Fixes some errors and adds a unit test. There is a casting needs to b…

…e checked during TA update
elastic · Aug 13, 2021 · 2b0efcf · 2b0efcf
1 parent b0ba9c8
commit 2b0efcf
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 32 deletions.
diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts
@@ -285,50 +285,78 @@ describe('ingest_integration tests ', () => {
     });
   });
 
-  describe.skip('package policy delete callback with trusted apps by policy enabled', () => {
+  describe('package policy delete callback with trusted apps by policy enabled', () => {
     const invokeDeleteCallback = async (
       experimentalFeatures?: ExperimentalFeatures
     ): Promise<void> => {
       const callback = getPackagePolicyDeleteCallback(exceptionListClient, experimentalFeatures);
       await callback(deletePackagePolicyMock(), ctx, req);
     };
 
-    beforeEach(() => {});
+    const removedPolicies = deletePackagePolicyMock();
+
+    const policyId = removedPolicies[0].id;
+    const fakeTA = {
+      listId: 'fake',
+      comments: [],
+      entries: [],
+      itemId: '1',
+      namespaceType: 'agnostic',
+      name: 'TA with policy assigned',
+      osTypes: [],
+      description: 'TA with policy assigned ',
+      meta: undefined,
+      tags: [`policy:${policyId}`],
+      type: 'simple',
+    };
 
-    it('removes policy from trusted app', async () => {
-      const removedPolicies = deletePackagePolicyMock();
-      const trustedAppsList = await exceptionListClient.createTrustedAppsList();
+    beforeEach(() => {
+      exceptionListClient.findExceptionListItem = jest
+        .fn()
+        .mockResolvedValueOnce({ data: [fakeTA], total: 1 });
+      exceptionListClient.updateExceptionListItem = jest
+        .fn()
+        .mockResolvedValueOnce({ ...fakeTA, tags: [] });
+    });
+
+    it('removes policy from trusted app FF enabled', async () => {
+      await invokeDeleteCallback({
+        metricsEntitiesEnabled: false,
+        ruleRegistryEnabled: false,
+        tGridEnabled: false,
+        trustedAppsByPolicyEnabled: true, // Needs to be enabled, it needs also a test with this disabled.
+        excludePoliciesInFilterEnabled: false,
+        uebaEnabled: false,
+      });
 
-      const policyId = removedPolicies[0].id;
-      const trustedAppItem = await exceptionListClient.createExceptionListItem({
-        listId: trustedAppsList!.list_id,
-        comments: [],
-        entries: [],
-        itemId: '1',
+      expect(exceptionListClient.findExceptionListItem).toHaveBeenCalledWith({
+        filter: `exception-list-agnostic.attributes.tags:"policy:${policyId}"`,
+        listId: 'endpoint_trusted_apps',
         namespaceType: 'agnostic',
-        name: 'TA with policy assigned',
-        osTypes: [],
-        description: 'TA with policy assigned ',
-        meta: undefined,
-        tags: [`policy:${policyId}`],
-        type: 'simple',
+        page: 1,
+        perPage: 50,
+        sortField: undefined,
+        sortOrder: undefined,
       });
 
+      expect(exceptionListClient.updateExceptionListItem).toHaveBeenCalledWith({
+        ...fakeTA,
+        tags: [],
+      });
+    });
+
+    it("doesn't remove policy from trusted app FF disabled", async () => {
       await invokeDeleteCallback({
         metricsEntitiesEnabled: false,
         ruleRegistryEnabled: false,
         tGridEnabled: false,
-        trustedAppsByPolicyEnabled: true, // Needs to be enabled, it needs also a test with this disabled.
+        trustedAppsByPolicyEnabled: false,
         excludePoliciesInFilterEnabled: false,
         uebaEnabled: false,
       });
-      // TODO: check that TA has been updated
-      const updatedTrustedAppItem = await exceptionListClient.getExceptionListItem({
-        itemId: trustedAppItem.item_id,
-        id: trustedAppItem.id,
-        namespaceType: trustedAppItem.namespace_type,
-      });
-      expect(updatedTrustedAppItem!.tags).toBe([]);
+
+      expect(exceptionListClient.findExceptionListItem).toHaveBeenCalledTimes(0);
+      expect(exceptionListClient.updateExceptionListItem).toHaveBeenCalledTimes(0);
     });
   });
 });
diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts
@@ -152,6 +152,6 @@ export const getPackagePolicyDeleteCallback = (
         }
       }
     }
-    Promise.all(promises);
+    await Promise.all(promises);
   };
 };
diff --git a/...ns/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts b/...ns/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts
@@ -7,7 +7,7 @@
 
 import { ENDPOINT_TRUSTED_APPS_LIST_ID } from '@kbn/securitysolution-list-constants';
 import { without } from 'lodash/fp';
-import { ExceptionListClient } from '../../../../lists/server';
+import { ExceptionListClient, UpdateExceptionListItemOptions } from '../../../../lists/server';
 
 interface DeletePolicy {
   id: string;
@@ -53,14 +53,11 @@ export const removePolicyFromTrustedApps = async (
   for (const trustedApp of trustedApps) {
     updates.push(
       exceptionsClient.updateExceptionListItem({
-        ...trustedApp,
-        itemId: trustedApp.item_id,
-        namespaceType: trustedApp.namespace_type,
-        osTypes: trustedApp.os_types,
+        ...((trustedApp as unknown) as UpdateExceptionListItemOptions),
         tags: without(trustedApp.tags, `policy:${policy.id}`),
       })
     );
   }
 
-  Promise.all(updates);
+  await Promise.all(updates);
 };
-Original file line number
+Diff line change
@@ Expand Up / @@ -152,6 +152,6 @@ export const getPackagePolicyDeleteCallback = ( @@
             }
           }
         }
-        Promise.all(promises);
+        await Promise.all(promises);
       };
     };