diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts index 62de2761fd728..4edda73ebfc65 100644 --- a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts +++ b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts @@ -285,7 +285,7 @@ describe('ingest_integration tests ', () => { }); }); - describe.skip('package policy delete callback with trusted apps by policy enabled', () => { + describe('package policy delete callback with trusted apps by policy enabled', () => { const invokeDeleteCallback = async ( experimentalFeatures?: ExperimentalFeatures ): Promise => { @@ -293,42 +293,70 @@ describe('ingest_integration tests ', () => { await callback(deletePackagePolicyMock(), ctx, req); }; - beforeEach(() => {}); + const removedPolicies = deletePackagePolicyMock(); + + const policyId = removedPolicies[0].id; + const fakeTA = { + listId: 'fake', + comments: [], + entries: [], + itemId: '1', + namespaceType: 'agnostic', + name: 'TA with policy assigned', + osTypes: [], + description: 'TA with policy assigned ', + meta: undefined, + tags: [`policy:${policyId}`], + type: 'simple', + }; - it('removes policy from trusted app', async () => { - const removedPolicies = deletePackagePolicyMock(); - const trustedAppsList = await exceptionListClient.createTrustedAppsList(); + beforeEach(() => { + exceptionListClient.findExceptionListItem = jest + .fn() + .mockResolvedValueOnce({ data: [fakeTA], total: 1 }); + exceptionListClient.updateExceptionListItem = jest + .fn() + .mockResolvedValueOnce({ ...fakeTA, tags: [] }); + }); + + it('removes policy from trusted app FF enabled', async () => { + await invokeDeleteCallback({ + metricsEntitiesEnabled: false, + ruleRegistryEnabled: false, + tGridEnabled: false, + trustedAppsByPolicyEnabled: true, // Needs to be enabled, it needs also a test with this disabled. + excludePoliciesInFilterEnabled: false, + uebaEnabled: false, + }); - const policyId = removedPolicies[0].id; - const trustedAppItem = await exceptionListClient.createExceptionListItem({ - listId: trustedAppsList!.list_id, - comments: [], - entries: [], - itemId: '1', + expect(exceptionListClient.findExceptionListItem).toHaveBeenCalledWith({ + filter: `exception-list-agnostic.attributes.tags:"policy:${policyId}"`, + listId: 'endpoint_trusted_apps', namespaceType: 'agnostic', - name: 'TA with policy assigned', - osTypes: [], - description: 'TA with policy assigned ', - meta: undefined, - tags: [`policy:${policyId}`], - type: 'simple', + page: 1, + perPage: 50, + sortField: undefined, + sortOrder: undefined, }); + expect(exceptionListClient.updateExceptionListItem).toHaveBeenCalledWith({ + ...fakeTA, + tags: [], + }); + }); + + it("doesn't remove policy from trusted app FF disabled", async () => { await invokeDeleteCallback({ metricsEntitiesEnabled: false, ruleRegistryEnabled: false, tGridEnabled: false, - trustedAppsByPolicyEnabled: true, // Needs to be enabled, it needs also a test with this disabled. + trustedAppsByPolicyEnabled: false, excludePoliciesInFilterEnabled: false, uebaEnabled: false, }); - // TODO: check that TA has been updated - const updatedTrustedAppItem = await exceptionListClient.getExceptionListItem({ - itemId: trustedAppItem.item_id, - id: trustedAppItem.id, - namespaceType: trustedAppItem.namespace_type, - }); - expect(updatedTrustedAppItem!.tags).toBe([]); + + expect(exceptionListClient.findExceptionListItem).toHaveBeenCalledTimes(0); + expect(exceptionListClient.updateExceptionListItem).toHaveBeenCalledTimes(0); }); }); }); diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts index 70416518e75c5..ccbecde380016 100644 --- a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts +++ b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.ts @@ -152,6 +152,6 @@ export const getPackagePolicyDeleteCallback = ( } } } - Promise.all(promises); + await Promise.all(promises); }; }; diff --git a/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts b/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts index 49bbff8b44802..dbe1b4b8e36f4 100644 --- a/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts +++ b/x-pack/plugins/security_solution/server/fleet_integration/handlers/remove_policy_from_trusted_apps.ts @@ -7,7 +7,7 @@ import { ENDPOINT_TRUSTED_APPS_LIST_ID } from '@kbn/securitysolution-list-constants'; import { without } from 'lodash/fp'; -import { ExceptionListClient } from '../../../../lists/server'; +import { ExceptionListClient, UpdateExceptionListItemOptions } from '../../../../lists/server'; interface DeletePolicy { id: string; @@ -53,14 +53,11 @@ export const removePolicyFromTrustedApps = async ( for (const trustedApp of trustedApps) { updates.push( exceptionsClient.updateExceptionListItem({ - ...trustedApp, - itemId: trustedApp.item_id, - namespaceType: trustedApp.namespace_type, - osTypes: trustedApp.os_types, + ...((trustedApp as unknown) as UpdateExceptionListItemOptions), tags: without(trustedApp.tags, `policy:${policy.id}`), }) ); } - Promise.all(updates); + await Promise.all(updates); };