From 21be31aa0561e81716c774353aa9ad46945f135b Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Fri, 11 May 2018 06:42:46 -0700 Subject: [PATCH 01/17] WIP checkin --- .../check_license/__tests__/check_license.js | 180 ++++++++++++++++++ .../server/lib/check_license/check_license.js | 69 +++++++ .../beats/server/lib/check_license/index.js | 7 + .../__tests__/wrap_custom_error.js | 21 ++ .../error_wrappers/__tests__/wrap_es_error.js | 41 ++++ .../__tests__/wrap_unknown_error.js | 19 ++ .../lib/error_wrappers/wrap_custom_error.js | 18 ++ .../lib/error_wrappers/wrap_unknown_error.js | 17 ++ .../__tests__/license_pre_routing_factory.js | 72 +++++++ .../lib/license_pre_routing_factory/index.js | 7 + .../license_pre_routing_factory.js | 28 +++ .../lib/register_license_checker/index.js | 7 + .../register_license_checker.js | 21 ++ .../api/register_disenroll_beats_route.js | 0 .../routes/api/register_enroll_beats_route.js | 0 .../routes/api/register_verify_beats_route.js | 0 16 files changed, 507 insertions(+) create mode 100644 x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js create mode 100644 x-pack/plugins/beats/server/lib/check_license/check_license.js create mode 100644 x-pack/plugins/beats/server/lib/check_license/index.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js create mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js create mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js create mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js create mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/index.js create mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js create mode 100644 x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js create mode 100644 x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js create mode 100644 x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js diff --git a/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js b/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js new file mode 100644 index 0000000000000..449ff3a60b9e7 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js @@ -0,0 +1,180 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { set } from 'lodash'; +import { checkLicense } from '../check_license'; + +describe('check_license', function () { + + let mockLicenseInfo; + beforeEach(() => mockLicenseInfo = {}); + + describe('license information is undefined', () => { + beforeEach(() => mockLicenseInfo = undefined); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + + describe('license information is not available', () => { + beforeEach(() => mockLicenseInfo.isAvailable = () => false); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + + describe('license information is available', () => { + beforeEach(() => { + mockLicenseInfo.isAvailable = () => true; + set(mockLicenseInfo, 'license.getType', () => 'basic'); + }); + + describe('& license is trial, standard, gold, platinum', () => { + beforeEach(() => { + set(mockLicenseInfo, 'license.isOneOf', () => true); + mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled + }); + + describe('& license is active', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); + + it('should set isAvailable to true', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); + }); + + it ('should set enableLinks to true', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should not set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.be(undefined); + }); + }); + + describe('& license is expired', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); + + it('should set isAvailable to true', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); + }); + + it ('should set enableLinks to true', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); + }); + + it ('should set isReadOnly to true', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(true); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + }); + + describe('& license is basic', () => { + beforeEach(() => { + set(mockLicenseInfo, 'license.isOneOf', () => false); + mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled + }); + + describe('& license is active', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it ('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + + describe('& license is expired', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it ('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + }); + + describe('& security is disabled', () => { + beforeEach(() => { + mockLicenseInfo.feature = () => ({ isEnabled: () => false }); // Security feature is disabled + set(mockLicenseInfo, 'license.isOneOf', () => true); + set(mockLicenseInfo, 'license.isActive', () => true); + }); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it ('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/check_license/check_license.js b/x-pack/plugins/beats/server/lib/check_license/check_license.js new file mode 100644 index 0000000000000..aa1704cc02730 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/check_license/check_license.js @@ -0,0 +1,69 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export function checkLicense(xpackLicenseInfo) { + // If, for some reason, we cannot get the license information + // from Elasticsearch, assume worst case and disable the Logstash pipeline UI + if (!xpackLicenseInfo || !xpackLicenseInfo.isAvailable()) { + return { + isAvailable: false, + enableLinks: false, + isReadOnly: false, + message: 'You cannot manage Logstash pipelines because license information is not available at this time.' + }; + } + + const VALID_LICENSE_MODES = [ + 'trial', + 'standard', + 'gold', + 'platinum' + ]; + + const isLicenseModeValid = xpackLicenseInfo.license.isOneOf(VALID_LICENSE_MODES); + const isLicenseActive = xpackLicenseInfo.license.isActive(); + const licenseType = xpackLicenseInfo.license.getType(); + const isSecurityEnabled = xpackLicenseInfo.feature('security').isEnabled(); + + // Security is not enabled in ES + if (!isSecurityEnabled) { + const message = 'Security must be enabled in order to use Logstash pipeline management features.' + + ' Please set xpack.security.enabled: true in your elasticsearch.yml.'; + return { + isAvailable: false, + enableLinks: false, + isReadOnly: false, + message + }; + } + + // License is not valid + if (!isLicenseModeValid) { + return { + isAvailable: false, + enableLinks: false, + isReadOnly: false, + message: `Your ${licenseType} license does not support Logstash pipeline management features. Please upgrade your license.` + }; + } + + // License is valid but not active, we go into a read-only mode. + if (!isLicenseActive) { + return { + isAvailable: true, + enableLinks: true, + isReadOnly: true, + message: `You cannot edit, create, or delete your Logstash pipelines because your ${licenseType} license has expired.` + }; + } + + // License is valid and active + return { + isAvailable: true, + enableLinks: true, + isReadOnly: false + }; +} diff --git a/x-pack/plugins/beats/server/lib/check_license/index.js b/x-pack/plugins/beats/server/lib/check_license/index.js new file mode 100644 index 0000000000000..f2c070fd44b6e --- /dev/null +++ b/x-pack/plugins/beats/server/lib/check_license/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { checkLicense } from './check_license'; diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js new file mode 100644 index 0000000000000..443744ccb0cc8 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { wrapCustomError } from '../wrap_custom_error'; + +describe('wrap_custom_error', () => { + describe('#wrapCustomError', () => { + it('should return a Boom object', () => { + const originalError = new Error('I am an error'); + const statusCode = 404; + const wrappedError = wrapCustomError(originalError, statusCode); + + expect(wrappedError.isBoom).to.be(true); + expect(wrappedError.output.statusCode).to.equal(statusCode); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js new file mode 100644 index 0000000000000..f1b956bdcc3bb --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { wrapEsError } from '../wrap_es_error'; + +describe('wrap_es_error', () => { + describe('#wrapEsError', () => { + + let originalError; + beforeEach(() => { + originalError = new Error('I am an error'); + originalError.statusCode = 404; + }); + + it('should return a Boom object', () => { + const wrappedError = wrapEsError(originalError); + + expect(wrappedError.isBoom).to.be(true); + }); + + it('should return the correct Boom object', () => { + const wrappedError = wrapEsError(originalError); + + expect(wrappedError.output.statusCode).to.be(originalError.statusCode); + expect(wrappedError.output.payload.message).to.be(originalError.message); + }); + + it('should return invalid permissions message for 403 errors', () => { + const securityError = new Error('I am an error'); + securityError.statusCode = 403; + const wrappedError = wrapEsError(securityError); + + expect(wrappedError.isBoom).to.be(true); + expect(wrappedError.message).to.be('Insufficient user permissions for managing Logstash pipelines'); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js new file mode 100644 index 0000000000000..6d6a336417bef --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { wrapUnknownError } from '../wrap_unknown_error'; + +describe('wrap_unknown_error', () => { + describe('#wrapUnknownError', () => { + it('should return a Boom object', () => { + const originalError = new Error('I am an error'); + const wrappedError = wrapUnknownError(originalError); + + expect(wrappedError.isBoom).to.be(true); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js new file mode 100644 index 0000000000000..890a366ac65c1 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import Boom from 'boom'; + +/** + * Wraps a custom error into a Boom error response and returns it + * + * @param err Object error + * @param statusCode Error status code + * @return Object Boom error response + */ +export function wrapCustomError(err, statusCode) { + return Boom.wrap(err, statusCode); +} diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js new file mode 100644 index 0000000000000..b0cdced7adbef --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import Boom from 'boom'; + +/** + * Wraps an unknown error into a Boom error response and returns it + * + * @param err Object Unknown error + * @return Object Boom error response + */ +export function wrapUnknownError(err) { + return Boom.wrap(err); +} diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js new file mode 100644 index 0000000000000..c543d79814dd3 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js @@ -0,0 +1,72 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { licensePreRoutingFactory } from '../license_pre_routing_factory'; + +describe('license_pre_routing_factory', () => { + describe('#logstashFeaturePreRoutingFactory', () => { + let mockServer; + let mockLicenseCheckResults; + + beforeEach(() => { + mockServer = { + plugins: { + xpack_main: { + info: { + feature: () => ({ + getLicenseCheckResults: () => mockLicenseCheckResults + }) + } + } + } + }; + }); + + it('only instantiates one instance per server', () => { + const firstInstance = licensePreRoutingFactory(mockServer); + const secondInstance = licensePreRoutingFactory(mockServer); + + expect(firstInstance).to.be(secondInstance); + }); + + describe('isAvailable is false', () => { + beforeEach(() => { + mockLicenseCheckResults = { + isAvailable: false + }; + }); + + it ('replies with 403', (done) => { + const licensePreRouting = licensePreRoutingFactory(mockServer); + const stubRequest = {}; + licensePreRouting(stubRequest, (response) => { + expect(response).to.be.an(Error); + expect(response.isBoom).to.be(true); + expect(response.output.statusCode).to.be(403); + done(); + }); + }); + }); + + describe('isAvailable is true', () => { + beforeEach(() => { + mockLicenseCheckResults = { + isAvailable: true + }; + }); + + it ('replies with nothing', (done) => { + const licensePreRouting = licensePreRoutingFactory(mockServer); + const stubRequest = {}; + licensePreRouting(stubRequest, (response) => { + expect(response).to.be(undefined); + done(); + }); + }); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js new file mode 100644 index 0000000000000..0743e443955f4 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { licensePreRoutingFactory } from './license_pre_routing_factory'; diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js new file mode 100644 index 0000000000000..4ae31f692bfd7 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { once } from 'lodash'; +import { wrapCustomError } from '../error_wrappers'; +import { PLUGIN } from '../../../common/constants'; + +export const licensePreRoutingFactory = once((server) => { + const xpackMainPlugin = server.plugins.xpack_main; + + // License checking and enable/disable logic + function licensePreRouting(request, reply) { + const licenseCheckResults = xpackMainPlugin.info.feature(PLUGIN.ID).getLicenseCheckResults(); + if (!licenseCheckResults.isAvailable) { + const error = new Error(licenseCheckResults.message); + const statusCode = 403; + const wrappedError = wrapCustomError(error, statusCode); + reply(wrappedError); + } else { + reply(); + } + } + + return licensePreRouting; +}); diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/index.js b/x-pack/plugins/beats/server/lib/register_license_checker/index.js new file mode 100644 index 0000000000000..7b0f97c38d129 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/register_license_checker/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { registerLicenseChecker } from './register_license_checker'; diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js b/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js new file mode 100644 index 0000000000000..8a17fb2eea497 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { mirrorPluginStatus } from '../../../../../server/lib/mirror_plugin_status'; +import { checkLicense } from '../check_license'; +import { PLUGIN } from '../../../common/constants'; + +export function registerLicenseChecker(server) { + const xpackMainPlugin = server.plugins.xpack_main; + const logstashPlugin = server.plugins.logstash; + + mirrorPluginStatus(xpackMainPlugin, logstashPlugin); + xpackMainPlugin.status.once('green', () => { + // Register a function that is called whenever the xpack info changes, + // to re-compute the license check results for this plugin + xpackMainPlugin.info.feature(PLUGIN.ID).registerLicenseCheckResultsGenerator(checkLicense); + }); +} diff --git a/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js new file mode 100644 index 0000000000000..e69de29bb2d1d From af197f86810636858008d7b2e9f662f348f27ddd Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Sat, 12 May 2018 06:55:32 -0700 Subject: [PATCH 02/17] Add API integration test --- .../check_license/__tests__/check_license.js | 180 ------------------ .../server/lib/check_license/check_license.js | 69 ------- .../beats/server/lib/check_license/index.js | 7 - .../__tests__/wrap_custom_error.js | 21 -- .../__tests__/wrap_unknown_error.js | 19 -- .../lib/error_wrappers/wrap_custom_error.js | 18 -- .../lib/error_wrappers/wrap_unknown_error.js | 17 -- .../__tests__/license_pre_routing_factory.js | 72 ------- .../lib/license_pre_routing_factory/index.js | 7 - .../license_pre_routing_factory.js | 28 --- .../lib/register_license_checker/index.js | 7 - .../register_license_checker.js | 21 -- .../api/register_disenroll_beats_route.js | 0 .../routes/api/register_enroll_beats_route.js | 0 .../routes/api/register_verify_beats_route.js | 0 15 files changed, 466 deletions(-) delete mode 100644 x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js delete mode 100644 x-pack/plugins/beats/server/lib/check_license/check_license.js delete mode 100644 x-pack/plugins/beats/server/lib/check_license/index.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js delete mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js delete mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js delete mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js delete mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/index.js delete mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js delete mode 100644 x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js delete mode 100644 x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js delete mode 100644 x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js diff --git a/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js b/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js deleted file mode 100644 index 449ff3a60b9e7..0000000000000 --- a/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { set } from 'lodash'; -import { checkLicense } from '../check_license'; - -describe('check_license', function () { - - let mockLicenseInfo; - beforeEach(() => mockLicenseInfo = {}); - - describe('license information is undefined', () => { - beforeEach(() => mockLicenseInfo = undefined); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('license information is not available', () => { - beforeEach(() => mockLicenseInfo.isAvailable = () => false); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('license information is available', () => { - beforeEach(() => { - mockLicenseInfo.isAvailable = () => true; - set(mockLicenseInfo, 'license.getType', () => 'basic'); - }); - - describe('& license is trial, standard, gold, platinum', () => { - beforeEach(() => { - set(mockLicenseInfo, 'license.isOneOf', () => true); - mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled - }); - - describe('& license is active', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it ('should set enableLinks to true', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should not set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.be(undefined); - }); - }); - - describe('& license is expired', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it ('should set enableLinks to true', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); - }); - - it ('should set isReadOnly to true', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(true); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); - - describe('& license is basic', () => { - beforeEach(() => { - set(mockLicenseInfo, 'license.isOneOf', () => false); - mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled - }); - - describe('& license is active', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it ('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('& license is expired', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it ('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); - - describe('& security is disabled', () => { - beforeEach(() => { - mockLicenseInfo.feature = () => ({ isEnabled: () => false }); // Security feature is disabled - set(mockLicenseInfo, 'license.isOneOf', () => true); - set(mockLicenseInfo, 'license.isActive', () => true); - }); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it ('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/check_license/check_license.js b/x-pack/plugins/beats/server/lib/check_license/check_license.js deleted file mode 100644 index aa1704cc02730..0000000000000 --- a/x-pack/plugins/beats/server/lib/check_license/check_license.js +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export function checkLicense(xpackLicenseInfo) { - // If, for some reason, we cannot get the license information - // from Elasticsearch, assume worst case and disable the Logstash pipeline UI - if (!xpackLicenseInfo || !xpackLicenseInfo.isAvailable()) { - return { - isAvailable: false, - enableLinks: false, - isReadOnly: false, - message: 'You cannot manage Logstash pipelines because license information is not available at this time.' - }; - } - - const VALID_LICENSE_MODES = [ - 'trial', - 'standard', - 'gold', - 'platinum' - ]; - - const isLicenseModeValid = xpackLicenseInfo.license.isOneOf(VALID_LICENSE_MODES); - const isLicenseActive = xpackLicenseInfo.license.isActive(); - const licenseType = xpackLicenseInfo.license.getType(); - const isSecurityEnabled = xpackLicenseInfo.feature('security').isEnabled(); - - // Security is not enabled in ES - if (!isSecurityEnabled) { - const message = 'Security must be enabled in order to use Logstash pipeline management features.' - + ' Please set xpack.security.enabled: true in your elasticsearch.yml.'; - return { - isAvailable: false, - enableLinks: false, - isReadOnly: false, - message - }; - } - - // License is not valid - if (!isLicenseModeValid) { - return { - isAvailable: false, - enableLinks: false, - isReadOnly: false, - message: `Your ${licenseType} license does not support Logstash pipeline management features. Please upgrade your license.` - }; - } - - // License is valid but not active, we go into a read-only mode. - if (!isLicenseActive) { - return { - isAvailable: true, - enableLinks: true, - isReadOnly: true, - message: `You cannot edit, create, or delete your Logstash pipelines because your ${licenseType} license has expired.` - }; - } - - // License is valid and active - return { - isAvailable: true, - enableLinks: true, - isReadOnly: false - }; -} diff --git a/x-pack/plugins/beats/server/lib/check_license/index.js b/x-pack/plugins/beats/server/lib/check_license/index.js deleted file mode 100644 index f2c070fd44b6e..0000000000000 --- a/x-pack/plugins/beats/server/lib/check_license/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { checkLicense } from './check_license'; diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js deleted file mode 100644 index 443744ccb0cc8..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { wrapCustomError } from '../wrap_custom_error'; - -describe('wrap_custom_error', () => { - describe('#wrapCustomError', () => { - it('should return a Boom object', () => { - const originalError = new Error('I am an error'); - const statusCode = 404; - const wrappedError = wrapCustomError(originalError, statusCode); - - expect(wrappedError.isBoom).to.be(true); - expect(wrappedError.output.statusCode).to.equal(statusCode); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js deleted file mode 100644 index 6d6a336417bef..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { wrapUnknownError } from '../wrap_unknown_error'; - -describe('wrap_unknown_error', () => { - describe('#wrapUnknownError', () => { - it('should return a Boom object', () => { - const originalError = new Error('I am an error'); - const wrappedError = wrapUnknownError(originalError); - - expect(wrappedError.isBoom).to.be(true); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js deleted file mode 100644 index 890a366ac65c1..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import Boom from 'boom'; - -/** - * Wraps a custom error into a Boom error response and returns it - * - * @param err Object error - * @param statusCode Error status code - * @return Object Boom error response - */ -export function wrapCustomError(err, statusCode) { - return Boom.wrap(err, statusCode); -} diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js deleted file mode 100644 index b0cdced7adbef..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import Boom from 'boom'; - -/** - * Wraps an unknown error into a Boom error response and returns it - * - * @param err Object Unknown error - * @return Object Boom error response - */ -export function wrapUnknownError(err) { - return Boom.wrap(err); -} diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js deleted file mode 100644 index c543d79814dd3..0000000000000 --- a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { licensePreRoutingFactory } from '../license_pre_routing_factory'; - -describe('license_pre_routing_factory', () => { - describe('#logstashFeaturePreRoutingFactory', () => { - let mockServer; - let mockLicenseCheckResults; - - beforeEach(() => { - mockServer = { - plugins: { - xpack_main: { - info: { - feature: () => ({ - getLicenseCheckResults: () => mockLicenseCheckResults - }) - } - } - } - }; - }); - - it('only instantiates one instance per server', () => { - const firstInstance = licensePreRoutingFactory(mockServer); - const secondInstance = licensePreRoutingFactory(mockServer); - - expect(firstInstance).to.be(secondInstance); - }); - - describe('isAvailable is false', () => { - beforeEach(() => { - mockLicenseCheckResults = { - isAvailable: false - }; - }); - - it ('replies with 403', (done) => { - const licensePreRouting = licensePreRoutingFactory(mockServer); - const stubRequest = {}; - licensePreRouting(stubRequest, (response) => { - expect(response).to.be.an(Error); - expect(response.isBoom).to.be(true); - expect(response.output.statusCode).to.be(403); - done(); - }); - }); - }); - - describe('isAvailable is true', () => { - beforeEach(() => { - mockLicenseCheckResults = { - isAvailable: true - }; - }); - - it ('replies with nothing', (done) => { - const licensePreRouting = licensePreRoutingFactory(mockServer); - const stubRequest = {}; - licensePreRouting(stubRequest, (response) => { - expect(response).to.be(undefined); - done(); - }); - }); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js deleted file mode 100644 index 0743e443955f4..0000000000000 --- a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { licensePreRoutingFactory } from './license_pre_routing_factory'; diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js deleted file mode 100644 index 4ae31f692bfd7..0000000000000 --- a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { once } from 'lodash'; -import { wrapCustomError } from '../error_wrappers'; -import { PLUGIN } from '../../../common/constants'; - -export const licensePreRoutingFactory = once((server) => { - const xpackMainPlugin = server.plugins.xpack_main; - - // License checking and enable/disable logic - function licensePreRouting(request, reply) { - const licenseCheckResults = xpackMainPlugin.info.feature(PLUGIN.ID).getLicenseCheckResults(); - if (!licenseCheckResults.isAvailable) { - const error = new Error(licenseCheckResults.message); - const statusCode = 403; - const wrappedError = wrapCustomError(error, statusCode); - reply(wrappedError); - } else { - reply(); - } - } - - return licensePreRouting; -}); diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/index.js b/x-pack/plugins/beats/server/lib/register_license_checker/index.js deleted file mode 100644 index 7b0f97c38d129..0000000000000 --- a/x-pack/plugins/beats/server/lib/register_license_checker/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { registerLicenseChecker } from './register_license_checker'; diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js b/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js deleted file mode 100644 index 8a17fb2eea497..0000000000000 --- a/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { mirrorPluginStatus } from '../../../../../server/lib/mirror_plugin_status'; -import { checkLicense } from '../check_license'; -import { PLUGIN } from '../../../common/constants'; - -export function registerLicenseChecker(server) { - const xpackMainPlugin = server.plugins.xpack_main; - const logstashPlugin = server.plugins.logstash; - - mirrorPluginStatus(xpackMainPlugin, logstashPlugin); - xpackMainPlugin.status.once('green', () => { - // Register a function that is called whenever the xpack info changes, - // to re-compute the license check results for this plugin - xpackMainPlugin.info.feature(PLUGIN.ID).registerLicenseCheckResultsGenerator(checkLicense); - }); -} diff --git a/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js deleted file mode 100644 index e69de29bb2d1d..0000000000000 From e687505c35ba992318b71bde40eb03b359974728 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Sat, 12 May 2018 09:22:39 -0700 Subject: [PATCH 03/17] Converting to Jest test --- .../error_wrappers/__tests__/wrap_es_error.js | 41 ------------------- 1 file changed, 41 deletions(-) delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js deleted file mode 100644 index f1b956bdcc3bb..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { wrapEsError } from '../wrap_es_error'; - -describe('wrap_es_error', () => { - describe('#wrapEsError', () => { - - let originalError; - beforeEach(() => { - originalError = new Error('I am an error'); - originalError.statusCode = 404; - }); - - it('should return a Boom object', () => { - const wrappedError = wrapEsError(originalError); - - expect(wrappedError.isBoom).to.be(true); - }); - - it('should return the correct Boom object', () => { - const wrappedError = wrapEsError(originalError); - - expect(wrappedError.output.statusCode).to.be(originalError.statusCode); - expect(wrappedError.output.payload.message).to.be(originalError.message); - }); - - it('should return invalid permissions message for 403 errors', () => { - const securityError = new Error('I am an error'); - securityError.statusCode = 403; - const wrappedError = wrapEsError(securityError); - - expect(wrappedError.isBoom).to.be(true); - expect(wrappedError.message).to.be('Insufficient user permissions for managing Logstash pipelines'); - }); - }); -}); From e4d7b0a8310858a0020b0b0fa062bc2d574a7195 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Fri, 11 May 2018 06:42:46 -0700 Subject: [PATCH 04/17] WIP checkin --- .../call_with_request_factory.js | 19 ++ .../lib/call_with_request_factory/index.js | 7 + .../check_license/__tests__/check_license.js | 180 ++++++++++++++++++ .../server/lib/check_license/check_license.js | 69 +++++++ .../beats/server/lib/check_license/index.js | 7 + .../__tests__/wrap_custom_error.js | 21 ++ .../error_wrappers/__tests__/wrap_es_error.js | 41 ++++ .../__tests__/wrap_unknown_error.js | 19 ++ .../lib/error_wrappers/wrap_custom_error.js | 18 ++ .../lib/error_wrappers/wrap_unknown_error.js | 17 ++ .../__tests__/license_pre_routing_factory.js | 72 +++++++ .../lib/license_pre_routing_factory/index.js | 7 + .../license_pre_routing_factory.js | 28 +++ .../lib/register_license_checker/index.js | 7 + .../register_license_checker.js | 21 ++ .../api/register_disenroll_beats_route.js | 0 .../routes/api/register_enroll_beats_route.js | 0 .../routes/api/register_verify_beats_route.js | 0 18 files changed, 533 insertions(+) create mode 100644 x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js create mode 100644 x-pack/plugins/beats/server/lib/call_with_request_factory/index.js create mode 100644 x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js create mode 100644 x-pack/plugins/beats/server/lib/check_license/check_license.js create mode 100644 x-pack/plugins/beats/server/lib/check_license/index.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js create mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js create mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js create mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js create mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js create mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/index.js create mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js create mode 100644 x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js create mode 100644 x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js create mode 100644 x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js diff --git a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js new file mode 100644 index 0000000000000..f772b81850f71 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { once } from 'lodash'; + +const callWithRequest = once((server) => { + const pipeline = server.config().get('elasticsearch'); + const cluster = server.plugins.elasticsearch.createCluster('logstash', pipeline); + return cluster.callWithRequest; +}); + +export const callWithRequestFactory = (server, request) => { + return (...args) => { + return callWithRequest(server)(request, ...args); + }; +}; diff --git a/x-pack/plugins/beats/server/lib/call_with_request_factory/index.js b/x-pack/plugins/beats/server/lib/call_with_request_factory/index.js new file mode 100644 index 0000000000000..787814d87dff9 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/call_with_request_factory/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { callWithRequestFactory } from './call_with_request_factory'; diff --git a/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js b/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js new file mode 100644 index 0000000000000..449ff3a60b9e7 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js @@ -0,0 +1,180 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { set } from 'lodash'; +import { checkLicense } from '../check_license'; + +describe('check_license', function () { + + let mockLicenseInfo; + beforeEach(() => mockLicenseInfo = {}); + + describe('license information is undefined', () => { + beforeEach(() => mockLicenseInfo = undefined); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + + describe('license information is not available', () => { + beforeEach(() => mockLicenseInfo.isAvailable = () => false); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + + describe('license information is available', () => { + beforeEach(() => { + mockLicenseInfo.isAvailable = () => true; + set(mockLicenseInfo, 'license.getType', () => 'basic'); + }); + + describe('& license is trial, standard, gold, platinum', () => { + beforeEach(() => { + set(mockLicenseInfo, 'license.isOneOf', () => true); + mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled + }); + + describe('& license is active', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); + + it('should set isAvailable to true', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); + }); + + it ('should set enableLinks to true', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should not set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.be(undefined); + }); + }); + + describe('& license is expired', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); + + it('should set isAvailable to true', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); + }); + + it ('should set enableLinks to true', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); + }); + + it ('should set isReadOnly to true', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(true); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + }); + + describe('& license is basic', () => { + beforeEach(() => { + set(mockLicenseInfo, 'license.isOneOf', () => false); + mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled + }); + + describe('& license is active', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it ('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + + describe('& license is expired', () => { + beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it ('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + }); + + describe('& security is disabled', () => { + beforeEach(() => { + mockLicenseInfo.feature = () => ({ isEnabled: () => false }); // Security feature is disabled + set(mockLicenseInfo, 'license.isOneOf', () => true); + set(mockLicenseInfo, 'license.isActive', () => true); + }); + + it('should set isAvailable to false', () => { + expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); + }); + + it ('should set enableLinks to false', () => { + expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); + }); + + it ('should set isReadOnly to false', () => { + expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); + }); + + it('should set a message', () => { + expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); + }); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/check_license/check_license.js b/x-pack/plugins/beats/server/lib/check_license/check_license.js new file mode 100644 index 0000000000000..aa1704cc02730 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/check_license/check_license.js @@ -0,0 +1,69 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export function checkLicense(xpackLicenseInfo) { + // If, for some reason, we cannot get the license information + // from Elasticsearch, assume worst case and disable the Logstash pipeline UI + if (!xpackLicenseInfo || !xpackLicenseInfo.isAvailable()) { + return { + isAvailable: false, + enableLinks: false, + isReadOnly: false, + message: 'You cannot manage Logstash pipelines because license information is not available at this time.' + }; + } + + const VALID_LICENSE_MODES = [ + 'trial', + 'standard', + 'gold', + 'platinum' + ]; + + const isLicenseModeValid = xpackLicenseInfo.license.isOneOf(VALID_LICENSE_MODES); + const isLicenseActive = xpackLicenseInfo.license.isActive(); + const licenseType = xpackLicenseInfo.license.getType(); + const isSecurityEnabled = xpackLicenseInfo.feature('security').isEnabled(); + + // Security is not enabled in ES + if (!isSecurityEnabled) { + const message = 'Security must be enabled in order to use Logstash pipeline management features.' + + ' Please set xpack.security.enabled: true in your elasticsearch.yml.'; + return { + isAvailable: false, + enableLinks: false, + isReadOnly: false, + message + }; + } + + // License is not valid + if (!isLicenseModeValid) { + return { + isAvailable: false, + enableLinks: false, + isReadOnly: false, + message: `Your ${licenseType} license does not support Logstash pipeline management features. Please upgrade your license.` + }; + } + + // License is valid but not active, we go into a read-only mode. + if (!isLicenseActive) { + return { + isAvailable: true, + enableLinks: true, + isReadOnly: true, + message: `You cannot edit, create, or delete your Logstash pipelines because your ${licenseType} license has expired.` + }; + } + + // License is valid and active + return { + isAvailable: true, + enableLinks: true, + isReadOnly: false + }; +} diff --git a/x-pack/plugins/beats/server/lib/check_license/index.js b/x-pack/plugins/beats/server/lib/check_license/index.js new file mode 100644 index 0000000000000..f2c070fd44b6e --- /dev/null +++ b/x-pack/plugins/beats/server/lib/check_license/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { checkLicense } from './check_license'; diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js new file mode 100644 index 0000000000000..443744ccb0cc8 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { wrapCustomError } from '../wrap_custom_error'; + +describe('wrap_custom_error', () => { + describe('#wrapCustomError', () => { + it('should return a Boom object', () => { + const originalError = new Error('I am an error'); + const statusCode = 404; + const wrappedError = wrapCustomError(originalError, statusCode); + + expect(wrappedError.isBoom).to.be(true); + expect(wrappedError.output.statusCode).to.equal(statusCode); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js new file mode 100644 index 0000000000000..f1b956bdcc3bb --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { wrapEsError } from '../wrap_es_error'; + +describe('wrap_es_error', () => { + describe('#wrapEsError', () => { + + let originalError; + beforeEach(() => { + originalError = new Error('I am an error'); + originalError.statusCode = 404; + }); + + it('should return a Boom object', () => { + const wrappedError = wrapEsError(originalError); + + expect(wrappedError.isBoom).to.be(true); + }); + + it('should return the correct Boom object', () => { + const wrappedError = wrapEsError(originalError); + + expect(wrappedError.output.statusCode).to.be(originalError.statusCode); + expect(wrappedError.output.payload.message).to.be(originalError.message); + }); + + it('should return invalid permissions message for 403 errors', () => { + const securityError = new Error('I am an error'); + securityError.statusCode = 403; + const wrappedError = wrapEsError(securityError); + + expect(wrappedError.isBoom).to.be(true); + expect(wrappedError.message).to.be('Insufficient user permissions for managing Logstash pipelines'); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js new file mode 100644 index 0000000000000..6d6a336417bef --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { wrapUnknownError } from '../wrap_unknown_error'; + +describe('wrap_unknown_error', () => { + describe('#wrapUnknownError', () => { + it('should return a Boom object', () => { + const originalError = new Error('I am an error'); + const wrappedError = wrapUnknownError(originalError); + + expect(wrappedError.isBoom).to.be(true); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js new file mode 100644 index 0000000000000..890a366ac65c1 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import Boom from 'boom'; + +/** + * Wraps a custom error into a Boom error response and returns it + * + * @param err Object error + * @param statusCode Error status code + * @return Object Boom error response + */ +export function wrapCustomError(err, statusCode) { + return Boom.wrap(err, statusCode); +} diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js new file mode 100644 index 0000000000000..b0cdced7adbef --- /dev/null +++ b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import Boom from 'boom'; + +/** + * Wraps an unknown error into a Boom error response and returns it + * + * @param err Object Unknown error + * @return Object Boom error response + */ +export function wrapUnknownError(err) { + return Boom.wrap(err); +} diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js new file mode 100644 index 0000000000000..c543d79814dd3 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js @@ -0,0 +1,72 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; +import { licensePreRoutingFactory } from '../license_pre_routing_factory'; + +describe('license_pre_routing_factory', () => { + describe('#logstashFeaturePreRoutingFactory', () => { + let mockServer; + let mockLicenseCheckResults; + + beforeEach(() => { + mockServer = { + plugins: { + xpack_main: { + info: { + feature: () => ({ + getLicenseCheckResults: () => mockLicenseCheckResults + }) + } + } + } + }; + }); + + it('only instantiates one instance per server', () => { + const firstInstance = licensePreRoutingFactory(mockServer); + const secondInstance = licensePreRoutingFactory(mockServer); + + expect(firstInstance).to.be(secondInstance); + }); + + describe('isAvailable is false', () => { + beforeEach(() => { + mockLicenseCheckResults = { + isAvailable: false + }; + }); + + it ('replies with 403', (done) => { + const licensePreRouting = licensePreRoutingFactory(mockServer); + const stubRequest = {}; + licensePreRouting(stubRequest, (response) => { + expect(response).to.be.an(Error); + expect(response.isBoom).to.be(true); + expect(response.output.statusCode).to.be(403); + done(); + }); + }); + }); + + describe('isAvailable is true', () => { + beforeEach(() => { + mockLicenseCheckResults = { + isAvailable: true + }; + }); + + it ('replies with nothing', (done) => { + const licensePreRouting = licensePreRoutingFactory(mockServer); + const stubRequest = {}; + licensePreRouting(stubRequest, (response) => { + expect(response).to.be(undefined); + done(); + }); + }); + }); + }); +}); diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js new file mode 100644 index 0000000000000..0743e443955f4 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { licensePreRoutingFactory } from './license_pre_routing_factory'; diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js new file mode 100644 index 0000000000000..4ae31f692bfd7 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { once } from 'lodash'; +import { wrapCustomError } from '../error_wrappers'; +import { PLUGIN } from '../../../common/constants'; + +export const licensePreRoutingFactory = once((server) => { + const xpackMainPlugin = server.plugins.xpack_main; + + // License checking and enable/disable logic + function licensePreRouting(request, reply) { + const licenseCheckResults = xpackMainPlugin.info.feature(PLUGIN.ID).getLicenseCheckResults(); + if (!licenseCheckResults.isAvailable) { + const error = new Error(licenseCheckResults.message); + const statusCode = 403; + const wrappedError = wrapCustomError(error, statusCode); + reply(wrappedError); + } else { + reply(); + } + } + + return licensePreRouting; +}); diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/index.js b/x-pack/plugins/beats/server/lib/register_license_checker/index.js new file mode 100644 index 0000000000000..7b0f97c38d129 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/register_license_checker/index.js @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { registerLicenseChecker } from './register_license_checker'; diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js b/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js new file mode 100644 index 0000000000000..8a17fb2eea497 --- /dev/null +++ b/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { mirrorPluginStatus } from '../../../../../server/lib/mirror_plugin_status'; +import { checkLicense } from '../check_license'; +import { PLUGIN } from '../../../common/constants'; + +export function registerLicenseChecker(server) { + const xpackMainPlugin = server.plugins.xpack_main; + const logstashPlugin = server.plugins.logstash; + + mirrorPluginStatus(xpackMainPlugin, logstashPlugin); + xpackMainPlugin.status.once('green', () => { + // Register a function that is called whenever the xpack info changes, + // to re-compute the license check results for this plugin + xpackMainPlugin.info.feature(PLUGIN.ID).registerLicenseCheckResultsGenerator(checkLicense); + }); +} diff --git a/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js new file mode 100644 index 0000000000000..e69de29bb2d1d From 26be0bc18062a404206b28c4bbfee9f4e41a5c56 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Sat, 12 May 2018 12:33:56 -0700 Subject: [PATCH 05/17] Fixing API for default case + adding test for it --- .../apis/beats/create_enrollment_tokens.js | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js b/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js index 86b80323773b4..953508ebfadb3 100644 --- a/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js +++ b/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js @@ -41,6 +41,30 @@ export default function ({ getService }) { expect(tokensFromApi).to.eql(tokensInEs); }); + it('should create one token by default', async () => { + const { body: apiResponse } = await supertest + .post( + '/api/beats/enrollment_tokens' + ) + .set('kbn-xsrf', 'xxx') + .send() + .expect(200); + + const tokensFromApi = apiResponse.tokens; + + const esResponse = await es.search({ + index: ES_ADMIN_INDEX_NAME, + type: ES_TYPE_NAME, + q: 'type:enrollment_token' + }); + + const tokensInEs = esResponse.hits.hits + .map(hit => hit._source.enrollment_token.token); + + expect(tokensFromApi.length).to.eql(1); + expect(tokensFromApi).to.eql(tokensInEs); + }); + it('should create the specified number of tokens', async () => { const numTokens = chance.integer({ min: 1, max: 2000 }); From 1e87ac18dcedebb6785c54b2b78c6acaca17f4e4 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Mon, 14 May 2018 07:01:21 -0700 Subject: [PATCH 06/17] Fixing copy pasta typos --- .../lib/call_with_request_factory/call_with_request_factory.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js index f772b81850f71..b9afd6a47c618 100644 --- a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js +++ b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js @@ -8,7 +8,7 @@ import { once } from 'lodash'; const callWithRequest = once((server) => { const pipeline = server.config().get('elasticsearch'); - const cluster = server.plugins.elasticsearch.createCluster('logstash', pipeline); + const cluster = server.plugins.elasticsearch.createCluster('beats', pipeline); return cluster.callWithRequest; }); From d1921741004e6670c53d8324260455fa8941870f Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Mon, 14 May 2018 11:11:34 -0700 Subject: [PATCH 07/17] Fixing variable name --- .../call_with_request_factory/call_with_request_factory.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js index b9afd6a47c618..0c4f909d12f61 100644 --- a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js +++ b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js @@ -7,8 +7,8 @@ import { once } from 'lodash'; const callWithRequest = once((server) => { - const pipeline = server.config().get('elasticsearch'); - const cluster = server.plugins.elasticsearch.createCluster('beats', pipeline); + const config = server.config().get('elasticsearch'); + const cluster = server.plugins.elasticsearch.createCluster('beats', config); return cluster.callWithRequest; }); From 6ac7202026d033893ab131bbc49ef0ab37217d5b Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Mon, 14 May 2018 13:02:53 -0700 Subject: [PATCH 08/17] Using a single index --- .../test/api_integration/apis/beats/create_enrollment_tokens.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js b/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js index 953508ebfadb3..129b6b405571c 100644 --- a/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js +++ b/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js @@ -53,7 +53,7 @@ export default function ({ getService }) { const tokensFromApi = apiResponse.tokens; const esResponse = await es.search({ - index: ES_ADMIN_INDEX_NAME, + index: ES_INDEX_NAME, type: ES_TYPE_NAME, q: 'type:enrollment_token' }); From a865a9d5ee9c077b0fdb56deba93b2485438d876 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Tue, 15 May 2018 11:57:43 -0700 Subject: [PATCH 09/17] Implementing GET /api/beats/agents API --- .../call_with_request_factory.js | 19 -- .../lib/call_with_request_factory/index.js | 7 - .../check_license/__tests__/check_license.js | 180 ------------------ .../server/lib/check_license/check_license.js | 69 ------- .../beats/server/lib/check_license/index.js | 7 - .../__tests__/wrap_custom_error.js | 21 -- .../error_wrappers/__tests__/wrap_es_error.js | 41 ---- .../__tests__/wrap_unknown_error.js | 19 -- .../lib/error_wrappers/wrap_custom_error.js | 18 -- .../lib/error_wrappers/wrap_unknown_error.js | 17 -- .../__tests__/license_pre_routing_factory.js | 72 ------- .../lib/license_pre_routing_factory/index.js | 7 - .../license_pre_routing_factory.js | 28 --- .../lib/register_license_checker/index.js | 7 - .../register_license_checker.js | 21 -- .../api/register_disenroll_beats_route.js | 0 .../routes/api/register_enroll_beats_route.js | 0 .../routes/api/register_verify_beats_route.js | 0 18 files changed, 533 deletions(-) delete mode 100644 x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js delete mode 100644 x-pack/plugins/beats/server/lib/call_with_request_factory/index.js delete mode 100644 x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js delete mode 100644 x-pack/plugins/beats/server/lib/check_license/check_license.js delete mode 100644 x-pack/plugins/beats/server/lib/check_license/index.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js delete mode 100644 x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js delete mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js delete mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js delete mode 100644 x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js delete mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/index.js delete mode 100644 x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js delete mode 100644 x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js delete mode 100644 x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js delete mode 100644 x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js diff --git a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js b/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js deleted file mode 100644 index 0c4f909d12f61..0000000000000 --- a/x-pack/plugins/beats/server/lib/call_with_request_factory/call_with_request_factory.js +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { once } from 'lodash'; - -const callWithRequest = once((server) => { - const config = server.config().get('elasticsearch'); - const cluster = server.plugins.elasticsearch.createCluster('beats', config); - return cluster.callWithRequest; -}); - -export const callWithRequestFactory = (server, request) => { - return (...args) => { - return callWithRequest(server)(request, ...args); - }; -}; diff --git a/x-pack/plugins/beats/server/lib/call_with_request_factory/index.js b/x-pack/plugins/beats/server/lib/call_with_request_factory/index.js deleted file mode 100644 index 787814d87dff9..0000000000000 --- a/x-pack/plugins/beats/server/lib/call_with_request_factory/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { callWithRequestFactory } from './call_with_request_factory'; diff --git a/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js b/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js deleted file mode 100644 index 449ff3a60b9e7..0000000000000 --- a/x-pack/plugins/beats/server/lib/check_license/__tests__/check_license.js +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { set } from 'lodash'; -import { checkLicense } from '../check_license'; - -describe('check_license', function () { - - let mockLicenseInfo; - beforeEach(() => mockLicenseInfo = {}); - - describe('license information is undefined', () => { - beforeEach(() => mockLicenseInfo = undefined); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('license information is not available', () => { - beforeEach(() => mockLicenseInfo.isAvailable = () => false); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('license information is available', () => { - beforeEach(() => { - mockLicenseInfo.isAvailable = () => true; - set(mockLicenseInfo, 'license.getType', () => 'basic'); - }); - - describe('& license is trial, standard, gold, platinum', () => { - beforeEach(() => { - set(mockLicenseInfo, 'license.isOneOf', () => true); - mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled - }); - - describe('& license is active', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it ('should set enableLinks to true', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should not set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.be(undefined); - }); - }); - - describe('& license is expired', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it ('should set enableLinks to true', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); - }); - - it ('should set isReadOnly to true', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(true); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); - - describe('& license is basic', () => { - beforeEach(() => { - set(mockLicenseInfo, 'license.isOneOf', () => false); - mockLicenseInfo.feature = () => ({ isEnabled: () => true }); // Security feature is enabled - }); - - describe('& license is active', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => true)); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it ('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('& license is expired', () => { - beforeEach(() => set(mockLicenseInfo, 'license.isActive', () => false)); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it ('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); - - describe('& security is disabled', () => { - beforeEach(() => { - mockLicenseInfo.feature = () => ({ isEnabled: () => false }); // Security feature is disabled - set(mockLicenseInfo, 'license.isOneOf', () => true); - set(mockLicenseInfo, 'license.isActive', () => true); - }); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it ('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it ('should set isReadOnly to false', () => { - expect(checkLicense(mockLicenseInfo).isReadOnly).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/check_license/check_license.js b/x-pack/plugins/beats/server/lib/check_license/check_license.js deleted file mode 100644 index aa1704cc02730..0000000000000 --- a/x-pack/plugins/beats/server/lib/check_license/check_license.js +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export function checkLicense(xpackLicenseInfo) { - // If, for some reason, we cannot get the license information - // from Elasticsearch, assume worst case and disable the Logstash pipeline UI - if (!xpackLicenseInfo || !xpackLicenseInfo.isAvailable()) { - return { - isAvailable: false, - enableLinks: false, - isReadOnly: false, - message: 'You cannot manage Logstash pipelines because license information is not available at this time.' - }; - } - - const VALID_LICENSE_MODES = [ - 'trial', - 'standard', - 'gold', - 'platinum' - ]; - - const isLicenseModeValid = xpackLicenseInfo.license.isOneOf(VALID_LICENSE_MODES); - const isLicenseActive = xpackLicenseInfo.license.isActive(); - const licenseType = xpackLicenseInfo.license.getType(); - const isSecurityEnabled = xpackLicenseInfo.feature('security').isEnabled(); - - // Security is not enabled in ES - if (!isSecurityEnabled) { - const message = 'Security must be enabled in order to use Logstash pipeline management features.' - + ' Please set xpack.security.enabled: true in your elasticsearch.yml.'; - return { - isAvailable: false, - enableLinks: false, - isReadOnly: false, - message - }; - } - - // License is not valid - if (!isLicenseModeValid) { - return { - isAvailable: false, - enableLinks: false, - isReadOnly: false, - message: `Your ${licenseType} license does not support Logstash pipeline management features. Please upgrade your license.` - }; - } - - // License is valid but not active, we go into a read-only mode. - if (!isLicenseActive) { - return { - isAvailable: true, - enableLinks: true, - isReadOnly: true, - message: `You cannot edit, create, or delete your Logstash pipelines because your ${licenseType} license has expired.` - }; - } - - // License is valid and active - return { - isAvailable: true, - enableLinks: true, - isReadOnly: false - }; -} diff --git a/x-pack/plugins/beats/server/lib/check_license/index.js b/x-pack/plugins/beats/server/lib/check_license/index.js deleted file mode 100644 index f2c070fd44b6e..0000000000000 --- a/x-pack/plugins/beats/server/lib/check_license/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { checkLicense } from './check_license'; diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js deleted file mode 100644 index 443744ccb0cc8..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_custom_error.js +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { wrapCustomError } from '../wrap_custom_error'; - -describe('wrap_custom_error', () => { - describe('#wrapCustomError', () => { - it('should return a Boom object', () => { - const originalError = new Error('I am an error'); - const statusCode = 404; - const wrappedError = wrapCustomError(originalError, statusCode); - - expect(wrappedError.isBoom).to.be(true); - expect(wrappedError.output.statusCode).to.equal(statusCode); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js deleted file mode 100644 index f1b956bdcc3bb..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_es_error.js +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { wrapEsError } from '../wrap_es_error'; - -describe('wrap_es_error', () => { - describe('#wrapEsError', () => { - - let originalError; - beforeEach(() => { - originalError = new Error('I am an error'); - originalError.statusCode = 404; - }); - - it('should return a Boom object', () => { - const wrappedError = wrapEsError(originalError); - - expect(wrappedError.isBoom).to.be(true); - }); - - it('should return the correct Boom object', () => { - const wrappedError = wrapEsError(originalError); - - expect(wrappedError.output.statusCode).to.be(originalError.statusCode); - expect(wrappedError.output.payload.message).to.be(originalError.message); - }); - - it('should return invalid permissions message for 403 errors', () => { - const securityError = new Error('I am an error'); - securityError.statusCode = 403; - const wrappedError = wrapEsError(securityError); - - expect(wrappedError.isBoom).to.be(true); - expect(wrappedError.message).to.be('Insufficient user permissions for managing Logstash pipelines'); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js deleted file mode 100644 index 6d6a336417bef..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/__tests__/wrap_unknown_error.js +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { wrapUnknownError } from '../wrap_unknown_error'; - -describe('wrap_unknown_error', () => { - describe('#wrapUnknownError', () => { - it('should return a Boom object', () => { - const originalError = new Error('I am an error'); - const wrappedError = wrapUnknownError(originalError); - - expect(wrappedError.isBoom).to.be(true); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js deleted file mode 100644 index 890a366ac65c1..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_custom_error.js +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import Boom from 'boom'; - -/** - * Wraps a custom error into a Boom error response and returns it - * - * @param err Object error - * @param statusCode Error status code - * @return Object Boom error response - */ -export function wrapCustomError(err, statusCode) { - return Boom.wrap(err, statusCode); -} diff --git a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js b/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js deleted file mode 100644 index b0cdced7adbef..0000000000000 --- a/x-pack/plugins/beats/server/lib/error_wrappers/wrap_unknown_error.js +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import Boom from 'boom'; - -/** - * Wraps an unknown error into a Boom error response and returns it - * - * @param err Object Unknown error - * @return Object Boom error response - */ -export function wrapUnknownError(err) { - return Boom.wrap(err); -} diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js deleted file mode 100644 index c543d79814dd3..0000000000000 --- a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/__tests__/license_pre_routing_factory.js +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from 'expect.js'; -import { licensePreRoutingFactory } from '../license_pre_routing_factory'; - -describe('license_pre_routing_factory', () => { - describe('#logstashFeaturePreRoutingFactory', () => { - let mockServer; - let mockLicenseCheckResults; - - beforeEach(() => { - mockServer = { - plugins: { - xpack_main: { - info: { - feature: () => ({ - getLicenseCheckResults: () => mockLicenseCheckResults - }) - } - } - } - }; - }); - - it('only instantiates one instance per server', () => { - const firstInstance = licensePreRoutingFactory(mockServer); - const secondInstance = licensePreRoutingFactory(mockServer); - - expect(firstInstance).to.be(secondInstance); - }); - - describe('isAvailable is false', () => { - beforeEach(() => { - mockLicenseCheckResults = { - isAvailable: false - }; - }); - - it ('replies with 403', (done) => { - const licensePreRouting = licensePreRoutingFactory(mockServer); - const stubRequest = {}; - licensePreRouting(stubRequest, (response) => { - expect(response).to.be.an(Error); - expect(response.isBoom).to.be(true); - expect(response.output.statusCode).to.be(403); - done(); - }); - }); - }); - - describe('isAvailable is true', () => { - beforeEach(() => { - mockLicenseCheckResults = { - isAvailable: true - }; - }); - - it ('replies with nothing', (done) => { - const licensePreRouting = licensePreRoutingFactory(mockServer); - const stubRequest = {}; - licensePreRouting(stubRequest, (response) => { - expect(response).to.be(undefined); - done(); - }); - }); - }); - }); -}); diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js deleted file mode 100644 index 0743e443955f4..0000000000000 --- a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { licensePreRoutingFactory } from './license_pre_routing_factory'; diff --git a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js b/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js deleted file mode 100644 index 4ae31f692bfd7..0000000000000 --- a/x-pack/plugins/beats/server/lib/license_pre_routing_factory/license_pre_routing_factory.js +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { once } from 'lodash'; -import { wrapCustomError } from '../error_wrappers'; -import { PLUGIN } from '../../../common/constants'; - -export const licensePreRoutingFactory = once((server) => { - const xpackMainPlugin = server.plugins.xpack_main; - - // License checking and enable/disable logic - function licensePreRouting(request, reply) { - const licenseCheckResults = xpackMainPlugin.info.feature(PLUGIN.ID).getLicenseCheckResults(); - if (!licenseCheckResults.isAvailable) { - const error = new Error(licenseCheckResults.message); - const statusCode = 403; - const wrappedError = wrapCustomError(error, statusCode); - reply(wrappedError); - } else { - reply(); - } - } - - return licensePreRouting; -}); diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/index.js b/x-pack/plugins/beats/server/lib/register_license_checker/index.js deleted file mode 100644 index 7b0f97c38d129..0000000000000 --- a/x-pack/plugins/beats/server/lib/register_license_checker/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export { registerLicenseChecker } from './register_license_checker'; diff --git a/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js b/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js deleted file mode 100644 index 8a17fb2eea497..0000000000000 --- a/x-pack/plugins/beats/server/lib/register_license_checker/register_license_checker.js +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { mirrorPluginStatus } from '../../../../../server/lib/mirror_plugin_status'; -import { checkLicense } from '../check_license'; -import { PLUGIN } from '../../../common/constants'; - -export function registerLicenseChecker(server) { - const xpackMainPlugin = server.plugins.xpack_main; - const logstashPlugin = server.plugins.logstash; - - mirrorPluginStatus(xpackMainPlugin, logstashPlugin); - xpackMainPlugin.status.once('green', () => { - // Register a function that is called whenever the xpack info changes, - // to re-compute the license check results for this plugin - xpackMainPlugin.info.feature(PLUGIN.ID).registerLicenseCheckResultsGenerator(checkLicense); - }); -} diff --git a/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_disenroll_beats_route.js deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_enroll_beats_route.js deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js deleted file mode 100644 index e69de29bb2d1d..0000000000000 From 76dc950f14ecd7bb6d41c64310150699dbc542d4 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 16 May 2018 09:23:24 -0700 Subject: [PATCH 10/17] Updating mapping --- .../apis/beats/create_enrollment_tokens.js | 24 ------------------- 1 file changed, 24 deletions(-) diff --git a/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js b/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js index 129b6b405571c..86b80323773b4 100644 --- a/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js +++ b/x-pack/test/api_integration/apis/beats/create_enrollment_tokens.js @@ -41,30 +41,6 @@ export default function ({ getService }) { expect(tokensFromApi).to.eql(tokensInEs); }); - it('should create one token by default', async () => { - const { body: apiResponse } = await supertest - .post( - '/api/beats/enrollment_tokens' - ) - .set('kbn-xsrf', 'xxx') - .send() - .expect(200); - - const tokensFromApi = apiResponse.tokens; - - const esResponse = await es.search({ - index: ES_INDEX_NAME, - type: ES_TYPE_NAME, - q: 'type:enrollment_token' - }); - - const tokensInEs = esResponse.hits.hits - .map(hit => hit._source.enrollment_token.token); - - expect(tokensFromApi.length).to.eql(1); - expect(tokensFromApi).to.eql(tokensInEs); - }); - it('should create the specified number of tokens', async () => { const numTokens = chance.integer({ min: 1, max: 2000 }); From 475f868dba23aead816516bf94a3a8718b7b1eef Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Tue, 15 May 2018 18:36:17 -0700 Subject: [PATCH 11/17] Creating POST /api/beats/agents/verify API --- .../plugins/beats/server/routes/api/index.js | 2 + .../api/register_verify_beats_routes.js | 132 ++++++++++++++++++ .../test/api_integration/apis/beats/index.js | 1 + .../apis/beats/verify_beats.js | 49 +++++++ .../es_archives/beats/list/data.json.gz | Bin 343 -> 371 bytes 5 files changed, 184 insertions(+) create mode 100644 x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js create mode 100644 x-pack/test/api_integration/apis/beats/verify_beats.js diff --git a/x-pack/plugins/beats/server/routes/api/index.js b/x-pack/plugins/beats/server/routes/api/index.js index 76cedde5cdf3d..2da57bb4a8ce5 100644 --- a/x-pack/plugins/beats/server/routes/api/index.js +++ b/x-pack/plugins/beats/server/routes/api/index.js @@ -7,9 +7,11 @@ import { registerCreateEnrollmentTokensRoute } from './register_create_enrollment_tokens_route'; import { registerEnrollBeatRoute } from './register_enroll_beat_route'; import { registerListBeatsRoute } from './register_list_beats_route'; +import { registerVerifyBeatsRoute } from './register_verify_beats_routes'; export function registerApiRoutes(server) { registerCreateEnrollmentTokensRoute(server); registerEnrollBeatRoute(server); registerListBeatsRoute(server); + registerVerifyBeatsRoute(server); } diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js new file mode 100644 index 0000000000000..c57c35859aba9 --- /dev/null +++ b/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js @@ -0,0 +1,132 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import Joi from 'joi'; +import moment from 'moment'; +import { + get, + flatten +} from 'lodash'; +import { INDEX_NAMES } from '../../../common/constants'; +import { callWithRequestFactory } from '../../lib/client'; +import { wrapEsError } from '../../lib/error_wrappers'; + +async function getBeats(callWithRequest, beatIds) { + const ids = beatIds.map(beatId => `beat:${beatId}`); + const params = { + index: INDEX_NAMES.BEATS, + type: '_doc', + body: { ids }, + _sourceInclude: [ 'beat.id', 'beat.verified_on' ] + }; + + const response = await callWithRequest('mget', params); + return get(response, 'docs', []); +} + +async function verifyBeats(callWithRequest, beatIds) { + if (!Array.isArray(beatIds) || (beatIds.length === 0)) { + return []; + } + + const verifiedOn = moment().toJSON(); + const body = flatten(beatIds.map(beatId => [ + { update: { _id: `beat:${beatId}` } }, + { doc: { beat: { verified_on: verifiedOn } } } + ])); + + const params = { + index: INDEX_NAMES.BEATS, + type: '_doc', + body, + refresh: 'wait_for' + }; + + const response = await callWithRequest('bulk', params); + return get(response, 'items', []); +} + +// TODO: add license check pre-hook +// TODO: write to Kibana audit log file +export function registerVerifyBeatsRoute(server) { + server.route({ + method: 'POST', + path: '/api/beats/agents/verify', + config: { + validate: { + payload: Joi.object({ + beats: Joi.array({ + id: Joi.string().required() + }).min(1) + }).required() + } + }, + handler: async (request, reply) => { + const callWithRequest = callWithRequestFactory(server, request); + + const beats = [...request.payload.beats]; + const beatIds = beats.map(beat => beat.id); + + let nonExistentBeatIds; + let alreadyVerifiedBeatIds; + let verifiedBeatIds; + + try { + const beatsFromEs = await getBeats(callWithRequest, beatIds); + + // TODO: extract into helper function + nonExistentBeatIds = beatsFromEs.reduce((beatIdsSoFar, beatFromEs, idx) => { + if (!beatFromEs.found) { + beatIdsSoFar.push(beatIds[idx]); + } + return beatIdsSoFar; + }, []); + + alreadyVerifiedBeatIds = beatsFromEs + .filter(beat => beat.found) + .filter(beat => beat._source.beat.hasOwnProperty('verified_on')) + .map(beat => beat._source.beat.id); + + const beatIdsToVerify = beatsFromEs + .filter(beat => beat.found) + .filter(beat => !beat._source.beat.hasOwnProperty('verified_on')) + .map(beat => beat._source.beat.id); + + const verifications = await verifyBeats(callWithRequest, beatIdsToVerify); + + // TODO: extract into helper function + verifiedBeatIds = verifications.reduce((beatIdsSoFar, verification, idx) => { + if (verification.update.status === 200) { + beatIdsSoFar.push(beatIdsToVerify[idx]); + } + return beatIdsSoFar; + }, []); + + } catch (err) { + return reply(wrapEsError(err)); + } + + beats.forEach(beat => { + if (nonExistentBeatIds.includes(beat.id)) { + beat.status = 404; + beat.result = 'not found'; + } else if (alreadyVerifiedBeatIds.includes(beat.id)) { + beat.status = 200; + beat.result = 'already verified'; + } else if (verifiedBeatIds.includes(beat.id)) { + beat.status = 200; + beat.result = 'verified'; + } else { + beat.status = 400; + beat.result = 'not verified'; + } + }); + + const response = { beats }; + reply(response); + } + }); +} diff --git a/x-pack/test/api_integration/apis/beats/index.js b/x-pack/test/api_integration/apis/beats/index.js index 6b3562863a2b7..abb97b3daed91 100644 --- a/x-pack/test/api_integration/apis/beats/index.js +++ b/x-pack/test/api_integration/apis/beats/index.js @@ -20,5 +20,6 @@ export default function ({ getService, loadTestFile }) { loadTestFile(require.resolve('./create_enrollment_tokens')); loadTestFile(require.resolve('./enroll_beat')); loadTestFile(require.resolve('./list_beats')); + loadTestFile(require.resolve('./verify_beats')); }); } diff --git a/x-pack/test/api_integration/apis/beats/verify_beats.js b/x-pack/test/api_integration/apis/beats/verify_beats.js new file mode 100644 index 0000000000000..7f0f01fe0a5db --- /dev/null +++ b/x-pack/test/api_integration/apis/beats/verify_beats.js @@ -0,0 +1,49 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import expect from 'expect.js'; + +export default function ({ getService }) { + const supertest = getService('supertest'); + const esArchiver = getService('esArchiver'); + + describe('verify_beats', () => { + const archive = 'beats/list'; + + beforeEach('load beats archive', () => esArchiver.load(archive)); + afterEach('unload beats archive', () => esArchiver.unload(archive)); + + it('verify the given beats', async () => { + const { body: apiResponse } = await supertest + .post( + '/api/beats/agents/verify' + ) + .set('kbn-xsrf', 'xxx') + .send({ + beats: [ + { id: 'foo' }, + { id: 'bar' } + ] + }) + .expect(200); + + const beatsFromApi = apiResponse.beats; + + expect(beatsFromApi.length).to.be(2); + expect(beatsFromApi.filter(beat => beat.hasOwnProperty('verified_on')).length).to.be(2); + expect(beatsFromApi.map(beat => beat.id)).to.eql([ 'foo', 'bar' ]); + }); + + it('should not re-verify already-verified beats', async () => { + + }); + + it('should return errors for non-existent beats', async () => { + + }); + + }); +} diff --git a/x-pack/test/functional/es_archives/beats/list/data.json.gz b/x-pack/test/functional/es_archives/beats/list/data.json.gz index c5bcfc6fb14f91eaed3dd09d5fc8ec099ff637a3..f3ccd2687455692022cc5fb6622b906cd0ec6293 100644 GIT binary patch literal 371 zcmV-(0gV11iwFp7ua17u-zVJ>QOZ*Bm^RKae8Fbuu(6^Qd1C6J^E-?7s!$VtqG zHb@7w>Q?pNM`$aU)^>+Y?In`!_pGO9JG&^3lm26cNggN8+vFi6Ht@C%ncWZ!VbwU? z1^}s{foH6-=@$l}??(8nLvd;mST1A&EPr2bPub3|TRZihaRc&*ijUERn&Hao4ZmTB z+Kcb{qFRMABPq!U|50tAKG3}<23lf$J;xl>PC~~dSc_d(^!^o_P}U%=)_}BhiW@4G zVtPp#liE53+$2ZpK03YoXdgwpo0x3i^Z!h)v2QDT#pZNyIU|e_e%b0l(PgVAxo53r zN~J=e5t0JuT$yDmg|q^-wt%v{tJT8}-O%bkZS*Ad{6=S%19y%pA-QEr!xAk=UQ#ZN zUWz$)gKbq-=n6klQ_9qWiUkvoOy;S`GevaDpYD7F?d^V=VKCzrTseU-n+xmTUYpA= RW6|eL{sI(FHM`CQ003wLvN`|& literal 343 zcmV-d0jT~TiwFqyEc;pj17u-zVJ>QOZ*Bm^Qp;|GFc7@+6^L_V*QP zHQ*FTls3x07v~|UN_uIPUM%fAR-^GAqBu^5_YEdRoH%cjhXCwgy$#4=9LBM39qxmG zG|<8`HrNg;gD~_b`D{aZT@hR^AVF5VZTDBS_uI}+yJy~@yr|;KG^u8~s$Sz4?a00O zekkirpczR?M))_jh30Jco*3we_03#!PCErXfnY86eL477Yy+)9TCD+T7VT>oK~%$LJVEhr5();N$N~ZgA*o`$Ns?*m6b~Bm8#NW1`ztPjMHkW=f?( zpb?S+=UkaQl|ov9T3bL_{cF|Z4c)QoUtRPRb@`$*%Yi#bm5|&rr6EVlkyn&UqjNF$ p?y#$?8eQp6)|4`}qGH9wBa=lcicArm@~7pW`2>YU+a_rQ0061trn&$C From 038a7d05950bda829f43e70a2755f9df71b766b5 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 16 May 2018 05:21:38 -0700 Subject: [PATCH 12/17] Refactoring: extracting out helper functions --- .../api/register_verify_beats_routes.js | 65 +++++++++++-------- 1 file changed, 38 insertions(+), 27 deletions(-) diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js index c57c35859aba9..6aaa61b07c5f8 100644 --- a/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js +++ b/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js @@ -49,6 +49,38 @@ async function verifyBeats(callWithRequest, beatIds) { return get(response, 'items', []); } +function determineNonExistentBeatIds(beatsFromEs, beatIdsFromRequest) { + return beatsFromEs.reduce((nonExistentBeatIds, beatFromEs, idx) => { + if (!beatFromEs.found) { + nonExistentBeatIds.push(beatIdsFromRequest[idx]); + } + return nonExistentBeatIds; + }, []); +} + +function determineAlreadyVerifiedBeatIds(beatsFromEs) { + return beatsFromEs + .filter(beat => beat.found) + .filter(beat => beat._source.beat.hasOwnProperty('verified_on')) + .map(beat => beat._source.beat.id); +} + +function determineToBeVerifiedBeatIds(beatsFromEs) { + return beatsFromEs + .filter(beat => beat.found) + .filter(beat => !beat._source.beat.hasOwnProperty('verified_on')) + .map(beat => beat._source.beat.id); +} + +function determineVerifiedBeatIds(verifications, toBeVerifiedBeatIds) { + return verifications.reduce((verifiedBeatIds, verification, idx) => { + if (verification.update.status === 200) { + verifiedBeatIds.push(toBeVerifiedBeatIds[idx]); + } + return verifiedBeatIds; + }, []); +} + // TODO: add license check pre-hook // TODO: write to Kibana audit log file export function registerVerifyBeatsRoute(server) { @@ -77,33 +109,12 @@ export function registerVerifyBeatsRoute(server) { try { const beatsFromEs = await getBeats(callWithRequest, beatIds); - // TODO: extract into helper function - nonExistentBeatIds = beatsFromEs.reduce((beatIdsSoFar, beatFromEs, idx) => { - if (!beatFromEs.found) { - beatIdsSoFar.push(beatIds[idx]); - } - return beatIdsSoFar; - }, []); - - alreadyVerifiedBeatIds = beatsFromEs - .filter(beat => beat.found) - .filter(beat => beat._source.beat.hasOwnProperty('verified_on')) - .map(beat => beat._source.beat.id); - - const beatIdsToVerify = beatsFromEs - .filter(beat => beat.found) - .filter(beat => !beat._source.beat.hasOwnProperty('verified_on')) - .map(beat => beat._source.beat.id); - - const verifications = await verifyBeats(callWithRequest, beatIdsToVerify); - - // TODO: extract into helper function - verifiedBeatIds = verifications.reduce((beatIdsSoFar, verification, idx) => { - if (verification.update.status === 200) { - beatIdsSoFar.push(beatIdsToVerify[idx]); - } - return beatIdsSoFar; - }, []); + nonExistentBeatIds = determineNonExistentBeatIds(beatsFromEs, beatIds); + alreadyVerifiedBeatIds = determineAlreadyVerifiedBeatIds(beatsFromEs); + const toBeVerifiedBeatIds = determineToBeVerifiedBeatIds(beatsFromEs); + + const verifications = await verifyBeats(callWithRequest, toBeVerifiedBeatIds); + verifiedBeatIds = determineVerifiedBeatIds(verifications, toBeVerifiedBeatIds); } catch (err) { return reply(wrapEsError(err)); From c558d3b8908abf000ae259300c8a3d1fc4ba2055 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 16 May 2018 05:21:53 -0700 Subject: [PATCH 13/17] Fleshing out remaining tests --- .../apis/beats/verify_beats.js | 48 +++++++++++++++---- 1 file changed, 40 insertions(+), 8 deletions(-) diff --git a/x-pack/test/api_integration/apis/beats/verify_beats.js b/x-pack/test/api_integration/apis/beats/verify_beats.js index 7f0f01fe0a5db..2b085308b43d1 100644 --- a/x-pack/test/api_integration/apis/beats/verify_beats.js +++ b/x-pack/test/api_integration/apis/beats/verify_beats.js @@ -9,6 +9,7 @@ import expect from 'expect.js'; export default function ({ getService }) { const supertest = getService('supertest'); const esArchiver = getService('esArchiver'); + const chance = getService('chance'); describe('verify_beats', () => { const archive = 'beats/list'; @@ -24,26 +25,57 @@ export default function ({ getService }) { .set('kbn-xsrf', 'xxx') .send({ beats: [ - { id: 'foo' }, - { id: 'bar' } + { id: 'bar' }, + { id: 'baz' } ] }) .expect(200); - const beatsFromApi = apiResponse.beats; - - expect(beatsFromApi.length).to.be(2); - expect(beatsFromApi.filter(beat => beat.hasOwnProperty('verified_on')).length).to.be(2); - expect(beatsFromApi.map(beat => beat.id)).to.eql([ 'foo', 'bar' ]); + expect(apiResponse.beats).to.eql([ + { id: 'bar', status: 200, result: 'verified' }, + { id: 'baz', status: 200, result: 'verified' }, + ]); }); it('should not re-verify already-verified beats', async () => { + const { body: apiResponse } = await supertest + .post( + '/api/beats/agents/verify' + ) + .set('kbn-xsrf', 'xxx') + .send({ + beats: [ + { id: 'foo' }, + { id: 'bar' } + ] + }) + .expect(200); + expect(apiResponse.beats).to.eql([ + { id: 'foo', status: 200, result: 'already verified' }, + { id: 'bar', status: 200, result: 'verified' } + ]); }); it('should return errors for non-existent beats', async () => { + const nonExistentBeatId = chance.word(); + const { body: apiResponse } = await supertest + .post( + '/api/beats/agents/verify' + ) + .set('kbn-xsrf', 'xxx') + .send({ + beats: [ + { id: 'bar' }, + { id: nonExistentBeatId } + ] + }) + .expect(200); + expect(apiResponse.beats).to.eql([ + { id: 'bar', status: 200, result: 'verified' }, + { id: nonExistentBeatId, status: 404, result: 'not found' }, + ]); }); - }); } From 02ee113b133294364b1c5d2e992ec305f4484053 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 16 May 2018 05:59:12 -0700 Subject: [PATCH 14/17] Expanding TODO note so I won't forget :) --- .../beats/server/routes/api/register_enroll_beat_route.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js b/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js index fb004fbb79e12..6374bf53ba8e6 100644 --- a/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js +++ b/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js @@ -59,7 +59,7 @@ function persistBeat(callWithInternalUser, beat, beatId, accessToken, remoteAddr } // TODO: add license check pre-hook -// TODO: write to Kibana audit log file +// TODO: write to Kibana audit log file (include who did the verification as well) export function registerEnrollBeatRoute(server) { server.route({ method: 'POST', From 7b297c7769356add105e2100e4f7ecee3f12b0fe Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 16 May 2018 06:38:31 -0700 Subject: [PATCH 15/17] Fixing file name --- x-pack/plugins/beats/server/routes/api/index.js | 2 +- ...er_verify_beats_routes.js => register_verify_beats_route.js} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename x-pack/plugins/beats/server/routes/api/{register_verify_beats_routes.js => register_verify_beats_route.js} (100%) diff --git a/x-pack/plugins/beats/server/routes/api/index.js b/x-pack/plugins/beats/server/routes/api/index.js index 2da57bb4a8ce5..def322f0e94eb 100644 --- a/x-pack/plugins/beats/server/routes/api/index.js +++ b/x-pack/plugins/beats/server/routes/api/index.js @@ -7,7 +7,7 @@ import { registerCreateEnrollmentTokensRoute } from './register_create_enrollment_tokens_route'; import { registerEnrollBeatRoute } from './register_enroll_beat_route'; import { registerListBeatsRoute } from './register_list_beats_route'; -import { registerVerifyBeatsRoute } from './register_verify_beats_routes'; +import { registerVerifyBeatsRoute } from './register_verify_beats_route'; export function registerApiRoutes(server) { registerCreateEnrollmentTokensRoute(server); diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js similarity index 100% rename from x-pack/plugins/beats/server/routes/api/register_verify_beats_routes.js rename to x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js From 77e5b7c7400cdbc4f70a2c5d9de71ffc93ac51bc Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 16 May 2018 13:48:01 -0700 Subject: [PATCH 16/17] Moving TODO comment to right file --- .../beats/server/routes/api/register_enroll_beat_route.js | 2 +- .../beats/server/routes/api/register_verify_beats_route.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js b/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js index 6374bf53ba8e6..fb004fbb79e12 100644 --- a/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js +++ b/x-pack/plugins/beats/server/routes/api/register_enroll_beat_route.js @@ -59,7 +59,7 @@ function persistBeat(callWithInternalUser, beat, beatId, accessToken, remoteAddr } // TODO: add license check pre-hook -// TODO: write to Kibana audit log file (include who did the verification as well) +// TODO: write to Kibana audit log file export function registerEnrollBeatRoute(server) { server.route({ method: 'POST', diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js index 6aaa61b07c5f8..e025b3a174dd0 100644 --- a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js +++ b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js @@ -82,7 +82,7 @@ function determineVerifiedBeatIds(verifications, toBeVerifiedBeatIds) { } // TODO: add license check pre-hook -// TODO: write to Kibana audit log file +// TODO: write to Kibana audit log file (include who did the verification as well) export function registerVerifyBeatsRoute(server) { server.route({ method: 'POST', From 774ea75b1e86907060df94bdc3d12478034ae987 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Thu, 17 May 2018 09:18:10 -0700 Subject: [PATCH 17/17] Rename determine* helper functions to find* --- .../routes/api/register_verify_beats_route.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js index e025b3a174dd0..11a4aff1204dc 100644 --- a/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js +++ b/x-pack/plugins/beats/server/routes/api/register_verify_beats_route.js @@ -49,7 +49,7 @@ async function verifyBeats(callWithRequest, beatIds) { return get(response, 'items', []); } -function determineNonExistentBeatIds(beatsFromEs, beatIdsFromRequest) { +function findNonExistentBeatIds(beatsFromEs, beatIdsFromRequest) { return beatsFromEs.reduce((nonExistentBeatIds, beatFromEs, idx) => { if (!beatFromEs.found) { nonExistentBeatIds.push(beatIdsFromRequest[idx]); @@ -58,21 +58,21 @@ function determineNonExistentBeatIds(beatsFromEs, beatIdsFromRequest) { }, []); } -function determineAlreadyVerifiedBeatIds(beatsFromEs) { +function findAlreadyVerifiedBeatIds(beatsFromEs) { return beatsFromEs .filter(beat => beat.found) .filter(beat => beat._source.beat.hasOwnProperty('verified_on')) .map(beat => beat._source.beat.id); } -function determineToBeVerifiedBeatIds(beatsFromEs) { +function findToBeVerifiedBeatIds(beatsFromEs) { return beatsFromEs .filter(beat => beat.found) .filter(beat => !beat._source.beat.hasOwnProperty('verified_on')) .map(beat => beat._source.beat.id); } -function determineVerifiedBeatIds(verifications, toBeVerifiedBeatIds) { +function findVerifiedBeatIds(verifications, toBeVerifiedBeatIds) { return verifications.reduce((verifiedBeatIds, verification, idx) => { if (verification.update.status === 200) { verifiedBeatIds.push(toBeVerifiedBeatIds[idx]); @@ -109,12 +109,12 @@ export function registerVerifyBeatsRoute(server) { try { const beatsFromEs = await getBeats(callWithRequest, beatIds); - nonExistentBeatIds = determineNonExistentBeatIds(beatsFromEs, beatIds); - alreadyVerifiedBeatIds = determineAlreadyVerifiedBeatIds(beatsFromEs); - const toBeVerifiedBeatIds = determineToBeVerifiedBeatIds(beatsFromEs); + nonExistentBeatIds = findNonExistentBeatIds(beatsFromEs, beatIds); + alreadyVerifiedBeatIds = findAlreadyVerifiedBeatIds(beatsFromEs); + const toBeVerifiedBeatIds = findToBeVerifiedBeatIds(beatsFromEs); const verifications = await verifyBeats(callWithRequest, toBeVerifiedBeatIds); - verifiedBeatIds = determineVerifiedBeatIds(verifications, toBeVerifiedBeatIds); + verifiedBeatIds = findVerifiedBeatIds(verifications, toBeVerifiedBeatIds); } catch (err) { return reply(wrapEsError(err));