github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.6] [RAM] bug on _run_soon API (#151218 (#152643)

Browse source 
# Backport

This will backport the following commits from `main` to `8.6`:
- [[RAM] bug on _run_soon API
(#151218)](https://github.com/elastic/kibana/pull/151218)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Xavier
Mouligneau","email":"xavier.mouligneau@elastic.co"},"sourceCommit":{"committedDate":"2023-02-15T22:13:44Z","message":"[RAM]
bug on _run_soon API (#151218)\n\n## Summary\r\n\r\nFIX
https://github.com/elastic/kibana/issues/149432\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"e87d3a151c6e54cfbb0e8bf426279ebfcf4d27af","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:ResponseOps","v8.7.0","v8.6.2","v8.8.0"],"number":151218,"url":"https://github.com/elastic/kibana/pull/151218","mergeCommit":{"message":"[RAM]
bug on _run_soon API (#151218)\n\n## Summary\r\n\r\nFIX
https://github.com/elastic/kibana/issues/149432\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"e87d3a151c6e54cfbb0e8bf426279ebfcf4d27af"}},"sourceBranch":"main","suggestedTargetBranches":["8.7","8.6"],"targetPullRequestStates":[{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.6","label":"v8.6.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/151218","number":151218,"mergeCommit":{"message":"[RAM]
bug on _run_soon API (#151218)\n\n## Summary\r\n\r\nFIX
https://github.com/elastic/kibana/issues/149432\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"e87d3a151c6e54cfbb0e8bf426279ebfcf4d27af"}}]}]
BACKPORT-->
This commit is contained in:
Xavier Mouligneau 2023-03-03 11:15:47 -05:00 committed by GitHub
parent e058fa4506
commit 95857a0c78
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 85 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
x-pack/plugins/security/server/authorization/privileges/feature_privilege_builder/alerting.test.ts
View file

@ -91,6 +91,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/runSoon",
]
`);
});
@ -176,6 +177,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/runSoon",
"alerting:1.0.0-zeta1:alert-type/my-feature/alert/get",
"alerting:1.0.0-zeta1:alert-type/my-feature/alert/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/alert/getAuthorizedAlertsIndices",
@ -221,6 +223,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/runSoon",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/create",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/delete",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/update",
@ -322,6 +325,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/runSoon",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/create",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/delete",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/update",
@ -383,6 +387,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/runSoon",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/create",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/delete",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/update",
@ -404,6 +409,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/runSoon",
]
`);
});
@ -493,6 +499,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/runSoon",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/create",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/delete",
"alerting:1.0.0-zeta1:alert-type/my-feature/rule/update",
@ -514,6 +521,7 @@ describe(`feature_privilege_builder`, () => {
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/getExecutionLog",
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/find",
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/getRuleExecutionKPI",
"alerting:1.0.0-zeta1:readonly-alert-type/my-feature/rule/runSoon",
"alerting:1.0.0-zeta1:another-alert-type/my-feature/alert/get",
"alerting:1.0.0-zeta1:another-alert-type/my-feature/alert/find",
"alerting:1.0.0-zeta1:another-alert-type/my-feature/alert/getAuthorizedAlertsIndices",

1
x-pack/plugins/security/server/authorization/privileges/feature_privilege_builder/alerting.ts
View file

@ -24,6 +24,7 @@ const readOperations: Record<AlertingEntity, string[]> = {
'getExecutionLog',
'find',
'getRuleExecutionKPI',
'runSoon',
],
alert: ['get', 'find', 'getAuthorizedAlertsIndices'],
};

1
x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/index.ts
View file

@ -36,6 +36,7 @@ export default function alertingTests({ loadTestFile, getService }: FtrProviderC
loadTestFile(require.resolve('./bulk_enable'));
loadTestFile(require.resolve('./retain_api_key'));
loadTestFile(require.resolve('./clone'));
loadTestFile(require.resolve('./run_soon'));
});
});
}

75
x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/run_soon.ts Normal file
View file

@ -0,0 +1,75 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import { UserAtSpaceScenarios } from '../../../scenarios';
import {
getTestRuleData,
getConsumerUnauthorizedErrorMessage,
getUrlPrefix,
ObjectRemover,
} from '../../../../common/lib';
import { FtrProviderContext } from '../../../../common/ftr_provider_context';
// eslint-disable-next-line import/no-default-export
export default function createAlertTests({ getService }: FtrProviderContext) {
const supertest = getService('supertest');
const supertestWithoutAuth = getService('supertestWithoutAuth');
describe('runSoon', () => {
const objectRemover = new ObjectRemover(supertest);
afterEach(async () => {
await objectRemover.removeAll();
});
for (const scenario of UserAtSpaceScenarios) {
const { user, space } = scenario;
describe(scenario.id, () => {
it('should handle run soon rule request appropriately', async () => {
const responseRule = await supertest
.post(`${getUrlPrefix(space.id)}/api/alerting/rule`)
.set('kbn-xsrf', 'foo')
.send(getTestRuleData());
const response = await supertestWithoutAuth
.post(
`${getUrlPrefix(space.id)}/internal/alerting/rule/${responseRule.body.id}/_run_soon`
)
.set('kbn-xsrf', 'foo')
.auth(user.username, user.password)
.send();
switch (scenario.id) {
case 'no_kibana_privileges at space1':
case 'space_1_all at space2':
expect(response.statusCode).to.eql(403);
expect(response.body).to.eql({
error: 'Forbidden',
message: getConsumerUnauthorizedErrorMessage(
'runSoon',
'test.noop',
'alertsFixture'
),
statusCode: 403,
});
break;
case 'global_read at space1':
case 'space_1_all_alerts_none_actions at space1':
case 'superuser at space1':
case 'space_1_all at space1':
case 'space_1_all_with_restricted_fixture at space1':
expect(response.statusCode === 200 || response.statusCode === 204).to.be(true);
break;
default:
throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`);
}
});
});
}
});
}