diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_creation/create_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_creation/create_rules_bulk.ts index 5cd216f1e26b7..a8b01b2615a63 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_creation/create_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_creation/create_rules_bulk.ts @@ -20,6 +20,7 @@ import { getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext): void => { @@ -27,8 +28,10 @@ export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); - // TODO: add a new service const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); + + // TODO: add a new service const isServerless = config.get('serverless'); const dataPathBuilder = new EsArchivePathBuilder(isServerless); const auditbeatPath = dataPathBuilder.getPath('auditbeat/hosts'); @@ -53,18 +56,25 @@ export default ({ getService }: FtrProviderContext): void => { }); it('should create a single rule with a rule_id', async () => { + const rule = getSimpleRule(); const { body } = await supertest .post(DETECTION_ENGINE_RULES_BULK_CREATE) .set('kbn-xsrf', 'true') .set('elastic-api-version', '2023-10-31') - .send([getSimpleRule()]) + .send([rule]) .expect(200); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should create a single rule without a rule_id', async () => { + const rule = getSimpleRuleWithoutRuleId(); const { body } = await supertest .post(DETECTION_ENGINE_RULES_BULK_CREATE) .set('kbn-xsrf', 'true') @@ -73,7 +83,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(rule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return a 200 ok but have a 409 conflict if we attempt to create the same rule_id twice', async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules.ts index 963ab6643e23a..00f32b19b093e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules.ts @@ -20,12 +20,15 @@ import { getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); describe('@ess @serverless delete_rules', () => { describe('deleting rules', () => { @@ -39,7 +42,7 @@ export default ({ getService }: FtrProviderContext): void => { }); it('should delete a single rule with a rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // delete the rule by its rule_id const { body } = await supertest @@ -49,7 +52,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated rule_id', async () => { @@ -63,7 +71,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated id', async () => { @@ -77,7 +90,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return an error if the id does not exist when trying to delete it', async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules_bulk.ts index 5c3d660cdefa9..99eb2baeef78f 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_delete/delete_rules_bulk.ts @@ -20,12 +20,15 @@ import { getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); describe('@ess @serverless delete_rules_bulk', () => { describe('deleting rules bulk using DELETE', () => { @@ -39,7 +42,7 @@ export default ({ getService }: FtrProviderContext): void => { }); it('should delete a single rule with a rule_id', async () => { - await createRule(supertest, log, getSimpleRule()); + const rule = await createRule(supertest, log, getSimpleRule()); // delete the rule in bulk const { body } = await supertest @@ -50,7 +53,11 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated rule_id', async () => { @@ -65,7 +72,11 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ); + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated id', async () => { @@ -80,7 +91,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return an error if the ruled_id does not exist when trying to delete a rule_id', async () => { @@ -133,7 +149,10 @@ export default ({ getService }: FtrProviderContext): void => { const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); expect([bodyToCompare, body[1]]).to.eql([ - getSimpleRuleOutputWithoutRuleId(), + updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ), { id: 'c4e80a0d-e20f-4efc-84c1-08112da5a612', error: { @@ -157,7 +176,7 @@ export default ({ getService }: FtrProviderContext): void => { }); it('should delete a single rule with a rule_id', async () => { - await createRule(supertest, log, getSimpleRule()); + const rule = await createRule(supertest, log, getSimpleRule()); // delete the rule in bulk const { body } = await supertest @@ -168,7 +187,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated rule_id', async () => { @@ -183,7 +207,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated id', async () => { @@ -198,7 +227,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(bodyWithCreatedRule.rule_id), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return an error if the ruled_id does not exist when trying to delete a rule_id', async () => { @@ -251,7 +285,11 @@ export default ({ getService }: FtrProviderContext): void => { const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); expect([bodyToCompare, body[1]]).to.eql([ - getSimpleRuleOutputWithoutRuleId(), + getSimpleRuleOutputWithoutRuleId( + bodyWithCreatedRule.rule_id, + bodyWithCreatedRule.enabled, + ELASTICSEARCH_USERNAME + ), { id: 'c4e80a0d-e20f-4efc-84c1-08112da5a612', error: { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/index.ts index 877b2a6505e78..21ca26c31a5fe 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/index.ts @@ -10,7 +10,9 @@ export default function ({ loadTestFile }: FtrProviderContext) { describe('Rules edit Basic and Essentials API', function () { loadTestFile(require.resolve('./patch_rules_bulk')); loadTestFile(require.resolve('./patch_rules')); + loadTestFile(require.resolve('./patch_rules_ess')); loadTestFile(require.resolve('./update_rules_bulk')); loadTestFile(require.resolve('./update_rules')); + loadTestFile(require.resolve('./update_rules_ess')); }); } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules.ts index 7d04bcba31ff3..69e5414cd4cad 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules.ts @@ -19,12 +19,15 @@ import { getSimpleRuleOutputWithoutRuleId, createRule, deleteAllAlerts, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); describe('@ess @serverless patch_rules', () => { describe('patch rules', () => { @@ -38,7 +41,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should patch a single rule property of name using a rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's name const { body } = await supertest @@ -48,30 +51,16 @@ export default ({ getService }: FtrProviderContext) => { .send({ rule_id: 'rule-1', name: 'some other name' }) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body); expect(bodyToCompare).to.eql(outputRule); }); - it('should return a "403 forbidden" using a rule_id of type "machine learning"', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); - - // patch a simple rule's type to machine learning - const { body } = await supertest - .patch(DETECTION_ENGINE_RULES_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send({ rule_id: 'rule-1', type: 'machine_learning' }) - .expect(403); - - expect(body).to.eql({ - message: 'Your license does not support machine learning. Please upgrade your license.', - status_code: 403, - }); - }); - it('should patch a single rule property of name using the auto-generated rule_id', async () => { // create a simple rule const rule = getSimpleRule('rule-1'); @@ -86,7 +75,10 @@ export default ({ getService }: FtrProviderContext) => { .send({ rule_id: createRuleBody.rule_id, name: 'some other name' }) .expect(200); - const outputRule = getSimpleRuleOutputWithoutRuleId(); + const outputRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); @@ -104,7 +96,10 @@ export default ({ getService }: FtrProviderContext) => { .send({ id: createdBody.id, name: 'some other name' }) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body); @@ -112,7 +107,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should not change the revision of a rule when it patches only enabled', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's enabled to false const { body } = await supertest @@ -122,7 +117,10 @@ export default ({ getService }: FtrProviderContext) => { .send({ rule_id: 'rule-1', enabled: false }) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.enabled = false; const bodyToCompare = removeServerGeneratedProperties(body); @@ -130,7 +128,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should change the revision of a rule when it patches enabled and another property', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's enabled to false and another property const { body } = await supertest @@ -140,7 +138,10 @@ export default ({ getService }: FtrProviderContext) => { .send({ rule_id: 'rule-1', severity: 'low', enabled: false }) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; @@ -150,7 +151,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should not change other properties when it does patches', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's timeline_title await supertest @@ -168,7 +169,10 @@ export default ({ getService }: FtrProviderContext) => { .send({ rule_id: 'rule-1', name: 'some other name' }) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.timeline_title = 'some title'; outputRule.timeline_id = 'some id'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_bulk.ts index 575e3f6d16b34..51a62e317d6b0 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_bulk.ts @@ -19,12 +19,15 @@ import { removeServerGeneratedPropertiesIncludingRuleId, createRule, deleteAllAlerts, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); describe('@ess @serverless patch_rules_bulk', () => { describe('patch rules bulk', () => { @@ -38,7 +41,8 @@ export default ({ getService }: FtrProviderContext) => { }); it('should patch a single rule property of name using a rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = getSimpleRule('rule-1'); + await createRule(supertest, log, rule); // patch a simple rule's name const { body } = await supertest @@ -48,7 +52,7 @@ export default ({ getService }: FtrProviderContext) => { .send([{ rule_id: 'rule-1', name: 'some other name' }]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -56,8 +60,10 @@ export default ({ getService }: FtrProviderContext) => { }); it('should patch two rule properties of name using the two rules rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); - await createRule(supertest, log, getSimpleRule('rule-2')); + const rule = getSimpleRule('rule-1'); + const rule2 = getSimpleRule('rule-2'); + await createRule(supertest, log, rule); + await createRule(supertest, log, rule2); // patch both rule names const { body } = await supertest @@ -70,11 +76,17 @@ export default ({ getService }: FtrProviderContext) => { ]) .expect(200); - const outputRule1 = getSimpleRuleOutput(); + const outputRule1 = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule1.name = 'some other name'; outputRule1.revision = 1; - const outputRule2 = getSimpleRuleOutput('rule-2'); + const outputRule2 = updateUsername( + getSimpleRuleOutput(rule2.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule2.name = 'some other name'; outputRule2.revision = 1; @@ -85,7 +97,8 @@ export default ({ getService }: FtrProviderContext) => { }); it('should patch a single rule property of name using an id', async () => { - const createRuleBody = await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = getSimpleRule('rule-1'); + const createRuleBody = await createRule(supertest, log, rule); // patch a simple rule's name const { body } = await supertest @@ -95,7 +108,10 @@ export default ({ getService }: FtrProviderContext) => { .send([{ id: createRuleBody.id, name: 'some other name' }]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -117,11 +133,17 @@ export default ({ getService }: FtrProviderContext) => { ]) .expect(200); - const outputRule1 = getSimpleRuleOutputWithoutRuleId('rule-1'); + const outputRule1 = updateUsername( + getSimpleRuleOutputWithoutRuleId(createRule1.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule1.name = 'some other name'; outputRule1.revision = 1; - const outputRule2 = getSimpleRuleOutputWithoutRuleId('rule-2'); + const outputRule2 = updateUsername( + getSimpleRuleOutputWithoutRuleId(createRule2.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule2.name = 'some other name'; outputRule2.revision = 1; @@ -142,7 +164,10 @@ export default ({ getService }: FtrProviderContext) => { .send([{ id: createdBody.id, name: 'some other name' }]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -150,7 +175,8 @@ export default ({ getService }: FtrProviderContext) => { }); it('should not change the revision of a rule when it patches only enabled', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = getSimpleRule('rule-1'); + await createRule(supertest, log, rule); // patch a simple rule's enabled to false const { body } = await supertest @@ -160,7 +186,10 @@ export default ({ getService }: FtrProviderContext) => { .send([{ rule_id: 'rule-1', enabled: false }]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.enabled = false; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -168,7 +197,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should change the revision of a rule when it patches enabled and another property', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const createdBody = await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's enabled to false and another property const { body } = await supertest @@ -178,7 +207,10 @@ export default ({ getService }: FtrProviderContext) => { .send([{ rule_id: 'rule-1', severity: 'low', enabled: false }]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; @@ -188,7 +220,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should not change other properties when it does patches', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const createdBody = await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's timeline_title await supertest @@ -206,7 +238,10 @@ export default ({ getService }: FtrProviderContext) => { .send([{ rule_id: 'rule-1', name: 'some other name' }]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.timeline_title = 'some title'; outputRule.timeline_id = 'some id'; @@ -252,7 +287,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should patch one rule property and give an error about a second fake rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const createdBody = await createRule(supertest, log, getSimpleRule('rule-1')); // patch one rule name and give a fake id for the second const { body } = await supertest @@ -265,7 +300,10 @@ export default ({ getService }: FtrProviderContext) => { ]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; @@ -296,7 +334,10 @@ export default ({ getService }: FtrProviderContext) => { ]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_ess.ts new file mode 100644 index 0000000000000..1138bee1d4d71 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/patch_rules_ess.ts @@ -0,0 +1,42 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; + +import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; +import { FtrProviderContext } from '../../../../ftr_provider_context'; +import { deleteAllRules, getSimpleRule, createRule } from '../../utils'; + +export default ({ getService }: FtrProviderContext) => { + const supertest = getService('supertest'); + const log = getService('log'); + + describe('@ess patch_rules_basic_license', () => { + describe('patch rules', () => { + afterEach(async () => { + await deleteAllRules(supertest, log); + }); + + it('should return a "403 forbidden" using a rule_id of type "machine learning"', async () => { + await createRule(supertest, log, getSimpleRule('rule-1')); + + // patch a simple rule's type to machine learning + const { body } = await supertest + .patch(DETECTION_ENGINE_RULES_URL) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send({ rule_id: 'rule-1', type: 'machine_learning' }) + .expect(403); + + expect(body).to.eql({ + message: 'Your license does not support machine learning. Please upgrade your license.', + status_code: 403, + }); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules.ts index 3cfba138c5fe7..655c24deb098a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules.ts @@ -17,16 +17,18 @@ import { removeServerGeneratedPropertiesIncludingRuleId, getSimpleRuleOutputWithoutRuleId, getSimpleRuleUpdate, - getSimpleMlRuleUpdate, createRule, getSimpleRule, deleteAllAlerts, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); describe('@ess @serverless update_rules', () => { describe('update rules', () => { @@ -40,7 +42,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should update a single rule property of name using a rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // update a simple rule's name const updatedRule = getSimpleRuleUpdate('rule-1'); @@ -55,35 +57,16 @@ export default ({ getService }: FtrProviderContext) => { .send(updatedRule) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body); expect(bodyToCompare).to.eql(outputRule); }); - it('should return a 403 forbidden if it is a machine learning job', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); - - // update a simple rule's type to try to be a machine learning job type - const updatedRule = getSimpleMlRuleUpdate('rule-1'); - updatedRule.rule_id = 'rule-1'; - updatedRule.name = 'some other name'; - delete updatedRule.id; - - const { body } = await supertest - .put(DETECTION_ENGINE_RULES_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(updatedRule) - .expect(403); - - expect(body).to.eql({ - message: 'Your license does not support machine learning. Please upgrade your license.', - status_code: 403, - }); - }); - it('should update a single rule property of name using an auto-generated rule_id', async () => { const rule = getSimpleRule('rule-1'); delete rule.rule_id; @@ -102,7 +85,10 @@ export default ({ getService }: FtrProviderContext) => { .send(updatedRule) .expect(200); - const outputRule = getSimpleRuleOutputWithoutRuleId(); + const outputRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); @@ -125,7 +111,10 @@ export default ({ getService }: FtrProviderContext) => { .send(updatedRule) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body); @@ -133,7 +122,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should change the revision of a rule when it updates enabled and another property', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // update a simple rule's enabled to false and another property const updatedRule = getSimpleRuleUpdate('rule-1'); @@ -147,7 +136,10 @@ export default ({ getService }: FtrProviderContext) => { .send(updatedRule) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; @@ -157,7 +149,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should change other properties when it does updates and effectively delete them such as timeline_title', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); const ruleUpdate = getSimpleRuleUpdate('rule-1'); ruleUpdate.timeline_title = 'some title'; @@ -182,7 +174,10 @@ export default ({ getService }: FtrProviderContext) => { .send(ruleUpdate2) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 2; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_bulk.ts index 688721e97813d..7f7e295911f68 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_bulk.ts @@ -23,12 +23,15 @@ import { createRule, getSimpleRule, deleteAllAlerts, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); describe('@ess @serverless update_rules_bulk', () => { describe('update rules bulk', () => { @@ -42,7 +45,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should update a single rule property of name using a rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); const updatedRule = getSimpleRuleUpdate('rule-1'); updatedRule.name = 'some other name'; @@ -55,7 +58,10 @@ export default ({ getService }: FtrProviderContext) => { .send([updatedRule]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -87,11 +93,17 @@ export default ({ getService }: FtrProviderContext) => { .send([updatedRule1, updatedRule2]) .expect(200); - const outputRule1 = getSimpleRuleOutput(); + const outputRule1 = updateUsername( + getSimpleRuleOutput(updatedRule1.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule1.name = 'some other name'; outputRule1.revision = 1; - const outputRule2 = getSimpleRuleOutput('rule-2'); + const outputRule2 = updateUsername( + getSimpleRuleOutput(updatedRule2.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule2.name = 'some other name'; outputRule2.revision = 1; @@ -117,7 +129,10 @@ export default ({ getService }: FtrProviderContext) => { .send([updatedRule1]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createRuleBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -146,11 +161,17 @@ export default ({ getService }: FtrProviderContext) => { .send([updatedRule1, updatedRule2]) .expect(200); - const outputRule1 = getSimpleRuleOutputWithoutRuleId('rule-1'); + const outputRule1 = updateUsername( + getSimpleRuleOutputWithoutRuleId(createRule1.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule1.name = 'some other name'; outputRule1.revision = 1; - const outputRule2 = getSimpleRuleOutputWithoutRuleId('rule-2'); + const outputRule2 = updateUsername( + getSimpleRuleOutputWithoutRuleId(createRule2.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule2.name = 'some other name'; outputRule2.revision = 1; @@ -176,7 +197,10 @@ export default ({ getService }: FtrProviderContext) => { .send([updatedRule1]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); @@ -198,7 +222,10 @@ export default ({ getService }: FtrProviderContext) => { .send([updatedRule1]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(updatedRule1.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; @@ -208,7 +235,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should change other properties when it does updates and effectively delete them such as timeline_title', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); // update a simple rule's timeline_title const ruleUpdate = getSimpleRuleUpdate('rule-1'); @@ -233,7 +260,10 @@ export default ({ getService }: FtrProviderContext) => { .send([ruleUpdate2]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 2; @@ -285,7 +315,7 @@ export default ({ getService }: FtrProviderContext) => { }); it('should update one rule property and give an error about a second fake rule_id', async () => { - await createRule(supertest, log, getSimpleRule('rule-1')); + const rule = await createRule(supertest, log, getSimpleRule('rule-1')); const ruleUpdate = getSimpleRuleUpdate('rule-1'); ruleUpdate.name = 'some other name'; @@ -303,7 +333,10 @@ export default ({ getService }: FtrProviderContext) => { .send([ruleUpdate, ruleUpdate2]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(rule.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; @@ -341,7 +374,10 @@ export default ({ getService }: FtrProviderContext) => { .send([rule1, rule2]) .expect(200); - const outputRule = getSimpleRuleOutput(); + const outputRule = updateUsername( + getSimpleRuleOutput(createdBody.rule_id), + ELASTICSEARCH_USERNAME + ); outputRule.name = 'some other name'; outputRule.revision = 1; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_ess.ts new file mode 100644 index 0000000000000..9d56eab1651b8 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_edit/update_rules_ess.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; + +import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; +import { FtrProviderContext } from '../../../../ftr_provider_context'; +import { deleteAllRules, getSimpleMlRuleUpdate, createRule, getSimpleRule } from '../../utils'; + +export default ({ getService }: FtrProviderContext) => { + const supertest = getService('supertest'); + const log = getService('log'); + + describe('@ess update_rules_basic_license', () => { + describe('update rules', () => { + afterEach(async () => { + await deleteAllRules(supertest, log); + }); + + it('should return a 403 forbidden if it is a machine learning job', async () => { + await createRule(supertest, log, getSimpleRule('rule-1')); + + // update a simple rule's type to try to be a machine learning job type + const updatedRule = getSimpleMlRuleUpdate('rule-1'); + updatedRule.rule_id = 'rule-1'; + updatedRule.name = 'some other name'; + delete updatedRule.id; + + const { body } = await supertest + .put(DETECTION_ENGINE_RULES_URL) + .set('kbn-xsrf', 'true') + .set('elastic-api-version', '2023-10-31') + .send(updatedRule) + .expect(403); + + expect(body).to.eql({ + message: 'Your license does not support machine learning. Please upgrade your license.', + status_code: 403, + }); + }); + }); + }); +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/export_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/export_rules.ts index ae41c3c206d6d..1ef59751d3c53 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/export_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/export_rules.ts @@ -18,6 +18,7 @@ import { getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext): void => { @@ -65,10 +66,9 @@ export default ({ getService }: FtrProviderContext): void => { const bodySplitAndParsed = JSON.parse(body.toString().split(/\n/)[0]); const bodyToTest = removeServerGeneratedProperties(bodySplitAndParsed); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); - expect(bodyToTest).to.eql( - getSimpleRuleOutput(rule.rule_id, rule.enabled, ELASTICSEARCH_USERNAME) - ); + expect(bodyToTest).to.eql(expectedRule); }); it('should export a exported count with a single rule_id', async () => { @@ -121,11 +121,10 @@ export default ({ getService }: FtrProviderContext): void => { const secondRuleParsed = JSON.parse(body.toString().split(/\n/)[1]); const firstRule = removeServerGeneratedProperties(firstRuleParsed); const secondRule = removeServerGeneratedProperties(secondRuleParsed); + const expectedRule1 = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + const expectedRule2 = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); - expect([firstRule, secondRule]).to.eql([ - getSimpleRuleOutput(rule1.rule_id, rule1.enabled, ELASTICSEARCH_USERNAME), - getSimpleRuleOutput(rule2.rule_id, rule2.enabled, ELASTICSEARCH_USERNAME), - ]); + expect([firstRule, secondRule]).to.eql([expectedRule1, expectedRule2]); }); }); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/import_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/import_rules.ts index 06e87562505d4..173b66d59562e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/import_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_import_export/import_rules.ts @@ -18,6 +18,7 @@ import { getSimpleRuleOutput, removeServerGeneratedProperties, ruleToNdjson, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext): void => { @@ -100,8 +101,10 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + expect(bodyToCompare).to.eql({ - ...getSimpleRuleOutput('rule-1', false, ELASTICSEARCH_USERNAME), + ...expectedRule, output_index: '', }); }); @@ -376,8 +379,10 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + const ruleOutput = { - ...getSimpleRuleOutput('rule-1', false, ELASTICSEARCH_USERNAME), + ...expectedRule, output_index: '', }; ruleOutput.name = 'some other name'; @@ -470,7 +475,7 @@ export default ({ getService }: FtrProviderContext): void => { it('should be able to correctly read back a mixed import of different rules even if some cause conflicts', async () => { const getRuleOutput = (name: string) => ({ - ...getSimpleRuleOutput(name, false, ELASTICSEARCH_USERNAME), + ...updateUsername(getSimpleRuleOutput(name), ELASTICSEARCH_USERNAME), output_index: '', }); await supertest diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_management/coverage_overview.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_management/coverage_overview.ts index 67d7d6821ffaa..ae086d1703ac1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_management/coverage_overview.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_management/coverage_overview.ts @@ -27,7 +27,7 @@ export default ({ getService }: FtrProviderContext): void => { const log = getService('log'); const es = getService('es'); - describe('@ess @serverless @brokenInServerless coverage_overview', () => { + describe('@ess @serverless @brokenInServerless @skipInQA coverage_overview', () => { beforeEach(async () => { await deleteAllRules(supertest, log); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/find_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/find_rules.ts index 61e0a61ce9e49..7e134e1179431 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/find_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/find_rules.ts @@ -17,6 +17,7 @@ import { getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext): void => { @@ -59,8 +60,10 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); body.data = [removeServerGeneratedProperties(body.data[0])]; + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + expect(body).to.eql({ - data: [getSimpleRuleOutput(rule.rule_id, rule.enabled, ELASTICSEARCH_USERNAME)], + data: [expectedRule], page: 1, perPage: 20, total: 1, @@ -86,8 +89,10 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); body.data = [removeServerGeneratedProperties(body.data[0])]; + const expectedRule = updateUsername(getComplexRuleOutput(), ELASTICSEARCH_USERNAME); + expect(body).to.eql({ - data: [getComplexRuleOutput(rule.rule_id, rule.enabled, ELASTICSEARCH_USERNAME)], + data: [expectedRule], page: 1, perPage: 20, total: 1, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/read_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/read_rules.ts index b23c15d007e05..f158aabd409b2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/read_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/basic_essentials_license/rule_read/read_rules.ts @@ -20,6 +20,7 @@ import { getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, + updateUsername, } from '../../utils'; export default ({ getService }: FtrProviderContext) => { @@ -52,9 +53,8 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql( - getSimpleRuleOutput(rule.rule_id, rule.enabled, ELASTICSEARCH_USERNAME) - ); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + expect(bodyToCompare).to.eql(expectedRule); }); it('should be able to read a single rule using id', async () => { @@ -69,9 +69,8 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql( - getSimpleRuleOutput(rule.rule_id, rule.enabled, ELASTICSEARCH_USERNAME) - ); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + expect(bodyToCompare).to.eql(expectedRule); }); it('should be able to read a single rule with an auto-generated rule_id', async () => { @@ -85,13 +84,12 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql( - getSimpleRuleOutputWithoutRuleId( - createRuleBody.rule_id, - createRuleBody.enabled, - ELASTICSEARCH_USERNAME - ) + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return 404 if given a fake id', async () => {