github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

Fixing the spaces audit logger when security is explicitly disabled (#23878) (#24018)

Browse source
This commit is contained in:
Brandon Kobel 2018-10-16 00:29:52 +01:00 committed by GitHub
parent 6c1933e6cc
commit 4913e93139
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 37 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

36
x-pack/plugins/spaces/server/lib/audit_logger.test.ts
View file

@ -5,12 +5,16 @@
*/
import { SpacesAuditLogger } from './audit_logger';
const createMockConfig = (settings: any) => {
const createMockConfig = (settings: { [key: string]: any } = {}) => {
const mockConfig = {
get: jest.fn(),
};
mockConfig.get.mockImplementation(key => {
if (!settings.hasOwnProperty(key)) {
throw new Error('Undefined key, mock schema error');
}
return settings[key];
});
@ -24,8 +28,21 @@ const createMockAuditLogger = () => {
};
describe(`#savedObjectsAuthorizationFailure`, () => {
test(`doesn't log anything when xpack.security.enabled is false`, () => {
const config = createMockConfig({
'xpack.security.enabled': false,
});
const auditLogger = createMockAuditLogger();
const securityAuditLogger = new SpacesAuditLogger(config, auditLogger);
securityAuditLogger.spacesAuthorizationFailure('foo-user', 'foo-action');
expect(auditLogger.log).toHaveBeenCalledTimes(0);
});
test(`doesn't log anything when xpack.security.audit.enabled is false`, () => {
const config = createMockConfig({
'xpack.security.enabled': true,
'xpack.security.audit.enabled': false,
});
const auditLogger = createMockAuditLogger();
@ -38,6 +55,7 @@ describe(`#savedObjectsAuthorizationFailure`, () => {
test('logs with spaceIds via auditLogger when xpack.security.audit.enabled is true', () => {
const config = createMockConfig({
'xpack.security.enabled': true,
'xpack.security.audit.enabled': true,
});
const auditLogger = createMockAuditLogger();
@ -61,6 +79,7 @@ describe(`#savedObjectsAuthorizationFailure`, () => {
test('logs without spaceIds via auditLogger when xpack.security.audit.enabled is true', () => {
const config = createMockConfig({
'xpack.security.enabled': true,
'xpack.security.audit.enabled': true,
});
const auditLogger = createMockAuditLogger();
@ -82,8 +101,21 @@ describe(`#savedObjectsAuthorizationFailure`, () => {
});
describe(`#savedObjectsAuthorizationSuccess`, () => {
test(`doesn't log anything when xpack.security.enabled is false`, () => {
const config = createMockConfig({
'xpack.security.enabled': false,
});
const auditLogger = createMockAuditLogger();
const securityAuditLogger = new SpacesAuditLogger(config, auditLogger);
securityAuditLogger.spacesAuthorizationSuccess('foo-user', 'foo-action');
expect(auditLogger.log).toHaveBeenCalledTimes(0);
});
test(`doesn't log anything when xpack.security.audit.enabled is false`, () => {
const config = createMockConfig({
'xpack.security.enabled': true,
'xpack.security.audit.enabled': false,
});
const auditLogger = createMockAuditLogger();
@ -96,6 +128,7 @@ describe(`#savedObjectsAuthorizationSuccess`, () => {
test('logs with spaceIds via auditLogger when xpack.security.audit.enabled is true', () => {
const config = createMockConfig({
'xpack.security.enabled': true,
'xpack.security.audit.enabled': true,
});
const auditLogger = createMockAuditLogger();
@ -119,6 +152,7 @@ describe(`#savedObjectsAuthorizationSuccess`, () => {
test('logs without spaceIds via auditLogger when xpack.security.audit.enabled is true', () => {
const config = createMockConfig({
'xpack.security.enabled': true,
'xpack.security.audit.enabled': true,
});
const auditLogger = createMockAuditLogger();

3
x-pack/plugins/spaces/server/lib/audit_logger.ts
View file

@ -9,7 +9,8 @@ export class SpacesAuditLogger {
private readonly auditLogger: any;
constructor(config: any, auditLogger: any) {
this.enabled = config.get('xpack.security.audit.enabled');
this.enabled =
config.get('xpack.security.enabled') && config.get('xpack.security.audit.enabled');
this.auditLogger = auditLogger;
}
public spacesAuthorizationFailure(username: string, action: string, spaceIds?: string[]) {