Skip to content

Commit

Permalink
[Security Solution][Detections] adds missing bulk edit data view tests (
Browse files Browse the repository at this point in the history 
elastic#141915)

## Summary

- addresses elastic#135201
- adds Data View cypress and integration tests according to [Data view Bulk Edit test plan](https://docs.google.com/document/d/116x7ITTTJQ6cTiwaGK831_f6Ox7XB3qyLiHxC3Cmf8w/edit#heading=h.j583i3o7bg2g) (internal document)
- integration tests were added earlier in elastic#138448

(cherry picked from commit c7301e5)
  • Loading branch information
@vitaliidm
vitaliidm committed Sep 28, 2022
1 parent 1f5fed0 commit 7f9f469
Show file tree
Hide file tree
Showing 6 changed files with 344 additions and 115 deletions.
177 changes: 177 additions & 0 deletions x-pack/plugins/security_solution/cypress/e2e/detection_rules/bulk_edit_rules_data_view.cy.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,177 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import {
RULES_BULK_EDIT_DATA_VIEWS_WARNING,
RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX,
} from '../../screens/rules_bulk_edit';

import { DATA_VIEW_DETAILS, INDEX_PATTERNS_DETAILS } from '../../screens/rule_details';

import {
waitForRulesTableToBeLoaded,
goToRuleDetails,
selectNumberOfRules,
} from '../../tasks/alerts_detection_rules';

import {
typeIndexPatterns,
waitForBulkEditActionToFinish,
submitBulkEditForm,
checkOverwriteDataViewCheckbox,
checkOverwriteIndexPatternsCheckbox,
openBulkEditAddIndexPatternsForm,
openBulkEditDeleteIndexPatternsForm,
} from '../../tasks/rules_bulk_edit';

import { hasIndexPatterns, getDetails, assertDetailsNotExist } from '../../tasks/rule_details';
import { login, visitWithoutDateRange } from '../../tasks/login';

import { SECURITY_DETECTIONS_RULES_URL } from '../../urls/navigation';
import {
createCustomRule,
createCustomIndicatorRule,
createEventCorrelationRule,
createThresholdRule,
createNewTermsRule,
createSavedQueryRule,
} from '../../tasks/api_calls/rules';
import { cleanKibana, deleteAlertsAndRules, postDataView } from '../../tasks/common';

import {
getEqlRule,
getNewThreatIndicatorRule,
getNewRule,
getNewThresholdRule,
getNewTermsRule,
} from '../../objects/rule';

import { esArchiverResetKibana } from '../../tasks/es_archiver';

const DATA_VIEW_ID = 'auditbeat';

const expectedIndexPatterns = ['index-1-*', 'index-2-*'];

const expectedNumberOfCustomRulesToBeEdited = 6;

const indexDataSource = { dataView: DATA_VIEW_ID, type: 'dataView' } as const;

const defaultRuleData = {
dataSource: indexDataSource,
};

describe('Detection rules, bulk edit, data view', () => {
before(() => {
cleanKibana();
login();
});
beforeEach(() => {
deleteAlertsAndRules();
esArchiverResetKibana();

postDataView(DATA_VIEW_ID);

createCustomRule({ ...getNewRule(), ...defaultRuleData }, '1');
createEventCorrelationRule({ ...getEqlRule(), ...defaultRuleData }, '2');
createCustomIndicatorRule({ ...getNewThreatIndicatorRule(), ...defaultRuleData }, '3');
createThresholdRule({ ...getNewThresholdRule(), ...defaultRuleData }, '4');
createNewTermsRule({ ...getNewTermsRule(), ...defaultRuleData }, '5');
createSavedQueryRule({ ...getNewRule(), ...defaultRuleData, savedId: 'mocked' }, '6');

visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL);

waitForRulesTableToBeLoaded();
});

it('Add index patterns to custom rules with configured data view', () => {
selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited);

openBulkEditAddIndexPatternsForm();
typeIndexPatterns(expectedIndexPatterns);
submitBulkEditForm();

waitForBulkEditActionToFinish({ rulesCount: expectedNumberOfCustomRulesToBeEdited });

// check if rule still has data view and index patterns field does not exist
goToRuleDetails();
getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID);
assertDetailsNotExist(INDEX_PATTERNS_DETAILS);
});

it('Add index patterns to custom rules with configured data view when data view checkbox is checked', () => {
selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited);

openBulkEditAddIndexPatternsForm();
typeIndexPatterns(expectedIndexPatterns);

// click on data view overwrite checkbox, ensure warning is displayed
cy.get(RULES_BULK_EDIT_DATA_VIEWS_WARNING).should('not.exist');
checkOverwriteDataViewCheckbox();
cy.get(RULES_BULK_EDIT_DATA_VIEWS_WARNING).should('be.visible');

submitBulkEditForm();

waitForBulkEditActionToFinish({ rulesCount: expectedNumberOfCustomRulesToBeEdited });

// check if rule has been updated with index patterns and data view does not exist
goToRuleDetails();
hasIndexPatterns(expectedIndexPatterns.join(''));
assertDetailsNotExist(DATA_VIEW_DETAILS);
});

it('Overwrite index patterns in custom rules with configured data view', () => {
selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited);

openBulkEditAddIndexPatternsForm();
typeIndexPatterns(expectedIndexPatterns);
checkOverwriteIndexPatternsCheckbox();
submitBulkEditForm();

waitForBulkEditActionToFinish({ rulesCount: expectedNumberOfCustomRulesToBeEdited });

// check if rule still has data view and index patterns field does not exist
goToRuleDetails();
getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID);
assertDetailsNotExist(INDEX_PATTERNS_DETAILS);
});

it('Overwrite index patterns in custom rules with configured data view when data view checkbox is checked', () => {
selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited);

openBulkEditAddIndexPatternsForm();
typeIndexPatterns(expectedIndexPatterns);
checkOverwriteIndexPatternsCheckbox();
checkOverwriteDataViewCheckbox();

submitBulkEditForm();

waitForBulkEditActionToFinish({ rulesCount: expectedNumberOfCustomRulesToBeEdited });

// check if rule has been overwritten with index patterns and data view does not exist
goToRuleDetails();
hasIndexPatterns(expectedIndexPatterns.join(''));
assertDetailsNotExist(DATA_VIEW_DETAILS);
});

it('Delete index patterns in custom rules with configured data view', () => {
selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited);

openBulkEditDeleteIndexPatternsForm();
typeIndexPatterns(expectedIndexPatterns);

// in delete form data view checkbox is absent
cy.get(RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX).should('not.exist');

submitBulkEditForm();

waitForBulkEditActionToFinish({ rulesCount: expectedNumberOfCustomRulesToBeEdited });

// check if rule still has data view and index patterns field does not exist
goToRuleDetails();
getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID);
});
});
6 changes: 6 additions & 0 deletions x-pack/plugins/security_solution/cypress/screens/rules_bulk_edit.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ export const RULES_BULK_EDIT_INDEX_PATTERNS = '[data-test-subj="bulkEditRulesInd
export const RULES_BULK_EDIT_OVERWRITE_INDEX_PATTERNS_CHECKBOX =
'[data-test-subj="bulkEditRulesOverwriteIndexPatterns"]';

export const RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX =
'[data-test-subj="bulkEditRulesOverwriteRulesWithDataViews"]';

export const RULES_BULK_EDIT_TAGS = '[data-test-subj="bulkEditRulesTags"]';

export const RULES_BULK_EDIT_OVERWRITE_TAGS_CHECKBOX =
Expand All @@ -48,6 +51,9 @@ export const RULES_BULK_EDIT_TIMELINE_TEMPLATES_SELECTOR =
export const RULES_BULK_EDIT_TIMELINE_TEMPLATES_WARNING =
'[data-test-subj="bulkEditRulesTimelineTemplateWarning"]';

export const RULES_BULK_EDIT_DATA_VIEWS_WARNING =
'[data-test-subj="bulkEditRulesDataViewsWarning"]';

export const RULES_BULK_EDIT_SCHEDULES_WARNING = '[data-test-subj="bulkEditRulesSchedulesWarning"]';

export const UPDATE_SCHEDULE_INTERVAL_INPUT =
Expand Down
Loading

0 comments on commit 7f9f469

Please sign in to comment.