Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SecuritySolution] Breaking out timeline & note privileges #201780

Merged
merged 162 commits into from
Jan 20, 2025
Merged

[SecuritySolution] Breaking out timeline & note privileges #201780

Changes from 1 commit
Commits
Show all changes
162 commits
Select commit Hold shift + click to select a range
a88f3bb
initial wiring of feature ids
janmonschke Nov 20, 2024
2a612f2
disable timeline save button based on timeline crud
janmonschke Nov 21, 2024
2d523cc
should we do it like this?
janmonschke Nov 21, 2024
0af9862
update some timeline privilege checks
janmonschke Nov 26, 2024
6f61825
Merge branch 'main' into security/timeline-privileges
janmonschke Nov 26, 2024
f718567
hide/disable timeline in more places
janmonschke Nov 27, 2024
fd14f2d
Merge branch 'main' into security/timeline-privileges
janmonschke Nov 29, 2024
1db418f
update tests
janmonschke Nov 29, 2024
bdc9b96
fix more tests
janmonschke Nov 29, 2024
f59824c
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 2, 2024
ed16537
update threat intelligence code
janmonschke Dec 2, 2024
fffd844
update tests
janmonschke Dec 2, 2024
98f184e
fix tests and console statements
janmonschke Dec 2, 2024
8e6cfdd
move saved object access to timeline feature
janmonschke Dec 4, 2024
f193df3
step into the direction of migration
janmonschke Dec 4, 2024
64674e5
typo
janmonschke Dec 4, 2024
e21ef77
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 4, 2024
76c7720
siem -> siemV2
janmonschke Dec 4, 2024
f4a6cdd
separating SERVER_APP_ID from SECURITY_FEATURE_ID
janmonschke Dec 5, 2024
a492d0b
introduce notes feature
janmonschke Dec 5, 2024
ff15c9f
add more privilege checks
janmonschke Dec 5, 2024
c6be22b
update link to correct file
janmonschke Dec 5, 2024
53e4e67
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 5, 2024
2996b65
[CI] Auto-commit changed files from 'node scripts/eslint --no-cache -…
kibanamachine Dec 5, 2024
f2b1fbe
fix test types
janmonschke Dec 5, 2024
de7a43d
Merge branch 'security/timeline-privileges' of https://github.com/jan…
janmonschke Dec 5, 2024
fba346f
fix types
janmonschke Dec 5, 2024
90973ab
fix types
janmonschke Dec 5, 2024
2c1b61d
fix more tests
janmonschke Dec 5, 2024
27d96ab
fix more unit tests
janmonschke Dec 5, 2024
efaab34
fix more unit tests
janmonschke Dec 6, 2024
528b226
more siem -> siemV2
janmonschke Dec 6, 2024
bfa9137
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 6, 2024
fc88be5
updates roles
janmonschke Dec 6, 2024
1e37531
fix some more ftr tests
janmonschke Dec 6, 2024
18eed64
fix logic on timelines page
janmonschke Dec 6, 2024
c95c4b3
more role updates
janmonschke Dec 6, 2024
5b73971
fix roles
janmonschke Dec 9, 2024
9564f74
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 9, 2024
1a6bcca
fix index names
janmonschke Dec 9, 2024
50fdf2a
consumsers should still be `SERVER_APP_ID` cc @cnasikas
janmonschke Dec 9, 2024
773a743
update FTR test fixtures
janmonschke Dec 9, 2024
010eff0
update more fixtures
janmonschke Dec 9, 2024
e271240
update roles
janmonschke Dec 9, 2024
30559d7
update more roles
janmonschke Dec 9, 2024
e76cf62
fix tests
janmonschke Dec 9, 2024
636372c
fix more ftr fixtures
janmonschke Dec 9, 2024
26ed151
rmeove console statement
janmonschke Dec 9, 2024
4d084f4
fix order
janmonschke Dec 9, 2024
439f055
fix more ftr tests
janmonschke Dec 9, 2024
6add084
add read and crud
janmonschke Dec 9, 2024
10a2a14
update more privilege definitions
janmonschke Dec 9, 2024
61f6b28
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 10, 2024
cf2628a
fix composed objects
janmonschke Dec 10, 2024
f7b9502
update role
janmonschke Dec 10, 2024
d124ddf
hide the timelines link
janmonschke Dec 10, 2024
5cb316a
fix privilege calculation
janmonschke Dec 10, 2024
a4ac9b2
don't show note actions when user has insufficient privileges
janmonschke Dec 10, 2024
0bca8de
update test privileges
janmonschke Dec 11, 2024
243e7b2
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 11, 2024
6054829
fix hook dependencies
janmonschke Dec 11, 2024
7fbb1fa
fix test
janmonschke Dec 11, 2024
e03a730
fix role expansion
janmonschke Dec 11, 2024
457cae3
hide notes and timeline links when the user does not have access to
janmonschke Dec 11, 2024
929ac02
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 11, 2024
be01850
make `replacedBy aware of `minimal` cases
janmonschke Dec 11, 2024
da09314
hide notes/pin/investigate in timeline in case of insufficient privil…
janmonschke Dec 11, 2024
6771670
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 12, 2024
dc2f125
increase timeout
janmonschke Dec 12, 2024
2ef9380
move tests to faster hook
janmonschke Dec 12, 2024
2c151be
make sure securityV1 keeps the same initial saved objects
janmonschke Dec 12, 2024
66b859f
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 12, 2024
bf53c94
hide pinned tab
janmonschke Dec 12, 2024
d047a04
hide notes and timeline from app search for user with insufficient pr…
janmonschke Dec 12, 2024
f6ca53e
add siem to exceptions
janmonschke Dec 12, 2024
e720949
hide investigate in timeline when user doesn't have privileges
janmonschke Dec 12, 2024
4d7df7b
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 13, 2024
8376c2e
secure the timeline/notes API endpoints with new privileges
janmonschke Dec 13, 2024
383e724
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 13, 2024
7646860
remove unused variables
janmonschke Dec 13, 2024
056a79e
fix tests
janmonschke Dec 13, 2024
921f855
make sure `api` tags are working after a migration
janmonschke Dec 16, 2024
668a79d
add timeline privileges test
janmonschke Dec 16, 2024
94d8b02
fix types
janmonschke Dec 16, 2024
98ca448
add more timeline API tests
janmonschke Dec 16, 2024
9a1fe27
add notes privileges tests
janmonschke Dec 16, 2024
6466d96
add new tests
janmonschke Dec 16, 2024
05c49b2
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 16, 2024
e8d9e58
update serverless api tags
janmonschke Dec 17, 2024
7768163
update privilege FTR tests to work in serverless
janmonschke Dec 17, 2024
c08fd08
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 17, 2024
19698e3
fix notes tests
janmonschke Dec 17, 2024
3191cbd
fix test
janmonschke Dec 17, 2024
f3e63ba
remove unused variable
janmonschke Dec 17, 2024
aab7aae
fix tests
janmonschke Dec 17, 2024
5ffb55f
hide bulk timeline action
janmonschke Dec 17, 2024
42774c3
hide timeline action
janmonschke Dec 17, 2024
30defc1
disable timeline template form component
janmonschke Dec 17, 2024
266b490
fix note fetching issues for users without notes privileges
janmonschke Dec 17, 2024
f3129ef
disable timeline links
janmonschke Dec 17, 2024
7c1030b
remove "add to new timeline" button when user has insufficient privil…
janmonschke Dec 17, 2024
17601d2
fix test
janmonschke Dec 17, 2024
08d91a4
show a toast when trying to show a timeline for a user with insuffici…
janmonschke Dec 17, 2024
e2d6f42
fix tests
janmonschke Dec 17, 2024
efb12b2
use proper kibana mock
janmonschke Dec 18, 2024
c0095c1
add privilege cypress tests
janmonschke Dec 18, 2024
7dc3250
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 18, 2024
fd621ca
improve cypress tests
janmonschke Dec 18, 2024
2c133fe
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 19, 2024
7b16e87
simplify tests more
janmonschke Dec 19, 2024
04fcd0e
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 19, 2024
7ff0099
remove unused file
janmonschke Dec 19, 2024
8323e7d
[CI] Auto-commit changed files from 'node scripts/eslint --no-cache -…
kibanamachine Dec 19, 2024
78f0d66
disable the investigate in timeline button
janmonschke Dec 19, 2024
e603d8a
Merge branch 'security/timeline-privileges' of https://github.com/jan…
janmonschke Dec 19, 2024
cb48838
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 20, 2024
0f64625
harden notes tests
janmonschke Dec 22, 2024
20ff89c
Merge branch 'main' into security/timeline-privileges
janmonschke Dec 22, 2024
7cf5439
skip flaky tests
janmonschke Dec 22, 2024
f1c045e
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 6, 2025
3482cec
use helper
janmonschke Jan 6, 2025
e338cfc
[CI] Auto-commit changed files from 'node scripts/eslint --no-cache -…
kibanamachine Jan 6, 2025
10940f8
remove unused constant
janmonschke Jan 6, 2025
bd93e55
fix tests
janmonschke Jan 6, 2025
b7f00b2
Merge branch 'security/timeline-privileges' of https://github.com/jan…
janmonschke Jan 6, 2025
d4989b9
revert use helper
janmonschke Jan 6, 2025
656c774
extract helper to avoid bloated build
janmonschke Jan 6, 2025
627797a
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 7, 2025
cf9ad88
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 7, 2025
692097d
fix various table actions columns not resizing down when icons are no…
PhilippeOberti Jan 7, 2025
47b5215
variable name change and remove unused translation
PhilippeOberti Jan 7, 2025
18f5cf7
show prevalence details number as text instead of disabled buttons
PhilippeOberti Jan 7, 2025
e597265
show insights alert count as text instead of disabled buttons
PhilippeOberti Jan 7, 2025
c22e299
fix threat intelligence table actions columns not resizing down when …
PhilippeOberti Jan 7, 2025
d538332
slightly change note icon rendering behavior in the tables action column
PhilippeOberti Jan 7, 2025
d0c4e57
[CI] Auto-commit changed files from 'node scripts/eslint --no-cache -…
kibanamachine Jan 7, 2025
4e2f81e
updating translations
PhilippeOberti Jan 7, 2025
7971e3d
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 8, 2025
ef415ab
fix doc count check
janmonschke Jan 8, 2025
bfd7360
update disable button logic
janmonschke Jan 8, 2025
913d768
disable timeline icon button on note list when user does not have pri…
PhilippeOberti Jan 8, 2025
9eb4439
fix notes_list unit tests
PhilippeOberti Jan 9, 2025
6e862d5
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 9, 2025
13286a9
simplify access checks
janmonschke Jan 9, 2025
8bb2aba
only hide the delete button, not the details button
janmonschke Jan 9, 2025
447691c
don't render timelines pages for users without timeline access
janmonschke Jan 10, 2025
3269d1a
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 10, 2025
d8a1a2f
use SecurityRoutePageWrapper
janmonschke Jan 10, 2025
86e42f2
disable add to favorites button
janmonschke Jan 10, 2025
d387fac
don't save saved search when user cannot save timelines
janmonschke Jan 10, 2025
0b88ce5
remove unused import
janmonschke Jan 10, 2025
52e2f2a
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 10, 2025
e6c3bb7
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 13, 2025
7437310
hide add note form in for old notes UI
janmonschke Jan 13, 2025
b3c6a8a
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 14, 2025
a8a4073
fix add to timeline condition
stephmilovic Jan 14, 2025
68804d1
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 16, 2025
7284797
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 16, 2025
f7270c3
Merge branch 'main' into security/timeline-privileges
janmonschke Jan 20, 2025
fc1a5ab
revert consumers back to `siem`
janmonschke Jan 20, 2025
49b707e
revert some roles back to `siem` to allow for testing of migration setup
janmonschke Jan 20, 2025
22cd732
change back more consumers
janmonschke Jan 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
improve cypress tests
  • Loading branch information
@janmonschke
janmonschke committed Dec 18, 2024
commit fd621ca1ed6ee5b2329eed9e46cdeb4736aeef6a
24 changes: 7 additions & 17 deletions x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/privileges.cy.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,11 @@ import {
NAV_SEARCH_RESULTS,
} from '../../../screens/search_bar';
import { createTimeline, deleteTimelines } from '../../../tasks/api_calls/timelines';
import { openTimelineById, refreshTimelinesUntilTimeLinePresent } from '../../../tasks/timeline';
import { openTimelineById } from '../../../tasks/timeline';
import { addNoteToTimeline } from '../../../tasks/api_calls/notes';
import { getTimeline } from '../../../objects/timeline';

describe('Privileges', { tags: ['@ess', '@serverless'] }, () => {
describe('Privileges', { tags: ['@ess', '@skipInServerless'] }, () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like this whole file brings an extremely low value, for the following reasons:

  • the second test is basically testing that timeline stuff show up normally, which I'm sure we have plenty of other tests already doing that in our suite
  • the second describe is completely skipped. We could argue that adding something that is not working (and we most likely are not going to revisit this anytime soon) is not good
  • the first test, while verifying a few things, isn't really adding much to the already extensive unit tests that you have in this PR

If it were me, I would just not add any e2e tests... or at the minimum only keep the first one that verifies insufficient privileges

before(() => {
cy.task('esArchiverLoad', { archiveName: 'endpoint' });
});
Expand Down Expand Up @@ -71,28 +71,19 @@ describe('Privileges', { tags: ['@ess', '@serverless'] }, () => {
deleteTimelines();
login();
visit(TIMELINES_URL);
createTimeline()
createTimeline(getTimeline())
.then((response) => response.body.savedObjectId)
.then((timelineId: string) => {
.then((timelineId) => {
currTimelineId = timelineId;
refreshTimelinesUntilTimeLinePresent(timelineId)
// This cy.wait is here because we cannot do a pipe on a timeline as that will introduce multiple URL
// request responses and indeterminism since on clicks to activates URL's.
.then(() => cy.wrap(timelineId).as('timelineId'))
// eslint-disable-next-line cypress/no-unnecessary-waiting
.then(() => cy.wait(1000))
.then(() =>
addNoteToTimeline(getTimeline().notes, timelineId).should((response) =>
expect(response.status).to.equal(200)
)
);
addNoteToTimeline(getTimeline().notes, timelineId).should((response) =>
expect(response.status).to.equal(200)
);
});
});

it('should show notes tab to users with privileges', () => {
login(ROLES.t3_analyst);
visit(TIMELINES_URL);
refreshTimelinesUntilTimeLinePresent(currTimelineId);
openTimelineById(currTimelineId);
cy.get(NOTES_TAB_BUTTON).should('exist');
cy.get(NOTES_TAB_BUTTON).contains('1');
Expand All @@ -101,7 +92,6 @@ describe('Privileges', { tags: ['@ess', '@serverless'] }, () => {
it('should not show notes tab to users with insufficient privileges', () => {
login(ROLES.notes_none);
visit(TIMELINES_URL);
refreshTimelinesUntilTimeLinePresent(currTimelineId);
openTimelineById(currTimelineId);
cy.get(NOTES_TAB_BUTTON).should('be.disabled');
});
Expand Down