Skip to content

Commit

Permalink
Add test to verify Console proxy doesn't forward system index header (e…
Browse files Browse the repository at this point in the history
…lastic#95562)

* Add test to verify Console API does not forward system index header

* Add integration test to Core to verify system indices warning behavior

Co-authored-by: Kibana Machine <[email protected]>
  • Loading branch information
joshdover and kibanamachine committed Mar 29, 2021
1 parent b205abf commit 610902b
Show file tree
Hide file tree
Showing 4 changed files with 117 additions and 0 deletions.
57 changes: 57 additions & 0 deletions src/core/server/elasticsearch/integration_tests/client.test.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import {
createTestServers,
TestElasticsearchUtils,
TestKibanaUtils,
} from '../../../test_helpers/kbn_server';

describe('elasticsearch clients', () => {
let esServer: TestElasticsearchUtils;
let kibanaServer: TestKibanaUtils;

beforeAll(async () => {
const { startES, startKibana } = createTestServers({
adjustTimeout: jest.setTimeout,
});

esServer = await startES();
kibanaServer = await startKibana();
});

afterAll(async () => {
await kibanaServer.stop();
await esServer.stop();
});

it('does not return deprecation warning when x-elastic-product-origin header is set', async () => {
// Header should be automatically set by Core
const resp1 = await kibanaServer.coreStart.elasticsearch.client.asInternalUser.indices.getSettings(
{ index: '.kibana' }
);
expect(resp1.headers).not.toHaveProperty('warning');

// Also test setting it explicitly
const resp2 = await kibanaServer.coreStart.elasticsearch.client.asInternalUser.indices.getSettings(
{ index: '.kibana' },
{ headers: { 'x-elastic-product-origin': 'kibana' } }
);
expect(resp2.headers).not.toHaveProperty('warning');
});

it('returns deprecation warning when x-elastic-product-orign header is not set', async () => {
const resp = await kibanaServer.coreStart.elasticsearch.client.asInternalUser.indices.getSettings(
{ index: '.kibana' },
{ headers: { 'x-elastic-product-origin': null } }
);

expect(resp.headers).toHaveProperty('warning');
expect(resp.headers!.warning).toMatch('system indices');
});
});
15 changes: 15 additions & 0 deletions test/api_integration/apis/console/index.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import { FtrProviderContext } from '../../ftr_provider_context';

export default function ({ loadTestFile }: FtrProviderContext) {
describe('core', () => {
loadTestFile(require.resolve('./proxy_route'));
});
}
44 changes: 44 additions & 0 deletions test/api_integration/apis/console/proxy_route.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import expect from '@kbn/expect';
import { FtrProviderContext } from '../../ftr_provider_context';

export default function ({ getService }: FtrProviderContext) {
const supertest = getService('supertest');

describe('POST /api/console/proxy', () => {
describe('system indices behavior', () => {
it('returns warning header when making requests to .kibana index', async () => {
return await supertest
.post('/api/console/proxy?method=GET&path=/.kibana/_settings')
.set('kbn-xsrf', 'true')
.then((response) => {
expect(response.header).to.have.property('warning');
const { warning } = response.header as { warning: string };
expect(warning.startsWith('299')).to.be(true);
expect(warning.includes('system indices')).to.be(true);
});
});

it('does not forward x-elastic-product-origin', async () => {
// If we pass the header and we still get the warning back, we assume that the header was not forwarded.
return await supertest
.post('/api/console/proxy?method=GET&path=/.kibana/_settings')
.set('kbn-xsrf', 'true')
.set('x-elastic-product-origin', 'kibana')
.then((response) => {
expect(response.header).to.have.property('warning');
const { warning } = response.header as { warning: string };
expect(warning.startsWith('299')).to.be(true);
expect(warning.includes('system indices')).to.be(true);
});
});
});
});
}
1 change: 1 addition & 0 deletions test/api_integration/apis/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import { FtrProviderContext } from '../ftr_provider_context';

export default function ({ loadTestFile }: FtrProviderContext) {
describe('apis', () => {
loadTestFile(require.resolve('./console'));
loadTestFile(require.resolve('./core'));
loadTestFile(require.resolve('./general'));
loadTestFile(require.resolve('./home'));
Expand Down

0 comments on commit 610902b

Please sign in to comment.