From a03f3bce7dfc3a7daac6367954290890d92ac34d Mon Sep 17 00:00:00 2001
From: Ido Cohen <90558359+CohenIdo@users.noreply.github.com>
Date: Thu, 6 Jun 2024 13:06:39 +0300
Subject: [PATCH] [Cloud Security] FTRs for Accessing Pages with Custom Roles
(#184622)
---
...enerated_csp_requirements_test_coverage.md | 46 +-
.../__auto_generated_csp_test_log.json | 671 +++++++++++++++++-
.../latest_findings_transform.ts | 4 +-
.../latest_vulnerabilities_transforms.ts | 5 +-
.../page_objects/benchmark_page.ts | 59 ++
.../page_objects/findings_page.ts | 5 +
.../page_objects/index.ts | 4 +
.../page_objects/security_common.ts | 128 ++++
.../pages/benchmark.ts | 79 +++
.../pages/compliance_dashboard.ts | 27 +-
.../pages/findings.ts | 29 +-
.../pages/findings_grouping.ts | 2 +
.../pages/index.ts | 12 +-
13 files changed, 1019 insertions(+), 52 deletions(-)
create mode 100644 x-pack/test/cloud_security_posture_functional/page_objects/benchmark_page.ts
create mode 100644 x-pack/test/cloud_security_posture_functional/page_objects/security_common.ts
create mode 100644 x-pack/test/cloud_security_posture_functional/pages/benchmark.ts
diff --git a/x-pack/plugins/cloud_security_posture/common/dev_docs/__auto_generated_csp_requirements_test_coverage.md b/x-pack/plugins/cloud_security_posture/common/dev_docs/__auto_generated_csp_requirements_test_coverage.md
index 16c826cbc9dd2..a6fdc6aa618ab 100644
--- a/x-pack/plugins/cloud_security_posture/common/dev_docs/__auto_generated_csp_requirements_test_coverage.md
+++ b/x-pack/plugins/cloud_security_posture/common/dev_docs/__auto_generated_csp_requirements_test_coverage.md
@@ -7,7 +7,7 @@ You can also check out the dedicated app view, which enables easier search and f
## Directory: x-pack/plugins/cloud_security_posture
-**Total Tests:** 444 | **Skipped:** 5 (1.13%) | **Todo:** 0 (0.00%)
+**Total Tests:** 458 | **Skipped:** 5 (1.09%) | **Todo:** 0 (0.00%)
 
@@ -69,7 +69,6 @@ You can also check out the dedicated app view, which enables easier search and f
| [useNavigateFindings](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | describe | | |
| [creates a URL to findings page with correct path, filter and dataViewId](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [creates a URL to findings page with correct path and negated filter](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
-| [creates a URL to findings resource page with correct path and filter](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [creates a URL to vulnerabilities page with correct path, filter and dataViewId](x-pack/plugins/cloud_security_posture/public/common/hooks/use_navigate_findings.test.ts) | it | | |
| [useUrlQuery](x-pack/plugins/cloud_security_posture/public/common/hooks/use_url_query.test.ts) | describe | | |
| [uses default query when no query is provided](x-pack/plugins/cloud_security_posture/public/common/hooks/use_url_query.test.ts) | it | | |
@@ -266,6 +265,14 @@ You can also check out the dedicated app view, which enables easier search and f
| [Should return undefined when datastream is undefined](x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/utils.test.ts) | it | | |
| [Should return undefined when stream is undefined](x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/utils.test.ts) | it | | |
| [Should return undefined when stream.var is invalid](x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/utils.test.ts) | it | | |
+| [NoFindingsStates](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | describe | | |
+| [should show the indexing notification when CSPM is not installed and KSPM is indexing](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
+| [should show the indexing notification when KSPM is not installed and CSPM is indexing](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
+| [should show the indexing timout notification when CSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
+| [should show the indexing timout notification when KSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
+| [should show the unprivileged notification when CSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
+| [should show the unprivileged notification when KSPM is status is index-timeout](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
+| [should show the not-installed notification when CSPM and KSPM status is not-installed](x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx) | it | | |
| [](x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx) | describe | | |
| [renders cis integration name](x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx) | it | | |
| [renders benchmark version](x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx) | it | | |
@@ -335,6 +342,13 @@ You can also check out the dedicated app view, which enables easier search and f
| [](x-pack/plugins/cloud_security_posture/public/pages/rules/rules.test.tsx) | describe | | |
| [calls Benchmark API](x-pack/plugins/cloud_security_posture/public/pages/rules/rules.test.tsx) | it | | |
| [Display success state when result request is resolved](x-pack/plugins/cloud_security_posture/public/pages/rules/rules.test.tsx) | it | | |
+| [use_change_csp_rule_state](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | describe | | |
+| [should call http.post with the correct parameters](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
+| [should cancel queries and update query data onMutate](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
+| [should invalidate queries onSettled](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
+| [should restore previous query data onError](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
+| [creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
+| [creates the new cache with rules in a unmute state](x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx) | it | | |
| [](x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx) | describe | | |
| [Header Info](x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx) | describe | | |
| [displays text details flyout header info](x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx) | it | | |
@@ -464,9 +478,9 @@ You can also check out the dedicated app view, which enables easier search and f
## Directory: x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture
-**Total Tests:** 37 | **Skipped:** 4 (10.81%) | **Todo:** 0 (0.00%)
+**Total Tests:** 37 | **Skipped:** 0 (0.00%) | **Todo:** 0 (0.00%)
-   
+  
Test Details
@@ -490,10 +504,10 @@ You can also check out the dedicated app view, which enables easier search and f
| [Should return 200 status code and paginate rules with a limit of PerPage](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/find_csp_benchmark_rule.ts) | it | | |
| [cloud_security_posture](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/index.ts) | describe | | |
| [GET /internal/cloud_security_posture/status](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | describe | | |
-| [STATUS = INDEXED TEST](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | describe |  | |
-| [Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it |  | |
-| [Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it |  | |
-| [Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it |  | |
+| [STATUS = INDEXED TEST](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | describe | | |
+| [Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | | |
+| [Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | | |
+| [Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexed.ts) | it | | |
| [GET /internal/cloud_security_posture/status](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts) | describe | | |
| [STATUS = INDEXING TEST](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts) | describe | | |
| [Return kspm status indexing when logs-cloud_security_posture.findings_latest-default doesn](x-pack/test_serverless/api_integration/test_suites/security/cloud_security_posture/status/status_indexing.ts) | it | | |
@@ -654,15 +668,21 @@ You can also check out the dedicated app view, which enables easier search and f
## Directory: x-pack/test/cloud_security_posture_functional
-**Total Tests:** 190 | **Skipped:** 37 (19.47%) | **Todo:** 2 (1.05%)
+**Total Tests:** 202 | **Skipped:** 41 (20.30%) | **Todo:** 3 (1.49%)
-  
+  
Test Details
| Test Label | Type | Skipped | Todo |
|------------|------|---------|------|
+| [Access with custom roles](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | describe | | |
+| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it |  | |
+| [Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it |  | |
+| [Access with custom roles - rule page](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | describe | | |
+| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it | | |
+| [Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/benchmark.ts) | it |  | |
| [Test adding Cloud Security Posture Integrations CNVM](x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts) | describe | | |
| [CNVM AWS](x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts) | describe | | |
| [Hyperlink on PostInstallation Modal should have the correct URL](x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts) | it | | |
@@ -748,6 +768,9 @@ You can also check out the dedicated app view, which enables easier search and f
| [displays accurate summary compliance score](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | | |
| [TODO - Cloud Dashboard](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | describe | |  |
| [todo - displays accurate summary compliance score](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | |  |
+| [Access with custom roles](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | describe | | |
+| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it | | |
+| [todo - Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts) | it |  |  |
| [Findings Page - Alerts](x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts) | describe | | |
| [Create detection rule](x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts) | describe |  | |
| [Creates a detection rule from the Take Action button and navigates to rule page](x-pack/test/cloud_security_posture_functional/pages/findings_alerts.ts) | it |  | |
@@ -796,6 +819,9 @@ You can also check out the dedicated app view, which enables easier search and f
| [Reset fields to default](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
| [Findings Page - support muting rules](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | describe | | |
| [verify only enabled rules appears](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
+| [Access with custom roles](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | describe | | |
+| [Access with valid user role](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
+| [Access with invalid user role](x-pack/test/cloud_security_posture_functional/pages/findings.ts) | it | | |
| [Cloud Security Posture](x-pack/test/cloud_security_posture_functional/pages/index.ts) | describe | | |
| [Cloud Posture Rules Page](x-pack/test/cloud_security_posture_functional/pages/rules.ts) | describe |  | |
| [Rules Page - Rules Counters](x-pack/test/cloud_security_posture_functional/pages/rules.ts) | describe |  | |
diff --git a/x-pack/plugins/cloud_security_posture/common/scripts/__auto_generated_csp_test_log.json b/x-pack/plugins/cloud_security_posture/common/scripts/__auto_generated_csp_test_log.json
index 98a7c6629ee7e..8c177cd46e713 100644
--- a/x-pack/plugins/cloud_security_posture/common/scripts/__auto_generated_csp_test_log.json
+++ b/x-pack/plugins/cloud_security_posture/common/scripts/__auto_generated_csp_test_log.json
@@ -1148,7 +1148,6 @@
"describe('useNavigateFindings')",
" it('creates a URL to findings page with correct path, filter and dataViewId')",
" it('creates a URL to findings page with correct path and negated filter')",
- " it('creates a URL to findings resource page with correct path and filter')",
" it('creates a URL to vulnerabilities page with correct path, filter and dataViewId')"
],
"testSuits": [
@@ -1182,16 +1181,6 @@
"isSkipped": false,
"isTodo": false
},
- {
- "id": "creates-a-url-to-findings-resource-page-with-correct-path-and-filter",
- "rawLine": " it('creates a URL to findings resource page with correct path and filter', () => {",
- "line": " it('creates a URL to findings resource page with correct path and filter')",
- "label": "creates a URL to findings resource page with correct path and filter",
- "indent": 2,
- "type": "it",
- "isSkipped": false,
- "isTodo": false
- },
{
"id": "creates-a-url-to-vulnerabilities-page-with-correct-path,-filter-and-dataviewid",
"rawLine": " it('creates a URL to vulnerabilities page with correct path, filter and dataViewId', () => {",
@@ -1234,16 +1223,6 @@
"isSkipped": false,
"isTodo": false
},
- {
- "id": "creates-a-url-to-findings-resource-page-with-correct-path-and-filter",
- "rawLine": " it('creates a URL to findings resource page with correct path and filter', () => {",
- "line": " it('creates a URL to findings resource page with correct path and filter')",
- "label": "creates a URL to findings resource page with correct path and filter",
- "indent": 2,
- "type": "it",
- "isSkipped": false,
- "isTodo": false
- },
{
"id": "creates-a-url-to-vulnerabilities-page-with-correct-path,-filter-and-dataviewid",
"rawLine": " it('creates a URL to vulnerabilities page with correct path, filter and dataViewId', () => {",
@@ -5695,6 +5674,190 @@
}
]
},
+ {
+ "filePath": "x-pack/plugins/cloud_security_posture/public/components/no_findings_states.test.tsx",
+ "fileName": "no_findings_states.test.tsx",
+ "directory": "x-pack/plugins/cloud_security_posture",
+ "tags": [
+ "UT"
+ ],
+ "lines": [
+ "describe('NoFindingsStates')",
+ " it('should show the indexing notification when CSPM is not installed and KSPM is indexing')",
+ " it('should show the indexing notification when KSPM is not installed and CSPM is indexing')",
+ " it('should show the indexing timout notification when CSPM is status is index-timeout')",
+ " it('should show the indexing timout notification when KSPM is status is index-timeout')",
+ " it('should show the unprivileged notification when CSPM is status is index-timeout')",
+ " it('should show the unprivileged notification when KSPM is status is index-timeout')",
+ " it('should show the not-installed notification when CSPM and KSPM status is not-installed')"
+ ],
+ "testSuits": [
+ {
+ "id": "nofindingsstates",
+ "rawLine": "describe('NoFindingsStates', () => {",
+ "line": "describe('NoFindingsStates')",
+ "label": "NoFindingsStates",
+ "indent": 0,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-notification-when-cspm-is-not-installed-and-kspm-is-indexing",
+ "rawLine": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing', async () => {",
+ "line": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing')",
+ "label": "should show the indexing notification when CSPM is not installed and KSPM is indexing",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-notification-when-kspm-is-not-installed-and-cspm-is-indexing",
+ "rawLine": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing', async () => {",
+ "line": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing')",
+ "label": "should show the indexing notification when KSPM is not installed and CSPM is indexing",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-timout-notification-when-cspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the indexing timout notification when CSPM is status is index-timeout', async () => {",
+ "line": " it('should show the indexing timout notification when CSPM is status is index-timeout')",
+ "label": "should show the indexing timout notification when CSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-timout-notification-when-kspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the indexing timout notification when KSPM is status is index-timeout', async () => {",
+ "line": " it('should show the indexing timout notification when KSPM is status is index-timeout')",
+ "label": "should show the indexing timout notification when KSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-unprivileged-notification-when-cspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the unprivileged notification when CSPM is status is index-timeout', async () => {",
+ "line": " it('should show the unprivileged notification when CSPM is status is index-timeout')",
+ "label": "should show the unprivileged notification when CSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-unprivileged-notification-when-kspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the unprivileged notification when KSPM is status is index-timeout', async () => {",
+ "line": " it('should show the unprivileged notification when KSPM is status is index-timeout')",
+ "label": "should show the unprivileged notification when KSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-not-installed-notification-when-cspm-and-kspm-status-is-not-installed",
+ "rawLine": " it('should show the not-installed notification when CSPM and KSPM status is not-installed', async () => {",
+ "line": " it('should show the not-installed notification when CSPM and KSPM status is not-installed')",
+ "label": "should show the not-installed notification when CSPM and KSPM status is not-installed",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ }
+ ],
+ "tree": [
+ {
+ "id": "nofindingsstates",
+ "rawLine": "describe('NoFindingsStates', () => {",
+ "line": "describe('NoFindingsStates')",
+ "label": "NoFindingsStates",
+ "indent": 0,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false,
+ "children": [
+ {
+ "id": "should-show-the-indexing-notification-when-cspm-is-not-installed-and-kspm-is-indexing",
+ "rawLine": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing', async () => {",
+ "line": " it('should show the indexing notification when CSPM is not installed and KSPM is indexing')",
+ "label": "should show the indexing notification when CSPM is not installed and KSPM is indexing",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-notification-when-kspm-is-not-installed-and-cspm-is-indexing",
+ "rawLine": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing', async () => {",
+ "line": " it('should show the indexing notification when KSPM is not installed and CSPM is indexing')",
+ "label": "should show the indexing notification when KSPM is not installed and CSPM is indexing",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-timout-notification-when-cspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the indexing timout notification when CSPM is status is index-timeout', async () => {",
+ "line": " it('should show the indexing timout notification when CSPM is status is index-timeout')",
+ "label": "should show the indexing timout notification when CSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-indexing-timout-notification-when-kspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the indexing timout notification when KSPM is status is index-timeout', async () => {",
+ "line": " it('should show the indexing timout notification when KSPM is status is index-timeout')",
+ "label": "should show the indexing timout notification when KSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-unprivileged-notification-when-cspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the unprivileged notification when CSPM is status is index-timeout', async () => {",
+ "line": " it('should show the unprivileged notification when CSPM is status is index-timeout')",
+ "label": "should show the unprivileged notification when CSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-unprivileged-notification-when-kspm-is-status-is-index-timeout",
+ "rawLine": " it('should show the unprivileged notification when KSPM is status is index-timeout', async () => {",
+ "line": " it('should show the unprivileged notification when KSPM is status is index-timeout')",
+ "label": "should show the unprivileged notification when KSPM is status is index-timeout",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-show-the-not-installed-notification-when-cspm-and-kspm-status-is-not-installed",
+ "rawLine": " it('should show the not-installed notification when CSPM and KSPM status is not-installed', async () => {",
+ "line": " it('should show the not-installed notification when CSPM and KSPM status is not-installed')",
+ "label": "should show the not-installed notification when CSPM and KSPM status is not-installed",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ }
+ ]
+ }
+ ]
+ },
{
"filePath": "x-pack/plugins/cloud_security_posture/public/pages/benchmarks/benchmarks_table.test.tsx",
"fileName": "benchmarks_table.test.tsx",
@@ -7330,6 +7493,169 @@
}
]
},
+ {
+ "filePath": "x-pack/plugins/cloud_security_posture/public/pages/rules/use_change_csp_rule_state.test.tsx",
+ "fileName": "use_change_csp_rule_state.test.tsx",
+ "directory": "x-pack/plugins/cloud_security_posture",
+ "tags": [
+ "UT"
+ ],
+ "lines": [
+ "describe('use_change_csp_rule_state')",
+ " it('should call http.post with the correct parameters')",
+ " it('should cancel queries and update query data onMutate')",
+ " it('should invalidate queries onSettled')",
+ " it('should restore previous query data onError')",
+ " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState')",
+ " it('creates the new cache with rules in a unmute state')"
+ ],
+ "testSuits": [
+ {
+ "id": "use_change_csp_rule_state",
+ "rawLine": "describe('use_change_csp_rule_state', () => {",
+ "line": "describe('use_change_csp_rule_state')",
+ "label": "use_change_csp_rule_state",
+ "indent": 0,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-call-http.post-with-the-correct-parameters",
+ "rawLine": " it('should call http.post with the correct parameters', async () => {",
+ "line": " it('should call http.post with the correct parameters')",
+ "label": "should call http.post with the correct parameters",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-cancel-queries-and-update-query-data-onmutate",
+ "rawLine": " it('should cancel queries and update query data onMutate', async () => {",
+ "line": " it('should cancel queries and update query data onMutate')",
+ "label": "should cancel queries and update query data onMutate",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-invalidate-queries-onsettled",
+ "rawLine": " it('should invalidate queries onSettled', async () => {",
+ "line": " it('should invalidate queries onSettled')",
+ "label": "should invalidate queries onSettled",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-restore-previous-query-data-onerror",
+ "rawLine": " it('should restore previous query data onError', async () => {",
+ "line": " it('should restore previous query data onError')",
+ "label": "should restore previous query data onError",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "creates-the-new-set-of-cache-rules-in-a-muted-state-when-calling-createruleswithupdatedstate",
+ "rawLine": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState', async () => {",
+ "line": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState')",
+ "label": "creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "creates-the-new-cache-with-rules-in-a-unmute-state",
+ "rawLine": " it('creates the new cache with rules in a unmute state', async () => {",
+ "line": " it('creates the new cache with rules in a unmute state')",
+ "label": "creates the new cache with rules in a unmute state",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ }
+ ],
+ "tree": [
+ {
+ "id": "use_change_csp_rule_state",
+ "rawLine": "describe('use_change_csp_rule_state', () => {",
+ "line": "describe('use_change_csp_rule_state')",
+ "label": "use_change_csp_rule_state",
+ "indent": 0,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false,
+ "children": [
+ {
+ "id": "should-call-http.post-with-the-correct-parameters",
+ "rawLine": " it('should call http.post with the correct parameters', async () => {",
+ "line": " it('should call http.post with the correct parameters')",
+ "label": "should call http.post with the correct parameters",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-cancel-queries-and-update-query-data-onmutate",
+ "rawLine": " it('should cancel queries and update query data onMutate', async () => {",
+ "line": " it('should cancel queries and update query data onMutate')",
+ "label": "should cancel queries and update query data onMutate",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-invalidate-queries-onsettled",
+ "rawLine": " it('should invalidate queries onSettled', async () => {",
+ "line": " it('should invalidate queries onSettled')",
+ "label": "should invalidate queries onSettled",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "should-restore-previous-query-data-onerror",
+ "rawLine": " it('should restore previous query data onError', async () => {",
+ "line": " it('should restore previous query data onError')",
+ "label": "should restore previous query data onError",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "creates-the-new-set-of-cache-rules-in-a-muted-state-when-calling-createruleswithupdatedstate",
+ "rawLine": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState', async () => {",
+ "line": " it('creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState')",
+ "label": "creates the new set of cache rules in a muted state when calling createRulesWithUpdatedState",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "creates-the-new-cache-with-rules-in-a-unmute-state",
+ "rawLine": " it('creates the new cache with rules in a unmute state', async () => {",
+ "line": " it('creates the new cache with rules in a unmute state')",
+ "label": "creates the new cache with rules in a unmute state",
+ "indent": 2,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ }
+ ]
+ }
+ ]
+ },
{
"filePath": "x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx",
"fileName": "vulnerability_finding_flyout.test.tsx",
@@ -10683,12 +11009,11 @@
"tags": [
"FTR",
"SERVERLESS",
- "API INTEGRATION",
- "HAS SKIP"
+ "API INTEGRATION"
],
"lines": [
" describe('GET /internal/cloud_security_posture/status')",
- " describe.skip('STATUS = INDEXED TEST')",
+ " describe('STATUS = INDEXED TEST')",
" it(`Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents`)",
" it(`Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents`)",
" it(`Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents`)"
@@ -10706,12 +11031,12 @@
},
{
"id": "status-=-indexed-test",
- "rawLine": " describe.skip('STATUS = INDEXED TEST', () => {",
- "line": " describe.skip('STATUS = INDEXED TEST')",
+ "rawLine": " describe('STATUS = INDEXED TEST', () => {",
+ "line": " describe('STATUS = INDEXED TEST')",
"label": "STATUS = INDEXED TEST",
"indent": 4,
"type": "describe",
- "isSkipped": true,
+ "isSkipped": false,
"isTodo": false
},
{
@@ -10758,12 +11083,12 @@
"children": [
{
"id": "status-=-indexed-test",
- "rawLine": " describe.skip('STATUS = INDEXED TEST', () => {",
- "line": " describe.skip('STATUS = INDEXED TEST')",
+ "rawLine": " describe('STATUS = INDEXED TEST', () => {",
+ "line": " describe('STATUS = INDEXED TEST')",
"label": "STATUS = INDEXED TEST",
"indent": 4,
"type": "describe",
- "isSkipped": true,
+ "isSkipped": false,
"isTodo": false,
"children": [
{
@@ -10773,7 +11098,7 @@
"label": "Return kspm status indexed when logs-cloud_security_posture.findings_latest-default contains new kspm documents",
"indent": 6,
"type": "it",
- "isSkipped": true,
+ "isSkipped": false,
"isTodo": false
},
{
@@ -10783,7 +11108,7 @@
"label": "Return cspm status indexed when logs-cloud_security_posture.findings_latest-default contains new cspm documents",
"indent": 6,
"type": "it",
- "isSkipped": true,
+ "isSkipped": false,
"isTodo": false
},
{
@@ -10793,7 +11118,7 @@
"label": "Return vuln status indexed when logs-cloud_security_posture.vulnerabilities_latest-default contains new documents",
"indent": 6,
"type": "it",
- "isSkipped": true,
+ "isSkipped": false,
"isTodo": false
}
]
@@ -13678,6 +14003,151 @@
}
]
},
+ {
+ "filePath": "x-pack/test/cloud_security_posture_functional/pages/benchmark.ts",
+ "fileName": "benchmark.ts",
+ "directory": "x-pack/test/cloud_security_posture_functional",
+ "tags": [
+ "FTR",
+ "HAS SKIP"
+ ],
+ "lines": [
+ " describe('Access with custom roles')",
+ " it.skip('Access with valid user role')",
+ " it.skip('Access with invalid user role')",
+ " describe('Access with custom roles - rule page')",
+ " it('Access with valid user role')",
+ " it.skip('Access with invalid user role')"
+ ],
+ "testSuits": [
+ {
+ "id": "access-with-custom-roles",
+ "rawLine": " describe('Access with custom roles', async () => {",
+ "line": " describe('Access with custom roles')",
+ "label": "Access with custom roles",
+ "indent": 2,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it.skip('Access with valid user role', async () => {",
+ "line": " it.skip('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 4,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-invalid-user-role",
+ "rawLine": " it.skip('Access with invalid user role', async () => {});",
+ "line": " it.skip('Access with invalid user role')",
+ "label": "Access with invalid user role",
+ "indent": 4,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-custom-roles---rule-page",
+ "rawLine": " describe('Access with custom roles - rule page', async () => {",
+ "line": " describe('Access with custom roles - rule page')",
+ "label": "Access with custom roles - rule page",
+ "indent": 4,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it('Access with valid user role', async () => {",
+ "line": " it('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-invalid-user-role",
+ "rawLine": " it.skip('Access with invalid user role', async () => {});",
+ "line": " it.skip('Access with invalid user role')",
+ "label": "Access with invalid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": false
+ }
+ ],
+ "tree": [
+ {
+ "id": "access-with-custom-roles",
+ "rawLine": " describe('Access with custom roles', async () => {",
+ "line": " describe('Access with custom roles')",
+ "label": "Access with custom roles",
+ "indent": 2,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false,
+ "children": [
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it.skip('Access with valid user role', async () => {",
+ "line": " it.skip('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 4,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-invalid-user-role",
+ "rawLine": " it.skip('Access with invalid user role', async () => {});",
+ "line": " it.skip('Access with invalid user role')",
+ "label": "Access with invalid user role",
+ "indent": 4,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-custom-roles---rule-page",
+ "rawLine": " describe('Access with custom roles - rule page', async () => {",
+ "line": " describe('Access with custom roles - rule page')",
+ "label": "Access with custom roles - rule page",
+ "indent": 4,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false,
+ "children": [
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it('Access with valid user role', async () => {",
+ "line": " it('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-invalid-user-role",
+ "rawLine": " it.skip('Access with invalid user role', async () => {});",
+ "line": " it.skip('Access with invalid user role')",
+ "label": "Access with invalid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": false
+ }
+ ]
+ }
+ ]
+ }
+ ]
+ },
{
"filePath": "x-pack/test/cloud_security_posture_functional/pages/cis_integrations/cnvm/cis_integration_cnvm.ts",
"fileName": "cis_integration_cnvm.ts",
@@ -15516,6 +15986,7 @@
"directory": "x-pack/test/cloud_security_posture_functional",
"tags": [
"FTR",
+ "HAS SKIP",
"HAS TODO"
],
"lines": [
@@ -15523,7 +15994,10 @@
" describe('Kubernetes Dashboard')",
" it('displays accurate summary compliance score')",
" describe('TODO - Cloud Dashboard', () => {",
- " it('todo - displays accurate summary compliance score', async () => {});"
+ " it('todo - displays accurate summary compliance score', async () => {});",
+ " describe('Access with custom roles')",
+ " it('Access with valid user role')",
+ " it.skip('todo - Access with invalid user role')"
],
"testSuits": [
{
@@ -15575,6 +16049,36 @@
"type": "it",
"isSkipped": false,
"isTodo": true
+ },
+ {
+ "id": "access-with-custom-roles",
+ "rawLine": " describe('Access with custom roles', async () => {",
+ "line": " describe('Access with custom roles')",
+ "label": "Access with custom roles",
+ "indent": 4,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it('Access with valid user role', async () => {",
+ "line": " it('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "todo---access-with-invalid-user-role",
+ "rawLine": " it.skip('todo - Access with invalid user role', async () => {});",
+ "line": " it.skip('todo - Access with invalid user role')",
+ "label": "todo - Access with invalid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": true
}
],
"tree": [
@@ -15631,6 +16135,38 @@
"isTodo": true
}
]
+ },
+ {
+ "id": "access-with-custom-roles",
+ "rawLine": " describe('Access with custom roles', async () => {",
+ "line": " describe('Access with custom roles')",
+ "label": "Access with custom roles",
+ "indent": 4,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false,
+ "children": [
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it('Access with valid user role', async () => {",
+ "line": " it('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "todo---access-with-invalid-user-role",
+ "rawLine": " it.skip('todo - Access with invalid user role', async () => {});",
+ "line": " it.skip('todo - Access with invalid user role')",
+ "label": "todo - Access with invalid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": true,
+ "isTodo": true
+ }
+ ]
}
]
}
@@ -16393,7 +16929,10 @@
" it('Remove fields from the Findings DataTable')",
" it('Reset fields to default')",
" describe('Findings Page - support muting rules')",
- " it(`verify only enabled rules appears`)"
+ " it(`verify only enabled rules appears`)",
+ " describe('Access with custom roles')",
+ " it('Access with valid user role')",
+ " it('Access with invalid user role')"
],
"testSuits": [
{
@@ -16565,6 +17104,36 @@
"type": "it",
"isSkipped": false,
"isTodo": false
+ },
+ {
+ "id": "access-with-custom-roles",
+ "rawLine": " describe('Access with custom roles', async () => {",
+ "line": " describe('Access with custom roles')",
+ "label": "Access with custom roles",
+ "indent": 4,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it('Access with valid user role', async () => {",
+ "line": " it('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-invalid-user-role",
+ "rawLine": " it('Access with invalid user role', async () => {",
+ "line": " it('Access with invalid user role')",
+ "label": "Access with invalid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
}
],
"tree": [
@@ -16751,6 +17320,38 @@
"isTodo": false
}
]
+ },
+ {
+ "id": "access-with-custom-roles",
+ "rawLine": " describe('Access with custom roles', async () => {",
+ "line": " describe('Access with custom roles')",
+ "label": "Access with custom roles",
+ "indent": 4,
+ "type": "describe",
+ "isSkipped": false,
+ "isTodo": false,
+ "children": [
+ {
+ "id": "access-with-valid-user-role",
+ "rawLine": " it('Access with valid user role', async () => {",
+ "line": " it('Access with valid user role')",
+ "label": "Access with valid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ },
+ {
+ "id": "access-with-invalid-user-role",
+ "rawLine": " it('Access with invalid user role', async () => {",
+ "line": " it('Access with invalid user role')",
+ "label": "Access with invalid user role",
+ "indent": 6,
+ "type": "it",
+ "isSkipped": false,
+ "isTodo": false
+ }
+ ]
}
]
},
diff --git a/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_findings_transform.ts b/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_findings_transform.ts
index 6697dbdbbea56..556ab0c7c830c 100644
--- a/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_findings_transform.ts
+++ b/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_findings_transform.ts
@@ -16,7 +16,7 @@ const LATEST_FINDINGS_TRANSFORM_V830 = 'cloud_security_posture.findings_latest-d
const LATEST_FINDINGS_TRANSFORM_V840 = 'cloud_security_posture.findings_latest-default-8.4.0';
const LATEST_FINDINGS_TRANSFORM_V880 = 'cloud_security_posture.findings_latest-default-8.8.0';
-const CURRENT_FINDINGS_TRANSFORM = 'cloud_security_posture.findings_latest-default-8.15.0';
+const CURRENT_FINDINGS_TRANSFORM_VERSION = 'cloud_security_posture.findings_latest-default-8.15.0';
export const DEPRECATED_FINDINGS_TRANSFORMS_VERSION = [
LATEST_FINDINGS_TRANSFORM_V830,
@@ -25,7 +25,7 @@ export const DEPRECATED_FINDINGS_TRANSFORMS_VERSION = [
];
export const latestFindingsTransform: TransformPutTransformRequest = {
- transform_id: CURRENT_FINDINGS_TRANSFORM,
+ transform_id: CURRENT_FINDINGS_TRANSFORM_VERSION,
description: 'Defines findings transformation to view only the latest finding per resource',
source: {
index: FINDINGS_INDEX_PATTERN,
diff --git a/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts b/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts
index 2be5cf6072cf6..c7cd2dd0921f7 100644
--- a/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts
+++ b/x-pack/plugins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts
@@ -13,14 +13,15 @@ import {
VULNERABILITIES_INDEX_PATTERN,
} from '../../common/constants';
-const CURRENT_VULN_VERSION = 'cloud_security_posture.vulnerabilities_latest-default-8.15.0';
+const CURRENT_VULN_TRANSFORM_VERSION =
+ 'cloud_security_posture.vulnerabilities_latest-default-8.15.0';
export const DEPRECATED_VULN_TRANSFORM_VERSIONS = [
'cloud_security_posture.vulnerabilities_latest-default-8.8.0',
];
export const latestVulnerabilitiesTransform: TransformPutTransformRequest = {
- transform_id: CURRENT_VULN_VERSION,
+ transform_id: CURRENT_VULN_TRANSFORM_VERSION,
description:
'Defines vulnerabilities transformation to view only the latest vulnerability per resource',
source: {
diff --git a/x-pack/test/cloud_security_posture_functional/page_objects/benchmark_page.ts b/x-pack/test/cloud_security_posture_functional/page_objects/benchmark_page.ts
new file mode 100644
index 0000000000000..39856fa34d3fb
--- /dev/null
+++ b/x-pack/test/cloud_security_posture_functional/page_objects/benchmark_page.ts
@@ -0,0 +1,59 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import expect from '@kbn/expect';
+import {
+ ELASTIC_HTTP_VERSION_HEADER,
+ X_ELASTIC_INTERNAL_ORIGIN_REQUEST,
+} from '@kbn/core-http-common';
+import type { FtrProviderContext } from '../ftr_provider_context';
+
+export const CSP_BECNHMARK_TABLE = 'csp_benchmarks_table';
+
+export function BenchmarkPagePageProvider({ getService, getPageObjects }: FtrProviderContext) {
+ const testSubjects = getService('testSubjects');
+ const PageObjects = getPageObjects(['common', 'header']);
+ const retry = getService('retry');
+ const supertest = getService('supertest');
+ const log = getService('log');
+
+ /**
+ * required before indexing findings
+ */
+ const waitForPluginInitialized = (): Promise =>
+ retry.try(async () => {
+ log.debug('Check CSP plugin is initialized');
+ const response = await supertest
+ .get('/internal/cloud_security_posture/status?check=init')
+ .set(ELASTIC_HTTP_VERSION_HEADER, '1')
+ .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
+ .expect(200);
+ expect(response.body).to.eql({ isPluginInitialized: true });
+ log.debug('CSP plugin is initialized');
+ });
+
+ const benchmarkPage = {
+ doesBenchmarkTableExists: async () => {
+ return await testSubjects.find('csp_benchmarks_table');
+ },
+ };
+
+ const navigateToBenchnmarkPage = async () => {
+ await PageObjects.common.navigateToUrl(
+ 'securitySolution', // Defined in Security Solution plugin
+ `cloud_security_posture/benchmarks/`,
+ { shouldUseHashForSubUrl: false }
+ );
+ await PageObjects.header.waitUntilLoadingHasFinished();
+ };
+
+ return {
+ waitForPluginInitialized,
+ navigateToBenchnmarkPage,
+ benchmarkPage,
+ };
+}
diff --git a/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts b/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts
index bc1ae63cea51e..17cd9f581c6be 100644
--- a/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts
+++ b/x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts
@@ -337,6 +337,10 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider
return trueOrFalse;
};
+ const getUnprivilegedPrompt = async () => {
+ return await testSubjects.find('status-api-unprivileged');
+ };
+
return {
navigateToLatestFindingsPage,
navigateToLatestVulnerabilitiesPage,
@@ -356,5 +360,6 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider
findingsGrouping,
createDataTableObject,
isLatestFindingsTableThere,
+ getUnprivilegedPrompt,
};
}
diff --git a/x-pack/test/cloud_security_posture_functional/page_objects/index.ts b/x-pack/test/cloud_security_posture_functional/page_objects/index.ts
index 020341fdd811b..704f6310cdbb2 100644
--- a/x-pack/test/cloud_security_posture_functional/page_objects/index.ts
+++ b/x-pack/test/cloud_security_posture_functional/page_objects/index.ts
@@ -10,6 +10,8 @@ import { FindingsPageProvider } from './findings_page';
import { CspDashboardPageProvider } from './csp_dashboard_page';
import { AddCisIntegrationFormPageProvider } from './add_cis_integration_form_page';
import { VulnerabilityDashboardPageProvider } from './vulnerability_dashboard_page_object';
+import { BenchmarkPagePageProvider } from './benchmark_page';
+import { CspSecurityCommonProvider } from './security_common';
import { RulePagePageProvider } from './rule_page';
export const cloudSecurityPosturePageObjects = {
@@ -18,6 +20,8 @@ export const cloudSecurityPosturePageObjects = {
cisAddIntegration: AddCisIntegrationFormPageProvider,
vulnerabilityDashboard: VulnerabilityDashboardPageProvider,
rule: RulePagePageProvider,
+ benchmark: BenchmarkPagePageProvider,
+ cspSecurity: CspSecurityCommonProvider,
};
export const pageObjects = {
...xpackFunctionalPageObjects,
diff --git a/x-pack/test/cloud_security_posture_functional/page_objects/security_common.ts b/x-pack/test/cloud_security_posture_functional/page_objects/security_common.ts
new file mode 100644
index 0000000000000..4d5baaa6a2ff9
--- /dev/null
+++ b/x-pack/test/cloud_security_posture_functional/page_objects/security_common.ts
@@ -0,0 +1,128 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { FtrProviderContext } from '../ftr_provider_context';
+
+export function CspSecurityCommonProvider({ getPageObjects, getService }: FtrProviderContext) {
+ const security = getService('security');
+ const pageObjects = getPageObjects(['security']);
+
+ const roles = [
+ {
+ name: 'csp_viewer',
+ elasticsearch: {
+ indices: [
+ {
+ names: ['logs-cloud_security_posture.findings-*'],
+ privileges: ['read'],
+ },
+ {
+ names: ['logs-cloud_security_posture.findings_latest-*'],
+ privileges: ['read'],
+ },
+ {
+ names: ['logs-cloud_security_posture.scores-*'],
+ privileges: ['read'],
+ },
+ ],
+ },
+ kibana: [
+ {
+ base: ['all'],
+ spaces: ['*'],
+ },
+ ],
+ },
+ {
+ name: 'missing_access_findings_latest_role',
+ elasticsearch: {
+ indices: [
+ {
+ names: ['logs-cloud_security_posture.findings-*'],
+ privileges: ['read'],
+ },
+ {
+ names: ['logs-cloud_security_posture.scores-*'],
+ privileges: ['read'],
+ },
+ ],
+ },
+ kibana: [
+ {
+ base: ['all'],
+ spaces: ['*'],
+ },
+ ],
+ },
+ ];
+
+ const users = [
+ {
+ name: 'csp_read_user',
+ full_name: 'csp viewer',
+ password: 'test123',
+ roles: ['csp_viewer'],
+ },
+ {
+ name: 'csp_missing_latest_findings_access_user',
+ full_name: 'missing latest findings index access',
+ password: 'csp123',
+ roles: ['missing_access_findings_latest_role'],
+ },
+ ];
+
+ return {
+ async createRoles() {
+ for (const role of roles) {
+ await security.role.create(role.name, {
+ elasticsearch: role.elasticsearch,
+ kibana: role.kibana,
+ });
+ }
+ },
+
+ async createUsers() {
+ for (const user of users) {
+ await security.user.create(user.name, {
+ password: user.password,
+ roles: user.roles,
+ full_name: user.full_name,
+ });
+ }
+ },
+
+ async login(user: string) {
+ await pageObjects.security.login(user, this.getPasswordForUser(user), {
+ expectSpaceSelector: false,
+ });
+ },
+
+ async logout() {
+ await pageObjects.security.forceLogout();
+ },
+
+ async cleanRoles() {
+ for (const role of roles) {
+ await security.role.delete(role.name);
+ }
+ },
+
+ async cleanUsers() {
+ for (const user of users) {
+ await security.user.delete(user.name);
+ }
+ },
+
+ getPasswordForUser(user: string): string {
+ const userConfig = users.find((u) => u.name === user);
+ if (userConfig === undefined) {
+ throw new Error(`Can't log in user ${user} - not defined`);
+ }
+ return userConfig.password;
+ },
+ };
+}
diff --git a/x-pack/test/cloud_security_posture_functional/pages/benchmark.ts b/x-pack/test/cloud_security_posture_functional/pages/benchmark.ts
new file mode 100644
index 0000000000000..7eca494108e87
--- /dev/null
+++ b/x-pack/test/cloud_security_posture_functional/pages/benchmark.ts
@@ -0,0 +1,79 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import expect from '@kbn/expect';
+import { k8sFindingsMock } from '../mocks/latest_findings_mock';
+import type { FtrProviderContext } from '../ftr_provider_context';
+
+// eslint-disable-next-line import/no-default-export
+export default function ({ getPageObjects, getService }: FtrProviderContext) {
+ const kibanaServer = getService('kibanaServer');
+ const pageObjects = getPageObjects([
+ 'common',
+ 'cspSecurity',
+ 'cloudPostureDashboard',
+ 'rule',
+ 'benchmark',
+ 'findings',
+ ]);
+
+ describe('Access with custom roles', async () => {
+ let cspSecurity = pageObjects.cspSecurity;
+ let rule: typeof pageObjects.rule;
+ let benchmark: typeof pageObjects.benchmark;
+ let findings: typeof pageObjects.findings;
+
+ before(async () => {
+ benchmark = pageObjects.benchmark;
+ cspSecurity = pageObjects.cspSecurity;
+ await benchmark.waitForPluginInitialized();
+ await kibanaServer.savedObjects.clean({
+ types: ['cloud-security-posture-settings'],
+ });
+ });
+
+ // Blocked by https://github.com/elastic/kibana/issues/184621
+ it.skip('Access with valid user role', async () => {
+ await cspSecurity.logout();
+ await cspSecurity.login('csp_read_user');
+ await benchmark.navigateToBenchnmarkPage();
+ expect(await benchmark.benchmarkPage.doesBenchmarkTableExists());
+ });
+
+ // Blocked by https://github.com/elastic/kibana/issues/184621
+ it.skip('Access with invalid user role', async () => {});
+
+ // The entire describe block bellow should move to rule.ts byt the page test is blocked by:
+ // FLAKY: https://github.com/elastic/kibana/issues/178413
+ describe('Access with custom roles - rule page', async () => {
+ before(async () => {
+ findings = pageObjects.findings;
+ rule = pageObjects.rule;
+ await findings.index.add(k8sFindingsMock);
+ });
+ after(async () => {
+ await findings.index.remove();
+ });
+
+ afterEach(async () => {
+ // force logout to prevent the next test from failing
+ await cspSecurity.logout();
+ });
+
+ it('Access with valid user role', async () => {
+ await cspSecurity.logout();
+ await cspSecurity.login('csp_read_user');
+ await rule.navigateToRulePage('cis_k8s', '1.0.1');
+
+ expect(await rule.rulePage.toggleBulkActionButton());
+ });
+
+ // Blocked by https://github.com/elastic/kibana/issues/184621
+ it.skip('Access with invalid user role', async () => {});
+ });
+ });
+}
diff --git a/x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts b/x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts
index 3faaa849c537c..6d824df8ef4c4 100644
--- a/x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts
+++ b/x-pack/test/cloud_security_posture_functional/pages/compliance_dashboard.ts
@@ -12,7 +12,7 @@ import type { FtrProviderContext } from '../ftr_provider_context';
// eslint-disable-next-line import/no-default-export
export default function ({ getPageObjects, getService }: FtrProviderContext) {
const retry = getService('retry');
- const pageObjects = getPageObjects(['common', 'cloudPostureDashboard', 'header']);
+ const pageObjects = getPageObjects(['common', 'cspSecurity', 'cloudPostureDashboard', 'header']);
const chance = new Chance();
const data = [
@@ -36,10 +36,13 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
this.tags(['cloud_security_posture_compliance_dashboard']);
let cspDashboard: typeof pageObjects.cloudPostureDashboard;
let dashboard: typeof pageObjects.cloudPostureDashboard.dashboard;
+ let cspSecurity = pageObjects.cspSecurity;
before(async () => {
cspDashboard = pageObjects.cloudPostureDashboard;
dashboard = pageObjects.cloudPostureDashboard.dashboard;
+ cspSecurity = pageObjects.cspSecurity;
+
await cspDashboard.waitForPluginInitialized();
await cspDashboard.index.add(data);
@@ -66,5 +69,27 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
// describe('TODO - Cloud Dashboard', () => {
// it('todo - displays accurate summary compliance score', async () => {});
// });
+
+ describe('Access with custom roles', async () => {
+ this.afterEach(async () => {
+ // force logout to prevent the next test from failing
+ await cspSecurity.logout();
+ });
+ it('Access with valid user role', async () => {
+ await cspSecurity.logout();
+ await cspSecurity.login('csp_read_user');
+ await cspDashboard.navigateToComplianceDashboardPage();
+ await retry.waitFor(
+ 'Cloud posture integration dashboard to be displayed',
+ async () => !!dashboard.getIntegrationDashboardContainer()
+ );
+ const scoreElement = await dashboard.getKubernetesComplianceScore();
+
+ expect((await scoreElement.getVisibleText()) === '0%').to.be(true); // based on the ingested findings
+ });
+
+ // Blocked by https://github.com/elastic/kibana/issues/184621
+ it.skip('todo - Access with invalid user role', async () => {});
+ });
});
}
diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings.ts b/x-pack/test/cloud_security_posture_functional/pages/findings.ts
index f599648d0c2de..6819da2a03e09 100644
--- a/x-pack/test/cloud_security_posture_functional/pages/findings.ts
+++ b/x-pack/test/cloud_security_posture_functional/pages/findings.ts
@@ -23,7 +23,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
const retry = getService('retry');
const supertest = getService('supertest');
const kibanaServer = getService('kibanaServer');
- const pageObjects = getPageObjects(['common', 'findings', 'header']);
+ const pageObjects = getPageObjects(['common', 'cspSecurity', 'findings', 'header']);
const chance = new Chance();
const timeFiveHoursAgo = (Date.now() - 18000000).toString();
@@ -120,6 +120,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
let findings: typeof pageObjects.findings;
let latestFindingsTable: typeof findings.latestFindingsTable;
let distributionBar: typeof findings.distributionBar;
+ let cspSecurity = pageObjects.cspSecurity;
beforeEach(async () => {
await kibanaServer.savedObjects.clean({
@@ -129,6 +130,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
findings = pageObjects.findings;
latestFindingsTable = findings.latestFindingsTable;
distributionBar = findings.distributionBar;
+ cspSecurity = pageObjects.cspSecurity;
// Before we start any test we must wait for cloud_security_posture plugin to complete its initialization
await findings.waitForPluginInitialized();
@@ -391,5 +393,30 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
expect(await latestFindingsTable.getFindingsCount('passed')).to.eql(passedFindingsCount);
});
});
+
+ describe('Access with custom roles', async () => {
+ this.afterEach(async () => {
+ // force logout to prevent the next test from failing
+ await cspSecurity.logout();
+ });
+
+ it('Access with valid user role', async () => {
+ await cspSecurity.logout();
+ await cspSecurity.login('csp_read_user');
+ await findings.navigateToLatestFindingsPage();
+ pageObjects.header.waitUntilLoadingHasFinished();
+ expect(await latestFindingsTable.getRowsCount()).to.be.greaterThan(0);
+ });
+
+ it('Access with invalid user role', async () => {
+ await cspSecurity.logout();
+ await cspSecurity.login('csp_missing_latest_findings_access_user');
+
+ await findings.navigateToLatestFindingsPage();
+
+ pageObjects.header.waitUntilLoadingHasFinished();
+ expect(await findings.getUnprivilegedPrompt());
+ });
+ });
});
}
diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts
index a7f36230bb1a5..ff77372b5ed23 100644
--- a/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts
+++ b/x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts
@@ -158,6 +158,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
});
after(async () => {
+ await findings.navigateToLatestFindingsPage();
+ await pageObjects.header.waitUntilLoadingHasFinished();
const groupSelector = await findings.groupSelector();
await groupSelector.openDropDown();
await groupSelector.setValue('None');
diff --git a/x-pack/test/cloud_security_posture_functional/pages/index.ts b/x-pack/test/cloud_security_posture_functional/pages/index.ts
index a1f9177f05c08..1edf38dc41ec9 100644
--- a/x-pack/test/cloud_security_posture_functional/pages/index.ts
+++ b/x-pack/test/cloud_security_posture_functional/pages/index.ts
@@ -8,8 +8,17 @@
import { FtrProviderContext } from '../ftr_provider_context';
// eslint-disable-next-line import/no-default-export
-export default function ({ loadTestFile }: FtrProviderContext) {
+export default function ({ getPageObjects, loadTestFile }: FtrProviderContext) {
+ const pageObjects = getPageObjects(['cspSecurity']);
describe('Cloud Security Posture', function () {
+ let cspSecurity = pageObjects.cspSecurity;
+
+ before(async () => {
+ cspSecurity = pageObjects.cspSecurity;
+ await cspSecurity.createRoles();
+ await cspSecurity.createUsers();
+ });
+
loadTestFile(require.resolve('./rules'));
loadTestFile(require.resolve('./findings_onboarding'));
loadTestFile(require.resolve('./findings'));
@@ -26,5 +35,6 @@ export default function ({ loadTestFile }: FtrProviderContext) {
loadTestFile(require.resolve('./findings_old_data'));
loadTestFile(require.resolve('./vulnerabilities'));
loadTestFile(require.resolve('./vulnerabilities_grouping'));
+ loadTestFile(require.resolve('./benchmark'));
});
}