elastic · cnasikas · Apr 4, 2023 · Apr 1, 2023 · Apr 4, 2023 · Apr 4, 2023
diff --git a/x-pack/plugins/cases/server/client/attachments/delete.test.ts b/x-pack/plugins/cases/server/client/attachments/delete.test.ts
@@ -7,40 +7,93 @@
 
 import { mockCaseComments } from '../../mocks';
 import { createCasesClientMockArgs } from '../mocks';
-import { deleteComment } from './delete';
+import { deleteComment, deleteAll } from './delete';
 
-describe('deleteComment', () => {
-  const clientArgs = createCasesClientMockArgs();
+describe('delete', () => {
+  describe('deleteComment', () => {
+    const clientArgs = createCasesClientMockArgs();
 
-  beforeEach(() => {
-    jest.clearAllMocks();
-  });
+    beforeEach(() => {
+      jest.clearAllMocks();
+    });
 
-  describe('Alerts', () => {
-    const commentSO = mockCaseComments[0];
-    const alertsSO = mockCaseComments[3];
-    clientArgs.services.attachmentService.getter.get.mockResolvedValue(alertsSO);
+    describe('Alerts', () => {
+      const commentSO = mockCaseComments[0];
+      const alertsSO = mockCaseComments[3];
+      clientArgs.services.attachmentService.getter.get.mockResolvedValue(alertsSO);
 
-    it('delete alerts correctly', async () => {
-      await deleteComment({ caseID: 'mock-id-4', attachmentID: 'mock-comment-4' }, clientArgs);
+      it('delete alerts correctly', async () => {
+        await deleteComment({ caseID: 'mock-id-4', attachmentID: 'mock-comment-4' }, clientArgs);
 
-      expect(clientArgs.services.alertsService.ensureAlertsAuthorized).toHaveBeenCalledWith({
-        alerts: [{ id: 'test-id', index: 'test-index' }],
+        expect(clientArgs.services.alertsService.ensureAlertsAuthorized).toHaveBeenCalledWith({
+          alerts: [{ id: 'test-id', index: 'test-index' }],
+        });
+
+        expect(clientArgs.services.alertsService.removeCaseIdFromAlerts).toHaveBeenCalledWith({
+          alerts: [{ id: 'test-id', index: 'test-index' }],
+          caseId: 'mock-id-4',
+        });
       });
 
-      expect(clientArgs.services.alertsService.removeCaseIdFromAlerts).toHaveBeenCalledWith({
-        alerts: [{ id: 'test-id', index: 'test-index' }],
-        caseId: 'mock-id-4',
+      it('does not call the alert service when the attachment is not an alert', async () => {
+        clientArgs.services.attachmentService.getter.get.mockResolvedValue(commentSO);
+        await deleteComment({ caseID: 'mock-id-1', attachmentID: 'mock-comment-1' }, clientArgs);
+
+        expect(clientArgs.services.alertsService.ensureAlertsAuthorized).not.toHaveBeenCalledWith();
+        expect(clientArgs.services.alertsService.removeCaseIdFromAlerts).not.toHaveBeenCalledWith();
       });
     });
+  });
+
+  describe('deleteAll', () => {
+    const clientArgs = createCasesClientMockArgs();
+    const getAllCaseCommentsResponse = {
+      saved_objects: mockCaseComments.map((so) => ({ ...so, score: 0 })),
+      total: mockCaseComments.length,
+      page: 1,
+      per_page: mockCaseComments.length,
+    };
 
-    it('does not call the alert service when the attachment is not an alert', async () => {
-      clientArgs.services.attachmentService.getter.get.mockResolvedValue(commentSO);
-      await deleteComment({ caseID: 'mock-id-1', attachmentID: 'mock-comment-1' }, clientArgs);
+    beforeEach(() => {
+      jest.clearAllMocks();
+    });
 
-      expect(clientArgs.services.alertsService.ensureAlertsAuthorized).not.toHaveBeenCalledWith();
+    describe('Alerts', () => {
+      clientArgs.services.caseService.getAllCaseComments.mockResolvedValue(
+        getAllCaseCommentsResponse
+      );
 
-      expect(clientArgs.services.alertsService.removeCaseIdFromAlerts).not.toHaveBeenCalledWith();
+      it('delete alerts correctly', async () => {
+        await deleteAll({ caseID: 'mock-id-4' }, clientArgs);
+
+        expect(clientArgs.services.alertsService.ensureAlertsAuthorized).toHaveBeenCalledWith({
+          alerts: [
+            { id: 'test-id', index: 'test-index' },
+            { id: 'test-id-2', index: 'test-index-2' },
+            { id: 'test-id-3', index: 'test-index-3' },
+          ],
+        });
+
+        expect(clientArgs.services.alertsService.removeCaseIdFromAlerts).toHaveBeenCalledWith({
+          alerts: [
+            { id: 'test-id', index: 'test-index' },
+            { id: 'test-id-2', index: 'test-index-2' },
+            { id: 'test-id-3', index: 'test-index-3' },
+          ],
+          caseId: 'mock-id-4',
+        });
+      });
+
+      it('does not call the alert service when the attachment is not an alert', async () => {
+        clientArgs.services.caseService.getAllCaseComments.mockResolvedValue({
+          ...getAllCaseCommentsResponse,
+          saved_objects: [{ ...mockCaseComments[0], score: 0 }],
+        });
+        await deleteAll({ caseID: 'mock-id-1' }, clientArgs);
+
+        expect(clientArgs.services.alertsService.ensureAlertsAuthorized).not.toHaveBeenCalledWith();
+        expect(clientArgs.services.alertsService.removeCaseIdFromAlerts).not.toHaveBeenCalledWith();
+      });
     });
   });
 });
diff --git a/x-pack/plugins/cases/server/client/attachments/delete.ts b/x-pack/plugins/cases/server/client/attachments/delete.ts
@@ -9,7 +9,11 @@ import Boom from '@hapi/boom';
 import pMap from 'p-map';
 
 import type { SavedObject } from '@kbn/core/server';
-import type { CommentAttributes } from '../../../common/api';
+import type {
+  CommentAttributes,
+  CommentRequest,
+  CommentRequestAlertType,
+} from '../../../common/api';
 import { Actions, ActionTypes } from '../../../common/api';
 import { getAlertInfoFromComments, isCommentRequestTypeAlert } from '../../common/utils';
 import { CASE_SAVED_OBJECT, MAX_CONCURRENT_SEARCHES } from '../../../common/constants';
@@ -29,7 +33,7 @@ export async function deleteAll(
 ): Promise<void> {
   const {
     user,
-    services: { caseService, attachmentService, userActionService },
+    services: { caseService, attachmentService, userActionService, alertsService },
     logger,
     authorization,
   } = clientArgs;
@@ -71,6 +75,10 @@ export async function deleteAll(
       })),
       user,
     });
+
+    const attachments = comments.saved_objects.map((comment) => comment.attributes);
+
+    await handleAlerts({ alertsService, attachments, caseId: caseID });
   } catch (error) {
     throw createCaseError({
       message: `Failed to delete all comments case id: ${caseID}: ${error}`,
@@ -133,7 +141,7 @@ export async function deleteComment(
       owner: attachment.attributes.owner,
     });
 
-    await handleAlerts({ alertsService, attachment: attachment.attributes, caseId: id });
+    await handleAlerts({ alertsService, attachments: [attachment.attributes], caseId: id });
   } catch (error) {
     throw createCaseError({
       message: `Failed to delete comment: ${caseID} comment id: ${attachmentID}: ${error}`,
@@ -145,16 +153,20 @@ export async function deleteComment(
 
 interface HandleAlertsArgs {
   alertsService: CasesClientArgs['services']['alertsService'];
-  attachment: CommentAttributes;
+  attachments: CommentRequest[];
   caseId: string;
 }
 
-const handleAlerts = async ({ alertsService, attachment, caseId }: HandleAlertsArgs) => {
-  if (!isCommentRequestTypeAlert(attachment)) {
+const handleAlerts = async ({ alertsService, attachments, caseId }: HandleAlertsArgs) => {
+  const alertAttachments = attachments.filter((attachment): attachment is CommentRequestAlertType =>
+    isCommentRequestTypeAlert(attachment)
+  );
+
+  if (alertAttachments.length === 0) {
     return;
   }
 
-  const alerts = getAlertInfoFromComments([attachment]);
+  const alerts = getAlertInfoFromComments(alertAttachments);
   await alertsService.ensureAlertsAuthorized({ alerts });
   await alertsService.removeCaseIdFromAlerts({ alerts, caseId });
 };
diff --git a/x-pack/plugins/cases/server/mocks.ts b/x-pack/plugins/cases/server/mocks.ts
@@ -370,8 +370,8 @@ export const mockCaseComments: Array<SavedObject<CommentAttributes>> = [
     id: 'mock-comment-6',
     attributes: {
       type: CommentType.alert,
-      index: 'test-index',
-      alertId: 'test-id',
+      index: 'test-index-3',
+      alertId: 'test-id-3',
       created_at: '2019-11-25T22:32:30.608Z',
       created_by: {
         full_name: 'elastic',

@@ -30,7 +30,6 @@ import {
   createCase,
   createComment,
   deleteComment,
-  deleteAllComments,
   superUserSpace1Auth,
 } from '../../../../common/lib/api';
 import {
@@ -387,35 +386,6 @@ export default ({ getService }: FtrProviderContext): void => {
         });
       });
 
-      it('should delete multiple comments from the appropriate owner', async () => {
-        const secCase = await createCase(
-          supertestWithoutAuth,
-          getPostCaseRequest({ owner: 'securitySolutionFixture' }),
-          200,
-          { user: secOnly, space: 'space1' }
-        );
-
-        await createComment({
-          supertest: supertestWithoutAuth,
-          caseId: secCase.id,
-          params: postCommentUserReq,
-          auth: { user: secOnly, space: 'space1' },
-        });
-
-        await createComment({
-          supertest: supertestWithoutAuth,
-          caseId: secCase.id,
-          params: postCommentUserReq,
-          auth: { user: secOnly, space: 'space1' },
-        });
-
-        await deleteAllComments({
-          supertest: supertestWithoutAuth,
-          caseId: secCase.id,
-          auth: { user: secOnly, space: 'space1' },
-        });
-      });
-
       it('should not delete a comment from a different owner', async () => {
         const secCase = await createCase(
           supertestWithoutAuth,
@@ -438,13 +408,6 @@ export default ({ getService }: FtrProviderContext): void => {
           auth: { user: obsOnly, space: 'space1' },
           expectedHttpCode: 403,
         });
-
-        await deleteAllComments({
-          supertest: supertestWithoutAuth,
-          caseId: secCase.id,
-          auth: { user: obsOnly, space: 'space1' },
-          expectedHttpCode: 403,
-        });
       });
 
       for (const user of [globalRead, secOnlyRead, obsOnlyRead, obsSecRead, noKibanaPrivileges]) {
@@ -472,13 +435,6 @@ export default ({ getService }: FtrProviderContext): void => {
             auth: { user, space: 'space1' },
             expectedHttpCode: 403,
           });
-
-          await deleteAllComments({
-            supertest: supertestWithoutAuth,
-            caseId: postedCase.id,
-            auth: { user, space: 'space1' },
-            expectedHttpCode: 403,
-          });
         });
       }
 
@@ -504,13 +460,6 @@ export default ({ getService }: FtrProviderContext): void => {
           auth: { user: secOnly, space: 'space2' },
           expectedHttpCode: 403,
         });
-
-        await deleteAllComments({
-          supertest: supertestWithoutAuth,
-          caseId: postedCase.id,
-          auth: { user: secOnly, space: 'space2' },
-          expectedHttpCode: 403,
-        });
       });
 
       it('should NOT delete a comment created in space2 by making a request to space1', async () => {
@@ -535,13 +484,6 @@ export default ({ getService }: FtrProviderContext): void => {
           auth: { user: secOnly, space: 'space1' },
           expectedHttpCode: 404,
         });
-
-        await deleteAllComments({
-          supertest: supertestWithoutAuth,
-          caseId: postedCase.id,
-          auth: { user: secOnly, space: 'space1' },
-          expectedHttpCode: 404,
-        });
       });
     });
   });