Merge branch 'disable-rbac-alert-security-solution' of github.com:XavierM/kibana into disable-rbac-alert-security-solution

Author: XavierM

x-pack/plugins/security_solution/public/detections/pages/detection_engine/detection_engine.tsx

@@ -294,7 +294,7 @@ const DetectionEnginePageComponent: React.FC<DetectionEngineComponentProps> = ({
       {hasEncryptionKey != null && !hasEncryptionKey && <NoApiIntegrationKeyCallOut />}
       <NeedAdminForUpdateRulesCallOut />
       <MissingPrivilegesCallOut />
-      {indicesExist && (!hasIndexRead || !canUserREAD) ? (
+      {indicesExist && (hasIndexRead === false || canUserREAD === false) ? (
         <EmptyPage
           actions={emptyPageActions}
           message={i18n.ALERTS_FEATURE_NO_PERMISSIONS_MSG}

x-pack/test/api_integration/apis/security/privileges.ts

@@ -32,16 +32,7 @@ export default function ({ getService }: FtrProviderContext) {
             actions: ['all', 'read'],
             stackAlerts: ['all', 'read'],
             ml: ['all', 'read'],
-            siem: [
-              'all',
-              'read',
-              'minimal_all',
-              'minimal_read',
-              'cases_all',
-              'cases_read',
-              'alerts_all',
-              'alerts_read',
-            ],
+            siem: ['all', 'read', 'minimal_all', 'minimal_read', 'cases_all', 'cases_read'],
             observabilityCases: ['all', 'read'],
             uptime: ['all', 'read'],
             infrastructure: ['all', 'read'],

x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_index.ts

@@ -82,15 +82,15 @@ export default ({ getService }: FtrProviderContext) => {
         expect(body).to.eql({ message: 'index for this space does not exist', status_code: 404 });
       });
 
-      it('should be able to create a signal index when it has not been created yet', async () => {
+      it('should NOT be able to create a signal index when it has not been created yet. Should return a 403 and error that the user is unauthorized', async () => {
         const { body } = await supertestWithoutAuth
           .post(DETECTION_ENGINE_INDEX_URL)
           .set('kbn-xsrf', 'true')
           .auth(role, 'changeme')
           .send()
-          .expect(200);
-
-        expect(body).to.eql({ acknowledged: true });
+          .expect(403);
+        expect(body.message).to.match(/^security_exception/);
+        expect(body.status_code).to.eql(403);
       });
 
       it('should be able to read the index name and status as not being outdated', async () => {
@@ -103,7 +103,7 @@ export default ({ getService }: FtrProviderContext) => {
           .send()
           .expect(200);
         expect(body).to.eql({
-          index_mapping_outdated: false,
+          index_mapping_outdated: null,
           name: `${DEFAULT_SIGNALS_INDEX}-default`,
         });
       });
@@ -129,15 +129,15 @@ export default ({ getService }: FtrProviderContext) => {
         expect(body).to.eql({ message: 'index for this space does not exist', status_code: 404 });
       });
 
-      it('should be able to create a signal index when it has not been created yet.', async () => {
+      it('should NOT be able to create a signal index when it has not been created yet. Should return a 403 and error that the user is unauthorized', async () => {
         const { body } = await supertestWithoutAuth
           .post(DETECTION_ENGINE_INDEX_URL)
           .set('kbn-xsrf', 'true')
           .auth(role, 'changeme')
           .send()
-          .expect(200);
-
-        expect(body).to.eql({ acknowledged: true });
+          .expect(403);
+        expect(body.message).to.match(/^security_exception/);
+        expect(body.status_code).to.eql(403);
       });
 
       it('should be able to read the index name and status as not being outdated', async () => {
@@ -150,7 +150,7 @@ export default ({ getService }: FtrProviderContext) => {
           .send()
           .expect(200);
         expect(body).to.eql({
-          index_mapping_outdated: false,
+          index_mapping_outdated: null,
           name: `${DEFAULT_SIGNALS_INDEX}-default`,
         });
       });
@@ -226,15 +226,15 @@ export default ({ getService }: FtrProviderContext) => {
         expect(body).to.eql({ message: 'index for this space does not exist', status_code: 404 });
       });
 
-      it('should be able to create a signal index when it has not been created yet', async () => {
+      it('should NOT be able to create a signal index when it has not been created yet. Should return a 403 and error that the user is unauthorized', async () => {
         const { body } = await supertestWithoutAuth
           .post(DETECTION_ENGINE_INDEX_URL)
           .set('kbn-xsrf', 'true')
           .auth(role, 'changeme')
           .send()
-          .expect(200);
-
-        expect(body).to.eql({ acknowledged: true });
+          .expect(403);
+        expect(body.message).to.match(/^security_exception/);
+        expect(body.status_code).to.eql(403);
       });
 
       it('should be able to read the index name and status as not being outdated', async () => {
@@ -272,16 +272,16 @@ export default ({ getService }: FtrProviderContext) => {
           .expect(404);
         expect(body).to.eql({ message: 'index for this space does not exist', status_code: 404 });
       });
-      // here
-      it('should be able to create a signal index when it has not been created yet', async () => {
+
+      it('should NOT be able to create a signal index when it has not been created yet. Should return a 403 and error that the user is unauthorized', async () => {
         const { body } = await supertestWithoutAuth
           .post(DETECTION_ENGINE_INDEX_URL)
           .set('kbn-xsrf', 'true')
           .auth(role, 'changeme')
           .send()
-          .expect(200);
-
-        expect(body).to.eql({ acknowledged: true });
+          .expect(403);
+        expect(body.message).to.match(/^security_exception/);
+        expect(body.status_code).to.eql(403);
       });
 
       it('should be able to read the index name and status as not being outdated', async () => {
@@ -294,7 +294,7 @@ export default ({ getService }: FtrProviderContext) => {
           .send()
           .expect(200);
         expect(body).to.eql({
-          index_mapping_outdated: false,
+          index_mapping_outdated: null,
           name: `${DEFAULT_SIGNALS_INDEX}-default`,
         });
       });
@@ -370,14 +370,15 @@ export default ({ getService }: FtrProviderContext) => {
         expect(body).to.eql({ message: 'index for this space does not exist', status_code: 404 });
       });
 
-      it('should be able to create a signal index when it has not been created yet', async () => {
+      it('should NOT be able to create a signal index when it has not been created yet. Should return a 401 unauthorized', async () => {
         const { body } = await supertestWithoutAuth
           .post(DETECTION_ENGINE_INDEX_URL)
           .set('kbn-xsrf', 'true')
           .auth(role, 'changeme')
           .send()
-          .expect(200);
-        expect(body).to.eql({ acknowledged: true });
+          .expect(403);
+        expect(body.message).to.match(/^security_exception/);
+        expect(body.status_code).to.eql(403);
       });
 
       it('should be able to read the index name and status as being outdated.', async () => {
@@ -416,14 +417,15 @@ export default ({ getService }: FtrProviderContext) => {
         expect(body).to.eql({ message: 'index for this space does not exist', status_code: 404 });
       });
 
-      it('should be able to create a signal index when it has not been created yet', async () => {
+      it('should NOT be able to create a signal index when it has not been created yet. Should return a 401 unauthorized', async () => {
         const { body } = await supertestWithoutAuth
           .post(DETECTION_ENGINE_INDEX_URL)
           .set('kbn-xsrf', 'true')
           .auth(role, 'changeme')
           .send()
-          .expect(200);
-        expect(body).to.eql({ acknowledged: true });
+          .expect(403);
+        expect(body.message).to.match(/^security_exception/);
+        expect(body.status_code).to.eql(403);
       });
 
       it('should be able to read the index name and status as being outdated.', async () => {