github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

Removing check to see if user is a cloud user before activating (#139443)

Browse source 
* Removing check to see if user is a cloud user before activating

* Update x-pack/plugins/security/server/authentication/authenticator.test.ts

Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
This commit is contained in:
Kurt 2022-09-06 09:15:39 -04:00 committed by GitHub
parent cfce8825d3
commit dc7d25cd40
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
x-pack/plugins/security/server/authentication/authenticator.test.ts
View file

@ -477,7 +477,7 @@ describe('Authenticator', () => {
expect(mockOptions.userProfileService.activate).toHaveBeenCalledWith(userProfileGrant);
});
it('does not activate profiles for the Elastic Cloud users even if profile grant is provided', async () => {
it('activates profiles for the Elastic Cloud users if profile grant is provided', async () => {
const user = mockAuthenticatedUser({ elastic_cloud_user: true });
const request = httpServerMock.createKibanaRequest();
const authorization = `Basic ${Buffer.from('foo:bar').toString('base64')}`;
@ -499,12 +499,14 @@ describe('Authenticator', () => {
expect(mockOptions.session.create).toHaveBeenCalledTimes(1);
expect(mockOptions.session.create).toHaveBeenCalledWith(request, {
userProfileId: 'some-profile-uid',
username: user.username,
provider: mockSessVal.provider,
state: { authorization },
});
expectAuditEvents({ action: 'user_login', outcome: 'success' });
expect(mockOptions.userProfileService.activate).not.toHaveBeenCalled();
expect(mockOptions.userProfileService.activate).toHaveBeenCalledTimes(1);
expect(mockOptions.userProfileService.activate).toHaveBeenCalledWith(userProfileGrant);
});
it('returns `notHandled` if login attempt is targeted to not configured provider.', async () => {

6
x-pack/plugins/security/server/authentication/authenticator.ts
View file

@ -721,10 +721,8 @@ export class Authenticator {
// If authentication result includes user profile grant, we should try to activate user profile for this user and
// store user profile identifier in the session value.
// IMPORTANT: We don't activate profiles for the Elastic Cloud managed users until Cloud supports stable user
// profile identifiers.
const shouldActivateProfile =
authenticationResult.userProfileGrant && !authenticationResult.user?.elastic_cloud_user;
const shouldActivateProfile = authenticationResult.userProfileGrant;
if (shouldActivateProfile) {
this.logger.debug(`Activating profile for "${authenticationResult.user?.username}".`);
userProfileId = (