[SECURITY] Remove flakiness around edit user #117558
Conversation
XavierM
added
chore
Team:Security
|
@elasticmachine merge upstream |
|
Pinging @elastic/kibana-security (Team:Security) |
jportner
added
the
release_note:skip
x-pack/plugins/security/public/management/users/edit_user/change_password_flyout.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/security/public/management/users/edit_user/change_password_flyout.test.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/security/public/management/users/edit_user/change_password_flyout.test.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/security/public/management/users/edit_user/change_password_flyout.test.tsx
Outdated
Show resolved
Hide resolved
x-pack/plugins/security/public/management/users/edit_user/user_form.tsx
Outdated
Show resolved
Hide resolved
| username: 'test_user', | ||
| password: 'changeme', |
There was a problem hiding this comment.
I did some digging to see exactly where this user's credentials are defined. It's here:
kibana/test/common/services/security/test_user.ts
Lines 18 to 19 in 60340b5
Docs: https://www.elastic.co/guide/en/kibana/8.0/development-tests.html#_using_the_test_user_service
However, we have a different adminTestUser that is used in our security API integration tests:
These are defined by the @kbn/test package, they can apparently be changed with environment variables and may be different for Cloud testing:
kibana/packages/kbn-test/src/kbn/users.ts
Lines 9 to 24 in 6693ef3
All that said, using the hardcoded test_user / changeme in this file makes me a bit nervous because 1. I'm not sure if the tests will always be executed with the user defined in test_user.ts, and 2. even so, if that user changes, then this test will fail.
So, maybe we should just export the test username/password from that file so it can be used here, and just call it a day. But I want to know what @azasypkin thinks, in case I'm missing anything else RE: Cloud testing.
There was a problem hiding this comment.
All that said, using the hardcoded test_user / changeme in this file makes me a bit nervous
Yeah, I share the same concern, but mostly because I treat service test users as immutable to avoid any side effects for the following tests. Is there any reason why we cannot do something like this (semi pseudo-code)?
const user = {
username: 'throw-away-user',
password: 'changeme',
new_password: 'changeme',
confirm_password: 'changeme',
roles: ['kibana_admin'],
};
// The API integration tests service to create through API, not UI
await security.user.create(user.username, {
password: user.password,
roles: user.roles,
full_name: 'Admin',
});
// Re-login (should be pretty stable)
await PageObjects.security.forceLogout();
// OR `PageObjects.security.login` that's even simpler to use
await PageObjects.security.loginSelector.login('basic', 'basic', {
username: user.username, password: user.password
});
await PageObjects.security.updateUserPassword(user, true);
// Make sure new password works.
await PageObjects.security.forceLogout();
await PageObjects.security.loginSelector.login('basic', 'basic', {
username: user.username, password: user.new_password
});There was a problem hiding this comment.
I was just trying to be lazy here :) since I was not changing the password, but if everyone is concerned about it, I will just login using optionalUser. Not a problem
There was a problem hiding this comment.
Yeah my main concern is that we might break Cloud tests. If we do that, we don't find out until after the fact, and it's just a whole thing. Safer to do what Oleg suggested.
There was a problem hiding this comment.
Also I am not going to test if the new password works, I am assuming that we should have API integration for that. What I want to test here that when I am logging as a current user and I am changing my password, and I will have a text field asking for my current password and then I can change my password. We do not want to do too much in one test.
There was a problem hiding this comment.
Agreed, that makes sense to me
There was a problem hiding this comment.
What I want to test here that when I am logging as a current user and I am changing my password, and I will have a text field asking for my current password and then I can change my password. We do not want to do too much in one test.
Sounds good to me as well. Would you mind keeping this comment in the test as well? It'd help future readers to understand what we want to test exactly here.
|
Since I changed some of the functional test, I am re-running flaky suite test We are good here 🟢 |
💚 Build Succeeded
Metrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: |
XavierM
added
the
auto-backport
* wip * convert flaky jest test to functional test * improvement from review * fix * fix i18n Co-authored-by: Kibana Machine <[email protected]>
💔 Backport failed
Successful backport PRs will be merged automatically after passing CI. To backport manually run: |
* wip * convert flaky jest test to functional test * improvement from review * fix * fix i18n Co-authored-by: Kibana Machine <[email protected]> Co-authored-by: Xavier Mouligneau <[email protected]>
* wip * convert flaky jest test to functional test * improvement from review * fix * fix i18n Co-authored-by: Kibana Machine <[email protected]>
* [SECURITY] Remove flakiness around edit user (#117558) * wip * convert flaky jest test to functional test * improvement from review * fix * fix i18n Co-authored-by: Kibana Machine <[email protected]> * wrong file type * fix merged Co-authored-by: Kibana Machine <[email protected]>
Summary
Resolves: #115473
Checklist