diff --git a/x-pack/plugins/security_solution/public/management/cypress/README.md b/x-pack/plugins/security_solution/public/management/cypress/README.md index 65af201662c48..79689e650faea 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/README.md +++ b/x-pack/plugins/security_solution/public/management/cypress/README.md @@ -36,6 +36,7 @@ Similarly to Security Solution cypress tests, we use tags in order to select whi - `@serverless` includes a test in the Serverless test suite. You need to explicitly add this tag to any test you want to run against a Serverless environment. - `@ess` includes a test in the normal, non-Serverless test suite. You need to explicitly add this tag to any test you want to run against a non-Serverless environment. - `@brokenInServerless` excludes a test from the Serverless test suite (even if it's tagged as `@serverless`). Indicates that a test should run in Serverless, but currently is broken. +- `@skipInServerless` excludes a test from the Serverless test suite (even if it's tagged as `@serverless`). Indicates that we don't want to run the given test in Serverless. Important: if you don't provide any tag, your test won't be executed. diff --git a/x-pack/plugins/security_solution/public/management/cypress/cypress_serverless.config.ts b/x-pack/plugins/security_solution/public/management/cypress/cypress_serverless.config.ts index 35dda2bd68501..77507e12fae87 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/cypress_serverless.config.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/cypress_serverless.config.ts @@ -14,7 +14,7 @@ export default defineCypressConfig( env: { IS_SERVERLESS: true, - grepTags: '@serverless --@brokenInServerless', + grepTags: '@serverless --@brokenInServerless --@skipInServerless', }, }) ); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifact_tabs_in_policy_details.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifact_tabs_in_policy_details.cy.ts index 5988b73852af5..b6040691c485f 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifact_tabs_in_policy_details.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifact_tabs_in_policy_details.cy.ts @@ -16,9 +16,10 @@ import { removeExceptionsList, yieldFirstPolicyID, } from '../../tasks/artifacts'; -import { loadEndpointDataForEventFiltersIfNeeded } from '../../tasks/load_endpoint_data'; import { login, ROLE } from '../../tasks/login'; import { performUserActions } from '../../tasks/perform_user_actions'; +import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts'; +import type { ReturnTypeFromChainable } from '../../types'; const loginWithPrivilegeAll = () => { login(ROLE.endpoint_policy_manager); @@ -58,15 +59,20 @@ const visitArtifactTab = (tabId: string) => { cy.get(`#${tabId}`).click(); }; -describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => { +describe('Artifact tabs in Policy Details page', { tags: ['@ess', '@serverless'] }, () => { + let endpointData: ReturnTypeFromChainable | undefined; + before(() => { - login(); - loadEndpointDataForEventFiltersIfNeeded(); + indexEndpointHosts().then((indexEndpoints) => { + endpointData = indexEndpoints; + }); }); after(() => { - login(); removeAllArtifacts(); + + endpointData?.cleanup(); + endpointData = undefined; }); for (const testData of getArtifactsListTestsData()) { @@ -76,22 +82,32 @@ describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => { removeExceptionsList(testData.createRequestBody.list_id); }); - it(`[NONE] User cannot see the tab for ${testData.title}`, () => { - loginWithPrivilegeNone(testData.privilegePrefix); - visitPolicyDetailsPage(); + it( + `[NONE] User cannot see the tab for ${testData.title}`, + // there is no such role in Serverless environment that can read policy but cannot read artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithPrivilegeNone(testData.privilegePrefix); + visitPolicyDetailsPage(); - cy.get(`#${testData.tabId}`).should('not.exist'); - }); + cy.get(`#${testData.tabId}`).should('not.exist'); + } + ); context(`Given there are no ${testData.title} entries`, () => { - it(`[READ] User CANNOT add ${testData.title} artifact`, () => { - loginWithPrivilegeRead(testData.privilegePrefix); - visitArtifactTab(testData.tabId); + it( + `[READ] User CANNOT add ${testData.title} artifact`, + // there is no such role in Serverless environment that only reads artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithPrivilegeRead(testData.privilegePrefix); + visitArtifactTab(testData.tabId); - cy.getByTestSubj('policy-artifacts-empty-unexisting').should('exist'); + cy.getByTestSubj('policy-artifacts-empty-unexisting').should('exist'); - cy.getByTestSubj('unexisting-manage-artifacts-button').should('not.exist'); - }); + cy.getByTestSubj('unexisting-manage-artifacts-button').should('not.exist'); + } + ); it(`[ALL] User can add ${testData.title} artifact`, () => { loginWithPrivilegeAll(); @@ -129,15 +145,20 @@ describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => { createPerPolicyArtifact(testData.artifactName, testData.createRequestBody); }); - it(`[READ] User CANNOT Manage or Assign ${testData.title} artifacts`, () => { - loginWithPrivilegeRead(testData.privilegePrefix); - visitArtifactTab(testData.tabId); + it( + `[READ] User CANNOT Manage or Assign ${testData.title} artifacts`, + // there is no such role in Serverless environment that only reads artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithPrivilegeRead(testData.privilegePrefix); + visitArtifactTab(testData.tabId); - cy.getByTestSubj('policy-artifacts-empty-unassigned').should('exist'); + cy.getByTestSubj('policy-artifacts-empty-unassigned').should('exist'); - cy.getByTestSubj('unassigned-manage-artifacts-button').should('not.exist'); - cy.getByTestSubj('unassigned-assign-artifacts-button').should('not.exist'); - }); + cy.getByTestSubj('unassigned-manage-artifacts-button').should('not.exist'); + cy.getByTestSubj('unassigned-assign-artifacts-button').should('not.exist'); + } + ); it(`[ALL] User can Manage and Assign ${testData.title} artifacts`, () => { loginWithPrivilegeAll(); @@ -173,23 +194,28 @@ describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => { }); }); - it(`[READ] User can see ${testData.title} artifacts but CANNOT assign or remove from policy`, () => { - loginWithPrivilegeRead(testData.privilegePrefix); - visitArtifactTab(testData.tabId); - - // List of artifacts - cy.getByTestSubj('artifacts-collapsed-list-card').should('have.length', 1); - cy.getByTestSubj('artifacts-collapsed-list-card-header-titleHolder').contains( - testData.artifactName - ); - - // Cannot assign artifacts - cy.getByTestSubj('artifacts-assign-button').should('not.exist'); - - // Cannot remove from policy - cy.getByTestSubj('artifacts-collapsed-list-card-header-actions-button').click(); - cy.getByTestSubj('remove-from-policy-action').should('not.exist'); - }); + it( + `[READ] User can see ${testData.title} artifacts but CANNOT assign or remove from policy`, + // there is no such role in Serverless environment that only reads artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithPrivilegeRead(testData.privilegePrefix); + visitArtifactTab(testData.tabId); + + // List of artifacts + cy.getByTestSubj('artifacts-collapsed-list-card').should('have.length', 1); + cy.getByTestSubj('artifacts-collapsed-list-card-header-titleHolder').contains( + testData.artifactName + ); + + // Cannot assign artifacts + cy.getByTestSubj('artifacts-assign-button').should('not.exist'); + + // Cannot remove from policy + cy.getByTestSubj('artifacts-collapsed-list-card-header-actions-button').click(); + cy.getByTestSubj('remove-from-policy-action').should('not.exist'); + } + ); it(`[ALL] User can see ${testData.title} artifacts and can assign or remove artifacts from policy`, () => { loginWithPrivilegeAll(); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts index 807502f93880c..e7f32820c00d7 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts @@ -12,7 +12,8 @@ import { loadPage } from '../../tasks/common'; import { getArtifactsListTestsData } from '../../fixtures/artifacts_page'; import { removeAllArtifacts } from '../../tasks/artifacts'; import { performUserActions } from '../../tasks/perform_user_actions'; -import { loadEndpointDataForEventFiltersIfNeeded } from '../../tasks/load_endpoint_data'; +import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts'; +import type { ReturnTypeFromChainable } from '../../types'; const loginWithWriteAccess = (url: string) => { login(ROLE.endpoint_policy_manager); @@ -30,17 +31,22 @@ const loginWithoutAccess = (url: string) => { loadPage(url); }; -describe('Artifacts pages', { tags: ['@ess'] }, () => { +describe('Artifacts pages', { tags: ['@ess', '@serverless'] }, () => { + let endpointData: ReturnTypeFromChainable | undefined; + before(() => { - login(); - loadEndpointDataForEventFiltersIfNeeded(); - // Clean artifacts data + indexEndpointHosts().then((indexEndpoints) => { + endpointData = indexEndpoints; + }); + removeAllArtifacts(); }); after(() => { - // Clean artifacts data removeAllArtifacts(); + + endpointData?.cleanup(); + endpointData = undefined; }); for (const testData of getArtifactsListTestsData()) { @@ -53,14 +59,19 @@ describe('Artifacts pages', { tags: ['@ess'] }, () => { cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist'); }); - it(`read - should show empty state page if there is no ${testData.title} entry and the add button does not exist`, () => { - loginWithReadAccess( - testData.privilegePrefix, - `/app/security/administration/${testData.urlPath}` - ); - cy.getByTestSubj(testData.emptyState).should('exist'); - cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist'); - }); + it( + `read - should show empty state page if there is no ${testData.title} entry and the add button does not exist`, + // there is no such role in Serverless environment that only reads artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithReadAccess( + testData.privilegePrefix, + `/app/security/administration/${testData.urlPath}` + ); + cy.getByTestSubj(testData.emptyState).should('exist'); + cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist'); + } + ); it(`write - should show empty state page if there is no ${testData.title} entry and the add button exists`, () => { loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`); @@ -87,25 +98,35 @@ describe('Artifacts pages', { tags: ['@ess'] }, () => { cy.getByTestSubj('header-page-title').contains(testData.title); }); - it(`read - should not be able to update/delete an existing ${testData.title} entry`, () => { - loginWithReadAccess( - testData.privilegePrefix, - `/app/security/administration/${testData.urlPath}` - ); - cy.getByTestSubj('header-page-title').contains(testData.title); - cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).should('not.exist'); - cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).should('not.exist'); - cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).should('not.exist'); - }); - - it(`read - should not be able to create a new ${testData.title} entry`, () => { - loginWithReadAccess( - testData.privilegePrefix, - `/app/security/administration/${testData.urlPath}` - ); - cy.getByTestSubj('header-page-title').contains(testData.title); - cy.getByTestSubj(`${testData.pagePrefix}-pageAddButton`).should('not.exist'); - }); + it( + `read - should not be able to update/delete an existing ${testData.title} entry`, + // there is no such role in Serverless environment that only reads artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithReadAccess( + testData.privilegePrefix, + `/app/security/administration/${testData.urlPath}` + ); + cy.getByTestSubj('header-page-title').contains(testData.title); + cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).should('not.exist'); + cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).should('not.exist'); + cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).should('not.exist'); + } + ); + + it( + `read - should not be able to create a new ${testData.title} entry`, + // there is no such role in Serverless environment that only reads artifacts + { tags: ['@skipInServerless'] }, + () => { + loginWithReadAccess( + testData.privilegePrefix, + `/app/security/administration/${testData.urlPath}` + ); + cy.getByTestSubj('header-page-title').contains(testData.title); + cy.getByTestSubj(`${testData.pagePrefix}-pageAddButton`).should('not.exist'); + } + ); it(`write - should be able to update an existing ${testData.title} entry`, () => { loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`); diff --git a/x-pack/plugins/security_solution/public/management/cypress/tasks/load_endpoint_data.ts b/x-pack/plugins/security_solution/public/management/cypress/tasks/load_endpoint_data.ts deleted file mode 100644 index b8029a8528e94..0000000000000 --- a/x-pack/plugins/security_solution/public/management/cypress/tasks/load_endpoint_data.ts +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { isEmpty } from 'lodash'; -import { BASE_ENDPOINT_ROUTE } from '../../../../common/endpoint/constants'; -import { runEndpointLoaderScript } from './run_endpoint_loader'; -import { request } from './common'; - -// Checks for Endpoint data and creates it if needed -export const loadEndpointDataForEventFiltersIfNeeded = () => { - request({ - method: 'POST', - url: `${BASE_ENDPOINT_ROUTE}/suggestions/eventFilters`, - body: { - field: 'agent.type', - query: '', - }, - failOnStatusCode: false, - }).then(({ body }) => { - if (isEmpty(body)) { - runEndpointLoaderScript(); - } - }); -};