[Security Solution] Tests for prebuilt rule customization workflow

[banderror]

Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168

Summary

Write test plans (one or a few) and create a comprehensive suite of automated tests for the workflow of customizing prebuilt rules.

Features to cover:

• Editing prebuilt rules (actions as a whole)
  • from the Rule Details page
  • from the Rule Management page (single edit via the context menu)
  • from the Rule Management page (bulk edit via the bulk actions menu)
    • I think every bulk editing action should be smoke tested
• Calculating the is_customized field and the Modified badge in the UI
  • on the Rule Details page
    • [Security Solution] Write tests for "Customized Elastic rule" badge on the Rule Details page #186916
  • on the Rule Management page -> Installed Rules table
  • on the Rule Management page -> Rule Updates table
  • filtering by Modified in the Rule Updates table
• Editing prebuilt rules and calculating is_customized - per each rule field - in API and UI
  • name
  • description
  • etc - I feel that we need to cover literally every rule field

Please cover both the features under the feature flag turned ON and OFF.

Related tickets

Related functional tickets to cover with tests:

• [Security Solution] Calculate and save ruleSource.isCustomized in API endpoint handlers #180145
• [Security Solution] Calculate and save ruleSource.isCustomized in bulk edit API #187706
• [Security Solution] Prevent from updating "non-customizable" fields in prebuilt rules #180273
• [Security Solution] Show if a rule is customized on the Rule Details page #180170
• [Security Solution] Support filtering by "Modified rules" and "Unmodified rules"  #180169
• [Security Solution] Add support for editing prebuilt rules to the Rule Management and Rule Details pages #180171
• [Security Solution] Add support for editing prebuilt rules to the Rule Editing page #180172

Related bugs to cover with tests:

• [Security Solution] Rules mistakenly marked as customized #199629
• [Security Solution] Required fields are getting erased on rule PATCH #199665
• [Security Solution] Prebuilt rules with missing base version are marked as customized on edit #201632
• [Security Solution] Prebuilt rules marked as customized after applying updates #201631
• [Security Solution] “Author” and “License” Fields Are Editable in UI but Result in Errors When Updated #200251
• [Security Solution] Editing rules independently of source data: improve validation errors UX #191832
• Anything else from Milestone 3 bugs under the corresponding section

Related PRs

Test plans for diff algorithms

Preview Give feedback

1. [Security Solution] Simple diff algorithm test plan #184484
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:skip release_note:skip test-plan v8.15.0 +8
   
2. [Security Solution] Array of scalar values diff algorithm test plan #186325
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp release_note:skip test-plan v8.15.0 v8.16.0 +8
   
3. [Security Solution] Multi-line string fields diff algorithm test plan #188323
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:skip release_note:skip test-plan v8.16.0 +8
   
4. [Security Solution] data_source field diff algorithm test plan #189669
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:skip release_note:skip test-plan v8.16.0 +8
   
5. [Security Solution] Test plan for query fields diff algorithm #192529
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp release_note:skip test-plan v8.16.0 v9.0.0 +8
   
6. [Security Solution] Test plan for rule type field diff algorithm #193372
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:prev-minor release_note:skip test-plan v8.16.0 v9.0.0 +9
   

Test plans for prebuilt rule customization workflow

Preview Give feedback

1. [Security Solution] Test plan for prebuilt rule customization #204888
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:version release_note:skip test-plan v8.18.0 v9.0.0 +9
   
2. [Security Solution] Refactor prebuilt rule customization test plans, part 1 #211300
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:version release_note:skip test-plan v8.18.0 v8.19.0 v9.0.0 v9.1.0 +11
   

Test coverage for prebuilt rule customization workflow

Preview Give feedback

1. [Security Solution] Adds prebuilt rule customization tests #207016
   Feature:Prebuilt Detection Rules Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp backport:version release_note:skip test v8.18.0 v8.19.0 v9.0.0 v9.1.0 +11
   

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)