* Upgraded EUI to 18.0.0
* Fix breaks from `palette._.colors` changes
* snapshots
* Updated hard coded hex color codes in tests, fixed TS errors
* Updated a functional test's selector; added (BSD-3-Clause AND Apache-2.0) to license checker whitelist
* Functional test selector update
* Updated vega browser-ci tests for palette changes
* rebased on master
* One more location for EUI package number update and yarn lock
* Fixed lurking [but introduced] TypeScript logic bug
* Swap a prop definition for the same value but tied closer to its source
Co-authored-by: Caroline Horn <549577+cchaos@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Initial role mappings UI
* apply design edits
* address PR feedback
* fix type cast for number field
* Update x-pack/legacy/plugins/security/public/views/management/role_mappings/edit_role_mapping/components/mapping_info_panel/mapping_info_panel.tsx
Co-Authored-By: Joe Portner <5295965+jportner@users.noreply.github.com>
* Cleanup FTR configuration, and handle role mapping 404 errors properly
* align naming of role mappings feature check
* Apply suggestions from code review
Co-Authored-By: Brandon Kobel <brandon.kobel@gmail.com>
* add missing test assertions
* inlining feature check logic
* switch to using snapshot
* use href instead of onClick
* adding delete unit test
* consolidate href building
* unify page load error handling
* simplify initial loading state
* documenting unconditional catch blocks
* use nodes.info instead of transport.request
* Apply suggestions from code review
Co-Authored-By: Brandon Kobel <brandon.kobel@gmail.com>
* move model out of LP into NP
* convert except_field_rule to except_any_rule
* docs, take 1
* update gif
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
Co-authored-by: Brandon Kobel <brandon.kobel@gmail.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* expose ES clients without observables
* expose observable-less api to plugins
* update core api and mocks
* update plugins
* NP SO & legacy use updated API
* update SO tests
* update TSDocs
* update types
* update docs
* document createCluster analog in np
* typo
* Initial work to auto cleanup old API keys
* Fix ESLint error
* Rename confusing variables
* Add test to ensure thrown errors are swallowed
* Add more tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [NP] Allow custom validations in HTTP Routes apart from @kbn/config-schema
* API docs
* Allow validate function in the route handler (run-code validation)
* Prefix RouteXXX + Params and Body Validation Aliases
* Fix test broken by lodash
* Update API docs
* Add default types for simpler manual declaration
* Add run-time validation of the RouteValidateSpec
* Expose RouteValidationError instead of SchemaTypeError
* RouteValidator as a class to match config-schema interface
* Test for not-inline handler (need to check IRouter for #47047)
* Add preValidation of the input for a safer custom validation
* Better types for RouteHandlers
* [NP] Move route validation to RouteValidator wrapper
* Use the class only internally but maintain the same API
* Fix types
* Ensure RouteValidator instance in KibanaRequest.from
* Fix validator.tests (Buffer.from instead of new Buffer)
* Default precheck should allow null values
* Also allow undefined in preChecks
* MR feedback fixes
* Provide RouteValidationResolver to the validation function
* Add functional tests
* Fix new functional tests
* Fix validator additional test
* Fix test with new resolver
* Remove unused import
* Rename ValidationResolver to ValidationResultFactory and change the interface to look more like the KibanaResponseFactory
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* inOneOf --> hasAtLeast. to follow to licensing hierarchical model
* adopt licensing tests
* add license mock and use it in the tests
* adopt security plugin to hasAtLeast and licensing mocks
* adopt uptime to hasAtLeast
* update readme
* add test for unknown license
* fix import in js test
* fix security plugin merge conflict
* Update x-pack/plugins/security/common/licensing/license_service.ts
Co-Authored-By: Larry Gregory <lgregorydev@gmail.com>
* Update x-pack/plugins/licensing/common/types.ts
Co-Authored-By: Josh Dover <me@joshdover.com>
* simplify tests
* remove unused import
* migrating nav control to NP
* move licensing service to common
* only retrieve user when necessary
* don't block rendering on user promise
* testing nav control registration
* moving logic to nav_control_service
* register account management in a hack
* update import location
* updating license_service to manage its own subscription to the raw license
* updating mock
* update editProfileUrl to not require full page reload if already within the kibana app
* alternate security license proposal
* adds popover test.
* switchMap -> map
* additional test case.
* Apply suggestions from code review
Co-Authored-By: Aleh Zasypkin <aleh.zasypkin@gmail.com>
* additional testing
* fix merge from master
* fixing es availability check
* fix merge from master
* switch from deprecated route
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* add onPreResponse interceptor
* use onPreResponse interceptor to add license sign
* expose registerPreResponse to plugins
* refresh for license update get the most fresh license
* license plugin injects own header for signature: 'kbn-license-sig'
* add integration tests for license type and license header
* switch config to duration
* don't run interceptor on anon paths. add tests
* add functional tests for licensing plugin
* regen docs
* fix test in security due to updated mocks;
* update snapshots accoring to new mock implementation
* migrate license expired banner to NP
* add readme for the licensing plugin
* remove outdated import. licensing has separate functional tests
* add tag for test to run on CI
* regen docs
* Update x-pack/plugins/licensing/README.md
Co-Authored-By: Josh Dover <me@joshdover.com>
* update tests
Ensure no deprecated Node.js core API's are used in Kibana. This is
achieved by throwing an error in either development mode or in CI if one
of the deprecated API's is called, and as such, new PR's should no
longer be able to be merged if they use deprecated API's.
Some of these API's (like the `Buffer` constructor`) is a security risk.
* create service skeleton
* move registerCapabilitiesModifier to capabilities service and rename to registerCapabilitiesSwitcher
* starts to move capabilities logic to CapabilitiesService
* move capabilities route to service
* add initial integration test for capabilities route
* capabilitiesMixin now delegates to capability service
* use server-side Capabilities import in server code
* update generated doc
* remove capabilities from injectedMetadatas
* use applications sent from client instead of server-registered navLinks
* disable authRequired for capabilities route
* (temp) exposes two endpoints for capabilities
* Add fetch-mock on capabilities call for karma tests
* adapt xpack Capabilities test - first attempt
* adapt x-pack ui_capabilities test
* add '/status' to the list of anonymous pages
* Add documentation on Capabilities APIs
* move Capabilities to core/types
* update generated docs
* add service tests
* protecting resolveCapabilities against added/removed capabilities
* update generated docs
* adapt mocks due to rebase
* add forgotten exports
* improve capabilities routes registering
* name capabilities registering methods
* resolve conflicts due to merge
* address review issues
* add comment about reason for exposing two routes
* extract createHttpServer test helper
* fix merge conflicts
* improve documentation
* remove `/status` anon registration as now done in NP status plugin
* fix merge conflicts
* Allow routes to define some payload config values
* Documentation typo
* Move hapi `payload` config under `body` + additional validations
* Update API docs
* Amend explanation in API docs
* Add stream and buffer types to @kbn/config-schema
* Fixes based on PR feedback:
- Add 'patch' and 'options' to valid RouteMethod
- Add tests for all the new flags
- Allow `stream` and `buffer` schema in the body validations (findings from tests)
* API documentation update
* Fix type definitions
* Fix the NITs in the PR comments + better typing inheritance
* API docs update
* Fix APM-legacy wrapper's types
* Fix KibanaRequest.from type exposure of hapi in API docs
* Move RouterRoute interface back to private + Expose some public docs
* Update @kbn/config-schema docs
This adds an absolute session timeout (lifespan) to user sessions.
It also improves the existing session timeout toast and the overall
user experience in several ways.
* [Security] Add loginAssistanceMessage to login page
* Fix tests
* Fix login_page.test.tsx
* Fix defaultValue
* Render login assistance message independently of other messages and use EuiText instead of EuiCallOut
* Use small text
Co-Authored-By: Caroline Horn <549577+cchaos@users.noreply.github.com>
* Flip order of message around
* Add x-pack plugin for new platform browser licensing information
* Address next round of reviews
* Remove poller functionality in favor of inline observables
* More observable changes from review comments
* Fix outstanding tests
* More changes from review, adding additional testing
* Add additional tests for license comparisons and sessions
* Update test snapshot due to sessionstorage mock
* Next round of review feedback from restrry
* Fix more review requests from restrry, add additional tests
* Pass correct sign mock to license info changed test
* Improve doc comments, switch to I-interface pattern
* Test error polling sanity, do not expose signature, do not poll on client
* Fix type check issues from rebase
* Fix build error from rebase
* minimize config
* move all types to server with consistency with other code
* implement License
* implement license update & refactor has License changed check
* update tests for licensing extending route handler context
* implement client side side license plugin
* implement server side licensing plugin
* remove old code
* update testing harness
* update types for license status
* remove jest-localstorage-mock
* fix tests
* update license in security
* address comments. first pass
* error is a part of signature. pass error message to License
* move common license types under common folder
* rename feature props for BWC and unify name with ILicense
* test should work in any timezone
* make prettier happy
* remove obsolete comment
* address Pierre comments
* use sha256 for security reasons
* use stable stringify to avoid churn
* add reactMount util to kibana_react
(kibana-react) properly export reactMount
* add MountPoint types and utility
* adapt toast API to no longer accept react elements
(toast API) properly export new Toast type
* adapt calls by using reactMount
createNotifications: do not wrap if text
* update generated doc
* add custom snapshot serializer for reactMount
* fix unit tests
fix xpack unit tests
* adapt non-ts calls
* do not add __reactMount__ property in production
* remove string check on createNotifications
* fix typo and small fix using obj spread
* improve react mount snapshot serializer
* simplify convertToEui
* rename reactMount to toMountPoint
* adapt newly added calls
* move mount types to proper file
* use new Mount types for OverlayBanner apis
* fixing typo
* adapt new calls
* use destructured imports
* We have a NP plugin! :celebration:
* Redirecting to login on all 401s
* Adding commented out code for when credentials are omitted
* Fixing types
* Respond 403 when user changes password with incorrect current password
* Adding AnonymousPaths where we ignore all 401s
* Adding anonymous path tests
* Extracted a dedicated SessionExpires class and added tests
* Fixing plugin after refactoring to add SessionExpired
* Beginning to work on the session timeout interceptor
* Fixing UnauthorizedResponseInterceptor anonymous path test
* Removing test anonymous path
* Trying to improve readability
* Displaying session logout warning
* Mocking out the base path
* Revert "Mocking out the base path"
This reverts commit 824086c168.
* Changing coreMock to use a concrete instance of BasePath
* Adding session timeout interceptor tests
* Adding session timeout tests
* Adding more tests for short session timeouts
* Moving some files to a session folder
* More thrashing around: renaming and reorganizing
* Renaming Interceptor to HttpInterceptor
* Fixing some type errors
* Fixing legacy chrome API tests
* Fixing other tests to use the concrete instance of BasePath
* Adjusting some types
* Putting DeeplyMocked back, I don't get how DeeplyMockedKeys works
* Moving anonymousPaths to public core http
* Reading sessionTimeout from injected vars and supporting null timeout
* Doesn't extend session when there is no response
* Updating docs and snapshots
* Casting sessionTimeout injectedVar to "number | null"
* Fixing i18n issues
* Update x-pack/plugins/security/public/plugin.ts
Co-Authored-By: Larry Gregory <lgregorydev@gmail.com>
* Adding milliseconds postfix to SessionTimeout private fields
* Even better anonymous paths, with some validation
* Adjusting public method docs for IAnonymousPaths
* Adjusting spelling of base-path to basePath
* Update x-pack/plugins/security/public/session/session_timeout.tsx
Co-Authored-By: Larry Gregory <lgregorydev@gmail.com>
* Update src/core/public/http/anonymous_paths.ts
Co-Authored-By: Josh Dover <me@joshdover.com>
* Update src/core/public/http/anonymous_paths.ts
Co-Authored-By: Josh Dover <me@joshdover.com>
* AnonymousPaths implements IAnonymousPaths and uses IBasePath
* Removing DeeplyMocked
* Removing TODOs
* Fixing types...
* Now, ever more normal
* Initial work
* Fix failing jest test
* Use APIKeys class
* Only use id to invalidate
* Log all errors in invalidate function
* Cleanup
* Apply PR feedback
* Initial work
* Cleanup add createAPIKey fn pt1
* Change getServices function to take request as parameter
* Use API key when executing alerts
* Revert task manager using encrypted saved objects
* Store fired actions within a saved object to encrypt API keys
* Fix fireActionId
* Cleanup code, fix type check error
* Add a type for getScopedSavedObjectsClient
* Fix getBasePath and spaceIdToNamespace functions
* Add safety check for API key and action
* Fix integration tests
* Fix broken jest tests
* Cleanup
* Rename generatedApiKey to apiKeyValue
* Ensure access to action record
* Cleanup
* Add unit tests
* Fix variable conflict
* Revert task manager specific code (no longer needed)
* Remove fire terminology
* Move tests to spaces and security folder
* Use ES Archiver to remove spaces (empty_kibana)
* Fix missing pieces
* Convert action tests to run per user
* Convert alerting tests to run per user
* Fix type check issue
* Fix failing test
* Add callCluster and savedObjectsClient authorization tests
* Make savedObjectsClient return 403 for authorization tests
* Cleanup
* Fix test failure
* Common function to get data from test index
* Create ObjectRemover
* Cleanup
* useApiKey now provided to functions instead of relying on condition of two strings
* Fix typo
* Make tests it(...) start with should
* Rename useApiKey to isSecurityEnabled
* Merge apiKeyId and apiKeyValue into one
* Update docs
* Use feature controls for list alert / action types API
* Remove need to add ! in TypeScript for required plugins
* Fix ESLint issue
* Include actions and alertTypeParams into AAD and genereate new API key on update
* Generate random id for API key name attribute
* Include interval in AAD
* Send pre-encoded string
* Fix ExecutorError
* Fix apiKey snapshot
* Fix 'default' typo
* De-compose apiKey
* Refresh API key when enabling / disabling an alert
* Add updatedBy
* Make unauthorized APIs return 404
* add response factory to the interceptors
* adopt x-pack code to the changes
* Add a separate response factory for lifecycles.
Only route handler can respond with 2xx response.
Interceptors may redirect or reject an incoming request.
* re-generate docs
* response.internal --> response.internalError
* use internalError for exceptions in authenticator
* before Security plugin proxied ES error status code. now sets explicitly.
* provide error via message field of error response for BWC
* update docs
* add customError response
* restore integration test and update unit tests
* update docs
* support Hapi error format for BWC
* add a couple of tests
* Add createApiKey support to security plugin
* Expiration is optional
* Start moving code to new platform
* Add unit tests
* Fix jest test
* Apply PR feedback
* Apply PR feedback
* Apply PR feedback pt2
