Skip to content

Commit

Permalink
Adding failure test
Browse files Browse the repository at this point in the history
  • Loading branch information
@jonathan-buttner
jonathan-buttner committed Apr 3, 2023
1 parent bf7bff5 commit 3b514f1
Showing 1 changed file with 137 additions and 142 deletions.
279 changes: 137 additions & 142 deletions x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/delete_cases.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
*/

import expect from '@kbn/expect';
import { CaseResponse } from '@kbn/cases-plugin/common';
import type SuperTest from 'supertest';
import { MAX_DOCS_PER_PAGE } from '@kbn/cases-plugin/common/constants';
import { FtrProviderContext } from '../../../../common/ftr_provider_context';

Expand Down Expand Up @@ -46,7 +46,11 @@ import {
} from '../../../../../api_integration/apis/cases/common/users';
import { roles as api_int_roles } from '../../../../../api_integration/apis/cases/common/roles';
import { createUsersAndRoles, deleteUsersAndRoles } from '../../../../common/lib/authentication';
import { SECURITY_SOLUTION_FILE_KIND } from '../../../../common/lib/constants';
import {
OBSERVABILITY_FILE_KIND,
SECURITY_SOLUTION_FILE_KIND,
} from '../../../../common/lib/constants';
import { User } from '../../../../common/lib/authentication/types';

// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext): void => {
Expand Down Expand Up @@ -121,65 +125,17 @@ export default ({ getService }: FtrProviderContext): void => {
});

describe('files', () => {
let postedCase: CaseResponse;

beforeEach(async () => {
postedCase = await createCase(
supertestWithoutAuth,
getPostCaseRequest({ owner: 'securitySolution' }),
200
);
});

afterEach(async () => {
await deleteAllFiles({
supertest,
});
});

it('should delete all files associated with a case', async () => {
const files = await Promise.all([
createAndUploadFile({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
kind: SECURITY_SOLUTION_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
}),
createAndUploadFile({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
kind: SECURITY_SOLUTION_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
}),
]);

await bulkCreateAttachments({
const { caseInfo: postedCase } = await createCaseWithFiles({
supertest: supertestWithoutAuth,
caseId: postedCase.id,
params: [
getFilesAttachmentReq({
externalReferenceId: files[0].create.file.id,
owner: 'securitySolution',
}),
getFilesAttachmentReq({
externalReferenceId: files[1].create.file.id,
owner: 'securitySolution',
}),
],
fileKind: SECURITY_SOLUTION_FILE_KIND,
owner: 'securitySolution',
});

await deleteCases({ supertest: supertestWithoutAuth, caseIDs: [postedCase.id] });
Expand All @@ -205,67 +161,22 @@ export default ({ getService }: FtrProviderContext): void => {
});

it('should delete all files associated with multiple cases', async () => {
const postedCase2 = await createCase(
supertestWithoutAuth,
getPostCaseRequest({ owner: 'securitySolution' }),
200
);

const files = await Promise.all([
createAndUploadFile({
const [{ caseInfo: postedCase1 }, { caseInfo: postedCase2 }] = await Promise.all([
createCaseWithFiles({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
kind: SECURITY_SOLUTION_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
fileKind: SECURITY_SOLUTION_FILE_KIND,
owner: 'securitySolution',
}),
createAndUploadFile({
createCaseWithFiles({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
kind: SECURITY_SOLUTION_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase2.id],
owner: [postedCase2.owner],
},
},
data: 'abc',
}),
]);

await Promise.all([
bulkCreateAttachments({
supertest: supertestWithoutAuth,
caseId: postedCase.id,
params: [
getFilesAttachmentReq({
externalReferenceId: files[0].create.file.id,
owner: 'securitySolution',
}),
],
}),
bulkCreateAttachments({
supertest: supertestWithoutAuth,
caseId: postedCase2.id,
params: [
getFilesAttachmentReq({
externalReferenceId: files[1].create.file.id,
owner: 'securitySolution',
}),
],
fileKind: SECURITY_SOLUTION_FILE_KIND,
owner: 'securitySolution',
}),
]);

await deleteCases({
supertest: supertestWithoutAuth,
caseIDs: [postedCase.id, postedCase2.id],
caseIDs: [postedCase1.id, postedCase2.id],
});

const [filesAfterDelete, attachmentsAfterDelete, attachmentsAfterDelete2] =
Expand All @@ -278,7 +189,7 @@ export default ({ getService }: FtrProviderContext): void => {
}),
findAttachments({
supertest: supertestWithoutAuth,
caseId: postedCase.id,
caseId: postedCase1.id,
query: {
perPage: MAX_DOCS_PER_PAGE,
},
Expand Down Expand Up @@ -311,53 +222,70 @@ export default ({ getService }: FtrProviderContext): void => {
});

it('should delete a case when the user has access to delete the case and files', async () => {
const postedCase = await createCase(
supertestWithoutAuth,
getPostCaseRequest({ owner: 'securitySolution' }),
200,
{ user: secAllUser, space: 'space1' }
);
const files = await Promise.all([
createAndUploadFile({
const { caseInfo: postedCase } = await createCaseWithFiles({
supertest: supertestWithoutAuth,
fileKind: SECURITY_SOLUTION_FILE_KIND,
owner: 'securitySolution',
auth: { user: secAllUser, space: 'space1' },
});

await deleteCases({
supertest: supertestWithoutAuth,
caseIDs: [postedCase.id],
auth: { user: secAllUser, space: 'space1' },
});

const [filesAfterDelete, attachmentsAfterDelete] = await Promise.all([
listFiles({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
params: {
kind: SECURITY_SOLUTION_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
auth: { user: secAllUser, space: 'space1' },
}),
createAndUploadFile({
findAttachments({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
kind: SECURITY_SOLUTION_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
caseId: postedCase.id,
query: {
perPage: MAX_DOCS_PER_PAGE,
},
data: 'abc',
auth: { user: secAllUser, space: 'space1' },
}),
]);

expect(filesAfterDelete.total).to.be(0);
expect(attachmentsAfterDelete.comments.length).to.be(0);
});

it('should not delete a case when the user does not have access to the file kind of the files', async () => {
const postedCase = await createCase(
supertestWithoutAuth,
getPostCaseRequest({ owner: 'securitySolution' }),
200,
{ user: secAllUser, space: 'space1' }
);
const { create: createdFile } = await createAndUploadFile({
supertest: supertestWithoutAuth,
createFileParams: {
name: 'testfile',
// use observability for the file kind which the security user should not have access to
kind: OBSERVABILITY_FILE_KIND,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
auth: { user: superUser, space: 'space1' },
});

await bulkCreateAttachments({
supertest: supertestWithoutAuth,
caseId: postedCase.id,
params: [
getFilesAttachmentReq({
externalReferenceId: files[0].create.file.id,
owner: 'securitySolution',
}),
getFilesAttachmentReq({
externalReferenceId: files[1].create.file.id,
externalReferenceId: createdFile.file.id,
owner: 'securitySolution',
}),
],
Expand All @@ -368,15 +296,16 @@ export default ({ getService }: FtrProviderContext): void => {
supertest: supertestWithoutAuth,
caseIDs: [postedCase.id],
auth: { user: secAllUser, space: 'space1' },
expectedHttpCode: 403,
});

const [filesAfterDelete, attachmentsAfterDelete] = await Promise.all([
listFiles({
supertest: supertestWithoutAuth,
params: {
kind: SECURITY_SOLUTION_FILE_KIND,
kind: OBSERVABILITY_FILE_KIND,
},
auth: { user: secAllUser, space: 'space1' },
auth: { user: superUser, space: 'space1' },
}),
findAttachments({
supertest: supertestWithoutAuth,
Expand All @@ -388,8 +317,8 @@ export default ({ getService }: FtrProviderContext): void => {
}),
]);

expect(filesAfterDelete.total).to.be(0);
expect(attachmentsAfterDelete.comments.length).to.be(0);
expect(filesAfterDelete.total).to.be(1);
expect(attachmentsAfterDelete.comments.length).to.be(1);
});
});

Expand Down Expand Up @@ -541,3 +470,69 @@ export default ({ getService }: FtrProviderContext): void => {
});
});
};

const createCaseWithFiles = async ({
supertest,
fileKind,
owner,
auth = { user: superUser, space: null },
}: {
supertest: SuperTest.SuperTest<SuperTest.Test>;
fileKind: string;
owner: string;
auth?: { user: User; space: string | null };
}) => {
const postedCase = await createCase(supertest, getPostCaseRequest({ owner }), 200, auth);

const files = await Promise.all([
createAndUploadFile({
supertest,
createFileParams: {
name: 'testfile',
kind: fileKind,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
auth,
}),
createAndUploadFile({
supertest,
createFileParams: {
name: 'testfile',
kind: fileKind,
mimeType: 'text/plain',
meta: {
caseIds: [postedCase.id],
owner: [postedCase.owner],
},
},
data: 'abc',
auth,
}),
]);

const caseWithAttachments = await bulkCreateAttachments({
supertest,
caseId: postedCase.id,
params: [
getFilesAttachmentReq({
externalReferenceId: files[0].create.file.id,
owner,
}),
getFilesAttachmentReq({
externalReferenceId: files[1].create.file.id,
owner,
}),
],
auth,
});

return {
caseInfo: caseWithAttachments,
attachments: files,
};
};

0 comments on commit 3b514f1

Please sign in to comment.