[Security Solution] Tests for prebuilt rule customization workflow

[banderror]

Summary

Write test plans (one or a few) and create a comprehensive suite of automated tests for the workflow of customizing prebuilt rules.

Features to cover:

• Editing prebuilt rules (actions as a whole)
  • from the Rule Details page
  • from the Rule Management page (single edit via the context menu)
  • from the Rule Management page (bulk edit via the bulk actions menu)
    • I think every bulk editing action should be smoke tested
• Calculating the is_customized field and the Modified badge in the UI
  • on the Rule Details page
    • [Security Solution] Write tests for "Customized Elastic rule" badge on the Rule Details page #186916
  • on the Rule Management page -> Installed Rules table
  • on the Rule Management page -> Rule Updates table
  • filtering by Modified in the Rule Updates table
• Editing prebuilt rules and calculating is_customized - per each rule field - in API and UI
  • name
  • description
  • etc - I feel that we need to cover literally every rule field

Please cover both the features under the feature flag turned ON and OFF.

Related tickets

Related functional tickets to cover with tests:

• [Security Solution] Calculate and save ruleSource.isCustomized in API endpoint handlers #180145
• [Security Solution] Calculate and save ruleSource.isCustomized in bulk edit API #187706
• [Security Solution] Prevent from updating "non-customizable" fields in prebuilt rules #180273
• [Security Solution] Show if a rule is customized on the Rule Details page #180170
• [Security Solution] Support filtering by "Modified rules" and "Unmodified rules"  #180169
• [Security Solution] Add support for editing prebuilt rules to the Rule Management and Rule Details pages #180171
• [Security Solution] Add support for editing prebuilt rules to the Rule Editing page #180172

Related bugs to cover with tests:

• [Security Solution] Rules mistakenly marked as customized #199629
• [Security Solution] Required fields are getting erased on rule PATCH #199665
• [Security Solution] Prebuilt rules with missing base version are marked as customized on edit #201632
• [Security Solution] Prebuilt rules marked as customized after applying updates #201631
• [Security Solution] “Author” and “License” Fields Are Editable in UI but Result in Errors When Updated #200251
• [Security Solution] Editing rules independently of source data: improve validation errors UX #191832
• Anything else from Milestone 3 bugs under the corresponding section

Related PRs

Test plans for diff algorithms

• [Security Solution] Simple diff algorithm test plan #184484
• [Security Solution] Array of scalar values diff algorithm test plan #186325
• [Security Solution] Multi-line string fields diff algorithm test plan #188323
• [Security Solution] data_source field diff algorithm test plan #189669
• [Security Solution] Test plan for query fields diff algorithm #192529
• [Security Solution] Test plan for rule type field diff algorithm #193372

Test plans for prebuilt rule customization workflow

• [Security Solution] Test plan for prebuilt rule customization #204888
• [Security Solution] Refactor prebuilt rule customization test plans, part 1 #211300
• [Security Solution] Refactor prebuilt rule customization test plans, part 2 #211472
• [Security Solution] Refactor prebuilt rule customization test plans, part 3 #212420
• [Security Solution] Update prebuilt rule customization test plans to reflect licensing changes #215008
• [Security Solution] Update prebuilt rule upgrade and import test plans to reflect licensing changes #216003
• [Security Solution] Actualize prebuilt rule customization test plan #222188
  • All backports merged

Test coverage for prebuilt rule customization workflow

• [Security Solution] Adds prebuilt rule customization integration tests #207016
• [Security Solution] Adds prebuilt rule customization cypress tests #212170
• [Security Solution] Implement Prebuilt Rules Customization test plan #232776

Refactorings and fixes

• [Security Solution] Refactor prebuilt rules integration tests #219831
• [Security Solution] Fix MKI tests for prebuilt rules #222170
• [Security Solution] Fix time duration normalization at rule schedule for day units #224083
• [Security Solution] Move license level independent tests to the common folder #225495

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)