From 63f01447d159b2a86b4517b49a8592815ad4614d Mon Sep 17 00:00:00 2001
From: Jeramy Soucy <jeramy.soucy@elastic.co>
Date: Fri, 5 Dec 2025 18:11:32 -0500
Subject: [PATCH] Fixes Security serverless project composite features test
 (#243592)

## Summary

Resolves the Security serverless project composite features test by
updating snapshot to account for the cloudDefend app, which has recently
be re-added.

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit 5f1f2012766c30c3f95e730e85a0cd5d5dab7473)
---
 .../platform_security/authorization.ts            | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/x-pack/solutions/security/test/serverless/api_integration/test_suites/platform_security/authorization.ts b/x-pack/solutions/security/test/serverless/api_integration/test_suites/platform_security/authorization.ts
index 56e13f45e5bce..5a7a0afb0605f 100644
--- a/x-pack/solutions/security/test/serverless/api_integration/test_suites/platform_security/authorization.ts
+++ b/x-pack/solutions/security/test/serverless/api_integration/test_suites/platform_security/authorization.ts
@@ -21,8 +21,7 @@ export default function ({ getService }: FtrProviderContext) {
         adminCredentials = await svlUserManager.getM2MApiCookieCredentialsWithRoleScope('admin');
       });
 
-      // TODO: see https://github.com/elastic/kibana/pull/243499
-      it.skip('composite features', async () => {
+      it('composite features', async () => {
         const { body } = await supertestWithoutAuth
           .get('/api/security/privileges?includeActions=true')
           .set(svlCommonApi.getInternalRequestHeader())
@@ -6501,6 +6500,7 @@ export default function ({ getService }: FtrProviderContext) {
                 "ui:visualize_v2/save",
                 "ui:visualize_v2/createShortUrl",
                 "ui:visualize_v2/generateScreenshot",
+                "ui:navLinks/cloudDefend",
                 "ui:siemV4/show",
                 "ui:siemV4/crud",
                 "ui:siemV4/entity-analytics",
@@ -7475,6 +7475,7 @@ export default function ({ getService }: FtrProviderContext) {
                 "ui:visualize_v2/save",
                 "ui:visualize_v2/createShortUrl",
                 "ui:visualize_v2/generateScreenshot",
+                "ui:navLinks/cloudDefend",
                 "ui:siemV4/show",
                 "ui:siemV4/crud",
                 "ui:siemV4/entity-analytics",
@@ -7854,6 +7855,7 @@ export default function ({ getService }: FtrProviderContext) {
                 "ui:navLinks/lens",
                 "ui:visualize_v2/show",
                 "ui:visualize_v2/createShortUrl",
+                "ui:navLinks/cloudDefend",
                 "ui:siemV4/show",
                 "ui:siemV4/entity-analytics",
                 "ui:siemV4/detections",
@@ -8273,6 +8275,7 @@ export default function ({ getService }: FtrProviderContext) {
                 "ui:navLinks/lens",
                 "ui:visualize_v2/show",
                 "ui:visualize_v2/createShortUrl",
+                "ui:navLinks/cloudDefend",
                 "ui:siemV4/show",
                 "ui:siemV4/entity-analytics",
                 "ui:siemV4/detections",
@@ -8396,11 +8399,13 @@ export default function ({ getService }: FtrProviderContext) {
                 "api:securitySolution-threat-intelligence",
                 "app:securitySolution",
                 "app:csp",
+                "app:cloudDefend",
                 "app:kibana",
                 "ui:catalogue/securitySolution",
                 "ui:management/insightsAndAlerting/triggersActions",
                 "ui:navLinks/securitySolution",
                 "ui:navLinks/csp",
+                "ui:navLinks/cloudDefend",
                 "ui:navLinks/kibana",
                 "saved_object:alert/bulk_get",
                 "saved_object:alert/get",
@@ -9338,11 +9343,13 @@ export default function ({ getService }: FtrProviderContext) {
                 "api:securitySolution-threat-intelligence",
                 "app:securitySolution",
                 "app:csp",
+                "app:cloudDefend",
                 "app:kibana",
                 "ui:catalogue/securitySolution",
                 "ui:management/insightsAndAlerting/triggersActions",
                 "ui:navLinks/securitySolution",
                 "ui:navLinks/csp",
+                "ui:navLinks/cloudDefend",
                 "ui:navLinks/kibana",
                 "saved_object:alert/bulk_get",
                 "saved_object:alert/get",
@@ -10120,11 +10127,13 @@ export default function ({ getService }: FtrProviderContext) {
                 "api:securitySolution-threat-intelligence",
                 "app:securitySolution",
                 "app:csp",
+                "app:cloudDefend",
                 "app:kibana",
                 "ui:catalogue/securitySolution",
                 "ui:management/insightsAndAlerting/triggersActions",
                 "ui:navLinks/securitySolution",
                 "ui:navLinks/csp",
+                "ui:navLinks/cloudDefend",
                 "ui:navLinks/kibana",
                 "saved_object:exception-list/bulk_get",
                 "saved_object:exception-list/get",
@@ -10526,11 +10535,13 @@ export default function ({ getService }: FtrProviderContext) {
                 "api:securitySolution-threat-intelligence",
                 "app:securitySolution",
                 "app:csp",
+                "app:cloudDefend",
                 "app:kibana",
                 "ui:catalogue/securitySolution",
                 "ui:management/insightsAndAlerting/triggersActions",
                 "ui:navLinks/securitySolution",
                 "ui:navLinks/csp",
+                "ui:navLinks/cloudDefend",
                 "ui:navLinks/kibana",
                 "saved_object:exception-list/bulk_get",
                 "saved_object:exception-list/get",