[BeatsCM] Fixes and issue where if security is disabled, BeatsCM breaks Kibana (#24249) (#24268)

* fix spelling * fix license and security checks * removed unused vars * cleanup * remove security check from route def as it is already managed in-route
2025-04-24 09:48:58 -04:00 · 2018-10-19 14:32:59 -04:00 · 2018-10-19 14:32:59 -04:00 · be53605c5b
commit be53605c5b
parent 57c7bd509a
5 changed files with 25 additions and 37 deletions
--- a/x-pack/plugins/beats_management/public/lib/adapters/framework/kibana_framework_adapter.ts
+++ b/x-pack/plugins/beats_management/public/lib/adapters/framework/kibana_framework_adapter.ts
@ -25,8 +25,6 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
  private routes: any;
  private XPackInfoProvider: any;
  private xpackInfo: null | any;
-  private notifier: any;
-  private kbnUrlService: any;
  private chrome: any;

  constructor(
@ -34,8 +32,7 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
    management: any,
    routes: any,
    chrome: any,
-    XPackInfoProvider: any,
-    Notifier: any
+    XPackInfoProvider: any
  ) {
    this.adapterService = new KibanaAdapterServiceProvider();
    this.management = management;
@ -44,7 +41,6 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
    this.chrome = chrome;
    this.XPackInfoProvider = XPackInfoProvider;
    this.appState = {};
-    this.notifier = new Notifier({ location: 'Beats' });
  }

  public get baseURLPath(): string {
@ -58,7 +54,9 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
  };

  public render = (component: React.ReactElement<any>) => {
-    this.rootComponent = component;
+    if (this.hadValidLicense() && this.securityEnabled()) {
+      this.rootComponent = component;
+    }
  };

  public hadValidLicense() {
@ -77,10 +75,10 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
  }

  public registerManagementSection(pluginId: string, displayName: string, basePath: string) {
-    this.register(this.uiModule);
+    if (this.hadValidLicense() && this.securityEnabled()) {
+      this.register(this.uiModule);

-    this.hookAngular(() => {
-      if (this.hadValidLicense() && this.securityEnabled()) {
+      this.hookAngular(() => {
        const registerSection = () =>
          this.management.register(pluginId, {
            display: 'Beats', // TODO these need to be config options not hard coded in the adapter
@ -97,13 +95,8 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
          order: 30,
          url: `#${basePath}`,
        });
-      }
-
-      if (!this.securityEnabled()) {
-        this.notifier.error(this.xpackInfo.get(`features.beats_management.message`));
-        this.kbnUrlService.redirect('/management');
-      }
-    });
+      });
+    }
  }

  private manageAngularLifecycle($scope: any, $route: any, elem: any) {
@ -131,10 +124,8 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter {
    this.chrome.dangerouslyGetActiveInjector().then(($injector: any) => {
      const Private = $injector.get('Private');
      const xpackInfo = Private(this.XPackInfoProvider);
-      const kbnUrlService = $injector.get('kbnUrl');

      this.xpackInfo = xpackInfo;
-      this.kbnUrlService = kbnUrlService;
      done();
    });
  }
--- a/x-pack/plugins/beats_management/public/lib/compose/kibana.ts
+++ b/x-pack/plugins/beats_management/public/lib/compose/kibana.ts
@ -14,8 +14,6 @@ import chrome from 'ui/chrome';
 import { management } from 'ui/management';
 // @ts-ignore: path dynamic for kibana
 import { uiModules } from 'ui/modules';
-// @ts-ignore
-import { Notifier } from 'ui/notify';
 // @ts-ignore: path dynamic for kibana
 import routes from 'ui/routes';

@ -54,8 +52,7 @@ export function compose(): FrontendLibs {
    management,
    routes,
    chrome,
-    XPackInfoProvider,
-    Notifier
+    XPackInfoProvider
  );

  const libs: FrontendLibs = {
--- a/x-pack/plugins/beats_management/public/lib/compose/memory.ts
+++ b/x-pack/plugins/beats_management/public/lib/compose/memory.ts
@ -47,14 +47,7 @@ export function compose(
  };
  const pluginUIModule = uiModules.get('app/beats_management');

-  const framework = new KibanaFrameworkAdapter(
-    pluginUIModule,
-    management,
-    routes,
-    null,
-    null,
-    null
-  );
+  const framework = new KibanaFrameworkAdapter(pluginUIModule, management, routes, null, null);
  const libs: FrontendLibs = {
    ...domainLibs,
    elasticsearch: new ElasticsearchLib(esAdapter),
--- a/x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts
+++ b/x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts
@ -59,6 +59,9 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter {
  }

  public exposeStaticDir(urlPath: string, dir: string): void {
+    if (!this.isSecurityEnabled()) {
+      return;
+    }
    this.server.route({
      handler: {
        directory: {
@ -90,6 +93,13 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter {
    });
  }

+  private isSecurityEnabled = () => {
+    return (
+      this.server.plugins.xpack_main.info.isAvailable() &&
+      this.server.plugins.xpack_main.info.feature('security').isEnabled()
+    );
+  };
+
  private validateConfig() {
    // @ts-ignore
    const config = this.server.config();
@ -111,7 +121,7 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter {
        securityEnabled: false,
        licenseValid: false,
        message:
-          'You cannot manage Beats centeral management because license information is not available at this time.',
+          'You cannot manage Beats central management because license information is not available at this time.',
      };
    }

@ -127,7 +137,7 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter {
      return {
        securityEnabled: true,
        licenseValid: false,
-        message: `Your ${licenseType} license does not support Beats centeral management features. Please upgrade your license.`,
+        message: `Your ${licenseType} license does not support Beats central management features. Please upgrade your license.`,
      };
    }

@ -136,14 +146,14 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter {
      return {
        securityEnabled: true,
        licenseValid: false,
-        message: `You cannot edit, create, or delete your Beats centeral management configurations because your ${licenseType} license has expired.`,
+        message: `You cannot edit, create, or delete your Beats central management configurations because your ${licenseType} license has expired.`,
      };
    }

    // Security is not enabled in ES
    if (!isSecurityEnabled) {
      const message =
-        'Security must be enabled in order to use Beats centeral management features.' +
+        'Security must be enabled in order to use Beats central management features.' +
        ' Please set xpack.security.enabled: true in your elasticsearch.yml.';
      return {
        securityEnabled: false,
--- a/x-pack/plugins/beats_management/server/rest_api/beats/update.ts
+++ b/x-pack/plugins/beats_management/server/rest_api/beats/update.ts
@ -15,9 +15,6 @@ export const createBeatUpdateRoute = (libs: CMServerLibs) => ({
  path: '/api/beats/agent/{beatId}',
  licenseRequired: true,
  config: {
-    auth: {
-      mode: 'optional',
-    },
    validate: {
      headers: Joi.object({
        'kbn-beats-access-token': Joi.string(),