forked from elastic/kibana
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Cases] Suggest user profiles with read permission (elastic#172047)
Fixes elastic#171446 ## Summary We will now also suggest users with only `Read Cases` permissions for case assignment. ## Release notes Fixed a bug that prevented users with read permission from being assigned to cases.
- Loading branch information
Showing
3 changed files
with
46 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -58,6 +58,30 @@ export default function ({ getService }: FtrProviderContext) { | |
`); | ||
}); | ||
|
||
it('find a user who only has read privilege for cases', async () => { | ||
const profiles = await suggestUserProfiles({ | ||
supertest: supertestWithoutAuth, | ||
req: { | ||
name: 'read', | ||
owners: ['securitySolutionFixture'], | ||
}, | ||
auth: { user: superUser, space: 'space1' }, | ||
}); | ||
|
||
expectSnapshot(profiles.map(({ user, data }) => ({ user, data }))).toMatchInline(` | ||
Array [ | ||
Object { | ||
"data": Object {}, | ||
"user": Object { | ||
"email": "[email protected]", | ||
"full_name": "sec only_read", | ||
"username": "sec_only_read", | ||
}, | ||
}, | ||
] | ||
`); | ||
}); | ||
|
||
it('does not find a user who does not have access to the default space', async () => { | ||
const profiles = await suggestUserProfiles({ | ||
supertest: supertestWithoutAuth, | ||
|
@@ -85,6 +109,14 @@ export default function ({ getService }: FtrProviderContext) { | |
expect(profiles.filter(({ user }) => user.username === obsOnly.username)).to.be.empty(); | ||
expectSnapshot(profiles.map(({ user, data }) => ({ user, data }))).toMatchInline(` | ||
Array [ | ||
Object { | ||
"data": Object {}, | ||
"user": Object { | ||
"email": "[email protected]", | ||
"full_name": "sec only_read", | ||
"username": "sec_only_read", | ||
}, | ||
}, | ||
Object { | ||
"data": Object {}, | ||
"user": Object { | ||
|
@@ -105,19 +137,6 @@ export default function ({ getService }: FtrProviderContext) { | |
`); | ||
}); | ||
|
||
it('does not find a user who does not have update privileges to cases', async () => { | ||
const profiles = await suggestUserProfiles({ | ||
supertest: supertestWithoutAuth, | ||
req: { | ||
name: 'read', | ||
owners: ['securitySolutionFixture'], | ||
}, | ||
auth: { user: superUser, space: 'space1' }, | ||
}); | ||
|
||
expect(profiles).to.be.empty(); | ||
}); | ||
|
||
it('fails with a 403 because the user making the request does not have the appropriate api kibana endpoint privileges', async () => { | ||
await suggestUserProfiles({ | ||
supertest: supertestWithoutAuth, | ||
|
@@ -186,9 +205,9 @@ export default function ({ getService }: FtrProviderContext) { | |
Object { | ||
"data": Object {}, | ||
"user": Object { | ||
"email": "sec_only_no_delete@elastic.co", | ||
"full_name": "sec only_no_delete", | ||
"username": "sec_only_no_delete", | ||
"email": "sec_only_read@elastic.co", | ||
"full_name": "sec only_read", | ||
"username": "sec_only_read", | ||
}, | ||
}, | ||
] | ||
|
@@ -242,7 +261,7 @@ export default function ({ getService }: FtrProviderContext) { | |
await deleteUsersAndRoles(getService, users, roles); | ||
}); | ||
|
||
it('finds 3 profiles when searching for the name sec when a user has both security and observability privileges', async () => { | ||
it('finds 4 profiles when searching for the name sec when a user has both security and observability privileges', async () => { | ||
const profiles = await suggestUserProfiles({ | ||
supertest: supertestWithoutAuth, | ||
req: { | ||
|
@@ -254,6 +273,14 @@ export default function ({ getService }: FtrProviderContext) { | |
|
||
expectSnapshot(profiles.map(({ user, data }) => ({ user, data }))).toMatchInline(` | ||
Array [ | ||
Object { | ||
"data": Object {}, | ||
"user": Object { | ||
"email": "[email protected]", | ||
"full_name": "sec only_read", | ||
"username": "sec_only_read", | ||
}, | ||
}, | ||
Object { | ||
"data": Object {}, | ||
"user": Object { | ||
|