diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_rules/export_rule.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_rules/export_rule.cy.ts index ee0dc9379c613..1b7bde1ea7be1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_rules/export_rule.cy.ts +++ b/x-pack/plugins/security_solution/cypress/e2e/detection_rules/export_rule.cy.ts @@ -27,18 +27,32 @@ import { import { createExceptionList, deleteExceptionList } from '../../tasks/api_calls/exceptions'; import { getExceptionList } from '../../objects/exception'; import { createRule } from '../../tasks/api_calls/rules'; -import { cleanKibana, resetRulesTableState, deleteAlertsAndRules } from '../../tasks/common'; +import { + cleanKibana, + resetRulesTableState, + deleteAlertsAndRules, + reload, +} from '../../tasks/common'; import { login, visitWithoutDateRange } from '../../tasks/login'; import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../urls/navigation'; import { - excessivelyInstallAllPrebuiltRules, + createAndInstallMockedPrebuiltRules, getAvailablePrebuiltRulesCount, + preventPrebuiltRulesPackageInstallation, } from '../../tasks/api_calls/prebuilt_rules'; +import { createRuleAssetSavedObject } from '../../helpers/rules'; const EXPORTED_RULES_FILENAME = 'rules_export.ndjson'; const exceptionList = getExceptionList(); +const prebuiltRules = Array.from(Array(7)).map((_, i) => { + return createRuleAssetSavedObject({ + name: `Test rule ${i + 1}`, + rule_id: `rule_${i + 1}`, + }); +}); + describe('Export rules', () => { const downloadsFolder = Cypress.config('downloadsFolder'); @@ -53,6 +67,8 @@ describe('Export rules', () => { deleteAlertsAndRules(); // Rules get exported via _bulk_action endpoint cy.intercept('POST', '/api/detection_engine/rules/_bulk_action').as('bulk_action'); + // Prevent installation of whole prebuilt rules package, use mock prebuilt rules instead + preventPrebuiltRulesPackageInstallation(); visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); createRule(getNewRule({ name: 'Rule to export' })).as('ruleResponse'); }); @@ -83,23 +99,21 @@ describe('Export rules', () => { }); it('shows a modal saying that no rules can be exported if all the selected rules are prebuilt', function () { - const expectedElasticRulesCount = 7; - - excessivelyInstallAllPrebuiltRules(); + createAndInstallMockedPrebuiltRules({ rules: prebuiltRules }); filterByElasticRules(); - selectNumberOfRules(expectedElasticRulesCount); + selectNumberOfRules(prebuiltRules.length); bulkExportRules(); cy.get(MODAL_CONFIRMATION_BODY).contains( - `${expectedElasticRulesCount} prebuilt Elastic rules (exporting prebuilt rules is not supported)` + `${prebuiltRules.length} prebuilt Elastic rules (exporting prebuilt rules is not supported)` ); }); it('exports only custom rules', function () { const expectedNumberCustomRulesToBeExported = 1; - excessivelyInstallAllPrebuiltRules(); + createAndInstallMockedPrebuiltRules({ rules: prebuiltRules }); selectAllRules(); bulkExportRules(); @@ -151,8 +165,8 @@ describe('Export rules', () => { // one rule with exception, one without it const expectedNumberCustomRulesToBeExported = 2; - excessivelyInstallAllPrebuiltRules(); - + createAndInstallMockedPrebuiltRules({ rules: prebuiltRules }); + reload(); selectAllRules(); bulkExportRules(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_rules/rules_selection.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_rules/rules_selection.cy.ts index 848fd94ad94ed..0e72b6cf78703 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_rules/rules_selection.cy.ts +++ b/x-pack/plugins/security_solution/cypress/e2e/detection_rules/rules_selection.cy.ts @@ -16,7 +16,6 @@ import { waitForPrebuiltDetectionRulesToBeLoaded, } from '../../tasks/alerts_detection_rules'; import { - excessivelyInstallAllPrebuiltRules, getAvailablePrebuiltRulesCount, createAndInstallMockedPrebuiltRules, } from '../../tasks/api_calls/prebuilt_rules'; @@ -47,7 +46,6 @@ describe('Rules selection', () => { }); it('should correctly update the selection label when rules are individually selected and unselected', () => { - excessivelyInstallAllPrebuiltRules(); waitForPrebuiltDetectionRulesToBeLoaded(); selectNumberOfRules(2); @@ -60,7 +58,6 @@ describe('Rules selection', () => { }); it('should correctly update the selection label when rules are bulk selected and then bulk un-selected', () => { - excessivelyInstallAllPrebuiltRules(); waitForPrebuiltDetectionRulesToBeLoaded(); cy.get(SELECT_ALL_RULES_BTN).click(); @@ -81,7 +78,6 @@ describe('Rules selection', () => { }); it('should correctly update the selection label when rules are bulk selected and then unselected via the table select all checkbox', () => { - excessivelyInstallAllPrebuiltRules(); waitForPrebuiltDetectionRulesToBeLoaded(); cy.get(SELECT_ALL_RULES_BTN).click(); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts index 3b21254b3d0dd..a06b5dc17825f 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts @@ -71,6 +71,7 @@ const upgradeRule = async ( return createRules({ rulesClient, + immutable: true, params: { ...rule, // Force the prepackaged rule to use the enabled state from the existing rule,