From a794ee77e03be4762bd453f92c678d2288b82e1b Mon Sep 17 00:00:00 2001 From: Yara Tercero Date: Wed, 6 Nov 2024 09:38:01 -0800 Subject: [PATCH] [Detection Engine][FTR] Add FTR exception list tests for Serverless prebuilt roles (#198420) ## Summary Adds FTR tests that check our Serverless prebuilt roles against our exception list endpoints. We have had little coverage or visibility to know if any changes made in elasticsearch-controller introduce a bug in our prebuilt roles. We could certainly discuss how such tests should be organized - I chose to create an `authentication` folder that then has a matching folder for the other sections and a file for each prebuilt role. With us nearing GA, I'd like to prioritize having coverage and following up with any improvements. (cherry picked from commit 4c649d9f14d6631d23931fc0d32dc28017cbad38) --- .../ftr_security_serverless_configs.yml | 3 + .../mki_periodic_detection_engine.yml | 45 ++++++ .../mki_quality_gate_detection_engine.yml | 82 +++++++--- .../package.json | 18 +++ .../common/essentials_tier/admin.ts | 111 +++++++++++++ .../configs/serverless.config.ts | 16 ++ .../common/essentials_tier/editor.ts | 113 +++++++++++++ .../endpoint_operations_analyst.ts | 113 +++++++++++++ .../endpoint_policy_manager.ts | 113 +++++++++++++ .../common/essentials_tier/index.ts | 24 +++ .../essentials_tier/platform_engineer.ts | 113 +++++++++++++ .../common/essentials_tier/rule_author.ts | 113 +++++++++++++ .../common/essentials_tier/soc_manager.ts | 113 +++++++++++++ .../essentials_tier/threat_intel_analyst.ts | 113 +++++++++++++ .../common/essentials_tier/tier_1_analyst.ts | 113 +++++++++++++ .../common/essentials_tier/tier_2_analyst.ts | 113 +++++++++++++ .../common/essentials_tier/tier_3_analyst.ts | 113 +++++++++++++ .../common/essentials_tier/viewer.ts | 113 +++++++++++++ .../exceptions/items/essentials_tier/admin.ts | 150 +++++++++++++++++ .../configs/serverless.config.ts | 16 ++ .../items/essentials_tier/editor.ts | 152 ++++++++++++++++++ .../endpoint_operations_analyst.ts | 152 ++++++++++++++++++ .../endpoint_policy_manager.ts | 152 ++++++++++++++++++ .../exceptions/items/essentials_tier/index.ts | 24 +++ .../essentials_tier/platform_engineer.ts | 152 ++++++++++++++++++ .../items/essentials_tier/rule_author.ts | 152 ++++++++++++++++++ .../items/essentials_tier/soc_manager.ts | 152 ++++++++++++++++++ .../essentials_tier/threat_intel_analyst.ts | 152 ++++++++++++++++++ .../items/essentials_tier/tier_1_analyst.ts | 152 ++++++++++++++++++ .../items/essentials_tier/tier_2_analyst.ts | 152 ++++++++++++++++++ .../items/essentials_tier/tier_3_analyst.ts | 152 ++++++++++++++++++ .../items/essentials_tier/viewer.ts | 152 ++++++++++++++++++ .../exceptions/lists/essentials_tier/admin.ts | 116 +++++++++++++ .../configs/serverless.config.ts | 16 ++ .../lists/essentials_tier/editor.ts | 118 ++++++++++++++ .../endpoint_operations_analyst.ts | 122 ++++++++++++++ .../endpoint_policy_manager.ts | 122 ++++++++++++++ .../exceptions/lists/essentials_tier/index.ts | 24 +++ .../essentials_tier/platform_engineer.ts | 122 ++++++++++++++ .../lists/essentials_tier/rule_author.ts | 122 ++++++++++++++ .../lists/essentials_tier/soc_manager.ts | 122 ++++++++++++++ .../essentials_tier/threat_intel_analyst.ts | 122 ++++++++++++++ .../lists/essentials_tier/tier_1_analyst.ts | 122 ++++++++++++++ .../lists/essentials_tier/tier_2_analyst.ts | 122 ++++++++++++++ .../lists/essentials_tier/tier_3_analyst.ts | 122 ++++++++++++++ .../lists/essentials_tier/viewer.ts | 118 ++++++++++++++ .../lists/duplicate_exception_list.ts | 7 +- 47 files changed, 4879 insertions(+), 22 deletions(-) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts create mode 100644 x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts diff --git a/.buildkite/ftr_security_serverless_configs.yml b/.buildkite/ftr_security_serverless_configs.yml index a508012e87ed2..b642b2c680bb1 100644 --- a/.buildkite/ftr_security_serverless_configs.yml +++ b/.buildkite/ftr_security_serverless_configs.yml @@ -90,6 +90,9 @@ disabled: - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts diff --git a/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml b/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml index 56b1904925f04..2f6e329524c5d 100644 --- a/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml +++ b/.buildkite/pipelines/security_solution_quality_gate/mki_periodic/mki_periodic_detection_engine.yml @@ -50,6 +50,51 @@ steps: - exit_status: '1' limit: 2 + - label: Running exception_lists:auth:lists:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:lists:qa:serverless + key: exception_lists:auth:lists:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running exception_lists:auth:common:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:common:qa:serverless + key: exception_lists:auth:common:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running exception_lists:auth:items:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:items:qa:serverless + key: exception_lists:auth:items:qa:serverless + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + preemptible: true + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + - label: Running lists_items:qa:serverless command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh lists_items:qa:serverless key: lists_items:qa:serverless diff --git a/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml b/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml index 8dd45a3d67306..2558da1f9ff5f 100644 --- a/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml +++ b/.buildkite/pipelines/security_solution_quality_gate/mki_quality_gate/mki_quality_gate_detection_engine.yml @@ -1,12 +1,12 @@ steps: - - group: "Cypress MKI - Detection Engine" + - group: 'Cypress MKI - Detection Engine' key: cypress_test_detections_engine steps: - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine - label: "Cypress MKI - Detection Engine" + label: 'Cypress MKI - Detection Engine' key: test_detection_engine env: - BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine" + BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine' agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -17,10 +17,10 @@ steps: parallelism: 1 - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions - label: "Cypress MKI - Detection Engine - Exceptions" + label: 'Cypress MKI - Detection Engine - Exceptions' key: test_detection_engine_exceptions env: - BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine" + BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine' agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod @@ -30,7 +30,7 @@ steps: timeout_in_minutes: 300 parallelism: 1 - - group: "API MKI - Detection Engine" + - group: 'API MKI - Detection Engine' key: api_test_detections_engine steps: - label: Running exception_lists_items:qa:serverless:release @@ -44,7 +44,49 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' + limit: 2 + + - label: Running exception_lists:auth:lists:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:lists:qa:serverless:release + key: exception_lists:auth:lists:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running exception_lists:common:lists:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:common:lists:qa:serverless:release + key: exception_lists:common:lists:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running exception_lists:items:lists:qa:serverless:release + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:items:lists:qa:serverless:release + key: exception_lists:items:lists:qa:serverless:release + agents: + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + provider: gcp + machineType: n2-standard-4 + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' limit: 2 - label: Running lists_items:qa:serverless:release @@ -58,7 +100,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running user_roles:qa:serverless:release @@ -72,7 +114,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running telemetry:qa:serverless:release @@ -86,7 +128,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_workflows:essentials:qa:serverless:release @@ -100,7 +142,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_date_types:essentials:qa:serverless:release @@ -156,7 +198,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_keyword:essentials:qa:serverless:release @@ -170,7 +212,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_ips:essentials:qa:serverless:release @@ -184,7 +226,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_long:essentials:qa:serverless:release @@ -198,7 +240,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_text:essentials:qa:serverless:release @@ -212,7 +254,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running actions:qa:serverless:release @@ -226,7 +268,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running alerts:qa:serverless:release @@ -240,7 +282,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running alerts:essentials:qa:serverless:release @@ -254,7 +296,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running rule_execution_logic:eql:qa:serverless:release @@ -366,5 +408,5 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json index 57342fdc264c6..26f8a8ff80695 100644 --- a/x-pack/test/security_solution_api_integration/package.json +++ b/x-pack/test/security_solution_api_integration/package.json @@ -36,6 +36,9 @@ "initialize-server:lists:complete": "node ./scripts/index.js server lists_and_exception_lists trial_license_complete_tier", "run-tests:lists:complete": "node ./scripts/index.js runner lists_and_exception_lists trial_license_complete_tier", + "initialize-server:lists:essentials_only": "node ./scripts/index.js server lists_and_exception_lists essentials_tier", + "run-tests:lists:essentials_only": "node ./scripts/index.js runner lists_and_exception_lists essentials_tier", + "initialize-server:edr-workflows": "node ./scripts/index.js server edr_workflows trial_license_complete_tier", "run-tests:edr-workflows": "node ./scripts/index.js runner edr_workflows trial_license_complete_tier", @@ -136,6 +139,21 @@ "edr_workflows:response_actions:server:ess": "npm run initialize-server:edr-workflows response_actions ess", "edr_workflows:response_actions:runner:ess": "npm run run-tests:edr-workflows response_actions ess essEnv", + "exception_lists:auth:lists:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/lists serverless", + "exception_lists:auth:lists:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless serverlessEnv", + "exception_lists:auth:lists:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless qaPeriodicEnv", + "exception_lists:auth:lists:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless qaEnv", + + "exception_lists:auth:common:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/common serverless", + "exception_lists:auth:common:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless serverlessEnv", + "exception_lists:auth:common:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless qaPeriodicEnv", + "exception_lists:auth:common:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless qaEnv", + + "exception_lists:auth:items:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/items serverless", + "exception_lists:auth:items:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless serverlessEnv", + "exception_lists:auth:items:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless qaPeriodicEnv", + "exception_lists:auth:items:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless qaEnv", + "exception_lists_items:server:serverless": "npm run initialize-server:lists:complete exception_lists_items serverless", "exception_lists_items:runner:serverless": "npm run run-tests:lists:complete exception_lists_items serverless serverlessEnv", "exception_lists_items:qa:serverless": "npm run run-tests:lists:complete exception_lists_items serverless qaPeriodicEnv", diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts new file mode 100644 index 0000000000000..a9deaeccc00ba --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/admin.ts @@ -0,0 +1,111 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + + describe('@serverless @serverlessQA admin exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for admin', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await admin + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for admin', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await admin + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for admin', async () => { + await admin + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..2fcd8d232299f --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception List and Items Authentication Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts new file mode 100644 index 0000000000000..b136ba3cd5e86 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/editor.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let editor: TestAgent; + + describe('@serverless @serverlessQA editor exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + editor = await utils.createSuperTest('editor'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for editor', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await editor + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for editor', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await editor + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for editor', async () => { + await editor + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts new file mode 100644 index 0000000000000..98b0ac438c513 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_operations_analyst.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let endpointOperationsAnalyst: TestAgent; + + describe('@serverless @serverlessQA endpoint_operations_analyst exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + endpointOperationsAnalyst = await utils.createSuperTest('endpoint_operations_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await endpointOperationsAnalyst + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await endpointOperationsAnalyst + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + await endpointOperationsAnalyst + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts new file mode 100644 index 0000000000000..697c08055bc95 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/endpoint_policy_manager.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let endpointPolicyManager: TestAgent; + + describe('@serverless @serverlessQA endpoint_policy_manager exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + endpointPolicyManager = await utils.createSuperTest('endpoint_policy_manager'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await endpointPolicyManager + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await endpointPolicyManager + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + await endpointPolicyManager + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts new file mode 100644 index 0000000000000..272ba9e4ffa5f --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/index.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Exception list and items APIs Authentication - Complete Tier', function () { + loadTestFile(require.resolve('./tier_1_analyst')); + loadTestFile(require.resolve('./tier_2_analyst')); + loadTestFile(require.resolve('./threat_intel_analyst')); + loadTestFile(require.resolve('./tier_3_analyst')); + loadTestFile(require.resolve('./viewer')); + loadTestFile(require.resolve('./rule_author')); + loadTestFile(require.resolve('./soc_manager')); + loadTestFile(require.resolve('./endpoint_operations_analyst')); + loadTestFile(require.resolve('./endpoint_policy_manager')); + loadTestFile(require.resolve('./platform_engineer')); + loadTestFile(require.resolve('./editor')); + loadTestFile(require.resolve('./admin')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts new file mode 100644 index 0000000000000..7168027c45025 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/platform_engineer.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let platformEngineer: TestAgent; + + describe('@serverless @serverlessQA platform_engineer exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + platformEngineer = await utils.createSuperTest('platform_engineer'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for platform_engineer', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await platformEngineer + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for platform_engineer', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await platformEngineer + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for platform_engineer', async () => { + await platformEngineer + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts new file mode 100644 index 0000000000000..d7f164d2d0fcf --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/rule_author.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let ruleAuthor: TestAgent; + + describe('@serverless @serverlessQA rule_author exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + ruleAuthor = await utils.createSuperTest('rule_author'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for rule_author', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await ruleAuthor + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for rule_author', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await ruleAuthor + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for rule_author', async () => { + await ruleAuthor + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts new file mode 100644 index 0000000000000..1c94880578d2c --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/soc_manager.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let socManager: TestAgent; + + describe('@serverless @serverlessQA soc_manager exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + socManager = await utils.createSuperTest('soc_manager'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for soc_manager', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await socManager + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for soc_manager', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await socManager + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for soc_manager', async () => { + await socManager + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts new file mode 100644 index 0000000000000..6c4d6b4118950 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/threat_intel_analyst.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let threatIntelAnalyst: TestAgent; + + describe('@serverless @serverlessQA threat_intelligence_analyst exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + threatIntelAnalyst = await utils.createSuperTest('threat_intelligence_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await threatIntelAnalyst + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await threatIntelAnalyst + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + await threatIntelAnalyst + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts new file mode 100644 index 0000000000000..f319b7a05ce5d --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_1_analyst.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t1Analyst: TestAgent; + + describe('@serverless @serverlessQA t1_analyst exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t1Analyst = await utils.createSuperTest('t1_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 403 for t1_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await t1Analyst + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('export exception list', () => { + it('should return 200 for t1_analyst', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await t1Analyst + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 403 for t1_analyst', async () => { + await t1Analyst + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts new file mode 100644 index 0000000000000..5a2fdda17c018 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_2_analyst.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t2Analyst: TestAgent; + + describe('@serverless @serverlessQA t2_analyst exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t2Analyst = await utils.createSuperTest('t2_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 403 for t2_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await t2Analyst + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('export exception list', () => { + it('should return 200 for t2_analyst', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await t2Analyst + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 403 for t2_analyst', async () => { + await t2Analyst + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts new file mode 100644 index 0000000000000..16c043239effb --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/tier_3_analyst.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t3Analyst: TestAgent; + + describe('@serverless @serverlessQA t3_analyst exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t3Analyst = await utils.createSuperTest('t3_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 200 for t3_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await t3Analyst + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('export exception list', () => { + it('should return 200 for t3_analyst', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await t3Analyst + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 200 for t3_analyst', async () => { + await t3Analyst + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts new file mode 100644 index 0000000000000..ec37e7ae59fb4 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/viewer.ts @@ -0,0 +1,113 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getImportExceptionsListItemSchemaMock, + getImportExceptionsListSchemaMock, + toNdJsonString, +} from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let viewer: TestAgent; + + describe('@serverless @serverlessQA viewer exception list and item API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + viewer = await utils.createSuperTest('viewer'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('duplicate exception list', () => { + it('should return 403 for viewer', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListDetectionSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send({ + ...getCreateExceptionListItemMinimalSchemaMock(), + list_id: getCreateExceptionListDetectionSchemaMock().list_id, + }) + .expect(200); + + await viewer + .post( + `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ + getCreateExceptionListDetectionSchemaMock().list_id + }&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('export exception list', () => { + it('should return 200 for viewer', async () => { + const { body } = await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await viewer + .post( + `${EXCEPTION_LIST_URL}/_export?id=${body.id}&list_id=${body.list_id}&namespace_type=single&include_expired_exceptions=true` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('import exception list', () => { + it('should return 403 for viewer', async () => { + await viewer + .post(`${EXCEPTION_LIST_URL}/_import?overwrite=true`) + .set('kbn-xsrf', 'true') + .attach( + 'file', + Buffer.from( + toNdJsonString([ + getImportExceptionsListSchemaMock('test_list_id'), + getImportExceptionsListItemSchemaMock('test_item_id', 'test_list_id'), + ]) + ), + 'exceptions.ndjson' + ) + .expect('Content-Type', 'application/json; charset=utf-8') + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts new file mode 100644 index 0000000000000..52ab99388341b --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/admin.ts @@ -0,0 +1,150 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + + describe('@serverless @serverlessQA admin exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for admin', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for admin', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await admin + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for admin', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for admin', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await admin + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for admin', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await admin + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..113162887d138 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception Items Authentication Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts new file mode 100644 index 0000000000000..57e611a6a30bb --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/editor.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let editor: TestAgent; + + describe('@serverless @serverlessQA editor exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + editor = await utils.createSuperTest('editor'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for editor', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await editor + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for editor', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await editor + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for editor', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await editor + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for editor', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await editor + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for editor', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await editor + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts new file mode 100644 index 0000000000000..330e830a44462 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_operations_analyst.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let endpointOperationsAnalyst: TestAgent; + + describe('@serverless @serverlessQA endpoint_operations_analyst exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + endpointOperationsAnalyst = await utils.createSuperTest('endpoint_operations_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointOperationsAnalyst + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await endpointOperationsAnalyst + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointOperationsAnalyst + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await endpointOperationsAnalyst + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await endpointOperationsAnalyst + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts new file mode 100644 index 0000000000000..dfd12c24f6aeb --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/endpoint_policy_manager.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let endpointPolicyManager: TestAgent; + + describe('@serverless @serverlessQA endpoint_policy_manager exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + endpointPolicyManager = await utils.createSuperTest('endpoint_policy_manager'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for endpoint_policy_manager', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointPolicyManager + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await endpointPolicyManager + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for endpoint_policy_manager', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointPolicyManager + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await endpointPolicyManager + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await endpointPolicyManager + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts new file mode 100644 index 0000000000000..35f627cd8dede --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/index.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Exception items APIs Authentication - Complete Tier', function () { + loadTestFile(require.resolve('./tier_1_analyst')); + loadTestFile(require.resolve('./tier_2_analyst')); + loadTestFile(require.resolve('./threat_intel_analyst')); + loadTestFile(require.resolve('./tier_3_analyst')); + loadTestFile(require.resolve('./viewer')); + loadTestFile(require.resolve('./rule_author')); + loadTestFile(require.resolve('./soc_manager')); + loadTestFile(require.resolve('./endpoint_operations_analyst')); + loadTestFile(require.resolve('./endpoint_policy_manager')); + loadTestFile(require.resolve('./platform_engineer')); + loadTestFile(require.resolve('./editor')); + loadTestFile(require.resolve('./admin')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts new file mode 100644 index 0000000000000..2bd5b39a056d0 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/platform_engineer.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let platformEngineer: TestAgent; + + describe('@serverless @serverlessQA platform_engineer exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + platformEngineer = await utils.createSuperTest('platform_engineer'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for platform_engineer', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await platformEngineer + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for platform_engineer', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await platformEngineer + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for platform_engineer', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await platformEngineer + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for platform_engineer', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await platformEngineer + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for platform_engineer', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await platformEngineer + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts new file mode 100644 index 0000000000000..529d4854adf14 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/rule_author.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let ruleAuthor: TestAgent; + + describe('@serverless @serverlessQA rule_author exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + ruleAuthor = await utils.createSuperTest('rule_author'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for rule_author', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await ruleAuthor + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for rule_author', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await ruleAuthor + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for rule_author', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await ruleAuthor + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for rule_author', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await ruleAuthor + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for rule_author', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await ruleAuthor + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts new file mode 100644 index 0000000000000..97826150c64a6 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/soc_manager.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let socManager: TestAgent; + + describe('@serverless @serverlessQA soc_manager exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + socManager = await utils.createSuperTest('soc_manager'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for soc_manager', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await socManager + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for soc_manager', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await socManager + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for soc_manager', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await socManager + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for soc_manager', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await socManager + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for soc_manager', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await socManager + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts new file mode 100644 index 0000000000000..ebd642dfdbd15 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/threat_intel_analyst.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let threatIntelAnalyst: TestAgent; + + describe('@serverless @serverlessQA threat_intelligence_analyst exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + threatIntelAnalyst = await utils.createSuperTest('threat_intelligence_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await threatIntelAnalyst + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await threatIntelAnalyst + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await threatIntelAnalyst + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await threatIntelAnalyst + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await threatIntelAnalyst + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts new file mode 100644 index 0000000000000..9030ed349c2e8 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_1_analyst.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t1Analyst: TestAgent; + + describe('@serverless @serverlessQA t1_analyst exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t1Analyst = await utils.createSuperTest('t1_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 403 for t1_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t1Analyst + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(403); + }); + }); + + describe('delete exception item', () => { + it('should return 403 for t1_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await t1Analyst + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('find exception item', () => { + it('should return 200 for t1_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t1Analyst + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for t1_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await t1Analyst + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 403 for t1_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await t1Analyst + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts new file mode 100644 index 0000000000000..75fa6347953ef --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_2_analyst.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t2Analyst: TestAgent; + + describe('@serverless @serverlessQA t2_analyst exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t2Analyst = await utils.createSuperTest('t2_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 403 for t2_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t2Analyst + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(403); + }); + }); + + describe('delete exception item', () => { + it('should return 403 for t2_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await t2Analyst + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('find exception item', () => { + it('should return 200 for t2_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t2Analyst + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for t2_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await t2Analyst + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 403 for t2_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await t2Analyst + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts new file mode 100644 index 0000000000000..8a55f46965df5 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/tier_3_analyst.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t3Analyst: TestAgent; + + describe('@serverless @serverlessQA t3_analyst exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t3Analyst = await utils.createSuperTest('t3_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 200 for t3_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t3Analyst + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception item', () => { + it('should return 200 for t3_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await t3Analyst + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception item', () => { + it('should return 200 for t3_analyst', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t3Analyst + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for t3_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await t3Analyst + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 200 for t3_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await t3Analyst + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts new file mode 100644 index 0000000000000..c03446a04a95d --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/viewer.ts @@ -0,0 +1,152 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_ITEM_URL, EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { UpdateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; +import { getUpdateMinimalExceptionListItemSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_item_schema.mock'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let viewer: TestAgent; + + describe('@serverless @serverlessQA viewer exception items API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + viewer = await utils.createSuperTest('viewer'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception item', () => { + it('should return 403 for viewer', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await viewer + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(403); + }); + }); + + describe('delete exception item', () => { + it('should return 403 for viewer', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create an exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // delete the exception list item by its item_id + await viewer + .delete( + `${EXCEPTION_LIST_ITEM_URL}?item_id=${ + getCreateExceptionListItemMinimalSchemaMock().item_id + }` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('find exception item', () => { + it('should return 200 for viewer', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await viewer + .get( + `${EXCEPTION_LIST_ITEM_URL}/_find?list_id=${ + getCreateExceptionListMinimalSchemaMock().list_id + }` + ) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + }); + }); + + describe('read exception item', () => { + it('should return 200 for viewer', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item to read + const { body: createListBody } = await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + await viewer + .get(`${EXCEPTION_LIST_ITEM_URL}?id=${createListBody.id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception item', () => { + it('should return 403 for viewer', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // create a simple exception list item + await admin + .post(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListItemMinimalSchemaMock()) + .expect(200); + + // update a exception list item's name + const updatedList: UpdateExceptionListItemSchema = { + ...getUpdateMinimalExceptionListItemSchemaMock(), + name: 'some other name', + }; + + await viewer + .put(EXCEPTION_LIST_ITEM_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts new file mode 100644 index 0000000000000..fdee68f7ce566 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/admin.ts @@ -0,0 +1,116 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + + describe('@serverless @serverlessQA admin exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for admin', async () => { + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for admin', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for admin', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await admin + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for admin', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await admin + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for admin', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await admin.put(EXCEPTION_LIST_URL).set('kbn-xsrf', 'true').send(updatedList).expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..9e8e6663f6305 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Detection Engine - Exception List Authentication Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts new file mode 100644 index 0000000000000..7cda40dbb5e13 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/editor.ts @@ -0,0 +1,118 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let editor: TestAgent; + + describe('@serverless @serverlessQA editor exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + editor = await utils.createSuperTest('editor'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for editor', async () => { + await editor + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for editor', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await editor + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for editor', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await editor + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for editor', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await editor + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for editor', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await editor.put(EXCEPTION_LIST_URL).set('kbn-xsrf', 'true').send(updatedList).expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts new file mode 100644 index 0000000000000..19b4da0b5870b --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_operations_analyst.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let endpointOperationsAnalyst: TestAgent; + + describe('@serverless @serverlessQA endpoint_operations_analyst exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + endpointOperationsAnalyst = await utils.createSuperTest('endpoint_operations_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + await endpointOperationsAnalyst + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointOperationsAnalyst + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await endpointOperationsAnalyst + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointOperationsAnalyst + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for endpoint_operations_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await endpointOperationsAnalyst + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts new file mode 100644 index 0000000000000..8b0735d21ab38 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/endpoint_policy_manager.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let endpointPolicyManager: TestAgent; + + describe('@serverless @serverlessQA endpoint_policy_manager exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + endpointPolicyManager = await utils.createSuperTest('endpoint_policy_manager'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + await endpointPolicyManager + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointPolicyManager + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await endpointPolicyManager + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await endpointPolicyManager + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for endpoint_policy_manager', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await endpointPolicyManager + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts new file mode 100644 index 0000000000000..d3295ee8457c1 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/index.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Exception list APIs Authentication - Complete Tier', function () { + loadTestFile(require.resolve('./tier_1_analyst')); + loadTestFile(require.resolve('./tier_2_analyst')); + loadTestFile(require.resolve('./threat_intel_analyst')); + loadTestFile(require.resolve('./tier_3_analyst')); + loadTestFile(require.resolve('./viewer')); + loadTestFile(require.resolve('./rule_author')); + loadTestFile(require.resolve('./soc_manager')); + loadTestFile(require.resolve('./endpoint_operations_analyst')); + loadTestFile(require.resolve('./endpoint_policy_manager')); + loadTestFile(require.resolve('./platform_engineer')); + loadTestFile(require.resolve('./editor')); + loadTestFile(require.resolve('./admin')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts new file mode 100644 index 0000000000000..a0d11f61368b7 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/platform_engineer.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let platformEngineer: TestAgent; + + describe('@serverless @serverlessQA platform_engineer exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + platformEngineer = await utils.createSuperTest('platform_engineer'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for platform_engineer', async () => { + await platformEngineer + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for platform_engineer', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await platformEngineer + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for platform_engineer', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await platformEngineer + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for platform_engineer', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await platformEngineer + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for platform_engineer', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await platformEngineer + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts new file mode 100644 index 0000000000000..2da3ea687ef6c --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/rule_author.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let ruleAuthor: TestAgent; + + describe('@serverless @serverlessQA rule_author exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + ruleAuthor = await utils.createSuperTest('rule_author'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for rule_author', async () => { + await ruleAuthor + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for rule_author', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await ruleAuthor + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for rule_author', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await ruleAuthor + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for rule_author', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await ruleAuthor + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for rule_author', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await ruleAuthor + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts new file mode 100644 index 0000000000000..6b9e6b9234157 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/soc_manager.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let socManager: TestAgent; + + describe('@serverless @serverlessQA soc_manager exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + socManager = await utils.createSuperTest('soc_manager'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for soc_manager', async () => { + await socManager + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for soc_manager', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await socManager + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for soc_manager', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await socManager + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for soc_manager', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await socManager + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for soc_manager', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await socManager + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts new file mode 100644 index 0000000000000..a25d98252782f --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/threat_intel_analyst.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let threatIntelAnalyst: TestAgent; + + describe('@serverless @serverlessQA threat_intelligence_analyst exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + threatIntelAnalyst = await utils.createSuperTest('threat_intelligence_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + await threatIntelAnalyst + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await threatIntelAnalyst + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await threatIntelAnalyst + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await threatIntelAnalyst + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for threat_intelligence_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await threatIntelAnalyst + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts new file mode 100644 index 0000000000000..60f9be5afcb87 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_1_analyst.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t1Analyst: TestAgent; + + describe('@serverless @serverlessQA t1_analyst exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t1Analyst = await utils.createSuperTest('t1_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 403 for t1_analyst', async () => { + await t1Analyst + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(403); + }); + }); + + describe('delete exception list', () => { + it('should return 403 for t1_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t1Analyst + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('find exception list', () => { + it('should return 200 for t1_analyst', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await t1Analyst + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for t1_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t1Analyst + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 403 for t1_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await t1Analyst + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts new file mode 100644 index 0000000000000..5e501e1a83512 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_2_analyst.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t2Analyst: TestAgent; + + describe('@serverless @serverlessQA t2_analyst exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t2Analyst = await utils.createSuperTest('t2_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 403 for t2_analyst', async () => { + await t2Analyst + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(403); + }); + }); + + describe('delete exception list', () => { + it('should return 403 for t2_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t2Analyst + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('find exception list', () => { + it('should return 200 for t2_analyst', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await t2Analyst + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for t2_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t2Analyst + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 403 for t2_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await t2Analyst + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts new file mode 100644 index 0000000000000..3c12223d089b7 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/tier_3_analyst.ts @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let t3Analyst: TestAgent; + + describe('@serverless @serverlessQA t3_analyst exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + t3Analyst = await utils.createSuperTest('t3_analyst'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 200 for t3_analyst', async () => { + await t3Analyst + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + }); + }); + + describe('delete exception list', () => { + it('should return 200 for t3_analyst', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t3Analyst + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('find exception list', () => { + it('should return 200 for t3_analyst', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await t3Analyst + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for t3_analyst', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await t3Analyst + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 200 for t3_analyst', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await t3Analyst + .put(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(updatedList) + .expect(200); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts new file mode 100644 index 0000000000000..e4bc47ea1b840 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/viewer.ts @@ -0,0 +1,118 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from 'expect'; +import TestAgent from 'supertest/lib/agent'; +import { EXCEPTION_LIST_URL } from '@kbn/securitysolution-list-constants'; +import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { getUpdateMinimalExceptionListSchemaMock } from '@kbn/lists-plugin/common/schemas/request/update_exception_list_schema.mock'; +import { UpdateExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; +import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { deleteAllExceptions } from '../../../../utils'; + +export default ({ getService }: FtrProviderContext): void => { + const log = getService('log'); + const utils = getService('securitySolutionUtils'); + + let admin: TestAgent; + let viewer: TestAgent; + + describe('@serverless @serverlessQA viewer exception list API behaviors', () => { + before(async () => { + admin = await utils.createSuperTest('admin'); + viewer = await utils.createSuperTest('viewer'); + await deleteAllExceptions(admin, log); + }); + + afterEach(async () => { + await deleteAllExceptions(admin, log); + }); + + describe('create exception list', () => { + it('should return 403 for viewer', async () => { + await viewer + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(403); + }); + }); + + describe('delete exception list', () => { + it('should return 403 for viewer', async () => { + // create an exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await viewer + .delete( + `${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}` + ) + .set('kbn-xsrf', 'true') + .expect(403); + }); + }); + + describe('find exception list', () => { + it('should return 200 for viewer', async () => { + // add a single exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // query the single exception list from _find + const { body } = await viewer + .get(`${EXCEPTION_LIST_URL}/_find`) + .set('kbn-xsrf', 'true') + .send() + .expect(200); + + expect(body.total).toEqual(1); + }); + }); + + describe('read exception list', () => { + it('should return 200 for viewer', async () => { + // create a simple exception list to read + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + await viewer + .get(`${EXCEPTION_LIST_URL}?list_id=${getCreateExceptionListMinimalSchemaMock().list_id}`) + .set('kbn-xsrf', 'true') + .expect(200); + }); + }); + + describe('update exception list', () => { + it('should return 403 for viewer', async () => { + // create a simple exception list + await admin + .post(EXCEPTION_LIST_URL) + .set('kbn-xsrf', 'true') + .send(getCreateExceptionListMinimalSchemaMock()) + .expect(200); + + // update a exception list's name + const updatedList: UpdateExceptionListSchema = { + ...getUpdateMinimalExceptionListSchemaMock(), + name: 'some other name', + }; + + await viewer.put(EXCEPTION_LIST_URL).set('kbn-xsrf', 'true').send(updatedList).expect(403); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts index 6501ac284b7ff..a9c861dfcc74a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/lists/duplicate_exception_list.ts @@ -13,7 +13,10 @@ import { EXCEPTION_LIST_URL, } from '@kbn/securitysolution-list-constants'; import { getExceptionResponseMockWithoutAutoGeneratedValues } from '@kbn/lists-plugin/common/schemas/response/exception_list_schema.mock'; -import { getCreateExceptionListDetectionSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { + getCreateExceptionListDetectionSchemaMock, + getCreateExceptionListMinimalSchemaMock, +} from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_item_schema.mock'; import { deleteAllExceptions, removeExceptionListServerGeneratedProperties } from '../../../utils'; @@ -76,7 +79,7 @@ export default ({ getService }: FtrProviderContext) => { const { body: listBody } = await supertest .post( `${EXCEPTION_LIST_URL}/_duplicate?list_id=${ - getCreateExceptionListDetectionSchemaMock().list_id + getCreateExceptionListMinimalSchemaMock().list_id }&namespace_type=single&include_expired_exceptions=true` ) .set('kbn-xsrf', 'true')