Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.x] [APM] Update deprecated access tags to the new security configuration in routes (#204058) #204245

Merged
merged 1 commit into from
Dec 13, 2024
Merged

[8.x] [APM] Update deprecated access tags to the new security configuration in routes (#204058) #204245

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions x-pack/plugins/observability_solution/apm/server/routes/agent_explorer/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ import {

const agentExplorerRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/get_agents_per_service',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
params: t.type({
query: t.intersection([
environmentRt,
Expand Down Expand Up @@ -62,7 +62,7 @@ const agentExplorerRoute = createApmServerRoute({

const latestAgentVersionsRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/get_latest_agent_versions',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
async handler(resources): Promise<AgentLatestVersionsResponse> {
const { logger, config } = resources;

Expand All @@ -72,7 +72,7 @@ const latestAgentVersionsRoute = createApmServerRoute({

const agentExplorerInstanceRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/services/{serviceName}/agent_instances',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
params: t.type({
path: t.type({ serviceName: t.string }),
query: t.intersection([environmentRt, kueryRt, rangeRt, probabilityRt]),
Expand Down
18 changes: 13 additions & 5 deletions x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import { privilegesTypeRt } from '../../../common/privilege_type';

const agentKeysRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/agent_keys',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },

handler: async (resources): Promise<AgentKeysResponse> => {
const { context } = resources;
Expand All @@ -31,8 +31,7 @@ const agentKeysRoute = createApmServerRoute({

const agentKeysPrivilegesRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/agent_keys/privileges',
options: { tags: ['access:apm'] },

security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<AgentKeysPrivilegesResponse> => {
const {
plugins: { security },
Expand All @@ -55,7 +54,11 @@ const agentKeysPrivilegesRoute = createApmServerRoute({

const invalidateAgentKeyRoute = createApmServerRoute({
endpoint: 'POST /internal/apm/api_key/invalidate',
options: { tags: ['access:apm', 'access:apm_settings_write'] },
security: {
authz: {
requiredPrivileges: ['apm', 'apm_settings_write'],
},
},
params: t.type({
body: t.type({ id: t.string }),
}),
Expand Down Expand Up @@ -91,7 +94,12 @@ const invalidateAgentKeyRoute = createApmServerRoute({

const createAgentKeyRoute = createApmServerRoute({
endpoint: 'POST /api/apm/agent_keys 2023-10-31',
options: { tags: ['access:apm', 'access:apm_settings_write', 'oas-tag:APM agent keys'] },
options: { tags: ['oas-tag:APM agent keys'] },
security: {
authz: {
requiredPrivileges: ['apm', 'apm_settings_write'],
},
},
params: t.type({
body: t.type({
name: t.string,
Expand Down
6 changes: 3 additions & 3 deletions x-pack/plugins/observability_solution/apm/server/routes/alerts/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ export type AlertParams = t.TypeOf<typeof alertParamsRt>;
const transactionErrorRateChartPreview = createApmServerRoute({
endpoint: 'GET /internal/apm/rule_types/transaction_error_rate/chart_preview',
params: t.type({ query: alertParamsRt }),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (
resources
): Promise<{
Expand All @@ -84,7 +84,7 @@ const transactionErrorRateChartPreview = createApmServerRoute({
const transactionErrorCountChartPreview = createApmServerRoute({
endpoint: 'GET /internal/apm/rule_types/error_count/chart_preview',
params: t.type({ query: alertParamsRt }),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (
resources
): Promise<{
Expand All @@ -107,7 +107,7 @@ const transactionErrorCountChartPreview = createApmServerRoute({
const transactionDurationChartPreview = createApmServerRoute({
endpoint: 'GET /internal/apm/rule_types/transaction_duration/chart_preview',
params: t.type({ query: alertParamsRt }),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (
resources
): Promise<{
Expand Down
49 changes: 22 additions & 27 deletions ...ns/observability_solution/apm/server/routes/apm_routes/register_apm_server_routes.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,13 @@ const getRegisterRouteDependencies = () => {

const initApi = (
routes: Array<
ServerRoute<any, t.Any | undefined, APMRouteHandlerResources, any, APMRouteCreateOptions>
ServerRoute<
any,
t.Any | undefined,
APMRouteHandlerResources,
any,
APMRouteCreateOptions | undefined
>
>
) => {
const { mocks, dependencies } = getRegisterRouteDependencies();
Expand Down Expand Up @@ -134,36 +140,30 @@ describe('createApi', () => {
} = initApi([
{
endpoint: 'GET /foo',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async () => ({}),
},
{
endpoint: 'POST /bar',
params: t.type({
body: t.string,
}),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async () => ({}),
},
{
endpoint: 'PUT /baz',
options: {
tags: ['access:apm', 'access:apm_write'],
},
security: { authz: { requiredPrivileges: ['apm', 'apm_write'] } },
handler: async () => ({}),
},
{
endpoint: 'GET /qux',
options: {
tags: ['access:apm', 'access:apm_write'],
},
security: { authz: { requiredPrivileges: ['apm', 'apm_write'] } },
handler: async () => ({}),
},
{
endpoint: 'GET /fez',
options: {
tags: ['access:apm', 'access:apm_settings_write'],
},
security: { authz: { requiredPrivileges: ['apm', 'apm_settings_write'] } },
handler: async () => ({}),
},
]);
Expand All @@ -175,41 +175,36 @@ describe('createApi', () => {
expect(put).toHaveBeenCalledTimes(1);

expect(get.mock.calls[0][0]).toEqual({
options: {
tags: ['access:apm'],
},
options: {},
security: { authz: { requiredPrivileges: ['apm'] } },
path: '/foo',
validate: expect.anything(),
});

expect(get.mock.calls[1][0]).toEqual({
options: {
tags: ['access:apm', 'access:apm_write'],
},
options: {},
security: { authz: { requiredPrivileges: ['apm', 'apm_write'] } },
path: '/qux',
validate: expect.anything(),
});

expect(get.mock.calls[2][0]).toEqual({
options: {
tags: ['access:apm', 'access:apm_settings_write'],
},
options: {},
security: { authz: { requiredPrivileges: ['apm', 'apm_settings_write'] } },
path: '/fez',
validate: expect.anything(),
});

expect(post.mock.calls[0][0]).toEqual({
options: {
tags: ['access:apm'],
},
options: {},
security: { authz: { requiredPrivileges: ['apm'] } },
path: '/bar',
validate: expect.anything(),
});

expect(put.mock.calls[0][0]).toEqual({
options: {
tags: ['access:apm', 'access:apm_write'],
},
options: {},
security: { authz: { requiredPrivileges: ['apm', 'apm_write'] } },
path: '/baz',
validate: expect.anything(),
});
Expand Down
10 changes: 5 additions & 5 deletions x-pack/plugins/observability_solution/apm/server/routes/assistant_functions/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,10 @@ import { getApmTimeseries, getApmTimeseriesRt, type ApmTimeseries } from './get_

const getApmTimeSeriesRoute = createApmServerRoute({
endpoint: 'POST /internal/apm/assistant/get_apm_timeseries',
options: {
tags: ['access:apm', 'access:ai_assistant'],
security: {
authz: {
requiredPrivileges: ['apm', 'ai_assistant'],
},
},
params: t.type({
body: getApmTimeseriesRt,
Expand Down Expand Up @@ -51,9 +53,7 @@ const getDownstreamDependenciesRoute = createApmServerRoute({
params: t.type({
query: downstreamDependenciesRouteRt,
}),
options: {
tags: ['access:apm'],
},
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<{ content: APMDownstreamDependency[] }> => {
const {
params,
Expand Down
10 changes: 5 additions & 5 deletions x-pack/plugins/observability_solution/apm/server/routes/correlations/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ const fieldCandidatesTransactionsRoute = createApmServerRoute({
rangeRt,
]),
}),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<DurationFieldCandidatesResponse> => {
const { context } = resources;
const { license } = await context.licensing;
Expand Down Expand Up @@ -104,7 +104,7 @@ const fieldValueStatsTransactionsRoute = createApmServerRoute({
}),
]),
}),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<TopValuesStats> => {
const { context } = resources;
const { license } = await context.licensing;
Expand Down Expand Up @@ -172,7 +172,7 @@ const fieldValuePairsTransactionsRoute = createApmServerRoute({
}),
]),
}),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<FieldValuePairsResponse> => {
const { context } = resources;
const { license } = await context.licensing;
Expand Down Expand Up @@ -240,7 +240,7 @@ const significantCorrelationsTransactionsRoute = createApmServerRoute({
}),
]),
}),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<SignificantCorrelationsResponse> => {
const apmEventClient = await getApmEventClient(resources);
const {
Expand Down Expand Up @@ -299,7 +299,7 @@ const pValuesTransactionsRoute = createApmServerRoute({
}),
]),
}),
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<PValuesResponse> => {
const apmEventClient = await getApmEventClient(resources);

Expand Down
16 changes: 11 additions & 5 deletions x-pack/plugins/observability_solution/apm/server/routes/custom_dashboards/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,11 @@ const serviceDashboardSaveRoute = createApmServerRoute({
serviceEnvironmentFilterEnabled: t.boolean,
}),
}),
options: { tags: ['access:apm', 'access:apm_write'] },
security: {
authz: {
requiredPrivileges: ['apm', 'apm_write'],
},
},
handler: async (resources): Promise<SavedApmCustomDashboard> => {
const { context, params } = resources;
const { customDashboardId } = params.query;
Expand Down Expand Up @@ -62,9 +66,7 @@ const serviceDashboardsRoute = createApmServerRoute({
}),
]),
}),
options: {
tags: ['access:apm'],
},
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): Promise<{ serviceDashboards: SavedApmCustomDashboard[] }> => {
const { context, params, request } = resources;
const coreContext = await context.core;
Expand Down Expand Up @@ -116,7 +118,11 @@ const serviceDashboardDeleteRoute = createApmServerRoute({
customDashboardId: t.string,
}),
}),
options: { tags: ['access:apm', 'access:apm_write'] },
security: {
authz: {
requiredPrivileges: ['apm', 'apm_write'],
},
},
handler: async (resources): Promise<void> => {
const { context, params } = resources;
const { customDashboardId } = params.query;
Expand Down
4 changes: 2 additions & 2 deletions x-pack/plugins/observability_solution/apm/server/routes/data_view/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ import { getApmEventClient } from '../../lib/helpers/get_apm_event_client';

const staticDataViewRoute = createApmServerRoute({
endpoint: 'POST /internal/apm/data_view/static',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async (resources): CreateDataViewResponse => {
const { context, plugins, request, logger } = resources;
const apmEventClient = await getApmEventClient(resources);
Expand Down Expand Up @@ -49,7 +49,7 @@ const staticDataViewRoute = createApmServerRoute({

const dataViewTitleRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/data_view/index_pattern',
options: { tags: ['access:apm'] },
security: { authz: { requiredPrivileges: ['apm'] } },
handler: async ({ getApmIndices }): Promise<{ apmDataViewIndexPattern: string }> => {
const apmIndicies = await getApmIndices();
const apmDataViewIndexPattern = getApmDataViewIndexPattern(apmIndicies);
Expand Down
6 changes: 4 additions & 2 deletions x-pack/plugins/observability_solution/apm/server/routes/debug_telemetry/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,10 @@ import {
} from '../../../common/apm_saved_object_constants';
export const debugTelemetryRoute = createApmServerRoute({
endpoint: 'GET /internal/apm/debug-telemetry',
options: {
tags: ['access:apm', 'access:apm_write'],
security: {
authz: {
requiredPrivileges: ['apm', 'apm_write'],
},
},
handler: async (resources): Promise<APMTelemetry> => {
const { plugins, context } = resources;
Expand Down
Loading
Loading