Merge branch 'main' into alerting/skip-writing-aad-on-timeout-2

packages/kbn-utils/src/path/index.test.ts

@@ -7,10 +7,17 @@
  */
 
 import { accessSync, constants } from 'fs';
-import { createAbsolutePathSerializer } from '@kbn/dev-utils';
 import { getConfigPath, getDataPath, getLogsPath, getConfigDirectory } from './';
-
-expect.addSnapshotSerializer(createAbsolutePathSerializer());
+import { REPO_ROOT } from '../repo_root';
+
+expect.addSnapshotSerializer(
+  ((rootPath: string = REPO_ROOT, replacement = '<absolute path>') => {
+    return {
+      test: (value: any) => typeof value === 'string' && value.startsWith(rootPath),
+      serialize: (value: string) => value.replace(rootPath, replacement).replace(/\\/g, '/'),
+    };
+  })()
+);
 
 describe('Default path finder', () => {
   it('should expose a path to the config directory', () => {

x-pack/plugins/apm/server/lib/transaction_groups/get_error_rate.ts → x-pack/plugins/apm/server/lib/transaction_groups/get_failed_transaction_rate.ts

@@ -32,7 +32,7 @@ import {
   getFailedTransactionRateTimeSeries,
 } from '../helpers/transaction_error_rate';
 
-export async function getErrorRate({
+export async function getFailedTransactionRate({
   environment,
   kuery,
   serviceName,
@@ -122,7 +122,7 @@ export async function getErrorRate({
   return { timeseries, average };
 }
 
-export async function getErrorRatePeriods({
+export async function getFailedTransactionRatePeriods({
   environment,
   kuery,
   serviceName,
@@ -157,11 +157,15 @@ export async function getErrorRatePeriods({
     searchAggregatedTransactions,
   };
 
-  const currentPeriodPromise = getErrorRate({ ...commonProps, start, end });
+  const currentPeriodPromise = getFailedTransactionRate({
+    ...commonProps,
+    start,
+    end,
+  });
 
   const previousPeriodPromise =
     comparisonStart && comparisonEnd
-      ? getErrorRate({
+      ? getFailedTransactionRate({
           ...commonProps,
           start: comparisonStart,
           end: comparisonEnd,

x-pack/plugins/apm/server/routes/service_map/get_service_map_service_node_info.ts

@@ -29,7 +29,7 @@ import {
   getDurationFieldForTransactions,
   getProcessorEventForTransactions,
 } from '../../lib/helpers/transactions';
-import { getErrorRate } from '../../lib/transaction_groups/get_error_rate';
+import { getFailedTransactionRate } from '../../lib/transaction_groups/get_failed_transaction_rate';
 import { withApmSpan } from '../../utils/with_apm_span';
 import {
   percentCgroupMemoryUsedScript,
@@ -123,7 +123,7 @@ async function getFailedTransactionsRateStats({
   numBuckets,
 }: TaskParameters): Promise<NodeStats['failedTransactionsRate']> {
   return withApmSpan('get_error_rate_for_service_map_node', async () => {
-    const { average, timeseries } = await getErrorRate({
+    const { average, timeseries } = await getFailedTransactionRate({
       environment,
       setup,
       serviceName,

x-pack/plugins/apm/server/routes/transactions/route.ts

@@ -19,7 +19,7 @@ import { getServiceTransactionGroupDetailedStatisticsPeriods } from '../services
 import { getTransactionBreakdown } from './breakdown';
 import { getTransactionTraceSamples } from './trace_samples';
 import { getLatencyPeriods } from './get_latency_charts';
-import { getErrorRatePeriods } from '../../lib/transaction_groups/get_error_rate';
+import { getFailedTransactionRatePeriods } from '../../lib/transaction_groups/get_failed_transaction_rate';
 import { createApmServerRoute } from '../apm_routes/create_apm_server_route';
 import { createApmServerRouteRepository } from '../apm_routes/create_apm_server_route_repository';
 import {
@@ -349,7 +349,7 @@ const transactionChartsErrorRateRoute = createApmServerRoute({
       end,
     });
 
-    return getErrorRatePeriods({
+    return getFailedTransactionRatePeriods({
       environment,
       kuery,
       serviceName,

x-pack/plugins/fleet/common/index.ts

@@ -13,3 +13,4 @@ export * from './services';
 export * from './types';
 export type { FleetAuthz } from './authz';
 export { calculateAuthz } from './authz';
+export { createFleetAuthzMock } from './mocks';

x-pack/plugins/fleet/common/mocks.ts

@@ -5,7 +5,8 @@
  * 2.0.
  */
 
-import type { NewPackagePolicy, PackagePolicy, DeletePackagePoliciesResponse } from './types';
+import type { DeletePackagePoliciesResponse, NewPackagePolicy, PackagePolicy } from './types';
+import type { FleetAuthz } from './authz';
 
 export const createNewPackagePolicyMock = (): NewPackagePolicy => {
   return {
@@ -56,3 +57,27 @@ export const deletePackagePolicyMock = (): DeletePackagePoliciesResponse => {
     },
   ];
 };
+
+/**
+ * Creates mock `authz` object
+ */
+export const createFleetAuthzMock = (): FleetAuthz => {
+  return {
+    fleet: {
+      all: true,
+      setup: true,
+      readEnrollmentTokens: true,
+    },
+    integrations: {
+      readPackageInfo: true,
+      readInstalledPackages: true,
+      installPackages: true,
+      upgradePackages: true,
+      removePackages: true,
+      readPackageSettings: true,
+      writePackageSettings: true,
+      readIntegrationPolicies: true,
+      writeIntegrationPolicies: true,
+    },
+  };
+};

x-pack/plugins/fleet/server/mocks/index.ts

@@ -7,11 +7,11 @@
 import { of } from 'rxjs';
 
 import {
+  coreMock,
   elasticsearchServiceMock,
   loggingSystemMock,
-  savedObjectsServiceMock,
-  coreMock,
   savedObjectsClientMock,
+  savedObjectsServiceMock,
 } from '../../../../../src/core/server/mocks';
 import { dataPluginMock } from '../../../../../src/plugins/data/server/mocks';
 import { licensingMock } from '../../../../plugins/licensing/server/mocks';
@@ -21,7 +21,7 @@ import type { PackagePolicyServiceInterface } from '../services/package_policy';
 import type { AgentPolicyServiceInterface, PackageService } from '../services';
 import type { FleetAppContext } from '../plugin';
 import { createMockTelemetryEventsSender } from '../telemetry/__mocks__';
-import type { FleetAuthz } from '../../common';
+import { createFleetAuthzMock } from '../../common';
 import { agentServiceMock } from '../services/agents/agent_service.mock';
 import type { FleetRequestHandlerContext } from '../types';
 
@@ -145,27 +145,3 @@ export const createMockPackageService = (): PackageService => {
     ensureInstalledPackage: jest.fn(),
   };
 };
-
-/**
- * Creates mock `authz` object
- */
-export const createFleetAuthzMock = (): FleetAuthz => {
-  return {
-    fleet: {
-      all: true,
-      setup: true,
-      readEnrollmentTokens: true,
-    },
-    integrations: {
-      readPackageInfo: true,
-      readInstalledPackages: true,
-      installPackages: true,
-      upgradePackages: true,
-      removePackages: true,
-      readPackageSettings: true,
-      writePackageSettings: true,
-      readIntegrationPolicies: true,
-      writeIntegrationPolicies: true,
-    },
-  };
-};

x-pack/plugins/fleet/server/routes/setup/handlers.test.ts

@@ -9,12 +9,14 @@ import { httpServerMock, savedObjectsClientMock } from 'src/core/server/mocks';
 
 import type { PostFleetSetupResponse } from '../../../common';
 import { RegistryError } from '../../errors';
-import { createAppContextStartContractMock, xpackMocks, createFleetAuthzMock } from '../../mocks';
+import { createAppContextStartContractMock, xpackMocks } from '../../mocks';
 import { agentServiceMock } from '../../services/agents/agent_service.mock';
 import { appContextService } from '../../services/app_context';
 import { setupFleet } from '../../services/setup';
 import type { FleetRequestHandlerContext } from '../../types';
 
+import { createFleetAuthzMock } from '../../../common';
+
 import { fleetSetupHandler } from './handlers';
 
 jest.mock('../../services/setup', () => {

x-pack/plugins/lens/public/pie_visualization/render_function.tsx

@@ -186,7 +186,7 @@ export function PieComponent(
           const outputColor = paletteService.get(palette.name).getCategoricalColor(
             seriesLayers,
             {
-              behindText: categoryDisplay !== 'hide',
+              behindText: categoryDisplay !== 'hide' || isTreemapOrMosaicShape(shape),
               maxDepth: bucketColumns.length,
               totalSeries: totalSeriesCount,
               syncColors,

x-pack/plugins/ml/public/application/components/job_selector/job_selector.tsx

@@ -10,6 +10,8 @@ import React, { useState, useEffect, useCallback } from 'react';
 import { EuiButtonEmpty, EuiFlexItem, EuiFlexGroup, EuiFlyout } from '@elastic/eui';
 import { i18n } from '@kbn/i18n';
 
+import './_index.scss';
+
 import { Dictionary } from '../../../../common/types/common';
 import { useUrlState } from '../../util/url_state';
 // @ts-ignore

x-pack/plugins/security_solution/common/cti/constants.ts

@@ -58,5 +58,14 @@ export const EVENT_ENRICHMENT_INDICATOR_FIELD_MAP = {
 export const DEFAULT_EVENT_ENRICHMENT_FROM = 'now-30d';
 export const DEFAULT_EVENT_ENRICHMENT_TO = 'now';
 
-export const TI_INTEGRATION_PREFIX = 'ti';
-export const OTHER_TI_DATASET_KEY = '_others_ti_';
+export const CTI_DATASET_KEY_MAP: { [key: string]: string } = {
+  'AbuseCH URL': 'ti_abusech.url',
+  'AbuseCH Malware': 'ti_abusech.malware',
+  'AbuseCH MalwareBazaar': 'ti_abusech.malwarebazaar',
+  'AlienVault OTX': 'ti_otx.threat',
+  'Anomali Limo': 'ti_anomali.limo',
+  'Anomali Threatstream': 'ti_anomali.threatstream',
+  MISP: 'ti_misp.threat',
+  ThreatQuotient: 'ti_threatq.threat',
+  Cybersixgill: 'ti_cybersixgill.threat',
+};

x-pack/plugins/security_solution/common/endpoint/service/authz/authz.test.ts

@@ -0,0 +1,75 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { calculateEndpointAuthz, getEndpointAuthzInitialState } from './authz';
+import { createFleetAuthzMock, FleetAuthz } from '../../../../../fleet/common';
+import { createLicenseServiceMock } from '../../../license/mocks';
+import type { EndpointAuthz } from '../../types/authz';
+
+describe('Endpoint Authz service', () => {
+  let licenseService: ReturnType<typeof createLicenseServiceMock>;
+  let fleetAuthz: FleetAuthz;
+
+  beforeEach(() => {
+    licenseService = createLicenseServiceMock();
+    fleetAuthz = createFleetAuthzMock();
+  });
+
+  describe('calculateEndpointAuthz()', () => {
+    describe('and `fleet.all` access is true', () => {
+      it.each<Array<keyof EndpointAuthz>>([
+        ['canAccessFleet'],
+        ['canAccessEndpointManagement'],
+        ['canIsolateHost'],
+      ])('should set `%s` to `true`', (authProperty) => {
+        expect(calculateEndpointAuthz(licenseService, fleetAuthz)[authProperty]).toBe(true);
+      });
+
+      it('should set `canIsolateHost` to false if not proper license', () => {
+        licenseService.isPlatinumPlus.mockReturnValue(false);
+
+        expect(calculateEndpointAuthz(licenseService, fleetAuthz).canIsolateHost).toBe(false);
+      });
+
+      it('should set `canUnIsolateHost` to true even if not proper license', () => {
+        licenseService.isPlatinumPlus.mockReturnValue(false);
+
+        expect(calculateEndpointAuthz(licenseService, fleetAuthz).canUnIsolateHost).toBe(true);
+      });
+    });
+
+    describe('and `fleet.all` access is false', () => {
+      beforeEach(() => (fleetAuthz.fleet.all = false));
+
+      it.each<Array<keyof EndpointAuthz>>([
+        ['canAccessFleet'],
+        ['canAccessEndpointManagement'],
+        ['canIsolateHost'],
+      ])('should set `%s` to `false`', (authProperty) => {
+        expect(calculateEndpointAuthz(licenseService, fleetAuthz)[authProperty]).toBe(false);
+      });
+
+      it('should set `canUnIsolateHost` to true even if not proper license', () => {
+        licenseService.isPlatinumPlus.mockReturnValue(false);
+
+        expect(calculateEndpointAuthz(licenseService, fleetAuthz).canUnIsolateHost).toBe(true);
+      });
+    });
+  });
+
+  describe('getEndpointAuthzInitialState()', () => {
+    it('returns expected initial state', () => {
+      expect(getEndpointAuthzInitialState()).toEqual({
+        canAccessFleet: false,
+        canAccessEndpointManagement: false,
+        canIsolateHost: false,
+        canUnIsolateHost: true,
+        canCreateArtifactsByPolicy: false,
+      });
+    });
+  });
+});

x-pack/plugins/security_solution/common/endpoint/service/authz/authz.ts

@@ -0,0 +1,43 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { LicenseService } from '../../../license';
+import { FleetAuthz } from '../../../../../fleet/common';
+import { EndpointAuthz } from '../../types/authz';
+
+/**
+ * Used by both the server and the UI to generate the Authorization for access to Endpoint related
+ * functionality
+ *
+ * @param licenseService
+ * @param fleetAuthz
+ */
+export const calculateEndpointAuthz = (
+  licenseService: LicenseService,
+  fleetAuthz: FleetAuthz
+): EndpointAuthz => {
+  const isPlatinumPlusLicense = licenseService.isPlatinumPlus();
+  const hasAllAccessToFleet = fleetAuthz.fleet.all;
+
+  return {
+    canAccessFleet: hasAllAccessToFleet,
+    canAccessEndpointManagement: hasAllAccessToFleet,
+    canCreateArtifactsByPolicy: isPlatinumPlusLicense,
+    canIsolateHost: isPlatinumPlusLicense && hasAllAccessToFleet,
+    canUnIsolateHost: true,
+  };
+};
+
+export const getEndpointAuthzInitialState = (): EndpointAuthz => {
+  return {
+    canAccessFleet: false,
+    canAccessEndpointManagement: false,
+    canCreateArtifactsByPolicy: false,
+    canIsolateHost: false,
+    canUnIsolateHost: true,
+  };
+};

x-pack/plugins/security_solution/public/overview/components/overview_cti_links/use_integrations_page_link.tsx → x-pack/plugins/security_solution/common/endpoint/service/authz/index.ts

@@ -5,7 +5,5 @@
  * 2.0.
  */
 
-import { useBasePath } from '../../../common/lib/kibana';
-
-export const useIntegrationsPageLink = () =>
-  `${useBasePath()}/app/integrations/browse?q=threat%20intelligence`;
+export { getEndpointAuthzInitialState, calculateEndpointAuthz } from './authz';
+export { getEndpointAuthzInitialStateMock } from './mocks';

x-pack/plugins/security_solution/common/endpoint/service/authz/mocks.ts

@@ -0,0 +1,29 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { EndpointAuthz } from '../../types/authz';
+import { getEndpointAuthzInitialState } from './authz';
+
+export const getEndpointAuthzInitialStateMock = (
+  overrides: Partial<EndpointAuthz> = {}
+): EndpointAuthz => {
+  const authz: EndpointAuthz = {
+    ...(
+      Object.entries(getEndpointAuthzInitialState()) as Array<[keyof EndpointAuthz, boolean]>
+    ).reduce((mockPrivileges, [key, value]) => {
+      // Invert the initial values (from `false` to `true`) so that everything is authorized
+      mockPrivileges[key] = !value;
+
+      return mockPrivileges;
+    }, {} as EndpointAuthz),
+    // this one is currently treated special in that everyone can un-isolate
+    canUnIsolateHost: true,
+    ...overrides,
+  };
+
+  return authz;
+};