Skip to content

Commit

Permalink
Add tests to ensure AAD isn't broken after performing a change on an …
Browse files Browse the repository at this point in the history
…alert / action (#53333) (#53870)
  • Loading branch information
mikecote authored Dec 31, 2019
1 parent af31b6a commit 86c707b
Show file tree
Hide file tree
Showing 28 changed files with 360 additions and 25 deletions.
2 changes: 1 addition & 1 deletion x-pack/legacy/plugins/alerting/server/plugin.ts
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ export class Plugin {
attributesToEncrypt: new Set(['apiKey']),
attributesToExcludeFromAAD: new Set([
'scheduledTaskId',
'muted',
'muteAll',
'mutedInstanceIds',
'updatedBy',
]),
Expand Down
1 change: 1 addition & 0 deletions x-pack/test/alerting_api_integration/common/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions)
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'alerts')}`,
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'actions')}`,
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'task_manager')}`,
`--plugin-path=${path.join(__dirname, 'fixtures', 'plugins', 'aad')}`,
`--server.xsrf.whitelist=${JSON.stringify(getAllExternalServiceSimulatorPaths())}`,
...(ssl
? [
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import Joi from 'joi';
import Hapi from 'hapi';
import { Legacy } from 'kibana';
import KbnServer from '../../../../../../../src/legacy/server/kbn_server';
import { PluginStartContract } from '../../../../../../plugins/encrypted_saved_objects/server';

interface CheckAADRequest extends Hapi.Request {
payload: {
spaceId?: string;
type: string;
id: string;
};
}

// eslint-disable-next-line import/no-default-export
export default function(kibana: any) {
return new kibana.Plugin({
require: ['actions', 'alerting', 'encryptedSavedObjects'],
name: 'aad-fixtures',
init(server: Legacy.Server) {
const newPlatform = ((server as unknown) as KbnServer).newPlatform;
const esoPlugin = newPlatform.start.plugins.encryptedSavedObjects as PluginStartContract;

server.route({
method: 'POST',
path: '/api/check_aad',
options: {
validate: {
payload: Joi.object()
.keys({
spaceId: Joi.string().optional(),
type: Joi.string().required(),
id: Joi.string().required(),
})
.required(),
},
},
async handler(request: CheckAADRequest) {
let namespace: string | undefined;
const spacesPlugin = server.plugins.spaces;
if (spacesPlugin && request.payload.spaceId) {
namespace = spacesPlugin.spaceIdToNamespace(request.payload.spaceId);
}
await esoPlugin.getDecryptedAsInternalUser(request.payload.type, request.payload.id, {
namespace,
});
return { success: true };
},
});
},
});
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{
"name": "aad-fixtures",
"version": "0.0.0",
"kibana": {
"version": "kibana"
}
}
20 changes: 20 additions & 0 deletions x-pack/test/alerting_api_integration/common/lib/check_aad.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

interface Opts {
supertest: any;
spaceId?: string;
type: string;
id: string;
}

export async function checkAAD({ supertest, spaceId, type, id }: Opts) {
await supertest
.post('/api/check_aad')
.set('kbn-xsrf', 'foo')
.send({ spaceId, type, id })
.expect(200, { success: true });
}
1 change: 1 addition & 0 deletions x-pack/test/alerting_api_integration/common/lib/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,4 @@ export { ES_TEST_INDEX_NAME, ESTestIndexTool } from './es_test_index_tool';
export { getTestAlertData } from './get_test_alert_data';
export { AlertUtils } from './alert_utils';
export { TaskManagerUtils } from './task_manager_utils';
export { checkAAD } from './check_aad';
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { getUrlPrefix, ObjectRemover } from '../../../common/lib';
import { checkAAD, getUrlPrefix, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';

// eslint-disable-next-line import/no-default-export
Expand Down Expand Up @@ -52,6 +52,7 @@ export default function createActionTests({ getService }: FtrProviderContext) {
case 'superuser at space1':
case 'space_1_all at space1':
expect(response.statusCode).to.eql(200);
objectRemover.add(space.id, response.body.id, 'action');
expect(response.body).to.eql({
id: response.body.id,
name: 'My action',
Expand All @@ -61,7 +62,13 @@ export default function createActionTests({ getService }: FtrProviderContext) {
},
});
expect(typeof response.body.id).to.be('string');
objectRemover.add(space.id, response.body.id, 'action');
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'action',
id: response.body.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { getUrlPrefix, ObjectRemover } from '../../../common/lib';
import { checkAAD, getUrlPrefix, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';

// eslint-disable-next-line import/no-default-export
Expand Down Expand Up @@ -75,6 +75,13 @@ export default function updateActionTests({ getService }: FtrProviderContext) {
unencrypted: `This value shouldn't get encrypted`,
},
});
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'action',
id: createdAction.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { getTestAlertData, getUrlPrefix, ObjectRemover } from '../../../common/lib';
import { checkAAD, getTestAlertData, getUrlPrefix, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';

// eslint-disable-next-line import/no-default-export
Expand Down Expand Up @@ -106,6 +106,13 @@ export default function createAlertTests({ getService }: FtrProviderContext) {
alertId: response.body.id,
spaceId: space.id,
});
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: response.body.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,14 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
AlertUtils,
checkAAD,
getUrlPrefix,
getTestAlertData,
ObjectRemover,
} from '../../../common/lib';

// eslint-disable-next-line import/no-default-export
export default function createDisableAlertTests({ getService }: FtrProviderContext) {
Expand Down Expand Up @@ -65,6 +71,13 @@ export default function createDisableAlertTests({ getService }: FtrProviderConte
} catch (e) {
expect(e.status).to.eql(404);
}
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,14 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
AlertUtils,
checkAAD,
getUrlPrefix,
getTestAlertData,
ObjectRemover,
} from '../../../common/lib';

// eslint-disable-next-line import/no-default-export
export default function createEnableAlertTests({ getService }: FtrProviderContext) {
Expand Down Expand Up @@ -70,6 +76,13 @@ export default function createEnableAlertTests({ getService }: FtrProviderContex
alertId: createdAlert.id,
spaceId: space.id,
});
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,14 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
AlertUtils,
checkAAD,
getUrlPrefix,
getTestAlertData,
ObjectRemover,
} from '../../../common/lib';

// eslint-disable-next-line import/no-default-export
export default function createMuteAlertTests({ getService }: FtrProviderContext) {
Expand Down Expand Up @@ -55,6 +61,13 @@ export default function createMuteAlertTests({ getService }: FtrProviderContext)
.auth(user.username, user.password)
.expect(200);
expect(updatedAlert.muteAll).to.eql(true);
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,14 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
AlertUtils,
checkAAD,
getUrlPrefix,
getTestAlertData,
ObjectRemover,
} from '../../../common/lib';

// eslint-disable-next-line import/no-default-export
export default function createMuteAlertInstanceTests({ getService }: FtrProviderContext) {
Expand Down Expand Up @@ -55,6 +61,13 @@ export default function createMuteAlertInstanceTests({ getService }: FtrProvider
.auth(user.username, user.password)
.expect(200);
expect(updatedAlert.mutedInstanceIds).to.eql(['1']);
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,14 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
AlertUtils,
checkAAD,
getUrlPrefix,
getTestAlertData,
ObjectRemover,
} from '../../../common/lib';

// eslint-disable-next-line import/no-default-export
export default function createUnmuteAlertTests({ getService }: FtrProviderContext) {
Expand Down Expand Up @@ -60,6 +66,13 @@ export default function createUnmuteAlertTests({ getService }: FtrProviderContex
.auth(user.username, user.password)
.expect(200);
expect(updatedAlert.muteAll).to.eql(false);
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,14 @@

import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../scenarios';
import { AlertUtils, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
AlertUtils,
checkAAD,
getUrlPrefix,
getTestAlertData,
ObjectRemover,
} from '../../../common/lib';

// eslint-disable-next-line import/no-default-export
export default function createMuteAlertInstanceTests({ getService }: FtrProviderContext) {
Expand Down Expand Up @@ -60,6 +66,13 @@ export default function createMuteAlertInstanceTests({ getService }: FtrProvider
.auth(user.username, user.password)
.expect(200);
expect(updatedAlert.mutedInstanceIds).to.eql([]);
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
import expect from '@kbn/expect';
import { Response as SupertestResponse } from 'supertest';
import { UserAtSpaceScenarios } from '../../scenarios';
import { getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { checkAAD, getUrlPrefix, getTestAlertData, ObjectRemover } from '../../../common/lib';
import { FtrProviderContext } from '../../../common/ftr_provider_context';

// eslint-disable-next-line import/no-default-export
Expand Down Expand Up @@ -82,6 +82,13 @@ export default function createUpdateTests({ getService }: FtrProviderContext) {
mutedInstanceIds: [],
scheduledTaskId: createdAlert.scheduledTaskId,
});
// Ensure AAD isn't broken
await checkAAD({
supertest,
spaceId: space.id,
type: 'alert',
id: createdAlert.id,
});
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
Expand Down
Loading

0 comments on commit 86c707b

Please sign in to comment.