From 0017fd55b50c2e347c759fb2f94125eb52d73b35 Mon Sep 17 00:00:00 2001 From: Antonio Date: Wed, 3 Jul 2024 16:46:52 +0200 Subject: [PATCH] [ResponseOps][Cases] Change login role in serverless API tests. (#187471) # Summary Updated the API FTR tests to not run with operator privileges. Fixes #184742 --- .../test_suites/search/cases/find_cases.ts | 21 +++++++++++++++---- .../test_suites/search/cases/post_case.ts | 21 +++++++++++++++---- 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/x-pack/test_serverless/api_integration/test_suites/search/cases/find_cases.ts b/x-pack/test_serverless/api_integration/test_suites/search/cases/find_cases.ts index b847833b30b46..c03cab368d5d8 100644 --- a/x-pack/test_serverless/api_integration/test_suites/search/cases/find_cases.ts +++ b/x-pack/test_serverless/api_integration/test_suites/search/cases/find_cases.ts @@ -6,17 +6,30 @@ */ import { CASES_URL } from '@kbn/cases-plugin/common/constants'; +import type { RoleCredentials } from '../../../../shared/services'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); + const svlCommonApi = getService('svlCommonApi'); + const svlUserManager = getService('svlUserManager'); describe('find_cases', () => { + let roleAuthc: RoleCredentials; + + before(async () => { + roleAuthc = await svlUserManager.createApiKeyForRole('viewer'); + }); + + after(async () => { + await svlUserManager.invalidateApiKeyForRole(roleAuthc); + }); + it('403 when calling find cases API', async () => { - await supertest + await supertestWithoutAuth .get(`${CASES_URL}/_find`) - .set('kbn-xsrf', 'foo') - .set('x-elastic-internal-origin', 'foo') + .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .expect(403); }); }); diff --git a/x-pack/test_serverless/api_integration/test_suites/search/cases/post_case.ts b/x-pack/test_serverless/api_integration/test_suites/search/cases/post_case.ts index 4391fa29e0831..f6f596d6b0454 100644 --- a/x-pack/test_serverless/api_integration/test_suites/search/cases/post_case.ts +++ b/x-pack/test_serverless/api_integration/test_suites/search/cases/post_case.ts @@ -8,18 +8,31 @@ import { CASES_URL } from '@kbn/cases-plugin/common/constants'; import { CaseSeverity } from '@kbn/cases-plugin/common/types/domain'; import { ConnectorTypes } from '@kbn/cases-plugin/common/types/domain'; +import type { RoleCredentials } from '../../../../shared/services'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); + const svlCommonApi = getService('svlCommonApi'); + const svlUserManager = getService('svlUserManager'); describe('post_case', () => { + let roleAuthc: RoleCredentials; + + before(async () => { + roleAuthc = await svlUserManager.createApiKeyForRole('viewer'); + }); + + after(async () => { + await svlUserManager.invalidateApiKeyForRole(roleAuthc); + }); + it('403 when trying to create case', async () => { - await supertest + await supertestWithoutAuth .post(CASES_URL) - .set('kbn-xsrf', 'foo') - .set('x-elastic-internal-origin', 'foo') + .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ description: 'This is a brand new case of a bad meanie defacing data', title: 'Super Bad Observability Issue',