Skip to content

Commit 6473ee3

Browse files
mikecotemikecote
committed
Merge branch 'master' of github.com:elastic/kibana into alerting/alert-api-key-cleanup
2 parents 7d140e3 + 98ac7a6 commit 6473ee3

28 files changed

Lines changed: 360 additions & 25 deletions

File tree

x-pack/legacy/plugins/alerting/server/plugin.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,7 @@ export class Plugin {
7171
attributesToEncrypt: new Set(['apiKey']),
7272
attributesToExcludeFromAAD: new Set([
7373
'scheduledTaskId',
74-
'muted',
74+
'muteAll',
7575
'mutedInstanceIds',
7676
'updatedBy',
7777
]),

x-pack/test/alerting_api_integration/common/config.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,7 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions)
7878
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'alerts')}`,
7979
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'actions')}`,
8080
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'task_manager')}`,
81+
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'aad')}`,
8182
`--server.xsrf.whitelist=${JSON.stringify(getAllExternalServiceSimulatorPaths())}`,
8283
...(ssl
8384
? [

x-pack/test/alerting_api_integration/common/fixtures/plugins/aad/index.ts

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
import Joi from 'joi';
8+
import Hapi from 'hapi';
9+
import { Legacy } from 'kibana';
10+
import KbnServer from '../../../../../../../src/legacy/server/kbn_server';
11+
import { PluginStartContract } from '../../../../../../plugins/encrypted_saved_objects/server';
12+
13+
interface CheckAADRequest extends Hapi.Request {
14+
payload: {
15+
spaceId?: string;
16+
type: string;
17+
id: string;
18+
};
19+
}
20+
21+
// eslint-disable-next-line import/no-default-export
22+
export default function(kibana: any) {
23+
return new kibana.Plugin({
24+
require: ['actions', 'alerting', 'encryptedSavedObjects'],
25+
name: 'aad-fixtures',
26+
init(server: Legacy.Server) {
27+
const newPlatform = ((server as unknown) as KbnServer).newPlatform;
28+
const esoPlugin = newPlatform.start.plugins.encryptedSavedObjects as PluginStartContract;
29+
30+
server.route({
31+
method: 'POST',
32+
path: '/api/check_aad',
33+
options: {
34+
validate: {
35+
payload: Joi.object()
36+
.keys({
37+
spaceId: Joi.string().optional(),
38+
type: Joi.string().required(),
39+
id: Joi.string().required(),
40+
})
41+
.required(),
42+
},
43+
},
44+
async handler(request: CheckAADRequest) {
45+
let namespace: string | undefined;
46+
const spacesPlugin = server.plugins.spaces;
47+
if (spacesPlugin && request.payload.spaceId) {
48+
namespace = spacesPlugin.spaceIdToNamespace(request.payload.spaceId);
49+
}
50+
await esoPlugin.getDecryptedAsInternalUser(request.payload.type, request.payload.id, {
51+
namespace,
52+
});
53+
return { success: true };
54+
},
55+
});
56+
},
57+
});
58+
}

x-pack/test/alerting_api_integration/common/fixtures/plugins/aad/package.json

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
{
2+
"name": "aad-fixtures",
3+
"version": "0.0.0",
4+
"kibana": {
5+
"version": "kibana"
6+
}
7+
}

x-pack/test/alerting_api_integration/common/lib/check_aad.ts

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the Elastic License;
4+
* you may not use this file except in compliance with the Elastic License.
5+
*/
6+
7+
interface Opts {
8+
supertest: any;
9+
spaceId?: string;
10+
type: string;
11+
id: string;
12+
}
13+
14+
export async function checkAAD({ supertest, spaceId, type, id }: Opts) {
15+
await supertest
16+
.post('/api/check_aad')
17+
.set('kbn-xsrf', 'foo')
18+
.send({ spaceId, type, id })
19+
.expect(200, { success: true });
20+
}

x-pack/test/alerting_api_integration/common/lib/index.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,3 +10,4 @@ export { ES_TEST_INDEX_NAME, ESTestIndexTool } from './es_test_index_tool';
1010
export { getTestAlertData } from './get_test_alert_data';
1111
export { AlertUtils } from './alert_utils';
1212
export { TaskManagerUtils } from './task_manager_utils';
13+
export { checkAAD } from './check_aad';

x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/create.ts

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
import expect from '@kbn/expect';
88
import { UserAtSpaceScenarios } from '../../scenarios';
9-
import { getUrlPrefix, ObjectRemover } from '../../../common/lib';
9+
import { checkAAD, getUrlPrefix, ObjectRemover } from '../../../common/lib';
1010
import { FtrProviderContext } from '../../../common/ftr_provider_context';
1111

1212
// eslint-disable-next-line import/no-default-export
@@ -52,6 +52,7 @@ export default function createActionTests({ getService }: FtrProviderContext) {
5252
case 'superuser at space1':
5353
case 'space_1_all at space1':
5454
expect(response.statusCode).to.eql(200);
55+
objectRemover.add(space.id, response.body.id, 'action');
5556
expect(response.body).to.eql({
5657
id: response.body.id,
5758
name: 'My action',
@@ -61,7 +62,13 @@ export default function createActionTests({ getService }: FtrProviderContext) {
6162
},
6263
});
6364
expect(typeof response.body.id).to.be('string');
64-
objectRemover.add(space.id, response.body.id, 'action');
65+
// Ensure AAD isn't broken
66+
await checkAAD({
67+
supertest,
68+
spaceId: space.id,
69+
type: 'action',
70+
id: response.body.id,
71+
});
6572
break;
6673
default:
6774
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);

x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/update.ts

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
import expect from '@kbn/expect';
88
import { UserAtSpaceScenarios } from '../../scenarios';
9-
import { getUrlPrefix, ObjectRemover } from '../../../common/lib';
9+
import { checkAAD, getUrlPrefix, ObjectRemover } from '../../../common/lib';
1010
import { FtrProviderContext } from '../../../common/ftr_provider_context';
1111

1212
// eslint-disable-next-line import/no-default-export
@@ -75,6 +75,13 @@ export default function updateActionTests({ getService }: FtrProviderContext) {
7575
unencrypted: `This value shouldn't get encrypted`,
7676
},
7777
});
78+
// Ensure AAD isn't broken
79+
await checkAAD({
80+
supertest,
81+
spaceId: space.id,
82+
type: 'action',
83+
id: createdAction.id,
84+
});
7885
break;
7986
default:
8087
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);

x-pack/test/alerting_api_integration/security_and_spaces/tests/alerting/create.ts

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
import expect from '@kbn/expect';
88
import { UserAtSpaceScenarios } from '../../scenarios';
9-
import { getTestAlertData, getUrlPrefix, ObjectRemover } from '../../../common/lib';
9+
import { checkAAD, getTestAlertData, getUrlPrefix, ObjectRemover } from '../../../common/lib';
1010
import { FtrProviderContext } from '../../../common/ftr_provider_context';
1111

1212
// eslint-disable-next-line import/no-default-export
@@ -106,6 +106,13 @@ export default function createAlertTests({ getService }: FtrProviderContext) {
106106
alertId: response.body.id,
107107
spaceId: space.id,
108108
});
109+
// Ensure AAD isn't broken
110+
await checkAAD({
111+
supertest,
112+
spaceId: space.id,
113+
type: 'alert',
114+
id: response.body.id,
115+
});
109116
break;
110117
default:
111118
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);

x-pack/test/alerting_api_integration/security_and_spaces/tests/alerting/disable.ts

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,14 @@
66

77
import expect from '@kbn/expect';
88
import { UserAtSpaceScenarios } from '../../scenarios';
9-
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
109
import { FtrProviderContext } from '../../../common/ftr_provider_context';
10+
import {
11+
AlertUtils,
12+
checkAAD,
13+
getUrlPrefix,
14+
getTestAlertData,
15+
ObjectRemover,
16+
} from '../../../common/lib';
1117

1218
// eslint-disable-next-line import/no-default-export
1319
export default function createDisableAlertTests({ getService }: FtrProviderContext) {
@@ -65,6 +71,13 @@ export default function createDisableAlertTests({ getService }: FtrProviderConte
6571
} catch (e) {
6672
expect(e.status).to.eql(404);
6773
}
74+
// Ensure AAD isn't broken
75+
await checkAAD({
76+
supertest,
77+
spaceId: space.id,
78+
type: 'alert',
79+
id: createdAlert.id,
80+
});
6881
break;
6982
default:
7083
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);

0 commit comments

Comments
 (0)