From 4ab2b74ce4e4bd8f42355182946c7819eba768eb Mon Sep 17 00:00:00 2001 From: Chris Roberson Date: Thu, 27 Feb 2020 15:34:16 -0500 Subject: [PATCH] [Monitoring] Handle setup mode if security is disabled (#53306) * Handle setup mode if security is disabled * Rename so the test actually runs, and fix/add tests * Use es.js api instead of transport.request * Revert "Use es.js api instead of transport.request" This reverts commit ae0e48f8bd8e516b72820378a9d5e163e38d21b4. * Explicitly handle security not enabled Co-authored-by: Elastic Machine --- ...tatus.js => get_collection_status.test.js} | 45 ++++++++++++------- .../setup/collection/get_collection_status.js | 29 +++++++----- 2 files changed, 49 insertions(+), 25 deletions(-) rename x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/{get_collection_status.js => get_collection_status.test.js} (85%) diff --git a/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/get_collection_status.js b/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/get_collection_status.test.js similarity index 85% rename from x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/get_collection_status.js rename to x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/get_collection_status.test.js index 8562bdb2b0029..75ca6434c4e7a 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/get_collection_status.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/__test__/get_collection_status.test.js @@ -6,11 +6,11 @@ import expect from '@kbn/expect'; import sinon from 'sinon'; -import { getCollectionStatus } from '../'; +import { getCollectionStatus } from '..'; import { getIndexPatterns } from '../../../cluster/get_index_patterns'; const liveClusterUuid = 'a12'; -const mockReq = (searchResult = {}) => { +const mockReq = (searchResult = {}, securityEnabled = true, userHasPermissions = true) => { return { server: { newPlatform: { @@ -40,6 +40,14 @@ const mockReq = (searchResult = {}) => { }, }, plugins: { + xpack_main: { + info: { + isAvailable: () => true, + feature: () => ({ + isEnabled: () => securityEnabled, + }), + }, + }, elasticsearch: { getCluster() { return { @@ -51,6 +59,13 @@ const mockReq = (searchResult = {}) => { ) { return Promise.resolve({ cluster_uuid: liveClusterUuid }); } + if ( + type === 'transport.request' && + params && + params.path === '/_security/user/_has_privileges' + ) { + return Promise.resolve({ has_all_requested: userHasPermissions }); + } if (type === 'transport.request' && params && params.path === '/_nodes') { return Promise.resolve({ nodes: {} }); } @@ -218,19 +233,7 @@ describe('getCollectionStatus', () => { }); it('should detect products based on other indices', async () => { - const req = mockReq( - {}, - { - responses: [ - { hits: { total: { value: 1 } } }, - { hits: { total: { value: 1 } } }, - { hits: { total: { value: 1 } } }, - { hits: { total: { value: 1 } } }, - { hits: { total: { value: 1 } } }, - ], - } - ); - + const req = mockReq({ hits: { total: { value: 1 } } }); const result = await getCollectionStatus(req, getIndexPatterns(req.server), liveClusterUuid); expect(result.kibana.detected.doesExist).to.be(true); @@ -238,4 +241,16 @@ describe('getCollectionStatus', () => { expect(result.beats.detected.mightExist).to.be(true); expect(result.logstash.detected.mightExist).to.be(true); }); + + it('should work properly when security is disabled', async () => { + const req = mockReq({ hits: { total: { value: 1 } } }, false); + const result = await getCollectionStatus(req, getIndexPatterns(req.server), liveClusterUuid); + expect(result.kibana.detected.doesExist).to.be(true); + }); + + it('should not work if the user does not have the necessary permissions', async () => { + const req = mockReq({ hits: { total: { value: 1 } } }, true, false); + const result = await getCollectionStatus(req, getIndexPatterns(req.server), liveClusterUuid); + expect(result._meta.hasPermissions).to.be(false); + }); }); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/get_collection_status.js b/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/get_collection_status.js index 42d100b8af75e..0029aaa9ce8ee 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/get_collection_status.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/setup/collection/get_collection_status.js @@ -226,16 +226,25 @@ function isBeatFromAPM(bucket) { } async function hasNecessaryPermissions(req) { - const { callWithRequest } = req.server.plugins.elasticsearch.getCluster('data'); - const response = await callWithRequest(req, 'transport.request', { - method: 'POST', - path: '/_security/user/_has_privileges', - body: { - cluster: ['monitor'], - }, - }); - // If there is some problem, assume they do not have access - return get(response, 'has_all_requested', false); + try { + const { callWithRequest } = req.server.plugins.elasticsearch.getCluster('data'); + const response = await callWithRequest(req, 'transport.request', { + method: 'POST', + path: '/_security/user/_has_privileges', + body: { + cluster: ['monitor'], + }, + }); + // If there is some problem, assume they do not have access + return get(response, 'has_all_requested', false); + } catch (err) { + if ( + err.message === 'no handler found for uri [/_security/user/_has_privileges] and method [POST]' + ) { + return true; + } + return false; + } } /**