diff --git a/x-pack/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts b/x-pack/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts index 341cddb98d08d..4d57bc154444e 100644 --- a/x-pack/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts +++ b/x-pack/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts @@ -5,14 +5,15 @@ */ import { RequestHandler, RouteMethod } from 'src/core/server'; +import { AuthenticatedUser } from '../../../../security/server'; import { ReportingCore } from '../../core'; -import { ReportingUser } from '../../types'; import { getUserFactory } from './get_user'; const superuserRole = 'superuser'; +type ReportingRequestUser = AuthenticatedUser | false; export type RequestHandlerUser = RequestHandler extends (...a: infer U) => infer R - ? (user: ReportingUser, ...a: U) => R + ? (user: ReportingRequestUser, ...a: U) => R : never; export const authorizedUserPreRoutingFactory = function authorizedUserPreRoutingFn( @@ -22,7 +23,7 @@ export const authorizedUserPreRoutingFactory = function authorizedUserPreRouting const getUser = getUserFactory(setupDeps.security); return (handler: RequestHandlerUser): RequestHandler => { return (context, req, res) => { - let user: ReportingUser = false; + let user: ReportingRequestUser = false; if (setupDeps.security && setupDeps.security.license.isEnabled()) { // find the authenticated user, or null if security is not enabled user = getUser(req); diff --git a/x-pack/scripts/functional_tests.js b/x-pack/scripts/functional_tests.js index 205ff500a36ec..94a5fd4ed6784 100644 --- a/x-pack/scripts/functional_tests.js +++ b/x-pack/scripts/functional_tests.js @@ -56,7 +56,8 @@ const onlyNotInCoverageTests = [ require.resolve('../test/licensing_plugin/config.public.ts'), require.resolve('../test/licensing_plugin/config.legacy.ts'), require.resolve('../test/endpoint_api_integration_no_ingest/config.ts'), - require.resolve('../test/reporting_api_integration/config.js'), + require.resolve('../test/reporting_api_integration/reporting_and_security/config.ts'), + require.resolve('../test/reporting_api_integration/reporting_without_security/config.ts'), require.resolve('../test/security_solution_endpoint_api_int/config.ts'), require.resolve('../test/ingest_manager_api_integration/config.ts'), ]; diff --git a/x-pack/test/reporting_api_integration/config.js b/x-pack/test/reporting_api_integration/reporting_and_security.config.ts similarity index 90% rename from x-pack/test/reporting_api_integration/config.js rename to x-pack/test/reporting_api_integration/reporting_and_security.config.ts index 930c90da5637c..dc5aaba69604f 100644 --- a/x-pack/test/reporting_api_integration/config.js +++ b/x-pack/test/reporting_api_integration/reporting_and_security.config.ts @@ -5,10 +5,11 @@ */ import { esTestConfig, kbnTestConfig, kibanaServerTestUser } from '@kbn/test'; +import { FtrConfigProviderContext } from '@kbn/test/types/ftr'; import { format as formatUrl } from 'url'; import { ReportingAPIProvider } from './services'; -export default async function ({ readConfigFile }) { +export default async function ({ readConfigFile }: FtrConfigProviderContext) { const apiConfig = await readConfigFile(require.resolve('../api_integration/config')); const functionalConfig = await readConfigFile(require.resolve('../functional/config')); // Reporting API tests need a fully working UI @@ -23,7 +24,7 @@ export default async function ({ readConfigFile }) { return { servers: apiConfig.get('servers'), junit: { reportName: 'X-Pack Reporting API Integration Tests' }, - testFiles: [require.resolve('./reporting')], + testFiles: [require.resolve('./reporting_and_security')], services: { ...apiConfig.get('services'), reportingAPI: ReportingAPIProvider, diff --git a/x-pack/test/reporting_api_integration/reporting/constants.ts b/x-pack/test/reporting_api_integration/reporting_and_security/constants.ts similarity index 100% rename from x-pack/test/reporting_api_integration/reporting/constants.ts rename to x-pack/test/reporting_api_integration/reporting_and_security/constants.ts diff --git a/x-pack/test/reporting_api_integration/reporting/csv_job_params.ts b/x-pack/test/reporting_api_integration/reporting_and_security/csv_job_params.ts similarity index 100% rename from x-pack/test/reporting_api_integration/reporting/csv_job_params.ts rename to x-pack/test/reporting_api_integration/reporting_and_security/csv_job_params.ts diff --git a/x-pack/test/reporting_api_integration/reporting/csv_saved_search.ts b/x-pack/test/reporting_api_integration/reporting_and_security/csv_saved_search.ts similarity index 100% rename from x-pack/test/reporting_api_integration/reporting/csv_saved_search.ts rename to x-pack/test/reporting_api_integration/reporting_and_security/csv_saved_search.ts diff --git a/x-pack/test/reporting_api_integration/reporting/index.ts b/x-pack/test/reporting_api_integration/reporting_and_security/index.ts similarity index 100% rename from x-pack/test/reporting_api_integration/reporting/index.ts rename to x-pack/test/reporting_api_integration/reporting_and_security/index.ts diff --git a/x-pack/test/reporting_api_integration/reporting/network_policy.ts b/x-pack/test/reporting_api_integration/reporting_and_security/network_policy.ts similarity index 100% rename from x-pack/test/reporting_api_integration/reporting/network_policy.ts rename to x-pack/test/reporting_api_integration/reporting_and_security/network_policy.ts diff --git a/x-pack/test/reporting_api_integration/reporting/usage.ts b/x-pack/test/reporting_api_integration/reporting_and_security/usage.ts similarity index 100% rename from x-pack/test/reporting_api_integration/reporting/usage.ts rename to x-pack/test/reporting_api_integration/reporting_and_security/usage.ts diff --git a/x-pack/test/reporting_api_integration/reporting_without_security.config.ts b/x-pack/test/reporting_api_integration/reporting_without_security.config.ts new file mode 100644 index 0000000000000..b040040fc5114 --- /dev/null +++ b/x-pack/test/reporting_api_integration/reporting_without_security.config.ts @@ -0,0 +1,45 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { esTestConfig, kbnTestConfig } from '@kbn/test'; +import { FtrConfigProviderContext } from '@kbn/test/types/ftr'; +import { format as formatUrl } from 'url'; +import { ReportingAPIProvider } from './services'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const apiConfig = await readConfigFile(require.resolve('../api_integration/config')); + + return { + servers: apiConfig.get('servers'), + junit: { reportName: 'X-Pack Reporting Without Security API Integration Tests' }, + testFiles: [require.resolve('./reporting_without_security')], + services: { + ...apiConfig.get('services'), + reportingAPI: ReportingAPIProvider, + }, + esArchiver: apiConfig.get('esArchiver'), + esTestCluster: { + ...apiConfig.get('esTestCluster'), + serverArgs: [ + ...apiConfig.get('esTestCluster.serverArgs'), + 'node.name=UnsecuredClusterNode01', + 'xpack.security.enabled=false', + ], + }, + kbnTestServer: { + ...apiConfig.get('kbnTestServer'), + serverArgs: [ + `--elasticsearch.hosts=${formatUrl(esTestConfig.getUrlParts())}`, + `--logging.json=false`, + `--server.maxPayloadBytes=1679958`, + `--server.port=${kbnTestConfig.getPort()}`, + `--xpack.reporting.capture.maxAttempts=1`, + `--xpack.reporting.csv.maxSizeBytes=2850`, + `--xpack.security.enabled=false`, + ], + }, + }; +} diff --git a/x-pack/test/reporting_api_integration/reporting_without_security/index.ts b/x-pack/test/reporting_api_integration/reporting_without_security/index.ts new file mode 100644 index 0000000000000..09351a2c9907a --- /dev/null +++ b/x-pack/test/reporting_api_integration/reporting_without_security/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { FtrProviderContext } from '../ftr_provider_context'; + +// eslint-disable-next-line import/no-default-export +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Reporting APIs', function () { + this.tags('ciGroup2'); + loadTestFile(require.resolve('./job_apis')); + }); +} diff --git a/x-pack/test/reporting_api_integration/reporting_without_security/job_apis.ts b/x-pack/test/reporting_api_integration/reporting_without_security/job_apis.ts new file mode 100644 index 0000000000000..ab26f27076ebb --- /dev/null +++ b/x-pack/test/reporting_api_integration/reporting_without_security/job_apis.ts @@ -0,0 +1,126 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from '@kbn/expect'; +import { forOwn } from 'lodash'; +import { JOB_PARAMS_RISON } from '../fixtures'; +import { FtrProviderContext } from '../ftr_provider_context'; + +// eslint-disable-next-line import/no-default-export +export default function ({ getService }: FtrProviderContext) { + const esArchiver = getService('esArchiver'); + const supertestNoAuth = getService('supertestWithoutAuth'); + const reportingAPI = getService('reportingAPI'); + + describe('Job Listing APIs, Without Security', () => { + before(async () => { + await esArchiver.load('reporting/logs'); + await esArchiver.load('logstash_functional'); + }); + + after(async () => { + await esArchiver.unload('reporting/logs'); + await esArchiver.unload('logstash_functional'); + }); + + afterEach(async () => { + await reportingAPI.deleteAllReports(); + }); + + it('Posted CSV job is visible in the job count', async () => { + const { status: resStatus, text: resText } = await supertestNoAuth + .post(`/api/reporting/generate/csv`) + .set('kbn-xsrf', 'xxx') + .send({ jobParams: JOB_PARAMS_RISON }); + + expect(resStatus).to.be(200); + + const { job: resJob } = JSON.parse(resText); + const expectedResJob: Record = { + attempts: 0, + created_by: false, + jobtype: 'csv', + max_attempts: 1, + priority: 10, + status: 'pending', + timeout: 120000, + browser_type: 'chromium', // TODO: remove this field from the API response + // TODO: remove the payload field from the api respones + }; + forOwn(expectedResJob, (value: any, key: string) => { + expect(resJob[key]).to.eql(value, key); + }); + + // call the job count api + const { text: countText } = await supertestNoAuth + .get(`/api/reporting/jobs/count`) + .set('kbn-xsrf', 'xxx'); + + const countResult = JSON.parse(countText); + expect(countResult).to.be(1); + }); + + it('Posted CSV job is visible in the status check', async () => { + const { status: resStatus, text: resText } = await supertestNoAuth + .post(`/api/reporting/generate/csv`) + .set('kbn-xsrf', 'xxx') + .send({ jobParams: JOB_PARAMS_RISON }); + + expect(resStatus).to.be(200); + + const { job: resJob } = JSON.parse(resText); + // call the single job listing api (status check) + const { text: listText } = await supertestNoAuth + .get(`/api/reporting/jobs/list?page=0&ids=${resJob.id}`) + .set('kbn-xsrf', 'xxx'); + + const listingJobs = JSON.parse(listText); + const expectedListJob: Record = { + attempts: 0, + created_by: false, + jobtype: 'csv', + timeout: 120000, + browser_type: 'chromium', + }; + forOwn(expectedListJob, (value: any, key: string) => { + expect(listingJobs[0]._source[key]).to.eql(value, key); + }); + + expect(listingJobs.length).to.be(1); + expect(listingJobs[0]._id).to.be(resJob.id); + }); + + it('Posted CSV job is visible in the first page of jobs listing', async () => { + const { status: resStatus, text: resText } = await supertestNoAuth + .post(`/api/reporting/generate/csv`) + .set('kbn-xsrf', 'xxx') + .send({ jobParams: JOB_PARAMS_RISON }); + + expect(resStatus).to.be(200); + + const { job: resJob } = JSON.parse(resText); + // call the ALL job listing api + const { text: listText } = await supertestNoAuth + .get(`/api/reporting/jobs/list?page=0`) + .set('kbn-xsrf', 'xxx'); + + const listingJobs = JSON.parse(listText); + const expectedListJob: Record = { + attempts: 0, + created_by: false, + jobtype: 'csv', + timeout: 120000, + browser_type: 'chromium', + }; + forOwn(expectedListJob, (value: any, key: string) => { + expect(listingJobs[0]._source[key]).to.eql(value, key); + }); + + expect(listingJobs.length).to.be(1); + expect(listingJobs[0]._id).to.be(resJob.id); + }); + }); +} diff --git a/x-pack/test/reporting_api_integration/services.ts b/x-pack/test/reporting_api_integration/services.ts index f98d8246fc01e..e61e6483855af 100644 --- a/x-pack/test/reporting_api_integration/services.ts +++ b/x-pack/test/reporting_api_integration/services.ts @@ -186,6 +186,7 @@ export function ReportingAPIProvider({ getService }: FtrProviderContext) { export const services = { ...xpackServices, + supertestWithoutAuth: apiIntegrationServices.supertestWithoutAuth, usageAPI: apiIntegrationServices.usageAPI, reportingAPI: ReportingAPIProvider, };