From 8c1dd61d9fd3793b38dd676c3eca375dffb0ba6d Mon Sep 17 00:00:00 2001 From: Madison Caldwell Date: Tue, 11 Jan 2022 11:42:35 -0500 Subject: [PATCH 1/5] Regenerate snapshot of memory event summary rows --- .../alert_summary_view.test.tsx.snap | 375 +----------------- .../event_details/alert_summary_view.test.tsx | 2 +- 2 files changed, 13 insertions(+), 364 deletions(-) diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap b/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap index 8772def686122..6b7a6af2ea0c6 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap @@ -717,8 +717,6 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`] } .c2 { - min-width: 138px; - padding: 0 8px; display: -webkit-box; display: -webkit-flex; display: -ms-flexbox; @@ -808,364 +806,10 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`] class="euiTableRow" > -
-
- Status -
-
- - -
-
-
-
- open -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.workflow_status. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Timestamp -
-
- - -
-
-
- - Nov 25, 2020 @ 15:42:39.417 - -
-
-
-
-

- You are in a dialog, containing options for field @timestamp. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Rule -
-
- - -
-
-
-
- xxx -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.rule.name. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Severity -
-
- - -
-
-
-
- low -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.severity. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Risk Score -
-
- - -
-
-
-
- 21 -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.risk_score. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - +
@@ -1177,8 +821,9 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`]
+
@@ -1234,9 +879,10 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`] class="euiTableRow" > +
@@ -1248,8 +894,9 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`]
+
@@ -1305,9 +952,10 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`] class="euiTableRow" > +
@@ -1319,8 +967,9 @@ exports[`AlertSummaryView Memory event code renders additional summary rows 1`]
+
diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx index c397ac313c48c..e6aab7b63f652 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx +++ b/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx @@ -85,7 +85,7 @@ describe('AlertSummaryView', () => { expect(queryByTestId('summary-view-guide')).not.toBeInTheDocument(); }); }); - test.skip('Memory event code renders additional summary rows', () => { + test('Memory event code renders additional summary rows', () => { const renderProps = { ...props, data: mockAlertDetailsData.map((item) => { From 092d33a3bbcf6634245706014b2707e48be791d3 Mon Sep 17 00:00:00 2001 From: Madison Caldwell Date: Tue, 11 Jan 2022 11:45:36 -0500 Subject: [PATCH 2/5] Regenerate snapshot of behavior event summary rows --- .../alert_summary_view.test.tsx.snap | 375 +----------------- .../event_details/alert_summary_view.test.tsx | 2 +- 2 files changed, 13 insertions(+), 364 deletions(-) diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap b/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap index 6b7a6af2ea0c6..2c7c820cdd7a3 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/common/components/event_details/__snapshots__/alert_summary_view.test.tsx.snap @@ -25,8 +25,6 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1` } .c2 { - min-width: 138px; - padding: 0 8px; display: -webkit-box; display: -webkit-flex; display: -ms-flexbox; @@ -116,364 +114,10 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1` class="euiTableRow" > -
-
- Status -
-
- - -
-
-
-
- open -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.workflow_status. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Timestamp -
-
- - -
-
-
- - Nov 25, 2020 @ 15:42:39.417 - -
-
-
-
-

- You are in a dialog, containing options for field @timestamp. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Rule -
-
- - -
-
-
-
- xxx -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.rule.name. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Severity -
-
- - -
-
-
-
- low -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.severity. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - -
-
- Risk Score -
-
- - -
-
-
-
- 21 -
-
-
-
-
-

- You are in a dialog, containing options for field kibana.alert.risk_score. Press tab to navigate options. Press escape to exit. -

-
- Filter button -
-
- Filter out button -
-
- Overflow button -
-
-
-
- - - - +
@@ -485,8 +129,9 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1`
+
@@ -542,9 +187,10 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1` class="euiTableRow" > +
@@ -556,8 +202,9 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1`
+
@@ -613,9 +260,10 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1` class="euiTableRow" > +
@@ -627,8 +275,9 @@ exports[`AlertSummaryView Behavior event code renders additional summary rows 1`
+
diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx index e6aab7b63f652..1afba4184c412 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx +++ b/x-pack/plugins/security_solution/public/common/components/event_details/alert_summary_view.test.tsx @@ -107,7 +107,7 @@ describe('AlertSummaryView', () => { ); expect(container.querySelector('div[data-test-subj="summary-view"]')).toMatchSnapshot(); }); - test.skip('Behavior event code renders additional summary rows', () => { + test('Behavior event code renders additional summary rows', () => { const renderProps = { ...props, data: mockAlertDetailsData.map((item) => { From a3750e1d3091b9cb92caff80f3a3aa6d6a1e086c Mon Sep 17 00:00:00 2001 From: Madison Caldwell Date: Tue, 11 Jan 2022 12:37:01 -0500 Subject: [PATCH 3/5] Unskip StepAboutRuleComponent tests --- .../rules/step_about_rule/index.test.tsx | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.test.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.test.tsx index 01ba47f728e43..3c34897fe2e65 100644 --- a/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.test.tsx +++ b/x-pack/plugins/security_solution/public/detections/components/rules/step_about_rule/index.test.tsx @@ -44,8 +44,7 @@ jest.mock('@elastic/eui', () => { }; }); -// Failing with rule registry enabled -describe.skip('StepAboutRuleComponent', () => { +describe('StepAboutRuleComponent', () => { let formHook: RuleStepsFormHooks[RuleStep.aboutRule] | null = null; const setFormHook = ( step: K, @@ -149,14 +148,19 @@ describe.skip('StepAboutRuleComponent', () => { ); + wrapper + .find('[data-test-subj="detectionEngineStepAboutRuleDescription"] textarea') + .first() + .simulate('change', { target: { value: 'Test description text' } }); + wrapper + .find('[data-test-subj="detectionEngineStepAboutRuleName"] input') + .first() + .simulate('change', { target: { value: 'Test name text' } }); + await act(async () => { if (!formHook) { throw new Error('Form hook not set, but tests depend on it'); } - wrapper - .find('[data-test-subj="detectionEngineStepAboutThreatIndicatorPath"] input') - .first() - .simulate('change', { target: { value: '' } }); const result = await formHook(); expect(result?.isValid).toEqual(true); From e5acb91a58ef22626f02d4db5fd44cedda814af2 Mon Sep 17 00:00:00 2001 From: Madison Caldwell Date: Tue, 11 Jan 2022 13:05:40 -0500 Subject: [PATCH 4/5] Unskip add_prepackaged_rules tests --- .../rules/add_prepackaged_rules_route.test.ts | 49 ++----------------- 1 file changed, 4 insertions(+), 45 deletions(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts index a094ea84e9bf1..c3591fc216674 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts @@ -71,15 +71,10 @@ jest.mock('../../../timeline/routes/prepackaged_timelines/install_prepackaged_ti }; }); -// Failing with rule registry enabled -describe.skip.each([ - ['Legacy', false], - ['RAC', true], -])('add_prepackaged_rules_route - %s', (_, isRuleRegistryEnabled) => { +describe('add_prepackaged_rules_route', () => { let server: ReturnType; let { clients, context } = requestContextMock.createTools(); let mockExceptionsClient: ExceptionListClient; - const testif = isRuleRegistryEnabled ? test.skip : test; const defaultConfig = context.securitySolution.getConfig(); beforeEach(() => { @@ -88,13 +83,11 @@ describe.skip.each([ mockExceptionsClient = listMock.getExceptionListClient(); context.securitySolution.getConfig.mockImplementation(() => - configMock.withRuleRegistryEnabled(defaultConfig, isRuleRegistryEnabled) + configMock.withRuleRegistryEnabled(defaultConfig, true) ); - clients.rulesClient.find.mockResolvedValue(getFindResultWithSingleHit(isRuleRegistryEnabled)); - clients.rulesClient.update.mockResolvedValue( - getAlertMock(isRuleRegistryEnabled, getQueryRuleParams()) - ); + clients.rulesClient.find.mockResolvedValue(getFindResultWithSingleHit(true)); + clients.rulesClient.update.mockResolvedValue(getAlertMock(true, getQueryRuleParams())); (installPrepackagedTimelines as jest.Mock).mockReset(); (installPrepackagedTimelines as jest.Mock).mockResolvedValue({ @@ -131,26 +124,6 @@ describe.skip.each([ }); }); - test('it returns a 400 if the index does not exist when rule registry not enabled', async () => { - const request = addPrepackagedRulesRequest(); - context.core.elasticsearch.client.asCurrentUser.search.mockResolvedValueOnce( - elasticsearchClientMock.createSuccessTransportRequestPromise( - getBasicNoShardsSearchResponse() - ) - ); - const response = await server.inject(request, context); - - expect(response.status).toEqual(isRuleRegistryEnabled ? 200 : 400); - if (!isRuleRegistryEnabled) { - expect(response.body).toEqual({ - status_code: 400, - message: expect.stringContaining( - 'Pre-packaged rules cannot be installed until the signals index is created' - ), - }); - } - }); - test('returns 404 if siem client is unavailable', async () => { const { securitySolution, ...contextWithoutSecuritySolution } = context; const response = await server.inject( @@ -190,20 +163,6 @@ describe.skip.each([ timelines_updated: 0, }); }); - - testif( - 'catches errors if signals index does not exist when rule registry not enabled', - async () => { - context.core.elasticsearch.client.asCurrentUser.search.mockResolvedValue( - elasticsearchClientMock.createErrorTransportRequestPromise(new Error('Test error')) - ); - const request = addPrepackagedRulesRequest(); - const response = await server.inject(request, context); - - expect(response.status).toEqual(500); - expect(response.body).toEqual({ message: 'Test error', status_code: 500 }); - } - ); }); test('should install prepackaged timelines', async () => { From 7e406d57dc1c5140b842bd1022fc61ca53b59fe8 Mon Sep 17 00:00:00 2001 From: Madison Caldwell Date: Tue, 11 Jan 2022 13:38:41 -0500 Subject: [PATCH 5/5] Unskip update_rules tests --- .../rules/add_prepackaged_rules_route.test.ts | 1 - .../rules/update_rules.test.ts | 33 +++++++++---------- 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts index c3591fc216674..3ec8cb733aa28 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts @@ -11,7 +11,6 @@ import { getFindResultWithSingleHit, getAlertMock, getBasicEmptySearchResponse, - getBasicNoShardsSearchResponse, } from '../__mocks__/request_responses'; import { configMock, requestContextMock, serverMock } from '../__mocks__'; import { AddPrepackagedRulesSchemaDecoded } from '../../../../../common/detection_engine/schemas/request/add_prepackaged_rules_schema'; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.test.ts index 79371aa6e68b6..ecf625ceaee17 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/update_rules.test.ts @@ -12,18 +12,12 @@ import { RulesClientMock } from '../../../../../alerting/server/rules_client.moc import { getMlRuleParams, getQueryRuleParams } from '../schemas/rule_schemas.mock'; // Failing with rule registry enabled -describe.skip.each([ - ['Legacy', false], - ['RAC', true], -])('updateRules - %s', (_, isRuleRegistryEnabled) => { +describe('updateRules', () => { it('should call rulesClient.disable if the rule was enabled and enabled is false', async () => { - const rulesOptionsMock = getUpdateRulesOptionsMock(isRuleRegistryEnabled); + const rulesOptionsMock = getUpdateRulesOptionsMock(true); rulesOptionsMock.ruleUpdate.enabled = false; - (rulesOptionsMock.rulesClient as unknown as RulesClientMock).resolve.mockResolvedValue( - resolveAlertMock(isRuleRegistryEnabled, getQueryRuleParams()) - ); (rulesOptionsMock.rulesClient as unknown as RulesClientMock).update.mockResolvedValue( - getAlertMock(isRuleRegistryEnabled, getQueryRuleParams()) + getAlertMock(true, getQueryRuleParams()) ); await updateRules(rulesOptionsMock); @@ -36,15 +30,18 @@ describe.skip.each([ }); it('should call rulesClient.enable if the rule was disabled and enabled is true', async () => { - const rulesOptionsMock = getUpdateRulesOptionsMock(isRuleRegistryEnabled); + const baseRulesOptionsMock = getUpdateRulesOptionsMock(true); + const rulesOptionsMock = { + ...baseRulesOptionsMock, + existingRule: { + ...baseRulesOptionsMock.existingRule, + enabled: false, + }, + }; rulesOptionsMock.ruleUpdate.enabled = true; - (rulesOptionsMock.rulesClient as unknown as RulesClientMock).resolve.mockResolvedValue({ - ...resolveAlertMock(isRuleRegistryEnabled, getQueryRuleParams()), - enabled: false, - }); (rulesOptionsMock.rulesClient as unknown as RulesClientMock).update.mockResolvedValue( - getAlertMock(isRuleRegistryEnabled, getQueryRuleParams()) + getAlertMock(true, getQueryRuleParams()) ); await updateRules(rulesOptionsMock); @@ -57,15 +54,15 @@ describe.skip.each([ }); it('calls the rulesClient with params', async () => { - const rulesOptionsMock = getUpdateMlRulesOptionsMock(isRuleRegistryEnabled); + const rulesOptionsMock = getUpdateMlRulesOptionsMock(true); rulesOptionsMock.ruleUpdate.enabled = true; (rulesOptionsMock.rulesClient as unknown as RulesClientMock).update.mockResolvedValue( - getAlertMock(isRuleRegistryEnabled, getMlRuleParams()) + getAlertMock(true, getMlRuleParams()) ); (rulesOptionsMock.rulesClient as unknown as RulesClientMock).resolve.mockResolvedValue( - resolveAlertMock(isRuleRegistryEnabled, getMlRuleParams()) + resolveAlertMock(true, getMlRuleParams()) ); await updateRules(rulesOptionsMock);