Skip to content

Commit

Permalink
cleanup tests for alerts
Browse files Browse the repository at this point in the history
  • Loading branch information
@dplumlee
oatkiller authored and dplumlee committed Mar 12, 2020
1 parent 2e64aea commit 8a06655
Show file tree
Hide file tree
Showing 3 changed files with 81 additions and 49 deletions.
2 changes: 1 addition & 1 deletion x-pack/plugins/endpoint/common/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ export interface AlertResultList {
alerts: AlertData[];

/**
* The total number of alerts on the page.
* The total number of alerts in the index.
*/
total: number;

Expand Down
16 changes: 8 additions & 8 deletions x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/alert_details.test.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,8 +93,8 @@ describe('when the alert details flyout is open', () => {
}
});
it('should display the correct fields in the dropdown', async () => {
await render().findByTestId('alertDetailTakeActionCloseAlertButton');
await render().findByTestId('alertDetailTakeActionWhitelistButton');
await renderResult.findByTestId('alertDetailTakeActionCloseAlertButton');
await renderResult.findByTestId('alertDetailTakeActionWhitelistButton');
});
});
describe('when the user navigates to the overview tab', () => {
Expand All @@ -107,12 +107,12 @@ describe('when the alert details flyout is open', () => {
}
});
it('should render all accordion panels', async () => {
await render().findAllByTestId('alertDetailsAlertAccordion');
await render().findAllByTestId('alertDetailsHostAccordion');
await render().findAllByTestId('alertDetailsFileAccordion');
await render().findAllByTestId('alertDetailsHashAccordion');
await render().findAllByTestId('alertDetailsSourceProcessAccordion');
await render().findAllByTestId('alertDetailsSourceProcessTokenAccordion');
await renderResult.findAllByTestId('alertDetailsAlertAccordion');
await renderResult.findAllByTestId('alertDetailsHostAccordion');
await renderResult.findAllByTestId('alertDetailsFileAccordion');
await renderResult.findAllByTestId('alertDetailsHashAccordion');
await renderResult.findAllByTestId('alertDetailsSourceProcessAccordion');
await renderResult.findAllByTestId('alertDetailsSourceProcessTokenAccordion');
});
});
});
Expand Down
112 changes: 72 additions & 40 deletions x-pack/test/api_integration/apis/endpoint/alerts.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,16 @@
import expect from '@kbn/expect/expect.js';
import { FtrProviderContext } from '../../ftr_provider_context';

/**
* The number of alert documents in the es archive.
*/
const numberOfAlertsInFixture = 2;

/**
* The default number of entries returned when no page_size is specified.
*/
const defaultPageSize = 10;

export default function({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
Expand All @@ -16,64 +26,86 @@ export default function({ getService }: FtrProviderContext) {
const nextPrevPrefixPageSize = 'page_size=10';
const nextPrevPrefix = `${nextPrevPrefixDateRange}&${nextPrevPrefixSort}&${nextPrevPrefixOrder}&${nextPrevPrefixPageSize}`;

describe('test alerts api', () => {
describe('Tests for alerts API', () => {
describe('Endpoint alert API', () => {
describe('when data is in elasticsearch', () => {
before(() => esArchiver.load('endpoint/alerts/api_feature'));
after(() => esArchiver.unload('endpoint/alerts/api_feature'));

it('alerts api should not support post', async () => {
it('should not support POST requests', async () => {
await supertest
.post('/api/endpoint/alerts')
.send({})
.set('kbn-xsrf', 'xxx')
.expect(404);
});

it('alerts api should return one entry for each alert with default paging', async () => {
it('should return one entry for each alert with default paging', async () => {
const { body } = await supertest
.get('/api/endpoint/alerts')
.set('kbn-xsrf', 'xxx')
.expect(200);
expect(body.total).to.eql(132);
expect(body.alerts.length).to.eql(10);
expect(body.request_page_size).to.eql(10);
expect(body.total).to.eql(numberOfAlertsInFixture);
expect(body.alerts.length).to.eql(numberOfAlertsInFixture);
expect(body.request_page_size).to.eql(defaultPageSize);
/**
* No page_index was specified. It should return page 0.
*/
expect(body.request_page_index).to.eql(0);
/**
* The total offset: page_index * page_size
*/
expect(body.result_from_index).to.eql(0);
});

it('alerts api should return page based on paging properties passed.', async () => {
const { body } = await supertest
.get('/api/endpoint/alerts?page_size=1&page_index=1')
.set('kbn-xsrf', 'xxx')
.expect(200);
expect(body.total).to.eql(132);
expect(body.alerts.length).to.eql(1);
expect(body.request_page_size).to.eql(1);
expect(body.request_page_index).to.eql(1);
expect(body.result_from_index).to.eql(1);
});

it('alerts api should return accurate total alerts if page index produces no result', async () => {
it('should return the page_size and page_index specified in the query params', async () => {
const pageSize = 1;
const pageIndex = 1;
const { body } = await supertest
.get('/api/endpoint/alerts?page_size=100&page_index=3')
.get(`/api/endpoint/alerts?page_size=${pageSize}&page_index=${pageIndex}`)
.set('kbn-xsrf', 'xxx')
.expect(200);
expect(body.total).to.eql(132);
expect(body.alerts.length).to.eql(0);
expect(body.request_page_size).to.eql(100);
expect(body.request_page_index).to.eql(3);
expect(body.result_from_index).to.eql(300);
});

it('alerts api should return 400 when paging properties are below boundaries.', async () => {
expect(body.total).to.eql(numberOfAlertsInFixture);
/**
* Skipping the first page (with a size of 1).
*/
const expectedToBeSkipped = 1;
expect(body.alerts.length).to.eql(numberOfAlertsInFixture - expectedToBeSkipped);
expect(body.request_page_size).to.eql(pageSize);
expect(body.request_page_index).to.eql(pageIndex);
expect(body.result_from_index).to.eql(expectedToBeSkipped);
});

describe('when the query params specify a page_index and page_size that return no results', () => {
let body: any;
const requestPageSize = 100;
const requestPageIndex = 3;
beforeEach(async () => {
body = await supertest
.get(`/api/endpoint/alerts?page_size=${requestPageSize}&page_index=${requestPageIndex}`)
.set('kbn-xsrf', 'xxx')
.expect(200).body;
});
it('should return accurate total counts', async () => {
expect(body.total).to.eql(numberOfAlertsInFixture);
/**
* Nothing was returned due to pagination.
*/
expect(body.alerts.length).to.eql(0);
expect(body.request_page_size).to.eql(requestPageSize);
expect(body.request_page_index).to.eql(requestPageIndex);
expect(body.result_from_index).to.eql(requestPageIndex * requestPageSize);
});
});

it('should return 400 when paging properties are less than 1', async () => {
const { body } = await supertest
.get('/api/endpoint/alerts?page_size=0')
.set('kbn-xsrf', 'xxx')
.expect(400);
expect(body.message).to.contain('Value must be equal to or greater than [1]');
});

it('alerts api should return links to the next and previous pages using cursor-based pagination', async () => {
it('should return links to the next and previous pages using cursor-based pagination', async () => {
const { body } = await supertest
.get('/api/endpoint/alerts?page_index=0')
.set('kbn-xsrf', 'xxx')
Expand All @@ -86,7 +118,7 @@ export default function({ getService }: FtrProviderContext) {
);
});

it('alerts api should return data using `next` link', async () => {
it('should return data using `next` link', async () => {
const { body } = await supertest
.get(
`/api/endpoint/alerts?${nextPrevPrefix}&after=1542789412000&after=c710bf2d-8686-4038-a2a1-43bdecc06b2a`
Expand All @@ -101,7 +133,7 @@ export default function({ getService }: FtrProviderContext) {
);
});

it('alerts api should return data using `prev` link', async () => {
it('should return data using `prev` link', async () => {
const { body } = await supertest
.get(
`/api/endpoint/alerts?${nextPrevPrefix}&before=1542789412000&before=823d814d-fa0c-4e53-a94c-f6b296bb965b`
Expand All @@ -111,7 +143,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.alerts.length).to.eql(10);
});

it('alerts api should return no results when `before` is requested past beginning of first page', async () => {
it('should return no results when `before` is requested past beginning of first page', async () => {
const { body } = await supertest
.get(
`/api/endpoint/alerts?${nextPrevPrefix}&before=1542789473000&before=ffae628e-6236-45ce-ba24-7351e0af219e`
Expand All @@ -121,7 +153,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.alerts.length).to.eql(0);
});

it('alerts api should return no results when `after` is requested past end of last page', async () => {
it('should return no results when `after` is requested past end of last page', async () => {
const { body } = await supertest
.get(
`/api/endpoint/alerts?${nextPrevPrefix}&after=1542341895000&after=01911945-48aa-478e-9712-f49c92a15f20`
Expand All @@ -131,7 +163,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.alerts.length).to.eql(0);
});

it('alerts api should return 400 when using `before` by custom sort parameter', async () => {
it('should return 400 when using `before` by custom sort parameter', async () => {
await supertest
.get(
`/api/endpoint/alerts?${nextPrevPrefixDateRange}&${nextPrevPrefixPageSize}&${nextPrevPrefixOrder}&sort=thread.id&before=2180&before=8362fcde-0b10-476f-97a8-8d6a43865226`
Expand All @@ -140,7 +172,7 @@ export default function({ getService }: FtrProviderContext) {
.expect(400);
});

it('alerts api should return data using `after` by custom sort parameter', async () => {
it('should return data using `after` by custom sort parameter', async () => {
const { body } = await supertest
.get(
`/api/endpoint/alerts?${nextPrevPrefixDateRange}&${nextPrevPrefixPageSize}&${nextPrevPrefixOrder}&sort=thread.id&after=2180&after=8362fcde-0b10-476f-97a8-8d6a43865226`
Expand All @@ -151,7 +183,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.alerts[0].thread.id).to.eql(1912);
});

it('alerts api should filter results of alert data using rison-encoded filters', async () => {
it('should filter results of alert data using rison-encoded filters', async () => {
const { body } = await supertest
.get(
`/api/endpoint/alerts?filters=!((%27%24state%27%3A(store%3AappState)%2Cmeta%3A(alias%3A!n%2Cdisabled%3A!f%2Ckey%3Ahost.hostname%2Cnegate%3A!f%2Cparams%3A(query%3AHD-m3z-4c803698)%2Ctype%3Aphrase)%2Cquery%3A(match_phrase%3A(host.hostname%3AHD-m3z-4c803698))))`
Expand All @@ -165,7 +197,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.result_from_index).to.eql(0);
});

it('alerts api should filter results of alert data using KQL', async () => {
it('should filter results of alert data using KQL', async () => {
const { body } = await supertest
.get(`/api/endpoint/alerts?query=agent.id:c89dc040-2350-4d59-baea-9ff2e369136f`)
.set('kbn-xsrf', 'xxx')
Expand All @@ -177,7 +209,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.result_from_index).to.eql(0);
});

it('alerts api should return alert details by id', async () => {
it('should return alert details by id', async () => {
const { body } = await supertest
.get('/api/endpoint/alerts/YjUYMHABAJk0XnHd6bqU')
.set('kbn-xsrf', 'xxx')
Expand All @@ -187,7 +219,7 @@ export default function({ getService }: FtrProviderContext) {
expect(body.prev).to.eql('/api/endpoint/alerts/XjUYMHABAJk0XnHd6boX');
});

it('alerts api should return 404 when alert is not found', async () => {
it('should return 404 when alert is not found', async () => {
await supertest
.get('/api/endpoint/alerts/does-not-exist')
.set('kbn-xsrf', 'xxx')
Expand Down

0 comments on commit 8a06655

Please sign in to comment.