-
Notifications
You must be signed in to change notification settings - Fork 24.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Query API key - Rest spec and yaml tests (#76238)
This PR adds Rest API spec and related yaml tests for the new Query API key API. Relates: #71023
- Loading branch information
Showing
2 changed files
with
258 additions
and
0 deletions.
There are no files selected for viewing
30 changes: 30 additions & 0 deletions
30
rest-api-spec/src/main/resources/rest-api-spec/api/security.query_api_keys.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| { | ||
| "security.query_api_keys":{ | ||
| "documentation":{ | ||
| "url":"https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-query-api-key.html", | ||
| "description":"Retrieves information for API keys using a subset of query DSL" | ||
| }, | ||
| "stability":"stable", | ||
| "visibility":"public", | ||
| "headers":{ | ||
| "accept": [ "application/json"], | ||
| "content_type": ["application/json"] | ||
| }, | ||
| "url":{ | ||
| "paths":[ | ||
| { | ||
| "path":"/_security/_query/api_key", | ||
| "methods":[ | ||
| "GET", | ||
| "POST" | ||
| ] | ||
| } | ||
| ] | ||
| }, | ||
| "params":{}, | ||
| "body":{ | ||
| "description":"From, size, query, sort and search_after", | ||
| "required":false | ||
| } | ||
| } | ||
| } |
228 changes: 228 additions & 0 deletions
228
x-pack/plugin/src/yamlRestTest/resources/rest-api-spec/test/api_key/20_query.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,228 @@ | ||
| --- | ||
| setup: | ||
| - skip: | ||
| features: headers | ||
|
|
||
| - do: | ||
| cluster.health: | ||
| wait_for_status: yellow | ||
|
|
||
| - do: | ||
| security.put_role: | ||
| name: "admin_role" | ||
| body: > | ||
| { | ||
| "cluster": ["manage_api_key"] | ||
| } | ||
| - do: | ||
| security.put_role: | ||
| name: "user_role" | ||
| body: > | ||
| { | ||
| "cluster": ["manage_own_api_key"] | ||
| } | ||
| - do: | ||
| security.put_user: | ||
| username: "api_key_manager" | ||
| body: > | ||
| { | ||
| "password" : "x-pack-test-password", | ||
| "roles" : [ "admin_role" ], | ||
| "full_name" : "API key manager" | ||
| } | ||
| - do: | ||
| security.put_user: | ||
| username: "api_key_user_1" | ||
| body: > | ||
| { | ||
| "password" : "x-pack-test-password", | ||
| "roles" : [ "user_role" ], | ||
| "full_name" : "API key user 1" | ||
| } | ||
| - do: | ||
| security.put_user: | ||
| username: "api_key_user_2" | ||
| body: > | ||
| { | ||
| "password" : "x-pack-test-password", | ||
| "roles" : [ "user_role" ], | ||
| "full_name" : "API key user 2" | ||
| } | ||
| --- | ||
| teardown: | ||
| - do: | ||
| security.delete_role: | ||
| name: "admin_role" | ||
| ignore: 404 | ||
|
|
||
| - do: | ||
| security.delete_role: | ||
| name: "use_role" | ||
| ignore: 404 | ||
|
|
||
| - do: | ||
| security.delete_user: | ||
| username: "api_key_user_1" | ||
| ignore: 404 | ||
|
|
||
| - do: | ||
| security.delete_user: | ||
| username: "api_key_user_2" | ||
| ignore: 404 | ||
| - do: | ||
| security.delete_user: | ||
| username: "api_key_manager" | ||
| ignore: 404 | ||
|
|
||
| --- | ||
| "Test query api key": | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV9tYW5hZ2VyOngtcGFjay10ZXN0LXBhc3N3b3Jk" # api_key_manager | ||
| security.create_api_key: | ||
| body: > | ||
| { | ||
| "name": "manager-api-key", | ||
| "expiration": "10d", | ||
| "metadata": { | ||
| "letter": "a", | ||
| "number": 42 | ||
| } | ||
| } | ||
| - match: { name: "manager-api-key" } | ||
| - set: { id: manager_key_id } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV91c2VyXzE6eC1wYWNrLXRlc3QtcGFzc3dvcmQ=" # api_key_user_1 | ||
| security.create_api_key: | ||
| body: > | ||
| { | ||
| "name": "user1-api-key", | ||
| "expiration": "1d", | ||
| "metadata": { | ||
| "letter": "a", | ||
| "number": 1 | ||
| } | ||
| } | ||
| - match: { name: "user1-api-key" } | ||
| - set: { id: user1_key_id } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV91c2VyXzI6eC1wYWNrLXRlc3QtcGFzc3dvcmQ=" # api_key_user_2 | ||
| security.create_api_key: | ||
| body: > | ||
| { | ||
| "name": "user2-api-key", | ||
| "expiration": "1d", | ||
| "metadata": { | ||
| "letter": "b", | ||
| "number": 42 | ||
| } | ||
| } | ||
| - match: { name: "user2-api-key" } | ||
| - set: { id: user2_key_id } | ||
|
|
||
| # empty body works just like match_all | ||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV9tYW5hZ2VyOngtcGFjay10ZXN0LXBhc3N3b3Jk" # api_key_manager | ||
| security.query_api_keys: | ||
| body: {} | ||
| - match: { total: 3 } | ||
| - match: { count: 3 } | ||
|
|
||
| # match_all | ||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV91c2VyXzE6eC1wYWNrLXRlc3QtcGFzc3dvcmQ=" # api_key_user_1 | ||
| security.query_api_keys: | ||
| body: > | ||
| { | ||
| "query": { "match_all": {} } | ||
| } | ||
| - match: { total: 1 } | ||
| - match: { count: 1 } | ||
| - match: { api_keys.0.id: "${user1_key_id}" } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV91c2VyXzI6eC1wYWNrLXRlc3QtcGFzc3dvcmQ=" # api_key_user_2 | ||
| security.query_api_keys: | ||
| body: > | ||
| { | ||
| "query": { "wildcard": {"name": "user*"} } | ||
| } | ||
| - match: { total: 1 } | ||
| - match: { count: 1 } | ||
| - match: { api_keys.0.id: "${user2_key_id}" } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV9tYW5hZ2VyOngtcGFjay10ZXN0LXBhc3N3b3Jk" # api_key_manager | ||
| security.query_api_keys: | ||
| body: > | ||
| { | ||
| "query": { "wildcard": {"name": "user*"} }, | ||
| "sort": [ {"creation": {"order": "desc"}} ], | ||
| "from": 1, | ||
| "size": 1 | ||
| } | ||
| - match: { total: 2 } | ||
| - match: { count: 1 } | ||
| - match: { api_keys.0.id: "${user1_key_id}" } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV9tYW5hZ2VyOngtcGFjay10ZXN0LXBhc3N3b3Jk" # api_key_manager | ||
| security.query_api_keys: | ||
| body: > | ||
| { | ||
| "query": { "wildcard": {"name": "*key"} }, | ||
| "sort": [ "expiration", "username" ], | ||
| "size": 1 | ||
| } | ||
| - match: { total: 3 } | ||
| - match: { count: 1 } | ||
| - match: { api_keys.0.id: "${user1_key_id}" } | ||
| - set: { api_keys.0.expiration: expiration0 } | ||
| - set: { api_keys.0.username: username0 } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV9tYW5hZ2VyOngtcGFjay10ZXN0LXBhc3N3b3Jk" # api_key_manager | ||
| security.query_api_keys: | ||
| body: > | ||
| { | ||
| "query": { "wildcard": {"name": "*key"} }, | ||
| "sort": [ "expiration", "username" ], | ||
| "size": 1, | ||
| "search_after": [ "${expiration0}", "${username0}" ] | ||
| } | ||
| - match: { total: 3 } | ||
| - match: { count: 1 } | ||
| - match: { api_keys.0.id: "${user2_key_id}" } | ||
| - set: { api_keys.0.expiration: expiration1 } | ||
| - set: { api_keys.0.username: username1 } | ||
|
|
||
| - do: | ||
| headers: | ||
| Authorization: "Basic YXBpX2tleV9tYW5hZ2VyOngtcGFjay10ZXN0LXBhc3N3b3Jk" # api_key_manager | ||
| security.query_api_keys: | ||
| body: > | ||
| { | ||
| "query": { "wildcard": {"name": "*key"} }, | ||
| "sort": [ "expiration", "username" ], | ||
| "size": 1, | ||
| "search_after": [ "${expiration1}", "${username1}" ] | ||
| } | ||
| - match: { total: 3 } | ||
| - match: { count: 1 } | ||
| - match: { api_keys.0.id: "${manager_key_id}" } |