[Alerting] allow email action to not require auth

pmuellr · pmuellr · commit 9dcc8c799e02 · 2020-03-20T20:15:26.000-04:00
resolves #57143 Currently, the built-in email action requires user/password properties to be set in it's secrets parameters. This PR changes that requirement, so they are no longer required.
diff --git a/x-pack/plugins/actions/server/builtin_action_types/email.test.ts b/x-pack/plugins/actions/server/builtin_action_types/email.test.ts
@@ -184,12 +184,14 @@ describe('secrets validation', () => {
     expect(validateSecrets(actionType, secrets)).toEqual(secrets);
   });
 
-  test('secrets validation fails when secrets is not valid', () => {
-    expect(() => {
-      validateSecrets(actionType, {});
-    }).toThrowErrorMatchingInlineSnapshot(
-      `"error validating action type secrets: [user]: expected value of type [string] but got [undefined]"`
-    );
+  test('secrets validation succeeds when secrets props are null/undefined', () => {
+    const secrets: Record<string, any> = {
+      user: null,
+      password: null,
+    };
+    expect(validateSecrets(actionType, {})).toEqual(secrets);
+    expect(validateSecrets(actionType, { user: null })).toEqual(secrets);
+    expect(validateSecrets(actionType, { password: null })).toEqual(secrets);
   });
 });
 
diff --git a/x-pack/plugins/actions/server/builtin_action_types/email.ts b/x-pack/plugins/actions/server/builtin_action_types/email.ts
@@ -10,7 +10,6 @@ import { schema, TypeOf } from '@kbn/config-schema';
 import nodemailerGetService from 'nodemailer/lib/well-known';
 
 import { sendEmail, JSON_TRANSPORT_SERVICE } from './lib/send_email';
-import { nullableType } from './lib/nullable';
 import { portSchema } from './lib/schemas';
 import { Logger } from '../../../../../src/core/server';
 import { ActionType, ActionTypeExecutorOptions, ActionTypeExecutorResult } from '../types';
@@ -20,10 +19,10 @@ import { ActionsConfigurationUtilities } from '../actions_config';
 export type ActionTypeConfigType = TypeOf<typeof ConfigSchema>;
 
 const ConfigSchemaProps = {
-  service: nullableType(schema.string()),
-  host: nullableType(schema.string()),
-  port: nullableType(portSchema()),
-  secure: nullableType(schema.boolean()),
+  service: schema.nullable(schema.string()),
+  host: schema.nullable(schema.string()),
+  port: schema.nullable(portSchema()),
+  secure: schema.nullable(schema.boolean()),
   from: schema.string(),
 };
 
@@ -75,8 +74,8 @@ function validateConfig(
 export type ActionTypeSecretsType = TypeOf<typeof SecretsSchema>;
 
 const SecretsSchema = schema.object({
-  user: schema.string(),
-  password: schema.string(),
+  user: schema.nullable(schema.string()),
+  password: schema.nullable(schema.string()),
 });
 
 // params definition
@@ -144,10 +143,14 @@ async function executor(
   const secrets = execOptions.secrets as ActionTypeSecretsType;
   const params = execOptions.params as ActionParamsType;
 
-  const transport: any = {
-    user: secrets.user,
-    password: secrets.password,
-  };
+  const transport: any = {};
+
+  if (secrets.user != null) {
+    transport.user = secrets.user;
+  }
+  if (secrets.password != null) {
+    transport.password = secrets.password;
+  }
 
   if (config.service !== null) {
     transport.service = config.service;
diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/email.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/email.ts
@@ -227,5 +227,61 @@ export default function emailTest({ getService }: FtrProviderContext) {
         .expect(200);
       expect(typeof createdAction.id).to.be('string');
     });
+
+    it('should handle an email action with no auth', async () => {
+      const { body: createdAction } = await supertest
+        .post('/api/action')
+        .set('kbn-xsrf', 'foo')
+        .send({
+          name: 'An email action with no auth',
+          actionTypeId: '.email',
+          config: {
+            service: '__json',
+            from: 'jim@example.com',
+          },
+        })
+        .expect(200);
+
+      await supertest
+        .post(`/api/action/${createdAction.id}/_execute`)
+        .set('kbn-xsrf', 'foo')
+        .send({
+          params: {
+            to: ['kibana-action-test@elastic.co'],
+            subject: 'email-subject',
+            message: 'email-message',
+          },
+        })
+        .expect(200)
+        .then((resp: any) => {
+          expect(resp.body.data.message.messageId).to.be.a('string');
+          expect(resp.body.data.messageId).to.be.a('string');
+
+          delete resp.body.data.message.messageId;
+          delete resp.body.data.messageId;
+
+          expect(resp.body.data).to.eql({
+            envelope: {
+              from: 'jim@example.com',
+              to: ['kibana-action-test@elastic.co'],
+            },
+            message: {
+              from: { address: 'jim@example.com', name: '' },
+              to: [
+                {
+                  address: 'kibana-action-test@elastic.co',
+                  name: '',
+                },
+              ],
+              cc: null,
+              bcc: null,
+              subject: 'email-subject',
+              html: '<p>email-message</p>\n',
+              text: 'email-message',
+              headers: {},
+            },
+          });
+        });
+    });
   });
 }
