From d1e9c879a2c4f19d54e0a04debe1c906f4b397a4 Mon Sep 17 00:00:00 2001 From: Paul Tavares <56442535+paul-tavares@users.noreply.github.com> Date: Tue, 27 Jun 2023 08:39:35 -0400 Subject: [PATCH] [Security Solution][Endpoint] Move additinal (batch 3) APIs to versioned router (#160326) ## Summary Moves the following APIs to the versioned router: - `POST /api/endpoint/isolate` (old route) - `POST /api/endpoint/unisolate` (old route) - `POST /api/endpoint/action/isolate` - `POST /api/endpoint/action/unisolate` - `POST /api/endpoint/action/kill_process` - `POST /api/endpoint/action/suspend_process` - `POST /api/endpoint/action/running_procs` - `POST /api/endpoint/action/get_file` --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../lib/endpoint_isolation/index.test.ts | 11 +- .../common/lib/endpoint_isolation/index.ts | 11 +- .../common/lib/endpoint_isolation/mocks.ts | 9 +- .../common/lib/process_actions/index.ts | 2 + .../detection_engine/alerts/api.test.ts | 3 +- .../get_file_action.test.tsx | 1 + ...use_send_get_endpoint_processes_request.ts | 1 + .../use_send_get_file_request.ts | 1 + .../mocks/response_actions_http_mocks.ts | 8 +- .../routes/actions/response_actions.test.ts | 50 +++- .../routes/actions/response_actions.ts | 224 +++++++++++------- .../apis/endpoint_authz.ts | 6 + 12 files changed, 225 insertions(+), 102 deletions(-) diff --git a/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.test.ts b/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.test.ts index b680eb05dca9b..ebfac9c6508b6 100644 --- a/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.test.ts +++ b/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.test.ts @@ -8,8 +8,11 @@ import { KibanaServices } from '../kibana'; import { coreMock } from '@kbn/core/public/mocks'; import { isolateHost, unIsolateHost } from '.'; -import { ISOLATE_HOST_ROUTE, UNISOLATE_HOST_ROUTE } from '../../../../common/endpoint/constants'; import { hostIsolationRequestBodyMock } from './mocks'; +import { + ISOLATE_HOST_ROUTE_V2, + UNISOLATE_HOST_ROUTE_V2, +} from '../../../../common/endpoint/constants'; jest.mock('../kibana'); @@ -24,8 +27,9 @@ describe('When using Host Isolation library', () => { const requestBody = hostIsolationRequestBodyMock(); await isolateHost(requestBody); - expect(mockKibanaServices().http.post).toHaveBeenCalledWith(ISOLATE_HOST_ROUTE, { + expect(mockKibanaServices().http.post).toHaveBeenCalledWith(ISOLATE_HOST_ROUTE_V2, { body: JSON.stringify(requestBody), + version: '2023-10-31', }); }); @@ -33,8 +37,9 @@ describe('When using Host Isolation library', () => { const requestBody = hostIsolationRequestBodyMock(); await unIsolateHost(requestBody); - expect(mockKibanaServices().http.post).toHaveBeenCalledWith(UNISOLATE_HOST_ROUTE, { + expect(mockKibanaServices().http.post).toHaveBeenCalledWith(UNISOLATE_HOST_ROUTE_V2, { body: JSON.stringify(requestBody), + version: '2023-10-31', }); }); }); diff --git a/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.ts b/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.ts index a83f4ea7d3ce7..71cde358a17a3 100644 --- a/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.ts +++ b/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/index.ts @@ -10,14 +10,18 @@ import type { ResponseActionApiResponse, } from '../../../../common/endpoint/types'; import { KibanaServices } from '../kibana'; -import { ISOLATE_HOST_ROUTE, UNISOLATE_HOST_ROUTE } from '../../../../common/endpoint/constants'; +import { + ISOLATE_HOST_ROUTE_V2, + UNISOLATE_HOST_ROUTE_V2, +} from '../../../../common/endpoint/constants'; /** Isolates a Host running either elastic endpoint or fleet agent */ export const isolateHost = async ( params: HostIsolationRequestBody ): Promise => { - return KibanaServices.get().http.post(ISOLATE_HOST_ROUTE, { + return KibanaServices.get().http.post(ISOLATE_HOST_ROUTE_V2, { body: JSON.stringify(params), + version: '2023-10-31', }); }; @@ -25,7 +29,8 @@ export const isolateHost = async ( export const unIsolateHost = async ( params: HostIsolationRequestBody ): Promise => { - return KibanaServices.get().http.post(UNISOLATE_HOST_ROUTE, { + return KibanaServices.get().http.post(UNISOLATE_HOST_ROUTE_V2, { body: JSON.stringify(params), + version: '2023-10-31', }); }; diff --git a/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/mocks.ts b/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/mocks.ts index b0bbc70393092..5540f4c966773 100644 --- a/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/mocks.ts +++ b/x-pack/plugins/security_solution/public/common/lib/endpoint_isolation/mocks.ts @@ -11,7 +11,10 @@ import type { } from '../../../../common/endpoint/types'; import type { ResponseProvidersInterface } from '../../mock/endpoint/http_handler_mock_factory'; import { httpHandlerMockFactory } from '../../mock/endpoint/http_handler_mock_factory'; -import { ISOLATE_HOST_ROUTE, UNISOLATE_HOST_ROUTE } from '../../../../common/endpoint/constants'; +import { + ISOLATE_HOST_ROUTE_V2, + UNISOLATE_HOST_ROUTE_V2, +} from '../../../../common/endpoint/constants'; export const hostIsolationRequestBodyMock = (): HostIsolationRequestBody => { return { @@ -37,13 +40,13 @@ export const hostIsolationHttpMocks = httpHandlerMockFactory hostIsolationResponseMock(), }, { id: 'unIsolateHost', method: 'post', - path: UNISOLATE_HOST_ROUTE, + path: UNISOLATE_HOST_ROUTE_V2, handler: () => hostIsolationResponseMock(), }, ]); diff --git a/x-pack/plugins/security_solution/public/common/lib/process_actions/index.ts b/x-pack/plugins/security_solution/public/common/lib/process_actions/index.ts index 5e34218a9f0b5..ef38144a5c53c 100644 --- a/x-pack/plugins/security_solution/public/common/lib/process_actions/index.ts +++ b/x-pack/plugins/security_solution/public/common/lib/process_actions/index.ts @@ -18,6 +18,7 @@ export const killProcess = ( ): Promise => { return KibanaServices.get().http.post(KILL_PROCESS_ROUTE, { body: JSON.stringify(params), + version: '2023-10-31', }); }; @@ -27,5 +28,6 @@ export const suspendProcess = ( ): Promise => { return KibanaServices.get().http.post(SUSPEND_PROCESS_ROUTE, { body: JSON.stringify(params), + version: '2023-10-31', }); }; diff --git a/x-pack/plugins/security_solution/public/detections/containers/detection_engine/alerts/api.test.ts b/x-pack/plugins/security_solution/public/detections/containers/detection_engine/alerts/api.test.ts index adbb0048818fe..eea9500e868a8 100644 --- a/x-pack/plugins/security_solution/public/detections/containers/detection_engine/alerts/api.test.ts +++ b/x-pack/plugins/security_solution/public/detections/containers/detection_engine/alerts/api.test.ts @@ -179,8 +179,9 @@ describe('Detections Alerts API', () => { comment: 'commento', caseIds: ['88c04a90-b19c-11eb-b838-bf3c7840b969'], }); - expect(postMock).toHaveBeenCalledWith('/api/endpoint/isolate', { + expect(postMock).toHaveBeenCalledWith('/api/endpoint/action/isolate', { body: '{"endpoint_ids":["fd8a122b-4c54-4c05-b295-e5f8381fc59d"],"comment":"commento","case_ids":["88c04a90-b19c-11eb-b838-bf3c7840b969"]}', + version: '2023-10-31', }); }); diff --git a/x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/get_file_action.test.tsx b/x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/get_file_action.test.tsx index 6f8f4f3177ea8..3a9c83c244341 100644 --- a/x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/get_file_action.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/get_file_action.test.tsx @@ -121,6 +121,7 @@ describe('When using get-file action from response actions console', () => { expect(apiMocks.responseProvider.getFile).toHaveBeenCalledWith({ body: '{"endpoint_ids":["a.b.c"],"parameters":{"path":"one/two"}}', path: GET_FILE_ROUTE, + version: '2023-10-31', }); }); }); diff --git a/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_endpoint_processes_request.ts b/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_endpoint_processes_request.ts index 8fa97e75dc6be..cf946db04ca37 100644 --- a/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_endpoint_processes_request.ts +++ b/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_endpoint_processes_request.ts @@ -40,6 +40,7 @@ export const useSendGetEndpointProcessesRequest = ( ResponseActionApiResponse >(GET_PROCESSES_ROUTE, { body: JSON.stringify(getRunningProcessesData), + version: '2023-10-31', }); }, customOptions); }; diff --git a/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_file_request.ts b/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_file_request.ts index e915e3ca94244..234abfd6e0e97 100644 --- a/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_file_request.ts +++ b/x-pack/plugins/security_solution/public/management/hooks/response_actions/use_send_get_file_request.ts @@ -28,6 +28,7 @@ export const useSendGetFileRequest = ( (reqBody) => { return KibanaServices.get().http.post(GET_FILE_ROUTE, { body: JSON.stringify(reqBody), + version: '2023-10-31', }); }, customOptions diff --git a/x-pack/plugins/security_solution/public/management/mocks/response_actions_http_mocks.ts b/x-pack/plugins/security_solution/public/management/mocks/response_actions_http_mocks.ts index 05a02603de615..f4a62fd9fa341 100644 --- a/x-pack/plugins/security_solution/public/management/mocks/response_actions_http_mocks.ts +++ b/x-pack/plugins/security_solution/public/management/mocks/response_actions_http_mocks.ts @@ -12,14 +12,14 @@ import { ACTION_STATUS_ROUTE, GET_PROCESSES_ROUTE, BASE_ENDPOINT_ACTION_ROUTE, - ISOLATE_HOST_ROUTE, - UNISOLATE_HOST_ROUTE, KILL_PROCESS_ROUTE, SUSPEND_PROCESS_ROUTE, GET_FILE_ROUTE, ACTION_AGENT_FILE_INFO_ROUTE, EXECUTE_ROUTE, UPLOAD_ROUTE, + ISOLATE_HOST_ROUTE_V2, + UNISOLATE_HOST_ROUTE_V2, } from '../../../common/endpoint/constants'; import type { ResponseProvidersInterface } from '../../common/mock/endpoint/http_handler_mock_factory'; import { httpHandlerMockFactory } from '../../common/mock/endpoint/http_handler_mock_factory'; @@ -71,7 +71,7 @@ export type ResponseActionsHttpMocksInterface = ResponseProvidersInterface<{ export const responseActionsHttpMocks = httpHandlerMockFactory([ { id: 'isolateHost', - path: ISOLATE_HOST_ROUTE, + path: ISOLATE_HOST_ROUTE_V2, method: 'post', handler: (): ResponseActionApiResponse => { return { action: '1-2-3', data: { id: '1-2-3' } as ResponseActionApiResponse['data'] }; @@ -79,7 +79,7 @@ export const responseActionsHttpMocks = httpHandlerMockFactory { return { action: '3-2-1', data: { id: '3-2-1' } as ResponseActionApiResponse['data'] }; diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts b/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts index 124bda8b2fe0d..dd10093cc343c 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.test.ts @@ -209,7 +209,10 @@ describe('Response actions', () => { }); it('correctly redirects legacy isolate to new route', async () => { - await callRoute(ISOLATE_HOST_ROUTE, { body: { endpoint_ids: ['XYZ'] } }); + await callRoute(ISOLATE_HOST_ROUTE, { + body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', + }); expect(mockResponse.custom).toBeCalled(); const response = mockResponse.custom.mock.calls[0][0]; expect(response.statusCode).toEqual(308); @@ -217,7 +220,10 @@ describe('Response actions', () => { }); it('correctly redirects legacy release to new route', async () => { - await callRoute(UNISOLATE_HOST_ROUTE, { body: { endpoint_ids: ['XYZ'] } }); + await callRoute(UNISOLATE_HOST_ROUTE, { + body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', + }); expect(mockResponse.custom).toBeCalled(); const response = mockResponse.custom.mock.calls[0][0]; expect(response.statusCode).toEqual(308); @@ -225,12 +231,18 @@ describe('Response actions', () => { }); it('succeeds when an endpoint ID is provided', async () => { - await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] } }); + await callRoute(ISOLATE_HOST_ROUTE_V2, { + body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', + }); expect(mockResponse.ok).toBeCalled(); }); it('accepts a comment field', async () => { - await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'], comment: 'XYZ' } }); + await callRoute(ISOLATE_HOST_ROUTE_V2, { + body: { endpoint_ids: ['XYZ'], comment: 'XYZ' }, + version: '2023-10-31', + }); expect(mockResponse.ok).toBeCalled(); }); @@ -240,6 +252,7 @@ describe('Response actions', () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['ABC-XYZ-000'] }, searchResponse: metadataResponse, + version: '2023-10-31', }); await expect( @@ -258,6 +271,7 @@ describe('Response actions', () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, mockUser: testUser, + version: '2023-10-31', }); await expect( @@ -275,6 +289,7 @@ describe('Response actions', () => { const comment = "I am isolating this because it's Friday"; await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'], comment }, + version: '2023-10-31', }); await expect( @@ -295,6 +310,7 @@ describe('Response actions', () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: endpointIds, comment: 'XYZ' }, + version: '2023-10-31', }); await expect( @@ -322,6 +338,7 @@ describe('Response actions', () => { it('records the timeout in the action payload', async () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); await expect( ( @@ -341,6 +358,7 @@ describe('Response actions', () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, searchResponse: doc, + version: '2023-10-31', }); await expect( @@ -357,6 +375,7 @@ describe('Response actions', () => { it('sends the isolate command payload from the isolate route', async () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); await expect( @@ -375,6 +394,7 @@ describe('Response actions', () => { it('sends the unisolate command payload from the unisolate route', async () => { await callRoute(UNISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); await expect( @@ -393,6 +413,7 @@ describe('Response actions', () => { it('sends the kill-process command payload from the kill process route', async () => { await callRoute(KILL_PROCESS_ROUTE, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); await expect( @@ -411,6 +432,7 @@ describe('Response actions', () => { it('sends the suspend-process command payload from the suspend process route', async () => { await callRoute(SUSPEND_PROCESS_ROUTE, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); await expect( @@ -429,6 +451,7 @@ describe('Response actions', () => { it('sends the running-processes command payload from the running processes route', async () => { await callRoute(GET_PROCESSES_ROUTE, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); await expect( @@ -447,6 +470,7 @@ describe('Response actions', () => { it('sends the get-file command payload from the get file route', async () => { await callRoute(GET_FILE_ROUTE, { body: { endpoint_ids: ['XYZ'], parameters: { path: '/one/two/three' } }, + version: '2023-10-31', }); await expect( @@ -487,6 +511,7 @@ describe('Response actions', () => { UNISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -521,6 +546,7 @@ describe('Response actions', () => { ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -556,6 +582,7 @@ describe('Response actions', () => { KILL_PROCESS_ROUTE, { body: { endpoint_ids: ['XYZ'], parameters }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -593,6 +620,7 @@ describe('Response actions', () => { SUSPEND_PROCESS_ROUTE, { body: { endpoint_ids: ['XYZ'], parameters }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -629,6 +657,7 @@ describe('Response actions', () => { GET_PROCESSES_ROUTE, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -663,6 +692,7 @@ describe('Response actions', () => { GET_FILE_ROUTE, { body: { endpoint_ids: ['XYZ'], parameters: { path: '/one/two/three' } }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -777,6 +807,7 @@ describe('Response actions', () => { ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }, { endpointDsExists: true } ); @@ -801,6 +832,7 @@ describe('Response actions', () => { UNISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', indexErrorResponse: { statusCode: 500, body: { @@ -824,6 +856,7 @@ describe('Response actions', () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, license: Platinum, + version: '2023-10-31', }); expect(mockResponse.ok).toBeCalled(); }); @@ -833,6 +866,7 @@ describe('Response actions', () => { body: { endpoint_ids: ['XYZ'] }, authz: { canIsolateHost: false }, license: Gold, + version: '2023-10-31', }); expect(mockResponse.forbidden).toBeCalled(); @@ -842,6 +876,7 @@ describe('Response actions', () => { licenseEmitter.next(Gold); await callRoute(UNISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', license: Gold, }); expect(mockResponse.ok).toBeCalled(); @@ -852,6 +887,7 @@ describe('Response actions', () => { it('allows user to perform isolation when canIsolateHost is true', async () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); expect(mockResponse.ok).toBeCalled(); }); @@ -859,6 +895,7 @@ describe('Response actions', () => { it('allows user to perform unisolation when canUnIsolateHost is true', async () => { await callRoute(UNISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, + version: '2023-10-31', }); expect(mockResponse.ok).toBeCalled(); }); @@ -867,6 +904,7 @@ describe('Response actions', () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, authz: { canIsolateHost: false }, + version: '2023-10-31', }); expect(mockResponse.forbidden).toBeCalled(); }); @@ -875,6 +913,7 @@ describe('Response actions', () => { await callRoute(UNISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'] }, authz: { canUnIsolateHost: false }, + version: '2023-10-31', }); expect(mockResponse.forbidden).toBeCalled(); }); @@ -924,6 +963,7 @@ describe('Response actions', () => { it('logs a comment to the provided cases', async () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'], case_ids: ['one', 'two'] }, + version: '2023-10-31', }); expect(casesClient.attachments.bulkCreate).toHaveBeenCalledTimes(2); @@ -935,6 +975,7 @@ describe('Response actions', () => { it('logs a comment to any cases associated with the given alerts', async () => { await callRoute(ISOLATE_HOST_ROUTE_V2, { body: { endpoint_ids: ['XYZ'], alert_ids: ['one', 'two'] }, + version: '2023-10-31', }); expect(getCaseIdsFromAttachmentAddService()).toEqual( @@ -950,6 +991,7 @@ describe('Response actions', () => { case_ids: ['ONE', 'TWO', 'case-1'], alert_ids: ['one', 'two'], }, + version: '2023-10-31', }); expect(casesClient.attachments.bulkCreate).toHaveBeenCalledTimes(4); diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.ts b/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.ts index 868274d255e09..b305a3f05e4d4 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/actions/response_actions.ts @@ -51,114 +51,170 @@ export function registerResponseActionRoutes( /** * @deprecated use ISOLATE_HOST_ROUTE_V2 instead */ - router.post( - { + router.versioned + .post({ + access: 'public', path: ISOLATE_HOST_ROUTE, - validate: NoParametersRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz({ all: ['canIsolateHost'] }, logger, redirectHandler(ISOLATE_HOST_ROUTE_V2)) - ); + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: NoParametersRequestSchema, + }, + }, + withEndpointAuthz({ all: ['canIsolateHost'] }, logger, redirectHandler(ISOLATE_HOST_ROUTE_V2)) + ); /** * @deprecated use RELEASE_HOST_ROUTE instead */ - router.post( - { + router.versioned + .post({ + access: 'public', path: UNISOLATE_HOST_ROUTE, - validate: NoParametersRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canUnIsolateHost'] }, - logger, - redirectHandler(UNISOLATE_HOST_ROUTE_V2) - ) - ); - - router.post( - { + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: NoParametersRequestSchema, + }, + }, + withEndpointAuthz( + { all: ['canUnIsolateHost'] }, + logger, + redirectHandler(UNISOLATE_HOST_ROUTE_V2) + ) + ); + + router.versioned + .post({ + access: 'public', path: ISOLATE_HOST_ROUTE_V2, - validate: NoParametersRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canIsolateHost'] }, - logger, - responseActionRequestHandler(endpointContext, 'isolate') - ) - ); - - router.post( - { + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: NoParametersRequestSchema, + }, + }, + withEndpointAuthz( + { all: ['canIsolateHost'] }, + logger, + responseActionRequestHandler(endpointContext, 'isolate') + ) + ); + + router.versioned + .post({ + access: 'public', path: UNISOLATE_HOST_ROUTE_V2, - validate: NoParametersRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canUnIsolateHost'] }, - logger, - responseActionRequestHandler(endpointContext, 'unisolate') - ) - ); - - router.post( - { + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: NoParametersRequestSchema, + }, + }, + withEndpointAuthz( + { all: ['canUnIsolateHost'] }, + logger, + responseActionRequestHandler(endpointContext, 'unisolate') + ) + ); + + router.versioned + .post({ + access: 'public', path: KILL_PROCESS_ROUTE, - validate: KillOrSuspendProcessRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canKillProcess'] }, - logger, - responseActionRequestHandler( - endpointContext, - 'kill-process' + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: KillOrSuspendProcessRequestSchema, + }, + }, + withEndpointAuthz( + { all: ['canKillProcess'] }, + logger, + responseActionRequestHandler( + endpointContext, + 'kill-process' + ) ) - ) - ); + ); - router.post( - { + router.versioned + .post({ + access: 'public', path: SUSPEND_PROCESS_ROUTE, - validate: KillOrSuspendProcessRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canSuspendProcess'] }, - logger, - responseActionRequestHandler( - endpointContext, - 'suspend-process' + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: KillOrSuspendProcessRequestSchema, + }, + }, + withEndpointAuthz( + { all: ['canSuspendProcess'] }, + logger, + responseActionRequestHandler( + endpointContext, + 'suspend-process' + ) ) - ) - ); + ); - router.post( - { + router.versioned + .post({ + access: 'public', path: GET_PROCESSES_ROUTE, - validate: NoParametersRequestSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canGetRunningProcesses'] }, - logger, - responseActionRequestHandler(endpointContext, 'running-processes') - ) - ); - - router.post( - { + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: NoParametersRequestSchema, + }, + }, + withEndpointAuthz( + { all: ['canGetRunningProcesses'] }, + logger, + responseActionRequestHandler(endpointContext, 'running-processes') + ) + ); + + router.versioned + .post({ + access: 'public', path: GET_FILE_ROUTE, - validate: EndpointActionGetFileSchema, options: { authRequired: true, tags: ['access:securitySolution'] }, - }, - withEndpointAuthz( - { all: ['canWriteFileOperations'] }, - logger, - responseActionRequestHandler(endpointContext, 'get-file') - ) - ); + }) + .addVersion( + { + version: '2023-10-31', + validate: { + request: EndpointActionGetFileSchema, + }, + }, + withEndpointAuthz( + { all: ['canWriteFileOperations'] }, + logger, + responseActionRequestHandler(endpointContext, 'get-file') + ) + ); router.versioned .post({ diff --git a/x-pack/test/security_solution_endpoint_api_int/apis/endpoint_authz.ts b/x-pack/test/security_solution_endpoint_api_int/apis/endpoint_authz.ts index 2cc606a60dbbc..ef242d887496f 100644 --- a/x-pack/test/security_solution_endpoint_api_int/apis/endpoint_authz.ts +++ b/x-pack/test/security_solution_endpoint_api_int/apis/endpoint_authz.ts @@ -93,11 +93,13 @@ export default function ({ getService }: FtrProviderContext) { method: 'post', path: ISOLATE_HOST_ROUTE_V2, body: { endpoint_ids: ['one'] }, + version: '2023-10-31', }, { method: 'post', path: UNISOLATE_HOST_ROUTE_V2, body: { endpoint_ids: ['one'] }, + version: '2023-10-31', }, ]; @@ -106,16 +108,19 @@ export default function ({ getService }: FtrProviderContext) { method: 'post', path: GET_PROCESSES_ROUTE, body: { endpoint_ids: ['one'] }, + version: '2023-10-31', }, { method: 'post', path: KILL_PROCESS_ROUTE, body: { endpoint_ids: ['one'], parameters: { entity_id: 'abc123' } }, + version: '2023-10-31', }, { method: 'post', path: SUSPEND_PROCESS_ROUTE, body: { endpoint_ids: ['one'], parameters: { entity_id: 'abc123' } }, + version: '2023-10-31', }, ]; @@ -124,6 +129,7 @@ export default function ({ getService }: FtrProviderContext) { method: 'post', path: GET_FILE_ROUTE, body: { endpoint_ids: ['one'], parameters: { path: '/opt/file/doc.txt' } }, + version: '2023-10-31', }, ];