder = new EsArchivePathBuilder(isServerless); const auditbeatPath = dataPathBuilder.getPath('auditbeat/hosts'); - describe('@ess @serverless create_rules', () => { + describe('@ess @serverless @serverlessQA create_rules', () => { describe('creating rules', () => { before(async () => { await esArchiver.load(auditbeatPath); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts index 529c3615e9e8..e212a57c39d8 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts @@ -38,7 +38,7 @@ export default ({ getService }: FtrProviderContext): void => { const auditbeatPath = dataPathBuilder.getPath('auditbeat/hosts'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless create_rules_bulk', () => { + describe('@ess @serverless @skipInServerlessMKI create_rules_bulk', () => { describe('creating rules in bulk', () => { before(async () => { await esArchiver.load(auditbeatPath); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts index 9b8c41c9ef84..ef5d32d776ec 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts @@ -20,7 +20,7 @@ export default ({ getService }: FtrProviderContext) => { /** * Specific api integration tests for new terms rule type */ - describe('@serverless @ess create_new_terms', () => { + describe('@serverless @ess @serverlessQA create_new_terms', () => { beforeEach(async () => { await deleteAllRules(supertest, log); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts index c3bdc9b4661d..10bde240ec36 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts @@ -50,7 +50,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@serverless @ess create_rules', () => { + describe('@serverless @ess @serverlessQA create_rules', () => { describe('rule creation', () => { before(async () => { await es.indices.delete({ index: 'logs-test', ignore_unavailable: true }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts index 02474fdb91d2..6b238146e0dc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => { const dataPathBuilder = new EsArchivePathBuilder(isServerless); const path = dataPathBuilder.getPath('auditbeat/hosts'); - describe('@serverless @ess preview_rules', () => { + describe('@serverless @ess @serverlessQA preview_rules', () => { describe('previewing rules', () => { before(async () => { await esArchiver.load(path); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts index 75e3be0d825e..cdce8189f270 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless delete_rules', () => { + describe('@ess @serverless @skipInServerlessMKI delete_rules', () => { describe('deleting rules', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts index bfde40d8b0db..dd73fa4d848b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts @@ -32,7 +32,7 @@ export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless delete_rules_bulk', () => { + describe('@ess @serverless @skipInServerlessMKI delete_rules_bulk', () => { describe('deleting rules bulk using DELETE', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts index 4e2628f196c2..f286f4c08dd0 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless delete_rules', () => { + describe('@ess @serverless @skipInServerlessMKI delete_rules', () => { describe('deleting rules', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts index 783d0bb42fd8..e64cc2e78a6e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts @@ -16,7 +16,7 @@ export default ({ getService }: FtrProviderContext): void => { const log = getService('log'); const securitySolutionApi = getService('securitySolutionApi'); - describe('@ess @serverless export_rules', () => { + describe('@ess @serverless @serverlessQA export_rules', () => { describe('exporting rules', () => { afterEach(async () => { await deleteAllRules(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts index fb02b47067f8..e7c2f8273fb9 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts @@ -17,7 +17,7 @@ export default ({ getService }: FtrProviderContext): void => { const securitySolutionApi = getService('securitySolutionApi'); const log = getService('log'); - describe('@ess @serverless import_rules', () => { + describe('@ess @serverless @serverlessQA import_rules', () => { describe('importing rules with an index', () => { afterEach(async () => { await deleteAllRules(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts index f526f18b3f68..186e3b2cce59 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts @@ -66,7 +66,7 @@ export default ({ getService }: FtrProviderContext): void => { }); // Both serverless and ESS - describe('@serverless @ess tests', () => { + describe('@ess @serverless @skipInServerlessMKI tests', () => { describe('base cases', () => { it('returns an empty response if there are no rules', async () => { const body = await getCoverageOverview(supertest); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts index 673d6d652f6d..0c7b47e9cf5c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts @@ -23,7 +23,7 @@ export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); const log = getService('log'); - describe('@ess @serverless get_rule_management_filters', () => { + describe('@ess @serverless @serverlessQA get_rule_management_filters', () => { beforeEach(async () => { await deleteAllRules(supertest, log); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts index 9763967b57b3..a567eb78a776 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless patch_rules', () => { + describe('@ess @serverless @serverlessQA patch_rules', () => { describe('patch rules', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts index 207456d48f43..086909fc4945 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless patch_rules_bulk', () => { + describe('@ess @serverless @skipInServerlessMKI patch_rules_bulk', () => { describe('patch rules bulk', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts index d21c78a68f5c..59dd94614850 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts @@ -24,7 +24,7 @@ export default ({ getService }: FtrProviderContext): void => { const log = getService('log'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless find_rules', () => { + describe('@ess @serverless @serverlessQA find_rules', () => { beforeEach(async () => { await deleteAllRules(supertest, log); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts index 21b31c702a7d..98fd58e4315d 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless read_rules', () => { + describe('@ess @serverless @serverlessQA read_rules', () => { describe('reading rules', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts index 2ef2890eeffa..23f04fa5303d 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts @@ -25,7 +25,7 @@ export default ({ getService }: FtrProviderContext): void => { const log = getService('log'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless find_rules', () => { + describe('@ess @serverless @skipInServerlessMKI find_rules', () => { beforeEach(async () => { await deleteAllRules(supertest, log); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts index 2e40bdb4d42a..8cc8d937b906 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts @@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless read_rules', () => { + describe('@ess @serverless @skipInServerlessMKI read_rules', () => { describe('reading rules', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts index 469da3bb7753..60e7bfe3ff88 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts @@ -33,7 +33,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless update_rules', () => { + describe('@ess @serverless @serverlessQA update_rules', () => { describe('update rules', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts index 6708fe5a5e39..f9faee0481bf 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts @@ -32,7 +32,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const utils = getService('securitySolutionUtils'); - describe('@ess @serverless update_rules_bulk', () => { + describe('@ess @serverless @skipInServerlessMKI update_rules_bulk', () => { describe('update rules bulk', () => { beforeEach(async () => { await createAlertsIndex(supertest, log); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/notifications.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/notifications.cy.ts index f92e4b0f5a1e..989e68425daf 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/notifications.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/notifications.cy.ts @@ -32,7 +32,7 @@ const RULE_1 = createRuleAssetSavedObject({ describe( 'Detection rules, Prebuilt Rules Installation and Update Notifications', - { tags: ['@ess', '@serverless'] }, + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { beforeEach(() => { login(); @@ -72,7 +72,7 @@ describe( }); // https://github.com/elastic/kibana/issues/179968 - describe('Notifications', { tags: ['@skipInServerlessMKI'] }, () => { + describe('Notifications', () => { beforeEach(() => { installPrebuiltRuleAssets([RULE_1]); }); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/prebuilt_rules_preview.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/prebuilt_rules_preview.cy.ts index 1ccb139133f3..86291d4eb9c7 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/prebuilt_rules_preview.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/prebuilt_rules_preview.cy.ts @@ -77,7 +77,7 @@ const PREVIEW_TABS = { describe( 'Detection rules, Prebuilt Rules Installation and Update workflow', - { tags: ['@ess', '@serverless'] }, + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { const commonProperties: Partial = { author: ['Elastic', 'Another author'], diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/update_workflow.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/update_workflow.cy.ts index da89d5b91ab4..87d936cb0e3e 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/update_workflow.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/update_workflow.cy.ts @@ -32,7 +32,7 @@ import { visitRulesManagementTable } from '../../../../tasks/rules_management'; describe( 'Detection rules, Prebuilt Rules Installation and Update workflow', - { tags: ['@ess', '@serverless'] }, + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { describe('Upgrade of prebuilt rules', () => { const RULE_1_ID = 'rule_1'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts index dd053ab958aa..2bcabb943dfb 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts @@ -50,78 +50,82 @@ const EXPIRED_EXCEPTION_ITEM_NAME = 'Sample exception item'; const NON_EXPIRED_EXCEPTION_ITEM_NAME = 'Sample exception item with future expiration'; -describe('Detection rules, bulk duplicate', { tags: ['@ess', '@serverless'] }, () => { - beforeEach(() => { - login(); - // Make sure persisted rules table state is cleared - resetRulesTableState(); - deleteAlertsAndRules(); - createRule( - getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false }) - ).then((response) => { - createRuleExceptionItem(response.body.id, [ - { - description: 'Exception item for rule default exception list', - entries: [ - { - field: 'user.name', - operator: 'included', - type: 'match', - value: 'some value', - }, - ], - name: EXPIRED_EXCEPTION_ITEM_NAME, - type: 'simple', - expire_time: expiredDate, - }, - { - description: 'Exception item for rule default exception list', - entries: [ - { - field: 'user.name', - operator: 'included', - type: 'match', - value: 'some value', - }, - ], - name: NON_EXPIRED_EXCEPTION_ITEM_NAME, - type: 'simple', - expire_time: futureDate, - }, - ]); - }); - - visitRulesManagementTable(); - disableAutoRefresh(); - }); +describe( + 'Detection rules, bulk duplicate', + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, + () => { + beforeEach(() => { + login(); + // Make sure persisted rules table state is cleared + resetRulesTableState(); + deleteAlertsAndRules(); + createRule( + getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false }) + ).then((response) => { + createRuleExceptionItem(response.body.id, [ + { + description: 'Exception item for rule default exception list', + entries: [ + { + field: 'user.name', + operator: 'included', + type: 'match', + value: 'some value', + }, + ], + name: EXPIRED_EXCEPTION_ITEM_NAME, + type: 'simple', + expire_time: expiredDate, + }, + { + description: 'Exception item for rule default exception list', + entries: [ + { + field: 'user.name', + operator: 'included', + type: 'match', + value: 'some value', + }, + ], + name: NON_EXPIRED_EXCEPTION_ITEM_NAME, + type: 'simple', + expire_time: futureDate, + }, + ]); + }); - it('Duplicates rules', () => { - selectAllRules(); - duplicateSelectedRulesWithoutExceptions(); - expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); - }); + visitRulesManagementTable(); + disableAutoRefresh(); + }); - describe('With exceptions', () => { - it('Duplicates rules with expired exceptions', () => { + it('Duplicates rules', () => { selectAllRules(); - duplicateSelectedRulesWithExceptions(); + duplicateSelectedRulesWithoutExceptions(); expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); - goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); - goToExceptionsTab(); - assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); - viewExpiredExceptionItems(); - assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [EXPIRED_EXCEPTION_ITEM_NAME]); }); - it('Duplicates rules with exceptions, excluding expired exceptions', () => { - selectAllRules(); - duplicateSelectedRulesWithNonExpiredExceptions(); - expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); - goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); - goToExceptionsTab(); - assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); - viewExpiredExceptionItems(); - assertNumberOfExceptionItemsExists(0); + describe('With exceptions', () => { + it('Duplicates rules with expired exceptions', () => { + selectAllRules(); + duplicateSelectedRulesWithExceptions(); + expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); + goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); + goToExceptionsTab(); + assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); + viewExpiredExceptionItems(); + assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [EXPIRED_EXCEPTION_ITEM_NAME]); + }); + + it('Duplicates rules with exceptions, excluding expired exceptions', () => { + selectAllRules(); + duplicateSelectedRulesWithNonExpiredExceptions(); + expectManagementTableRules([`${RULE_NAME} [Duplicate]`]); + goToRuleDetailsOf(`${RULE_NAME} [Duplicate]`); + goToExceptionsTab(); + assertExceptionItemsExists(EXCEPTION_CARD_ITEM_NAME, [NON_EXPIRED_EXCEPTION_ITEM_NAME]); + viewExpiredExceptionItems(); + assertNumberOfExceptionItemsExists(0); + }); }); - }); -}); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts index db70fc416b8e..5583842ca944 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts @@ -129,646 +129,650 @@ const defaultRuleData = { timeline_id: '495ad7a7-316e-4544-8a0f-9c098daee76e', }; -describe('Detection rules, bulk edit', { tags: ['@ess', '@serverless'] }, () => { - beforeEach(() => { - login(); - preventPrebuiltRulesPackageInstallation(); // Make sure prebuilt rules aren't pulled from Fleet API - // Make sure persisted rules table state is cleared - resetRulesTableState(); - deleteAlertsAndRules(); - createRule(getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false })); - createRule( - getEqlRule({ ...defaultRuleData, rule_id: '2', name: 'New EQL Rule', enabled: false }) - ); - createRule( - getMachineLearningRule({ - name: 'New ML Rule Test', - tags: ['test-default-tag-1', 'test-default-tag-2'], - investigation_fields: { field_names: prePopulatedInvestigationFields }, - enabled: false, - }) - ); - createRule( - getNewThreatIndicatorRule({ - ...defaultRuleData, - rule_id: '4', - name: 'Threat Indicator Rule Test', - enabled: false, - }) - ); - createRule( - getNewThresholdRule({ - ...defaultRuleData, - rule_id: '5', - name: 'Threshold Rule', - enabled: false, - }) - ); - createRule( - getNewTermsRule({ - ...defaultRuleData, - rule_id: '6', - name: 'New Terms Rule', - enabled: false, - }) - ); - - visitRulesManagementTable(); - disableAutoRefresh(); - }); +describe( + 'Detection rules, bulk edit', + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, + () => { + beforeEach(() => { + login(); + preventPrebuiltRulesPackageInstallation(); // Make sure prebuilt rules aren't pulled from Fleet API + // Make sure persisted rules table state is cleared + resetRulesTableState(); + deleteAlertsAndRules(); + createRule(getNewRule({ name: RULE_NAME, ...defaultRuleData, rule_id: '1', enabled: false })); + createRule( + getEqlRule({ ...defaultRuleData, rule_id: '2', name: 'New EQL Rule', enabled: false }) + ); + createRule( + getMachineLearningRule({ + name: 'New ML Rule Test', + tags: ['test-default-tag-1', 'test-default-tag-2'], + investigation_fields: { field_names: prePopulatedInvestigationFields }, + enabled: false, + }) + ); + createRule( + getNewThreatIndicatorRule({ + ...defaultRuleData, + rule_id: '4', + name: 'Threat Indicator Rule Test', + enabled: false, + }) + ); + createRule( + getNewThresholdRule({ + ...defaultRuleData, + rule_id: '5', + name: 'Threshold Rule', + enabled: false, + }) + ); + createRule( + getNewTermsRule({ + ...defaultRuleData, + rule_id: '6', + name: 'New Terms Rule', + enabled: false, + }) + ); - describe('Prerequisites', () => { - const PREBUILT_RULES = [ - createRuleAssetSavedObject({ - name: 'Prebuilt rule 1', - rule_id: 'rule_1', - }), - createRuleAssetSavedObject({ - name: 'Prebuilt rule 2', - rule_id: 'rule_2', - }), - ]; - - it('No rules selected', () => { - openBulkActionsMenu(); - - // when no rule selected all bulk edit options should be disabled - cy.get(TAGS_RULE_BULK_MENU_ITEM).should('be.disabled'); - cy.get(INDEX_PATTERNS_RULE_BULK_MENU_ITEM).should('be.disabled'); - cy.get(APPLY_TIMELINE_RULE_BULK_MENU_ITEM).should('be.disabled'); + visitRulesManagementTable(); + disableAutoRefresh(); }); - // github.com/elastic/kibana/issues/179954 - it('Only prebuilt rules selected', { tags: ['@skipInServerlessMKI'] }, () => { - createAndInstallMockedPrebuiltRules(PREBUILT_RULES); + describe('Prerequisites', () => { + const PREBUILT_RULES = [ + createRuleAssetSavedObject({ + name: 'Prebuilt rule 1', + rule_id: 'rule_1', + }), + createRuleAssetSavedObject({ + name: 'Prebuilt rule 2', + rule_id: 'rule_2', + }), + ]; + + it('No rules selected', () => { + openBulkActionsMenu(); + + // when no rule selected all bulk edit options should be disabled + cy.get(TAGS_RULE_BULK_MENU_ITEM).should('be.disabled'); + cy.get(INDEX_PATTERNS_RULE_BULK_MENU_ITEM).should('be.disabled'); + cy.get(APPLY_TIMELINE_RULE_BULK_MENU_ITEM).should('be.disabled'); + }); - // select Elastic(prebuilt) rules, check if we can't proceed further, as Elastic rules are not editable - filterByElasticRules(); - selectAllRulesOnPage(); - clickApplyTimelineTemplatesMenuItem(); + // github.com/elastic/kibana/issues/179954 + it('Only prebuilt rules selected', { tags: ['@skipInServerlessMKI'] }, () => { + createAndInstallMockedPrebuiltRules(PREBUILT_RULES); - getRulesManagementTableRows().then((rows) => { - // check modal window for Elastic rule that can't be edited - checkPrebuiltRulesCannotBeModified(rows.length); + // select Elastic(prebuilt) rules, check if we can't proceed further, as Elastic rules are not editable + filterByElasticRules(); + selectAllRulesOnPage(); + clickApplyTimelineTemplatesMenuItem(); - // the confirm button closes modal - cy.get(MODAL_CONFIRMATION_BTN).should('have.text', 'Close').click(); - cy.get(MODAL_CONFIRMATION_BODY).should('not.exist'); + getRulesManagementTableRows().then((rows) => { + // check modal window for Elastic rule that can't be edited + checkPrebuiltRulesCannotBeModified(rows.length); + + // the confirm button closes modal + cy.get(MODAL_CONFIRMATION_BTN).should('have.text', 'Close').click(); + cy.get(MODAL_CONFIRMATION_BODY).should('not.exist'); + }); }); - }); - // https://github.com/elastic/kibana/issues/179955 - it( - 'Prebuilt and custom rules selected: user proceeds with custom rules editing', - { tags: ['@skipInServerlessMKI'] }, - () => { - getRulesManagementTableRows().then((existedRulesRows) => { + // https://github.com/elastic/kibana/issues/179955 + it( + 'Prebuilt and custom rules selected: user proceeds with custom rules editing', + { tags: ['@skipInServerlessMKI'] }, + () => { + getRulesManagementTableRows().then((existedRulesRows) => { + createAndInstallMockedPrebuiltRules(PREBUILT_RULES); + + // modal window should show how many rules can be edit, how many not + selectAllRules(); + clickAddTagsMenuItem(); + + waitForMixedRulesBulkEditModal(existedRulesRows.length); + + getAvailablePrebuiltRulesCount().then((availablePrebuiltRulesCount) => { + checkPrebuiltRulesCannotBeModified(availablePrebuiltRulesCount); + }); + + // user can proceed with custom rule editing + cy.get(MODAL_CONFIRMATION_BTN) + .should('have.text', `Edit ${existedRulesRows.length} custom rules`) + .click(); + + // action should finish + typeTags(['test-tag']); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: existedRulesRows.length }); + }); + } + ); + + // https://github.com/elastic/kibana/issues/179956 + it( + 'Prebuilt and custom rules selected: user cancels action', + { tags: ['@skipInServerlessMKI'] }, + () => { createAndInstallMockedPrebuiltRules(PREBUILT_RULES); - // modal window should show how many rules can be edit, how many not - selectAllRules(); - clickAddTagsMenuItem(); + getRulesManagementTableRows().then((rows) => { + // modal window should show how many rules can be edit, how many not + selectAllRules(); + clickAddTagsMenuItem(); + waitForMixedRulesBulkEditModal(rows.length); - waitForMixedRulesBulkEditModal(existedRulesRows.length); + checkPrebuiltRulesCannotBeModified(PREBUILT_RULES.length); - getAvailablePrebuiltRulesCount().then((availablePrebuiltRulesCount) => { - checkPrebuiltRulesCannotBeModified(availablePrebuiltRulesCount); + // user cancels action and modal disappears + cancelConfirmationModal(); }); + } + ); - // user can proceed with custom rule editing - cy.get(MODAL_CONFIRMATION_BTN) - .should('have.text', `Edit ${existedRulesRows.length} custom rules`) - .click(); + it('should not lose rules selection after edit action', () => { + const rulesToUpdate = [RULE_NAME, 'New EQL Rule', 'New Terms Rule'] as const; + // Switch to 5 rules per page, to have few pages in pagination(ideal way to test auto refresh and selection of few items) + setRowsPerPageTo(5); + // and make the rules order isn't changing (set sorting by rule name) over time if rules are run + sortByTableColumn('Rule'); + selectRulesByName(rulesToUpdate); - // action should finish - typeTags(['test-tag']); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: existedRulesRows.length }); - }); - } - ); + // open add tags form and add 2 new tags + openBulkEditAddTagsForm(); + typeTags(['new-tag-1']); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rulesToUpdate.length }); + + testMultipleSelectedRulesLabel(rulesToUpdate.length); + // check if first four(rulesCount) rules still selected and tags are updated + for (const ruleName of rulesToUpdate) { + getRuleRow(ruleName).find(EUI_CHECKBOX).should('be.checked'); + getRuleRow(ruleName) + .find(RULES_TAGS_POPOVER_BTN) + .each(($el) => { + testTagsBadge($el, prePopulatedTags.concat(['new-tag-1'])); + }); + } + }); + }); - // https://github.com/elastic/kibana/issues/179956 - it( - 'Prebuilt and custom rules selected: user cancels action', - { tags: ['@skipInServerlessMKI'] }, - () => { - createAndInstallMockedPrebuiltRules(PREBUILT_RULES); + describe('Tags actions', () => { + it('Display list of tags in tags select', () => { + selectAllRules(); - getRulesManagementTableRows().then((rows) => { - // modal window should show how many rules can be edit, how many not - selectAllRules(); - clickAddTagsMenuItem(); - waitForMixedRulesBulkEditModal(rows.length); + openBulkEditAddTagsForm(); + openTagsSelect(); - checkPrebuiltRulesCannotBeModified(PREBUILT_RULES.length); + cy.get(EUI_FILTER_SELECT_ITEM) + .should('have.length', prePopulatedTags.length) + .each(($el, index) => { + cy.wrap($el).should('have.text', prePopulatedTags[index]); + }); + }); - // user cancels action and modal disappears - cancelConfirmationModal(); - }); - } - ); + it('Add tags to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; + const resultingTags = [...prePopulatedTags, ...tagsToBeAdded]; - it('should not lose rules selection after edit action', () => { - const rulesToUpdate = [RULE_NAME, 'New EQL Rule', 'New Terms Rule'] as const; - // Switch to 5 rules per page, to have few pages in pagination(ideal way to test auto refresh and selection of few items) - setRowsPerPageTo(5); - // and make the rules order isn't changing (set sorting by rule name) over time if rules are run - sortByTableColumn('Rule'); - selectRulesByName(rulesToUpdate); - - // open add tags form and add 2 new tags - openBulkEditAddTagsForm(); - typeTags(['new-tag-1']); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rulesToUpdate.length }); - - testMultipleSelectedRulesLabel(rulesToUpdate.length); - // check if first four(rulesCount) rules still selected and tags are updated - for (const ruleName of rulesToUpdate) { - getRuleRow(ruleName).find(EUI_CHECKBOX).should('be.checked'); - getRuleRow(ruleName) - .find(RULES_TAGS_POPOVER_BTN) - .each(($el) => { - testTagsBadge($el, prePopulatedTags.concat(['new-tag-1'])); - }); - } - }); - }); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - describe('Tags actions', () => { - it('Display list of tags in tags select', () => { - selectAllRules(); + selectAllRules(); - openBulkEditAddTagsForm(); - openTagsSelect(); + // open add tags form and add 2 new tags + openBulkEditAddTagsForm(); + typeTags(tagsToBeAdded); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - cy.get(EUI_FILTER_SELECT_ITEM) - .should('have.length', prePopulatedTags.length) - .each(($el, index) => { - cy.wrap($el).should('have.text', prePopulatedTags[index]); + // check if all rules have been updated with new tags + testAllTagsBadges(resultingTags); + + // check that new tags were added to tags filter + // tags in tags filter sorted alphabetically + const resultingTagsInFilter = [...resultingTags].sort(); + checkTagsInTagsFilter(resultingTagsInFilter, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); }); - }); + }); - it('Add tags to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; - const resultingTags = [...prePopulatedTags, ...tagsToBeAdded]; + it('Display success toast after adding tags', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - selectAllRules(); + selectAllRules(); - // open add tags form and add 2 new tags - openBulkEditAddTagsForm(); - typeTags(tagsToBeAdded); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + // open add tags form and add 2 new tags + openBulkEditAddTagsForm(); + typeTags(tagsToBeAdded); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); + }); + }); - // check if all rules have been updated with new tags - testAllTagsBadges(resultingTags); + it('Overwrite tags in custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToOverwrite = ['overwrite-tag-1']; - // check that new tags were added to tags filter - // tags in tags filter sorted alphabetically - const resultingTagsInFilter = [...resultingTags].sort(); - checkTagsInTagsFilter(resultingTagsInFilter, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - }); - }); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - it('Display success toast after adding tags', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToBeAdded = ['tag-to-add-1', 'tag-to-add-2']; + selectAllRules(); - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // open add tags form, check overwrite tags and warning message, type tags + openBulkEditAddTagsForm(); + checkOverwriteTagsCheckbox(); - selectAllRules(); + cy.get(RULES_BULK_EDIT_TAGS_WARNING).should( + 'have.text', + `You’re about to overwrite tags for ${rows.length} selected rules, press Save to apply changes.` + ); - // open add tags form and add 2 new tags - openBulkEditAddTagsForm(); - typeTags(tagsToBeAdded); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); - }); - }); + typeTags(tagsToOverwrite); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - it('Overwrite tags in custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToOverwrite = ['overwrite-tag-1']; + // check if all rules have been updated with new tags + testAllTagsBadges(tagsToOverwrite); - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // check that only new tags are in the tag filter + checkTagsInTagsFilter(tagsToOverwrite, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + }); + }); - selectAllRules(); + it('Delete tags from custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const tagsToDelete = prePopulatedTags.slice(0, 1); + const resultingTags = prePopulatedTags.slice(1); - // open add tags form, check overwrite tags and warning message, type tags - openBulkEditAddTagsForm(); - checkOverwriteTagsCheckbox(); + // check if only pre-populated tags exist in the tags filter + checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); - cy.get(RULES_BULK_EDIT_TAGS_WARNING).should( - 'have.text', - `You’re about to overwrite tags for ${rows.length} selected rules, press Save to apply changes.` - ); + selectAllRules(); - typeTags(tagsToOverwrite); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + // open add tags form, check overwrite tags, type tags + openBulkEditDeleteTagsForm(); + typeTags(tagsToDelete); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if all rules have been updated with new tags - testAllTagsBadges(tagsToOverwrite); + // check tags has been removed from all rules + testAllTagsBadges(resultingTags); - // check that only new tags are in the tag filter - checkTagsInTagsFilter(tagsToOverwrite, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // check that tags were removed from the tag filter + checkTagsInTagsFilter(resultingTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + }); }); }); - it('Delete tags from custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const tagsToDelete = prePopulatedTags.slice(0, 1); - const resultingTags = prePopulatedTags.slice(1); + describe('Index patterns', () => { + it('Index pattern action applied to custom rules, including machine learning: user proceeds with edit of custom non machine learning rule', () => { + getRulesManagementTableRows().then((rows) => { + const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; + const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; - // check if only pre-populated tags exist in the tags filter - checkTagsInTagsFilter(prePopulatedTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + selectAllRules(); + clickAddIndexPatternsMenuItem(); - selectAllRules(); + // confirm editing custom rules, that are not Machine Learning + checkMachineLearningRulesCannotBeModified(expectedNumberOfMachineLearningRulesToBeEdited); + cy.get(MODAL_CONFIRMATION_BTN).click(); - // open add tags form, check overwrite tags, type tags - openBulkEditDeleteTagsForm(); - typeTags(tagsToDelete); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + typeIndexPatterns(indexPattersToBeAdded); + submitBulkEditForm(); - // check tags has been removed from all rules - testAllTagsBadges(resultingTags); + waitForBulkEditActionToFinish({ + updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, + }); - // check that tags were removed from the tag filter - checkTagsInTagsFilter(resultingTags, EUI_SELECTABLE_LIST_ITEM_SR_TEXT); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasIndexPatterns(resultingIndexPatterns.join('')); + }); }); - }); - }); - - describe('Index patterns', () => { - it('Index pattern action applied to custom rules, including machine learning: user proceeds with edit of custom non machine learning rule', () => { - getRulesManagementTableRows().then((rows) => { - const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; + it('Index pattern action applied to custom rules, including machine learning: user cancels action', () => { selectAllRules(); clickAddIndexPatternsMenuItem(); // confirm editing custom rules, that are not Machine Learning checkMachineLearningRulesCannotBeModified(expectedNumberOfMachineLearningRulesToBeEdited); - cy.get(MODAL_CONFIRMATION_BTN).click(); - - typeIndexPatterns(indexPattersToBeAdded); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, - }); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(resultingIndexPatterns.join('')); + // user cancels action and modal disappears + cancelConfirmationModal(); }); - }); - it('Index pattern action applied to custom rules, including machine learning: user cancels action', () => { - selectAllRules(); - clickAddIndexPatternsMenuItem(); + it('Add index patterns to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; + const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; + + // select only rules that are not ML + selectRulesByName([ + RULE_NAME, + 'New EQL Rule', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + ]); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(indexPattersToBeAdded); + submitBulkEditForm(); - // confirm editing custom rules, that are not Machine Learning - checkMachineLearningRulesCannotBeModified(expectedNumberOfMachineLearningRulesToBeEdited); + waitForBulkEditActionToFinish({ + updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, + }); - // user cancels action and modal disappears - cancelConfirmationModal(); - }); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasIndexPatterns(resultingIndexPatterns.join('')); + }); + }); - it('Add index patterns to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - const resultingIndexPatterns = [...prePopulatedIndexPatterns, ...indexPattersToBeAdded]; + it('Display success toast after editing the index pattern', () => { + getRulesManagementTableRows().then((rows) => { + const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; + + // select only rules that are not ML + selectRulesByName([ + RULE_NAME, + 'New EQL Rule', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + ]); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(indexPattersToBeAdded); + submitBulkEditForm(); - // select only rules that are not ML - selectRulesByName([ + waitForBulkEditActionToFinish({ + updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, + }); + }); + }); + + it('Overwrite index patterns in custom rules', () => { + const rulesToSelect = [ RULE_NAME, 'New EQL Rule', 'Threat Indicator Rule Test', 'Threshold Rule', 'New Terms Rule', - ]); + ] as const; + const indexPattersToWrite = ['index-to-write-1-*', 'index-to-write-2-*']; + + // select only rules that are not ML + selectRulesByName(rulesToSelect); openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(indexPattersToBeAdded); + + // check overwrite index patterns checkbox, ensure warning message is displayed and type index patterns + checkOverwriteIndexPatternsCheckbox(); + cy.get(RULES_BULK_EDIT_INDEX_PATTERNS_WARNING).should( + 'have.text', + `You’re about to overwrite index patterns for ${rulesToSelect.length} selected rules, press Save to apply changes.` + ); + + typeIndexPatterns(indexPattersToWrite); submitBulkEditForm(); - waitForBulkEditActionToFinish({ - updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, - }); + waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); // check if rule has been updated goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(resultingIndexPatterns.join('')); + hasIndexPatterns(indexPattersToWrite.join('')); }); - }); - it('Display success toast after editing the index pattern', () => { - getRulesManagementTableRows().then((rows) => { - const indexPattersToBeAdded = ['index-to-add-1-*', 'index-to-add-2-*']; - - // select only rules that are not ML - selectRulesByName([ + it('Delete index patterns from custom rules', () => { + const rulesToSelect = [ RULE_NAME, 'New EQL Rule', 'Threat Indicator Rule Test', 'Threshold Rule', 'New Terms Rule', - ]); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(indexPattersToBeAdded); - submitBulkEditForm(); + ] as const; + const indexPatternsToDelete = prePopulatedIndexPatterns.slice(0, 1); + const resultingIndexPatterns = prePopulatedIndexPatterns.slice(1); - waitForBulkEditActionToFinish({ - updatedCount: rows.length - expectedNumberOfMachineLearningRulesToBeEdited, - }); - }); - }); + // select only not ML rules + selectRulesByName(rulesToSelect); - it('Overwrite index patterns in custom rules', () => { - const rulesToSelect = [ - RULE_NAME, - 'New EQL Rule', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - ] as const; - const indexPattersToWrite = ['index-to-write-1-*', 'index-to-write-2-*']; - - // select only rules that are not ML - selectRulesByName(rulesToSelect); - - openBulkEditAddIndexPatternsForm(); - - // check overwrite index patterns checkbox, ensure warning message is displayed and type index patterns - checkOverwriteIndexPatternsCheckbox(); - cy.get(RULES_BULK_EDIT_INDEX_PATTERNS_WARNING).should( - 'have.text', - `You’re about to overwrite index patterns for ${rulesToSelect.length} selected rules, press Save to apply changes.` - ); - - typeIndexPatterns(indexPattersToWrite); - submitBulkEditForm(); + openBulkEditDeleteIndexPatternsForm(); + typeIndexPatterns(indexPatternsToDelete); + submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); + waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(indexPattersToWrite.join('')); - }); - - it('Delete index patterns from custom rules', () => { - const rulesToSelect = [ - RULE_NAME, - 'New EQL Rule', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - ] as const; - const indexPatternsToDelete = prePopulatedIndexPatterns.slice(0, 1); - const resultingIndexPatterns = prePopulatedIndexPatterns.slice(1); - - // select only not ML rules - selectRulesByName(rulesToSelect); - - openBulkEditDeleteIndexPatternsForm(); - typeIndexPatterns(indexPatternsToDelete); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ updatedCount: rulesToSelect.length }); - - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasIndexPatterns(resultingIndexPatterns.join('')); - }); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasIndexPatterns(resultingIndexPatterns.join('')); + }); - it('Delete all index patterns from custom rules', () => { - const rulesToSelect = [ - RULE_NAME, - 'New EQL Rule', - 'Threat Indicator Rule Test', - 'Threshold Rule', - 'New Terms Rule', - ] as const; + it('Delete all index patterns from custom rules', () => { + const rulesToSelect = [ + RULE_NAME, + 'New EQL Rule', + 'Threat Indicator Rule Test', + 'Threshold Rule', + 'New Terms Rule', + ] as const; - // select only rules that are not ML - selectRulesByName(rulesToSelect); + // select only rules that are not ML + selectRulesByName(rulesToSelect); - openBulkEditDeleteIndexPatternsForm(); - typeIndexPatterns(prePopulatedIndexPatterns); - submitBulkEditForm(); + openBulkEditDeleteIndexPatternsForm(); + typeIndexPatterns(prePopulatedIndexPatterns); + submitBulkEditForm(); - // error toast should be displayed that that rules edit failed - waitForBulkEditActionToFinish({ failedCount: rulesToSelect.length }); + // error toast should be displayed that that rules edit failed + waitForBulkEditActionToFinish({ failedCount: rulesToSelect.length }); - // on error toast button click display error that index patterns can't be empty - clickErrorToastBtn(); - cy.contains(MODAL_ERROR_BODY, "Index patterns can't be empty"); + // on error toast button click display error that index patterns can't be empty + clickErrorToastBtn(); + cy.contains(MODAL_ERROR_BODY, "Index patterns can't be empty"); + }); }); - }); - describe('Investigation fields actions', () => { - it('Add investigation fields to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const fieldsToBeAdded = ['source.ip', 'destination.ip']; - const resultingFields = [...prePopulatedInvestigationFields, ...fieldsToBeAdded]; + describe('Investigation fields actions', () => { + it('Add investigation fields to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const fieldsToBeAdded = ['source.ip', 'destination.ip']; + const resultingFields = [...prePopulatedInvestigationFields, ...fieldsToBeAdded]; - selectAllRules(); + selectAllRules(); - // open add custom highlighted fields form and add 2 new fields - openBulkEditAddInvestigationFieldsForm(); - typeInvestigationFields(fieldsToBeAdded); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + // open add custom highlighted fields form and add 2 new fields + openBulkEditAddInvestigationFieldsForm(); + typeInvestigationFields(fieldsToBeAdded); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasInvestigationFields(resultingFields.join('')); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasInvestigationFields(resultingFields.join('')); + }); }); - }); - it('Overwrite investigation fields in custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const fieldsToOverwrite = ['source.ip']; + it('Overwrite investigation fields in custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const fieldsToOverwrite = ['source.ip']; - selectAllRules(); + selectAllRules(); - // open add tags form, check overwrite tags and warning message, type tags - openBulkEditAddInvestigationFieldsForm(); - checkOverwriteInvestigationFieldsCheckbox(); + // open add tags form, check overwrite tags and warning message, type tags + openBulkEditAddInvestigationFieldsForm(); + checkOverwriteInvestigationFieldsCheckbox(); - cy.get(RULES_BULK_EDIT_INVESTIGATION_FIELDS_WARNING).should( - 'have.text', - `You’re about to overwrite custom highlighted fields for the ${rows.length} rules you selected. To apply and save the changes, click Save.` - ); + cy.get(RULES_BULK_EDIT_INVESTIGATION_FIELDS_WARNING).should( + 'have.text', + `You’re about to overwrite custom highlighted fields for the ${rows.length} rules you selected. To apply and save the changes, click Save.` + ); - typeInvestigationFields(fieldsToOverwrite); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + typeInvestigationFields(fieldsToOverwrite); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasInvestigationFields(fieldsToOverwrite.join('')); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasInvestigationFields(fieldsToOverwrite.join('')); + }); }); - }); - it('Delete investigation fields from custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const fieldsToDelete = prePopulatedInvestigationFields.slice(0, 1); - const resultingFields = prePopulatedInvestigationFields.slice(1); + it('Delete investigation fields from custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const fieldsToDelete = prePopulatedInvestigationFields.slice(0, 1); + const resultingFields = prePopulatedInvestigationFields.slice(1); - selectAllRules(); + selectAllRules(); - // open add tags form, check overwrite tags, type tags - openBulkEditDeleteInvestigationFieldsForm(); - typeInvestigationFields(fieldsToDelete); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + // open add tags form, check overwrite tags, type tags + openBulkEditDeleteInvestigationFieldsForm(); + typeInvestigationFields(fieldsToDelete); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - hasInvestigationFields(resultingFields.join('')); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + hasInvestigationFields(resultingFields.join('')); + }); }); - }); - it('Delete all investigation fields from custom rules', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); + it('Delete all investigation fields from custom rules', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); - openBulkEditDeleteInvestigationFieldsForm(); - typeInvestigationFields(prePopulatedInvestigationFields); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + openBulkEditDeleteInvestigationFieldsForm(); + typeInvestigationFields(prePopulatedInvestigationFields); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if rule has been updated - goToRuleDetailsOf(RULE_NAME); - assertDetailsNotExist(INVESTIGATION_FIELDS_DETAILS); + // check if rule has been updated + goToRuleDetailsOf(RULE_NAME); + assertDetailsNotExist(INVESTIGATION_FIELDS_DETAILS); + }); }); }); - }); - describe('Timeline templates', () => { - beforeEach(() => { - loadPrepackagedTimelineTemplates(); - }); + describe('Timeline templates', () => { + beforeEach(() => { + loadPrepackagedTimelineTemplates(); + }); - it('Apply timeline template to custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const timelineTemplateName = 'Generic Endpoint Timeline'; + it('Apply timeline template to custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const timelineTemplateName = 'Generic Endpoint Timeline'; - selectAllRules(); + selectAllRules(); - // open Timeline template form, check warning, select timeline template - clickApplyTimelineTemplatesMenuItem(); - cy.get(RULES_BULK_EDIT_TIMELINE_TEMPLATES_WARNING).contains( - `You're about to apply changes to ${rows.length} selected rules. If you previously applied Timeline templates to these rules, they will be overwritten or (if you select 'None') reset to none.` - ); - selectTimelineTemplate(timelineTemplateName); + // open Timeline template form, check warning, select timeline template + clickApplyTimelineTemplatesMenuItem(); + cy.get(RULES_BULK_EDIT_TIMELINE_TEMPLATES_WARNING).contains( + `You're about to apply changes to ${rows.length} selected rules. If you previously applied Timeline templates to these rules, they will be overwritten or (if you select 'None') reset to none.` + ); + selectTimelineTemplate(timelineTemplateName); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if timeline template has been updated to selected one - goToRuleDetailsOf(RULE_NAME); - getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', timelineTemplateName); + // check if timeline template has been updated to selected one + goToRuleDetailsOf(RULE_NAME); + getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', timelineTemplateName); + }); }); - }); - it('Reset timeline template to None for custom rules', () => { - getRulesManagementTableRows().then((rows) => { - const noneTimelineTemplate = 'None'; + it('Reset timeline template to None for custom rules', () => { + getRulesManagementTableRows().then((rows) => { + const noneTimelineTemplate = 'None'; - selectAllRules(); + selectAllRules(); - // open Timeline template form, submit form without picking timeline template as None is selected by default - clickApplyTimelineTemplatesMenuItem(); + // open Timeline template form, submit form without picking timeline template as None is selected by default + clickApplyTimelineTemplatesMenuItem(); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - // check if timeline template has been updated to selected one, by opening rule that have had timeline prior to editing - goToRuleDetailsOf(RULE_NAME); - getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', noneTimelineTemplate); + // check if timeline template has been updated to selected one, by opening rule that have had timeline prior to editing + goToRuleDetailsOf(RULE_NAME); + getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', noneTimelineTemplate); + }); }); }); - }); - describe('Schedule', () => { - it('Default values are applied to bulk edit schedule fields', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); - clickUpdateScheduleMenuItem(); + describe('Schedule', () => { + it('Default values are applied to bulk edit schedule fields', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); + clickUpdateScheduleMenuItem(); - assertUpdateScheduleWarningExists(rows.length); + assertUpdateScheduleWarningExists(rows.length); - assertDefaultValuesAreAppliedToScheduleFields({ - interval: 5, - lookback: 1, + assertDefaultValuesAreAppliedToScheduleFields({ + interval: 5, + lookback: 1, + }); }); }); - }); - it('Updates schedule for custom rules', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); - clickUpdateScheduleMenuItem(); + it('Updates schedule for custom rules', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); + clickUpdateScheduleMenuItem(); - assertUpdateScheduleWarningExists(rows.length); + assertUpdateScheduleWarningExists(rows.length); - typeScheduleInterval('20'); - setScheduleIntervalTimeUnit('Hours'); + typeScheduleInterval('20'); + setScheduleIntervalTimeUnit('Hours'); - typeScheduleLookback('10'); - setScheduleLookbackTimeUnit('Minutes'); + typeScheduleLookback('10'); + setScheduleLookbackTimeUnit('Minutes'); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - goToRuleDetailsOf(RULE_NAME); + goToRuleDetailsOf(RULE_NAME); - assertRuleScheduleValues({ - interval: '20h', - lookback: '10m', + assertRuleScheduleValues({ + interval: '20h', + lookback: '10m', + }); }); }); - }); - it('Validates invalid inputs when scheduling for custom rules', () => { - getRulesManagementTableRows().then((rows) => { - selectAllRules(); - clickUpdateScheduleMenuItem(); + it('Validates invalid inputs when scheduling for custom rules', () => { + getRulesManagementTableRows().then((rows) => { + selectAllRules(); + clickUpdateScheduleMenuItem(); - // Validate invalid values are corrected to minimumValue - for 0 and negative values - typeScheduleInterval('0'); - setScheduleIntervalTimeUnit('Hours'); + // Validate invalid values are corrected to minimumValue - for 0 and negative values + typeScheduleInterval('0'); + setScheduleIntervalTimeUnit('Hours'); - typeScheduleLookback('-5'); - setScheduleLookbackTimeUnit('Seconds'); + typeScheduleLookback('-5'); + setScheduleLookbackTimeUnit('Seconds'); - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: rows.length }); + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: rows.length }); - goToRuleDetailsOf(RULE_NAME); + goToRuleDetailsOf(RULE_NAME); - assertRuleScheduleValues({ - interval: '1h', - lookback: '1s', + assertRuleScheduleValues({ + interval: '1h', + lookback: '1s', + }); }); }); }); - }); -}); + } +); // ES|QL rule type is supported only in ESS environment // Adding 2 use cases only for this rule type, while it is disabled on serverless diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts index 3b9ddf73ad3c..20c8f50ea21b 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts @@ -59,7 +59,7 @@ const expectedIndexPatterns = ['index-1-*', 'index-2-*']; describe( 'Bulk editing index patterns of rules with a data view only', - { tags: ['@ess', '@serverless'] }, + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { const TESTED_CUSTOM_QUERY_RULE_DATA = getNewRule({ index: undefined, diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/deletion/rule_delete.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/deletion/rule_delete.cy.ts index 4c9168744920..8cb25f60b513 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/deletion/rule_delete.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/deletion/rule_delete.cy.ts @@ -21,7 +21,7 @@ import { createRule, findAllRules } from '../../../../../tasks/api_calls/rules'; import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; import { login } from '../../../../../tasks/login'; -describe('Rule deletion', { tags: ['@ess', '@serverless'] }, () => { +describe('Rule deletion', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { const testRules = [ getNewRule({ rule_id: 'rule1', name: 'Rule 1', enabled: false }), getNewRule({ rule_id: 'rule2', name: 'Rule 2', enabled: false }), diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts index cc270d41c10a..855c4e17afe0 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts @@ -52,7 +52,7 @@ const prebuiltRules = Array.from(Array(7)).map((_, i) => { }); }); -describe('Export rules', { tags: ['@ess', '@serverless'] }, () => { +describe('Export rules', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { const downloadsFolder = Cypress.config('downloadsFolder'); beforeEach(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts index 4b8fe5b5312b..0cd0a0a687e4 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts @@ -20,7 +20,7 @@ import { RULES_MANAGEMENT_URL } from '../../../../../urls/rules_management'; const RULES_TO_IMPORT_FILENAME = 'cypress/fixtures/7_16_rules.ndjson'; const IMPORTED_EXCEPTION_ID = 'b8dfd17f-1e11-41b0-ae7e-9e7f8237de49'; -describe('Import rules', { tags: ['@ess', '@serverless'] }, () => { +describe('Import rules', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { beforeEach(() => { login(); deleteAlertsAndRules(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts index aa42d7bea0f5..270a9146f65a 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts @@ -43,7 +43,7 @@ import { TOOLTIP } from '../../../../../screens/common'; const RULES_TO_IMPORT_FILENAME = 'cypress/fixtures/7_16_rules.ndjson'; -describe('rule snoozing', { tags: ['@ess', '@serverless'] }, () => { +describe('rule snoozing', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { beforeEach(() => { login(); deleteAlertsAndRules(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/common_flows.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/common_flows.cy.ts index e881fd76860d..6aded7a9a1f8 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/common_flows.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/common_flows.cy.ts @@ -53,129 +53,135 @@ import { ruleDetailsUrl } from '../../../../urls/rule_details'; // This test is meant to test all common aspects of the rule details page that should function // the same regardless of rule type. For any rule type specific functionalities, please include // them in the relevant /rule_details/[RULE_TYPE].cy.ts test. -describe('Common rule detail flows', { tags: ['@ess', '@serverless'] }, function () { - beforeEach(() => { - login(); - deleteAlertsAndRules(); - deleteConnectors(); - createTimeline().then((response) => { - createRule({ - ...getNewRule({ - rule_id: 'rulez', - description: ruleFields.ruleDescription, - name: ruleFields.ruleName, - severity: ruleFields.ruleSeverity, - risk_score: ruleFields.riskScore, - tags: ruleFields.ruleTags, - false_positives: ruleFields.falsePositives, - note: ruleFields.investigationGuide, - timeline_id: response.body.data.persistTimeline.timeline.savedObjectId, - timeline_title: response.body.data.persistTimeline.timeline.title ?? '', - interval: ruleFields.ruleInterval, - from: `now-1h`, - query: ruleFields.ruleQuery, - enabled: false, - max_signals: 500, - threat: [ - { - ...ruleFields.threat, - technique: [ - { - ...ruleFields.threatTechnique, - subtechnique: [ruleFields.threatSubtechnique], - }, - ], - }, - ], - }), - }).then((rule) => { - cy.wrap(rule.body.id).as('ruleId'); +describe( + 'Common rule detail flows', + { tags: ['@ess', '@serverless', '@serverlessQA'] }, + function () { + beforeEach(() => { + login(); + deleteAlertsAndRules(); + deleteConnectors(); + createTimeline().then((response) => { + createRule({ + ...getNewRule({ + rule_id: 'rulez', + description: ruleFields.ruleDescription, + name: ruleFields.ruleName, + severity: ruleFields.ruleSeverity, + risk_score: ruleFields.riskScore, + tags: ruleFields.ruleTags, + false_positives: ruleFields.falsePositives, + note: ruleFields.investigationGuide, + timeline_id: response.body.data.persistTimeline.timeline.savedObjectId, + timeline_title: response.body.data.persistTimeline.timeline.title ?? '', + interval: ruleFields.ruleInterval, + from: `now-1h`, + query: ruleFields.ruleQuery, + enabled: false, + max_signals: 500, + threat: [ + { + ...ruleFields.threat, + technique: [ + { + ...ruleFields.threatTechnique, + subtechnique: [ruleFields.threatSubtechnique], + }, + ], + }, + ], + }), + }).then((rule) => { + cy.wrap(rule.body.id).as('ruleId'); + }); }); }); - }); - it('Only modifies rule active status on enable/disable', function () { - visit(ruleDetailsUrl(this.ruleId)); - cy.get(RULE_NAME_HEADER).should('contain', ruleFields.ruleName); + it('Only modifies rule active status on enable/disable', function () { + visit(ruleDetailsUrl(this.ruleId)); + cy.get(RULE_NAME_HEADER).should('contain', ruleFields.ruleName); - cy.intercept('POST', '/api/detection_engine/rules/_bulk_action?dry_run=false').as( - 'bulk_action' - ); - cy.get(RULE_SWITCH).should('be.visible'); - cy.get(RULE_SWITCH).click(); - cy.wait('@bulk_action').then(({ response }) => { - cy.wrap(response?.statusCode).should('eql', 200); - cy.wrap(response?.body.attributes.results.updated[0].max_signals).should( - 'eql', - getExistingRule().max_signals + cy.intercept('POST', '/api/detection_engine/rules/_bulk_action?dry_run=false').as( + 'bulk_action' ); - cy.wrap(response?.body.attributes.results.updated[0].enabled).should('eql', true); + cy.get(RULE_SWITCH).should('be.visible'); + cy.get(RULE_SWITCH).click(); + cy.wait('@bulk_action').then(({ response }) => { + cy.wrap(response?.statusCode).should('eql', 200); + cy.wrap(response?.body.attributes.results.updated[0].max_signals).should( + 'eql', + getExistingRule().max_signals + ); + cy.wrap(response?.body.attributes.results.updated[0].enabled).should('eql', true); + }); }); - }); - it('Displays rule details', function () { - visit(ruleDetailsUrl(this.ruleId)); - cy.get(RULE_NAME_HEADER).should('contain', ruleFields.ruleName); - cy.get(ABOUT_RULE_DESCRIPTION).should('have.text', ruleFields.ruleDescription); - cy.get(ABOUT_DETAILS).within(() => { - getDetails(SEVERITY_DETAILS) - .invoke('text') - .then((text) => { - cy.wrap(text.toLowerCase()).should('equal', ruleFields.ruleSeverity); + it('Displays rule details', function () { + visit(ruleDetailsUrl(this.ruleId)); + cy.get(RULE_NAME_HEADER).should('contain', ruleFields.ruleName); + cy.get(ABOUT_RULE_DESCRIPTION).should('have.text', ruleFields.ruleDescription); + cy.get(ABOUT_DETAILS).within(() => { + getDetails(SEVERITY_DETAILS) + .invoke('text') + .then((text) => { + cy.wrap(text.toLowerCase()).should('equal', ruleFields.ruleSeverity); + }); + getDetails(RISK_SCORE_DETAILS).should('have.text', ruleFields.riskScore); + getDetails(REFERENCE_URLS_DETAILS).should((details) => { + expect(removeExternalLinkText(details.text())).equal(ruleFields.referenceUrls.join('')); }); - getDetails(RISK_SCORE_DETAILS).should('have.text', ruleFields.riskScore); - getDetails(REFERENCE_URLS_DETAILS).should((details) => { - expect(removeExternalLinkText(details.text())).equal(ruleFields.referenceUrls.join('')); + getDetails(FALSE_POSITIVES_DETAILS).should('have.text', ruleFields.falsePositives.join('')); + getDetails(TAGS_DETAILS).should('have.text', ruleFields.ruleTags.join('')); }); - getDetails(FALSE_POSITIVES_DETAILS).should('have.text', ruleFields.falsePositives.join('')); - getDetails(TAGS_DETAILS).should('have.text', ruleFields.ruleTags.join('')); - }); - cy.get(THREAT_TACTIC).should( - 'contain', - `${ruleFields.threat.tactic.name} (${ruleFields.threat.tactic.id})` - ); - cy.get(THREAT_TECHNIQUE).should( - 'contain', - `${ruleFields.threatTechnique.name} (${ruleFields.threatTechnique.id})` - ); - cy.get(THREAT_SUBTECHNIQUE).should( - 'contain', - `${ruleFields.threatSubtechnique.name} (${ruleFields.threatSubtechnique.id})` - ); - cy.get(INVESTIGATION_NOTES_TOGGLE).click(); - cy.get(ABOUT_INVESTIGATION_NOTES).should('have.text', INVESTIGATION_NOTES_MARKDOWN); - cy.get(DEFINITION_DETAILS).within(() => { - getDetails(INDEX_PATTERNS_DETAILS).should( - 'have.text', - ruleFields.defaultIndexPatterns.join('') + cy.get(THREAT_TACTIC).should( + 'contain', + `${ruleFields.threat.tactic.name} (${ruleFields.threat.tactic.id})` ); - getDetails(CUSTOM_QUERY_DETAILS).should('have.text', ruleFields.ruleQuery); - getDetails(RULE_TYPE_DETAILS).should('have.text', 'Query'); - getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', 'Security Timeline'); - }); - cy.get(SCHEDULE_DETAILS).within(() => { - getDetails(RUNS_EVERY_DETAILS) - .find(INTERVAL_ABBR_VALUE) - .should('have.text', ruleFields.ruleInterval); - getDetails(ADDITIONAL_LOOK_BACK_DETAILS).find(INTERVAL_ABBR_VALUE).should('have.text', '55m'); + cy.get(THREAT_TECHNIQUE).should( + 'contain', + `${ruleFields.threatTechnique.name} (${ruleFields.threatTechnique.id})` + ); + cy.get(THREAT_SUBTECHNIQUE).should( + 'contain', + `${ruleFields.threatSubtechnique.name} (${ruleFields.threatSubtechnique.id})` + ); + cy.get(INVESTIGATION_NOTES_TOGGLE).click(); + cy.get(ABOUT_INVESTIGATION_NOTES).should('have.text', INVESTIGATION_NOTES_MARKDOWN); + cy.get(DEFINITION_DETAILS).within(() => { + getDetails(INDEX_PATTERNS_DETAILS).should( + 'have.text', + ruleFields.defaultIndexPatterns.join('') + ); + getDetails(CUSTOM_QUERY_DETAILS).should('have.text', ruleFields.ruleQuery); + getDetails(RULE_TYPE_DETAILS).should('have.text', 'Query'); + getDetails(TIMELINE_TEMPLATE_DETAILS).should('have.text', 'Security Timeline'); + }); + cy.get(SCHEDULE_DETAILS).within(() => { + getDetails(RUNS_EVERY_DETAILS) + .find(INTERVAL_ABBR_VALUE) + .should('have.text', ruleFields.ruleInterval); + getDetails(ADDITIONAL_LOOK_BACK_DETAILS) + .find(INTERVAL_ABBR_VALUE) + .should('have.text', '55m'); + }); }); - }); - it('Deletes one rule from detail page', function () { - visit(ruleDetailsUrl(this.ruleId)); - cy.intercept('POST', '/api/detection_engine/rules/_bulk_delete').as('deleteRule'); + it('Deletes one rule from detail page', function () { + visit(ruleDetailsUrl(this.ruleId)); + cy.intercept('POST', '/api/detection_engine/rules/_bulk_delete').as('deleteRule'); - deleteRuleFromDetailsPage(); + deleteRuleFromDetailsPage(); - // @ts-expect-error update types - cy.waitFor('@deleteRule').then(() => { - cy.get(RULES_MANAGEMENT_TABLE).should('exist'); - cy.get(RULES_MANAGEMENT_TABLE).find(RULES_ROW).should('have.length', 0); - cy.request({ url: '/api/detection_engine/rules/_find' }).then(({ body }) => { - const numberOfRules = body.data.length; - expect(numberOfRules).to.eql(0); + // @ts-expect-error update types + cy.waitFor('@deleteRule').then(() => { + cy.get(RULES_MANAGEMENT_TABLE).should('exist'); + cy.get(RULES_MANAGEMENT_TABLE).find(RULES_ROW).should('have.length', 0); + cy.request({ url: '/api/detection_engine/rules/_find' }).then(({ body }) => { + const numberOfRules = body.data.length; + expect(numberOfRules).to.eql(0); + }); + cy.get(CUSTOM_RULES_BTN).should('have.text', `Custom rules (${0})`); }); - cy.get(CUSTOM_RULES_BTN).should('have.text', `Custom rules (${0})`); }); - }); -}); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/esql_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/esql_rule.cy.ts index 54f78ba7ac38..ce94f3327e31 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/esql_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_details/esql_rule.cy.ts @@ -24,25 +24,29 @@ import { visit } from '../../../../tasks/navigation'; import { ruleDetailsUrl } from '../../../../urls/rule_details'; -describe('Detection ES|QL rules, details view', { tags: ['@ess', '@serverless'] }, () => { - const rule = getEsqlRule(); - - beforeEach(() => { - deleteAlertsAndRules(); - login(); - }); +describe( + 'Detection ES|QL rules, details view', + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, + () => { + const rule = getEsqlRule(); + + beforeEach(() => { + deleteAlertsAndRules(); + login(); + }); - it('displays ES|QL rule specific fields', function () { - createRule(getEsqlRule()).then((createdRule) => { - visit(ruleDetailsUrl(createdRule.body.id)); + it('displays ES|QL rule specific fields', function () { + createRule(getEsqlRule()).then((createdRule) => { + visit(ruleDetailsUrl(createdRule.body.id)); - cy.get(RULE_NAME_HEADER).should('contain', `${rule.name}`); + cy.get(RULE_NAME_HEADER).should('contain', `${rule.name}`); - cy.get(DEFINITION_DETAILS).within(() => { - getDetails(ESQL_QUERY_DETAILS).should('have.text', rule.query); + cy.get(DEFINITION_DETAILS).within(() => { + getDetails(ESQL_QUERY_DETAILS).should('have.text', rule.query); - getDetails(RULE_TYPE_DETAILS).contains('ES|QL'); + getDetails(RULE_TYPE_DETAILS).contains('ES|QL'); + }); }); }); - }); -}); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts index 3f2d718779f7..2e2a5571880c 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts @@ -33,127 +33,131 @@ import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; const RULES_TABLE_REFRESH_INTERVAL_MS = 60000; -describe('Rules table: auto-refresh', { tags: ['@ess', '@serverless'] }, () => { - beforeEach(() => { - login(); - deleteAlertsAndRules(); - setRulesTableAutoRefreshIntervalSetting({ - enabled: true, - refreshInterval: RULES_TABLE_REFRESH_INTERVAL_MS, +describe( + 'Rules table: auto-refresh', + { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, + () => { + beforeEach(() => { + login(); + deleteAlertsAndRules(); + setRulesTableAutoRefreshIntervalSetting({ + enabled: true, + refreshInterval: RULES_TABLE_REFRESH_INTERVAL_MS, + }); + createRule(getNewRule({ name: 'Test rule 1', rule_id: '1', enabled: false })); }); - createRule(getNewRule({ name: 'Test rule 1', rule_id: '1', enabled: false })); - }); - it('gets deactivated when any rule selected and activated after rules unselected', () => { - visitRulesManagementTable(); + it('gets deactivated when any rule selected and activated after rules unselected', () => { + visitRulesManagementTable(); - expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); + expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); - // check refresh settings if it's enabled before selecting - expectAutoRefreshIsEnabled(); + // check refresh settings if it's enabled before selecting + expectAutoRefreshIsEnabled(); - selectAllRules(); + selectAllRules(); - // auto refresh should be deactivated (which means disabled without an ability to enable it) after rules selected - expectAutoRefreshIsDeactivated(); + // auto refresh should be deactivated (which means disabled without an ability to enable it) after rules selected + expectAutoRefreshIsDeactivated(); - clearAllRuleSelection(); + clearAllRuleSelection(); - // after all rules unselected, auto refresh should be reset to its previous state - expectAutoRefreshIsEnabled(); - }); + // after all rules unselected, auto refresh should be reset to its previous state + expectAutoRefreshIsEnabled(); + }); - describe('when enabled', () => { - beforeEach(() => { - mockGlobalClock(); - visitRulesManagementTable(); + describe('when enabled', () => { + beforeEach(() => { + mockGlobalClock(); + visitRulesManagementTable(); - expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); - }); + expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); + }); - it('refreshes rules after refresh interval has passed', () => { - cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('not.exist'); - cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS); - cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('be.visible'); + it('refreshes rules after refresh interval has passed', () => { + cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('not.exist'); + cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS); + cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('be.visible'); - cy.contains(REFRESH_RULES_STATUS, 'Updated now'); - }); + cy.contains(REFRESH_RULES_STATUS, 'Updated now'); + }); - it('refreshes rules on window focus', () => { - cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS / 2); + it('refreshes rules on window focus', () => { + cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS / 2); - cy.window().trigger('blur'); - cy.window().trigger('focus'); + cy.window().trigger('blur'); + cy.window().trigger('focus'); - cy.contains(REFRESH_RULES_STATUS, 'Updated now'); + cy.contains(REFRESH_RULES_STATUS, 'Updated now'); + }); }); - }); - describe('when disabled', () => { - beforeEach(() => { - mockGlobalClock(); - visitRulesManagementTable(); - expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); - }); + describe('when disabled', () => { + beforeEach(() => { + mockGlobalClock(); + visitRulesManagementTable(); + expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); + }); - it('does NOT refresh rules after refresh interval has passed', () => { - disableAutoRefresh(); - cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed to verify auto-refresh doesn't happen + it('does NOT refresh rules after refresh interval has passed', () => { + disableAutoRefresh(); + cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed to verify auto-refresh doesn't happen - cy.contains(REFRESH_RULES_STATUS, 'Updated 2 minutes ago'); - }); + cy.contains(REFRESH_RULES_STATUS, 'Updated 2 minutes ago'); + }); - it('does NOT refresh rules on window focus', () => { - disableAutoRefresh(); - cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed to verify auto-refresh doesn't happen + it('does NOT refresh rules on window focus', () => { + disableAutoRefresh(); + cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed to verify auto-refresh doesn't happen - cy.window().trigger('blur'); - cy.window().trigger('focus'); + cy.window().trigger('blur'); + cy.window().trigger('focus'); - // We need to make sure window focus event doesn't cause refetching. Without some delay - // the following expectations always pass even. It happens since 'focus' event gets handled - // in an async way so the status text is updated with some delay. - // eslint-disable-next-line cypress/no-unnecessary-waiting - cy.wait(1000); + // We need to make sure window focus event doesn't cause refetching. Without some delay + // the following expectations always pass even. It happens since 'focus' event gets handled + // in an async way so the status text is updated with some delay. + // eslint-disable-next-line cypress/no-unnecessary-waiting + cy.wait(1000); - // By using a custom timeout make sure it doesn't wait too long due to global timeout configuration - // so the expected text appears after a refresh and the test passes while it shouldn't. - cy.contains(REFRESH_RULES_STATUS, 'Updated 2 minutes ago', { timeout: 10000 }); - }); + // By using a custom timeout make sure it doesn't wait too long due to global timeout configuration + // so the expected text appears after a refresh and the test passes while it shouldn't. + cy.contains(REFRESH_RULES_STATUS, 'Updated 2 minutes ago', { timeout: 10000 }); + }); - it('does NOT get enabled after rules were unselected', () => { - disableAutoRefresh(); - cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed to verify auto-refresh doesn't happen + it('does NOT get enabled after rules were unselected', () => { + disableAutoRefresh(); + cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed to verify auto-refresh doesn't happen - selectAllRules(); + selectAllRules(); - expectAutoRefreshIsDeactivated(); + expectAutoRefreshIsDeactivated(); - clearAllRuleSelection(); + clearAllRuleSelection(); - // after all rules unselected, auto refresh should still be disabled - expectAutoRefreshIsDisabled(); + // after all rules unselected, auto refresh should still be disabled + expectAutoRefreshIsDisabled(); + }); }); - }); - describe('when one rule is selected', () => { - it('does NOT refresh after refresh interval has passed', () => { - mockGlobalClock(); - visitRulesManagementTable(); + describe('when one rule is selected', () => { + it('does NOT refresh after refresh interval has passed', () => { + mockGlobalClock(); + visitRulesManagementTable(); - expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); + expectNumberOfRules(RULES_MANAGEMENT_TABLE, 1); - selectRulesByName(['Test rule 1']); + selectRulesByName(['Test rule 1']); - // mock 1 minute passing to make sure refresh is not conducted - cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('not.exist'); - cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed - cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('not.exist'); + // mock 1 minute passing to make sure refresh is not conducted + cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('not.exist'); + cy.tick(RULES_TABLE_REFRESH_INTERVAL_MS * 2); // Make sure enough time has passed + cy.get(RULES_TABLE_AUTOREFRESH_INDICATOR).should('not.exist'); - // ensure rule is still selected - getRuleRow('Test rule 1').find(EUI_CHECKBOX).should('be.checked'); + // ensure rule is still selected + getRuleRow('Test rule 1').find(EUI_CHECKBOX).should('be.checked'); - cy.get(REFRESH_RULES_STATUS).should('have.not.text', 'Updated now'); + cy.get(REFRESH_RULES_STATUS).should('have.not.text', 'Updated now'); + }); }); - }); -}); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts index f23f703e3815..e852a752254d 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts @@ -30,7 +30,7 @@ import { import { disableAutoRefresh } from '../../../../tasks/alerts_detection_rules'; import { getNewRule } from '../../../../objects/rule'; -describe('Rules table: filtering', { tags: ['@ess', '@serverless'] }, () => { +describe('Rules table: filtering', { tags: ['@ess', '@serverless', '@serverlessQA'] }, () => { beforeEach(() => { login(); // Make sure persisted rules table state is cleared diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts index ace4406b1c22..1e88be519bf6 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts @@ -13,7 +13,7 @@ import { login } from '../../../../tasks/login'; import { visit } from '../../../../tasks/navigation'; import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; -describe('Rules table: links', { tags: ['@ess', '@serverless'] }, () => { +describe('Rules table: links', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { beforeEach(() => { login(); deleteAlertsAndRules(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts index 6ecf803161dd..7d9e9c1b202d 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts @@ -37,7 +37,7 @@ import { import { TABLE_FIRST_PAGE, TABLE_SECOND_PAGE } from '../../../../screens/table_pagination'; import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -describe('Rules table: sorting', { tags: ['@ess', '@serverless'] }, () => { +describe('Rules table: sorting', { tags: ['@ess', '@serverless', '@serverlessQA'] }, () => { beforeEach(() => { login(); deleteAlertsAndRules();