-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automate functional Security tests #17906
Comments
Original comment by @LeeDr: @lukasolson I'm hoping you have some time to work on this in the integration-test repo. I got started on it here but needs to move into x-plugins I think. |
Original comment by @Rasroh: Here are the steps I plan to accomplish to cover Document Level Security Test
b) This creates a document for WEST region.
b) Create a role that will have access to only WEST region.
TEST:
|
Original comment by @Rasroh: All of the above steps will be using Kibana UI ( instead of API driven) |
Original comment by @Rasroh: Field Level Security Test : ( automation test scenario)
b) Create another FLS role called
Test:
|
Original comment by @LeeDr:
|
Original comment by @LeeDr: Add a test to catch issues like this where a non-superuser couldn't create an index pattern; |
Pinging @elastic/kibana-app-services (Team:AppServicesSv) |
@LeeDr Checking in on this old issue. Is it still needed? |
I think it's safe to close this now in favor of this meta issue #60815 |
Original comment by @LeeDr:
Our Security plugin is a significant component of our commercial offering and critical to many customer deployments. We need to have thorough security use cases and automated tests of those use cases.
The bare minimum we should have are the most common positive test cases;
Next we should automate the negative test cases such as;
Customers have also asked about giving users some level of restricted access to Kibana. For example;
The text was updated successfully, but these errors were encountered: