Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.x] [Security Solution][Endpoint] Fix Cypress test to work with refactored Roles page (#202770) #203131

Merged
merged 1 commit into from
Dec 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,5 @@ export const KIBANA_KNOWN_DEFAULT_ACCOUNTS = {
elastic: 'elastic',
elastic_serverless: 'elastic_serverless',
system_indices_superuser: 'system_indices_superuser',
admin: 'admin',
} as const;
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,17 @@
* 2.0.
*/

import {
expandEndpointSecurityFeaturePrivileges,
expandSecuritySolutionCategoryKibanaPrivileges,
navigateToRolePage,
openKibanaFeaturePrivilegesFlyout,
setKibanaPrivilegeSpace,
} from '../../screens/stack_management/role_page';
import { closeAllToasts } from '../../tasks/toasts';
import { login, ROLE } from '../../tasks/login';
import { loadPage } from '../../tasks/common';

// Failing: See https://github.com/elastic/kibana/issues/200967
describe.skip('When defining a kibana role for Endpoint security access', { tags: '@ess' }, () => {
describe('When defining a kibana role for Endpoint security access', { tags: '@ess' }, () => {
const getAllSubFeatureRows = (): Cypress.Chainable<JQuery<HTMLElement>> => {
return cy
.get('#featurePrivilegeControls_siem')
Expand All @@ -20,11 +25,13 @@ describe.skip('When defining a kibana role for Endpoint security access', { tags

beforeEach(() => {
login(ROLE.system_indices_superuser);
loadPage('/app/management/security/roles/edit');
navigateToRolePage();
closeAllToasts();
cy.getByTestSubj('addSpacePrivilegeButton').click();
cy.getByTestSubj('featureCategoryButton_securitySolution').closest('button').click();
cy.get('.featurePrivilegeName:contains("Security")').closest('button').click();

openKibanaFeaturePrivilegesFlyout();
setKibanaPrivilegeSpace('default');
expandSecuritySolutionCategoryKibanaPrivileges();
expandEndpointSecurityFeaturePrivileges();
});

it('should display RBAC entries with expected controls', () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,10 @@ import {
setSecuritySolutionEndpointGroupPrivilege,
} from '../../screens/stack_management/role_page';

// Failing: See https://github.com/elastic/kibana/issues/200962
describe.skip(
describe(
'When defining a kibana role for Endpoint security access with space awareness enabled',
{
// TODO:PR Remove `'@skipInServerlessMKI` once PR merges to `main`
// TODO:PR Remove `'@skipInServerlessMKI` once PR merges to `main` and feature flag is enabled in prod.
tags: ['@ess', '@serverless', '@serverlessMKI', '@skipInServerlessMKI'],
env: {
ftrConfig: {
Expand All @@ -44,11 +43,13 @@ describe.skip(
},
},
() => {
let spaceId: string = '';
// In Serverless MKI we use `admin` for the login user... other deployments use system indices superuser
const loginUser = Cypress.env('CLOUD_SERVERLESS') ? ROLE.admin : ROLE.system_indices_superuser;
const roleName = `test_${Math.random().toString().substring(2, 6)}`;
let spaceId: string = '';

before(() => {
login(ROLE.system_indices_superuser);
login(loginUser);
createSpace(`foo_${Math.random().toString().substring(2, 6)}`).then((response) => {
spaceId = response.body.id;
});
Expand All @@ -62,16 +63,16 @@ describe.skip(
});

beforeEach(() => {
login(ROLE.system_indices_superuser);
login(loginUser);
navigateToRolePage();
setRoleName(roleName);
openKibanaFeaturePrivilegesFlyout();
setKibanaPrivilegeSpace(spaceId);
expandSecuritySolutionCategoryKibanaPrivileges();
expandEndpointSecurityFeaturePrivileges();
});

it('should allow configuration per-space', () => {
setKibanaPrivilegeSpace(spaceId);
setSecuritySolutionEndpointGroupPrivilege('all');
clickEndpointSubFeaturePrivilegesCustomization();
setEndpointSubFeaturePrivilege('endpoint_list', 'all');
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,15 @@ describe(
}
});

afterEach(function () {
if (Cypress.env('IS_CI') && this.currentTest?.isFailed() && createdHost) {
cy.task('captureHostVmAgentDiagnostics', {
hostname: createdHost.hostname,
fileNamePrefix: this.currentTest?.fullTitle(),
});
}
});

it('should open responder from alert details flyout', () => {
waitForEndpointListPageToBeLoaded(createdHost.hostname);
toggleRuleOffAndOn(ruleName);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,15 @@ describe('Response console', { tags: ['@ess', '@serverless'] }, () => {
}
});

afterEach(function () {
if (Cypress.env('IS_CI') && this.currentTest?.isFailed() && createdHost) {
cy.task('captureHostVmAgentDiagnostics', {
hostname: createdHost.hostname,
fileNamePrefix: this.currentTest?.fullTitle(),
});
}
});

it('"execute --command" - should execute a command', () => {
waitForEndpointListPageToBeLoaded(createdHost.hostname);
openResponseConsoleFromEndpointList();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,15 @@ describe('Response console', { tags: ['@ess', '@serverless'] }, () => {
}
});

afterEach(function () {
if (Cypress.env('IS_CI') && this.currentTest?.isFailed() && createdHost) {
cy.task('captureHostVmAgentDiagnostics', {
hostname: createdHost.hostname,
fileNamePrefix: this.currentTest?.fullTitle(),
});
}
});

describe('Host Isolation:', () => {
beforeEach(() => {
login();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,15 @@ describe('Response console', { tags: ['@ess', '@serverless', '@skipInServerlessM
}
});

afterEach(function () {
if (Cypress.env('IS_CI') && this.currentTest?.isFailed() && createdHost) {
cy.task('captureHostVmAgentDiagnostics', {
hostname: createdHost.hostname,
fileNamePrefix: this.currentTest?.fullTitle(),
});
}
});

it('"processes" - should obtain a list of processes', () => {
waitForEndpointListPageToBeLoaded(createdHost.hostname);
openResponseConsoleFromEndpointList();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,15 @@ describe('Response console', { tags: ['@ess', '@serverless'] }, () => {
}
});

afterEach(function () {
if (Cypress.env('IS_CI') && this.currentTest?.isFailed() && createdHost) {
cy.task('captureHostVmAgentDiagnostics', {
hostname: createdHost.hostname,
fileNamePrefix: this.currentTest?.fullTitle(),
});
}
});

describe('Host Isolation:', () => {
beforeEach(() => {
login();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,15 @@ describe(
}
});

afterEach(function () {
if (Cypress.env('IS_CI') && this.currentTest?.isFailed() && createdHost) {
cy.task('captureHostVmAgentDiagnostics', {
hostname: createdHost.hostname,
fileNamePrefix: this.currentTest?.fullTitle(),
});
}
});

[
['file', filePath],
['folder', homeFilePath],
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,13 @@ export const setKibanaPrivilegeSpace = (spaceId: string) => {
cy.getByTestSubj('comboBoxOptionsList spaceSelectorComboBox-optionsList')
.find(`button#spaceOption_${spaceId}`)
.click();

// Wait for the selection to be added to the list of selected spaces
cy.getByTestSubj('spaceSelectorComboBox').find(`#spaceOption_${spaceId}`);

// This `click()` just ensures that the combox in the UI is "closed" after the
// selection and mouse focus is moved away from that field.
getKibanaFeaturePrivilegesFlyout().click();
};

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,12 @@ import type { LoginState } from '@kbn/security-plugin/common/login_state';
import type { Role } from '@kbn/security-plugin/common';
import { ENDPOINT_SECURITY_ROLE_NAMES } from '../../../../scripts/endpoint/common/roles_users';
import type { SecurityTestUser } from '../common/constants';
import { KIBANA_KNOWN_DEFAULT_ACCOUNTS } from '../common/constants';
import { COMMON_API_HEADERS, request } from './common';

export const ROLE = Object.freeze<Record<SecurityTestUser, SecurityTestUser>>({
...ENDPOINT_SECURITY_ROLE_NAMES,
elastic: 'elastic',
elastic_serverless: 'elastic_serverless',
system_indices_superuser: 'system_indices_superuser',
...KIBANA_KNOWN_DEFAULT_ACCOUNTS,
});

interface CyLoginTask {
Expand Down
Loading