From 24b0799862c6c78f1eea8f949211304bfe5e4405 Mon Sep 17 00:00:00 2001
From: Rashmi Kulkarni <rashmi.kulkarni@elastic.co>
Date: Fri, 20 Mar 2020 13:02:46 -0700
Subject: [PATCH 1/6] configurable test users for xpack

---
 .../functional/apps/api_keys/home_page.ts     | 19 ++++++++++++++++++-
 x-pack/test/functional/config.js              |  6 ++++++
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/x-pack/test/functional/apps/api_keys/home_page.ts b/x-pack/test/functional/apps/api_keys/home_page.ts
index 01548bc5a402d..cd8b635bb350a 100644
--- a/x-pack/test/functional/apps/api_keys/home_page.ts
+++ b/x-pack/test/functional/apps/api_keys/home_page.ts
@@ -10,14 +10,31 @@ import { FtrProviderContext } from '../../ftr_provider_context';
 export default ({ getPageObjects, getService }: FtrProviderContext) => {
   const pageObjects = getPageObjects(['common', 'apiKeys']);
   const log = getService('log');
+  const security = getService('security');
+  const find = getService('find');
 
-  describe('Home page', function() {
+  describe.only('Home page', function() {
     this.tags('smoke');
     before(async () => {
+      await security.testUser.setRoles(['kibana_admin']);
       await pageObjects.common.navigateToApp('apiKeys');
     });
 
+    after(async () => {
+      await security.testUser.restoreDefaults();
+    });
+
+    // https://www.elastic.co/guide/en/kibana/7.6/api-keys.html#api-keys-security-privileges
+    it('Shows required privileges ', async () => {
+      log.debug('Checking for section header');
+      const messageElement = await find.byCssSelector('h2.euiTitle');
+      const message = await messageElement.getVisibleText();
+      expect(message).to.be('You need permission to manage API keys');
+    });
+
+    // https://www.elastic.co/guide/en/kibana/7.6/api-keys.html#api-keys-security-privileges
     it('Loads the app', async () => {
+      await security.testUser.setRoles(['kibana_admin', 'test_api_keys']);
       log.debug('Checking for section header');
       const headerText = await (await pageObjects.apiKeys.noAPIKeysHeading()).getVisibleText();
       expect(headerText).to.be('No API keys');
diff --git a/x-pack/test/functional/config.js b/x-pack/test/functional/config.js
index 1586908d8b5ef..a807a77f90638 100644
--- a/x-pack/test/functional/config.js
+++ b/x-pack/test/functional/config.js
@@ -233,6 +233,12 @@ export default async function({ readConfigFile }) {
           },
           kibana: [],
         },
+
+        test_api_keys: {
+          elasticsearch: {
+            cluster: ['manage_security', 'manage_api_key'],
+          },
+        },
       },
       defaultRoles: ['superuser'],
     },

From 8edf1fc4eb19a34df1f617a532e614fd6ca16c84 Mon Sep 17 00:00:00 2001
From: Rashmi Kulkarni <rashmi.kulkarni@elastic.co>
Date: Fri, 20 Mar 2020 13:44:14 -0700
Subject: [PATCH 2/6] removed exclusive tests

---
 x-pack/test/functional/apps/api_keys/home_page.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/x-pack/test/functional/apps/api_keys/home_page.ts b/x-pack/test/functional/apps/api_keys/home_page.ts
index cd8b635bb350a..8f1204062680c 100644
--- a/x-pack/test/functional/apps/api_keys/home_page.ts
+++ b/x-pack/test/functional/apps/api_keys/home_page.ts
@@ -13,7 +13,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
   const security = getService('security');
   const find = getService('find');
 
-  describe.only('Home page', function() {
+  describe('Home page', function() {
     this.tags('smoke');
     before(async () => {
       await security.testUser.setRoles(['kibana_admin']);
@@ -38,7 +38,6 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
       log.debug('Checking for section header');
       const headerText = await (await pageObjects.apiKeys.noAPIKeysHeading()).getVisibleText();
       expect(headerText).to.be('No API keys');
-
       const goToConsoleButton = await pageObjects.apiKeys.getGoToConsoleButton();
       expect(await goToConsoleButton.isDisplayed()).to.be(true);
     });

From bd2c269201dc3ea7bec9d6a4aacedb249935f7b1 Mon Sep 17 00:00:00 2001
From: Rashmi Kulkarni <rashmi.kulkarni@elastic.co>
Date: Mon, 23 Mar 2020 12:06:57 -0700
Subject: [PATCH 3/6] added data-test-subj for the access denied page

---
 .../api_keys_grid/permission_denied/permission_denied.tsx    | 2 +-
 x-pack/test/functional/apps/api_keys/home_page.ts            | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/x-pack/plugins/security/public/management/api_keys/api_keys_grid/permission_denied/permission_denied.tsx b/x-pack/plugins/security/public/management/api_keys/api_keys_grid/permission_denied/permission_denied.tsx
index d406b1684b3ff..1d9337ecab27f 100644
--- a/x-pack/plugins/security/public/management/api_keys/api_keys_grid/permission_denied/permission_denied.tsx
+++ b/x-pack/plugins/security/public/management/api_keys/api_keys_grid/permission_denied/permission_denied.tsx
@@ -13,7 +13,7 @@ export const PermissionDenied = () => (
       <EuiEmptyPrompt
         iconType="securityApp"
         title={
-          <h2>
+          <h2 data-test-subj="apiKeysPermissionDeniedMessage">
             <FormattedMessage
               id="xpack.security.management.apiKeys.deniedPermissionTitle"
               defaultMessage="You need permission to manage API keys"
diff --git a/x-pack/test/functional/apps/api_keys/home_page.ts b/x-pack/test/functional/apps/api_keys/home_page.ts
index 8f1204062680c..ed04487e5d6b0 100644
--- a/x-pack/test/functional/apps/api_keys/home_page.ts
+++ b/x-pack/test/functional/apps/api_keys/home_page.ts
@@ -11,7 +11,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
   const pageObjects = getPageObjects(['common', 'apiKeys']);
   const log = getService('log');
   const security = getService('security');
-  const find = getService('find');
+  const testSubjects = getService('testSubjects');
 
   describe('Home page', function() {
     this.tags('smoke');
@@ -27,12 +27,11 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
     // https://www.elastic.co/guide/en/kibana/7.6/api-keys.html#api-keys-security-privileges
     it('Shows required privileges ', async () => {
       log.debug('Checking for section header');
-      const messageElement = await find.byCssSelector('h2.euiTitle');
+      const messageElement = await testSubjects.find('apiKeysPermissionDeniedMessage');
       const message = await messageElement.getVisibleText();
       expect(message).to.be('You need permission to manage API keys');
     });
 
-    // https://www.elastic.co/guide/en/kibana/7.6/api-keys.html#api-keys-security-privileges
     it('Loads the app', async () => {
       await security.testUser.setRoles(['kibana_admin', 'test_api_keys']);
       log.debug('Checking for section header');

From 015372d7112607402cead188db0def829844382a Mon Sep 17 00:00:00 2001
From: Rashmi Kulkarni <rashmi.kulkarni@elastic.co>
Date: Tue, 24 Mar 2020 11:32:29 -0700
Subject: [PATCH 4/6] updated the JEST snapshot, cleaned up the test

---
 .../__snapshots__/api_keys_grid_page.test.tsx.snap    |  5 ++++-
 x-pack/test/functional/apps/api_keys/home_page.ts     |  8 +++-----
 x-pack/test/functional/page_objects/api_keys_page.ts  | 11 ++++++++++-
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/x-pack/plugins/security/public/management/api_keys/api_keys_grid/__snapshots__/api_keys_grid_page.test.tsx.snap b/x-pack/plugins/security/public/management/api_keys/api_keys_grid/__snapshots__/api_keys_grid_page.test.tsx.snap
index ceb0fe751c2c7..6d1e0054078bd 100644
--- a/x-pack/plugins/security/public/management/api_keys/api_keys_grid/__snapshots__/api_keys_grid_page.test.tsx.snap
+++ b/x-pack/plugins/security/public/management/api_keys/api_keys_grid/__snapshots__/api_keys_grid_page.test.tsx.snap
@@ -135,7 +135,9 @@ exports[`APIKeysGridPage renders permission denied if user does not have require
               }
               iconType="securityApp"
               title={
-                <h2>
+                <h2
+                  data-test-subj="apiKeysPermissionDeniedMessage"
+                >
                   <FormattedMessage
                     defaultMessage="You need permission to manage API keys"
                     id="xpack.security.management.apiKeys.deniedPermissionTitle"
@@ -174,6 +176,7 @@ exports[`APIKeysGridPage renders permission denied if user does not have require
                     <EuiTitle>
                       <h2
                         className="euiTitle euiTitle--medium"
+                        data-test-subj="apiKeysPermissionDeniedMessage"
                       >
                         <FormattedMessage
                           defaultMessage="You need permission to manage API keys"
diff --git a/x-pack/test/functional/apps/api_keys/home_page.ts b/x-pack/test/functional/apps/api_keys/home_page.ts
index ed04487e5d6b0..e4452e3a5e383 100644
--- a/x-pack/test/functional/apps/api_keys/home_page.ts
+++ b/x-pack/test/functional/apps/api_keys/home_page.ts
@@ -11,7 +11,6 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
   const pageObjects = getPageObjects(['common', 'apiKeys']);
   const log = getService('log');
   const security = getService('security');
-  const testSubjects = getService('testSubjects');
 
   describe('Home page', function() {
     this.tags('smoke');
@@ -26,16 +25,15 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
 
     // https://www.elastic.co/guide/en/kibana/7.6/api-keys.html#api-keys-security-privileges
     it('Shows required privileges ', async () => {
-      log.debug('Checking for section header');
-      const messageElement = await testSubjects.find('apiKeysPermissionDeniedMessage');
-      const message = await messageElement.getVisibleText();
+      log.debug('Checking for required privileges method section header');
+      const message = await pageObjects.apiKeys.apiKeysPermissionDeniedMessage();
       expect(message).to.be('You need permission to manage API keys');
     });
 
     it('Loads the app', async () => {
       await security.testUser.setRoles(['kibana_admin', 'test_api_keys']);
       log.debug('Checking for section header');
-      const headerText = await (await pageObjects.apiKeys.noAPIKeysHeading()).getVisibleText();
+      const headerText = await pageObjects.apiKeys.noAPIKeysHeading();
       expect(headerText).to.be('No API keys');
       const goToConsoleButton = await pageObjects.apiKeys.getGoToConsoleButton();
       expect(await goToConsoleButton.isDisplayed()).to.be(true);
diff --git a/x-pack/test/functional/page_objects/api_keys_page.ts b/x-pack/test/functional/page_objects/api_keys_page.ts
index 1ff70a0c1ee02..881d2cdaa3800 100644
--- a/x-pack/test/functional/page_objects/api_keys_page.ts
+++ b/x-pack/test/functional/page_objects/api_keys_page.ts
@@ -11,10 +11,19 @@ export function ApiKeysPageProvider({ getService }: FtrProviderContext) {
 
   return {
     async noAPIKeysHeading() {
-      return await testSubjects.find('noApiKeysHeader');
+      const messageElement = await testSubjects.find('noApiKeysHeader');
+      const message = await messageElement.getVisibleText();
+      return message;
     },
+
     async getGoToConsoleButton() {
       return await testSubjects.find('goToConsoleButton');
     },
+
+    async apiKeysPermissionDeniedMessage() {
+      const messageElement = await testSubjects.find('apiKeysPermissionDeniedMessage');
+      const message = await messageElement.getVisibleText();
+      return message;
+    },
   };
 }

From 7079fe15cb06ddafd34929da21880be10f06712a Mon Sep 17 00:00:00 2001
From: Rashmi Kulkarni <rashmi.kulkarni@elastic.co>
Date: Wed, 25 Mar 2020 12:16:49 -0700
Subject: [PATCH 5/6] changes to the test_api_keys role

---
 x-pack/test/functional/apps/api_keys/home_page.ts    | 2 +-
 x-pack/test/functional/config.js                     | 9 +++++++++
 x-pack/test/functional/page_objects/api_keys_page.ts | 4 +---
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/x-pack/test/functional/apps/api_keys/home_page.ts b/x-pack/test/functional/apps/api_keys/home_page.ts
index e4452e3a5e383..1c83a17e78ca7 100644
--- a/x-pack/test/functional/apps/api_keys/home_page.ts
+++ b/x-pack/test/functional/apps/api_keys/home_page.ts
@@ -31,7 +31,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
     });
 
     it('Loads the app', async () => {
-      await security.testUser.setRoles(['kibana_admin', 'test_api_keys']);
+      await security.testUser.setRoles(['test_api_keys']);
       log.debug('Checking for section header');
       const headerText = await pageObjects.apiKeys.noAPIKeysHeading();
       expect(headerText).to.be('No API keys');
diff --git a/x-pack/test/functional/config.js b/x-pack/test/functional/config.js
index a807a77f90638..cff555feace18 100644
--- a/x-pack/test/functional/config.js
+++ b/x-pack/test/functional/config.js
@@ -234,10 +234,19 @@ export default async function({ readConfigFile }) {
           kibana: [],
         },
 
+        //Kibana feature privilege isn't specific to advancedSetting. It can be anything. https://github.com/elastic/kibana/issues/35965
         test_api_keys: {
           elasticsearch: {
             cluster: ['manage_security', 'manage_api_key'],
           },
+          kibana: [
+            {
+              feature: {
+                advancedSettings: ['read'],
+              },
+              spaces: ['default'],
+            },
+          ],
         },
       },
       defaultRoles: ['superuser'],
diff --git a/x-pack/test/functional/page_objects/api_keys_page.ts b/x-pack/test/functional/page_objects/api_keys_page.ts
index 881d2cdaa3800..b4662fbf01f17 100644
--- a/x-pack/test/functional/page_objects/api_keys_page.ts
+++ b/x-pack/test/functional/page_objects/api_keys_page.ts
@@ -21,9 +21,7 @@ export function ApiKeysPageProvider({ getService }: FtrProviderContext) {
     },
 
     async apiKeysPermissionDeniedMessage() {
-      const messageElement = await testSubjects.find('apiKeysPermissionDeniedMessage');
-      const message = await messageElement.getVisibleText();
-      return message;
+      return await testSubjects.getVisibleText('apiKeysPermissionDeniedMessage');
     },
   };
 }

From e5d537d2f5cf6be5e06c3ffdc348d11d553a0b1a Mon Sep 17 00:00:00 2001
From: Rashmi Kulkarni <rashmi.kulkarni@elastic.co>
Date: Wed, 25 Mar 2020 14:37:08 -0700
Subject: [PATCH 6/6] more changes to consolidate the page object function

---
 x-pack/test/functional/page_objects/api_keys_page.ts | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/x-pack/test/functional/page_objects/api_keys_page.ts b/x-pack/test/functional/page_objects/api_keys_page.ts
index b4662fbf01f17..17f4df74921bc 100644
--- a/x-pack/test/functional/page_objects/api_keys_page.ts
+++ b/x-pack/test/functional/page_objects/api_keys_page.ts
@@ -11,9 +11,7 @@ export function ApiKeysPageProvider({ getService }: FtrProviderContext) {
 
   return {
     async noAPIKeysHeading() {
-      const messageElement = await testSubjects.find('noApiKeysHeader');
-      const message = await messageElement.getVisibleText();
-      return message;
+      return await testSubjects.getVisibleText('noApiKeysHeader');
     },
 
     async getGoToConsoleButton() {