[Reporting/NP] Migration of Reporting Security dependency (#56046)
* first pass at new security integration * fix tests * cosmetic * specialize security parameter for get user factory
This commit is contained in:
parent
0b1d308e3a
commit
f0fbb99088
|
@ -4,21 +4,21 @@
|
|||
* you may not use this file except in compliance with the Elastic License.
|
||||
*/
|
||||
|
||||
import { resolve } from 'path';
|
||||
import { i18n } from '@kbn/i18n';
|
||||
import { Legacy } from 'kibana';
|
||||
import { IUiSettingsClient } from 'kibana/server';
|
||||
import { resolve } from 'path';
|
||||
import { PluginStart as DataPluginStart } from '../../../../src/plugins/data/server';
|
||||
import { PluginSetupContract as SecurityPluginSetup } from '../../../plugins/security/server';
|
||||
import { PLUGIN_ID, UI_SETTINGS_CUSTOM_PDF_LOGO } from './common/constants';
|
||||
import { ReportingConfigOptions, ReportingPluginSpecOptions } from './types.d';
|
||||
import { config as reportingConfig } from './config';
|
||||
import {
|
||||
LegacySetup,
|
||||
ReportingPlugin,
|
||||
ReportingSetupDeps,
|
||||
reportingPluginFactory,
|
||||
ReportingSetupDeps,
|
||||
} from './server/plugin';
|
||||
|
||||
import { PluginStart as DataPluginStart } from '../../../../src/plugins/data/server';
|
||||
import { ReportingConfigOptions, ReportingPluginSpecOptions } from './types.d';
|
||||
|
||||
const kbToBase64Length = (kb: number) => {
|
||||
return Math.floor((kb * 1024 * 8) / 6);
|
||||
|
@ -75,6 +75,7 @@ export const reporting = (kibana: any) => {
|
|||
async init(server: Legacy.Server) {
|
||||
const coreSetup = server.newPlatform.setup.core;
|
||||
const pluginsSetup: ReportingSetupDeps = {
|
||||
security: server.newPlatform.setup.plugins.security as SecurityPluginSetup,
|
||||
usageCollection: server.newPlatform.setup.plugins.usageCollection,
|
||||
};
|
||||
|
||||
|
@ -92,7 +93,6 @@ export const reporting = (kibana: any) => {
|
|||
plugins: {
|
||||
elasticsearch: server.plugins.elasticsearch,
|
||||
xpack_main: server.plugins.xpack_main,
|
||||
security: server.plugins.security,
|
||||
},
|
||||
savedObjects: server.savedObjects,
|
||||
fieldFormatServiceFactory,
|
||||
|
|
|
@ -5,19 +5,25 @@
|
|||
*/
|
||||
|
||||
import { Legacy } from 'kibana';
|
||||
import { KibanaRequest } from '../../../../../../src/core/server';
|
||||
import { Logger, ServerFacade } from '../../types';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
|
||||
export function getUserFactory(server: ServerFacade, logger: Logger) {
|
||||
export function getUserFactory(
|
||||
server: ServerFacade,
|
||||
security: ReportingSetupDeps['security'],
|
||||
logger: Logger
|
||||
) {
|
||||
/*
|
||||
* Legacy.Request because this is called from routing middleware
|
||||
*/
|
||||
return async (request: Legacy.Request) => {
|
||||
if (!server.plugins.security) {
|
||||
if (!security) {
|
||||
return null;
|
||||
}
|
||||
|
||||
try {
|
||||
return await server.plugins.security.getUser(request);
|
||||
return await security.authc.getCurrentUser(KibanaRequest.from(request));
|
||||
} catch (err) {
|
||||
logger.error(err, ['getUser']);
|
||||
return null;
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
import { Legacy } from 'kibana';
|
||||
import { CoreSetup, CoreStart, Plugin, LoggerFactory } from 'src/core/server';
|
||||
import { UsageCollectionSetup } from 'src/plugins/usage_collection/server';
|
||||
import { PluginSetupContract as SecurityPluginSetup } from '../../../../plugins/security/server';
|
||||
import { XPackMainPlugin } from '../../xpack_main/server/xpack_main';
|
||||
// @ts-ignore
|
||||
import { mirrorPluginStatus } from '../../../server/lib/mirror_plugin_status';
|
||||
|
@ -29,6 +30,7 @@ export type ReportingStart = object;
|
|||
|
||||
export interface ReportingSetupDeps {
|
||||
usageCollection: UsageCollectionSetup;
|
||||
security: SecurityPluginSetup;
|
||||
}
|
||||
export type ReportingStartDeps = object;
|
||||
|
||||
|
@ -39,7 +41,6 @@ export interface LegacySetup {
|
|||
info: Legacy.Server['info'];
|
||||
plugins: {
|
||||
elasticsearch: LegacyPlugins['elasticsearch'];
|
||||
security: LegacyPlugins['security'];
|
||||
xpack_main: XPackMainPlugin & {
|
||||
status?: any;
|
||||
};
|
||||
|
@ -105,7 +106,7 @@ export function reportingPluginFactory(
|
|||
isCollectorReady = true;
|
||||
|
||||
// Reporting routes
|
||||
registerRoutes(__LEGACY, exportTypesRegistry, browserDriverFactory, logger);
|
||||
registerRoutes(__LEGACY, plugins, exportTypesRegistry, browserDriverFactory, logger);
|
||||
|
||||
return {};
|
||||
}
|
||||
|
|
|
@ -4,24 +4,26 @@
|
|||
* you may not use this file except in compliance with the Elastic License.
|
||||
*/
|
||||
|
||||
import { Legacy } from 'kibana';
|
||||
import boom from 'boom';
|
||||
import Joi from 'joi';
|
||||
import { Legacy } from 'kibana';
|
||||
import rison from 'rison-node';
|
||||
import { API_BASE_URL } from '../../common/constants';
|
||||
import { ServerFacade, ReportingResponseToolkit, Logger } from '../../types';
|
||||
import { Logger, ReportingResponseToolkit, ServerFacade } from '../../types';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
import {
|
||||
getRouteConfigFactoryReportingPre,
|
||||
GetRouteConfigFactoryFn,
|
||||
getRouteConfigFactoryReportingPre,
|
||||
RouteConfigFactory,
|
||||
} from './lib/route_config_factories';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
import { HandlerErrorFunction, HandlerFunction } from './types';
|
||||
|
||||
const BASE_GENERATE = `${API_BASE_URL}/generate`;
|
||||
|
||||
export function registerGenerateFromJobParams(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
handler: HandlerFunction,
|
||||
handleError: HandlerErrorFunction,
|
||||
logger: Logger
|
||||
|
@ -29,6 +31,7 @@ export function registerGenerateFromJobParams(
|
|||
const getRouteConfig = () => {
|
||||
const getOriginalRouteConfig: GetRouteConfigFactoryFn = getRouteConfigFactoryReportingPre(
|
||||
server,
|
||||
plugins,
|
||||
logger
|
||||
);
|
||||
const routeConfigFactory: RouteConfigFactory = getOriginalRouteConfig(
|
||||
|
|
|
@ -7,11 +7,12 @@
|
|||
import { Legacy } from 'kibana';
|
||||
import { get } from 'lodash';
|
||||
import { API_BASE_GENERATE_V1, CSV_FROM_SAVEDOBJECT_JOB_TYPE } from '../../common/constants';
|
||||
import { ServerFacade, ReportingResponseToolkit, Logger } from '../../types';
|
||||
import { HandlerErrorFunction, HandlerFunction, QueuedJobPayload } from './types';
|
||||
import { getRouteOptionsCsv } from './lib/route_config_factories';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject/server/lib/get_job_params_from_request';
|
||||
import { Logger, ReportingResponseToolkit, ServerFacade } from '../../types';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
import { getRouteOptionsCsv } from './lib/route_config_factories';
|
||||
import { HandlerErrorFunction, HandlerFunction, QueuedJobPayload } from './types';
|
||||
|
||||
/*
|
||||
* This function registers API Endpoints for queuing Reporting jobs. The API inputs are:
|
||||
|
@ -24,11 +25,12 @@ import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject
|
|||
*/
|
||||
export function registerGenerateCsvFromSavedObject(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
handleRoute: HandlerFunction,
|
||||
handleRouteError: HandlerErrorFunction,
|
||||
logger: Logger
|
||||
) {
|
||||
const routeOptions = getRouteOptionsCsv(server, logger);
|
||||
const routeOptions = getRouteOptionsCsv(server, plugins, logger);
|
||||
|
||||
server.route({
|
||||
path: `${API_BASE_GENERATE_V1}/csv/saved-object/{savedObjectType}:{savedObjectId}`,
|
||||
|
|
|
@ -7,18 +7,19 @@
|
|||
import { Legacy } from 'kibana';
|
||||
import { API_BASE_GENERATE_V1 } from '../../common/constants';
|
||||
import { createJobFactory, executeJobFactory } from '../../export_types/csv_from_savedobject';
|
||||
import {
|
||||
ServerFacade,
|
||||
ResponseFacade,
|
||||
HeadlessChromiumDriverFactory,
|
||||
ReportingResponseToolkit,
|
||||
Logger,
|
||||
JobDocOutput,
|
||||
} from '../../types';
|
||||
import { JobDocPayloadPanelCsv } from '../../export_types/csv_from_savedobject/types';
|
||||
import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject/server/lib/get_job_params_from_request';
|
||||
import { getRouteOptionsCsv } from './lib/route_config_factories';
|
||||
import { JobDocPayloadPanelCsv } from '../../export_types/csv_from_savedobject/types';
|
||||
import {
|
||||
HeadlessChromiumDriverFactory,
|
||||
JobDocOutput,
|
||||
Logger,
|
||||
ReportingResponseToolkit,
|
||||
ResponseFacade,
|
||||
ServerFacade,
|
||||
} from '../../types';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
import { getRouteOptionsCsv } from './lib/route_config_factories';
|
||||
|
||||
/*
|
||||
* This function registers API Endpoints for immediate Reporting jobs. The API inputs are:
|
||||
|
@ -31,9 +32,10 @@ import { makeRequestFacade } from './lib/make_request_facade';
|
|||
*/
|
||||
export function registerGenerateCsvFromSavedObjectImmediate(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
parentLogger: Logger
|
||||
) {
|
||||
const routeOptions = getRouteOptionsCsv(server, parentLogger);
|
||||
const routeOptions = getRouteOptionsCsv(server, plugins, parentLogger);
|
||||
|
||||
/*
|
||||
* CSV export with the `immediate` option does not queue a job with Reporting's ESQueue to run the job async. Instead, this does:
|
||||
|
|
|
@ -8,20 +8,22 @@ import boom from 'boom';
|
|||
import { Legacy } from 'kibana';
|
||||
import { API_BASE_URL } from '../../common/constants';
|
||||
import {
|
||||
ServerFacade,
|
||||
ExportTypesRegistry,
|
||||
HeadlessChromiumDriverFactory,
|
||||
ReportingResponseToolkit,
|
||||
Logger,
|
||||
ReportingResponseToolkit,
|
||||
ServerFacade,
|
||||
} from '../../types';
|
||||
import { createQueueFactory, enqueueJobFactory } from '../lib';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
import { registerGenerateFromJobParams } from './generate_from_jobparams';
|
||||
import { registerGenerateCsvFromSavedObject } from './generate_from_savedobject';
|
||||
import { registerGenerateCsvFromSavedObjectImmediate } from './generate_from_savedobject_immediate';
|
||||
import { createQueueFactory, enqueueJobFactory } from '../lib';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
|
||||
export function registerJobGenerationRoutes(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
exportTypesRegistry: ExportTypesRegistry,
|
||||
browserDriverFactory: HeadlessChromiumDriverFactory,
|
||||
logger: Logger
|
||||
|
@ -73,11 +75,11 @@ export function registerJobGenerationRoutes(
|
|||
return err;
|
||||
}
|
||||
|
||||
registerGenerateFromJobParams(server, handler, handleError, logger);
|
||||
registerGenerateFromJobParams(server, plugins, handler, handleError, logger);
|
||||
|
||||
// Register beta panel-action download-related API's
|
||||
if (config.get('xpack.reporting.csv.enablePanelActionDownload')) {
|
||||
registerGenerateCsvFromSavedObject(server, handler, handleError, logger);
|
||||
registerGenerateCsvFromSavedObjectImmediate(server, logger);
|
||||
registerGenerateCsvFromSavedObject(server, plugins, handler, handleError, logger);
|
||||
registerGenerateCsvFromSavedObjectImmediate(server, plugins, logger);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,20 +5,22 @@
|
|||
*/
|
||||
|
||||
import {
|
||||
ServerFacade,
|
||||
ExportTypesRegistry,
|
||||
HeadlessChromiumDriverFactory,
|
||||
Logger,
|
||||
ServerFacade,
|
||||
} from '../../types';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
import { registerJobGenerationRoutes } from './generation';
|
||||
import { registerJobInfoRoutes } from './jobs';
|
||||
|
||||
export function registerRoutes(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
exportTypesRegistry: ExportTypesRegistry,
|
||||
browserDriverFactory: HeadlessChromiumDriverFactory,
|
||||
logger: Logger
|
||||
) {
|
||||
registerJobGenerationRoutes(server, exportTypesRegistry, browserDriverFactory, logger);
|
||||
registerJobInfoRoutes(server, exportTypesRegistry, logger);
|
||||
registerJobGenerationRoutes(server, plugins, exportTypesRegistry, browserDriverFactory, logger);
|
||||
registerJobInfoRoutes(server, plugins, exportTypesRegistry, logger);
|
||||
}
|
||||
|
|
|
@ -54,6 +54,10 @@ beforeEach(() => {
|
|||
};
|
||||
});
|
||||
|
||||
const mockPlugins = {
|
||||
security: null,
|
||||
};
|
||||
|
||||
const getHits = (...sources) => {
|
||||
return {
|
||||
hits: {
|
||||
|
@ -67,7 +71,7 @@ test(`returns 404 if job not found`, async () => {
|
|||
.getCluster('admin')
|
||||
.callWithInternalUser.mockReturnValue(Promise.resolve(getHits()));
|
||||
|
||||
registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger);
|
||||
registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger);
|
||||
|
||||
const request = {
|
||||
method: 'GET',
|
||||
|
@ -84,7 +88,7 @@ test(`returns 401 if not valid job type`, async () => {
|
|||
.getCluster('admin')
|
||||
.callWithInternalUser.mockReturnValue(Promise.resolve(getHits({ jobtype: 'invalidJobType' })));
|
||||
|
||||
registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger);
|
||||
registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger);
|
||||
|
||||
const request = {
|
||||
method: 'GET',
|
||||
|
@ -103,7 +107,7 @@ describe(`when job is incomplete`, () => {
|
|||
Promise.resolve(getHits({ jobtype: 'unencodedJobType', status: 'pending' }))
|
||||
);
|
||||
|
||||
registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger);
|
||||
registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger);
|
||||
|
||||
const request = {
|
||||
method: 'GET',
|
||||
|
@ -145,7 +149,7 @@ describe(`when job is failed`, () => {
|
|||
.getCluster('admin')
|
||||
.callWithInternalUser.mockReturnValue(Promise.resolve(hits));
|
||||
|
||||
registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger);
|
||||
registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger);
|
||||
|
||||
const request = {
|
||||
method: 'GET',
|
||||
|
@ -190,7 +194,7 @@ describe(`when job is completed`, () => {
|
|||
.getCluster('admin')
|
||||
.callWithInternalUser.mockReturnValue(Promise.resolve(hits));
|
||||
|
||||
registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger);
|
||||
registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger);
|
||||
|
||||
const request = {
|
||||
method: 'GET',
|
||||
|
|
|
@ -5,25 +5,26 @@
|
|||
*/
|
||||
|
||||
import Boom from 'boom';
|
||||
import { Legacy } from 'kibana';
|
||||
import { ResponseObject } from 'hapi';
|
||||
import { Legacy } from 'kibana';
|
||||
import { API_BASE_URL } from '../../common/constants';
|
||||
import {
|
||||
ServerFacade,
|
||||
ExportTypesRegistry,
|
||||
Logger,
|
||||
ReportingResponseToolkit,
|
||||
JobDocOutput,
|
||||
JobSource,
|
||||
ListQuery,
|
||||
Logger,
|
||||
ReportingResponseToolkit,
|
||||
ServerFacade,
|
||||
} from '../../types';
|
||||
import { jobsQueryFactory } from '../lib/jobs_query';
|
||||
import { ReportingSetupDeps } from '../plugin';
|
||||
import { jobResponseHandlerFactory } from './lib/job_response_handler';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
import {
|
||||
getRouteConfigFactoryDownloadPre,
|
||||
getRouteConfigFactoryManagementPre,
|
||||
} from './lib/route_config_factories';
|
||||
import { makeRequestFacade } from './lib/make_request_facade';
|
||||
|
||||
const MAIN_ENTRY = `${API_BASE_URL}/jobs`;
|
||||
|
||||
|
@ -33,12 +34,13 @@ function isResponse(response: Boom<null> | ResponseObject): response is Response
|
|||
|
||||
export function registerJobInfoRoutes(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
exportTypesRegistry: ExportTypesRegistry,
|
||||
logger: Logger
|
||||
) {
|
||||
const jobsQuery = jobsQueryFactory(server);
|
||||
const getRouteConfig = getRouteConfigFactoryManagementPre(server, logger);
|
||||
const getRouteConfigDownload = getRouteConfigFactoryDownloadPre(server, logger);
|
||||
const getRouteConfig = getRouteConfigFactoryManagementPre(server, plugins, logger);
|
||||
const getRouteConfigDownload = getRouteConfigFactoryDownloadPre(server, plugins, logger);
|
||||
|
||||
// list jobs in the queue, paginated
|
||||
server.route({
|
||||
|
|
|
@ -4,7 +4,6 @@
|
|||
* you may not use this file except in compliance with the Elastic License.
|
||||
*/
|
||||
|
||||
import expect from '@kbn/expect';
|
||||
import { authorizedUserPreRoutingFactory } from './authorized_user_pre_routing';
|
||||
|
||||
describe('authorized_user_pre_routing', function() {
|
||||
|
@ -60,41 +59,88 @@ describe('authorized_user_pre_routing', function() {
|
|||
return mockServer;
|
||||
};
|
||||
})();
|
||||
const getMockLogger = () => ({ warn: jest.fn() });
|
||||
|
||||
const mockRequestRaw = {
|
||||
body: {},
|
||||
events: {},
|
||||
headers: {},
|
||||
isSystemRequest: false,
|
||||
params: {},
|
||||
query: {},
|
||||
route: { settings: { payload: 'abc' }, options: { authRequired: true, body: {}, tags: [] } },
|
||||
withoutSecretHeaders: true,
|
||||
};
|
||||
const getMockRequest = () => ({
|
||||
...mockRequestRaw,
|
||||
raw: { req: mockRequestRaw },
|
||||
});
|
||||
|
||||
const getMockPlugins = pluginSet => {
|
||||
return pluginSet || { security: null };
|
||||
};
|
||||
|
||||
const getMockLogger = () => ({
|
||||
warn: jest.fn(),
|
||||
error: msg => {
|
||||
throw new Error(msg);
|
||||
},
|
||||
});
|
||||
|
||||
it('should return with boom notFound when xpackInfo is undefined', async function() {
|
||||
const mockServer = createMockServer({ xpackInfoUndefined: true });
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting({});
|
||||
expect(response.isBoom).to.be(true);
|
||||
expect(response.output.statusCode).to.be(404);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
getMockPlugins(),
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response.isBoom).toBe(true);
|
||||
expect(response.output.statusCode).toBe(404);
|
||||
});
|
||||
|
||||
it(`should return with boom notFound when xpackInfo isn't available`, async function() {
|
||||
const mockServer = createMockServer({ xpackInfoAvailable: false });
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting();
|
||||
expect(response.isBoom).to.be(true);
|
||||
expect(response.output.statusCode).to.be(404);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
getMockPlugins(),
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response.isBoom).toBe(true);
|
||||
expect(response.output.statusCode).toBe(404);
|
||||
});
|
||||
|
||||
it('should return with null user when security is disabled in Elasticsearch', async function() {
|
||||
const mockServer = createMockServer({ securityEnabled: false });
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting();
|
||||
expect(response).to.be(null);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
getMockPlugins(),
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response).toBe(null);
|
||||
});
|
||||
|
||||
it('should return with boom unauthenticated when security is enabled but no authenticated user', async function() {
|
||||
const mockServer = createMockServer({ user: null });
|
||||
const mockServer = createMockServer({
|
||||
user: null,
|
||||
config: { 'xpack.reporting.roles.allow': ['.reporting_user'] },
|
||||
});
|
||||
const mockPlugins = getMockPlugins({
|
||||
security: { authc: { getCurrentUser: () => null } },
|
||||
});
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting();
|
||||
expect(response.isBoom).to.be(true);
|
||||
expect(response.output.statusCode).to.be(401);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
mockPlugins,
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response.isBoom).toBe(true);
|
||||
expect(response.output.statusCode).toBe(401);
|
||||
});
|
||||
|
||||
it(`should return with boom forbidden when security is enabled but user doesn't have allowed role`, async function() {
|
||||
|
@ -102,11 +148,18 @@ describe('authorized_user_pre_routing', function() {
|
|||
user: { roles: [] },
|
||||
config: { 'xpack.reporting.roles.allow': ['.reporting_user'] },
|
||||
});
|
||||
const mockPlugins = getMockPlugins({
|
||||
security: { authc: { getCurrentUser: () => ({ roles: ['something_else'] }) } },
|
||||
});
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting();
|
||||
expect(response.isBoom).to.be(true);
|
||||
expect(response.output.statusCode).to.be(403);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
mockPlugins,
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response.isBoom).toBe(true);
|
||||
expect(response.output.statusCode).toBe(403);
|
||||
});
|
||||
|
||||
it('should return with user when security is enabled and user has explicitly allowed role', async function() {
|
||||
|
@ -115,10 +168,19 @@ describe('authorized_user_pre_routing', function() {
|
|||
user,
|
||||
config: { 'xpack.reporting.roles.allow': ['.reporting_user'] },
|
||||
});
|
||||
const mockPlugins = getMockPlugins({
|
||||
security: {
|
||||
authc: { getCurrentUser: () => ({ roles: ['.reporting_user', 'something_else'] }) },
|
||||
},
|
||||
});
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting();
|
||||
expect(response).to.be(user);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
mockPlugins,
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response).toEqual(user);
|
||||
});
|
||||
|
||||
it('should return with user when security is enabled and user has superuser role', async function() {
|
||||
|
@ -127,9 +189,16 @@ describe('authorized_user_pre_routing', function() {
|
|||
user,
|
||||
config: { 'xpack.reporting.roles.allow': [] },
|
||||
});
|
||||
const mockPlugins = getMockPlugins({
|
||||
security: { authc: { getCurrentUser: () => ({ roles: ['superuser', 'something_else'] }) } },
|
||||
});
|
||||
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger());
|
||||
const response = await authorizedUserPreRouting();
|
||||
expect(response).to.be(user);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(
|
||||
mockServer,
|
||||
mockPlugins,
|
||||
getMockLogger()
|
||||
);
|
||||
const response = await authorizedUserPreRouting(getMockRequest());
|
||||
expect(response).toEqual(user);
|
||||
});
|
||||
});
|
||||
|
|
|
@ -7,8 +7,9 @@
|
|||
import Boom from 'boom';
|
||||
import { Legacy } from 'kibana';
|
||||
import { AuthenticatedUser } from '../../../../../../plugins/security/server';
|
||||
import { Logger, ServerFacade } from '../../../types';
|
||||
import { getUserFactory } from '../../lib/get_user';
|
||||
import { ServerFacade, Logger } from '../../../types';
|
||||
import { ReportingSetupDeps } from '../../plugin';
|
||||
|
||||
const superuserRole = 'superuser';
|
||||
|
||||
|
@ -18,9 +19,10 @@ export type PreRoutingFunction = (
|
|||
|
||||
export const authorizedUserPreRoutingFactory = function authorizedUserPreRoutingFn(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
logger: Logger
|
||||
) {
|
||||
const getUser = getUserFactory(server, logger);
|
||||
const getUser = getUserFactory(server, plugins.security, logger);
|
||||
const config = server.config();
|
||||
|
||||
return async function authorizedUserPreRouting(request: Legacy.Request) {
|
||||
|
|
|
@ -4,17 +4,17 @@
|
|||
* you may not use this file except in compliance with the Elastic License.
|
||||
*/
|
||||
|
||||
import * as _ from 'lodash';
|
||||
// @ts-ignore
|
||||
import contentDisposition from 'content-disposition';
|
||||
import * as _ from 'lodash';
|
||||
import { CSV_JOB_TYPE } from '../../../common/constants';
|
||||
import {
|
||||
ServerFacade,
|
||||
ExportTypesRegistry,
|
||||
ExportTypeDefinition,
|
||||
ExportTypesRegistry,
|
||||
JobDocOutput,
|
||||
JobSource,
|
||||
ServerFacade,
|
||||
} from '../../../types';
|
||||
import { CSV_JOB_TYPE } from '../../../common/constants';
|
||||
|
||||
interface ICustomHeaders {
|
||||
[x: string]: any;
|
||||
|
|
|
@ -7,11 +7,13 @@
|
|||
import Boom from 'boom';
|
||||
import { Legacy } from 'kibana';
|
||||
import { Logger, ServerFacade } from '../../../types';
|
||||
import { ReportingSetupDeps } from '../../plugin';
|
||||
|
||||
export type GetReportingFeatureIdFn = (request: Legacy.Request) => string;
|
||||
|
||||
export const reportingFeaturePreRoutingFactory = function reportingFeaturePreRoutingFn(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
logger: Logger
|
||||
) {
|
||||
const xpackMainPlugin = server.plugins.xpack_main;
|
||||
|
|
|
@ -6,10 +6,13 @@
|
|||
|
||||
import Joi from 'joi';
|
||||
import { CSV_FROM_SAVEDOBJECT_JOB_TYPE } from '../../../common/constants';
|
||||
import { ServerFacade, Logger } from '../../../types';
|
||||
import { Logger, ServerFacade } from '../../../types';
|
||||
import { ReportingSetupDeps } from '../../plugin';
|
||||
import { authorizedUserPreRoutingFactory } from './authorized_user_pre_routing';
|
||||
import { reportingFeaturePreRoutingFactory } from './reporting_feature_pre_routing';
|
||||
import { GetReportingFeatureIdFn } from './reporting_feature_pre_routing';
|
||||
import {
|
||||
GetReportingFeatureIdFn,
|
||||
reportingFeaturePreRoutingFactory,
|
||||
} from './reporting_feature_pre_routing';
|
||||
|
||||
const API_TAG = 'api';
|
||||
|
||||
|
@ -27,10 +30,11 @@ export type GetRouteConfigFactoryFn = (
|
|||
|
||||
export function getRouteConfigFactoryReportingPre(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
logger: Logger
|
||||
): GetRouteConfigFactoryFn {
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, logger);
|
||||
const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, logger);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, plugins, logger);
|
||||
const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, plugins, logger);
|
||||
|
||||
return (getFeatureId?: GetReportingFeatureIdFn): RouteConfigFactory => {
|
||||
const preRouting: any[] = [{ method: authorizedUserPreRouting, assign: 'user' }];
|
||||
|
@ -45,8 +49,12 @@ export function getRouteConfigFactoryReportingPre(
|
|||
};
|
||||
}
|
||||
|
||||
export function getRouteOptionsCsv(server: ServerFacade, logger: Logger) {
|
||||
const getRouteConfig = getRouteConfigFactoryReportingPre(server, logger);
|
||||
export function getRouteOptionsCsv(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
logger: Logger
|
||||
) {
|
||||
const getRouteConfig = getRouteConfigFactoryReportingPre(server, plugins, logger);
|
||||
return {
|
||||
...getRouteConfig(() => CSV_FROM_SAVEDOBJECT_JOB_TYPE),
|
||||
validate: {
|
||||
|
@ -68,10 +76,11 @@ export function getRouteOptionsCsv(server: ServerFacade, logger: Logger) {
|
|||
|
||||
export function getRouteConfigFactoryManagementPre(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
logger: Logger
|
||||
): GetRouteConfigFactoryFn {
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, logger);
|
||||
const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, logger);
|
||||
const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, plugins, logger);
|
||||
const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, plugins, logger);
|
||||
const managementPreRouting = reportingFeaturePreRouting(() => 'management');
|
||||
|
||||
return (): RouteConfigFactory => {
|
||||
|
@ -91,9 +100,10 @@ export function getRouteConfigFactoryManagementPre(
|
|||
// download is loaded into memory.
|
||||
export function getRouteConfigFactoryDownloadPre(
|
||||
server: ServerFacade,
|
||||
plugins: ReportingSetupDeps,
|
||||
logger: Logger
|
||||
): GetRouteConfigFactoryFn {
|
||||
const getManagementRouteConfig = getRouteConfigFactoryManagementPre(server, logger);
|
||||
const getManagementRouteConfig = getRouteConfigFactoryManagementPre(server, plugins, logger);
|
||||
return (): RouteConfigFactory => ({
|
||||
...getManagementRouteConfig(),
|
||||
tags: [API_TAG],
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
*/
|
||||
|
||||
import { Legacy } from 'kibana';
|
||||
import { RequestFacade, ReportingResponseToolkit, JobDocPayload } from '../../types';
|
||||
import { JobDocPayload, ReportingResponseToolkit } from '../../types';
|
||||
|
||||
export type HandlerFunction = (
|
||||
exportType: string,
|
||||
|
|
Loading…
Reference in a new issue