diff --git a/.eslintrc.js b/.eslintrc.js index 087d6276cd33f..a678243e4f07a 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -76,12 +76,6 @@ module.exports = { 'react-hooks/exhaustive-deps': 'off', }, }, - { - files: ['src/legacy/core_plugins/vis_type_vislib/**/*.{js,ts,tsx}'], - rules: { - 'react-hooks/exhaustive-deps': 'off', - }, - }, { files: [ 'src/legacy/core_plugins/vis_default_editor/public/components/controls/**/*.{ts,tsx}', diff --git a/.gitignore b/.gitignore index 02b20da297fc6..efb5c57774633 100644 --- a/.gitignore +++ b/.gitignore @@ -44,5 +44,3 @@ package-lock.json *.sublime-* npm-debug.log* .tern-project -x-pack/legacy/plugins/apm/tsconfig.json -apm.tsconfig.json diff --git a/Jenkinsfile b/Jenkinsfile index 85502369b07be..742aec1d4e7ab 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -40,6 +40,7 @@ kibanaPipeline(timeoutMinutes: 135) { 'xpack-ciGroup9': kibanaPipeline.xpackCiGroupProcess(9), 'xpack-ciGroup10': kibanaPipeline.xpackCiGroupProcess(10), 'xpack-accessibility': kibanaPipeline.functionalTestProcess('xpack-accessibility', './test/scripts/jenkins_xpack_accessibility.sh'), + 'xpack-siemCypress': kibanaPipeline.functionalTestProcess('xpack-siemCypress', './test/scripts/jenkins_siem_cypress.sh'), // 'xpack-visualRegression': kibanaPipeline.functionalTestProcess('xpack-visualRegression', './test/scripts/jenkins_xpack_visual_regression.sh'), ]), ]) diff --git a/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.test.ts b/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.test.ts new file mode 100644 index 0000000000000..bfba4d7f4c8da --- /dev/null +++ b/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.test.ts @@ -0,0 +1,119 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { + fieldFormats, + FieldFormatsGetConfigFn, + esFilters, + IndexPatternsContract, +} from '../../../../../../plugins/data/public'; +// eslint-disable-next-line @kbn/eslint/no-restricted-paths +import { setIndexPatterns } from '../../../../../../plugins/data/public/services'; +import { dataPluginMock } from '../../../../../../plugins/data/public/mocks'; +import { createFiltersFromEvent, EventData } from './create_filters_from_event'; +import { mockDataServices } from '../../search/aggs/test_helpers'; + +jest.mock('ui/new_platform'); + +const mockField = { + name: 'bytes', + indexPattern: { + id: 'logstash-*', + }, + filterable: true, + format: new fieldFormats.BytesFormat({}, (() => {}) as FieldFormatsGetConfigFn), +}; + +describe('createFiltersFromEvent', () => { + let dataPoints: EventData[]; + + beforeEach(() => { + dataPoints = [ + { + table: { + columns: [ + { + name: 'test', + id: '1-1', + meta: { + type: 'histogram', + indexPatternId: 'logstash-*', + aggConfigParams: { + field: 'bytes', + interval: 30, + otherBucket: true, + }, + }, + }, + ], + rows: [ + { + '1-1': '2048', + }, + ], + }, + column: 0, + row: 0, + value: 'test', + }, + ]; + + mockDataServices(); + setIndexPatterns(({ + ...dataPluginMock.createStartContract().indexPatterns, + get: async () => ({ + id: 'logstash-*', + fields: { + getByName: () => mockField, + filter: () => [mockField], + }, + }), + } as unknown) as IndexPatternsContract); + }); + + test('ignores event when value for rows is not provided', async () => { + dataPoints[0].table.rows[0]['1-1'] = null; + const filters = await createFiltersFromEvent(dataPoints); + + expect(filters.length).toEqual(0); + }); + + test('handles an event when aggregations type is a terms', async () => { + if (dataPoints[0].table.columns[0].meta) { + dataPoints[0].table.columns[0].meta.type = 'terms'; + } + const filters = await createFiltersFromEvent(dataPoints); + + expect(filters.length).toEqual(1); + expect(filters[0].query.match_phrase.bytes).toEqual('2048'); + }); + + test('handles an event when aggregations type is not terms', async () => { + const filters = await createFiltersFromEvent(dataPoints); + + expect(filters.length).toEqual(1); + + const [rangeFilter] = filters; + + if (esFilters.isRangeFilter(rangeFilter)) { + expect(rangeFilter.range.bytes.gte).toEqual(2048); + expect(rangeFilter.range.bytes.lt).toEqual(2078); + } + }); +}); diff --git a/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.js b/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.ts similarity index 70% rename from src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.js rename to src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.ts index 1037c718d0003..3713c781b0958 100644 --- a/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.js +++ b/src/legacy/core_plugins/data/public/actions/filters/create_filters_from_event.ts @@ -17,21 +17,33 @@ * under the License. */ -import { esFilters } from '../../../../../../plugins/data/public'; +import { KibanaDatatable } from '../../../../../../plugins/expressions/public'; +import { esFilters, Filter } from '../../../../../../plugins/data/public'; import { deserializeAggConfig } from '../../search/expressions/utils'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { getIndexPatterns } from '../../../../../../plugins/data/public/services'; +export interface EventData { + table: Pick; + column: number; + row: number; + value: any; +} + /** * For terms aggregations on `__other__` buckets, this assembles a list of applicable filter * terms based on a specific cell in the tabified data. * - * @param {object} table - tabified table data + * @param {EventData['table']} table - tabified table data * @param {number} columnIndex - current column index * @param {number} rowIndex - current row index * @return {array} - array of terms to filter against */ -const getOtherBucketFilterTerms = (table, columnIndex, rowIndex) => { +const getOtherBucketFilterTerms = ( + table: EventData['table'], + columnIndex: number, + rowIndex: number +) => { if (rowIndex === -1) { return []; } @@ -42,7 +54,7 @@ const getOtherBucketFilterTerms = (table, columnIndex, rowIndex) => { return row[column.id] === table.rows[rowIndex][column.id] || i >= columnIndex; }); }); - const terms = rows.map(row => row[table.columns[columnIndex].id]); + const terms: any[] = rows.map(row => row[table.columns[columnIndex].id]); return [ ...new Set( @@ -59,22 +71,27 @@ const getOtherBucketFilterTerms = (table, columnIndex, rowIndex) => { * Assembles the filters needed to apply filtering against a specific cell value, while accounting * for cases like if the value is a terms agg in an `__other__` or `__missing__` bucket. * - * @param {object} table - tabified table data + * @param {EventData['table']} table - tabified table data * @param {number} columnIndex - current column index * @param {number} rowIndex - current row index * @param {string} cellValue - value of the current cell - * @return {array|string} - filter or list of filters to provide to queryFilter.addFilters() + * @return {Filter[]|undefined} - list of filters to provide to queryFilter.addFilters() */ -const createFilter = async (table, columnIndex, rowIndex) => { - if (!table || !table.columns || !table.columns[columnIndex]) return; +const createFilter = async (table: EventData['table'], columnIndex: number, rowIndex: number) => { + if (!table || !table.columns || !table.columns[columnIndex]) { + return; + } const column = table.columns[columnIndex]; + if (!column.meta || !column.meta.indexPatternId) { + return; + } const aggConfig = deserializeAggConfig({ type: column.meta.type, - aggConfigParams: column.meta.aggConfigParams, + aggConfigParams: column.meta.aggConfigParams ? column.meta.aggConfigParams : {}, indexPattern: await getIndexPatterns().get(column.meta.indexPatternId), }); - let filter = []; - const value = rowIndex > -1 ? table.rows[rowIndex][column.id] : null; + let filter: Filter[] = []; + const value: any = rowIndex > -1 ? table.rows[rowIndex][column.id] : null; if (value === null || value === undefined || !aggConfig.isFilterable()) { return; } @@ -85,6 +102,10 @@ const createFilter = async (table, columnIndex, rowIndex) => { filter = aggConfig.createFilter(value); } + if (!filter) { + return; + } + if (!Array.isArray(filter)) { filter = [filter]; } @@ -92,19 +113,18 @@ const createFilter = async (table, columnIndex, rowIndex) => { return filter; }; -const createFiltersFromEvent = async event => { - const filters = []; - const dataPoints = event.data || [event]; +const createFiltersFromEvent = async (dataPoints: EventData[], negate?: boolean) => { + const filters: Filter[] = []; await Promise.all( dataPoints .filter(point => point) .map(async val => { const { table, column, row } = val; - const filter = await createFilter(table, column, row); + const filter: Filter[] = (await createFilter(table, column, row)) || []; if (filter) { filter.forEach(f => { - if (event.negate) { + if (negate) { f = esFilters.toggleFilterNegated(f); } filters.push(f); diff --git a/src/legacy/core_plugins/data/public/actions/value_click_action.ts b/src/legacy/core_plugins/data/public/actions/value_click_action.ts index 260b401e6d658..26933cc8ddb82 100644 --- a/src/legacy/core_plugins/data/public/actions/value_click_action.ts +++ b/src/legacy/core_plugins/data/public/actions/value_click_action.ts @@ -46,7 +46,9 @@ interface ActionContext { async function isCompatible(context: ActionContext) { try { - const filters: Filter[] = (await createFiltersFromEvent(context.data)) || []; + const filters: Filter[] = + (await createFiltersFromEvent(context.data.data || [context.data], context.data.negate)) || + []; return filters.length > 0; } catch { return false; @@ -71,7 +73,8 @@ export function valueClickAction( throw new IncompatibleActionError(); } - const filters: Filter[] = (await createFiltersFromEvent(data)) || []; + const filters: Filter[] = + (await createFiltersFromEvent(data.data || [data], data.negate)) || []; let selectedFilters: Filter[] = esFilters.mapAndFlattenFilters(filters); diff --git a/src/legacy/core_plugins/data/public/search/expressions/build_tabular_inspector_data.ts b/src/legacy/core_plugins/data/public/search/expressions/build_tabular_inspector_data.ts index e85e9deff6ddf..bd05fa21bfd5d 100644 --- a/src/legacy/core_plugins/data/public/search/expressions/build_tabular_inspector_data.ts +++ b/src/legacy/core_plugins/data/public/search/expressions/build_tabular_inspector_data.ts @@ -20,7 +20,7 @@ import { set } from 'lodash'; // @ts-ignore import { FormattedData } from '../../../../../../plugins/inspector/public'; -// @ts-ignore + import { createFilter } from './create_filter'; import { TabbedTable } from '../tabify'; @@ -66,7 +66,10 @@ export async function buildTabularInspectorData( row => row[`col-${colIndex}-${col.aggConfig.id}`].raw === value.raw ); const filter = createFilter(aggConfigs, table, colIndex, rowIndex, value.raw); - queryFilter.addFilters(filter); + + if (filter) { + queryFilter.addFilters(filter); + } }), filterOut: isCellContentFilterable && @@ -75,14 +78,17 @@ export async function buildTabularInspectorData( row => row[`col-${colIndex}-${col.aggConfig.id}`].raw === value.raw ); const filter = createFilter(aggConfigs, table, colIndex, rowIndex, value.raw); - const notOther = value.raw !== '__other__'; - const notMissing = value.raw !== '__missing__'; - if (Array.isArray(filter)) { - filter.forEach(f => set(f, 'meta.negate', notOther && notMissing)); - } else { - set(filter, 'meta.negate', notOther && notMissing); + + if (filter) { + const notOther = value.raw !== '__other__'; + const notMissing = value.raw !== '__missing__'; + if (Array.isArray(filter)) { + filter.forEach(f => set(f, 'meta.negate', notOther && notMissing)); + } else { + set(filter, 'meta.negate', notOther && notMissing); + } + queryFilter.addFilters(filter); } - queryFilter.addFilters(filter); }), }; }); diff --git a/src/legacy/core_plugins/data/public/search/expressions/create_filter.test.ts b/src/legacy/core_plugins/data/public/search/expressions/create_filter.test.ts new file mode 100644 index 0000000000000..890ec81778d4b --- /dev/null +++ b/src/legacy/core_plugins/data/public/search/expressions/create_filter.test.ts @@ -0,0 +1,130 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { + fieldFormats, + FieldFormatsGetConfigFn, + esFilters, +} from '../../../../../../plugins/data/public'; +import { createFilter } from './create_filter'; +import { TabbedTable } from '../tabify'; +import { AggConfigs } from '../aggs/agg_configs'; +import { IAggConfig } from '../aggs/agg_config'; +import { mockDataServices, mockAggTypesRegistry } from '../aggs/test_helpers'; + +describe('createFilter', () => { + let table: TabbedTable; + let aggConfig: IAggConfig; + + const typesRegistry = mockAggTypesRegistry(); + + const getAggConfigs = (type: string, params: any) => { + const field = { + name: 'bytes', + filterable: true, + indexPattern: { + id: '1234', + }, + format: new fieldFormats.BytesFormat({}, (() => {}) as FieldFormatsGetConfigFn), + }; + + const indexPattern = { + id: '1234', + title: 'logstash-*', + fields: { + getByName: () => field, + filter: () => [field], + }, + } as any; + + return new AggConfigs( + indexPattern, + [ + { + id: type, + type, + schema: 'buckets', + params, + }, + ], + { typesRegistry } + ); + }; + + const aggConfigParams: Record = { + field: 'bytes', + interval: 30, + otherBucket: true, + }; + + beforeEach(() => { + table = { + columns: [ + { + id: '1-1', + name: 'test', + aggConfig, + }, + ], + rows: [ + { + '1-1': '2048', + }, + ], + }; + mockDataServices(); + }); + + test('ignores event when cell value is not provided', async () => { + aggConfig = getAggConfigs('histogram', aggConfigParams).aggs[0]; + const filters = await createFilter([aggConfig], table, 0, -1, null); + + expect(filters).not.toBeDefined(); + }); + + test('handles an event when aggregations type is a terms', async () => { + aggConfig = getAggConfigs('terms', aggConfigParams).aggs[0]; + const filters = await createFilter([aggConfig], table, 0, 0, 'test'); + + expect(filters).toBeDefined(); + + if (filters) { + expect(filters.length).toEqual(1); + expect(filters[0].query.match_phrase.bytes).toEqual('2048'); + } + }); + + test('handles an event when aggregations type is not terms', async () => { + aggConfig = getAggConfigs('histogram', aggConfigParams).aggs[0]; + const filters = await createFilter([aggConfig], table, 0, 0, 'test'); + + expect(filters).toBeDefined(); + + if (filters) { + expect(filters.length).toEqual(1); + + const [rangeFilter] = filters; + + if (esFilters.isRangeFilter(rangeFilter)) { + expect(rangeFilter.range.bytes.gte).toEqual(2048); + expect(rangeFilter.range.bytes.lt).toEqual(2078); + } + } + }); +}); diff --git a/src/legacy/core_plugins/data/public/search/expressions/create_filter.js b/src/legacy/core_plugins/data/public/search/expressions/create_filter.ts similarity index 78% rename from src/legacy/core_plugins/data/public/search/expressions/create_filter.js rename to src/legacy/core_plugins/data/public/search/expressions/create_filter.ts index 3f4028a9b5525..77e011932195c 100644 --- a/src/legacy/core_plugins/data/public/search/expressions/create_filter.js +++ b/src/legacy/core_plugins/data/public/search/expressions/create_filter.ts @@ -17,7 +17,11 @@ * under the License. */ -const getOtherBucketFilterTerms = (table, columnIndex, rowIndex) => { +import { IAggConfig } from 'ui/agg_types'; +import { Filter } from '../../../../../../plugins/data/public'; +import { TabbedTable } from '../tabify'; + +const getOtherBucketFilterTerms = (table: TabbedTable, columnIndex: number, rowIndex: number) => { if (rowIndex === -1) { return []; } @@ -41,11 +45,17 @@ const getOtherBucketFilterTerms = (table, columnIndex, rowIndex) => { ]; }; -const createFilter = (aggConfigs, table, columnIndex, rowIndex, cellValue) => { +const createFilter = ( + aggConfigs: IAggConfig[], + table: TabbedTable, + columnIndex: number, + rowIndex: number, + cellValue: any +) => { const column = table.columns[columnIndex]; const aggConfig = aggConfigs[columnIndex]; - let filter = []; - const value = rowIndex > -1 ? table.rows[rowIndex][column.id] : cellValue; + let filter: Filter[] = []; + const value: any = rowIndex > -1 ? table.rows[rowIndex][column.id] : cellValue; if (value === null || value === undefined || !aggConfig.isFilterable()) { return; } @@ -56,6 +66,10 @@ const createFilter = (aggConfigs, table, columnIndex, rowIndex, cellValue) => { filter = aggConfig.createFilter(value); } + if (!filter) { + return; + } + if (!Array.isArray(filter)) { filter = [filter]; } diff --git a/src/legacy/core_plugins/kibana/public/discover/build_services.ts b/src/legacy/core_plugins/kibana/public/discover/build_services.ts index 6b0d2368cc1a2..c58307adaf38c 100644 --- a/src/legacy/core_plugins/kibana/public/discover/build_services.ts +++ b/src/legacy/core_plugins/kibana/public/discover/build_services.ts @@ -33,11 +33,10 @@ import { import { DiscoverStartPlugins } from './plugin'; import { SharePluginStart } from '../../../../../plugins/share/public'; -import { SavedSearch } from './np_ready/types'; import { DocViewsRegistry } from './np_ready/doc_views/doc_views_registry'; import { ChartsPluginStart } from '../../../../../plugins/charts/public'; import { VisualizationsStart } from '../../../visualizations/public'; -import { createSavedSearchesLoader } from '../../../../../plugins/discover/public'; +import { createSavedSearchesLoader, SavedSearch } from '../../../../../plugins/discover/public'; export interface DiscoverServices { addBasePath: (path: string) => string; diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/get_painless_error.ts b/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/get_painless_error.ts index 2bbeea9d675c7..100d9cdac133b 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/get_painless_error.ts +++ b/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/get_painless_error.ts @@ -23,9 +23,9 @@ import { get } from 'lodash'; export function getPainlessError(error: Error) { const rootCause: Array<{ lang: string; script: string }> | undefined = get( error, - 'resp.error.root_cause' + 'body.attributes.error.root_cause' ); - const message: string = get(error, 'message'); + const message: string = get(error, 'body.message'); if (!rootCause) { return; diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts b/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts index 738a74d93449d..0aaf3e7f156c1 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts +++ b/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts @@ -37,7 +37,6 @@ import { Embeddable, } from '../../../../../embeddable_api/public/np_ready/public'; import * as columnActions from '../angular/doc_table/actions/columns'; -import { SavedSearch } from '../types'; import searchTemplate from './search_template.html'; import { ISearchEmbeddable, SearchInput, SearchOutput } from './types'; import { SortOrder } from '../angular/doc_table/components/table_header/helpers'; @@ -51,6 +50,7 @@ import { ISearchSource, } from '../../kibana_services'; import { SEARCH_EMBEDDABLE_TYPE } from './constants'; +import { SavedSearch } from '../../../../../../../plugins/discover/public'; interface SearchScope extends ng.IScope { columns?: string[]; diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/types.ts b/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/types.ts index e7aa390cda858..b20e9b2faf7c4 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/types.ts +++ b/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/types.ts @@ -18,9 +18,9 @@ */ import { EmbeddableInput, EmbeddableOutput, IEmbeddable } from 'src/plugins/embeddable/public'; -import { SavedSearch } from '../types'; import { SortOrder } from '../angular/doc_table/components/table_header/helpers'; import { Filter, IIndexPattern, TimeRange, Query } from '../../../../../../../plugins/data/public'; +import { SavedSearch } from '../../../../../../../plugins/discover/public'; export interface SearchInput extends EmbeddableInput { timeRange: TimeRange; diff --git a/src/legacy/core_plugins/kibana/public/home/tutorial_resources/redisenterprise_metrics/screenshot.png b/src/legacy/core_plugins/kibana/public/home/tutorial_resources/redisenterprise_metrics/screenshot.png new file mode 100644 index 0000000000000..cc6ef0ce509eb Binary files /dev/null and b/src/legacy/core_plugins/kibana/public/home/tutorial_resources/redisenterprise_metrics/screenshot.png differ diff --git a/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx index 425245fe91fed..a70ffd3cd88e1 100644 --- a/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx @@ -29,8 +29,8 @@ import { DefaultEditorControls } from './controls'; import { setStateParamValue, useEditorReducer, useEditorFormState, discardChanges } from './state'; import { DefaultEditorAggCommonProps } from '../agg_common_props'; import { SidebarTitle } from './sidebar_title'; -import { SavedSearch } from '../../../../kibana/public/discover/np_ready/types'; import { PersistedState } from '../../../../../../plugins/visualizations/public'; +import { SavedSearch } from '../../../../../../plugins/discover/public'; interface DefaultEditorSideBarProps { isCollapsed: boolean; diff --git a/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar_title.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar_title.tsx index 3fd82f1c4a2b6..876404851aed4 100644 --- a/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar_title.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar_title.tsx @@ -35,7 +35,7 @@ import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; import { Vis } from 'src/legacy/core_plugins/visualizations/public'; -import { SavedSearch } from '../../../../kibana/public/discover/np_ready/types'; +import { SavedSearch } from '../../../../../../plugins/discover/public'; interface LinkedSearchProps { savedSearch: SavedSearch; diff --git a/src/legacy/core_plugins/vis_type_timeseries/public/legacy_imports.ts b/src/legacy/core_plugins/vis_type_timeseries/public/legacy_imports.ts index a2952b2c83afd..7cf0a12e8567c 100644 --- a/src/legacy/core_plugins/vis_type_timeseries/public/legacy_imports.ts +++ b/src/legacy/core_plugins/vis_type_timeseries/public/legacy_imports.ts @@ -17,7 +17,5 @@ * under the License. */ -// @ts-ignore -export { defaultFeedbackMessage } from 'ui/vis/default_feedback_message'; // @ts-ignore export { timezoneProvider } from 'ui/vis/lib/timezone'; diff --git a/src/legacy/core_plugins/vis_type_timeseries/public/metrics_type.ts b/src/legacy/core_plugins/vis_type_timeseries/public/metrics_type.ts index 01750ee0c448d..135cc1e181432 100644 --- a/src/legacy/core_plugins/vis_type_timeseries/public/metrics_type.ts +++ b/src/legacy/core_plugins/vis_type_timeseries/public/metrics_type.ts @@ -18,7 +18,6 @@ */ import { i18n } from '@kbn/i18n'; -import { defaultFeedbackMessage } from './legacy_imports'; // @ts-ignore import { metricsRequestHandler } from './request_handler'; @@ -26,6 +25,7 @@ import { metricsRequestHandler } from './request_handler'; import { EditorController } from './editor_controller'; // @ts-ignore import { PANEL_TYPES } from '../../../../plugins/vis_type_timeseries/common/panel_types'; +import { defaultFeedbackMessage } from '../../visualizations/public'; export const metricsVisDefinition = { name: 'metrics', diff --git a/src/legacy/core_plugins/vis_type_vega/public/legacy_imports.ts b/src/legacy/core_plugins/vis_type_vega/public/legacy_imports.ts index 9e1067ed9099a..b868321d6310f 100644 --- a/src/legacy/core_plugins/vis_type_vega/public/legacy_imports.ts +++ b/src/legacy/core_plugins/vis_type_vega/public/legacy_imports.ts @@ -17,8 +17,6 @@ * under the License. */ -// @ts-ignore -export { defaultFeedbackMessage } from 'ui/vis/default_feedback_message'; // @ts-ignore export { KibanaMapLayer } from 'ui/vis/map/kibana_map_layer'; // @ts-ignore diff --git a/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts b/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts index 1d4655b4d525f..a84948f725e0a 100644 --- a/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts +++ b/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts @@ -19,8 +19,7 @@ import { i18n } from '@kbn/i18n'; // @ts-ignore -import { defaultFeedbackMessage } from './legacy_imports'; -import { Status } from '../../visualizations/public'; +import { Status, defaultFeedbackMessage } from '../../visualizations/public'; import { DefaultEditorSize } from '../../vis_default_editor/public'; import { VegaVisualizationDependencies } from './plugin'; import { VegaVisEditor } from './components'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx index 9e1d5ea5ae38f..c069d4c935669 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx @@ -52,7 +52,7 @@ function ValidationWrapper({ useEffect(() => { setValidity(isPanelValid); - }, [isPanelValid]); + }, [isPanelValid, setValidity]); return ; } diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx index a19a300960abd..c1da70f5c17c2 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx @@ -46,7 +46,7 @@ function CategoryAxisPanel(props: CategoryAxisPanelProps) { }; setCategoryAxis(updatedAxis); }, - [setCategoryAxis] + [setCategoryAxis, axis] ); const setPosition = useCallback( @@ -89,7 +89,7 @@ function CategoryAxisPanel(props: CategoryAxisPanelProps) { setValue={setAxis} /> - {axis.show && } + {axis.show && } ); } diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.test.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.test.tsx index 944ed7e20d1f7..f172a4344c940 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.test.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.test.tsx @@ -193,9 +193,10 @@ describe('MetricsAxisOptions component', () => { const updatedSeriesParams = [{ ...chart, data: { ...chart.data, label: agg.makeLabel() } }]; const updatedValues = [{ ...axis, title: { text: agg.makeLabel() } }]; - expect(setValue).toHaveBeenCalledTimes(3); - expect(setValue).toHaveBeenNthCalledWith(2, SERIES_PARAMS, updatedSeriesParams); - expect(setValue).toHaveBeenNthCalledWith(3, VALUE_AXES, updatedValues); + expect(setValue).toHaveBeenCalledTimes(5); + expect(setValue).toHaveBeenNthCalledWith(3, SERIES_PARAMS, updatedSeriesParams); + expect(setValue).toHaveBeenNthCalledWith(5, SERIES_PARAMS, updatedSeriesParams); + expect(setValue).toHaveBeenNthCalledWith(4, VALUE_AXES, updatedValues); }); it('should not set the custom title to match the value axis label when more than one agg exists for that axis', () => { diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.tsx index cdc8996f3fdeb..32c21008c2a3a 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/index.tsx @@ -89,72 +89,85 @@ function MetricsAxisOptions(props: ValidationVisOptionsProps) } ); - const updateAxisTitle = (seriesParams?: SeriesParam[]) => { - const series = seriesParams || stateParams.seriesParams; - const axes = cloneDeep(stateParams.valueAxes); - let isAxesChanged = false; - let lastValuesChanged = false; - const lastLabels = { ...lastCustomLabels }; - const lastMatchingSeriesAgg = { ...lastSeriesAgg }; - - stateParams.valueAxes.forEach((axis, axisNumber) => { - let newCustomLabel = ''; - const matchingSeries: IAggConfig[] = []; - - series.forEach((serie, seriesIndex) => { - if ((axisNumber === 0 && !serie.valueAxis) || serie.valueAxis === axis.id) { - const aggByIndex = aggs.bySchemaName('metric')[seriesIndex]; - matchingSeries.push(aggByIndex); + const updateAxisTitle = useCallback( + (seriesParams?: SeriesParam[]) => { + const series = seriesParams || stateParams.seriesParams; + let isAxesChanged = false; + let lastValuesChanged = false; + const lastLabels = { ...lastCustomLabels }; + const lastMatchingSeriesAgg = { ...lastSeriesAgg }; + + const axes = stateParams.valueAxes.map((axis, axisNumber) => { + let newCustomLabel = ''; + let updatedAxis; + const matchingSeries: IAggConfig[] = []; + + series.forEach((serie, seriesIndex) => { + if ((axisNumber === 0 && !serie.valueAxis) || serie.valueAxis === axis.id) { + const aggByIndex = aggs.bySchemaName('metric')[seriesIndex]; + matchingSeries.push(aggByIndex); + } + }); + + if (matchingSeries.length === 1) { + // if several series matches to the axis, axis title is set according to the first serie. + newCustomLabel = matchingSeries[0].makeLabel(); } - }); - - if (matchingSeries.length === 1) { - // if several series matches to the axis, axis title is set according to the first serie. - newCustomLabel = matchingSeries[0].makeLabel(); - } - if (lastCustomLabels[axis.id] !== newCustomLabel && newCustomLabel !== '') { - const lastSeriesAggType = get(lastSeriesAgg, `${matchingSeries[0].id}.type`); - const lastSeriesAggField = get(lastSeriesAgg, `${matchingSeries[0].id}.field`); - const matchingSeriesAggType = get(matchingSeries, '[0]type.name', ''); - const matchingSeriesAggField = get(matchingSeries, '[0]params.field.name', ''); + if (lastCustomLabels[axis.id] !== newCustomLabel && newCustomLabel !== '') { + const lastSeriesAggType = get(lastSeriesAgg, `${matchingSeries[0].id}.type`); + const lastSeriesAggField = get(lastSeriesAgg, `${matchingSeries[0].id}.field`); + const matchingSeriesAggType = get(matchingSeries, '[0]type.name', ''); + const matchingSeriesAggField = get(matchingSeries, '[0]params.field.name', ''); - const aggTypeIsChanged = lastSeriesAggType !== matchingSeriesAggType; - const aggFieldIsChanged = lastSeriesAggField !== matchingSeriesAggField; + const aggTypeIsChanged = lastSeriesAggType !== matchingSeriesAggType; + const aggFieldIsChanged = lastSeriesAggField !== matchingSeriesAggField; - lastMatchingSeriesAgg[matchingSeries[0].id] = { - type: matchingSeriesAggType, - field: matchingSeriesAggField, - }; - lastLabels[axis.id] = newCustomLabel; - lastValuesChanged = true; - - if ( - Object.keys(lastCustomLabels).length !== 0 && - (aggTypeIsChanged || - aggFieldIsChanged || - axis.title.text === '' || - lastCustomLabels[axis.id] === axis.title.text) - ) { - // Override axis title with new custom label - axes[axisNumber] = { - ...axis, - title: { ...axis.title, text: newCustomLabel }, + lastMatchingSeriesAgg[matchingSeries[0].id] = { + type: matchingSeriesAggType, + field: matchingSeriesAggField, }; - isAxesChanged = true; + lastLabels[axis.id] = newCustomLabel; + lastValuesChanged = true; + + if ( + Object.keys(lastCustomLabels).length !== 0 && + (aggTypeIsChanged || + aggFieldIsChanged || + axis.title.text === '' || + lastCustomLabels[axis.id] === axis.title.text) && + newCustomLabel !== axis.title.text + ) { + // Override axis title with new custom label + updatedAxis = { + ...axis, + title: { ...axis.title, text: newCustomLabel }, + }; + isAxesChanged = true; + } } - } - }); - if (isAxesChanged) { - setValue('valueAxes', axes); - } + return updatedAxis || axis; + }); - if (lastValuesChanged) { - setLastSeriesAgg(lastMatchingSeriesAgg); - setLastCustomLabels(lastLabels); - } - }; + if (isAxesChanged) { + setValue('valueAxes', axes); + } + + if (lastValuesChanged) { + setLastSeriesAgg(lastMatchingSeriesAgg); + setLastCustomLabels(lastLabels); + } + }, + [ + aggs, + lastCustomLabels, + lastSeriesAgg, + setValue, + stateParams.seriesParams, + stateParams.valueAxes, + ] + ); const onValueAxisPositionChanged = useCallback( (index: number, value: ValueAxis['position']) => { @@ -168,7 +181,7 @@ function MetricsAxisOptions(props: ValidationVisOptionsProps) }; setValue('valueAxes', valueAxes); }, - [stateParams.valueAxes, getUpdatedAxisName, setValue] + [stateParams.valueAxes, setValue] ); const onCategoryAxisPositionChanged = useCallback( @@ -226,7 +239,7 @@ function MetricsAxisOptions(props: ValidationVisOptionsProps) setValue('grid', { ...stateParams.grid, valueAxis: undefined }); } }, - [stateParams.seriesParams, stateParams.valueAxes, setValue] + [stateParams.seriesParams, stateParams.valueAxes, setValue, stateParams.grid] ); const changeValueAxis: ChangeValueAxis = useCallback( @@ -241,13 +254,13 @@ function MetricsAxisOptions(props: ValidationVisOptionsProps) updateAxisTitle(); }, - [addValueAxis, setParamByIndex] + [addValueAxis, setParamByIndex, updateAxisTitle] ); + const schemaName = vis.type.schemas.metrics[0].name; const metrics = useMemo(() => { - const schemaName = vis.type.schemas.metrics[0].name; return aggs.bySchemaName(schemaName); - }, [vis.type.schemas.metrics[0].name, aggs]); + }, [schemaName, aggs]); const firstValueAxesId = stateParams.valueAxes[0].id; @@ -278,7 +291,7 @@ function MetricsAxisOptions(props: ValidationVisOptionsProps) setValue('seriesParams', updatedSeries); updateAxisTitle(updatedSeries); - }, [metrics, firstValueAxesId]); + }, [metrics, firstValueAxesId, setValue, stateParams.seriesParams, updateAxisTitle]); const visType = useMemo(() => { const types = uniq(stateParams.seriesParams.map(({ type }) => type)); diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axes_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axes_panel.tsx index b94f5ebbcce44..4aa2aee083a67 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axes_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axes_panel.tsx @@ -78,7 +78,7 @@ function ValueAxesPanel(props: ValueAxesPanelProps) { /> ), - [removeValueAxis] + [removeValueAxis, removeButtonTooltip] ); const addButtonTooltip = useMemo( diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axis_options.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axis_options.tsx index 0ebe62a70a7b1..d094a1d422385 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axis_options.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/value_axis_options.tsx @@ -175,7 +175,7 @@ function ValueAxisOptions(props: ValueAxisOptionsParams) { setValue={setValueAxisTitle} /> - + ) : ( @@ -204,7 +204,6 @@ function ValueAxisOptions(props: ValueAxisOptionsParams) { <> diff --git a/src/legacy/core_plugins/vis_type_vislib/public/vislib/components/legend/legend.tsx b/src/legacy/core_plugins/vis_type_vislib/public/vislib/components/legend/legend.tsx index b9d218b089c31..cfe3b0c657147 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/vislib/components/legend/legend.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/vislib/components/legend/legend.tsx @@ -18,13 +18,12 @@ */ import React, { BaseSyntheticEvent, KeyboardEvent, PureComponent } from 'react'; import classNames from 'classnames'; -import { compact, uniq, map } from 'lodash'; +import { compact, uniq, map, every, isUndefined } from 'lodash'; import { i18n } from '@kbn/i18n'; import { EuiPopoverProps, EuiIcon, keyCodes, htmlIdGenerator } from '@elastic/eui'; import { IAggConfig } from '../../../../../data/public'; -// @ts-ignore import { createFiltersFromEvent } from '../../../../../data/public/actions/filters/create_filters_from_event'; import { CUSTOM_LEGEND_VIS_TYPES, LegendItem } from './models'; import { VisLegendItem } from './legend_item'; @@ -111,7 +110,12 @@ export class VisLegend extends PureComponent { if (CUSTOM_LEGEND_VIS_TYPES.includes(this.props.vislibVis.visConfigArgs.type)) { return false; } - const filters = await createFiltersFromEvent({ data: item.values }); + + if (item.values && every(item.values, isUndefined)) { + return false; + } + + const filters = await createFiltersFromEvent(item.values); return Boolean(filters.length); }; diff --git a/src/legacy/core_plugins/visualizations/index.ts b/src/legacy/core_plugins/visualizations/index.ts index 3c22f22f63682..a2779cfe4346d 100644 --- a/src/legacy/core_plugins/visualizations/index.ts +++ b/src/legacy/core_plugins/visualizations/index.ts @@ -24,7 +24,7 @@ export const visualizations: LegacyPluginInitializer = kibana => new kibana.Plugin({ id: 'visualizations', publicDir: resolve(__dirname, 'public'), - require: ['vis_default_editor'], + require: [], uiExports: { styleSheetPaths: resolve(__dirname, 'public/index.scss'), }, diff --git a/src/legacy/core_plugins/visualizations/public/index.ts b/src/legacy/core_plugins/visualizations/public/index.ts index 4557cf9ab22f1..f5590c745b3f9 100644 --- a/src/legacy/core_plugins/visualizations/public/index.ts +++ b/src/legacy/core_plugins/visualizations/public/index.ts @@ -17,15 +17,6 @@ * under the License. */ -/** - * Static legacy code which hasn't been moved to this plugin yet, but - * should be eventually. - * - * @public - */ -// @ts-ignore Used only by tsvb, vega, input control vis -export { defaultFeedbackMessage } from 'ui/vis/default_feedback_message'; - /** * Static np-ready code, re-exported here so consumers can import from * `src/legacy/core_plugins/visualizations/public` diff --git a/src/legacy/core_plugins/visualizations/public/legacy_imports.ts b/src/legacy/core_plugins/visualizations/public/legacy_imports.ts deleted file mode 100644 index 0a3b1938436c0..0000000000000 --- a/src/legacy/core_plugins/visualizations/public/legacy_imports.ts +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -export { - IAggConfig, - IAggConfigs, - isDateHistogramBucketAggConfig, - setBounds, -} from '../../data/public'; -export { createAggConfigs } from 'ui/agg_types'; -export { createSavedSearchesLoader } from '../../../../plugins/discover/public'; diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/kibana.json b/src/legacy/core_plugins/visualizations/public/np_ready/kibana.json index d4f9bd327d6ac..f8637a71b2d35 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/kibana.json +++ b/src/legacy/core_plugins/visualizations/public/np_ready/kibana.json @@ -3,5 +3,5 @@ "version": "kibana", "server": false, "ui": true, - "requiredPlugins": ["data", "search", "expressions", "uiActions"] + "requiredPlugins": ["data", "expressions", "uiActions", "embeddable", "usageCollection"] } diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/index.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/index.ts index 34ffb698e5f8c..7688a7769cf79 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/index.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/index.ts @@ -59,3 +59,4 @@ export { buildPipeline, buildVislibDimensions, SchemaConfig } from './legacy/bui export { updateOldState } from './legacy/vis_update_state'; export { calculateObjectHash } from './legacy/calculate_object_hash'; export { createSavedVisLoader } from './saved_visualizations/saved_visualizations'; +export { defaultFeedbackMessage } from './misc/default_feedback_message'; diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy.ts index 57c686b6e9cb0..fdbd1d5a61ce7 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy.ts @@ -19,6 +19,7 @@ /* eslint-disable @kbn/eslint/no-restricted-paths */ import { npSetup, npStart } from 'ui/new_platform'; +import { start as legacyDataStart } from '../../../../data/public/legacy'; /* eslint-enable @kbn/eslint/no-restricted-paths */ import { PluginInitializerContext } from '../../../../../../core/public'; @@ -28,4 +29,9 @@ import { plugin } from '.'; const pluginInstance = plugin({} as PluginInitializerContext); export const setup = pluginInstance.setup(npSetup.core, npSetup.plugins); -export const start = pluginInstance.start(npStart.core, npStart.plugins); +export const start = pluginInstance.start(npStart.core, { + ...npStart.plugins, + __LEGACY: { + aggs: legacyDataStart.search.aggs, + }, +}); diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.test.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.test.ts index 1adf6fd23f5a5..09037d445baf5 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.test.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.test.ts @@ -27,8 +27,9 @@ import { Schemas, } from './build_pipeline'; import { Vis } from '..'; -import { IAggConfig } from '../../../legacy_imports'; -import { searchSourceMock } from '../../../legacy_mocks'; +// eslint-disable-next-line @kbn/eslint/no-restricted-paths +import { searchSourceMock } from '../../../../../../../plugins/data/public/search/search_source/mocks'; +import { IAggConfig } from '../../../../../data/public'; jest.mock('ui/new_platform'); diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.ts index 155213b4103b0..265ac8f8a84f7 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/legacy/build_pipeline.ts @@ -21,8 +21,8 @@ import { cloneDeep, get } from 'lodash'; import moment from 'moment'; import { SerializedFieldFormat } from '../../../../../../../plugins/expressions/public'; import { fieldFormats, ISearchSource } from '../../../../../../../plugins/data/public'; -import { IAggConfig, setBounds, isDateHistogramBucketAggConfig } from '../../../legacy_imports'; import { Vis, VisParams } from '../types'; +import { IAggConfig, isDateHistogramBucketAggConfig, setBounds } from '../../../../../data/public'; interface SchemaConfigParams { precision?: number; diff --git a/src/legacy/core_plugins/visualizations/public/legacy_mocks.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/misc/default_feedback_message.test.ts similarity index 68% rename from src/legacy/core_plugins/visualizations/public/legacy_mocks.ts rename to src/legacy/core_plugins/visualizations/public/np_ready/public/misc/default_feedback_message.test.ts index 6cd57bb88bc26..5c1afa4634b71 100644 --- a/src/legacy/core_plugins/visualizations/public/legacy_mocks.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/misc/default_feedback_message.test.ts @@ -17,5 +17,10 @@ * under the License. */ -// eslint-disable-next-line @kbn/eslint/no-restricted-paths -export { searchSourceMock } from '../../../../plugins/data/public/search/search_source/mocks'; +import { defaultFeedbackMessage } from './default_feedback_message'; + +test('default feedback message with link', () => { + expect(defaultFeedbackMessage).toMatchInlineSnapshot( + `"Have feedback? Please create an issue in GitHub."` + ); +}); diff --git a/src/legacy/ui/public/vis/default_feedback_message.js b/src/legacy/core_plugins/visualizations/public/np_ready/public/misc/default_feedback_message.ts similarity index 91% rename from src/legacy/ui/public/vis/default_feedback_message.js rename to src/legacy/core_plugins/visualizations/public/np_ready/public/misc/default_feedback_message.ts index 8b8491d397aad..2871437614231 100644 --- a/src/legacy/ui/public/vis/default_feedback_message.js +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/misc/default_feedback_message.ts @@ -19,7 +19,7 @@ import { i18n } from '@kbn/i18n'; -export const defaultFeedbackMessage = i18n.translate('common.ui.vis.defaultFeedbackMessage', { +export const defaultFeedbackMessage = i18n.translate('visualizations.defaultFeedbackMessage', { defaultMessage: 'Have feedback? Please create an issue in {link}.', values: { link: diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts index b3dd22f62f81f..8d7407b6191d6 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts @@ -17,12 +17,6 @@ * under the License. */ -jest.mock('ui/vis/vis_filters'); -jest.mock('ui/vis/default_feedback_message'); -jest.mock('ui/vis/vis_factory'); -jest.mock('ui/registry/vis_types'); -jest.mock('./types/vis_type_alias_registry'); - import { PluginInitializerContext } from '../../../../../../core/public'; import { VisualizationsSetup, VisualizationsStart } from './'; import { VisualizationsPlugin } from './plugin'; @@ -67,6 +61,11 @@ const createInstance = async () => { data: dataPluginMock.createStartContract(), expressions: expressionsPluginMock.createStartContract(), uiActions: uiActionsPluginMock.createStartContract(), + __LEGACY: { + aggs: { + createAggConfigs: jest.fn(), + } as any, + }, }); return { diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/plugin.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/plugin.ts index e1d87d414d398..10797a1a04df4 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/plugin.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/plugin.ts @@ -38,6 +38,7 @@ import { setUiActions, setSavedVisualizationsLoader, setTimeFilter, + setAggs, } from './services'; import { VISUALIZE_EMBEDDABLE_TYPE, VisualizeEmbeddableFactory } from './embeddable'; import { ExpressionsSetup, ExpressionsStart } from '../../../../../../plugins/expressions/public'; @@ -53,6 +54,7 @@ import { createSavedVisLoader, SavedVisualizationsLoader } from './saved_visuali import { VisImpl, VisImplConstructor } from './vis_impl'; import { showNewVisModal } from './wizard'; import { UiActionsStart } from '../../../../../../plugins/ui_actions/public'; +import { DataStart as LegacyDataStart } from '../../../../data/public'; /** * Interface for this plugin's returned setup/start contracts. @@ -81,6 +83,9 @@ export interface VisualizationsStartDeps { data: DataPublicPluginStart; expressions: ExpressionsStart; uiActions: UiActionsStart; + __LEGACY: { + aggs: LegacyDataStart['search']['aggs']; + }; } /** @@ -123,7 +128,7 @@ export class VisualizationsPlugin public start( core: CoreStart, - { data, expressions, uiActions }: VisualizationsStartDeps + { data, expressions, uiActions, __LEGACY: { aggs } }: VisualizationsStartDeps ): VisualizationsStart { const types = this.types.start(); setI18n(core.i18n); @@ -136,6 +141,7 @@ export class VisualizationsPlugin setExpressions(expressions); setUiActions(uiActions); setTimeFilter(data.query.timefilter.timefilter); + setAggs(aggs); const savedVisualizationsLoader = createSavedVisLoader({ savedObjectsClient: core.savedObjects.client, indexPatterns: data.indexPatterns, diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/services.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/services.ts index a977a4b452bf7..05fb106bf9940 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/services.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/services.ts @@ -35,6 +35,7 @@ import { UsageCollectionSetup } from '../../../../../../plugins/usage_collection import { ExpressionsStart } from '../../../../../../plugins/expressions/public'; import { UiActionsStart } from '../../../../../../plugins/ui_actions/public'; import { SavedVisualizationsLoader } from './saved_visualizations'; +import { DataStart as LegacyDataStart } from '../../../../data/public'; export const [getUISettings, setUISettings] = createGetterSetter('UISettings'); @@ -71,3 +72,7 @@ export const [getUiActions, setUiActions] = createGetterSetter(' export const [getSavedVisualizationsLoader, setSavedVisualizationsLoader] = createGetterSetter< SavedVisualizationsLoader >('SavedVisualisationsLoader'); + +export const [getAggs, setAggs] = createGetterSetter( + 'AggConfigs' +); diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/types.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/types.ts index d2ca4ffb92eb2..d8e3ccdeb065e 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/types.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/types.ts @@ -20,7 +20,7 @@ import { SavedObject } from '../../../../../../plugins/saved_objects/public'; import { Vis, VisState, VisParams, VisualizationController } from './vis'; import { ISearchSource } from '../../../../../../plugins/data/public/'; -import { SavedSearch } from '../../../../kibana/public/discover/np_ready/types'; +import { SavedSearch } from '../../../../../../plugins/discover/public'; export { Vis, VisState, VisParams, VisualizationController }; diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/vis.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/vis.ts index 990f27dca7556..f658f6ef52df8 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/vis.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/vis.ts @@ -18,8 +18,8 @@ */ import { VisType } from './vis_types'; -import { IAggConfigs } from '../../legacy_imports'; import { Status } from './legacy/update_status'; +import { IAggConfigs } from '../../../../data/public'; export interface Vis { type: VisType; diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/vis_impl.js b/src/legacy/core_plugins/visualizations/public/np_ready/public/vis_impl.js index 15a826cc6ddbe..d5e6412b6bdab 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/vis_impl.js +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/vis_impl.js @@ -30,9 +30,8 @@ import { EventEmitter } from 'events'; import _ from 'lodash'; import { PersistedState } from '../../../../../../../src/plugins/visualizations/public'; -import { createAggConfigs } from '../../legacy_imports'; import { updateVisualizationConfig } from './legacy/vis_update'; -import { getTypes } from './services'; +import { getTypes, getAggs } from './services'; class VisImpl extends EventEmitter { constructor(indexPattern, visState) { @@ -83,7 +82,7 @@ class VisImpl extends EventEmitter { updateVisualizationConfig(state.params, this.params); if (state.aggs || !this.aggs) { - this.aggs = createAggConfigs( + this.aggs = getAggs().createAggConfigs( this.indexPattern, state.aggs ? state.aggs.aggs || state.aggs : [], this.type.schemas.all @@ -125,7 +124,7 @@ class VisImpl extends EventEmitter { copyCurrentState(includeDisabled = false) { const state = this.getCurrentState(includeDisabled); - state.aggs = createAggConfigs( + state.aggs = getAggs().createAggConfigs( this.indexPattern, state.aggs.aggs || state.aggs, this.type.schemas.all diff --git a/src/plugins/data/public/query/filter_manager/lib/compare_filters.test.ts b/src/plugins/data/public/query/filter_manager/lib/compare_filters.test.ts index e7e947c49d0e4..5d6c25b0d96c1 100644 --- a/src/plugins/data/public/query/filter_manager/lib/compare_filters.test.ts +++ b/src/plugins/data/public/query/filter_manager/lib/compare_filters.test.ts @@ -180,5 +180,21 @@ describe('filter manager utilities', () => { expect(compareFilters([f1], [f2], COMPARE_ALL_OPTIONS)).toBeTruthy(); }); + + test('should compare alias with COMPARE_ALL_OPTIONS', () => { + const f1 = { + $state: { store: FilterStateStore.GLOBAL_STATE }, + ...buildQueryFilter({ _type: { match: { query: 'apache', type: 'phrase' } } }, 'index', ''), + }; + const f2 = { + $state: { store: FilterStateStore.GLOBAL_STATE }, + ...buildQueryFilter({ _type: { match: { query: 'apache', type: 'phrase' } } }, 'index', ''), + }; + + f2.meta.alias = 'wassup'; + f2.meta.alias = 'dog'; + + expect(compareFilters([f1], [f2], COMPARE_ALL_OPTIONS)).toBeFalsy(); + }); }); }); diff --git a/src/plugins/data/public/query/filter_manager/lib/compare_filters.ts b/src/plugins/data/public/query/filter_manager/lib/compare_filters.ts index cd4a966184f83..b4402885bc0be 100644 --- a/src/plugins/data/public/query/filter_manager/lib/compare_filters.ts +++ b/src/plugins/data/public/query/filter_manager/lib/compare_filters.ts @@ -24,6 +24,7 @@ export interface FilterCompareOptions { disabled?: boolean; negate?: boolean; state?: boolean; + alias?: boolean; } /** @@ -33,6 +34,7 @@ export const COMPARE_ALL_OPTIONS: FilterCompareOptions = { disabled: true, negate: true, state: true, + alias: true, }; const mapFilter = ( @@ -44,6 +46,7 @@ const mapFilter = ( if (comparators.negate) cleaned.negate = filter.meta && Boolean(filter.meta.negate); if (comparators.disabled) cleaned.disabled = filter.meta && Boolean(filter.meta.disabled); + if (comparators.disabled) cleaned.alias = filter.meta?.alias; return cleaned; }; @@ -79,6 +82,7 @@ export const compareFilters = ( state: false, negate: false, disabled: false, + alias: false, }); if (!comparators.state) excludedAttributes.push('$state'); diff --git a/src/plugins/data/public/search/search_strategy/default_search_strategy.test.ts b/src/plugins/data/public/search/search_strategy/default_search_strategy.test.ts index 80ab7ceb8870f..1915645ad2df2 100644 --- a/src/plugins/data/public/search/search_strategy/default_search_strategy.test.ts +++ b/src/plugins/data/public/search/search_strategy/default_search_strategy.test.ts @@ -117,8 +117,7 @@ describe('defaultSearchStrategy', function() { test('should call new search service', () => { const config = getConfigStub(); search({ ...searchArgs, config }); - expect(searchMock).toHaveBeenCalled(); - expect(newSearchMock).toHaveBeenCalledTimes(0); + expect(newSearchMock).toHaveBeenCalledTimes(1); }); test('should properly abort with new search service', async () => { diff --git a/src/plugins/data/public/search/search_strategy/default_search_strategy.ts b/src/plugins/data/public/search/search_strategy/default_search_strategy.ts index 6dde6bfe22e4a..6fcb1e6b3e8d2 100644 --- a/src/plugins/data/public/search/search_strategy/default_search_strategy.ts +++ b/src/plugins/data/public/search/search_strategy/default_search_strategy.ts @@ -74,24 +74,17 @@ function search({ }: SearchStrategySearchParams) { const abortController = new AbortController(); const searchParams = getSearchParams(config, esShardTimeout); - const es = searchService.__LEGACY.esClient; const promises = searchRequests.map(({ index, body }) => { - const searching = es.search({ index: index.title || index, body, ...searchParams }); - abortController.signal.addEventListener('abort', searching.abort); - return searching.catch(({ response }: any) => JSON.parse(response)); - /* - * Once #44302 is resolved, replace the old implementation with this one - - * const params = { - * index: index.title || index, - * body, - * ...searchParams, - * }; - * const { signal } = abortController; - * return searchService - * .search({ params }, { signal }) - * .toPromise() - * .then(({ rawResponse }) => rawResponse); - */ + const params = { + index: index.title || index, + body, + ...searchParams, + }; + const { signal } = abortController; + return searchService + .search({ params }, { signal }) + .toPromise() + .then(({ rawResponse }) => rawResponse); }); return { searching: Promise.all(promises), diff --git a/src/plugins/discover/public/index.ts b/src/plugins/discover/public/index.ts index 2ccfe39748024..c5050147c3d5a 100644 --- a/src/plugins/discover/public/index.ts +++ b/src/plugins/discover/public/index.ts @@ -18,3 +18,4 @@ */ export { createSavedSearchesLoader } from './saved_searches/saved_searches'; +export { SavedSearchLoader, SavedSearch } from './saved_searches/types'; diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/types.d.ts b/src/plugins/discover/public/saved_searches/types.ts similarity index 89% rename from src/legacy/core_plugins/kibana/public/discover/np_ready/types.d.ts rename to src/plugins/discover/public/saved_searches/types.ts index d36a6b02e1f7a..d601d087afcee 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/types.d.ts +++ b/src/plugins/discover/public/saved_searches/types.ts @@ -17,9 +17,9 @@ * under the License. */ -import { ISearchSource } from '../kibana_services'; -import { SortOrder } from './angular/doc_table/components/table_header/helpers'; +import { ISearchSource } from '../../../data/public'; +export type SortOrder = [string, string]; export interface SavedSearch { readonly id: string; title: string; diff --git a/src/plugins/home/server/tutorials/redisenterprise_metrics/index.ts b/src/plugins/home/server/tutorials/redisenterprise_metrics/index.ts new file mode 100644 index 0000000000000..b352691f06afe --- /dev/null +++ b/src/plugins/home/server/tutorials/redisenterprise_metrics/index.ts @@ -0,0 +1,72 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { i18n } from '@kbn/i18n'; +import { TutorialsCategory } from '../../services/tutorials'; +import { + onPremInstructions, + cloudInstructions, + onPremCloudInstructions, +} from '../instructions/metricbeat_instructions'; +import { + TutorialContext, + TutorialSchema, +} from '../../services/tutorials/lib/tutorials_registry_types'; + +export function redisenterpriseMetricsSpecProvider(context: TutorialContext): TutorialSchema { + const moduleName = 'redisenterprise'; + return { + id: 'redisenterpriseMetrics', + name: i18n.translate('home.tutorials.redisenterpriseMetrics.nameTitle', { + defaultMessage: 'Redis Enterprise metrics', + }), + category: TutorialsCategory.METRICS, + shortDescription: i18n.translate('home.tutorials.redisenterpriseMetrics.shortDescription', { + defaultMessage: 'Fetch monitoring metrics from Redis Enterprise Server.', + }), + longDescription: i18n.translate('home.tutorials.redisenterpriseMetrics.longDescription', { + defaultMessage: + 'The `redisenterprise` Metricbeat module fetches monitoring metrics from Redis Enterprise Server \ +[Learn more]({learnMoreLink}).', + values: { + learnMoreLink: '{config.docs.beats.metricbeat}/metricbeat-module-redisenterprise.html', + }, + }), + euiIconType: 'logoRedis', + isBeta: true, + artifacts: { + application: { + label: i18n.translate('home.tutorials.redisenterpriseMetrics.artifacts.application.label', { + defaultMessage: 'Discover', + }), + path: '/app/kibana#/discover', + }, + dashboards: [], + exportedFields: { + documentationUrl: '{config.docs.beats.metricbeat}/exported-fields-redisenterprise.html', + }, + }, + completionTimeMinutes: 10, + previewImagePath: + '/plugins/kibana/home/tutorial_resources/redisenterprise_metrics/screenshot.png', + onPrem: onPremInstructions(moduleName, context), + elasticCloud: cloudInstructions(moduleName), + onPremElasticCloud: onPremCloudInstructions(moduleName), + }; +} diff --git a/src/plugins/home/server/tutorials/register.ts b/src/plugins/home/server/tutorials/register.ts index ab5788865bd8e..f1a51018bfd98 100644 --- a/src/plugins/home/server/tutorials/register.ts +++ b/src/plugins/home/server/tutorials/register.ts @@ -86,6 +86,7 @@ import { stanMetricsSpecProvider } from './stan_metrics'; import { envoyproxyMetricsSpecProvider } from './envoyproxy_metrics'; import { ibmmqMetricsSpecProvider } from './ibmmq_metrics'; import { statsdMetricsSpecProvider } from './statsd_metrics'; +import { redisenterpriseMetricsSpecProvider } from './redisenterprise_metrics'; export const builtInTutorials = [ systemLogsSpecProvider, @@ -158,4 +159,5 @@ export const builtInTutorials = [ stanMetricsSpecProvider, envoyproxyMetricsSpecProvider, statsdMetricsSpecProvider, + redisenterpriseMetricsSpecProvider, ]; diff --git a/test/functional/config.js b/test/functional/config.js index 155e844578c54..e84b7e0a98a68 100644 --- a/test/functional/config.js +++ b/test/functional/config.js @@ -92,10 +92,6 @@ export default async function({ readConfigFile }) { pathname: '/app/kibana', hash: '/dev_tools/console', }, - account: { - pathname: '/app/kibana', - hash: '/account', - }, home: { pathname: '/app/kibana', hash: '/home', diff --git a/x-pack/legacy/plugins/apm/dev_docs/typescript.md b/x-pack/legacy/plugins/apm/dev_docs/typescript.md index 105c6edabf48f..6858e93ec09e0 100644 --- a/x-pack/legacy/plugins/apm/dev_docs/typescript.md +++ b/x-pack/legacy/plugins/apm/dev_docs/typescript.md @@ -1,6 +1,6 @@ #### Optimizing TypeScript -Kibana and X-Pack are very large TypeScript projects, and it comes at a cost. Editor responsiveness is not great, and the CLI type check for X-Pack takes about a minute. To get faster feedback, we create a smaller APM TypeScript project that only type checks the APM project and the files it uses. This optimization consists of creating a `tsconfig.json` in APM that includes the Kibana/X-Pack typings, and editing the Kibana/X-Pack configurations to not include any files, or removing the configurations altogether. The script configures git to ignore any changes in these files, and has an undo script as well. +Kibana and X-Pack are very large TypeScript projects, and it comes at a cost. Editor responsiveness is not great, and the CLI type check for X-Pack takes about a minute. To get faster feedback, we create a smaller APM TypeScript project that only type checks the APM project and the files it uses. This optimization consists of modifying `tsconfig.json` in the X-Pack folder to only include APM files, and editing the Kibana configuration to not include any files. The script configures git to ignore any changes in these files, and has an undo script as well. To run the optimization: diff --git a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig.js b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig.js index c1f1472dc9024..745f0db45e4fa 100644 --- a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig.js +++ b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig.js @@ -6,4 +6,7 @@ const { optimizeTsConfig } = require('./optimize-tsconfig/optimize'); -optimizeTsConfig(); +optimizeTsConfig().catch(err => { + console.error(err); + process.exit(1); +}); diff --git a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/optimize.js b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/optimize.js index ef9e393db3eca..3a5809e564691 100644 --- a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/optimize.js +++ b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/optimize.js @@ -7,29 +7,26 @@ /* eslint-disable import/no-extraneous-dependencies */ const fs = require('fs'); -const promisify = require('util').promisify; +const { promisify } = require('util'); const path = require('path'); const json5 = require('json5'); const execa = require('execa'); -const copyFile = promisify(fs.copyFile); -const rename = promisify(fs.rename); const readFile = promisify(fs.readFile); const writeFile = promisify(fs.writeFile); const { xpackRoot, kibanaRoot, - apmRoot, tsconfigTpl, filesToIgnore } = require('./paths'); const { unoptimizeTsConfig } = require('./unoptimize'); -function updateParentTsConfigs() { +function prepareParentTsConfigs() { return Promise.all( [ - path.resolve(xpackRoot, 'apm.tsconfig.json'), + path.resolve(xpackRoot, 'tsconfig.json'), path.resolve(kibanaRoot, 'tsconfig.json') ].map(async filename => { const config = json5.parse(await readFile(filename, 'utf-8')); @@ -50,32 +47,37 @@ function updateParentTsConfigs() { ); } +async function addApmFilesToXpackTsConfig() { + const template = json5.parse(await readFile(tsconfigTpl, 'utf-8')); + const xpackTsConfig = path.join(xpackRoot, 'tsconfig.json'); + const config = json5.parse(await readFile(xpackTsConfig, 'utf-8')); + + await writeFile( + xpackTsConfig, + JSON.stringify({ ...config, ...template }, null, 2), + { encoding: 'utf-8' } + ); +} + async function setIgnoreChanges() { for (const filename of filesToIgnore) { await execa('git', ['update-index', '--skip-worktree', filename]); } } -const optimizeTsConfig = () => { - return unoptimizeTsConfig() - .then(() => - Promise.all([ - copyFile(tsconfigTpl, path.resolve(apmRoot, './tsconfig.json')), - rename( - path.resolve(xpackRoot, 'tsconfig.json'), - path.resolve(xpackRoot, 'apm.tsconfig.json') - ) - ]) - ) - .then(() => updateParentTsConfigs()) - .then(() => setIgnoreChanges()) - .then(() => { - // eslint-disable-next-line no-console - console.log( - 'Created an optimized tsconfig.json for APM. To undo these changes, run `./scripts/unoptimize-tsconfig.js`' - ); - }); -}; +async function optimizeTsConfig() { + await unoptimizeTsConfig(); + + await prepareParentTsConfigs(); + + await addApmFilesToXpackTsConfig(); + + await setIgnoreChanges(); + // eslint-disable-next-line no-console + console.log( + 'Created an optimized tsconfig.json for APM. To undo these changes, run `./scripts/unoptimize-tsconfig.js`' + ); +} module.exports = { optimizeTsConfig diff --git a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/paths.js b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/paths.js index cdb8e4d878ea3..cab55a2526202 100644 --- a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/paths.js +++ b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/paths.js @@ -5,8 +5,7 @@ */ const path = require('path'); -const apmRoot = path.resolve(__dirname, '../..'); -const xpackRoot = path.resolve(apmRoot, '../../..'); +const xpackRoot = path.resolve(__dirname, '../../../../..'); const kibanaRoot = path.resolve(xpackRoot, '..'); const tsconfigTpl = path.resolve(__dirname, './tsconfig.json'); @@ -17,7 +16,6 @@ const filesToIgnore = [ ]; module.exports = { - apmRoot, xpackRoot, kibanaRoot, tsconfigTpl, diff --git a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/tsconfig.json b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/tsconfig.json index 5021694ff04ac..8f6b0f35e4b52 100644 --- a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/tsconfig.json +++ b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/tsconfig.json @@ -1,12 +1,11 @@ { - "extends": "../../../apm.tsconfig.json", "include": [ - "./**/*", - "../../../plugins/apm/**/*", - "../../../typings/**/*" + "./plugins/apm/**/*", + "./legacy/plugins/apm/**/*", + "./typings/**/*" ], "exclude": [ "**/__fixtures__/**/*", - "./e2e/cypress/**/*" + "./legacy/plugins/apm/e2e/cypress/**/*" ] } diff --git a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/unoptimize.js b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/unoptimize.js index 3fdf2a97363a8..33def8c2579fa 100644 --- a/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/unoptimize.js +++ b/x-pack/legacy/plugins/apm/scripts/optimize-tsconfig/unoptimize.js @@ -5,32 +5,21 @@ */ /* eslint-disable import/no-extraneous-dependencies */ -const path = require('path'); const execa = require('execa'); -const fs = require('fs'); -const promisify = require('util').promisify; -const removeFile = promisify(fs.unlink); -const exists = promisify(fs.exists); -const { apmRoot, filesToIgnore } = require('./paths'); +const { filesToIgnore } = require('./paths'); async function unoptimizeTsConfig() { for (const filename of filesToIgnore) { await execa('git', ['update-index', '--no-skip-worktree', filename]); await execa('git', ['checkout', filename]); } - - const apmTsConfig = path.join(apmRoot, 'tsconfig.json'); - if (await exists(apmTsConfig)) { - await removeFile(apmTsConfig); - } } module.exports = { - unoptimizeTsConfig: () => { - return unoptimizeTsConfig().then(() => { - // eslint-disable-next-line no-console - console.log('Removed APM TypeScript optimizations'); - }); + unoptimizeTsConfig: async () => { + await unoptimizeTsConfig(); + // eslint-disable-next-line no-console + console.log('Removed APM TypeScript optimizations'); } }; diff --git a/x-pack/legacy/plugins/apm/scripts/unoptimize-tsconfig.js b/x-pack/legacy/plugins/apm/scripts/unoptimize-tsconfig.js index 5362b6a6d52e2..e33dc502a9587 100644 --- a/x-pack/legacy/plugins/apm/scripts/unoptimize-tsconfig.js +++ b/x-pack/legacy/plugins/apm/scripts/unoptimize-tsconfig.js @@ -6,4 +6,7 @@ const { unoptimizeTsConfig } = require('./optimize-tsconfig/unoptimize'); -unoptimizeTsConfig(); +unoptimizeTsConfig().catch(err => { + console.error(err); + process.exit(1); +}); diff --git a/x-pack/legacy/plugins/ml/common/license/index.ts b/x-pack/legacy/plugins/ml/common/license/index.ts new file mode 100644 index 0000000000000..e901a9545897b --- /dev/null +++ b/x-pack/legacy/plugins/ml/common/license/index.ts @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { MlLicense, LicenseStatus, MINIMUM_FULL_LICENSE, MINIMUM_LICENSE } from './ml_license'; diff --git a/x-pack/legacy/plugins/ml/common/license/ml_license.ts b/x-pack/legacy/plugins/ml/common/license/ml_license.ts new file mode 100644 index 0000000000000..8b631bf6ffb46 --- /dev/null +++ b/x-pack/legacy/plugins/ml/common/license/ml_license.ts @@ -0,0 +1,78 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Observable, Subscription } from 'rxjs'; +import { ILicense, LICENSE_CHECK_STATE } from '../../../../../plugins/licensing/common/types'; +import { PLUGIN_ID } from '../constants/app'; + +export const MINIMUM_LICENSE = 'basic'; +export const MINIMUM_FULL_LICENSE = 'platinum'; + +export interface LicenseStatus { + isValid: boolean; + isSecurityEnabled: boolean; + message?: string; +} + +export class MlLicense { + private _licenseSubscription: Subscription | null = null; + private _license: ILicense | null = null; + private _isSecurityEnabled: boolean = false; + private _hasLicenseExpired: boolean = false; + private _isMlEnabled: boolean = false; + private _isMinimumLicense: boolean = false; + private _isFullLicense: boolean = false; + private _initialized: boolean = false; + + public setup( + license$: Observable, + postInitFunctions?: Array<(lic: MlLicense) => void> + ) { + this._licenseSubscription = license$.subscribe(async license => { + const { isEnabled: securityIsEnabled } = license.getFeature('security'); + + this._license = license; + this._isSecurityEnabled = securityIsEnabled; + this._hasLicenseExpired = this._license.status === 'expired'; + this._isMlEnabled = this._license.getFeature(PLUGIN_ID).isEnabled; + this._isMinimumLicense = + this._license.check(PLUGIN_ID, MINIMUM_LICENSE).state === LICENSE_CHECK_STATE.Valid; + this._isFullLicense = + this._license.check(PLUGIN_ID, MINIMUM_FULL_LICENSE).state === LICENSE_CHECK_STATE.Valid; + + if (this._initialized === false && postInitFunctions !== undefined) { + postInitFunctions.forEach(f => f(this)); + } + this._initialized = true; + }); + } + + public unsubscribe() { + if (this._licenseSubscription !== null) { + this._licenseSubscription.unsubscribe(); + } + } + + public isSecurityEnabled() { + return this._isSecurityEnabled; + } + + public hasLicenseExpired() { + return this._hasLicenseExpired; + } + + public isMlEnabled() { + return this._isMlEnabled; + } + + public isMinimumLicense() { + return this._isMinimumLicense; + } + + public isFullLicense() { + return this._isFullLicense; + } +} diff --git a/x-pack/legacy/plugins/ml/common/util/validators.test.ts b/x-pack/legacy/plugins/ml/common/util/validators.test.ts index 8b55e955a3953..7a8b28c14a4a4 100644 --- a/x-pack/legacy/plugins/ml/common/util/validators.test.ts +++ b/x-pack/legacy/plugins/ml/common/util/validators.test.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { maxLengthValidator } from './validators'; +import { maxLengthValidator, memoryInputValidator } from './validators'; describe('maxLengthValidator', () => { test('should allow a valid input', () => { @@ -20,3 +20,29 @@ describe('maxLengthValidator', () => { }); }); }); + +describe('memoryInputValidator', () => { + test('should detect missing units', () => { + expect(memoryInputValidator()('10')).toEqual({ + invalidUnits: { + allowedUnits: 'B, KB, MB, GB, TB, PB', + }, + }); + }); + + test('should accept valid input', () => { + expect(memoryInputValidator()('100PB')).toEqual(null); + }); + + test('should accept valid input with custom allowed units', () => { + expect(memoryInputValidator(['B', 'KB'])('100KB')).toEqual(null); + }); + + test('should detect not allowed units', () => { + expect(memoryInputValidator(['B', 'KB'])('100MB')).toEqual({ + invalidUnits: { + allowedUnits: 'B, KB', + }, + }); + }); +}); diff --git a/x-pack/legacy/plugins/ml/common/util/validators.ts b/x-pack/legacy/plugins/ml/common/util/validators.ts index 7e0dd624a52e0..304d9a0029540 100644 --- a/x-pack/legacy/plugins/ml/common/util/validators.ts +++ b/x-pack/legacy/plugins/ml/common/util/validators.ts @@ -4,6 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ +import { ALLOWED_DATA_UNITS } from '../constants/validation'; + /** * Provides a validator function for maximum allowed input length. * @param maxLength Maximum length allowed. @@ -44,8 +46,8 @@ export function patternValidator( * @param validators */ export function composeValidators( - ...validators: Array<(value: string) => { [key: string]: any } | null> -): (value: string) => { [key: string]: any } | null { + ...validators: Array<(value: any) => { [key: string]: any } | null> +): (value: any) => { [key: string]: any } | null { return value => { const validationResult = validators.reduce((acc, validator) => { return { @@ -56,3 +58,21 @@ export function composeValidators( return Object.keys(validationResult).length > 0 ? validationResult : null; }; } + +export function requiredValidator() { + return (value: any) => { + return value === '' || value === undefined || value === null ? { required: true } : null; + }; +} + +export function memoryInputValidator(allowedUnits = ALLOWED_DATA_UNITS) { + return (value: any) => { + if (typeof value !== 'string' || value === '') { + return null; + } + const regexp = new RegExp(`\\d+(${allowedUnits.join('|')})$`, 'i'); + return regexp.test(value.trim()) + ? null + : { invalidUnits: { allowedUnits: allowedUnits.join(', ') } }; + }; +} diff --git a/x-pack/legacy/plugins/ml/public/application/app.tsx b/x-pack/legacy/plugins/ml/public/application/app.tsx index 3acb24ac6e173..4c956bfabecc9 100644 --- a/x-pack/legacy/plugins/ml/public/application/app.tsx +++ b/x-pack/legacy/plugins/ml/public/application/app.tsx @@ -13,15 +13,18 @@ import { AppMountParameters, CoreStart } from 'kibana/public'; import { DataPublicPluginStart } from 'src/plugins/data/public'; import { SecurityPluginSetup } from '../../../../../plugins/security/public'; +import { LicensingPluginSetup } from '../../../../../plugins/licensing/public'; import { KibanaContextProvider } from '../../../../../../src/plugins/kibana_react/public'; import { setDependencyCache, clearCache } from './util/dependency_cache'; +import { setLicenseCache } from './license'; import { MlRouter } from './routing'; export interface MlDependencies extends AppMountParameters { data: DataPublicPluginStart; security: SecurityPluginSetup; + licensing: LicensingPluginSetup; __LEGACY: { XSRF: string; }; @@ -36,14 +39,14 @@ const App: FC = ({ coreStart, deps }) => { setDependencyCache({ indexPatterns: deps.data.indexPatterns, timefilter: deps.data.query.timefilter, + fieldFormats: deps.data.fieldFormats, + autocomplete: deps.data.autocomplete, config: coreStart.uiSettings!, chrome: coreStart.chrome!, docLinks: coreStart.docLinks!, toastNotifications: coreStart.notifications.toasts, overlays: coreStart.overlays, recentlyAccessed: coreStart.chrome!.recentlyAccessed, - fieldFormats: deps.data.fieldFormats, - autocomplete: deps.data.autocomplete, basePath: coreStart.http.basePath, savedObjectsClient: coreStart.savedObjects.client, XSRF: deps.__LEGACY.XSRF, @@ -51,7 +54,11 @@ const App: FC = ({ coreStart, deps }) => { http: coreStart.http, security: deps.security, }); + + const mlLicense = setLicenseCache(deps.licensing); + deps.onAppLeave(actions => { + mlLicense.unsubscribe(); clearCache(); return actions.default(); }); diff --git a/x-pack/legacy/plugins/ml/public/application/components/anomalies_table/anomalies_table.test.js b/x-pack/legacy/plugins/ml/public/application/components/anomalies_table/anomalies_table.test.js index 206b9e01bab8c..b881bfe4f1fe6 100644 --- a/x-pack/legacy/plugins/ml/public/application/components/anomalies_table/anomalies_table.test.js +++ b/x-pack/legacy/plugins/ml/public/application/components/anomalies_table/anomalies_table.test.js @@ -11,7 +11,7 @@ import { getColumns } from './anomalies_table_columns'; jest.mock('../../privilege/check_privilege', () => ({ checkPermission: () => false, })); -jest.mock('../../license/check_license', () => ({ +jest.mock('../../license', () => ({ hasLicenseExpired: () => false, })); jest.mock('../../privilege/get_privileges', () => ({ diff --git a/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/main_tabs.tsx b/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/main_tabs.tsx index dce5e7ad52b09..695783883d02e 100644 --- a/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/main_tabs.tsx +++ b/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/main_tabs.tsx @@ -81,13 +81,18 @@ export const MainTabs: FC = ({ tabId, disableLinks }) => { return ( {tabs.map((tab: Tab) => { - const id = tab.id; + const { id, disabled } = tab; const testSubject = TAB_DATA[id].testSubject; const defaultPathId = TAB_DATA[id].pathId || id; // globalState (e.g. selected jobs and time range) should be retained when changing pages. // appState will not be considered. const fullGlobalStateString = globalState !== undefined ? `?_g=${encode(globalState)}` : ''; - return ( + + return disabled ? ( + + {tab.name} + + ) : ( = ({ tabId, disableLinks }) => { className={'mlNavigationMenu__mainTab'} onClick={() => onSelectedTabChanged(id)} isSelected={id === selectedTabId} - disabled={tab.disabled} > {tab.name} diff --git a/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/navigation_menu.tsx b/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/navigation_menu.tsx index e7ba57e25354e..6be2d18e59741 100644 --- a/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/navigation_menu.tsx +++ b/x-pack/legacy/plugins/ml/public/application/components/navigation_menu/navigation_menu.tsx @@ -7,7 +7,7 @@ import React, { Fragment, FC } from 'react'; import { EuiFlexGroup, EuiFlexItem, EuiHorizontalRule } from '@elastic/eui'; -import { isFullLicense } from '../../license/check_license'; +import { isFullLicense } from '../../license'; import { TopNav } from './top_nav'; import { MainTabs } from './main_tabs'; diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/create_analytics_form/create_analytics_form.tsx b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/create_analytics_form/create_analytics_form.tsx index 338fa1e4ac328..70722d9cb953a 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/create_analytics_form/create_analytics_form.tsx +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/create_analytics_form/create_analytics_form.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import React, { Fragment, FC, useEffect } from 'react'; +import React, { Fragment, FC, useEffect, useMemo } from 'react'; import { EuiComboBox, @@ -36,7 +36,7 @@ import { JOB_ID_MAX_LENGTH } from '../../../../../../../common/constants/validat import { Messages } from './messages'; import { JobType } from './job_type'; import { JobDescriptionInput } from './job_description'; -import { mmlUnitInvalidErrorMessage } from '../../hooks/use_create_analytics_form/reducer'; +import { getModelMemoryLimitErrors } from '../../hooks/use_create_analytics_form/reducer'; import { IndexPattern, indexPatterns, @@ -49,7 +49,7 @@ export const CreateAnalyticsForm: FC = ({ actions, sta services: { docLinks }, } = useMlKibana(); const { ELASTIC_WEBSITE_URL, DOC_LINK_VERSION } = docLinks; - const { setFormState } = actions; + const { setFormState, setEstimatedModelMemoryLimit } = actions; const mlContext = useMlContext(); const { form, indexPatternsMap, isAdvancedEditorEnabled, isJobCreated, requestMessages } = state; @@ -77,7 +77,7 @@ export const CreateAnalyticsForm: FC = ({ actions, sta loadingFieldOptions, maxDistinctValuesError, modelMemoryLimit, - modelMemoryLimitUnitValid, + modelMemoryLimitValidationResult, previousJobType, previousSourceIndex, sourceIndex, @@ -89,6 +89,10 @@ export const CreateAnalyticsForm: FC = ({ actions, sta } = form; const characterList = indexPatterns.ILLEGAL_CHARACTERS_VISIBLE.join(', '); + const mmlErrors = useMemo(() => getModelMemoryLimitErrors(modelMemoryLimitValidationResult), [ + modelMemoryLimitValidationResult, + ]); + const isJobTypeWithDepVar = jobType === JOB_TYPES.REGRESSION || jobType === JOB_TYPES.CLASSIFICATION; @@ -154,6 +158,9 @@ export const CreateAnalyticsForm: FC = ({ actions, sta const resp: DfAnalyticsExplainResponse = await ml.dataFrameAnalytics.explainDataFrameAnalytics( jobConfig ); + const expectedMemoryWithoutDisk = resp.memory_estimation?.expected_memory_without_disk; + + setEstimatedModelMemoryLimit(expectedMemoryWithoutDisk); // If sourceIndex has changed load analysis field options again if (previousSourceIndex !== sourceIndex || previousJobType !== jobType) { @@ -168,7 +175,7 @@ export const CreateAnalyticsForm: FC = ({ actions, sta } setFormState({ - modelMemoryLimit: resp.memory_estimation?.expected_memory_without_disk, + ...(!modelMemoryLimit ? { modelMemoryLimit: expectedMemoryWithoutDisk } : {}), excludesOptions: analyzedFieldsOptions, loadingFieldOptions: false, fieldOptionsFetchFail: false, @@ -176,7 +183,7 @@ export const CreateAnalyticsForm: FC = ({ actions, sta }); } else { setFormState({ - modelMemoryLimit: resp.memory_estimation?.expected_memory_without_disk, + ...(!modelMemoryLimit ? { modelMemoryLimit: expectedMemoryWithoutDisk } : {}), }); } } catch (e) { @@ -189,14 +196,16 @@ export const CreateAnalyticsForm: FC = ({ actions, sta ) { errorMessage = e.message; } + const fallbackModelMemoryLimit = + jobType !== undefined + ? DEFAULT_MODEL_MEMORY_LIMIT[jobType] + : DEFAULT_MODEL_MEMORY_LIMIT.outlier_detection; + setEstimatedModelMemoryLimit(fallbackModelMemoryLimit); setFormState({ fieldOptionsFetchFail: true, maxDistinctValuesError: errorMessage, loadingFieldOptions: false, - modelMemoryLimit: - jobType !== undefined - ? DEFAULT_MODEL_MEMORY_LIMIT[jobType] - : DEFAULT_MODEL_MEMORY_LIMIT.outlier_detection, + modelMemoryLimit: fallbackModelMemoryLimit, }); } }, 400); @@ -642,7 +651,8 @@ export const CreateAnalyticsForm: FC = ({ actions, sta label={i18n.translate('xpack.ml.dataframe.analytics.create.modelMemoryLimitLabel', { defaultMessage: 'Model memory limit', })} - helpText={!modelMemoryLimitUnitValid && mmlUnitInvalidErrorMessage} + isInvalid={modelMemoryLimitValidationResult !== null} + error={mmlErrors} > = ({ actions, sta disabled={isJobCreated} value={modelMemoryLimit || ''} onChange={e => setFormState({ modelMemoryLimit: e.target.value })} - isInvalid={modelMemoryLimit === ''} + isInvalid={modelMemoryLimitValidationResult !== null} data-test-subj="mlAnalyticsCreateJobFlyoutModelMemoryInput" /> diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/actions.ts b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/actions.ts index a763bd9639bf3..70228f0238fda 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/actions.ts +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/actions.ts @@ -24,6 +24,7 @@ export enum ACTION { SET_JOB_CONFIG, SET_JOB_IDS, SWITCH_TO_ADVANCED_EDITOR, + SET_ESTIMATED_MODEL_MEMORY_LIMIT, } export type Action = @@ -59,7 +60,8 @@ export type Action = } | { type: ACTION.SET_IS_MODAL_VISIBLE; isModalVisible: State['isModalVisible'] } | { type: ACTION.SET_JOB_CONFIG; payload: State['jobConfig'] } - | { type: ACTION.SET_JOB_IDS; jobIds: State['jobIds'] }; + | { type: ACTION.SET_JOB_IDS; jobIds: State['jobIds'] } + | { type: ACTION.SET_ESTIMATED_MODEL_MEMORY_LIMIT; value: State['estimatedModelMemoryLimit'] }; // Actions wrapping the dispatcher exposed by the custom hook export interface ActionDispatchers { @@ -73,4 +75,5 @@ export interface ActionDispatchers { setJobConfig: (payload: State['jobConfig']) => void; startAnalyticsJob: () => void; switchToAdvancedEditor: () => void; + setEstimatedModelMemoryLimit: (value: State['estimatedModelMemoryLimit']) => void; } diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.test.ts b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.test.ts index 7ea2f74908e0e..5c989f7248a9e 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.test.ts +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.test.ts @@ -9,7 +9,7 @@ import { merge } from 'lodash'; import { DataFrameAnalyticsConfig } from '../../../../common'; import { ACTION } from './actions'; -import { reducer, validateAdvancedEditor } from './reducer'; +import { reducer, validateAdvancedEditor, validateMinMML } from './reducer'; import { getInitialState, JOB_TYPES } from './state'; type SourceIndex = DataFrameAnalyticsConfig['source']['index']; @@ -41,13 +41,19 @@ describe('useCreateAnalyticsForm', () => { const initialState = getInitialState(); expect(initialState.isValid).toBe(false); - const updatedState = reducer(initialState, { + const stateWithEstimatedMml = reducer(initialState, { + type: ACTION.SET_ESTIMATED_MODEL_MEMORY_LIMIT, + value: '182222kb', + }); + + const updatedState = reducer(stateWithEstimatedMml, { type: ACTION.SET_FORM_STATE, payload: { destinationIndex: 'the-destination-index', jobId: 'the-analytics-job-id', sourceIndex: 'the-source-index', jobType: JOB_TYPES.OUTLIER_DETECTION, + modelMemoryLimit: '200mb', }, }); expect(updatedState.isValid).toBe(true); @@ -146,3 +152,23 @@ describe('useCreateAnalyticsForm', () => { ).toBe(false); }); }); + +describe('validateMinMML', () => { + test('should detect a lower value', () => { + expect(validateMinMML('10mb')('100kb')).toEqual({ + min: { minValue: '10mb', actualValue: '100kb' }, + }); + }); + + test('should allow a bigger value', () => { + expect(validateMinMML('10mb')('1GB')).toEqual(null); + }); + + test('should allow the same value', () => { + expect(validateMinMML('1024mb')('1gb')).toEqual(null); + }); + + test('should ignore empty parameters', () => { + expect(validateMinMML((undefined as unknown) as string)('')).toEqual(null); + }); +}); diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts index f35fa6aa2f451..42c2413607570 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/reducer.ts @@ -5,6 +5,9 @@ */ import { i18n } from '@kbn/i18n'; +import { memoize } from 'lodash'; +// @ts-ignore +import numeral from '@elastic/numeral'; import { isValidIndexName } from '../../../../../../../common/util/es_utils'; import { Action, ACTION } from './actions'; @@ -13,7 +16,12 @@ import { isJobIdValid, validateModelMemoryLimitUnits, } from '../../../../../../../common/util/job_utils'; -import { maxLengthValidator } from '../../../../../../../common/util/validators'; +import { + composeValidators, + maxLengthValidator, + memoryInputValidator, + requiredValidator, +} from '../../../../../../../common/util/validators'; import { JOB_ID_MAX_LENGTH, ALLOWED_DATA_UNITS, @@ -37,6 +45,38 @@ export const mmlUnitInvalidErrorMessage = i18n.translate( } ); +/** + * Returns the list of model memory limit errors based on validation result. + * @param mmlValidationResult + */ +export function getModelMemoryLimitErrors(mmlValidationResult: any): string[] | null { + if (mmlValidationResult === null) { + return null; + } + + return Object.keys(mmlValidationResult).reduce((acc, errorKey) => { + if (errorKey === 'min') { + acc.push( + i18n.translate('xpack.ml.dataframe.analytics.create.modelMemoryUnitsMinError', { + defaultMessage: 'Model memory limit cannot be lower than {mml}', + values: { + mml: mmlValidationResult.min.minValue, + }, + }) + ); + } + if (errorKey === 'invalidUnits') { + acc.push( + i18n.translate('xpack.ml.dataframe.analytics.create.modelMemoryUnitsInvalidError', { + defaultMessage: 'Model memory limit data unit unrecognized. It must be {str}', + values: { str: mmlAllowedUnitsStr }, + }) + ); + } + return acc; + }, [] as string[]); +} + const getSourceIndexString = (state: State) => { const { jobConfig } = state; @@ -222,6 +262,39 @@ export const validateAdvancedEditor = (state: State): State => { return state; }; +/** + * Validates provided MML isn't lower than the estimated one. + */ +export function validateMinMML(estimatedMml: string) { + return (mml: string) => { + if (!mml || !estimatedMml) { + return null; + } + + // @ts-ignore + const mmlInBytes = numeral(mml.toUpperCase()).value(); + // @ts-ignore + const estimatedMmlInBytes = numeral(estimatedMml.toUpperCase()).value(); + + return estimatedMmlInBytes > mmlInBytes + ? { min: { minValue: estimatedMml, actualValue: mml } } + : null; + }; +} + +/** + * Result validator function for the MML. + * Re-init only if the estimated mml has been changed. + */ +const mmlValidator = memoize((estimatedMml: string) => + composeValidators(requiredValidator(), validateMinMML(estimatedMml), memoryInputValidator()) +); + +const validateMml = memoize( + (estimatedMml: string, mml: string | undefined) => mmlValidator(estimatedMml)(mml), + (...args: any) => args.join('_') +); + const validateForm = (state: State): State => { const { jobIdEmpty, @@ -238,22 +311,21 @@ const validateForm = (state: State): State => { maxDistinctValuesError, modelMemoryLimit, } = state.form; + const { estimatedModelMemoryLimit } = state; const jobTypeEmpty = jobType === undefined; const dependentVariableEmpty = (jobType === JOB_TYPES.REGRESSION || jobType === JOB_TYPES.CLASSIFICATION) && dependentVariable === ''; - const modelMemoryLimitEmpty = modelMemoryLimit === ''; - if (!modelMemoryLimitEmpty && modelMemoryLimit !== undefined) { - const { valid } = validateModelMemoryLimitUnits(modelMemoryLimit); - state.form.modelMemoryLimitUnitValid = valid; - } + const mmlValidationResult = validateMml(estimatedModelMemoryLimit, modelMemoryLimit); + + state.form.modelMemoryLimitValidationResult = mmlValidationResult; state.isValid = maxDistinctValuesError === undefined && !jobTypeEmpty && - state.form.modelMemoryLimitUnitValid && + !mmlValidationResult && !jobIdEmpty && jobIdValid && !jobIdExists && @@ -262,7 +334,6 @@ const validateForm = (state: State): State => { !destinationIndexNameEmpty && destinationIndexNameValid && !dependentVariableEmpty && - !modelMemoryLimitEmpty && (!destinationIndexPatternTitleExists || !createIndexPattern); return state; @@ -373,6 +444,12 @@ export function reducer(state: State, action: Action): State { isAdvancedEditorEnabled: true, jobConfig, }); + + case ACTION.SET_ESTIMATED_MODEL_MEMORY_LIMIT: + return { + ...state, + estimatedModelMemoryLimit: action.value, + }; } return state; diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts index 282f9ff45d0ee..1f23048e09d1f 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts @@ -67,6 +67,7 @@ export interface State { maxDistinctValuesError: string | undefined; modelMemoryLimit: string | undefined; modelMemoryLimitUnitValid: boolean; + modelMemoryLimitValidationResult: any; previousJobType: null | AnalyticsJobType; previousSourceIndex: EsIndexName | undefined; sourceIndex: EsIndexName; @@ -88,6 +89,7 @@ export interface State { jobConfig: DeepPartial; jobIds: DataFrameAnalyticsId[]; requestMessages: FormMessage[]; + estimatedModelMemoryLimit: string; } export const getInitialState = (): State => ({ @@ -118,6 +120,7 @@ export const getInitialState = (): State => ({ maxDistinctValuesError: undefined, modelMemoryLimit: undefined, modelMemoryLimitUnitValid: true, + modelMemoryLimitValidationResult: null, previousJobType: null, previousSourceIndex: undefined, sourceIndex: '', @@ -142,6 +145,7 @@ export const getInitialState = (): State => ({ isValid: false, jobIds: [], requestMessages: [], + estimatedModelMemoryLimit: '', }); export const getJobConfigFromFormState = ( diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/use_create_analytics_form.ts b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/use_create_analytics_form.ts index 59474b63213a2..350b3f98d4673 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/use_create_analytics_form.ts +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/use_create_analytics_form.ts @@ -297,6 +297,10 @@ export const useCreateAnalyticsForm = (): CreateAnalyticsFormProps => { dispatch({ type: ACTION.SWITCH_TO_ADVANCED_EDITOR }); }; + const setEstimatedModelMemoryLimit = (value: State['estimatedModelMemoryLimit']) => { + dispatch({ type: ACTION.SET_ESTIMATED_MODEL_MEMORY_LIMIT, value }); + }; + const actions: ActionDispatchers = { closeModal, createAnalyticsJob, @@ -308,6 +312,7 @@ export const useCreateAnalyticsForm = (): CreateAnalyticsFormProps => { setJobConfig, startAnalyticsJob, switchToAdvancedEditor, + setEstimatedModelMemoryLimit, }; return { state, actions }; diff --git a/x-pack/legacy/plugins/ml/public/application/datavisualizer/datavisualizer_selector.tsx b/x-pack/legacy/plugins/ml/public/application/datavisualizer/datavisualizer_selector.tsx index 0f56f78c708ee..254788c52a7a8 100644 --- a/x-pack/legacy/plugins/ml/public/application/datavisualizer/datavisualizer_selector.tsx +++ b/x-pack/legacy/plugins/ml/public/application/datavisualizer/datavisualizer_selector.tsx @@ -22,7 +22,7 @@ import { import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { isFullLicense } from '../license/check_license'; +import { isFullLicense } from '../license'; import { useTimefilter } from '../contexts/kibana'; import { NavigationMenu } from '../components/navigation_menu'; diff --git a/x-pack/legacy/plugins/ml/public/application/datavisualizer/file_based/components/results_links/results_links.tsx b/x-pack/legacy/plugins/ml/public/application/datavisualizer/file_based/components/results_links/results_links.tsx index debadba19051b..dddf64ce2cfd3 100644 --- a/x-pack/legacy/plugins/ml/public/application/datavisualizer/file_based/components/results_links/results_links.tsx +++ b/x-pack/legacy/plugins/ml/public/application/datavisualizer/file_based/components/results_links/results_links.tsx @@ -9,7 +9,7 @@ import moment from 'moment'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiFlexGroup, EuiFlexItem, EuiCard, EuiIcon } from '@elastic/eui'; import { ml } from '../../../../services/ml_api_service'; -import { isFullLicense } from '../../../../license/check_license'; +import { isFullLicense } from '../../../../license'; import { checkPermission } from '../../../../privilege/check_privilege'; import { mlNodesAvailable } from '../../../../ml_nodes_check/check_ml_nodes'; import { useMlKibana } from '../../../../contexts/kibana'; diff --git a/x-pack/legacy/plugins/ml/public/application/datavisualizer/index_based/page.tsx b/x-pack/legacy/plugins/ml/public/application/datavisualizer/index_based/page.tsx index 84c07651d323d..fbf42ef62265c 100644 --- a/x-pack/legacy/plugins/ml/public/application/datavisualizer/index_based/page.tsx +++ b/x-pack/legacy/plugins/ml/public/application/datavisualizer/index_based/page.tsx @@ -31,7 +31,7 @@ import { SavedSearchSavedObject } from '../../../../common/types/kibana'; import { NavigationMenu } from '../../components/navigation_menu'; import { ML_JOB_FIELD_TYPES } from '../../../../common/constants/field_types'; import { SEARCH_QUERY_LANGUAGE } from '../../../../common/constants/search'; -import { isFullLicense } from '../../license/check_license'; +import { isFullLicense } from '../../license'; import { checkPermission } from '../../privilege/check_privilege'; import { mlNodesAvailable } from '../../ml_nodes_check/check_ml_nodes'; import { FullTimeRangeSelector } from '../../components/full_time_range_selector'; diff --git a/x-pack/legacy/plugins/ml/public/application/license/__tests__/check_license.js b/x-pack/legacy/plugins/ml/public/application/license/__tests__/check_license.js deleted file mode 100644 index 9ce0ec04befb6..0000000000000 --- a/x-pack/legacy/plugins/ml/public/application/license/__tests__/check_license.js +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from '@kbn/expect'; -import { xpackInfo } from '../../../../../xpack_main/public/services/xpack_info'; -import { LICENSE_STATUS_VALID } from '../../../../../../common/constants/license_status'; -import { xpackFeatureAvailable } from '../check_license'; - -const initialInfo = { - features: { - watcher: { - status: LICENSE_STATUS_VALID, - }, - }, -}; - -describe('ML - check license', () => { - describe('xpackFeatureAvailable', () => { - beforeEach(() => { - xpackInfo.setAll(initialInfo); - }); - - it('returns true for enabled feature', () => { - const result = xpackFeatureAvailable('watcher'); - expect(result).to.be(true); - }); - - it('returns false for disabled feature', () => { - const result = xpackFeatureAvailable('noSuchFeature'); - expect(result).to.be(false); - }); - }); -}); diff --git a/x-pack/legacy/plugins/ml/public/application/license/check_license.tsx b/x-pack/legacy/plugins/ml/public/application/license/check_license.tsx index 4af753ddb4d1f..be5b702742baa 100644 --- a/x-pack/legacy/plugins/ml/public/application/license/check_license.tsx +++ b/x-pack/legacy/plugins/ml/public/application/license/check_license.tsx @@ -4,126 +4,74 @@ * you may not use this file except in compliance with the Elastic License. */ -import React from 'react'; -import { EuiCallOut } from '@elastic/eui'; -import { toMountPoint } from '../../../../../../../src/plugins/kibana_react/public'; -// @ts-ignore No declaration file for module -import { xpackInfo } from '../../../../xpack_main/public/services/xpack_info'; -import { LICENSE_TYPE } from '../../../common/constants/license'; -import { LICENSE_STATUS_VALID } from '../../../../../common/constants/license_status'; -import { getOverlays } from '../util/dependency_cache'; +import { LicensingPluginSetup } from '../../../../../../plugins/licensing/public'; +import { MlClientLicense } from './ml_client_license'; -let licenseHasExpired = true; -let licenseType: LICENSE_TYPE | null = null; -let expiredLicenseBannerId: string; +let mlLicense: MlClientLicense | null = null; -export function checkFullLicense() { - const features = getFeatures(); - licenseType = features.licenseType; - - if (features.isAvailable === false) { - // ML is not enabled - return redirectToKibana(); - } else if (features.licenseType === LICENSE_TYPE.BASIC) { - // ML is enabled, but only with a basic or gold license - return redirectToBasic(); - } else { - // ML is enabled - setLicenseExpired(features); - return Promise.resolve(features); - } +/** + * Create a new mlLicense and cache it for later checks + * + * @export + * @param {LicensingPluginSetup} licensingSetup + * @returns {MlClientLicense} + */ +export function setLicenseCache(licensingSetup: LicensingPluginSetup) { + mlLicense = new MlClientLicense(); + mlLicense.setup(licensingSetup.license$); + return mlLicense; } -export function checkBasicLicense() { - const features = getFeatures(); - licenseType = features.licenseType; - - if (features.isAvailable === false) { - // ML is not enabled - return redirectToKibana(); - } else { - // ML is enabled - setLicenseExpired(features); - return Promise.resolve(features); +/** + * Used as routing resolver to stop the loading of a page if the current license + * is a trial, platinum or enterprise. + * + * @export + * @returns {Promise} Promise which resolves if the license is trial, platinum or enterprise and rejects if it isn't. + */ +export async function checkFullLicense() { + if (mlLicense === null) { + // this should never happen + console.error('ML Licensing not initialized'); // eslint-disable-line + return Promise.reject(); } -} -// a wrapper for checkFullLicense which doesn't resolve if the license has expired. -// this is used by all create jobs pages to redirect back to the jobs list -// if the user's license has expired. -export function checkLicenseExpired() { - return checkFullLicense() - .then((features: any) => { - if (features.hasExpired) { - window.location.href = '#/jobs'; - return Promise.reject(); - } else { - return Promise.resolve(features); - } - }) - .catch(() => { - return Promise.reject(); - }); + return mlLicense.fullLicenseResolver(); } -function setLicenseExpired(features: any) { - licenseHasExpired = features.hasExpired || false; - // If the license has expired ML app will still work for 7 days and then - // the job management endpoints (e.g. create job, start datafeed) will be restricted. - // Therefore we need to keep the app enabled but show an info banner to the user. - if (licenseHasExpired) { - const message = features.message; - if (expiredLicenseBannerId === undefined) { - // Only show the banner once with no way to dismiss it - const overlays = getOverlays(); - expiredLicenseBannerId = overlays.banners.add( - toMountPoint() - ); - } +/** + * Used as routing resolver to stop the loading of a page if the current license + * is at least basic. + * + * @export + * @returns {Promise} Promise resolves if the license is at least basic and rejects if it isn't. + */ +export async function checkBasicLicense() { + if (mlLicense === null) { + // this should never happen + console.error('ML Licensing not initialized'); // eslint-disable-line + return Promise.reject(); } -} -// Temporary hack for cutting over server to NP -function getFeatures() { - return { - isAvailable: true, - showLinks: true, - enableLinks: true, - licenseType: 1, - hasExpired: false, - }; - // return xpackInfo.get('features.ml'); -} - -function redirectToKibana() { - window.location.href = '/'; - return Promise.reject(); -} -function redirectToBasic() { - window.location.href = '#/datavisualizer'; - return Promise.reject(); + return mlLicense.basicLicenseResolver(); } +/** + * Check to see if the current license has expired + * + * @export + * @returns {boolean} + */ export function hasLicenseExpired() { - return licenseHasExpired; + return mlLicense !== null && mlLicense.hasLicenseExpired(); } +/** + * Check to see if the current license is trial, platinum or enterprise. + * + * @export + * @returns {boolean} + */ export function isFullLicense() { - return licenseType === LICENSE_TYPE.FULL; -} - -export function xpackFeatureAvailable(feature: string) { - // each plugin can register their own set of features. - // so we need specific checks for each one. - // this list can grow if we need to check other plugin's features. - switch (feature) { - case 'watcher': - // watcher only has a license status feature - // if watcher is disabled in kibana.yml, the feature is completely missing from xpackInfo - return xpackInfo.get(`features.${feature}.status`, false) === LICENSE_STATUS_VALID; - default: - // historically plugins have used `isAvailable` as a catch all for - // license and feature enabled checks - return xpackInfo.get(`features.${feature}.isAvailable`, false); - } + return mlLicense !== null && mlLicense.isFullLicense(); } diff --git a/x-pack/legacy/plugins/ml/public/application/license/expired_warning.tsx b/x-pack/legacy/plugins/ml/public/application/license/expired_warning.tsx new file mode 100644 index 0000000000000..22cb3260d6969 --- /dev/null +++ b/x-pack/legacy/plugins/ml/public/application/license/expired_warning.tsx @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { i18n } from '@kbn/i18n'; +import { EuiCallOut } from '@elastic/eui'; +import { toMountPoint } from '../../../../../../../src/plugins/kibana_react/public'; +import { getOverlays } from '../util/dependency_cache'; + +let expiredLicenseBannerId: string; + +export function showExpiredLicenseWarning() { + if (expiredLicenseBannerId === undefined) { + const message = i18n.translate('xpack.ml.checkLicense.licenseHasExpiredMessage', { + defaultMessage: 'Your Machine Learning license has expired.', + }); + // Only show the banner once with no way to dismiss it + const overlays = getOverlays(); + expiredLicenseBannerId = overlays.banners.add( + toMountPoint() + ); + } +} diff --git a/x-pack/legacy/plugins/ml/public/application/license/index.ts b/x-pack/legacy/plugins/ml/public/application/license/index.ts new file mode 100644 index 0000000000000..0b6866d52d070 --- /dev/null +++ b/x-pack/legacy/plugins/ml/public/application/license/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { + checkBasicLicense, + checkFullLicense, + hasLicenseExpired, + isFullLicense, + setLicenseCache, +} from './check_license'; diff --git a/x-pack/legacy/plugins/ml/public/application/license/ml_client_license.ts b/x-pack/legacy/plugins/ml/public/application/license/ml_client_license.ts new file mode 100644 index 0000000000000..13809e15135e8 --- /dev/null +++ b/x-pack/legacy/plugins/ml/public/application/license/ml_client_license.ts @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { MlLicense } from '../../../common/license'; +import { showExpiredLicenseWarning } from './expired_warning'; + +export class MlClientLicense extends MlLicense { + fullLicenseResolver() { + if (this.isMlEnabled() === false || this.isMinimumLicense() === false) { + // ML is not enabled or the license isn't at least basic + return redirectToKibana(); + } + + if (this.isFullLicense() === false) { + // ML is enabled, but only with a basic or gold license + return redirectToBasic(); + } + + // ML is enabled + if (this.hasLicenseExpired()) { + showExpiredLicenseWarning(); + } + return Promise.resolve(); + } + + basicLicenseResolver() { + if (this.isMlEnabled() === false || this.isMinimumLicense() === false) { + // ML is not enabled or the license isn't at least basic + return redirectToKibana(); + } + + // ML is enabled + if (this.hasLicenseExpired()) { + showExpiredLicenseWarning(); + } + return Promise.resolve(); + } +} + +function redirectToKibana() { + window.location.href = '/'; + return Promise.reject(); +} + +function redirectToBasic() { + window.location.href = '#/datavisualizer'; + return Promise.reject(); +} diff --git a/x-pack/legacy/plugins/ml/public/application/management/index.ts b/x-pack/legacy/plugins/ml/public/application/management/index.ts index a05de8b0d0880..16bb3ddfd1c9b 100644 --- a/x-pack/legacy/plugins/ml/public/application/management/index.ts +++ b/x-pack/legacy/plugins/ml/public/application/management/index.ts @@ -10,21 +10,36 @@ * you may not use this file except in compliance with the Elastic License. */ +import { npSetup } from 'ui/new_platform'; import { management } from 'ui/management'; import { i18n } from '@kbn/i18n'; import chrome from 'ui/chrome'; import { metadata } from 'ui/metadata'; -// @ts-ignore No declaration file for module -import { xpackInfo } from '../../../../xpack_main/public/services/xpack_info'; import { JOBS_LIST_PATH } from './management_urls'; -import { LICENSE_TYPE } from '../../../common/constants/license'; import { setDependencyCache } from '../util/dependency_cache'; import './jobs_list'; +import { + LicensingPluginSetup, + LICENSE_CHECK_STATE, +} from '../../../../../../plugins/licensing/public'; +import { PLUGIN_ID } from '../../../common/constants/app'; +import { MINIMUM_FULL_LICENSE } from '../../../common/license'; -if ( - xpackInfo.get('features.ml.showLinks', false) === true && - xpackInfo.get('features.ml.licenseType') === LICENSE_TYPE.FULL -) { +type PluginsSetupExtended = typeof npSetup.plugins & { + // adds licensing which isn't in the PluginsSetup interface, but does exist + licensing: LicensingPluginSetup; +}; + +const plugins = npSetup.plugins as PluginsSetupExtended; +const licencingSubscription = plugins.licensing.license$.subscribe(license => { + if (license.check(PLUGIN_ID, MINIMUM_FULL_LICENSE).state === LICENSE_CHECK_STATE.Valid) { + initManagementSection(); + // unsubscribe, we only want to register the plugin once. + licencingSubscription.unsubscribe(); + } +}); + +function initManagementSection() { const legacyBasePath = { prepend: chrome.addBasePath, get: chrome.getBasePath, diff --git a/x-pack/legacy/plugins/ml/public/application/privilege/check_privilege.ts b/x-pack/legacy/plugins/ml/public/application/privilege/check_privilege.ts index 6cc06231a08d0..ec9695a2ce668 100644 --- a/x-pack/legacy/plugins/ml/public/application/privilege/check_privilege.ts +++ b/x-pack/legacy/plugins/ml/public/application/privilege/check_privilege.ts @@ -6,7 +6,7 @@ import { i18n } from '@kbn/i18n'; -import { hasLicenseExpired } from '../license/check_license'; +import { hasLicenseExpired } from '../license'; import { Privileges, getDefaultPrivileges } from '../../../common/types/privileges'; import { getPrivileges, getManageMlPrivileges } from './get_privileges'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/resolvers.ts b/x-pack/legacy/plugins/ml/public/application/routing/resolvers.ts index 5fc1ea533e87f..acaf3f3acd0c8 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/resolvers.ts +++ b/x-pack/legacy/plugins/ml/public/application/routing/resolvers.ts @@ -5,7 +5,7 @@ */ import { loadIndexPatterns, loadSavedSearches } from '../util/index_utils'; -import { checkFullLicense } from '../license/check_license'; +import { checkFullLicense } from '../license'; import { checkGetJobsPrivilege } from '../privilege/check_privilege'; import { getMlNodeCount } from '../ml_nodes_check/check_ml_nodes'; import { loadMlServerInfo } from '../services/ml_server_info'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/datavisualizer.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/datavisualizer.tsx index e89834018f5e6..d257a9c080c35 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/datavisualizer.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/datavisualizer.tsx @@ -15,7 +15,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { DatavisualizerSelector } from '../../../datavisualizer'; -import { checkBasicLicense } from '../../../license/check_license'; +import { checkBasicLicense } from '../../../license'; import { checkFindFileStructurePrivilege } from '../../../privilege/check_privilege'; import { DATA_VISUALIZER_BREADCRUMB, ML_BREADCRUMB } from '../../breadcrumbs'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/file_based.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/file_based.tsx index b4ccccd0776eb..174b3e3b4b338 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/file_based.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/file_based.tsx @@ -16,11 +16,10 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { FileDataVisualizerPage } from '../../../datavisualizer/file_based'; -import { checkBasicLicense } from '../../../license/check_license'; +import { checkBasicLicense } from '../../../license'; import { checkFindFileStructurePrivilege } from '../../../privilege/check_privilege'; import { loadIndexPatterns } from '../../../util/index_utils'; -import { getMlNodeCount } from '../../../ml_nodes_check'; import { DATA_VISUALIZER_BREADCRUMB, ML_BREADCRUMB } from '../../breadcrumbs'; const breadcrumbs = [ @@ -45,7 +44,6 @@ const PageWrapper: FC = ({ location, deps }) => { checkBasicLicense, loadIndexPatterns: () => loadIndexPatterns(deps.indexPatterns), checkFindFileStructurePrivilege, - getMlNodeCount, }); return ( diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/index_based.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/index_based.tsx index 74ab916cb443f..a3dbc9f97124c 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/index_based.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/datavisualizer/index_based.tsx @@ -11,7 +11,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { Page } from '../../../datavisualizer/index_based'; -import { checkBasicLicense } from '../../../license/check_license'; +import { checkBasicLicense } from '../../../license'; import { checkGetJobsPrivilege } from '../../../privilege/check_privilege'; import { loadIndexPatterns } from '../../../util/index_utils'; import { checkMlNodesAvailable } from '../../../ml_nodes_check'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/new_job/index_or_search.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/new_job/index_or_search.tsx index ae35d783517d3..9411b415e4e4d 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/new_job/index_or_search.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/new_job/index_or_search.tsx @@ -11,7 +11,7 @@ import { useResolver } from '../../use_resolver'; import { basicResolvers } from '../../resolvers'; import { Page, preConfiguredJobRedirect } from '../../../jobs/new_job/pages/index_or_search'; import { ANOMALY_DETECTION_BREADCRUMB, ML_BREADCRUMB } from '../../breadcrumbs'; -import { checkBasicLicense } from '../../../license/check_license'; +import { checkBasicLicense } from '../../../license'; import { loadIndexPatterns } from '../../../util/index_utils'; import { checkGetJobsPrivilege } from '../../../privilege/check_privilege'; import { checkMlNodesAvailable } from '../../../ml_nodes_check'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/overview.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/overview.tsx index b1e00158efb94..ccb99985cb70c 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/overview.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/overview.tsx @@ -12,7 +12,7 @@ import { MlRoute, PageLoader, PageProps } from '../router'; import { useResolver } from '../use_resolver'; import { OverviewPage } from '../../overview'; -import { checkFullLicense } from '../../license/check_license'; +import { checkFullLicense } from '../../license'; import { checkGetJobsPrivilege } from '../../privilege/check_privilege'; import { getMlNodeCount } from '../../ml_nodes_check'; import { loadMlServerInfo } from '../../services/ml_server_info'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx index c1bfaa2fe6c1e..9d5c4e9c0b0a0 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_list.tsx @@ -16,7 +16,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { useTimefilter } from '../../../contexts/kibana'; -import { checkFullLicense } from '../../../license/check_license'; +import { checkFullLicense } from '../../../license'; import { checkGetJobsPrivilege, checkPermission } from '../../../privilege/check_privilege'; import { getMlNodeCount } from '../../../ml_nodes_check/check_ml_nodes'; import { CalendarsList } from '../../../settings/calendars'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx index 7af2e49e3a69e..bf039e3bd2354 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/calendar_new_edit.tsx @@ -16,7 +16,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { useTimefilter } from '../../../contexts/kibana'; -import { checkFullLicense } from '../../../license/check_license'; +import { checkFullLicense } from '../../../license'; import { checkGetJobsPrivilege, checkPermission } from '../../../privilege/check_privilege'; import { checkMlNodesAvailable } from '../../../ml_nodes_check/check_ml_nodes'; import { NewCalendar } from '../../../settings/calendars'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list.tsx index 9c5c06b76247c..6839ad833cb06 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list.tsx @@ -16,7 +16,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { useTimefilter } from '../../../contexts/kibana'; -import { checkFullLicense } from '../../../license/check_license'; +import { checkFullLicense } from '../../../license'; import { checkGetJobsPrivilege, checkPermission } from '../../../privilege/check_privilege'; import { getMlNodeCount } from '../../../ml_nodes_check/check_ml_nodes'; import { FilterLists } from '../../../settings/filter_lists'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list_new_edit.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list_new_edit.tsx index 752b889490e58..7b8bd6c3c81ac 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list_new_edit.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/filter_list_new_edit.tsx @@ -16,7 +16,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { useTimefilter } from '../../../contexts/kibana'; -import { checkFullLicense } from '../../../license/check_license'; +import { checkFullLicense } from '../../../license'; import { checkGetJobsPrivilege, checkPermission } from '../../../privilege/check_privilege'; import { checkMlNodesAvailable } from '../../../ml_nodes_check/check_ml_nodes'; import { EditFilterList } from '../../../settings/filter_lists'; diff --git a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/settings.tsx b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/settings.tsx index 10efb2dcc60c7..10ccc0987fe5d 100644 --- a/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/settings.tsx +++ b/x-pack/legacy/plugins/ml/public/application/routing/routes/settings/settings.tsx @@ -15,7 +15,7 @@ import { MlRoute, PageLoader, PageProps } from '../../router'; import { useResolver } from '../../use_resolver'; import { useTimefilter } from '../../../contexts/kibana'; -import { checkFullLicense } from '../../../license/check_license'; +import { checkFullLicense } from '../../../license'; import { checkGetJobsPrivilege, checkPermission } from '../../../privilege/check_privilege'; import { getMlNodeCount } from '../../../ml_nodes_check/check_ml_nodes'; import { Settings } from '../../../settings'; diff --git a/x-pack/legacy/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js b/x-pack/legacy/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js index 8dc174040f9c8..5f61ccf47e9d7 100644 --- a/x-pack/legacy/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js +++ b/x-pack/legacy/plugins/ml/public/application/settings/calendars/edit/new_calendar.test.js @@ -10,7 +10,7 @@ jest.mock('../../../components/navigation_menu', () => ({ jest.mock('../../../privilege/check_privilege', () => ({ checkPermission: () => true, })); -jest.mock('../../../license/check_license', () => ({ +jest.mock('../../../license', () => ({ hasLicenseExpired: () => false, isFullLicense: () => false, })); diff --git a/x-pack/legacy/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js b/x-pack/legacy/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js index 677703bceeca7..3ea8e0c39fbb2 100644 --- a/x-pack/legacy/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js +++ b/x-pack/legacy/plugins/ml/public/application/settings/calendars/list/calendars_list.test.js @@ -16,7 +16,7 @@ jest.mock('../../../components/navigation_menu', () => ({ jest.mock('../../../privilege/check_privilege', () => ({ checkPermission: () => true, })); -jest.mock('../../../license/check_license', () => ({ +jest.mock('../../../license', () => ({ hasLicenseExpired: () => false, isFullLicense: () => false, })); diff --git a/x-pack/legacy/plugins/ml/public/application/util/dependency_cache.ts b/x-pack/legacy/plugins/ml/public/application/util/dependency_cache.ts index 6d1dfa96ca03e..c167d7e7c3d42 100644 --- a/x-pack/legacy/plugins/ml/public/application/util/dependency_cache.ts +++ b/x-pack/legacy/plugins/ml/public/application/util/dependency_cache.ts @@ -76,6 +76,7 @@ export function setDependencyCache(deps: Partial) { cache.XSRF = deps.XSRF || null; cache.application = deps.application || null; cache.http = deps.http || null; + cache.security = deps.security || null; } export function getTimefilter() { diff --git a/x-pack/legacy/plugins/ml/public/legacy.ts b/x-pack/legacy/plugins/ml/public/legacy.ts index 7dfcf6a99c213..0c6c0bd8dd29e 100644 --- a/x-pack/legacy/plugins/ml/public/legacy.ts +++ b/x-pack/legacy/plugins/ml/public/legacy.ts @@ -8,14 +8,24 @@ import chrome from 'ui/chrome'; import { npSetup, npStart } from 'ui/new_platform'; import { PluginInitializerContext } from 'src/core/public'; import { SecurityPluginSetup } from '../../../../plugins/security/public'; +import { LicensingPluginSetup } from '../../../../plugins/licensing/public'; import { plugin } from '.'; const pluginInstance = plugin({} as PluginInitializerContext); +type PluginsSetupExtended = typeof npSetup.plugins & { + // adds plugins which aren't in the PluginsSetup interface, but do exist + security: SecurityPluginSetup; + licensing: LicensingPluginSetup; +}; + +const setupDependencies = npSetup.plugins as PluginsSetupExtended; + export const setup = pluginInstance.setup(npSetup.core, { data: npStart.plugins.data, - security: ((npSetup.plugins as unknown) as { security: SecurityPluginSetup }).security, // security isn't in the PluginsSetup interface, but does exist + security: setupDependencies.security, + licensing: setupDependencies.licensing, __LEGACY: { XSRF: chrome.getXsrfToken(), }, diff --git a/x-pack/legacy/plugins/ml/public/plugin.ts b/x-pack/legacy/plugins/ml/public/plugin.ts index 1061bb1b6b62b..c0369a74c070a 100644 --- a/x-pack/legacy/plugins/ml/public/plugin.ts +++ b/x-pack/legacy/plugins/ml/public/plugin.ts @@ -8,7 +8,7 @@ import { Plugin, CoreStart, CoreSetup } from 'src/core/public'; import { MlDependencies } from './application/app'; export class MlPlugin implements Plugin { - setup(core: CoreSetup, { data, security, __LEGACY }: MlDependencies) { + setup(core: CoreSetup, { data, security, licensing, __LEGACY }: MlDependencies) { core.application.register({ id: 'ml', title: 'Machine learning', @@ -23,6 +23,7 @@ export class MlPlugin implements Plugin { data, __LEGACY, security, + licensing, }); }, }); diff --git a/x-pack/legacy/plugins/security/index.d.ts b/x-pack/legacy/plugins/security/index.d.ts deleted file mode 100644 index d453415f73376..0000000000000 --- a/x-pack/legacy/plugins/security/index.d.ts +++ /dev/null @@ -1,15 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { Legacy } from 'kibana'; -import { AuthenticatedUser } from '../../../plugins/security/public'; - -/** - * Public interface of the security plugin. - */ -export interface SecurityPlugin { - getUser: (request: Legacy.Request) => Promise; -} diff --git a/x-pack/legacy/plugins/security/index.js b/x-pack/legacy/plugins/security/index.js deleted file mode 100644 index 18b815fb429cb..0000000000000 --- a/x-pack/legacy/plugins/security/index.js +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { resolve } from 'path'; -import { initOverwrittenSessionView } from './server/routes/views/overwritten_session'; -import { initLoginView } from './server/routes/views/login'; -import { initLogoutView } from './server/routes/views/logout'; -import { initLoggedOutView } from './server/routes/views/logged_out'; -import { AuditLogger } from '../../server/lib/audit_logger'; -import { watchStatusAndLicenseToInitialize } from '../../server/lib/watch_status_and_license_to_initialize'; -import { KibanaRequest } from '../../../../src/core/server'; - -export const security = kibana => - new kibana.Plugin({ - id: 'security', - configPrefix: 'xpack.security', - publicDir: resolve(__dirname, 'public'), - require: ['kibana', 'elasticsearch', 'xpack_main'], - - config(Joi) { - const HANDLED_IN_NEW_PLATFORM = Joi.any().description( - 'This key is handled in the new platform security plugin ONLY' - ); - return Joi.object({ - enabled: Joi.boolean().default(true), - cookieName: HANDLED_IN_NEW_PLATFORM, - encryptionKey: HANDLED_IN_NEW_PLATFORM, - session: HANDLED_IN_NEW_PLATFORM, - secureCookies: HANDLED_IN_NEW_PLATFORM, - loginAssistanceMessage: HANDLED_IN_NEW_PLATFORM, - authorization: HANDLED_IN_NEW_PLATFORM, - audit: Joi.object({ - enabled: Joi.boolean().default(false), - }).default(), - authc: HANDLED_IN_NEW_PLATFORM, - }).default(); - }, - - uiExports: { - styleSheetPaths: resolve(__dirname, 'public/index.scss'), - apps: [ - { - id: 'login', - title: 'Login', - main: 'plugins/security/views/login', - hidden: true, - }, - { - id: 'overwritten_session', - title: 'Overwritten Session', - main: 'plugins/security/views/overwritten_session', - description: - 'The view is shown when user had an active session previously, but logged in as a different user.', - hidden: true, - }, - { - id: 'logout', - title: 'Logout', - main: 'plugins/security/views/logout', - hidden: true, - }, - { - id: 'logged_out', - title: 'Logged out', - main: 'plugins/security/views/logged_out', - hidden: true, - }, - ], - hacks: [ - 'plugins/security/hacks/on_session_timeout', - 'plugins/security/hacks/on_unauthorized_response', - 'plugins/security/hacks/register_account_management_app', - ], - injectDefaultVars: server => { - const securityPlugin = server.newPlatform.setup.plugins.security; - if (!securityPlugin) { - throw new Error('New Platform XPack Security plugin is not available.'); - } - - return { - secureCookies: securityPlugin.__legacyCompat.config.secureCookies, - session: { - tenant: server.newPlatform.setup.core.http.basePath.serverBasePath, - }, - enableSpaceAwarePrivileges: server.config().get('xpack.spaces.enabled'), - logoutUrl: `${server.newPlatform.setup.core.http.basePath.serverBasePath}/logout`, - }; - }, - }, - - async postInit(server) { - const securityPlugin = server.newPlatform.setup.plugins.security; - if (!securityPlugin) { - throw new Error('New Platform XPack Security plugin is not available.'); - } - - watchStatusAndLicenseToInitialize(server.plugins.xpack_main, this, async () => { - const xpackInfo = server.plugins.xpack_main.info; - if (xpackInfo.isAvailable() && xpackInfo.feature('security').isEnabled()) { - await securityPlugin.__legacyCompat.registerPrivilegesWithCluster(); - } - }); - }, - - async init(server) { - const securityPlugin = server.newPlatform.setup.plugins.security; - if (!securityPlugin) { - throw new Error('New Platform XPack Security plugin is not available.'); - } - - const config = server.config(); - const xpackInfo = server.plugins.xpack_main.info; - securityPlugin.__legacyCompat.registerLegacyAPI({ - auditLogger: new AuditLogger(server, 'security', config, xpackInfo), - }); - - // Legacy xPack Info endpoint returns whatever we return in a callback for `registerLicenseCheckResultsGenerator` - // and the result is consumed by the legacy plugins all over the place, so we should keep it here for now. We assume - // that when legacy callback is called license has been already propagated to the new platform security plugin and - // features are up to date. - xpackInfo - .feature(this.id) - .registerLicenseCheckResultsGenerator(() => - securityPlugin.__legacyCompat.license.getFeatures() - ); - - server.expose({ - getUser: async request => securityPlugin.authc.getCurrentUser(KibanaRequest.from(request)), - }); - - initLoginView(securityPlugin, server); - initLogoutView(server); - initLoggedOutView(securityPlugin, server); - initOverwrittenSessionView(server); - - server.injectUiAppVars('login', () => { - const { - showLogin, - allowLogin, - layout = 'form', - } = securityPlugin.__legacyCompat.license.getFeatures(); - const { loginAssistanceMessage } = securityPlugin.__legacyCompat.config; - return { - loginAssistanceMessage, - loginState: { - showLogin, - allowLogin, - layout, - }, - }; - }); - }, - }); diff --git a/x-pack/legacy/plugins/security/index.ts b/x-pack/legacy/plugins/security/index.ts new file mode 100644 index 0000000000000..deebbccf5aa49 --- /dev/null +++ b/x-pack/legacy/plugins/security/index.ts @@ -0,0 +1,93 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Root } from 'joi'; +import { resolve } from 'path'; +import { Server } from 'src/legacy/server/kbn_server'; +import { KibanaRequest, LegacyRequest } from '../../../../src/core/server'; +// @ts-ignore +import { AuditLogger } from '../../server/lib/audit_logger'; +// @ts-ignore +import { watchStatusAndLicenseToInitialize } from '../../server/lib/watch_status_and_license_to_initialize'; +import { AuthenticatedUser, SecurityPluginSetup } from '../../../plugins/security/server'; + +/** + * Public interface of the security plugin. + */ +export interface SecurityPlugin { + getUser: (request: LegacyRequest) => Promise; +} + +function getSecurityPluginSetup(server: Server) { + const securityPlugin = server.newPlatform.setup.plugins.security as SecurityPluginSetup; + if (!securityPlugin) { + throw new Error('Kibana Platform Security plugin is not available.'); + } + + return securityPlugin; +} + +export const security = (kibana: Record) => + new kibana.Plugin({ + id: 'security', + configPrefix: 'xpack.security', + publicDir: resolve(__dirname, 'public'), + require: ['kibana', 'elasticsearch', 'xpack_main'], + + // This config is only used by `AuditLogger` and should be removed as soon as `AuditLogger` + // is migrated to Kibana Platform. + config(Joi: Root) { + return Joi.object({ + enabled: Joi.boolean().default(true), + audit: Joi.object({ enabled: Joi.boolean().default(false) }).default(), + }) + .unknown() + .default(); + }, + + uiExports: { + hacks: ['plugins/security/hacks/legacy'], + injectDefaultVars: (server: Server) => { + return { + secureCookies: getSecurityPluginSetup(server).__legacyCompat.config.secureCookies, + enableSpaceAwarePrivileges: server.config().get('xpack.spaces.enabled'), + }; + }, + }, + + async postInit(server: Server) { + watchStatusAndLicenseToInitialize(server.plugins.xpack_main, this, async () => { + const xpackInfo = server.plugins.xpack_main.info; + if (xpackInfo.isAvailable() && xpackInfo.feature('security').isEnabled()) { + await getSecurityPluginSetup(server).__legacyCompat.registerPrivilegesWithCluster(); + } + }); + }, + + async init(server: Server) { + const securityPlugin = getSecurityPluginSetup(server); + + const xpackInfo = server.plugins.xpack_main.info; + securityPlugin.__legacyCompat.registerLegacyAPI({ + auditLogger: new AuditLogger(server, 'security', server.config(), xpackInfo), + }); + + // Legacy xPack Info endpoint returns whatever we return in a callback for `registerLicenseCheckResultsGenerator` + // and the result is consumed by the legacy plugins all over the place, so we should keep it here for now. We assume + // that when legacy callback is called license has been already propagated to the new platform security plugin and + // features are up to date. + xpackInfo + .feature(this.id) + .registerLicenseCheckResultsGenerator(() => + securityPlugin.__legacyCompat.license.getFeatures() + ); + + server.expose({ + getUser: async (request: LegacyRequest) => + securityPlugin.authc.getCurrentUser(KibanaRequest.from(request)), + }); + }, + }); diff --git a/x-pack/legacy/plugins/security/public/hacks/legacy.ts b/x-pack/legacy/plugins/security/public/hacks/legacy.ts new file mode 100644 index 0000000000000..2c683fe4ecf80 --- /dev/null +++ b/x-pack/legacy/plugins/security/public/hacks/legacy.ts @@ -0,0 +1,64 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +// @ts-ignore +import { uiModules } from 'ui/modules'; +import { npSetup, npStart } from 'ui/new_platform'; +import routes from 'ui/routes'; +import { isSystemApiRequest } from '../../../../../../src/plugins/kibana_legacy/public'; +import { SecurityPluginSetup } from '../../../../../plugins/security/public'; + +const securityPluginSetup = (npSetup.plugins as any).security as SecurityPluginSetup; +if (securityPluginSetup) { + routes.when('/account', { + template: '
', + controller: () => npStart.core.application.navigateToApp('security_account'), + }); + + const getNextParameter = () => { + const { location } = window; + const next = encodeURIComponent(`${location.pathname}${location.search}${location.hash}`); + return `&next=${next}`; + }; + + const getProviderParameter = (tenant: string) => { + const key = `${tenant}/session_provider`; + const providerName = sessionStorage.getItem(key); + return providerName ? `&provider=${encodeURIComponent(providerName)}` : ''; + }; + + const module = uiModules.get('security', []); + module.config(($httpProvider: ng.IHttpProvider) => { + $httpProvider.interceptors.push(($q, $window, Promise) => { + const isAnonymous = npSetup.core.http.anonymousPaths.isAnonymous(window.location.pathname); + + function interceptorFactory(responseHandler: (response: ng.IHttpResponse) => any) { + return function interceptor(response: ng.IHttpResponse) { + if (!isAnonymous && !isSystemApiRequest(response.config)) { + securityPluginSetup.sessionTimeout.extend(response.config.url); + } + + if (response.status !== 401 || isAnonymous) { + return responseHandler(response); + } + + const { logoutUrl, tenant } = securityPluginSetup.__legacyCompat; + const next = getNextParameter(); + const provider = getProviderParameter(tenant); + + $window.location.href = `${logoutUrl}?msg=SESSION_EXPIRED${next}${provider}`; + + return Promise.halt(); + }; + } + + return { + response: interceptorFactory(response => response), + responseError: interceptorFactory($q.reject), + }; + }); + }); +} diff --git a/x-pack/legacy/plugins/security/public/hacks/on_session_timeout.js b/x-pack/legacy/plugins/security/public/hacks/on_session_timeout.js deleted file mode 100644 index 3e3fd09bdbbdb..0000000000000 --- a/x-pack/legacy/plugins/security/public/hacks/on_session_timeout.js +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import _ from 'lodash'; -import { uiModules } from 'ui/modules'; -import { isSystemApiRequest } from 'ui/system_api'; -import { npSetup } from 'ui/new_platform'; - -const module = uiModules.get('security', []); -module.config($httpProvider => { - $httpProvider.interceptors.push($q => { - const isAnonymous = npSetup.core.http.anonymousPaths.isAnonymous(window.location.pathname); - - function interceptorFactory(responseHandler) { - return function interceptor(response) { - if (!isAnonymous && !isSystemApiRequest(response.config)) { - npSetup.plugins.security.sessionTimeout.extend(response.config.url); - } - return responseHandler(response); - }; - } - - return { - response: interceptorFactory(_.identity), - responseError: interceptorFactory($q.reject), - }; - }); -}); diff --git a/x-pack/legacy/plugins/security/public/hacks/on_unauthorized_response.js b/x-pack/legacy/plugins/security/public/hacks/on_unauthorized_response.js deleted file mode 100644 index 3e214db972b18..0000000000000 --- a/x-pack/legacy/plugins/security/public/hacks/on_unauthorized_response.js +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { identity } from 'lodash'; -import { uiModules } from 'ui/modules'; -import { Path } from 'plugins/xpack_main/services/path'; -import 'plugins/security/services/auto_logout'; - -function isUnauthorizedResponseAllowed(response) { - const API_WHITELIST = ['/internal/security/login', '/internal/security/users/.*/password']; - - const url = response.config.url; - return API_WHITELIST.some(api => url.match(api)); -} - -const module = uiModules.get('security'); -module.factory('onUnauthorizedResponse', ($q, autoLogout) => { - const isUnauthenticated = Path.isUnauthenticated(); - function interceptorFactory(responseHandler) { - return function interceptor(response) { - if (response.status === 401 && !isUnauthorizedResponseAllowed(response) && !isUnauthenticated) - return autoLogout(); - return responseHandler(response); - }; - } - - return { - response: interceptorFactory(identity), - responseError: interceptorFactory($q.reject), - }; -}); - -module.config($httpProvider => { - $httpProvider.interceptors.push('onUnauthorizedResponse'); -}); diff --git a/x-pack/legacy/plugins/security/public/index.scss b/x-pack/legacy/plugins/security/public/index.scss deleted file mode 100644 index 0050d01a52493..0000000000000 --- a/x-pack/legacy/plugins/security/public/index.scss +++ /dev/null @@ -1,15 +0,0 @@ -@import 'src/legacy/ui/public/styles/styling_constants'; - -// Prefix all styles with "kbn" to avoid conflicts. -// Examples -// secChart -// secChart__legend -// secChart__legend--small -// secChart__legend-isLoading - -// Public components -@import './components/index'; - -// Public views -@import './views/index'; - diff --git a/x-pack/legacy/plugins/security/public/services/auto_logout.js b/x-pack/legacy/plugins/security/public/services/auto_logout.js deleted file mode 100644 index fa4d149d1f2e6..0000000000000 --- a/x-pack/legacy/plugins/security/public/services/auto_logout.js +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { uiModules } from 'ui/modules'; -import chrome from 'ui/chrome'; - -const module = uiModules.get('security'); - -const getNextParameter = () => { - const { location } = window; - const next = encodeURIComponent(`${location.pathname}${location.search}${location.hash}`); - return `&next=${next}`; -}; - -const getProviderParameter = tenant => { - const key = `${tenant}/session_provider`; - const providerName = sessionStorage.getItem(key); - return providerName ? `&provider=${encodeURIComponent(providerName)}` : ''; -}; - -module.service('autoLogout', ($window, Promise) => { - return () => { - const logoutUrl = chrome.getInjected('logoutUrl'); - const tenant = `${chrome.getInjected('session.tenant', '')}`; - const next = getNextParameter(); - const provider = getProviderParameter(tenant); - $window.location.href = `${logoutUrl}?msg=SESSION_EXPIRED${next}${provider}`; - return Promise.halt(); - }; -}); diff --git a/x-pack/legacy/plugins/security/public/views/_index.scss b/x-pack/legacy/plugins/security/public/views/_index.scss deleted file mode 100644 index 6c2a091adf536..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/_index.scss +++ /dev/null @@ -1,2 +0,0 @@ -// Login styles -@import './login/index'; diff --git a/x-pack/legacy/plugins/security/public/views/account/account.js b/x-pack/legacy/plugins/security/public/views/account/account.js deleted file mode 100644 index 13abc44e08f96..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/account/account.js +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React from 'react'; -import { render, unmountComponentAtNode } from 'react-dom'; -import { i18n } from '@kbn/i18n'; -import { npStart } from 'ui/new_platform'; -import routes from 'ui/routes'; - -routes.when('/account', { - template: '
', - k7Breadcrumbs: () => [ - { - text: i18n.translate('xpack.security.account.breadcrumb', { - defaultMessage: 'Account Management', - }), - }, - ], - controllerAs: 'accountController', - controller($scope) { - $scope.$$postDigest(() => { - const domNode = document.getElementById('userProfileReactRoot'); - - render( - , - domNode - ); - - $scope.$on('$destroy', () => unmountComponentAtNode(domNode)); - }); - }, -}); diff --git a/x-pack/legacy/plugins/security/public/views/logged_out/index.js b/x-pack/legacy/plugins/security/public/views/logged_out/index.js deleted file mode 100644 index 3a2281bd6beee..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/logged_out/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import './logged_out'; diff --git a/x-pack/legacy/plugins/security/public/views/logged_out/logged_out.html b/x-pack/legacy/plugins/security/public/views/logged_out/logged_out.html deleted file mode 100644 index b65df2b53f26c..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/logged_out/logged_out.html +++ /dev/null @@ -1 +0,0 @@ -
diff --git a/x-pack/legacy/plugins/security/public/views/logged_out/logged_out.tsx b/x-pack/legacy/plugins/security/public/views/logged_out/logged_out.tsx deleted file mode 100644 index dbeb68875c1a9..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/logged_out/logged_out.tsx +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { FormattedMessage } from '@kbn/i18n/react'; -import { EuiButton } from '@elastic/eui'; -import { AuthenticationStatePage } from 'plugins/security/components/authentication_state_page'; -// @ts-ignore -import template from 'plugins/security/views/logged_out/logged_out.html'; -import React from 'react'; -import { render } from 'react-dom'; -import chrome from 'ui/chrome'; -import { I18nContext } from 'ui/i18n'; - -chrome - .setVisible(false) - .setRootTemplate(template) - .setRootController('logout', ($scope: any) => { - $scope.$$postDigest(() => { - const domNode = document.getElementById('reactLoggedOutRoot'); - render( - - - } - > - - - - - , - domNode - ); - }); - }); diff --git a/x-pack/legacy/plugins/security/public/views/login/_index.scss b/x-pack/legacy/plugins/security/public/views/login/_index.scss deleted file mode 100644 index 9083c8dc3b775..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/login/_index.scss +++ /dev/null @@ -1,8 +0,0 @@ -// Prefix all styles with "login" to avoid conflicts. -// Examples -// loginChart -// loginChart__legend -// loginChart__legend--small -// loginChart__legend-isLoading - -@import './components/index'; diff --git a/x-pack/legacy/plugins/security/public/views/login/components/_index.scss b/x-pack/legacy/plugins/security/public/views/login/components/_index.scss deleted file mode 100644 index a6f9598b9cc04..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/login/components/_index.scss +++ /dev/null @@ -1 +0,0 @@ -@import './login_page/index'; diff --git a/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.test.tsx b/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.test.tsx deleted file mode 100644 index 3a970d582bdc8..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.test.tsx +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { EuiButton, EuiCallOut } from '@elastic/eui'; -import React from 'react'; -import { mountWithIntl, shallowWithIntl } from 'test_utils/enzyme_helpers'; -import { LoginState } from '../../login_state'; -import { BasicLoginForm } from './basic_login_form'; - -const createMockHttp = ({ simulateError = false } = {}) => { - return { - post: jest.fn(async () => { - if (simulateError) { - // eslint-disable-next-line no-throw-literal - throw { - data: { - statusCode: 401, - }, - }; - } - - return { - statusCode: 200, - }; - }), - }; -}; - -const createLoginState = (options?: Partial) => { - return { - allowLogin: true, - layout: 'form', - ...options, - } as LoginState; -}; - -describe('BasicLoginForm', () => { - it('renders as expected', () => { - const mockHttp = createMockHttp(); - const mockWindow = {}; - const loginState = createLoginState(); - expect( - shallowWithIntl( - - ) - ).toMatchSnapshot(); - }); - - it('renders an info message when provided', () => { - const mockHttp = createMockHttp(); - const mockWindow = {}; - const loginState = createLoginState(); - - const wrapper = shallowWithIntl( - - ); - - expect(wrapper.find(EuiCallOut).props().title).toEqual('Hey this is an info message'); - }); - - it('renders an invalid credentials message', async () => { - const mockHttp = createMockHttp({ simulateError: true }); - const mockWindow = {}; - const loginState = createLoginState(); - - const wrapper = mountWithIntl( - - ); - - wrapper.find('input[name="username"]').simulate('change', { target: { value: 'username' } }); - wrapper.find('input[name="password"]').simulate('change', { target: { value: 'password' } }); - wrapper.find(EuiButton).simulate('click'); - - // Wait for ajax + rerender - await Promise.resolve(); - wrapper.update(); - await Promise.resolve(); - wrapper.update(); - - expect(wrapper.find(EuiCallOut).props().title).toEqual( - `Invalid username or password. Please try again.` - ); - }); -}); diff --git a/x-pack/legacy/plugins/security/public/views/login/components/login_page/__snapshots__/login_page.test.tsx.snap b/x-pack/legacy/plugins/security/public/views/login/components/login_page/__snapshots__/login_page.test.tsx.snap deleted file mode 100644 index 17ba81988414a..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/login/components/login_page/__snapshots__/login_page.test.tsx.snap +++ /dev/null @@ -1,485 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`LoginPage disabled form states renders as expected when a connection to ES is not available 1`] = ` -
-
-
- - - - - -

- -

- - -

- -

- - -
-
-
- - - - } - title={ - - } - /> - - -
-
-`; - -exports[`LoginPage disabled form states renders as expected when an unknown loginState layout is provided 1`] = ` -
-
-
- - - - - -

- -

- - -

- -

- - -
-
-
- - - - } - title={ - - } - /> - - -
-
-`; - -exports[`LoginPage disabled form states renders as expected when loginAssistanceMessage is set 1`] = ` -
-
-
- - - - - -

- -

- - -

- -

- - -
-
-
- - - - - -
-
-`; - -exports[`LoginPage disabled form states renders as expected when secure cookies are required but not present 1`] = ` -
-
-
- - - - - -

- -

- - -

- -

- - -
-
-
- - - - } - title={ - - } - /> - - -
-
-`; - -exports[`LoginPage disabled form states renders as expected when xpack is not available 1`] = ` -
-
-
- - - - - -

- -

- - -

- -

- - -
-
-
- - - - } - title={ - - } - /> - - -
-
-`; - -exports[`LoginPage enabled form state renders as expected 1`] = ` -
-
-
- - - - - -

- -

- - -

- -

- - -
-
-
- - - - - -
-
-`; diff --git a/x-pack/legacy/plugins/security/public/views/login/components/login_page/login_page.test.tsx b/x-pack/legacy/plugins/security/public/views/login/components/login_page/login_page.test.tsx deleted file mode 100644 index a0318d50a45e5..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/login/components/login_page/login_page.test.tsx +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { shallow } from 'enzyme'; -import React from 'react'; -import { LoginLayout, LoginState } from '../../login_state'; -import { LoginPage } from './login_page'; - -const createMockHttp = ({ simulateError = false } = {}) => { - return { - post: jest.fn(async () => { - if (simulateError) { - // eslint-disable-next-line no-throw-literal - throw { - data: { - statusCode: 401, - }, - }; - } - - return { - statusCode: 200, - }; - }), - }; -}; - -const createLoginState = (options?: Partial) => { - return { - allowLogin: true, - layout: 'form', - ...options, - } as LoginState; -}; - -describe('LoginPage', () => { - describe('disabled form states', () => { - it('renders as expected when secure cookies are required but not present', () => { - const props = { - http: createMockHttp(), - window: {}, - next: '', - loginState: createLoginState(), - isSecureConnection: false, - requiresSecureConnection: true, - loginAssistanceMessage: '', - }; - - expect(shallow()).toMatchSnapshot(); - }); - - it('renders as expected when a connection to ES is not available', () => { - const props = { - http: createMockHttp(), - window: {}, - next: '', - loginState: createLoginState({ - layout: 'error-es-unavailable', - }), - isSecureConnection: false, - requiresSecureConnection: false, - loginAssistanceMessage: '', - }; - - expect(shallow()).toMatchSnapshot(); - }); - - it('renders as expected when xpack is not available', () => { - const props = { - http: createMockHttp(), - window: {}, - next: '', - loginState: createLoginState({ - layout: 'error-xpack-unavailable', - }), - isSecureConnection: false, - requiresSecureConnection: false, - loginAssistanceMessage: '', - }; - - expect(shallow()).toMatchSnapshot(); - }); - - it('renders as expected when an unknown loginState layout is provided', () => { - const props = { - http: createMockHttp(), - window: {}, - next: '', - loginState: createLoginState({ - layout: 'error-asdf-asdf-unknown' as LoginLayout, - }), - isSecureConnection: false, - requiresSecureConnection: false, - loginAssistanceMessage: '', - }; - - expect(shallow()).toMatchSnapshot(); - }); - - it('renders as expected when loginAssistanceMessage is set', () => { - const props = { - http: createMockHttp(), - window: {}, - next: '', - loginState: createLoginState(), - isSecureConnection: false, - requiresSecureConnection: false, - loginAssistanceMessage: 'This is an *important* message', - }; - - expect(shallow()).toMatchSnapshot(); - }); - }); - - describe('enabled form state', () => { - it('renders as expected', () => { - const props = { - http: createMockHttp(), - window: {}, - next: '', - loginState: createLoginState(), - isSecureConnection: false, - requiresSecureConnection: false, - loginAssistanceMessage: '', - }; - - expect(shallow()).toMatchSnapshot(); - }); - }); -}); diff --git a/x-pack/legacy/plugins/security/public/views/login/login.tsx b/x-pack/legacy/plugins/security/public/views/login/login.tsx deleted file mode 100644 index 0b89ac553c9a8..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/login/login.tsx +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { i18n } from '@kbn/i18n'; -import { get } from 'lodash'; -import { LoginPage } from 'plugins/security/views/login/components'; -import React from 'react'; -import { render } from 'react-dom'; -import chrome from 'ui/chrome'; -import { I18nContext } from 'ui/i18n'; -import { parse } from 'url'; -import { parseNext } from './parse_next'; -import { LoginState } from './login_state'; -const messageMap = { - SESSION_EXPIRED: i18n.translate('xpack.security.login.sessionExpiredDescription', { - defaultMessage: 'Your session has timed out. Please log in again.', - }), - LOGGED_OUT: i18n.translate('xpack.security.login.loggedOutDescription', { - defaultMessage: 'You have logged out of Kibana.', - }), -}; - -interface AnyObject { - [key: string]: any; -} - -(chrome as AnyObject) - .setVisible(false) - .setRootTemplate('
') - .setRootController( - 'login', - ( - $scope: AnyObject, - $http: AnyObject, - $window: AnyObject, - secureCookies: boolean, - loginState: LoginState, - loginAssistanceMessage: string - ) => { - const basePath = chrome.getBasePath(); - const next = parseNext($window.location.href, basePath); - const isSecure = !!$window.location.protocol.match(/^https/); - - $scope.$$postDigest(() => { - const domNode = document.getElementById('reactLoginRoot'); - - const msgQueryParam = parse($window.location.href, true).query.msg || ''; - - render( - - - , - domNode - ); - }); - } - ); diff --git a/x-pack/legacy/plugins/security/public/views/logout/index.js b/x-pack/legacy/plugins/security/public/views/logout/index.js deleted file mode 100644 index 56588d4f746f1..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/logout/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import './logout'; diff --git a/x-pack/legacy/plugins/security/public/views/logout/logout.js b/x-pack/legacy/plugins/security/public/views/logout/logout.js deleted file mode 100644 index 97010ec81bbf5..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/logout/logout.js +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import chrome from 'ui/chrome'; - -chrome.setVisible(false).setRootController('logout', $window => { - $window.sessionStorage.clear(); - - // Redirect user to the server logout endpoint to complete logout. - $window.location.href = chrome.addBasePath(`/api/security/logout${$window.location.search}`); -}); diff --git a/x-pack/legacy/plugins/security/public/views/overwritten_session/index.js b/x-pack/legacy/plugins/security/public/views/overwritten_session/index.js deleted file mode 100644 index f3ba8a6b9d7c5..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/overwritten_session/index.js +++ /dev/null @@ -1,7 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import './overwritten_session'; diff --git a/x-pack/legacy/plugins/security/public/views/overwritten_session/overwritten_session.tsx b/x-pack/legacy/plugins/security/public/views/overwritten_session/overwritten_session.tsx deleted file mode 100644 index 4c79c499cc0e6..0000000000000 --- a/x-pack/legacy/plugins/security/public/views/overwritten_session/overwritten_session.tsx +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { FormattedMessage } from '@kbn/i18n/react'; -import { EuiButton } from '@elastic/eui'; -import React from 'react'; -import { render } from 'react-dom'; -import chrome from 'ui/chrome'; -import { I18nContext } from 'ui/i18n'; -import { npSetup } from 'ui/new_platform'; -import { AuthenticatedUser, SecurityPluginSetup } from '../../../../../../plugins/security/public'; -import { AuthenticationStatePage } from '../../components/authentication_state_page'; - -chrome - .setVisible(false) - .setRootTemplate('
') - .setRootController('overwritten_session', ($scope: any) => { - $scope.$$postDigest(() => { - ((npSetup.plugins as unknown) as { security: SecurityPluginSetup }).security.authc - .getCurrentUser() - .then((user: AuthenticatedUser) => { - const overwrittenSessionPage = ( - - - } - > - - - - - - ); - render(overwrittenSessionPage, document.getElementById('reactOverwrittenSessionRoot')); - }); - }); - }); diff --git a/x-pack/legacy/plugins/security/server/lib/__tests__/parse_next.js b/x-pack/legacy/plugins/security/server/lib/__tests__/parse_next.js deleted file mode 100644 index 7516433c77f83..0000000000000 --- a/x-pack/legacy/plugins/security/server/lib/__tests__/parse_next.js +++ /dev/null @@ -1,172 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from '@kbn/expect'; -import { parseNext } from '../parse_next'; - -describe('parseNext', () => { - it('should return a function', () => { - expect(parseNext).to.be.a('function'); - }); - - describe('with basePath defined', () => { - // trailing slash is important since it must match the cookie path exactly - it('should return basePath with a trailing slash when next is not specified', () => { - const basePath = '/iqf'; - const href = `${basePath}/login`; - expect(parseNext(href, basePath)).to.equal(`${basePath}/`); - }); - - it('should properly handle next without hash', () => { - const basePath = '/iqf'; - const next = `${basePath}/app/kibana`; - const href = `${basePath}/login?next=${next}`; - expect(parseNext(href, basePath)).to.equal(next); - }); - - it('should properly handle next with hash', () => { - const basePath = '/iqf'; - const next = `${basePath}/app/kibana`; - const hash = '/discover/New-Saved-Search'; - const href = `${basePath}/login?next=${next}#${hash}`; - expect(parseNext(href, basePath)).to.equal(`${next}#${hash}`); - }); - - it('should properly decode special characters', () => { - const basePath = '/iqf'; - const next = `${encodeURIComponent(basePath)}%2Fapp%2Fkibana`; - const hash = '/discover/New-Saved-Search'; - const href = `${basePath}/login?next=${next}#${hash}`; - expect(parseNext(href, basePath)).to.equal(decodeURIComponent(`${next}#${hash}`)); - }); - - // to help prevent open redirect to a different url - it('should return basePath if next includes a protocol/hostname', () => { - const basePath = '/iqf'; - const next = `https://example.com${basePath}/app/kibana`; - const href = `${basePath}/login?next=${next}`; - expect(parseNext(href, basePath)).to.equal(`${basePath}/`); - }); - - // to help prevent open redirect to a different url by abusing encodings - it('should return basePath if including a protocol/host even if it is encoded', () => { - const basePath = '/iqf'; - const baseUrl = `http://example.com${basePath}`; - const next = `${encodeURIComponent(baseUrl)}%2Fapp%2Fkibana`; - const hash = '/discover/New-Saved-Search'; - const href = `${basePath}/login?next=${next}#${hash}`; - expect(parseNext(href, basePath)).to.equal(`${basePath}/`); - }); - - // to help prevent open redirect to a different port - it('should return basePath if next includes a port', () => { - const basePath = '/iqf'; - const next = `http://localhost:5601${basePath}/app/kibana`; - const href = `${basePath}/login?next=${next}`; - expect(parseNext(href, basePath)).to.equal(`${basePath}/`); - }); - - // to help prevent open redirect to a different port by abusing encodings - it('should return basePath if including a port even if it is encoded', () => { - const basePath = '/iqf'; - const baseUrl = `http://example.com:5601${basePath}`; - const next = `${encodeURIComponent(baseUrl)}%2Fapp%2Fkibana`; - const hash = '/discover/New-Saved-Search'; - const href = `${basePath}/login?next=${next}#${hash}`; - expect(parseNext(href, basePath)).to.equal(`${basePath}/`); - }); - - // to help prevent open redirect to a different base path - it('should return basePath if next does not begin with basePath', () => { - const basePath = '/iqf'; - const next = '/notbasepath/app/kibana'; - const href = `${basePath}/login?next=${next}`; - expect(parseNext(href, basePath)).to.equal(`${basePath}/`); - }); - - // disallow network-path references - it('should return / if next is url without protocol', () => { - const nextWithTwoSlashes = '//example.com'; - const hrefWithTwoSlashes = `/login?next=${nextWithTwoSlashes}`; - expect(parseNext(hrefWithTwoSlashes)).to.equal('/'); - - const nextWithThreeSlashes = '///example.com'; - const hrefWithThreeSlashes = `/login?next=${nextWithThreeSlashes}`; - expect(parseNext(hrefWithThreeSlashes)).to.equal('/'); - }); - }); - - describe('without basePath defined', () => { - // trailing slash is important since it must match the cookie path exactly - it('should return / with a trailing slash when next is not specified', () => { - const href = '/login'; - expect(parseNext(href)).to.equal('/'); - }); - - it('should properly handle next without hash', () => { - const next = '/app/kibana'; - const href = `/login?next=${next}`; - expect(parseNext(href)).to.equal(next); - }); - - it('should properly handle next with hash', () => { - const next = '/app/kibana'; - const hash = '/discover/New-Saved-Search'; - const href = `/login?next=${next}#${hash}`; - expect(parseNext(href)).to.equal(`${next}#${hash}`); - }); - - it('should properly decode special characters', () => { - const next = '%2Fapp%2Fkibana'; - const hash = '/discover/New-Saved-Search'; - const href = `/login?next=${next}#${hash}`; - expect(parseNext(href)).to.equal(decodeURIComponent(`${next}#${hash}`)); - }); - - // to help prevent open redirect to a different url - it('should return / if next includes a protocol/hostname', () => { - const next = 'https://example.com/app/kibana'; - const href = `/login?next=${next}`; - expect(parseNext(href)).to.equal('/'); - }); - - // to help prevent open redirect to a different url by abusing encodings - it('should return / if including a protocol/host even if it is encoded', () => { - const baseUrl = 'http://example.com'; - const next = `${encodeURIComponent(baseUrl)}%2Fapp%2Fkibana`; - const hash = '/discover/New-Saved-Search'; - const href = `/login?next=${next}#${hash}`; - expect(parseNext(href)).to.equal('/'); - }); - - // to help prevent open redirect to a different port - it('should return / if next includes a port', () => { - const next = 'http://localhost:5601/app/kibana'; - const href = `/login?next=${next}`; - expect(parseNext(href)).to.equal('/'); - }); - - // to help prevent open redirect to a different port by abusing encodings - it('should return / if including a port even if it is encoded', () => { - const baseUrl = 'http://example.com:5601'; - const next = `${encodeURIComponent(baseUrl)}%2Fapp%2Fkibana`; - const hash = '/discover/New-Saved-Search'; - const href = `/login?next=${next}#${hash}`; - expect(parseNext(href)).to.equal('/'); - }); - - // disallow network-path references - it('should return / if next is url without protocol', () => { - const nextWithTwoSlashes = '//example.com'; - const hrefWithTwoSlashes = `/login?next=${nextWithTwoSlashes}`; - expect(parseNext(hrefWithTwoSlashes)).to.equal('/'); - - const nextWithThreeSlashes = '///example.com'; - const hrefWithThreeSlashes = `/login?next=${nextWithThreeSlashes}`; - expect(parseNext(hrefWithThreeSlashes)).to.equal('/'); - }); - }); -}); diff --git a/x-pack/legacy/plugins/security/server/lib/parse_next.js b/x-pack/legacy/plugins/security/server/lib/parse_next.js deleted file mode 100644 index c247043876c91..0000000000000 --- a/x-pack/legacy/plugins/security/server/lib/parse_next.js +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { parse } from 'url'; - -export function parseNext(href, basePath = '') { - const { query, hash } = parse(href, true); - if (!query.next) { - return `${basePath}/`; - } - - // validate that `next` is not attempting a redirect to somewhere - // outside of this Kibana install - const { protocol, hostname, port, pathname } = parse( - query.next, - false /* parseQueryString */, - true /* slashesDenoteHost */ - ); - - // We should explicitly compare `protocol`, `port` and `hostname` to null to make sure these are not - // detected in the URL at all. For example `hostname` can be empty string for Node URL parser, but - // browser (because of various bwc reasons) processes URL differently (e.g. `///abc.com` - for browser - // hostname is `abc.com`, but for Node hostname is an empty string i.e. everything between schema (`//`) - // and the first slash that belongs to path. - if (protocol !== null || hostname !== null || port !== null) { - return `${basePath}/`; - } - - if (!String(pathname).startsWith(basePath)) { - return `${basePath}/`; - } - - return query.next + (hash || ''); -} diff --git a/x-pack/legacy/plugins/security/server/routes/views/logged_out.js b/x-pack/legacy/plugins/security/server/routes/views/logged_out.js deleted file mode 100644 index 0dc6caaca04c6..0000000000000 --- a/x-pack/legacy/plugins/security/server/routes/views/logged_out.js +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export function initLoggedOutView( - { - __legacyCompat: { - config: { cookieName }, - }, - }, - server -) { - const config = server.config(); - const loggedOut = server.getHiddenUiAppById('logged_out'); - - server.route({ - method: 'GET', - path: '/logged_out', - handler(request, h) { - const isUserAlreadyLoggedIn = !!request.state[cookieName]; - if (isUserAlreadyLoggedIn) { - const basePath = config.get('server.basePath'); - return h.redirect(`${basePath}/`); - } - return h.renderAppWithDefaultConfig(loggedOut); - }, - config: { - auth: false, - }, - }); -} diff --git a/x-pack/legacy/plugins/security/server/routes/views/login.js b/x-pack/legacy/plugins/security/server/routes/views/login.js deleted file mode 100644 index 29468db161d9b..0000000000000 --- a/x-pack/legacy/plugins/security/server/routes/views/login.js +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { get } from 'lodash'; - -import { parseNext } from '../../lib/parse_next'; - -export function initLoginView( - { - __legacyCompat: { - config: { cookieName }, - license, - }, - }, - server -) { - const config = server.config(); - const login = server.getHiddenUiAppById('login'); - - function shouldShowLogin() { - if (license.isEnabled()) { - return Boolean(license.getFeatures().showLogin); - } - - // default to true if xpack info isn't available or - // it can't be resolved for some reason - return true; - } - - server.route({ - method: 'GET', - path: '/login', - handler(request, h) { - const isUserAlreadyLoggedIn = !!request.state[cookieName]; - if (isUserAlreadyLoggedIn || !shouldShowLogin()) { - const basePath = config.get('server.basePath'); - const url = get(request, 'raw.req.url'); - const next = parseNext(url, basePath); - return h.redirect(next); - } - return h.renderAppWithDefaultConfig(login); - }, - config: { - auth: false, - }, - }); -} diff --git a/x-pack/legacy/plugins/security/server/routes/views/logout.js b/x-pack/legacy/plugins/security/server/routes/views/logout.js deleted file mode 100644 index 54607ee89faab..0000000000000 --- a/x-pack/legacy/plugins/security/server/routes/views/logout.js +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -export function initLogoutView(server) { - const logout = server.getHiddenUiAppById('logout'); - - server.route({ - method: 'GET', - path: '/logout', - handler(request, h) { - return h.renderAppWithDefaultConfig(logout); - }, - config: { - auth: false, - }, - }); -} diff --git a/x-pack/legacy/plugins/security/server/routes/views/overwritten_session.ts b/x-pack/legacy/plugins/security/server/routes/views/overwritten_session.ts deleted file mode 100644 index ea99a9aeb100c..0000000000000 --- a/x-pack/legacy/plugins/security/server/routes/views/overwritten_session.ts +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { Request, ResponseToolkit } from 'hapi'; -import { Legacy } from 'kibana'; - -export function initOverwrittenSessionView(server: Legacy.Server) { - server.route({ - method: 'GET', - path: '/overwritten_session', - handler(request: Request, h: ResponseToolkit) { - return h.renderAppWithDefaultConfig(server.getHiddenUiAppById('overwritten_session')); - }, - }); -} diff --git a/x-pack/legacy/plugins/transform/public/app/lib/kibana/kibana_context.tsx b/x-pack/legacy/plugins/transform/public/app/lib/kibana/kibana_context.tsx index 3acec1ea0e809..7677c491a7a59 100644 --- a/x-pack/legacy/plugins/transform/public/app/lib/kibana/kibana_context.tsx +++ b/x-pack/legacy/plugins/transform/public/app/lib/kibana/kibana_context.tsx @@ -8,11 +8,11 @@ import React, { createContext, useContext, FC } from 'react'; import { IUiSettingsClient } from 'kibana/public'; -import { SavedSearch } from '../../../../../../../../src/legacy/core_plugins/kibana/public/discover/np_ready/types'; import { IndexPattern, IndexPatternsContract, } from '../../../../../../../../src/plugins/data/public'; +import { SavedSearch } from '../../../../../../../../src/plugins/discover/public/'; interface UninitializedKibanaContextValue { initialized: false; diff --git a/x-pack/legacy/plugins/transform/public/shim.ts b/x-pack/legacy/plugins/transform/public/shim.ts index 95f54605377a8..05f7626e25e9d 100644 --- a/x-pack/legacy/plugins/transform/public/shim.ts +++ b/x-pack/legacy/plugins/transform/public/shim.ts @@ -11,9 +11,9 @@ import { docTitle } from 'ui/doc_title/doc_title'; // @ts-ignore: allow traversal to fail on x-pack build import { createUiStatsReporter } from '../../../../../src/legacy/core_plugins/ui_metric/public'; -import { SavedSearchLoader } from '../../../../../src/legacy/core_plugins/kibana/public/discover/np_ready/types'; import { TRANSFORM_DOC_PATHS } from './app/constants'; +import { SavedSearchLoader } from '../../../../../src/plugins/discover/public'; export type NpCore = typeof npStart.core; export type NpPlugins = typeof npStart.plugins; diff --git a/x-pack/legacy/plugins/xpack_main/public/services/path.js b/x-pack/legacy/plugins/xpack_main/public/services/path.js index d66cf44e69b4f..d2fe550178e61 100644 --- a/x-pack/legacy/plugins/xpack_main/public/services/path.js +++ b/x-pack/legacy/plugins/xpack_main/public/services/path.js @@ -9,6 +9,11 @@ import chrome from 'ui/chrome'; export const Path = { isUnauthenticated() { const path = chrome.removeBasePath(window.location.pathname); - return path === '/login' || path === '/logout' || path === '/logged_out' || path === '/status'; + return ( + path === '/login' || + path === '/logout' || + path === '/security/logged_out' || + path === '/status' + ); }, }; diff --git a/x-pack/legacy/plugins/xpack_main/server/routes/api/v1/__tests__/xpack_info.js b/x-pack/legacy/plugins/xpack_main/server/routes/api/v1/__tests__/xpack_info.js index 57a28a3e4769a..540d9f63ea6c8 100644 --- a/x-pack/legacy/plugins/xpack_main/server/routes/api/v1/__tests__/xpack_info.js +++ b/x-pack/legacy/plugins/xpack_main/server/routes/api/v1/__tests__/xpack_info.js @@ -58,7 +58,6 @@ describe('XPackInfo routes', () => { showLinks: false, allowRoleDocumentLevelSecurity: false, allowRoleFieldLevelSecurity: false, - linksMessage: 'Message', }, }, }); @@ -79,7 +78,6 @@ describe('XPackInfo routes', () => { show_links: false, allow_role_document_level_security: false, allow_role_field_level_security: false, - links_message: 'Message', }, }, }); diff --git a/x-pack/plugins/apm/tsconfig.json b/x-pack/plugins/apm/tsconfig.json deleted file mode 100644 index 618c6c3e97b57..0000000000000 --- a/x-pack/plugins/apm/tsconfig.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "extends": "../../../tsconfig.json" -} diff --git a/x-pack/plugins/ml/server/lib/check_license/check_license.test.ts b/x-pack/plugins/ml/server/lib/check_license/check_license.test.ts deleted file mode 100644 index 942dbe3722617..0000000000000 --- a/x-pack/plugins/ml/server/lib/check_license/check_license.test.ts +++ /dev/null @@ -1,167 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from '@kbn/expect'; -import sinon from 'sinon'; -import { set } from 'lodash'; -import { LicenseCheckResult } from '../../types'; -import { checkLicense } from './check_license'; - -describe('check_license', () => { - let mockLicenseInfo: LicenseCheckResult; - beforeEach(() => (mockLicenseInfo = {} as LicenseCheckResult)); - - describe('license information is undefined', () => { - it('should set isAvailable to false', () => { - expect(checkLicense(undefined as any).isAvailable).to.be(false); - }); - - it('should set showLinks to true', () => { - expect(checkLicense(undefined as any).showLinks).to.be(true); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(undefined as any).enableLinks).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(undefined as any).message).to.not.be(undefined); - }); - }); - - describe('license information is not available', () => { - beforeEach(() => { - mockLicenseInfo.isAvailable = false; - }); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it('should set showLinks to true', () => { - expect(checkLicense(mockLicenseInfo).showLinks).to.be(true); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('license information is available', () => { - beforeEach(() => { - mockLicenseInfo.isAvailable = true; - mockLicenseInfo.type = 'basic'; - }); - - describe('& ML is disabled in Elasticsearch', () => { - beforeEach(() => { - set( - mockLicenseInfo, - 'feature', - sinon - .stub() - .withArgs('ml') - .returns({ isEnabled: false }) - ); - }); - - it('should set showLinks to false', () => { - expect(checkLicense(mockLicenseInfo).showLinks).to.be(false); - }); - - it('should set isAvailable to false', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(false); - }); - - it('should set enableLinks to false', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(false); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - - describe('& ML is enabled in Elasticsearch', () => { - beforeEach(() => { - mockLicenseInfo.isEnabled = true; - }); - - describe('& license is >= platinum', () => { - beforeEach(() => { - mockLicenseInfo.type = 'platinum'; - }); - describe('& license is active', () => { - beforeEach(() => { - mockLicenseInfo.isActive = true; - }); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it('should set showLinks to true', () => { - expect(checkLicense(mockLicenseInfo).showLinks).to.be(true); - }); - - it('should set enableLinks to true', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); - }); - - it('should not set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.be(undefined); - }); - }); - - describe('& license is expired', () => { - beforeEach(() => { - mockLicenseInfo.isActive = false; - }); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it('should set showLinks to true', () => { - expect(checkLicense(mockLicenseInfo).showLinks).to.be(true); - }); - - it('should set enableLinks to true', () => { - expect(checkLicense(mockLicenseInfo).enableLinks).to.be(true); - }); - - it('should set a message', () => { - expect(checkLicense(mockLicenseInfo).message).to.not.be(undefined); - }); - }); - }); - - describe('& license is basic', () => { - beforeEach(() => { - mockLicenseInfo.type = 'basic'; - }); - - describe('& license is active', () => { - beforeEach(() => { - mockLicenseInfo.isActive = true; - }); - - it('should set isAvailable to true', () => { - expect(checkLicense(mockLicenseInfo).isAvailable).to.be(true); - }); - - it('should set showLinks to true', () => { - expect(checkLicense(mockLicenseInfo).showLinks).to.be(true); - }); - }); - }); - }); - }); -}); diff --git a/x-pack/plugins/ml/server/lib/check_license/check_license.ts b/x-pack/plugins/ml/server/lib/check_license/check_license.ts deleted file mode 100644 index 5bf3d590a1912..0000000000000 --- a/x-pack/plugins/ml/server/lib/check_license/check_license.ts +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { i18n } from '@kbn/i18n'; -import { - LICENSE_TYPE, - VALID_FULL_LICENSE_MODES, -} from '../../../../../legacy/plugins/ml/common/constants/license'; -import { LicenseCheckResult } from '../../types'; - -interface Response { - isAvailable: boolean; - showLinks: boolean; - enableLinks: boolean; - licenseType?: LICENSE_TYPE; - hasExpired?: boolean; - message?: string; -} - -export function checkLicense(licenseCheckResult: LicenseCheckResult): Response { - // If, for some reason, we cannot get the license information - // from Elasticsearch, assume worst case and disable the Machine Learning UI - if (licenseCheckResult === undefined || !licenseCheckResult.isAvailable) { - return { - isAvailable: false, - showLinks: true, - enableLinks: false, - message: i18n.translate( - 'xpack.ml.checkLicense.licenseInformationNotAvailableThisTimeMessage', - { - defaultMessage: - 'You cannot use Machine Learning because license information is not available at this time.', - } - ), - }; - } - - const featureEnabled = licenseCheckResult.isEnabled; - if (!featureEnabled) { - return { - isAvailable: false, - showLinks: false, - enableLinks: false, - message: i18n.translate('xpack.ml.checkLicense.mlIsUnavailableMessage', { - defaultMessage: 'Machine Learning is unavailable', - }), - }; - } - - const isLicenseModeValid = - licenseCheckResult.type && VALID_FULL_LICENSE_MODES.includes(licenseCheckResult.type); - const licenseType = isLicenseModeValid === true ? LICENSE_TYPE.FULL : LICENSE_TYPE.BASIC; - const isLicenseActive = licenseCheckResult.isActive; - const licenseTypeName = licenseCheckResult.type; - - // Platinum or trial license is valid but not active, i.e. expired - if (licenseType === LICENSE_TYPE.FULL && isLicenseActive === false) { - return { - isAvailable: true, - showLinks: true, - enableLinks: true, - hasExpired: true, - licenseType, - message: i18n.translate('xpack.ml.checkLicense.licenseHasExpiredMessage', { - defaultMessage: 'Your {licenseTypeName} Machine Learning license has expired.', - values: { licenseTypeName }, - }), - }; - } - - // License is valid and active - return { - isAvailable: true, - showLinks: true, - enableLinks: true, - licenseType, - hasExpired: false, - }; -} diff --git a/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.test.ts b/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.test.ts index 0690aa53576a5..4dd9100e1b67a 100644 --- a/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.test.ts +++ b/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.test.ts @@ -7,30 +7,27 @@ import { callWithRequestProvider } from './__mocks__/call_with_request'; import { privilegesProvider } from './check_privileges'; import { mlPrivileges } from './privileges'; +import { MlLicense } from '../../../../../legacy/plugins/ml/common/license'; -const licenseCheckResultWithSecurity = { - isAvailable: true, - isEnabled: true, - isSecurityDisabled: false, - type: 'platinum', - isActive: true, -}; +const mlLicenseWithSecurity = { + isSecurityEnabled: () => true, + isFullLicense: () => true, +} as MlLicense; -const licenseCheckResultWithOutSecurity = { - ...licenseCheckResultWithSecurity, - isSecurityDisabled: true, -}; +const mlLicenseWithOutSecurity = { + isSecurityEnabled: () => false, + isFullLicense: () => true, +} as MlLicense; -const licenseCheckResultWithOutSecurityBasicLicense = { - ...licenseCheckResultWithSecurity, - isSecurityDisabled: true, - type: 'basic', -}; +const mlLicenseWithOutSecurityBasicLicense = { + isSecurityEnabled: () => false, + isFullLicense: () => false, +} as MlLicense; -const licenseCheckResultWithSecurityBasicLicense = { - ...licenseCheckResultWithSecurity, - type: 'basic', -}; +const mlLicenseWithSecurityBasicLicense = { + isSecurityEnabled: () => true, + isFullLicense: () => false, +} as MlLicense; const mlIsEnabled = async () => true; const mlIsNotEnabled = async () => false; @@ -47,7 +44,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('partialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurity, + mlLicenseWithSecurity, mlIsEnabled ); const { capabilities } = await getPrivileges(); @@ -62,7 +59,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('partialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurity, + mlLicenseWithSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -97,7 +94,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('fullPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurity, + mlLicenseWithSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -132,7 +129,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('upgradeWithFullPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurity, + mlLicenseWithSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -167,7 +164,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('upgradeWithPartialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurity, + mlLicenseWithSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -202,7 +199,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('partialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurityBasicLicense, + mlLicenseWithSecurityBasicLicense, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -237,7 +234,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('fullPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurityBasicLicense, + mlLicenseWithSecurityBasicLicense, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -272,7 +269,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('fullPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithSecurity, + mlLicenseWithSecurity, mlIsNotEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -309,7 +306,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('partialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithOutSecurity, + mlLicenseWithOutSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -344,7 +341,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('upgradeWithFullPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithOutSecurity, + mlLicenseWithOutSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -379,7 +376,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('upgradeWithPartialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithOutSecurity, + mlLicenseWithOutSecurity, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -414,7 +411,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('partialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithOutSecurityBasicLicense, + mlLicenseWithOutSecurityBasicLicense, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -449,7 +446,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('fullPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithOutSecurityBasicLicense, + mlLicenseWithOutSecurityBasicLicense, mlIsEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); @@ -484,7 +481,7 @@ describe('check_privileges', () => { const callWithRequest = callWithRequestProvider('partialPrivileges'); const { getPrivileges } = privilegesProvider( callWithRequest, - licenseCheckResultWithOutSecurity, + mlLicenseWithOutSecurity, mlIsNotEnabled ); const { capabilities, upgradeInProgress, mlFeatureEnabledInSpace } = await getPrivileges(); diff --git a/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.ts b/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.ts index a427780d13344..f26040385b9f5 100644 --- a/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.ts +++ b/x-pack/plugins/ml/server/lib/check_privileges/check_privileges.ts @@ -10,9 +10,7 @@ import { getDefaultPrivileges, } from '../../../../../legacy/plugins/ml/common/types/privileges'; import { upgradeCheckProvider } from './upgrade'; -import { checkLicense } from '../check_license'; -import { LICENSE_TYPE } from '../../../../../legacy/plugins/ml/common/constants/license'; -import { LicenseCheckResult } from '../../types'; +import { MlLicense } from '../../../../../legacy/plugins/ml/common/license'; import { mlPrivileges } from './privileges'; @@ -27,7 +25,7 @@ interface Response { export function privilegesProvider( callAsCurrentUser: IScopedClusterClient['callAsCurrentUser'], - licenseCheckResult: LicenseCheckResult, + mlLicense: MlLicense, isMlEnabledInSpace: () => Promise, ignoreSpaces: boolean = false ) { @@ -37,9 +35,9 @@ export function privilegesProvider( const privileges = getDefaultPrivileges(); const upgradeInProgress = await isUpgradeInProgress(); - const securityDisabled = licenseCheckResult.isSecurityDisabled; - const license = checkLicense(licenseCheckResult); - const isPlatinumOrTrialLicense = license.licenseType === LICENSE_TYPE.FULL; + const isSecurityEnabled = mlLicense.isSecurityEnabled(); + + const isPlatinumOrTrialLicense = mlLicense.isFullLicense(); const mlFeatureEnabledInSpace = await isMlEnabledInSpace(); const setGettingPrivileges = isPlatinumOrTrialLicense @@ -61,7 +59,7 @@ export function privilegesProvider( }; } - if (securityDisabled === true) { + if (isSecurityEnabled === false) { if (upgradeInProgress === true) { // if security is disabled and an upgrade in is progress, // force all "getting" privileges to be true diff --git a/x-pack/plugins/ml/server/lib/check_license/index.ts b/x-pack/plugins/ml/server/lib/license/index.ts similarity index 81% rename from x-pack/plugins/ml/server/lib/check_license/index.ts rename to x-pack/plugins/ml/server/lib/license/index.ts index f2c070fd44b6e..9c4271b65b00d 100644 --- a/x-pack/plugins/ml/server/lib/check_license/index.ts +++ b/x-pack/plugins/ml/server/lib/license/index.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { checkLicense } from './check_license'; +export { MlServerLicense } from './ml_server_license'; diff --git a/x-pack/plugins/ml/server/lib/license/ml_server_license.ts b/x-pack/plugins/ml/server/lib/license/ml_server_license.ts new file mode 100644 index 0000000000000..7602ab4919e81 --- /dev/null +++ b/x-pack/plugins/ml/server/lib/license/ml_server_license.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { + KibanaRequest, + KibanaResponseFactory, + RequestHandler, + RequestHandlerContext, +} from 'src/core/server'; + +import { MlLicense } from '../../../../../legacy/plugins/ml/common/license'; + +export class MlServerLicense extends MlLicense { + public fullLicenseAPIGuard(handler: RequestHandler) { + return guard(() => this.isFullLicense(), handler); + } + public basicLicenseAPIGuard(handler: RequestHandler) { + return guard(() => this.isMinimumLicense(), handler); + } +} + +function guard(check: () => boolean, handler: RequestHandler) { + return ( + context: RequestHandlerContext, + request: KibanaRequest, + response: KibanaResponseFactory + ) => { + if (check() === false) { + return response.forbidden(); + } + return handler(context, request, response); + }; +} diff --git a/x-pack/plugins/ml/server/lib/sample_data_sets/index.ts b/x-pack/plugins/ml/server/lib/sample_data_sets/index.ts index c922c9eb7c029..50553cfa7b889 100644 --- a/x-pack/plugins/ml/server/lib/sample_data_sets/index.ts +++ b/x-pack/plugins/ml/server/lib/sample_data_sets/index.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { addLinksToSampleDatasets } from './sample_data_sets'; +export { initSampleDataSets } from './sample_data_sets'; diff --git a/x-pack/plugins/ml/server/lib/sample_data_sets/sample_data_sets.ts b/x-pack/plugins/ml/server/lib/sample_data_sets/sample_data_sets.ts index 2082538adfed1..3fd99051a2484 100644 --- a/x-pack/plugins/ml/server/lib/sample_data_sets/sample_data_sets.ts +++ b/x-pack/plugins/ml/server/lib/sample_data_sets/sample_data_sets.ts @@ -5,23 +5,32 @@ */ import { i18n } from '@kbn/i18n'; +import { MlLicense } from '../../../../../legacy/plugins/ml/common/license'; +import { PluginsSetup } from '../../types'; -export function addLinksToSampleDatasets(server: any) { - const sampleDataLinkLabel = i18n.translate('xpack.ml.sampleDataLinkLabel', { - defaultMessage: 'ML jobs', - }); +export function initSampleDataSets(mlLicense: MlLicense, plugins: PluginsSetup) { + if (mlLicense.isMlEnabled() && mlLicense.isFullLicense()) { + const sampleDataLinkLabel = i18n.translate('xpack.ml.sampleDataLinkLabel', { + defaultMessage: 'ML jobs', + }); + const { addAppLinksToSampleDataset } = plugins.home.sampleData; - server.addAppLinksToSampleDataset('ecommerce', { - path: - '/app/ml#/modules/check_view_or_create?id=sample_data_ecommerce&index=ff959d40-b880-11e8-a6d9-e546fe2bba5f', - label: sampleDataLinkLabel, - icon: 'machineLearningApp', - }); + addAppLinksToSampleDataset('ecommerce', [ + { + path: + '/app/ml#/modules/check_view_or_create?id=sample_data_ecommerce&index=ff959d40-b880-11e8-a6d9-e546fe2bba5f', + label: sampleDataLinkLabel, + icon: 'machineLearningApp', + }, + ]); - server.addAppLinksToSampleDataset('logs', { - path: - '/app/ml#/modules/check_view_or_create?id=sample_data_weblogs&index=90943e30-9a47-11e8-b64d-95841ca0b247', - label: sampleDataLinkLabel, - icon: 'machineLearningApp', - }); + addAppLinksToSampleDataset('logs', [ + { + path: + '/app/ml#/modules/check_view_or_create?id=sample_data_weblogs&index=90943e30-9a47-11e8-b64d-95841ca0b247', + label: sampleDataLinkLabel, + icon: 'machineLearningApp', + }, + ]); + } } diff --git a/x-pack/plugins/ml/server/plugin.ts b/x-pack/plugins/ml/server/plugin.ts index b5adf1fedec79..a3f5733738432 100644 --- a/x-pack/plugins/ml/server/plugin.ts +++ b/x-pack/plugins/ml/server/plugin.ts @@ -6,15 +6,14 @@ import { i18n } from '@kbn/i18n'; import { CoreSetup, IScopedClusterClient, Logger, PluginInitializerContext } from 'src/core/server'; -import { LicenseCheckResult, PluginsSetup, RouteInitialization } from './types'; +import { PluginsSetup, RouteInitialization } from './types'; import { PLUGIN_ID } from '../../../legacy/plugins/ml/common/constants/app'; -import { VALID_FULL_LICENSE_MODES } from '../../../legacy/plugins/ml/common/constants/license'; // @ts-ignore: could not find declaration file for module import { elasticsearchJsPlugin } from './client/elasticsearch_ml'; import { makeMlUsageCollector } from './lib/ml_telemetry'; import { initMlServerLog } from './client/log'; -import { addLinksToSampleDatasets } from './lib/sample_data_sets'; +import { initSampleDataSets } from './lib/sample_data_sets'; import { annotationRoutes } from './routes/annotations'; import { calendars } from './routes/calendars'; @@ -33,6 +32,8 @@ import { jobValidationRoutes } from './routes/job_validation'; import { notificationRoutes } from './routes/notification_settings'; import { resultsServiceRoutes } from './routes/results_service'; import { systemRoutes } from './routes/system'; +import { MlLicense } from '../../../legacy/plugins/ml/common/license'; +import { MlServerLicense } from './lib/license'; declare module 'kibana/server' { interface RequestHandlerContext { @@ -43,25 +44,17 @@ declare module 'kibana/server' { } export class MlServerPlugin { - private readonly pluginId: string = PLUGIN_ID; private log: Logger; private version: string; - - private licenseCheckResults: LicenseCheckResult = { - isAvailable: false, - isActive: false, - isEnabled: false, - isSecurityDisabled: false, - }; + private mlLicense: MlServerLicense; constructor(ctx: PluginInitializerContext) { this.log = ctx.logger.get(); this.version = ctx.env.packageInfo.branch; + this.mlLicense = new MlServerLicense(); } public setup(coreSetup: CoreSetup, plugins: PluginsSetup) { - let sampleLinksInitialized = false; - plugins.features.registerFeature({ id: PLUGIN_ID, name: i18n.translate('xpack.ml.featureRegistry.mlFeatureName', { @@ -87,6 +80,10 @@ export class MlServerPlugin { }, }); + this.mlLicense.setup(plugins.licensing.license$, [ + (mlLicense: MlLicense) => initSampleDataSets(mlLicense, plugins), + ]); + // Can access via router's handler function 'context' parameter - context.ml.mlClient const mlClient = coreSetup.elasticsearch.createClient(PLUGIN_ID, { plugins: [elasticsearchJsPlugin], @@ -100,7 +97,7 @@ export class MlServerPlugin { const routeInit: RouteInitialization = { router: coreSetup.http.createRouter(), - getLicenseCheckResults: () => this.licenseCheckResults, + mlLicense: this.mlLicense, }; annotationRoutes(routeInit, plugins.security); @@ -127,42 +124,11 @@ export class MlServerPlugin { coreSetup.getStartServices().then(([core]) => { makeMlUsageCollector(plugins.usageCollection, core.savedObjects); }); - - plugins.licensing.license$.subscribe(async license => { - const { isEnabled: securityIsEnabled } = license.getFeature('security'); - // @ts-ignore isAvailable is not read - const { isAvailable, isEnabled } = license.getFeature(this.pluginId); - - this.licenseCheckResults = { - isActive: license.isActive, - // This `isAvailable` check for the ml plugin returns false for a basic license - // ML should be available on basic with reduced functionality (only file data visualizer) - // TODO: This will need to be updated in the second step of this cutover to NP. - isAvailable: isEnabled, - isEnabled, - isSecurityDisabled: securityIsEnabled === false, - type: license.type, - }; - - if (sampleLinksInitialized === false) { - sampleLinksInitialized = true; - // Add links to the Kibana sample data sets if ml is enabled - // and license is trial or platinum. - if (isEnabled === true && plugins.home) { - if ( - this.licenseCheckResults.type && - VALID_FULL_LICENSE_MODES.includes(this.licenseCheckResults.type) - ) { - addLinksToSampleDatasets({ - addAppLinksToSampleDataset: plugins.home.sampleData.addAppLinksToSampleDataset, - }); - } - } - } - }); } public start() {} - public stop() {} + public stop() { + this.mlLicense.unsubscribe(); + } } diff --git a/x-pack/plugins/ml/server/routes/annotations.ts b/x-pack/plugins/ml/server/routes/annotations.ts index bcc0238c366a3..16483bf8b887e 100644 --- a/x-pack/plugins/ml/server/routes/annotations.ts +++ b/x-pack/plugins/ml/server/routes/annotations.ts @@ -13,7 +13,6 @@ import { SecurityPluginSetup } from '../../../security/server'; import { isAnnotationsFeatureAvailable } from '../lib/check_annotations'; import { annotationServiceProvider } from '../models/annotation_service'; import { wrapError } from '../client/error_wrapper'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization } from '../types'; import { deleteAnnotationSchema, @@ -36,7 +35,7 @@ function getAnnotationsFeatureUnavailableErrorMessage() { * Routes for annotations */ export function annotationRoutes( - { router, getLicenseCheckResults }: RouteInitialization, + { router, mlLicense }: RouteInitialization, securityPlugin: SecurityPluginSetup ) { /** @@ -61,7 +60,7 @@ export function annotationRoutes( body: schema.object(getAnnotationsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { getAnnotations } = annotationServiceProvider(context); const resp = await getAnnotations(request.body); @@ -92,7 +91,7 @@ export function annotationRoutes( body: schema.object(indexAnnotationSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const annotationsFeatureAvailable = await isAnnotationsFeatureAvailable( context.ml!.mlClient.callAsCurrentUser @@ -131,7 +130,7 @@ export function annotationRoutes( params: schema.object(deleteAnnotationSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const annotationsFeatureAvailable = await isAnnotationsFeatureAvailable( context.ml!.mlClient.callAsCurrentUser diff --git a/x-pack/plugins/ml/server/routes/anomaly_detectors.ts b/x-pack/plugins/ml/server/routes/anomaly_detectors.ts index 7bf2fb7bc6903..5e1ca72a7200d 100644 --- a/x-pack/plugins/ml/server/routes/anomaly_detectors.ts +++ b/x-pack/plugins/ml/server/routes/anomaly_detectors.ts @@ -6,7 +6,6 @@ import { schema } from '@kbn/config-schema'; import { wrapError } from '../client/error_wrapper'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization } from '../types'; import { anomalyDetectionJobSchema, @@ -16,7 +15,7 @@ import { /** * Routes for the anomaly detectors */ -export function jobRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function jobRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup AnomalyDetectors * @@ -32,7 +31,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio path: '/api/ml/anomaly_detectors', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.jobs'); return response.ok({ @@ -62,7 +61,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.jobs', { jobId }); @@ -90,7 +89,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio path: '/api/ml/anomaly_detectors/_stats', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.jobStats'); return response.ok({ @@ -120,7 +119,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.jobStats', { jobId }); @@ -152,7 +151,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio body: schema.object({ ...anomalyDetectionJobSchema }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.addJob', { @@ -187,7 +186,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio body: schema.object({ ...anomalyDetectionUpdateJobSchema }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.updateJob', { @@ -221,7 +220,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.openJob', { @@ -254,7 +253,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const options: { jobId: string; force?: boolean } = { jobId: request.params.jobId, @@ -291,7 +290,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const options: { jobId: string; force?: boolean } = { jobId: request.params.jobId, @@ -326,7 +325,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio body: schema.any(), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.validateDetector', { body: request.body, @@ -359,7 +358,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio body: schema.object({ duration: schema.any() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const jobId = request.params.jobId; const duration = request.body.duration; @@ -407,7 +406,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.records', { jobId: request.params.jobId, @@ -456,7 +455,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.buckets', { jobId: request.params.jobId, @@ -499,7 +498,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.overallBuckets', { jobId: request.params.jobId, @@ -537,7 +536,7 @@ export function jobRoutes({ router, getLicenseCheckResults }: RouteInitializatio }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const options = { jobId: request.params.jobId, diff --git a/x-pack/plugins/ml/server/routes/calendars.ts b/x-pack/plugins/ml/server/routes/calendars.ts index ae494d3578890..5d1161e928d11 100644 --- a/x-pack/plugins/ml/server/routes/calendars.ts +++ b/x-pack/plugins/ml/server/routes/calendars.ts @@ -6,7 +6,6 @@ import { RequestHandlerContext } from 'src/core/server'; import { schema } from '@kbn/config-schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { calendarSchema } from './schemas/calendars_schema'; @@ -42,13 +41,13 @@ function getCalendarsByIds(context: RequestHandlerContext, calendarIds: string) return cal.getCalendarsByIds(calendarIds); } -export function calendars({ router, getLicenseCheckResults }: RouteInitialization) { +export function calendars({ router, mlLicense }: RouteInitialization) { router.get( { path: '/api/ml/calendars', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getAllCalendars(context); @@ -68,7 +67,7 @@ export function calendars({ router, getLicenseCheckResults }: RouteInitializatio params: schema.object({ calendarIds: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { let returnValue; try { const calendarIds = request.params.calendarIds.split(','); @@ -95,7 +94,7 @@ export function calendars({ router, getLicenseCheckResults }: RouteInitializatio body: schema.object({ ...calendarSchema }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const body = request.body; const resp = await newCalendar(context, body); @@ -117,7 +116,7 @@ export function calendars({ router, getLicenseCheckResults }: RouteInitializatio body: schema.object({ ...calendarSchema }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { calendarId } = request.params; const body = request.body; @@ -139,7 +138,7 @@ export function calendars({ router, getLicenseCheckResults }: RouteInitializatio params: schema.object({ calendarId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { calendarId } = request.params; const resp = await deleteCalendar(context, calendarId); diff --git a/x-pack/plugins/ml/server/routes/data_frame_analytics.ts b/x-pack/plugins/ml/server/routes/data_frame_analytics.ts index 0a93320c05eb5..7ed1aa02b24ab 100644 --- a/x-pack/plugins/ml/server/routes/data_frame_analytics.ts +++ b/x-pack/plugins/ml/server/routes/data_frame_analytics.ts @@ -7,7 +7,6 @@ import { schema } from '@kbn/config-schema'; import { wrapError } from '../client/error_wrapper'; import { analyticsAuditMessagesProvider } from '../models/data_frame_analytics/analytics_audit_messages'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization } from '../types'; import { dataAnalyticsJobConfigSchema, @@ -18,7 +17,7 @@ import { /** * Routes for the data frame analytics */ -export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function dataFrameAnalyticsRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup DataFrameAnalytics * @@ -36,7 +35,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou params: schema.object({ analyticsId: schema.maybe(schema.string()) }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser('ml.getDataFrameAnalytics'); return response.ok({ @@ -64,7 +63,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou params: schema.object({ analyticsId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { analyticsId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.getDataFrameAnalytics', { @@ -91,7 +90,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou path: '/api/ml/data_frame/analytics/_stats', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser( 'ml.getDataFrameAnalyticsStats' @@ -121,7 +120,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou params: schema.object({ analyticsId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { analyticsId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser( @@ -159,7 +158,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou body: schema.object(dataAnalyticsJobConfigSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { analyticsId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser( @@ -192,7 +191,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou body: schema.object({ ...dataAnalyticsEvaluateSchema }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser( 'ml.evaluateDataFrameAnalytics', @@ -232,7 +231,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou body: schema.object({ ...dataAnalyticsExplainSchema }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const results = await context.ml!.mlClient.callAsCurrentUser( 'ml.explainDataFrameAnalytics', @@ -267,7 +266,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { analyticsId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser( @@ -303,7 +302,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { analyticsId } = request.params; const results = await context.ml!.mlClient.callAsCurrentUser('ml.startDataFrameAnalytics', { @@ -337,7 +336,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const options: { analyticsId: string; force?: boolean | undefined } = { analyticsId: request.params.analyticsId, @@ -377,7 +376,7 @@ export function dataFrameAnalyticsRoutes({ router, getLicenseCheckResults }: Rou params: schema.object({ analyticsId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { analyticsId } = request.params; const { getAnalyticsAuditMessages } = analyticsAuditMessagesProvider( diff --git a/x-pack/plugins/ml/server/routes/data_visualizer.ts b/x-pack/plugins/ml/server/routes/data_visualizer.ts index e4d068784def1..b37c80b815e1a 100644 --- a/x-pack/plugins/ml/server/routes/data_visualizer.ts +++ b/x-pack/plugins/ml/server/routes/data_visualizer.ts @@ -12,7 +12,6 @@ import { dataVisualizerFieldStatsSchema, dataVisualizerOverallStatsSchema, } from './schemas/data_visualizer_schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization } from '../types'; function getOverallStats( @@ -68,7 +67,7 @@ function getStatsForFields( /** * Routes for the index data visualizer. */ -export function dataVisualizerRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function dataVisualizerRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup DataVisualizer * @@ -83,7 +82,7 @@ export function dataVisualizerRoutes({ router, getLicenseCheckResults }: RouteIn path: '/api/ml/data_visualizer/get_field_stats/{indexPatternTitle}', validate: dataVisualizerFieldStatsSchema, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const { params: { indexPatternTitle }, @@ -135,7 +134,7 @@ export function dataVisualizerRoutes({ router, getLicenseCheckResults }: RouteIn path: '/api/ml/data_visualizer/get_overall_stats/{indexPatternTitle}', validate: dataVisualizerOverallStatsSchema, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const { params: { indexPatternTitle }, diff --git a/x-pack/plugins/ml/server/routes/datafeeds.ts b/x-pack/plugins/ml/server/routes/datafeeds.ts index e3bce4c1328e4..c1ee839340996 100644 --- a/x-pack/plugins/ml/server/routes/datafeeds.ts +++ b/x-pack/plugins/ml/server/routes/datafeeds.ts @@ -5,7 +5,6 @@ */ import { schema } from '@kbn/config-schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { startDatafeedSchema, datafeedConfigSchema } from './schemas/datafeeds_schema'; @@ -13,7 +12,7 @@ import { startDatafeedSchema, datafeedConfigSchema } from './schemas/datafeeds_s /** * Routes for datafeed service */ -export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function dataFeedRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup DatafeedService * @@ -26,7 +25,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali path: '/api/ml/datafeeds', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await context.ml!.mlClient.callAsCurrentUser('ml.datafeeds'); @@ -53,7 +52,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali params: schema.object({ datafeedId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; const resp = await context.ml!.mlClient.callAsCurrentUser('ml.datafeeds', { datafeedId }); @@ -79,7 +78,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali path: '/api/ml/datafeeds/_stats', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await context.ml!.mlClient.callAsCurrentUser('ml.datafeedStats'); @@ -106,7 +105,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali params: schema.object({ datafeedId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; const resp = await context.ml!.mlClient.callAsCurrentUser('ml.datafeedStats', { @@ -137,7 +136,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali body: datafeedConfigSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; const resp = await context.ml!.mlClient.callAsCurrentUser('ml.addDatafeed', { @@ -169,7 +168,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali body: datafeedConfigSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; const resp = await context.ml!.mlClient.callAsCurrentUser('ml.updateDatafeed', { @@ -201,7 +200,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali query: schema.maybe(schema.object({ force: schema.maybe(schema.any()) })), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const options: { datafeedId: string; force?: boolean } = { datafeedId: request.params.jobId, @@ -237,7 +236,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali body: startDatafeedSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; const { start, end } = request.body; @@ -271,7 +270,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali params: schema.object({ datafeedId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; @@ -302,7 +301,7 @@ export function dataFeedRoutes({ router, getLicenseCheckResults }: RouteInitiali params: schema.object({ datafeedId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const datafeedId = request.params.datafeedId; const resp = await context.ml!.mlClient.callAsCurrentUser('ml.datafeedPreview', { diff --git a/x-pack/plugins/ml/server/routes/fields_service.ts b/x-pack/plugins/ml/server/routes/fields_service.ts index bc092190c2c62..f4d4e5759a105 100644 --- a/x-pack/plugins/ml/server/routes/fields_service.ts +++ b/x-pack/plugins/ml/server/routes/fields_service.ts @@ -5,7 +5,6 @@ */ import { RequestHandlerContext } from 'src/core/server'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { @@ -29,7 +28,7 @@ function getTimeFieldRange(context: RequestHandlerContext, payload: any) { /** * Routes for fields service */ -export function fieldsService({ router, getLicenseCheckResults }: RouteInitialization) { +export function fieldsService({ router, mlLicense }: RouteInitialization) { /** * @apiGroup FieldsService * @@ -44,7 +43,8 @@ export function fieldsService({ router, getLicenseCheckResults }: RouteInitializ body: getCardinalityOfFieldsSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getCardinalityOfFields(context, request.body); @@ -71,7 +71,7 @@ export function fieldsService({ router, getLicenseCheckResults }: RouteInitializ body: getTimeFieldRangeSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const resp = await getTimeFieldRange(context, request.body); diff --git a/x-pack/plugins/ml/server/routes/file_data_visualizer.ts b/x-pack/plugins/ml/server/routes/file_data_visualizer.ts index 1d724a8843350..69ec79704deee 100644 --- a/x-pack/plugins/ml/server/routes/file_data_visualizer.ts +++ b/x-pack/plugins/ml/server/routes/file_data_visualizer.ts @@ -18,7 +18,6 @@ import { Mappings, } from '../models/file_data_visualizer'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization } from '../types'; import { incrementFileDataVisualizerIndexCreationCount } from '../lib/ml_telemetry'; @@ -43,7 +42,7 @@ function importData( /** * Routes for the file data visualizer. */ -export function fileDataVisualizerRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function fileDataVisualizerRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup FileDataVisualizer * @@ -82,7 +81,7 @@ export function fileDataVisualizerRoutes({ router, getLicenseCheckResults }: Rou }, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const result = await analyzeFiles(context, request.body, request.query); return response.ok({ body: result }); @@ -124,7 +123,7 @@ export function fileDataVisualizerRoutes({ router, getLicenseCheckResults }: Rou }, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const { id } = request.query; const { index, data, settings, mappings, ingestPipeline } = request.body; diff --git a/x-pack/plugins/ml/server/routes/filters.ts b/x-pack/plugins/ml/server/routes/filters.ts index d5530668b2606..1f8891c247c67 100644 --- a/x-pack/plugins/ml/server/routes/filters.ts +++ b/x-pack/plugins/ml/server/routes/filters.ts @@ -6,7 +6,6 @@ import { RequestHandlerContext } from 'src/core/server'; import { schema } from '@kbn/config-schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { createFilterSchema, updateFilterSchema } from './schemas/filters_schema'; @@ -44,7 +43,7 @@ function deleteFilter(context: RequestHandlerContext, filterId: string) { return mgr.deleteFilter(filterId); } -export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function filtersRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup Filters * @@ -60,7 +59,7 @@ export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitializ path: '/api/ml/filters', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getAllFilters(context); @@ -90,7 +89,7 @@ export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitializ params: schema.object({ filterId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getFilter(context, request.params.filterId); return response.ok({ @@ -119,7 +118,7 @@ export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitializ body: schema.object(createFilterSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const body = request.body; const resp = await newFilter(context, body); @@ -151,7 +150,7 @@ export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitializ body: schema.object(updateFilterSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { filterId } = request.params; const body = request.body; @@ -182,7 +181,7 @@ export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitializ params: schema.object({ filterId: schema.string() }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { filterId } = request.params; const resp = await deleteFilter(context, filterId); @@ -212,7 +211,7 @@ export function filtersRoutes({ router, getLicenseCheckResults }: RouteInitializ path: '/api/ml/filters/_stats', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getAllFilterStats(context); diff --git a/x-pack/plugins/ml/server/routes/indices.ts b/x-pack/plugins/ml/server/routes/indices.ts index e01a7a0cbad28..fe66cc8b01396 100644 --- a/x-pack/plugins/ml/server/routes/indices.ts +++ b/x-pack/plugins/ml/server/routes/indices.ts @@ -6,13 +6,12 @@ import { schema } from '@kbn/config-schema'; import { wrapError } from '../client/error_wrapper'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization } from '../types'; /** * Indices routes. */ -export function indicesRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function indicesRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup Indices * @@ -30,7 +29,7 @@ export function indicesRoutes({ router, getLicenseCheckResults }: RouteInitializ }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { body: { index, fields: requestFields }, diff --git a/x-pack/plugins/ml/server/routes/job_audit_messages.ts b/x-pack/plugins/ml/server/routes/job_audit_messages.ts index 38df28e17ec0d..5c6d8023cc172 100644 --- a/x-pack/plugins/ml/server/routes/job_audit_messages.ts +++ b/x-pack/plugins/ml/server/routes/job_audit_messages.ts @@ -5,7 +5,6 @@ */ import { schema } from '@kbn/config-schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { jobAuditMessagesProvider } from '../models/job_audit_messages'; @@ -13,7 +12,7 @@ import { jobAuditMessagesProvider } from '../models/job_audit_messages'; /** * Routes for job audit message routes */ -export function jobAuditMessagesRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function jobAuditMessagesRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup JobAuditMessages * @@ -29,7 +28,7 @@ export function jobAuditMessagesRoutes({ router, getLicenseCheckResults }: Route query: schema.maybe(schema.object({ from: schema.maybe(schema.any()) })), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { getJobAuditMessages } = jobAuditMessagesProvider( context.ml!.mlClient.callAsCurrentUser @@ -62,7 +61,7 @@ export function jobAuditMessagesRoutes({ router, getLicenseCheckResults }: Route query: schema.maybe(schema.object({ from: schema.maybe(schema.any()) })), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { getJobAuditMessages } = jobAuditMessagesProvider( context.ml!.mlClient.callAsCurrentUser diff --git a/x-pack/plugins/ml/server/routes/job_service.ts b/x-pack/plugins/ml/server/routes/job_service.ts index e15888088d3a1..9ad2f80a1e66b 100644 --- a/x-pack/plugins/ml/server/routes/job_service.ts +++ b/x-pack/plugins/ml/server/routes/job_service.ts @@ -7,7 +7,6 @@ import Boom from 'boom'; import { schema } from '@kbn/config-schema'; import { IScopedClusterClient } from 'src/core/server'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { @@ -28,12 +27,11 @@ import { categorizationExamplesProvider } from '../models/job_service/new_job'; /** * Routes for job service */ -export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function jobServiceRoutes({ router, mlLicense }: RouteInitialization) { async function hasPermissionToCreateJobs( callAsCurrentUser: IScopedClusterClient['callAsCurrentUser'] ) { - const { isSecurityDisabled } = getLicenseCheckResults(); - if (isSecurityDisabled === true) { + if (mlLicense.isSecurityEnabled() === false) { return true; } @@ -63,7 +61,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(forceStartDatafeedSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { forceStartDatafeeds } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { datafeedIds, start, end } = request.body; @@ -92,7 +90,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(datafeedIdsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { stopDatafeeds } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { datafeedIds } = request.body; @@ -121,7 +119,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(jobIdsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { deleteJobs } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobIds } = request.body; @@ -150,7 +148,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(jobIdsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { closeJobs } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobIds } = request.body; @@ -179,7 +177,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(jobIdsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobsSummary } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobIds } = request.body; @@ -208,7 +206,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(jobsWithTimerangeSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobsWithTimerange } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { dateFormatTz } = request.body; @@ -237,7 +235,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(jobIdsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { createFullJobsList } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobIds } = request.body; @@ -264,7 +262,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia path: '/api/ml/jobs/groups', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { getAllGroups } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const resp = await getAllGroups(); @@ -292,7 +290,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(updateGroupsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { updateGroups } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobs } = request.body; @@ -319,7 +317,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia path: '/api/ml/jobs/deleting_jobs_tasks', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { deletingJobTasks } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const resp = await deletingJobTasks(); @@ -347,7 +345,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(jobIdsSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { jobsExist } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobIds } = request.body; @@ -377,7 +375,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia query: schema.maybe(schema.object({ rollup: schema.maybe(schema.string()) })), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { indexPattern } = request.params; const isRollup = request.query.rollup === 'true'; @@ -408,7 +406,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(chartSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { indexPatternTitle, @@ -461,7 +459,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(chartSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { indexPatternTitle, @@ -509,7 +507,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia path: '/api/ml/jobs/all_jobs_and_group_ids', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { getAllJobAndGroupIds } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const resp = await getAllJobAndGroupIds(); @@ -537,7 +535,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(lookBackProgressSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { getLookBackProgress } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobId, start, end } = request.body; @@ -566,7 +564,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(categorizationFieldExamplesSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { // due to the use of the _analyze endpoint which is called by the kibana user, // basic job creation privileges are required to use this endpoint @@ -625,7 +623,7 @@ export function jobServiceRoutes({ router, getLicenseCheckResults }: RouteInitia body: schema.object(topCategoriesSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { topCategories } = jobServiceProvider(context.ml!.mlClient.callAsCurrentUser); const { jobId, count } = request.body; diff --git a/x-pack/plugins/ml/server/routes/job_validation.ts b/x-pack/plugins/ml/server/routes/job_validation.ts index ae2e6885ba0f3..7d5a7a2285977 100644 --- a/x-pack/plugins/ml/server/routes/job_validation.ts +++ b/x-pack/plugins/ml/server/routes/job_validation.ts @@ -7,7 +7,6 @@ import Boom from 'boom'; import { RequestHandlerContext } from 'src/core/server'; import { schema, TypeOf } from '@kbn/config-schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { @@ -25,10 +24,7 @@ type CalculateModelMemoryLimitPayload = TypeOf; /** * Routes for job validation */ -export function jobValidationRoutes( - { getLicenseCheckResults, router }: RouteInitialization, - version: string -) { +export function jobValidationRoutes({ router, mlLicense }: RouteInitialization, version: string) { function calculateModelMemoryLimit( context: RequestHandlerContext, payload: CalculateModelMemoryLimitPayload @@ -70,13 +66,13 @@ export function jobValidationRoutes( body: estimateBucketSpanSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { let errorResp; const resp = await estimateBucketSpanFactory( context.ml!.mlClient.callAsCurrentUser, context.core.elasticsearch.adminClient.callAsInternalUser, - getLicenseCheckResults().isSecurityDisabled + mlLicense.isSecurityEnabled() === false )(request.body) // this catch gets triggered when the estimation code runs without error // but isn't able to come up with a bucket span estimation. @@ -117,7 +113,7 @@ export function jobValidationRoutes( body: modelMemoryLimitSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await calculateModelMemoryLimit(context, request.body); @@ -144,7 +140,7 @@ export function jobValidationRoutes( body: schema.object(validateCardinalitySchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await validateCardinality( context.ml!.mlClient.callAsCurrentUser, @@ -174,7 +170,7 @@ export function jobValidationRoutes( body: validateJobSchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { // version corresponds to the version used in documentation links. const resp = await validateJob( @@ -182,7 +178,7 @@ export function jobValidationRoutes( request.body, version, context.core.elasticsearch.adminClient.callAsInternalUser, - getLicenseCheckResults().isSecurityDisabled + mlLicense.isSecurityEnabled() === false ); return response.ok({ diff --git a/x-pack/plugins/ml/server/routes/license_check_pre_routing_factory.ts b/x-pack/plugins/ml/server/routes/license_check_pre_routing_factory.ts deleted file mode 100644 index a371af1abf2d1..0000000000000 --- a/x-pack/plugins/ml/server/routes/license_check_pre_routing_factory.ts +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { - KibanaRequest, - KibanaResponseFactory, - RequestHandler, - RequestHandlerContext, -} from 'src/core/server'; -import { LicenseCheckResult } from '../types'; - -export const licensePreRoutingFactory = ( - getLicenseCheckResults: () => LicenseCheckResult, - handler: RequestHandler -): RequestHandler => { - // License checking and enable/disable logic - return function licensePreRouting( - ctx: RequestHandlerContext, - request: KibanaRequest, - response: KibanaResponseFactory - ) { - const licenseCheckResults = getLicenseCheckResults(); - - if (!licenseCheckResults.isAvailable) { - return response.forbidden(); - } - - return handler(ctx, request, response); - }; -}; diff --git a/x-pack/plugins/ml/server/routes/modules.ts b/x-pack/plugins/ml/server/routes/modules.ts index c9b005d4e43f9..a51718acb7425 100644 --- a/x-pack/plugins/ml/server/routes/modules.ts +++ b/x-pack/plugins/ml/server/routes/modules.ts @@ -9,7 +9,6 @@ import { RequestHandlerContext } from 'kibana/server'; import { DatafeedOverride, JobOverride } from '../../../../legacy/plugins/ml/common/types/modules'; import { wrapError } from '../client/error_wrapper'; import { DataRecognizer } from '../models/data_recognizer'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { getModuleIdParamSchema, setupModuleBodySchema } from './schemas/modules'; import { RouteInitialization } from '../types'; @@ -65,7 +64,7 @@ function dataRecognizerJobsExist(context: RequestHandlerContext, moduleId: strin /** * Recognizer routes. */ -export function dataRecognizer({ router, getLicenseCheckResults }: RouteInitialization) { +export function dataRecognizer({ router, mlLicense }: RouteInitialization) { /** * @apiGroup DataRecognizer * @@ -84,7 +83,7 @@ export function dataRecognizer({ router, getLicenseCheckResults }: RouteInitiali }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { indexPatternTitle } = request.params; const results = await recognize(context, indexPatternTitle); @@ -114,7 +113,7 @@ export function dataRecognizer({ router, getLicenseCheckResults }: RouteInitiali }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { let { moduleId } = request.params; if (moduleId === '') { @@ -150,7 +149,7 @@ export function dataRecognizer({ router, getLicenseCheckResults }: RouteInitiali body: setupModuleBodySchema, }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { moduleId } = request.params; @@ -207,7 +206,7 @@ export function dataRecognizer({ router, getLicenseCheckResults }: RouteInitiali }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const { moduleId } = request.params; const result = await dataRecognizerJobsExist(context, moduleId); diff --git a/x-pack/plugins/ml/server/routes/notification_settings.ts b/x-pack/plugins/ml/server/routes/notification_settings.ts index b68d2441333f9..59458b1e486db 100644 --- a/x-pack/plugins/ml/server/routes/notification_settings.ts +++ b/x-pack/plugins/ml/server/routes/notification_settings.ts @@ -4,14 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; /** * Routes for notification settings */ -export function notificationRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function notificationRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup NotificationSettings * @@ -24,7 +23,7 @@ export function notificationRoutes({ router, getLicenseCheckResults }: RouteInit path: '/api/ml/notification_settings', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const params = { includeDefaults: true, diff --git a/x-pack/plugins/ml/server/routes/results_service.ts b/x-pack/plugins/ml/server/routes/results_service.ts index 77c998acc9f27..7a12e5196b9a5 100644 --- a/x-pack/plugins/ml/server/routes/results_service.ts +++ b/x-pack/plugins/ml/server/routes/results_service.ts @@ -6,7 +6,6 @@ import { RequestHandlerContext } from 'src/core/server'; import { schema } from '@kbn/config-schema'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { wrapError } from '../client/error_wrapper'; import { RouteInitialization } from '../types'; import { @@ -74,7 +73,7 @@ function getPartitionFieldsValues(context: RequestHandlerContext, payload: any) /** * Routes for results service */ -export function resultsServiceRoutes({ router, getLicenseCheckResults }: RouteInitialization) { +export function resultsServiceRoutes({ router, mlLicense }: RouteInitialization) { /** * @apiGroup ResultsService * @@ -89,7 +88,7 @@ export function resultsServiceRoutes({ router, getLicenseCheckResults }: RouteIn body: schema.object(anomaliesTableDataSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getAnomaliesTableData(context, request.body); @@ -116,7 +115,7 @@ export function resultsServiceRoutes({ router, getLicenseCheckResults }: RouteIn body: schema.object(categoryDefinitionSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getCategoryDefinition(context, request.body); @@ -143,7 +142,7 @@ export function resultsServiceRoutes({ router, getLicenseCheckResults }: RouteIn body: schema.object(maxAnomalyScoreSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getMaxAnomalyScore(context, request.body); @@ -170,7 +169,7 @@ export function resultsServiceRoutes({ router, getLicenseCheckResults }: RouteIn body: schema.object(categoryExamplesSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getCategoryExamples(context, request.body); @@ -197,7 +196,7 @@ export function resultsServiceRoutes({ router, getLicenseCheckResults }: RouteIn body: schema.object(partitionFieldValuesSchema), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { const resp = await getPartitionFieldsValues(context, request.body); diff --git a/x-pack/plugins/ml/server/routes/system.ts b/x-pack/plugins/ml/server/routes/system.ts index 36a9ea1447f58..a0d7d312c04d4 100644 --- a/x-pack/plugins/ml/server/routes/system.ts +++ b/x-pack/plugins/ml/server/routes/system.ts @@ -12,14 +12,13 @@ import { wrapError } from '../client/error_wrapper'; import { mlLog } from '../client/log'; import { privilegesProvider } from '../lib/check_privileges'; import { spacesUtilsProvider } from '../lib/spaces_utils'; -import { licensePreRoutingFactory } from './license_check_pre_routing_factory'; import { RouteInitialization, SystemRouteDeps } from '../types'; /** * System routes */ export function systemRoutes( - { getLicenseCheckResults, router }: RouteInitialization, + { router, mlLicense }: RouteInitialization, { spacesPlugin, cloud }: SystemRouteDeps ) { async function getNodeCount(context: RequestHandlerContext) { @@ -56,7 +55,7 @@ export function systemRoutes( body: schema.maybe(schema.any()), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { let upgradeInProgress = false; try { @@ -77,7 +76,7 @@ export function systemRoutes( } } - if (getLicenseCheckResults().isSecurityDisabled) { + if (mlLicense.isSecurityEnabled() === false) { // if xpack.security.enabled has been explicitly set to false // return that security is disabled and don't call the privilegeCheck endpoint return response.ok({ @@ -116,7 +115,7 @@ export function systemRoutes( }), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const ignoreSpaces = request.query && request.query.ignoreSpaces === 'true'; // if spaces is disabled force isMlEnabledInSpace to be true @@ -127,7 +126,7 @@ export function systemRoutes( const { getPrivileges } = privilegesProvider( context.ml!.mlClient.callAsCurrentUser, - getLicenseCheckResults(), + mlLicense, isMlEnabledInSpace, ignoreSpaces ); @@ -152,11 +151,11 @@ export function systemRoutes( path: '/api/ml/ml_node_count', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { // check for basic license first for consistency with other // security disabled checks - if (getLicenseCheckResults().isSecurityDisabled) { + if (mlLicense.isSecurityEnabled() === false) { return response.ok({ body: await getNodeCount(context), }); @@ -203,7 +202,7 @@ export function systemRoutes( path: '/api/ml/info', validate: false, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.basicLicenseAPIGuard(async (context, request, response) => { try { const info = await context.ml!.mlClient.callAsCurrentUser('ml.info'); const cloudId = cloud && cloud.cloudId; @@ -231,7 +230,7 @@ export function systemRoutes( body: schema.maybe(schema.any()), }, }, - licensePreRoutingFactory(getLicenseCheckResults, async (context, request, response) => { + mlLicense.fullLicenseAPIGuard(async (context, request, response) => { try { return response.ok({ body: await context.ml!.mlClient.callAsCurrentUser('search', request.body), diff --git a/x-pack/plugins/ml/server/types.ts b/x-pack/plugins/ml/server/types.ts index 550abadb3c06f..aeb4c505ec55e 100644 --- a/x-pack/plugins/ml/server/types.ts +++ b/x-pack/plugins/ml/server/types.ts @@ -12,6 +12,7 @@ import { SecurityPluginSetup } from '../../security/server'; import { PluginSetupContract as FeaturesPluginSetup } from '../../features/server'; import { LicensingPluginSetup } from '../../licensing/server'; import { SpacesPluginSetup } from '../../spaces/server'; +import { MlServerLicense } from './lib/license'; export interface LicenseCheckResult { isAvailable: boolean; @@ -39,5 +40,5 @@ export interface PluginsSetup { export interface RouteInitialization { router: IRouter; - getLicenseCheckResults: () => LicenseCheckResult; + mlLicense: MlServerLicense; } diff --git a/x-pack/legacy/plugins/security/README.md b/x-pack/plugins/security/README.md similarity index 100% rename from x-pack/legacy/plugins/security/README.md rename to x-pack/plugins/security/README.md diff --git a/x-pack/plugins/security/common/licensing/index.ts b/x-pack/plugins/security/common/licensing/index.ts index e8efae3dc6a6b..0cc9b9d204273 100644 --- a/x-pack/plugins/security/common/licensing/index.ts +++ b/x-pack/plugins/security/common/licensing/index.ts @@ -6,4 +6,4 @@ export { SecurityLicenseService, SecurityLicense } from './license_service'; -export { SecurityLicenseFeatures } from './license_features'; +export { LoginLayout, SecurityLicenseFeatures } from './license_features'; diff --git a/x-pack/plugins/security/common/licensing/license_features.ts b/x-pack/plugins/security/common/licensing/license_features.ts index 33f8370a1b43e..bef328f54de03 100644 --- a/x-pack/plugins/security/common/licensing/license_features.ts +++ b/x-pack/plugins/security/common/licensing/license_features.ts @@ -4,6 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ +/** + * Represents types of login form layouts. + */ +export type LoginLayout = 'form' | 'error-es-unavailable' | 'error-xpack-unavailable'; + /** * Describes Security plugin features that depend on license. */ @@ -46,10 +51,5 @@ export interface SecurityLicenseFeatures { /** * Describes the layout of the login form if it's displayed. */ - readonly layout?: string; - - /** - * Message to show when security links are clicked throughout the kibana app. - */ - readonly linksMessage?: string; + readonly layout?: LoginLayout; } diff --git a/x-pack/plugins/security/common/licensing/license_service.test.ts b/x-pack/plugins/security/common/licensing/license_service.test.ts index df2d66a036039..40e8901970af8 100644 --- a/x-pack/plugins/security/common/licensing/license_service.test.ts +++ b/x-pack/plugins/security/common/licensing/license_service.test.ts @@ -79,7 +79,6 @@ describe('license features', function() { "allowRbac": false, "allowRoleDocumentLevelSecurity": false, "allowRoleFieldLevelSecurity": false, - "linksMessage": "Access is denied because Security is disabled in Elasticsearch.", "showLinks": false, "showLogin": false, "showRoleMappingsManagement": false, @@ -130,7 +129,6 @@ describe('license features', function() { allowRoleDocumentLevelSecurity: false, allowRoleFieldLevelSecurity: false, allowRbac: false, - linksMessage: 'Access is denied because Security is disabled in Elasticsearch.', }); }); diff --git a/x-pack/plugins/security/common/licensing/license_service.ts b/x-pack/plugins/security/common/licensing/license_service.ts index e6d2eff49ed0d..2c2039c5e2e92 100644 --- a/x-pack/plugins/security/common/licensing/license_service.ts +++ b/x-pack/plugins/security/common/licensing/license_service.ts @@ -90,7 +90,6 @@ export class SecurityLicenseService { allowRoleDocumentLevelSecurity: false, allowRoleFieldLevelSecurity: false, allowRbac: false, - linksMessage: 'Access is denied because Security is disabled in Elasticsearch.', }; } diff --git a/x-pack/legacy/plugins/security/public/views/login/parse_next.test.ts b/x-pack/plugins/security/common/parse_next.test.ts similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/parse_next.test.ts rename to x-pack/plugins/security/common/parse_next.test.ts diff --git a/x-pack/legacy/plugins/security/public/views/login/parse_next.ts b/x-pack/plugins/security/common/parse_next.ts similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/parse_next.ts rename to x-pack/plugins/security/common/parse_next.ts diff --git a/x-pack/plugins/security/public/account_management/account_management_app.test.ts b/x-pack/plugins/security/public/account_management/account_management_app.test.ts new file mode 100644 index 0000000000000..ad40c61718c73 --- /dev/null +++ b/x-pack/plugins/security/public/account_management/account_management_app.test.ts @@ -0,0 +1,73 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +jest.mock('./account_management_page'); + +import { AppMount, AppNavLinkStatus, ScopedHistory } from 'src/core/public'; +import { UserAPIClient } from '../management'; +import { accountManagementApp } from './account_management_app'; + +import { coreMock, scopedHistoryMock } from '../../../../../src/core/public/mocks'; +import { securityMock } from '../mocks'; + +describe('accountManagementApp', () => { + it('properly registers application', () => { + const coreSetupMock = coreMock.createSetup(); + + accountManagementApp.create({ + application: coreSetupMock.application, + getStartServices: coreSetupMock.getStartServices, + authc: securityMock.createSetup().authc, + }); + + expect(coreSetupMock.application.register).toHaveBeenCalledTimes(1); + + const [[appRegistration]] = coreSetupMock.application.register.mock.calls; + expect(appRegistration).toEqual({ + id: 'security_account', + appRoute: '/security/account', + navLinkStatus: AppNavLinkStatus.hidden, + title: 'Account Management', + mount: expect.any(Function), + }); + }); + + it('properly sets breadcrumbs and renders application', async () => { + const coreSetupMock = coreMock.createSetup(); + const coreStartMock = coreMock.createStart(); + coreSetupMock.getStartServices.mockResolvedValue([coreStartMock, {}]); + + const authcMock = securityMock.createSetup().authc; + const containerMock = document.createElement('div'); + + accountManagementApp.create({ + application: coreSetupMock.application, + getStartServices: coreSetupMock.getStartServices, + authc: authcMock, + }); + + const [[{ mount }]] = coreSetupMock.application.register.mock.calls; + await (mount as AppMount)({ + element: containerMock, + appBasePath: '', + onAppLeave: jest.fn(), + history: (scopedHistoryMock.create() as unknown) as ScopedHistory, + }); + + expect(coreStartMock.chrome.setBreadcrumbs).toHaveBeenCalledTimes(1); + expect(coreStartMock.chrome.setBreadcrumbs).toHaveBeenCalledWith([ + { text: 'Account Management' }, + ]); + + const mockRenderApp = jest.requireMock('./account_management_page').renderAccountManagementPage; + expect(mockRenderApp).toHaveBeenCalledTimes(1); + expect(mockRenderApp).toHaveBeenCalledWith(coreStartMock.i18n, containerMock, { + userAPIClient: expect.any(UserAPIClient), + authc: authcMock, + notifications: coreStartMock.notifications, + }); + }); +}); diff --git a/x-pack/plugins/security/public/account_management/account_management_app.ts b/x-pack/plugins/security/public/account_management/account_management_app.ts new file mode 100644 index 0000000000000..8a14a772a1eef --- /dev/null +++ b/x-pack/plugins/security/public/account_management/account_management_app.ts @@ -0,0 +1,46 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import { CoreSetup, AppMountParameters } from 'src/core/public'; +import { AuthenticationServiceSetup } from '../authentication'; +import { UserAPIClient } from '../management'; + +interface CreateDeps { + application: CoreSetup['application']; + authc: AuthenticationServiceSetup; + getStartServices: CoreSetup['getStartServices']; +} + +export const accountManagementApp = Object.freeze({ + id: 'security_account', + create({ application, authc, getStartServices }: CreateDeps) { + const title = i18n.translate('xpack.security.account.breadcrumb', { + defaultMessage: 'Account Management', + }); + application.register({ + id: this.id, + title, + // TODO: switch to proper enum once https://github.com/elastic/kibana/issues/58327 is resolved. + navLinkStatus: 3, + appRoute: '/security/account', + async mount({ element }: AppMountParameters) { + const [[coreStart], { renderAccountManagementPage }] = await Promise.all([ + getStartServices(), + import('./account_management_page'), + ]); + + coreStart.chrome.setBreadcrumbs([{ text: title }]); + + return renderAccountManagementPage(coreStart.i18n, element, { + authc, + notifications: coreStart.notifications, + userAPIClient: new UserAPIClient(coreStart.http), + }); + }, + }); + }, +}); diff --git a/x-pack/plugins/security/public/account_management/account_management_page.tsx b/x-pack/plugins/security/public/account_management/account_management_page.tsx index 9388c2e9b19b8..6615e8fee9412 100644 --- a/x-pack/plugins/security/public/account_management/account_management_page.tsx +++ b/x-pack/plugins/security/public/account_management/account_management_page.tsx @@ -3,13 +3,14 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { EuiPage, EuiPageBody, EuiPanel, EuiSpacer, EuiText } from '@elastic/eui'; import React, { useEffect, useState } from 'react'; -import { NotificationsStart } from 'src/core/public'; +import ReactDOM from 'react-dom'; +import { EuiPage, EuiPageBody, EuiPanel, EuiSpacer, EuiText } from '@elastic/eui'; +import { CoreStart, NotificationsStart } from 'src/core/public'; import { getUserDisplayName, AuthenticatedUser } from '../../common/model'; import { AuthenticationServiceSetup } from '../authentication'; -import { ChangePassword } from './change_password'; import { UserAPIClient } from '../management'; +import { ChangePassword } from './change_password'; import { PersonalInfo } from './personal_info'; interface Props { @@ -50,3 +51,18 @@ export const AccountManagementPage = ({ userAPIClient, authc, notifications }: P ); }; + +export function renderAccountManagementPage( + i18nStart: CoreStart['i18n'], + element: Element, + props: Props +) { + ReactDOM.render( + + + , + element + ); + + return () => ReactDOM.unmountComponentAtNode(element); +} diff --git a/x-pack/plugins/security/public/account_management/index.ts b/x-pack/plugins/security/public/account_management/index.ts index 0f119b7cc0b1d..4c805d152cd53 100644 --- a/x-pack/plugins/security/public/account_management/index.ts +++ b/x-pack/plugins/security/public/account_management/index.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { AccountManagementPage } from './account_management_page'; +export { accountManagementApp } from './account_management_app'; diff --git a/x-pack/plugins/security/public/authentication/_index.scss b/x-pack/plugins/security/public/authentication/_index.scss new file mode 100644 index 0000000000000..0a423c00f0218 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/_index.scss @@ -0,0 +1,5 @@ +// Component styles +@import './components/index'; + +// Login styles +@import './login/index'; diff --git a/x-pack/plugins/security/public/authentication/authentication_service.ts b/x-pack/plugins/security/public/authentication/authentication_service.ts index 2679bc20d6a7d..7b88b0f8573ba 100644 --- a/x-pack/plugins/security/public/authentication/authentication_service.ts +++ b/x-pack/plugins/security/public/authentication/authentication_service.ts @@ -4,11 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ -import { HttpSetup } from 'src/core/public'; +import { ApplicationSetup, CoreSetup, HttpSetup } from 'src/core/public'; import { AuthenticatedUser } from '../../common/model'; +import { ConfigType } from '../config'; +import { PluginStartDependencies } from '../plugin'; +import { loginApp } from './login'; +import { logoutApp } from './logout'; +import { loggedOutApp } from './logged_out'; +import { overwrittenSessionApp } from './overwritten_session'; interface SetupParams { + application: ApplicationSetup; + config: ConfigType; http: HttpSetup; + getStartServices: CoreSetup['getStartServices']; } export interface AuthenticationServiceSetup { @@ -19,13 +28,20 @@ export interface AuthenticationServiceSetup { } export class AuthenticationService { - public setup({ http }: SetupParams): AuthenticationServiceSetup { - return { - async getCurrentUser() { - return (await http.get('/internal/security/me', { - asSystemRequest: true, - })) as AuthenticatedUser; - }, - }; + public setup({ + application, + config, + getStartServices, + http, + }: SetupParams): AuthenticationServiceSetup { + const getCurrentUser = async () => + (await http.get('/internal/security/me', { asSystemRequest: true })) as AuthenticatedUser; + + loginApp.create({ application, config, getStartServices, http }); + logoutApp.create({ application, http }); + loggedOutApp.create({ application, getStartServices, http }); + overwrittenSessionApp.create({ application, authc: { getCurrentUser }, getStartServices }); + + return { getCurrentUser }; } } diff --git a/x-pack/legacy/plugins/security/public/components/_index.scss b/x-pack/plugins/security/public/authentication/components/_index.scss similarity index 100% rename from x-pack/legacy/plugins/security/public/components/_index.scss rename to x-pack/plugins/security/public/authentication/components/_index.scss diff --git a/x-pack/legacy/plugins/security/public/components/authentication_state_page/__snapshots__/authentication_state_page.test.tsx.snap b/x-pack/plugins/security/public/authentication/components/authentication_state_page/__snapshots__/authentication_state_page.test.tsx.snap similarity index 100% rename from x-pack/legacy/plugins/security/public/components/authentication_state_page/__snapshots__/authentication_state_page.test.tsx.snap rename to x-pack/plugins/security/public/authentication/components/authentication_state_page/__snapshots__/authentication_state_page.test.tsx.snap diff --git a/x-pack/legacy/plugins/security/public/components/authentication_state_page/_authentication_state_page.scss b/x-pack/plugins/security/public/authentication/components/authentication_state_page/_authentication_state_page.scss similarity index 100% rename from x-pack/legacy/plugins/security/public/components/authentication_state_page/_authentication_state_page.scss rename to x-pack/plugins/security/public/authentication/components/authentication_state_page/_authentication_state_page.scss diff --git a/x-pack/legacy/plugins/security/public/components/authentication_state_page/_index.scss b/x-pack/plugins/security/public/authentication/components/authentication_state_page/_index.scss similarity index 100% rename from x-pack/legacy/plugins/security/public/components/authentication_state_page/_index.scss rename to x-pack/plugins/security/public/authentication/components/authentication_state_page/_index.scss diff --git a/x-pack/legacy/plugins/security/public/components/authentication_state_page/authentication_state_page.test.tsx b/x-pack/plugins/security/public/authentication/components/authentication_state_page/authentication_state_page.test.tsx similarity index 100% rename from x-pack/legacy/plugins/security/public/components/authentication_state_page/authentication_state_page.test.tsx rename to x-pack/plugins/security/public/authentication/components/authentication_state_page/authentication_state_page.test.tsx diff --git a/x-pack/legacy/plugins/security/public/components/authentication_state_page/authentication_state_page.tsx b/x-pack/plugins/security/public/authentication/components/authentication_state_page/authentication_state_page.tsx similarity index 100% rename from x-pack/legacy/plugins/security/public/components/authentication_state_page/authentication_state_page.tsx rename to x-pack/plugins/security/public/authentication/components/authentication_state_page/authentication_state_page.tsx diff --git a/x-pack/legacy/plugins/security/public/components/authentication_state_page/index.tsx b/x-pack/plugins/security/public/authentication/components/authentication_state_page/index.tsx similarity index 100% rename from x-pack/legacy/plugins/security/public/components/authentication_state_page/index.tsx rename to x-pack/plugins/security/public/authentication/components/authentication_state_page/index.tsx diff --git a/x-pack/plugins/security/public/authentication/components/index.ts b/x-pack/plugins/security/public/authentication/components/index.ts new file mode 100644 index 0000000000000..b0f2324d6fe52 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/components/index.ts @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { AuthenticationStatePage } from './authentication_state_page'; diff --git a/x-pack/legacy/plugins/security/public/views/login/components/index.ts b/x-pack/plugins/security/public/authentication/logged_out/index.ts similarity index 83% rename from x-pack/legacy/plugins/security/public/views/login/components/index.ts rename to x-pack/plugins/security/public/authentication/logged_out/index.ts index e3ce25c0f46fe..7f65c12c22a6c 100644 --- a/x-pack/legacy/plugins/security/public/views/login/components/index.ts +++ b/x-pack/plugins/security/public/authentication/logged_out/index.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { LoginPage } from './login_page'; +export { loggedOutApp } from './logged_out_app'; diff --git a/x-pack/plugins/security/public/authentication/logged_out/logged_out_app.test.ts b/x-pack/plugins/security/public/authentication/logged_out/logged_out_app.test.ts new file mode 100644 index 0000000000000..c8303ecc940d6 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/logged_out/logged_out_app.test.ts @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +jest.mock('./logged_out_page'); + +import { AppMount, ScopedHistory } from 'src/core/public'; +import { loggedOutApp } from './logged_out_app'; + +import { coreMock, scopedHistoryMock } from '../../../../../../src/core/public/mocks'; + +describe('loggedOutApp', () => { + it('properly registers application', () => { + const coreSetupMock = coreMock.createSetup(); + + loggedOutApp.create(coreSetupMock); + + expect(coreSetupMock.http.anonymousPaths.register).toHaveBeenCalledTimes(1); + expect(coreSetupMock.http.anonymousPaths.register).toHaveBeenCalledWith('/security/logged_out'); + + expect(coreSetupMock.application.register).toHaveBeenCalledTimes(1); + + const [[appRegistration]] = coreSetupMock.application.register.mock.calls; + expect(appRegistration).toEqual({ + id: 'security_logged_out', + chromeless: true, + appRoute: '/security/logged_out', + title: 'Logged out', + mount: expect.any(Function), + }); + }); + + it('properly renders application', async () => { + const coreSetupMock = coreMock.createSetup(); + const coreStartMock = coreMock.createStart(); + coreSetupMock.getStartServices.mockResolvedValue([coreStartMock, {}]); + + const containerMock = document.createElement('div'); + + loggedOutApp.create(coreSetupMock); + + const [[{ mount }]] = coreSetupMock.application.register.mock.calls; + await (mount as AppMount)({ + element: containerMock, + appBasePath: '', + onAppLeave: jest.fn(), + history: (scopedHistoryMock.create() as unknown) as ScopedHistory, + }); + + const mockRenderApp = jest.requireMock('./logged_out_page').renderLoggedOutPage; + expect(mockRenderApp).toHaveBeenCalledTimes(1); + expect(mockRenderApp).toHaveBeenCalledWith(coreStartMock.i18n, containerMock, { + basePath: coreStartMock.http.basePath, + }); + }); +}); diff --git a/x-pack/plugins/security/public/authentication/logged_out/logged_out_app.ts b/x-pack/plugins/security/public/authentication/logged_out/logged_out_app.ts new file mode 100644 index 0000000000000..b7f2615318791 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/logged_out/logged_out_app.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import { CoreSetup, AppMountParameters, HttpSetup } from 'src/core/public'; + +interface CreateDeps { + application: CoreSetup['application']; + http: HttpSetup; + getStartServices: CoreSetup['getStartServices']; +} + +export const loggedOutApp = Object.freeze({ + id: 'security_logged_out', + create({ application, http, getStartServices }: CreateDeps) { + http.anonymousPaths.register('/security/logged_out'); + application.register({ + id: this.id, + title: i18n.translate('xpack.security.loggedOutAppTitle', { defaultMessage: 'Logged out' }), + chromeless: true, + appRoute: '/security/logged_out', + async mount({ element }: AppMountParameters) { + const [[coreStart], { renderLoggedOutPage }] = await Promise.all([ + getStartServices(), + import('./logged_out_page'), + ]); + return renderLoggedOutPage(coreStart.i18n, element, { basePath: coreStart.http.basePath }); + }, + }); + }, +}); diff --git a/x-pack/plugins/security/public/authentication/logged_out/logged_out_page.tsx b/x-pack/plugins/security/public/authentication/logged_out/logged_out_page.tsx new file mode 100644 index 0000000000000..a708931c3fa95 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/logged_out/logged_out_page.tsx @@ -0,0 +1,44 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import ReactDOM from 'react-dom'; +import { EuiButton } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { CoreStart, IBasePath } from 'src/core/public'; +import { AuthenticationStatePage } from '../components'; + +interface Props { + basePath: IBasePath; +} + +export function LoggedOutPage({ basePath }: Props) { + return ( + + } + > + + + + + ); +} + +export function renderLoggedOutPage(i18nStart: CoreStart['i18n'], element: Element, props: Props) { + ReactDOM.render( + + + , + element + ); + + return () => ReactDOM.unmountComponentAtNode(element); +} diff --git a/x-pack/plugins/security/public/authentication/login/__snapshots__/login_page.test.tsx.snap b/x-pack/plugins/security/public/authentication/login/__snapshots__/login_page.test.tsx.snap new file mode 100644 index 0000000000000..c1b8202e2f3f3 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/login/__snapshots__/login_page.test.tsx.snap @@ -0,0 +1,188 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`LoginPage disabled form states renders as expected when a connection to ES is not available 1`] = ` + + } + title={ + + } +/> +`; + +exports[`LoginPage disabled form states renders as expected when an unknown loginState layout is provided 1`] = ` + + } + title={ + + } +/> +`; + +exports[`LoginPage disabled form states renders as expected when secure connection is required but not present 1`] = ` + + } + title={ + + } +/> +`; + +exports[`LoginPage disabled form states renders as expected when xpack is not available 1`] = ` + + } + title={ + + } +/> +`; + +exports[`LoginPage enabled form state renders as expected 1`] = ` + +`; + +exports[`LoginPage enabled form state renders as expected when info message is set 1`] = ` + +`; + +exports[`LoginPage enabled form state renders as expected when loginAssistanceMessage is set 1`] = ` + +`; + +exports[`LoginPage page renders as expected 1`] = ` +
+
+
+ + + + + +

+ +

+ + +

+ +

+ + +
+
+
+ + + + + +
+
+`; diff --git a/x-pack/legacy/plugins/security/public/views/login/components/login_page/_index.scss b/x-pack/plugins/security/public/authentication/login/_index.scss similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/login_page/_index.scss rename to x-pack/plugins/security/public/authentication/login/_index.scss diff --git a/x-pack/legacy/plugins/security/public/views/login/components/login_page/_login_page.scss b/x-pack/plugins/security/public/authentication/login/_login_page.scss similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/login_page/_login_page.scss rename to x-pack/plugins/security/public/authentication/login/_login_page.scss diff --git a/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/__snapshots__/basic_login_form.test.tsx.snap b/x-pack/plugins/security/public/authentication/login/components/basic_login_form/__snapshots__/basic_login_form.test.tsx.snap similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/__snapshots__/basic_login_form.test.tsx.snap rename to x-pack/plugins/security/public/authentication/login/components/basic_login_form/__snapshots__/basic_login_form.test.tsx.snap diff --git a/x-pack/plugins/security/public/authentication/login/components/basic_login_form/basic_login_form.test.tsx b/x-pack/plugins/security/public/authentication/login/components/basic_login_form/basic_login_form.test.tsx new file mode 100644 index 0000000000000..e62fd7191dfae --- /dev/null +++ b/x-pack/plugins/security/public/authentication/login/components/basic_login_form/basic_login_form.test.tsx @@ -0,0 +1,111 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { act } from '@testing-library/react'; +import { EuiButton, EuiCallOut } from '@elastic/eui'; +import { mountWithIntl, nextTick, shallowWithIntl } from 'test_utils/enzyme_helpers'; +import { BasicLoginForm } from './basic_login_form'; + +import { coreMock } from '../../../../../../../../src/core/public/mocks'; + +describe('BasicLoginForm', () => { + beforeAll(() => { + Object.defineProperty(window, 'location', { + value: { href: 'https://some-host/bar' }, + writable: true, + }); + }); + + afterAll(() => { + delete (window as any).location; + }); + + it('renders as expected', () => { + expect( + shallowWithIntl( + + ) + ).toMatchSnapshot(); + }); + + it('renders an info message when provided.', () => { + const wrapper = shallowWithIntl( + + ); + + expect(wrapper.find(EuiCallOut).props().title).toEqual('Hey this is an info message'); + }); + + it('renders an invalid credentials message', async () => { + const mockHTTP = coreMock.createStart({ basePath: '/some-base-path' }).http; + mockHTTP.post.mockRejectedValue({ response: { status: 401 } }); + + const wrapper = mountWithIntl(); + + wrapper.find('input[name="username"]').simulate('change', { target: { value: 'username' } }); + wrapper.find('input[name="password"]').simulate('change', { target: { value: 'password' } }); + wrapper.find(EuiButton).simulate('click'); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(EuiCallOut).props().title).toEqual( + `Invalid username or password. Please try again.` + ); + }); + + it('renders unknown error message', async () => { + const mockHTTP = coreMock.createStart({ basePath: '/some-base-path' }).http; + mockHTTP.post.mockRejectedValue({ response: { status: 500 } }); + + const wrapper = mountWithIntl(); + + wrapper.find('input[name="username"]').simulate('change', { target: { value: 'username' } }); + wrapper.find('input[name="password"]').simulate('change', { target: { value: 'password' } }); + wrapper.find(EuiButton).simulate('click'); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(EuiCallOut).props().title).toEqual(`Oops! Error. Try again.`); + }); + + it('properly redirects after successful login', async () => { + window.location.href = `https://some-host/login?next=${encodeURIComponent( + '/some-base-path/app/kibana#/home?_g=()' + )}`; + const mockHTTP = coreMock.createStart({ basePath: '/some-base-path' }).http; + mockHTTP.post.mockResolvedValue({}); + + const wrapper = mountWithIntl(); + + wrapper.find('input[name="username"]').simulate('change', { target: { value: 'username1' } }); + wrapper.find('input[name="password"]').simulate('change', { target: { value: 'password1' } }); + wrapper.find(EuiButton).simulate('click'); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(mockHTTP.post).toHaveBeenCalledTimes(1); + expect(mockHTTP.post).toHaveBeenCalledWith('/internal/security/login', { + body: JSON.stringify({ username: 'username1', password: 'password1' }), + }); + + expect(window.location.href).toBe('/some-base-path/app/kibana#/home?_g=()'); + expect(wrapper.find(EuiCallOut).exists()).toBe(false); + }); +}); diff --git a/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.tsx b/x-pack/plugins/security/public/authentication/login/components/basic_login_form/basic_login_form.tsx similarity index 76% rename from x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.tsx rename to x-pack/plugins/security/public/authentication/login/components/basic_login_form/basic_login_form.tsx index d5658cc297c26..7302ee9bf9851 100644 --- a/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/basic_login_form.tsx +++ b/x-pack/plugins/security/public/authentication/login/components/basic_login_form/basic_login_form.tsx @@ -4,20 +4,25 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EuiButton, EuiCallOut, EuiFieldText, EuiFormRow, EuiPanel, EuiSpacer } from '@elastic/eui'; -import { FormattedMessage, InjectedIntl, injectI18n } from '@kbn/i18n/react'; import React, { ChangeEvent, Component, FormEvent, Fragment, MouseEvent } from 'react'; import ReactMarkdown from 'react-markdown'; -import { EuiText } from '@elastic/eui'; -import { LoginState } from '../../login_state'; +import { + EuiButton, + EuiCallOut, + EuiFieldText, + EuiFormRow, + EuiPanel, + EuiSpacer, + EuiText, +} from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { HttpStart, IHttpFetchError } from 'src/core/public'; +import { parseNext } from '../../../../../common/parse_next'; interface Props { - http: any; - window: any; + http: HttpStart; infoMessage?: string; - loginState: LoginState; - next: string; - intl: InjectedIntl; loginAssistanceMessage: string; } @@ -29,7 +34,7 @@ interface State { message: string; } -class BasicLoginFormUI extends Component { +export class BasicLoginForm extends Component { public state = { hasError: false, isLoading: false, @@ -175,7 +180,7 @@ class BasicLoginFormUI extends Component { }); }; - private submit = (e: MouseEvent | FormEvent) => { + private submit = async (e: MouseEvent | FormEvent) => { e.preventDefault(); if (!this.isFormValid()) { @@ -187,34 +192,28 @@ class BasicLoginFormUI extends Component { message: '', }); - const { http, window, next, intl } = this.props; - + const { http } = this.props; const { username, password } = this.state; - http.post('./internal/security/login', { username, password }).then( - () => (window.location.href = next), - (error: any) => { - const { statusCode = 500 } = error.data || {}; - - let message = intl.formatMessage({ - id: 'xpack.security.login.basicLoginForm.unknownErrorMessage', - defaultMessage: 'Oops! Error. Try again.', - }); - if (statusCode === 401) { - message = intl.formatMessage({ - id: 'xpack.security.login.basicLoginForm.invalidUsernameOrPasswordErrorMessage', - defaultMessage: 'Invalid username or password. Please try again.', - }); - } - - this.setState({ - hasError: true, - message, - isLoading: false, - }); - } - ); + try { + await http.post('/internal/security/login', { body: JSON.stringify({ username, password }) }); + window.location.href = parseNext(window.location.href, http.basePath.serverBasePath); + } catch (error) { + const message = + (error as IHttpFetchError).response?.status === 401 + ? i18n.translate( + 'xpack.security.login.basicLoginForm.invalidUsernameOrPasswordErrorMessage', + { defaultMessage: 'Invalid username or password. Please try again.' } + ) + : i18n.translate('xpack.security.login.basicLoginForm.unknownErrorMessage', { + defaultMessage: 'Oops! Error. Try again.', + }); + + this.setState({ + hasError: true, + message, + isLoading: false, + }); + } }; } - -export const BasicLoginForm = injectI18n(BasicLoginFormUI); diff --git a/x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/index.ts b/x-pack/plugins/security/public/authentication/login/components/basic_login_form/index.ts similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/basic_login_form/index.ts rename to x-pack/plugins/security/public/authentication/login/components/basic_login_form/index.ts diff --git a/x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/__snapshots__/disabled_login_form.test.tsx.snap b/x-pack/plugins/security/public/authentication/login/components/disabled_login_form/__snapshots__/disabled_login_form.test.tsx.snap similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/__snapshots__/disabled_login_form.test.tsx.snap rename to x-pack/plugins/security/public/authentication/login/components/disabled_login_form/__snapshots__/disabled_login_form.test.tsx.snap diff --git a/x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/disabled_login_form.test.tsx b/x-pack/plugins/security/public/authentication/login/components/disabled_login_form/disabled_login_form.test.tsx similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/disabled_login_form.test.tsx rename to x-pack/plugins/security/public/authentication/login/components/disabled_login_form/disabled_login_form.test.tsx diff --git a/x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/disabled_login_form.tsx b/x-pack/plugins/security/public/authentication/login/components/disabled_login_form/disabled_login_form.tsx similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/disabled_login_form.tsx rename to x-pack/plugins/security/public/authentication/login/components/disabled_login_form/disabled_login_form.tsx diff --git a/x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/index.ts b/x-pack/plugins/security/public/authentication/login/components/disabled_login_form/index.ts similarity index 100% rename from x-pack/legacy/plugins/security/public/views/login/components/disabled_login_form/index.ts rename to x-pack/plugins/security/public/authentication/login/components/disabled_login_form/index.ts diff --git a/x-pack/plugins/security/public/authentication/login/components/index.ts b/x-pack/plugins/security/public/authentication/login/components/index.ts new file mode 100644 index 0000000000000..5f267f7c4caa2 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/login/components/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { BasicLoginForm } from './basic_login_form'; +export { DisabledLoginForm } from './disabled_login_form'; diff --git a/x-pack/legacy/plugins/security/public/views/login/index.ts b/x-pack/plugins/security/public/authentication/login/index.ts similarity index 85% rename from x-pack/legacy/plugins/security/public/views/login/index.ts rename to x-pack/plugins/security/public/authentication/login/index.ts index b2de507d5ee12..c965dced799eb 100644 --- a/x-pack/legacy/plugins/security/public/views/login/index.ts +++ b/x-pack/plugins/security/public/authentication/login/index.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -import './login'; +export { loginApp } from './login_app'; diff --git a/x-pack/plugins/security/public/authentication/login/login_app.test.ts b/x-pack/plugins/security/public/authentication/login/login_app.test.ts new file mode 100644 index 0000000000000..051f08058ed8d --- /dev/null +++ b/x-pack/plugins/security/public/authentication/login/login_app.test.ts @@ -0,0 +1,70 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +jest.mock('./login_page'); + +import { AppMount, ScopedHistory } from 'src/core/public'; +import { loginApp } from './login_app'; + +import { coreMock, scopedHistoryMock } from '../../../../../../src/core/public/mocks'; + +describe('loginApp', () => { + it('properly registers application', () => { + const coreSetupMock = coreMock.createSetup(); + + loginApp.create({ + ...coreSetupMock, + config: { loginAssistanceMessage: '' }, + }); + + expect(coreSetupMock.http.anonymousPaths.register).toHaveBeenCalledTimes(1); + expect(coreSetupMock.http.anonymousPaths.register).toHaveBeenCalledWith('/login'); + + expect(coreSetupMock.application.register).toHaveBeenCalledTimes(1); + + const [[appRegistration]] = coreSetupMock.application.register.mock.calls; + expect(appRegistration).toEqual({ + id: 'security_login', + chromeless: true, + appRoute: '/login', + title: 'Login', + mount: expect.any(Function), + }); + }); + + it('properly renders application', async () => { + const coreSetupMock = coreMock.createSetup(); + const coreStartMock = coreMock.createStart(); + coreStartMock.injectedMetadata.getInjectedVar.mockReturnValue(true); + coreSetupMock.getStartServices.mockResolvedValue([coreStartMock, {}]); + const containerMock = document.createElement('div'); + + loginApp.create({ + ...coreSetupMock, + config: { loginAssistanceMessage: 'some-message' }, + }); + + const [[{ mount }]] = coreSetupMock.application.register.mock.calls; + await (mount as AppMount)({ + element: containerMock, + appBasePath: '', + onAppLeave: jest.fn(), + history: (scopedHistoryMock.create() as unknown) as ScopedHistory, + }); + + expect(coreStartMock.injectedMetadata.getInjectedVar).toHaveBeenCalledTimes(1); + expect(coreStartMock.injectedMetadata.getInjectedVar).toHaveBeenCalledWith('secureCookies'); + + const mockRenderApp = jest.requireMock('./login_page').renderLoginPage; + expect(mockRenderApp).toHaveBeenCalledTimes(1); + expect(mockRenderApp).toHaveBeenCalledWith(coreStartMock.i18n, containerMock, { + http: coreStartMock.http, + fatalErrors: coreStartMock.fatalErrors, + loginAssistanceMessage: 'some-message', + requiresSecureConnection: true, + }); + }); +}); diff --git a/x-pack/plugins/security/public/authentication/login/login_app.ts b/x-pack/plugins/security/public/authentication/login/login_app.ts new file mode 100644 index 0000000000000..4f4bf3903a1fa --- /dev/null +++ b/x-pack/plugins/security/public/authentication/login/login_app.ts @@ -0,0 +1,43 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import { CoreSetup, AppMountParameters, HttpSetup } from 'src/core/public'; +import { ConfigType } from '../../config'; + +interface CreateDeps { + application: CoreSetup['application']; + http: HttpSetup; + getStartServices: CoreSetup['getStartServices']; + config: Pick; +} + +export const loginApp = Object.freeze({ + id: 'security_login', + create({ application, http, getStartServices, config }: CreateDeps) { + http.anonymousPaths.register('/login'); + application.register({ + id: this.id, + title: i18n.translate('xpack.security.loginAppTitle', { defaultMessage: 'Login' }), + chromeless: true, + appRoute: '/login', + async mount({ element }: AppMountParameters) { + const [[coreStart], { renderLoginPage }] = await Promise.all([ + getStartServices(), + import('./login_page'), + ]); + return renderLoginPage(coreStart.i18n, element, { + http: coreStart.http, + fatalErrors: coreStart.fatalErrors, + loginAssistanceMessage: config.loginAssistanceMessage, + requiresSecureConnection: coreStart.injectedMetadata.getInjectedVar( + 'secureCookies' + ) as boolean, + }); + }, + }); + }, +}); diff --git a/x-pack/plugins/security/public/authentication/login/login_page.test.tsx b/x-pack/plugins/security/public/authentication/login/login_page.test.tsx new file mode 100644 index 0000000000000..294434cd08ebc --- /dev/null +++ b/x-pack/plugins/security/public/authentication/login/login_page.test.tsx @@ -0,0 +1,282 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { shallow } from 'enzyme'; +import { act } from '@testing-library/react'; +import { nextTick } from 'test_utils/enzyme_helpers'; +import { LoginState } from './login_state'; +import { LoginPage } from './login_page'; +import { coreMock } from '../../../../../../src/core/public/mocks'; +import { DisabledLoginForm, BasicLoginForm } from './components'; + +const createLoginState = (options?: Partial) => { + return { + allowLogin: true, + layout: 'form', + ...options, + } as LoginState; +}; + +describe('LoginPage', () => { + // mock a minimal subset of the HttpSetup + const httpMock = { + get: jest.fn(), + addLoadingCountSource: jest.fn(), + } as any; + const resetHttpMock = () => { + httpMock.get.mockReset(); + httpMock.addLoadingCountSource.mockReset(); + }; + + beforeAll(() => { + Object.defineProperty(window, 'location', { + value: { href: 'http://some-host/bar', protocol: 'http' }, + writable: true, + }); + }); + + beforeEach(() => { + resetHttpMock(); + }); + + afterAll(() => { + delete (window as any).location; + }); + + describe('page', () => { + it('renders as expected', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState()); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + resetHttpMock(); // so the calls don't show in the BasicLoginForm snapshot + }); + + expect(wrapper).toMatchSnapshot(); + }); + }); + + describe('disabled form states', () => { + it('renders as expected when secure connection is required but not present', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState()); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(DisabledLoginForm)).toMatchSnapshot(); + }); + + it('renders as expected when a connection to ES is not available', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState({ layout: 'error-es-unavailable' })); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(DisabledLoginForm)).toMatchSnapshot(); + }); + + it('renders as expected when xpack is not available', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState({ layout: 'error-xpack-unavailable' })); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(DisabledLoginForm)).toMatchSnapshot(); + }); + + it('renders as expected when an unknown loginState layout is provided', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue( + createLoginState({ layout: 'error-asdf-asdf-unknown' as any }) + ); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(DisabledLoginForm)).toMatchSnapshot(); + }); + }); + + describe('enabled form state', () => { + it('renders as expected', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState()); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + resetHttpMock(); // so the calls don't show in the BasicLoginForm snapshot + }); + + expect(wrapper.find(BasicLoginForm)).toMatchSnapshot(); + }); + + it('renders as expected when info message is set', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState()); + window.location.href = 'http://some-host/bar?msg=SESSION_EXPIRED'; + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + resetHttpMock(); // so the calls don't show in the BasicLoginForm snapshot + }); + + expect(wrapper.find(BasicLoginForm)).toMatchSnapshot(); + }); + + it('renders as expected when loginAssistanceMessage is set', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState()); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + resetHttpMock(); // so the calls don't show in the BasicLoginForm snapshot + }); + + expect(wrapper.find(BasicLoginForm)).toMatchSnapshot(); + }); + }); + + describe('API calls', () => { + it('GET login_state success', async () => { + const coreStartMock = coreMock.createStart(); + httpMock.get.mockResolvedValue(createLoginState()); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(httpMock.addLoadingCountSource).toHaveBeenCalledTimes(1); + expect(httpMock.get).toHaveBeenCalledTimes(1); + expect(httpMock.get).toHaveBeenCalledWith('/internal/security/login_state'); + expect(coreStartMock.fatalErrors.add).not.toHaveBeenCalled(); + }); + + it('GET login_state failure', async () => { + const coreStartMock = coreMock.createStart(); + const error = Symbol(); + httpMock.get.mockRejectedValue(error); + + const wrapper = shallow( + + ); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(httpMock.addLoadingCountSource).toHaveBeenCalledTimes(1); + expect(httpMock.get).toHaveBeenCalledTimes(1); + expect(httpMock.get).toHaveBeenCalledWith('/internal/security/login_state'); + expect(coreStartMock.fatalErrors.add).toHaveBeenCalledTimes(1); + expect(coreStartMock.fatalErrors.add).toHaveBeenCalledWith(error); + }); + }); +}); diff --git a/x-pack/legacy/plugins/security/public/views/login/components/login_page/login_page.tsx b/x-pack/plugins/security/public/authentication/login/login_page.tsx similarity index 60% rename from x-pack/legacy/plugins/security/public/views/login/components/login_page/login_page.tsx rename to x-pack/plugins/security/public/authentication/login/login_page.tsx index 8035789a30e9d..848751aa03352 100644 --- a/x-pack/legacy/plugins/security/public/views/login/components/login_page/login_page.tsx +++ b/x-pack/plugins/security/public/authentication/login/login_page.tsx @@ -5,45 +5,81 @@ */ import React, { Component } from 'react'; - -import { FormattedMessage } from '@kbn/i18n/react'; - -import { - // @ts-ignore - EuiCard, - EuiFlexGroup, - EuiFlexItem, - EuiIcon, - EuiSpacer, - EuiText, - EuiTitle, -} from '@elastic/eui'; +import ReactDOM from 'react-dom'; import classNames from 'classnames'; -import { LoginState } from '../../login_state'; -import { BasicLoginForm } from '../basic_login_form'; -import { DisabledLoginForm } from '../disabled_login_form'; +import { BehaviorSubject } from 'rxjs'; +import { parse } from 'url'; +import { EuiFlexGroup, EuiFlexItem, EuiIcon, EuiSpacer, EuiText, EuiTitle } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { CoreStart, FatalErrorsStart, HttpStart } from 'src/core/public'; +import { LoginLayout } from '../../../common/licensing'; +import { BasicLoginForm, DisabledLoginForm } from './components'; +import { LoginState } from './login_state'; interface Props { - http: any; - window: any; - next: string; - infoMessage?: string; - loginState: LoginState; - isSecureConnection: boolean; - requiresSecureConnection: boolean; + http: HttpStart; + fatalErrors: FatalErrorsStart; loginAssistanceMessage: string; + requiresSecureConnection: boolean; +} + +interface State { + loginState: LoginState | null; } -export class LoginPage extends Component { +const infoMessageMap = new Map([ + [ + 'SESSION_EXPIRED', + i18n.translate('xpack.security.login.sessionExpiredDescription', { + defaultMessage: 'Your session has timed out. Please log in again.', + }), + ], + [ + 'LOGGED_OUT', + i18n.translate('xpack.security.login.loggedOutDescription', { + defaultMessage: 'You have logged out of Kibana.', + }), + ], +]); + +export class LoginPage extends Component { + state = { loginState: null }; + + public async componentDidMount() { + const loadingCount$ = new BehaviorSubject(1); + this.props.http.addLoadingCountSource(loadingCount$.asObservable()); + + try { + this.setState({ loginState: await this.props.http.get('/internal/security/login_state') }); + } catch (err) { + this.props.fatalErrors.add(err); + } + + loadingCount$.next(0); + loadingCount$.complete(); + } + public render() { - const allowLogin = this.allowLogin(); + const loginState = this.state.loginState; + if (!loginState) { + return null; + } + + const isSecureConnection = !!window.location.protocol.match(/^https/); + const { allowLogin, layout } = loginState; + + const loginIsSupported = + this.props.requiresSecureConnection && !isSecureConnection + ? false + : allowLogin && layout === 'form'; const contentHeaderClasses = classNames('loginWelcome__content', 'eui-textCenter', { - ['loginWelcome__contentDisabledForm']: !allowLogin, + ['loginWelcome__contentDisabledForm']: !loginIsSupported, }); const contentBodyClasses = classNames('loginWelcome__content', 'loginWelcome-body', { - ['loginWelcome__contentDisabledForm']: !allowLogin, + ['loginWelcome__contentDisabledForm']: !loginIsSupported, }); return ( @@ -75,23 +111,21 @@ export class LoginPage extends Component {
- {this.getLoginForm()} + {this.getLoginForm({ isSecureConnection, layout })}
); } - private allowLogin = () => { - if (this.props.requiresSecureConnection && !this.props.isSecureConnection) { - return false; - } - - return this.props.loginState.allowLogin && this.props.loginState.layout === 'form'; - }; - - private getLoginForm = () => { - if (this.props.requiresSecureConnection && !this.props.isSecureConnection) { + private getLoginForm = ({ + isSecureConnection, + layout, + }: { + isSecureConnection: boolean; + layout: LoginLayout; + }) => { + if (this.props.requiresSecureConnection && !isSecureConnection) { return ( { ); } - const layout = this.props.loginState.layout; switch (layout) { case 'form': - return ; + return ( + + ); case 'error-es-unavailable': return ( { } }; } + +export function renderLoginPage(i18nStart: CoreStart['i18n'], element: Element, props: Props) { + ReactDOM.render( + + + , + element + ); + + return () => ReactDOM.unmountComponentAtNode(element); +} diff --git a/x-pack/legacy/plugins/security/public/views/login/login_state.ts b/x-pack/plugins/security/public/authentication/login/login_state.ts similarity index 78% rename from x-pack/legacy/plugins/security/public/views/login/login_state.ts rename to x-pack/plugins/security/public/authentication/login/login_state.ts index b1eb3d61fe5f3..6ca38296706fe 100644 --- a/x-pack/legacy/plugins/security/public/views/login/login_state.ts +++ b/x-pack/plugins/security/public/authentication/login/login_state.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -export type LoginLayout = 'form' | 'error-es-unavailable' | 'error-xpack-unavailable'; +import { LoginLayout } from '../../../common/licensing'; export interface LoginState { layout: LoginLayout; diff --git a/x-pack/legacy/plugins/security/public/views/login/components/login_page/index.ts b/x-pack/plugins/security/public/authentication/logout/index.ts similarity index 85% rename from x-pack/legacy/plugins/security/public/views/login/components/login_page/index.ts rename to x-pack/plugins/security/public/authentication/logout/index.ts index e3ce25c0f46fe..981811ab21eed 100644 --- a/x-pack/legacy/plugins/security/public/views/login/components/login_page/index.ts +++ b/x-pack/plugins/security/public/authentication/logout/index.ts @@ -4,4 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { LoginPage } from './login_page'; +export { logoutApp } from './logout_app'; diff --git a/x-pack/plugins/security/public/authentication/logout/logout_app.test.ts b/x-pack/plugins/security/public/authentication/logout/logout_app.test.ts new file mode 100644 index 0000000000000..c17a0c2ca27b1 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/logout/logout_app.test.ts @@ -0,0 +1,66 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AppMount, ScopedHistory } from 'src/core/public'; +import { logoutApp } from './logout_app'; + +import { coreMock, scopedHistoryMock } from '../../../../../../src/core/public/mocks'; + +describe('logoutApp', () => { + beforeAll(() => { + Object.defineProperty(window, 'sessionStorage', { + value: { clear: jest.fn() }, + writable: true, + }); + Object.defineProperty(window, 'location', { + value: { href: 'https://some-host/bar?arg=true', search: '?arg=true' }, + writable: true, + }); + }); + + afterAll(() => { + delete (window as any).sessionStorage; + delete (window as any).location; + }); + + it('properly registers application', () => { + const coreSetupMock = coreMock.createSetup(); + + logoutApp.create(coreSetupMock); + + expect(coreSetupMock.http.anonymousPaths.register).toHaveBeenCalledTimes(1); + expect(coreSetupMock.http.anonymousPaths.register).toHaveBeenCalledWith('/logout'); + + expect(coreSetupMock.application.register).toHaveBeenCalledTimes(1); + + const [[appRegistration]] = coreSetupMock.application.register.mock.calls; + expect(appRegistration).toEqual({ + id: 'security_logout', + chromeless: true, + appRoute: '/logout', + title: 'Logout', + mount: expect.any(Function), + }); + }); + + it('properly mounts application', async () => { + const coreSetupMock = coreMock.createSetup({ basePath: '/mock-base-path' }); + const containerMock = document.createElement('div'); + + logoutApp.create(coreSetupMock); + + const [[{ mount }]] = coreSetupMock.application.register.mock.calls; + await (mount as AppMount)({ + element: containerMock, + appBasePath: '', + onAppLeave: jest.fn(), + history: (scopedHistoryMock.create() as unknown) as ScopedHistory, + }); + + expect(window.sessionStorage.clear).toHaveBeenCalledTimes(1); + expect(window.location.href).toBe('/mock-base-path/api/security/logout?arg=true'); + }); +}); diff --git a/x-pack/plugins/security/public/authentication/logout/logout_app.ts b/x-pack/plugins/security/public/authentication/logout/logout_app.ts new file mode 100644 index 0000000000000..72f69ce4460c3 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/logout/logout_app.ts @@ -0,0 +1,36 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import { CoreSetup, HttpSetup } from 'src/core/public'; + +interface CreateDeps { + application: CoreSetup['application']; + http: HttpSetup; +} + +export const logoutApp = Object.freeze({ + id: 'security_logout', + create({ application, http }: CreateDeps) { + http.anonymousPaths.register('/logout'); + application.register({ + id: this.id, + title: i18n.translate('xpack.security.logoutAppTitle', { defaultMessage: 'Logout' }), + chromeless: true, + appRoute: '/logout', + async mount() { + window.sessionStorage.clear(); + + // Redirect user to the server logout endpoint to complete logout. + window.location.href = http.basePath.prepend( + `/api/security/logout${window.location.search}` + ); + + return () => {}; + }, + }); + }, +}); diff --git a/x-pack/plugins/security/public/authentication/overwritten_session/__snapshots__/overwritten_session_page.test.tsx.snap b/x-pack/plugins/security/public/authentication/overwritten_session/__snapshots__/overwritten_session_page.test.tsx.snap new file mode 100644 index 0000000000000..2ce59ab37f514 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/overwritten_session/__snapshots__/overwritten_session_page.test.tsx.snap @@ -0,0 +1,135 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`OverwrittenSessionPage renders as expected 1`] = ` + + } +> +
+
+
+ +
+ + + + + + + + + + + + + + + +

+ + You previously logged in as a different user. + +

+ + +
+ +
+
+ +
+ +`; diff --git a/x-pack/plugins/security/public/authentication/overwritten_session/index.ts b/x-pack/plugins/security/public/authentication/overwritten_session/index.ts new file mode 100644 index 0000000000000..a9552a1157a19 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/overwritten_session/index.ts @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { overwrittenSessionApp } from './overwritten_session_app'; diff --git a/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_app.test.ts b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_app.test.ts new file mode 100644 index 0000000000000..7b15d8c46f6eb --- /dev/null +++ b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_app.test.ts @@ -0,0 +1,67 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +jest.mock('./overwritten_session_page'); + +import { AppMount, ScopedHistory } from 'src/core/public'; +import { overwrittenSessionApp } from './overwritten_session_app'; + +import { coreMock, scopedHistoryMock } from '../../../../../../src/core/public/mocks'; +import { securityMock } from '../../mocks'; + +describe('overwrittenSessionApp', () => { + it('properly registers application', () => { + const coreSetupMock = coreMock.createSetup(); + + overwrittenSessionApp.create({ + application: coreSetupMock.application, + getStartServices: coreSetupMock.getStartServices, + authc: securityMock.createSetup().authc, + }); + + expect(coreSetupMock.application.register).toHaveBeenCalledTimes(1); + + const [[appRegistration]] = coreSetupMock.application.register.mock.calls; + expect(appRegistration).toEqual({ + id: 'security_overwritten_session', + title: 'Overwritten Session', + chromeless: true, + appRoute: '/security/overwritten_session', + mount: expect.any(Function), + }); + }); + + it('properly sets breadcrumbs and renders application', async () => { + const coreSetupMock = coreMock.createSetup(); + const coreStartMock = coreMock.createStart(); + coreSetupMock.getStartServices.mockResolvedValue([coreStartMock, {}]); + + const authcMock = securityMock.createSetup().authc; + const containerMock = document.createElement('div'); + + overwrittenSessionApp.create({ + application: coreSetupMock.application, + getStartServices: coreSetupMock.getStartServices, + authc: authcMock, + }); + + const [[{ mount }]] = coreSetupMock.application.register.mock.calls; + await (mount as AppMount)({ + element: containerMock, + appBasePath: '', + onAppLeave: jest.fn(), + history: (scopedHistoryMock.create() as unknown) as ScopedHistory, + }); + + const mockRenderApp = jest.requireMock('./overwritten_session_page') + .renderOverwrittenSessionPage; + expect(mockRenderApp).toHaveBeenCalledTimes(1); + expect(mockRenderApp).toHaveBeenCalledWith(coreStartMock.i18n, containerMock, { + authc: authcMock, + basePath: coreStartMock.http.basePath, + }); + }); +}); diff --git a/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_app.ts b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_app.ts new file mode 100644 index 0000000000000..1bbe388a635e2 --- /dev/null +++ b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_app.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import { CoreSetup, AppMountParameters } from 'src/core/public'; +import { AuthenticationServiceSetup } from '../authentication_service'; + +interface CreateDeps { + application: CoreSetup['application']; + authc: AuthenticationServiceSetup; + getStartServices: CoreSetup['getStartServices']; +} + +export const overwrittenSessionApp = Object.freeze({ + id: 'security_overwritten_session', + create({ application, authc, getStartServices }: CreateDeps) { + application.register({ + id: this.id, + title: i18n.translate('xpack.security.overwrittenSessionAppTitle', { + defaultMessage: 'Overwritten Session', + }), + chromeless: true, + appRoute: '/security/overwritten_session', + async mount({ element }: AppMountParameters) { + const [[coreStart], { renderOverwrittenSessionPage }] = await Promise.all([ + getStartServices(), + import('./overwritten_session_page'), + ]); + return renderOverwrittenSessionPage(coreStart.i18n, element, { + authc, + basePath: coreStart.http.basePath, + }); + }, + }); + }, +}); diff --git a/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_page.test.tsx b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_page.test.tsx new file mode 100644 index 0000000000000..7422319951a8a --- /dev/null +++ b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_page.test.tsx @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { act } from '@testing-library/react'; +import { mountWithIntl, nextTick } from 'test_utils/enzyme_helpers'; +import { OverwrittenSessionPage } from './overwritten_session_page'; + +import { coreMock } from '../../../../../../src/core/public/mocks'; +import { authenticationMock } from '../index.mock'; +import { mockAuthenticatedUser } from '../../../common/model/authenticated_user.mock'; +import { AuthenticationStatePage } from '../components/authentication_state_page'; + +describe('OverwrittenSessionPage', () => { + it('renders as expected', async () => { + const basePathMock = coreMock.createStart({ basePath: '/mock-base-path' }).http.basePath; + const authenticationSetupMock = authenticationMock.createSetup(); + authenticationSetupMock.getCurrentUser.mockResolvedValue( + mockAuthenticatedUser({ username: 'mock-user' }) + ); + + const wrapper = mountWithIntl( + + ); + + // Shouldn't render anything if username isn't yet available. + expect(wrapper.isEmptyRender()).toBe(true); + + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + expect(wrapper.find(AuthenticationStatePage)).toMatchSnapshot(); + }); +}); diff --git a/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_page.tsx b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_page.tsx new file mode 100644 index 0000000000000..1093957761d1c --- /dev/null +++ b/x-pack/plugins/security/public/authentication/overwritten_session/overwritten_session_page.tsx @@ -0,0 +1,63 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { useEffect, useState } from 'react'; +import ReactDOM from 'react-dom'; +import { EuiButton } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { CoreStart, IBasePath } from 'src/core/public'; +import { AuthenticationServiceSetup } from '../authentication_service'; +import { AuthenticationStatePage } from '../components'; + +interface Props { + basePath: IBasePath; + authc: AuthenticationServiceSetup; +} + +export function OverwrittenSessionPage({ authc, basePath }: Props) { + const [username, setUsername] = useState(null); + useEffect(() => { + authc.getCurrentUser().then(user => setUsername(user.username)); + }, [authc]); + + if (username == null) { + return null; + } + + return ( + + } + > + + + + + ); +} + +export function renderOverwrittenSessionPage( + i18nStart: CoreStart['i18n'], + element: Element, + props: Props +) { + ReactDOM.render( + + + , + element + ); + + return () => ReactDOM.unmountComponentAtNode(element); +} diff --git a/x-pack/legacy/plugins/security/public/hacks/register_account_management_app.ts b/x-pack/plugins/security/public/config.ts similarity index 78% rename from x-pack/legacy/plugins/security/public/hacks/register_account_management_app.ts rename to x-pack/plugins/security/public/config.ts index 4fdc2358246b9..56bd02976c1b4 100644 --- a/x-pack/legacy/plugins/security/public/hacks/register_account_management_app.ts +++ b/x-pack/plugins/security/public/config.ts @@ -4,4 +4,6 @@ * you may not use this file except in compliance with the Elastic License. */ -import '../views/account/account'; +export interface ConfigType { + loginAssistanceMessage: string; +} diff --git a/x-pack/plugins/security/public/index.scss b/x-pack/plugins/security/public/index.scss index 1bdb8cc178fdf..999639ba22eb7 100644 --- a/x-pack/plugins/security/public/index.scss +++ b/x-pack/plugins/security/public/index.scss @@ -1,4 +1,7 @@ $secFormWidth: 460px; +// Authentication styles +@import './authentication/index'; + // Management styles @import './management/index'; diff --git a/x-pack/plugins/security/public/index.ts b/x-pack/plugins/security/public/index.ts index 1c525dc6b9187..fdb8b544d61d3 100644 --- a/x-pack/plugins/security/public/index.ts +++ b/x-pack/plugins/security/public/index.ts @@ -5,7 +5,7 @@ */ import './index.scss'; -import { PluginInitializer } from 'src/core/public'; +import { PluginInitializer, PluginInitializerContext } from 'src/core/public'; import { SecurityPlugin, SecurityPluginSetup, SecurityPluginStart } from './plugin'; export { SecurityPluginSetup, SecurityPluginStart }; @@ -13,5 +13,6 @@ export { SessionInfo } from './types'; export { AuthenticatedUser } from '../common/model'; export { SecurityLicense, SecurityLicenseFeatures } from '../common/licensing'; -export const plugin: PluginInitializer = () => - new SecurityPlugin(); +export const plugin: PluginInitializer = ( + initializerContext: PluginInitializerContext +) => new SecurityPlugin(initializerContext); diff --git a/x-pack/plugins/security/public/nav_control/nav_control_service.test.ts b/x-pack/plugins/security/public/nav_control/nav_control_service.test.ts index cd66868edd700..66731cf19006d 100644 --- a/x-pack/plugins/security/public/nav_control/nav_control_service.test.ts +++ b/x-pack/plugins/security/public/nav_control/nav_control_service.test.ts @@ -38,6 +38,7 @@ describe('SecurityNavControlService', () => { navControlService.setup({ securityLicense: new SecurityLicenseService().setup({ license$ }).license, authc: mockSecuritySetup.authc, + logoutUrl: '/some/logout/url', }); const coreStart = coreMock.createStart(); @@ -100,6 +101,7 @@ describe('SecurityNavControlService', () => { navControlService.setup({ securityLicense: new SecurityLicenseService().setup({ license$ }).license, authc: securityMock.createSetup().authc, + logoutUrl: '/some/logout/url', }); const coreStart = coreMock.createStart(); @@ -119,6 +121,7 @@ describe('SecurityNavControlService', () => { navControlService.setup({ securityLicense: new SecurityLicenseService().setup({ license$ }).license, authc: securityMock.createSetup().authc, + logoutUrl: '/some/logout/url', }); const coreStart = coreMock.createStart(); @@ -135,6 +138,7 @@ describe('SecurityNavControlService', () => { navControlService.setup({ securityLicense: new SecurityLicenseService().setup({ license$ }).license, authc: securityMock.createSetup().authc, + logoutUrl: '/some/logout/url', }); const coreStart = coreMock.createStart(); @@ -156,6 +160,7 @@ describe('SecurityNavControlService', () => { navControlService.setup({ securityLicense: new SecurityLicenseService().setup({ license$ }).license, authc: securityMock.createSetup().authc, + logoutUrl: '/some/logout/url', }); const coreStart = coreMock.createStart(); diff --git a/x-pack/plugins/security/public/nav_control/nav_control_service.tsx b/x-pack/plugins/security/public/nav_control/nav_control_service.tsx index 813304148ec77..aa3ec2e47469d 100644 --- a/x-pack/plugins/security/public/nav_control/nav_control_service.tsx +++ b/x-pack/plugins/security/public/nav_control/nav_control_service.tsx @@ -15,6 +15,7 @@ import { AuthenticationServiceSetup } from '../authentication'; interface SetupDeps { securityLicense: SecurityLicense; authc: AuthenticationServiceSetup; + logoutUrl: string; } interface StartDeps { @@ -24,14 +25,16 @@ interface StartDeps { export class SecurityNavControlService { private securityLicense!: SecurityLicense; private authc!: AuthenticationServiceSetup; + private logoutUrl!: string; private navControlRegistered!: boolean; private securityFeaturesSubscription?: Subscription; - public setup({ securityLicense, authc }: SetupDeps) { + public setup({ securityLicense, authc, logoutUrl }: SetupDeps) { this.securityLicense = securityLicense; this.authc = authc; + this.logoutUrl = logoutUrl; } public start({ core }: StartDeps) { @@ -65,12 +68,10 @@ export class SecurityNavControlService { mount: (el: HTMLElement) => { const I18nContext = core.i18n.Context; - const logoutUrl = core.injectedMetadata.getInjectedVar('logoutUrl') as string; - const props = { user: currentUserPromise, - editProfileUrl: core.http.basePath.prepend('/app/kibana#/account'), - logoutUrl, + editProfileUrl: core.http.basePath.prepend('/security/account'), + logoutUrl: this.logoutUrl, }; ReactDOM.render( diff --git a/x-pack/plugins/security/public/plugin.test.tsx b/x-pack/plugins/security/public/plugin.test.tsx new file mode 100644 index 0000000000000..3d0ef3b2cabc7 --- /dev/null +++ b/x-pack/plugins/security/public/plugin.test.tsx @@ -0,0 +1,147 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Observable } from 'rxjs'; +import BroadcastChannel from 'broadcast-channel'; +import { CoreSetup } from 'src/core/public'; +import { DataPublicPluginStart } from '../../../../src/plugins/data/public'; +import { SessionTimeout } from './session'; +import { PluginStartDependencies, SecurityPlugin } from './plugin'; + +import { coreMock } from '../../../../src/core/public/mocks'; +import { managementPluginMock } from '../../../../src/plugins/management/public/mocks'; +import { licensingMock } from '../../licensing/public/mocks'; +import { ManagementService } from './management'; + +describe('Security Plugin', () => { + beforeAll(() => { + BroadcastChannel.enforceOptions({ type: 'simulate' }); + }); + afterAll(() => { + BroadcastChannel.enforceOptions(null); + }); + + describe('#setup', () => { + it('should be able to setup if optional plugins are not available', () => { + const plugin = new SecurityPlugin(coreMock.createPluginInitializerContext()); + expect( + plugin.setup( + coreMock.createSetup({ basePath: '/some-base-path' }) as CoreSetup< + PluginStartDependencies + >, + { licensing: licensingMock.createSetup() } + ) + ).toEqual({ + __legacyCompat: { logoutUrl: '/some-base-path/logout', tenant: '/some-base-path' }, + authc: { getCurrentUser: expect.any(Function) }, + license: { + isEnabled: expect.any(Function), + getFeatures: expect.any(Function), + features$: expect.any(Observable), + }, + sessionTimeout: expect.any(SessionTimeout), + }); + }); + + it('setups Management Service if `management` plugin is available', () => { + const coreSetupMock = coreMock.createSetup({ basePath: '/some-base-path' }); + const setupManagementServiceMock = jest + .spyOn(ManagementService.prototype, 'setup') + .mockImplementation(() => {}); + const managementSetupMock = managementPluginMock.createSetupContract(); + + const plugin = new SecurityPlugin(coreMock.createPluginInitializerContext()); + + plugin.setup(coreSetupMock as CoreSetup, { + licensing: licensingMock.createSetup(), + management: managementSetupMock, + }); + + expect(setupManagementServiceMock).toHaveBeenCalledTimes(1); + expect(setupManagementServiceMock).toHaveBeenCalledWith({ + authc: { getCurrentUser: expect.any(Function) }, + license: { + isEnabled: expect.any(Function), + getFeatures: expect.any(Function), + features$: expect.any(Observable), + }, + management: managementSetupMock, + fatalErrors: coreSetupMock.fatalErrors, + getStartServices: coreSetupMock.getStartServices, + }); + }); + }); + + describe('#start', () => { + it('should be able to setup if optional plugins are not available', () => { + const plugin = new SecurityPlugin(coreMock.createPluginInitializerContext()); + plugin.setup( + coreMock.createSetup({ basePath: '/some-base-path' }) as CoreSetup, + { licensing: licensingMock.createSetup() } + ); + + expect( + plugin.start(coreMock.createStart({ basePath: '/some-base-path' }), { + data: {} as DataPublicPluginStart, + }) + ).toBeUndefined(); + }); + + it('starts Management Service if `management` plugin is available', () => { + jest.spyOn(ManagementService.prototype, 'setup').mockImplementation(() => {}); + const startManagementServiceMock = jest + .spyOn(ManagementService.prototype, 'start') + .mockImplementation(() => {}); + const managementSetupMock = managementPluginMock.createSetupContract(); + const managementStartMock = managementPluginMock.createStartContract(); + + const plugin = new SecurityPlugin(coreMock.createPluginInitializerContext()); + + plugin.setup( + coreMock.createSetup({ basePath: '/some-base-path' }) as CoreSetup, + { + licensing: licensingMock.createSetup(), + management: managementSetupMock, + } + ); + + plugin.start(coreMock.createStart({ basePath: '/some-base-path' }), { + data: {} as DataPublicPluginStart, + management: managementStartMock, + }); + + expect(startManagementServiceMock).toHaveBeenCalledTimes(1); + expect(startManagementServiceMock).toHaveBeenCalledWith({ management: managementStartMock }); + }); + }); + + describe('#stop', () => { + it('does not fail if called before `start`.', () => { + const plugin = new SecurityPlugin(coreMock.createPluginInitializerContext()); + plugin.setup( + coreMock.createSetup({ basePath: '/some-base-path' }) as CoreSetup, + { licensing: licensingMock.createSetup() } + ); + + expect(() => plugin.stop()).not.toThrow(); + }); + + it('does not fail if called during normal plugin life cycle.', () => { + const plugin = new SecurityPlugin(coreMock.createPluginInitializerContext()); + + plugin.setup( + coreMock.createSetup({ basePath: '/some-base-path' }) as CoreSetup, + { licensing: licensingMock.createSetup() } + ); + + plugin.start(coreMock.createStart({ basePath: '/some-base-path' }), { + data: {} as DataPublicPluginStart, + }); + + expect(() => plugin.stop()).not.toThrow(); + }); + }); +}); diff --git a/x-pack/plugins/security/public/plugin.tsx b/x-pack/plugins/security/public/plugin.tsx index 8e5c4f87e3647..dcd90b1738f10 100644 --- a/x-pack/plugins/security/public/plugin.tsx +++ b/x-pack/plugins/security/public/plugin.tsx @@ -4,9 +4,13 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Plugin, CoreSetup, CoreStart } from 'src/core/public'; import { i18n } from '@kbn/i18n'; -import React from 'react'; +import { + CoreSetup, + CoreStart, + Plugin, + PluginInitializerContext, +} from '../../../../src/core/public'; import { DataPublicPluginStart } from '../../../../src/plugins/data/public'; import { FeatureCatalogueCategory, @@ -15,17 +19,18 @@ import { import { LicensingPluginSetup } from '../../licensing/public'; import { ManagementSetup, ManagementStart } from '../../../../src/plugins/management/public'; import { + ISessionTimeout, SessionExpired, SessionTimeout, - ISessionTimeout, SessionTimeoutHttpInterceptor, UnauthorizedResponseHttpInterceptor, } from './session'; import { SecurityLicenseService } from '../common/licensing'; import { SecurityNavControlService } from './nav_control'; -import { AccountManagementPage } from './account_management'; import { AuthenticationService, AuthenticationServiceSetup } from './authentication'; -import { ManagementService, UserAPIClient } from './management'; +import { ConfigType } from './config'; +import { ManagementService } from './management'; +import { accountManagementApp } from './account_management'; export interface PluginSetupDependencies { licensing: LicensingPluginSetup; @@ -47,23 +52,27 @@ export class SecurityPlugin PluginStartDependencies > { private sessionTimeout!: ISessionTimeout; + private readonly authenticationService = new AuthenticationService(); private readonly navControlService = new SecurityNavControlService(); private readonly securityLicenseService = new SecurityLicenseService(); private readonly managementService = new ManagementService(); private authc!: AuthenticationServiceSetup; + private readonly config: ConfigType; + + constructor(private readonly initializerContext: PluginInitializerContext) { + this.config = this.initializerContext.config.get(); + } public setup( core: CoreSetup, { home, licensing, management }: PluginSetupDependencies ) { - const { http, notifications, injectedMetadata } = core; + const { http, notifications } = core; const { anonymousPaths } = http; - anonymousPaths.register('/login'); - anonymousPaths.register('/logout'); - anonymousPaths.register('/logged_out'); - const tenant = injectedMetadata.getInjectedVar('session.tenant', '') as string; - const logoutUrl = injectedMetadata.getInjectedVar('logoutUrl') as string; + const logoutUrl = `${core.http.basePath.serverBasePath}/logout`; + const tenant = core.http.basePath.serverBasePath; + const sessionExpired = new SessionExpired(logoutUrl, tenant); http.intercept(new UnauthorizedResponseHttpInterceptor(sessionExpired, anonymousPaths)); this.sessionTimeout = new SessionTimeout(notifications, sessionExpired, http, tenant); @@ -71,11 +80,23 @@ export class SecurityPlugin const { license } = this.securityLicenseService.setup({ license$: licensing.license$ }); - this.authc = new AuthenticationService().setup({ http: core.http }); + this.authc = this.authenticationService.setup({ + application: core.application, + config: this.config, + getStartServices: core.getStartServices, + http: core.http, + }); this.navControlService.setup({ securityLicense: license, authc: this.authc, + logoutUrl, + }); + + accountManagementApp.create({ + authc: this.authc, + application: core.application, + getStartServices: core.getStartServices, }); if (management) { @@ -109,6 +130,7 @@ export class SecurityPlugin authc: this.authc, sessionTimeout: this.sessionTimeout, license, + __legacyCompat: { logoutUrl, tenant }, }; } @@ -119,22 +141,6 @@ export class SecurityPlugin if (management) { this.managementService.start({ management }); } - - return { - __legacyCompat: { - account_management: { - AccountManagementPage: () => ( - - - - ), - }, - }, - }; } public stop() { diff --git a/x-pack/plugins/security/server/authentication/authenticator.ts b/x-pack/plugins/security/server/authentication/authenticator.ts index 4954e1b24216c..e2e2d12917394 100644 --- a/x-pack/plugins/security/server/authentication/authenticator.ts +++ b/x-pack/plugins/security/server/authentication/authenticator.ts @@ -192,7 +192,6 @@ export class Authenticator { client: this.options.clusterClient, logger: this.options.loggers.get('tokens'), }), - isProviderEnabled: this.isProviderEnabled.bind(this), }; const authProviders = this.options.config.authc.providers; diff --git a/x-pack/plugins/security/server/authentication/providers/kerberos.test.ts b/x-pack/plugins/security/server/authentication/providers/kerberos.test.ts index 51fb961482e83..955805296e2bd 100644 --- a/x-pack/plugins/security/server/authentication/providers/kerberos.test.ts +++ b/x-pack/plugins/security/server/authentication/providers/kerberos.test.ts @@ -494,7 +494,7 @@ describe('KerberosAuthenticationProvider', () => { mockOptions.tokens.invalidate.mockResolvedValue(undefined); await expect(provider.logout(request, tokenPair)).resolves.toEqual( - DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out') + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') ); expect(mockOptions.tokens.invalidate).toHaveBeenCalledTimes(1); diff --git a/x-pack/plugins/security/server/authentication/providers/kerberos.ts b/x-pack/plugins/security/server/authentication/providers/kerberos.ts index b6474a5e1d471..632a07ca2b21a 100644 --- a/x-pack/plugins/security/server/authentication/providers/kerberos.ts +++ b/x-pack/plugins/security/server/authentication/providers/kerberos.ts @@ -91,7 +91,9 @@ export class KerberosAuthenticationProvider extends BaseAuthenticationProvider { return DeauthenticationResult.failed(err); } - return DeauthenticationResult.redirectTo(`${this.options.basePath.serverBasePath}/logged_out`); + return DeauthenticationResult.redirectTo( + `${this.options.basePath.serverBasePath}/security/logged_out` + ); } /** diff --git a/x-pack/plugins/security/server/authentication/providers/oidc.test.ts b/x-pack/plugins/security/server/authentication/providers/oidc.test.ts index 51a25825bf985..6a4ba1ccb41e2 100644 --- a/x-pack/plugins/security/server/authentication/providers/oidc.test.ts +++ b/x-pack/plugins/security/server/authentication/providers/oidc.test.ts @@ -575,7 +575,7 @@ describe('OIDCAuthenticationProvider', () => { mockOptions.client.callAsInternalUser.mockResolvedValue({ redirect: null }); await expect(provider.logout(request, { accessToken, refreshToken })).resolves.toEqual( - DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out') + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); diff --git a/x-pack/plugins/security/server/authentication/providers/oidc.ts b/x-pack/plugins/security/server/authentication/providers/oidc.ts index c6b504e722adf..d52466826c2be 100644 --- a/x-pack/plugins/security/server/authentication/providers/oidc.ts +++ b/x-pack/plugins/security/server/authentication/providers/oidc.ts @@ -395,7 +395,7 @@ export class OIDCAuthenticationProvider extends BaseAuthenticationProvider { } return DeauthenticationResult.redirectTo( - `${this.options.basePath.serverBasePath}/logged_out` + `${this.options.basePath.serverBasePath}/security/logged_out` ); } catch (err) { this.logger.debug(`Failed to deauthenticate user: ${err.message}`); diff --git a/x-pack/plugins/security/server/authentication/providers/pki.test.ts b/x-pack/plugins/security/server/authentication/providers/pki.test.ts index efc286c6c895f..044416032a4c3 100644 --- a/x-pack/plugins/security/server/authentication/providers/pki.test.ts +++ b/x-pack/plugins/security/server/authentication/providers/pki.test.ts @@ -511,7 +511,7 @@ describe('PKIAuthenticationProvider', () => { mockOptions.tokens.invalidate.mockResolvedValue(undefined); await expect(provider.logout(request, state)).resolves.toEqual( - DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out') + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') ); expect(mockOptions.tokens.invalidate).toHaveBeenCalledTimes(1); diff --git a/x-pack/plugins/security/server/authentication/providers/pki.ts b/x-pack/plugins/security/server/authentication/providers/pki.ts index 854f92a50fa9d..252ab8cc67144 100644 --- a/x-pack/plugins/security/server/authentication/providers/pki.ts +++ b/x-pack/plugins/security/server/authentication/providers/pki.ts @@ -98,7 +98,9 @@ export class PKIAuthenticationProvider extends BaseAuthenticationProvider { return DeauthenticationResult.failed(err); } - return DeauthenticationResult.redirectTo(`${this.options.basePath.serverBasePath}/logged_out`); + return DeauthenticationResult.redirectTo( + `${this.options.basePath.serverBasePath}/security/logged_out` + ); } /** diff --git a/x-pack/plugins/security/server/authentication/providers/saml.test.ts b/x-pack/plugins/security/server/authentication/providers/saml.test.ts index d97a6c0838b86..e00d3b89fb0bf 100644 --- a/x-pack/plugins/security/server/authentication/providers/saml.test.ts +++ b/x-pack/plugins/security/server/authentication/providers/saml.test.ts @@ -365,7 +365,7 @@ describe('SAMLAuthenticationProvider', () => { state ) ).resolves.toEqual( - AuthenticationResult.redirectTo('/base-path/overwritten_session', { + AuthenticationResult.redirectTo('/mock-server-basepath/security/overwritten_session', { state: { username: 'new-user', accessToken: 'new-valid-token', @@ -959,7 +959,7 @@ describe('SAMLAuthenticationProvider', () => { }); }); - it('redirects to /logged_out if `redirect` field in SAML logout response is null.', async () => { + it('redirects to /security/logged_out if `redirect` field in SAML logout response is null.', async () => { const request = httpServerMock.createKibanaRequest(); const accessToken = 'x-saml-token'; const refreshToken = 'x-saml-refresh-token'; @@ -968,7 +968,9 @@ describe('SAMLAuthenticationProvider', () => { await expect( provider.logout(request, { username: 'user', accessToken, refreshToken }) - ).resolves.toEqual(DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out')); + ).resolves.toEqual( + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') + ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledWith('shield.samlLogout', { @@ -976,7 +978,7 @@ describe('SAMLAuthenticationProvider', () => { }); }); - it('redirects to /logged_out if `redirect` field in SAML logout response is not defined.', async () => { + it('redirects to /security/logged_out if `redirect` field in SAML logout response is not defined.', async () => { const request = httpServerMock.createKibanaRequest(); const accessToken = 'x-saml-token'; const refreshToken = 'x-saml-refresh-token'; @@ -985,7 +987,9 @@ describe('SAMLAuthenticationProvider', () => { await expect( provider.logout(request, { username: 'user', accessToken, refreshToken }) - ).resolves.toEqual(DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out')); + ).resolves.toEqual( + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') + ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledWith('shield.samlLogout', { @@ -1004,7 +1008,9 @@ describe('SAMLAuthenticationProvider', () => { await expect( provider.logout(request, { username: 'user', accessToken, refreshToken }) - ).resolves.toEqual(DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out')); + ).resolves.toEqual( + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') + ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledWith('shield.samlLogout', { @@ -1023,7 +1029,9 @@ describe('SAMLAuthenticationProvider', () => { accessToken: 'x-saml-token', refreshToken: 'x-saml-refresh-token', }) - ).resolves.toEqual(DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out')); + ).resolves.toEqual( + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') + ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledWith('shield.samlInvalidate', { @@ -1031,13 +1039,13 @@ describe('SAMLAuthenticationProvider', () => { }); }); - it('redirects to /logged_out if `redirect` field in SAML invalidate response is null.', async () => { + it('redirects to /security/logged_out if `redirect` field in SAML invalidate response is null.', async () => { const request = httpServerMock.createKibanaRequest({ query: { SAMLRequest: 'xxx yyy' } }); mockOptions.client.callAsInternalUser.mockResolvedValue({ redirect: null }); await expect(provider.logout(request)).resolves.toEqual( - DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out') + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); @@ -1046,13 +1054,13 @@ describe('SAMLAuthenticationProvider', () => { }); }); - it('redirects to /logged_out if `redirect` field in SAML invalidate response is not defined.', async () => { + it('redirects to /security/logged_out if `redirect` field in SAML invalidate response is not defined.', async () => { const request = httpServerMock.createKibanaRequest({ query: { SAMLRequest: 'xxx yyy' } }); mockOptions.client.callAsInternalUser.mockResolvedValue({ redirect: undefined }); await expect(provider.logout(request)).resolves.toEqual( - DeauthenticationResult.redirectTo('/mock-server-basepath/logged_out') + DeauthenticationResult.redirectTo('/mock-server-basepath/security/logged_out') ); expect(mockOptions.client.callAsInternalUser).toHaveBeenCalledTimes(1); diff --git a/x-pack/plugins/security/server/authentication/providers/saml.ts b/x-pack/plugins/security/server/authentication/providers/saml.ts index 1ac59d66a2235..1152ee5048699 100644 --- a/x-pack/plugins/security/server/authentication/providers/saml.ts +++ b/x-pack/plugins/security/server/authentication/providers/saml.ts @@ -231,7 +231,7 @@ export class SAMLAuthenticationProvider extends BaseAuthenticationProvider { } return DeauthenticationResult.redirectTo( - `${this.options.basePath.serverBasePath}/logged_out` + `${this.options.basePath.serverBasePath}/security/logged_out` ); } catch (err) { this.logger.debug(`Failed to deauthenticate user: ${err.message}`); @@ -366,7 +366,7 @@ export class SAMLAuthenticationProvider extends BaseAuthenticationProvider { 'Login initiated by Identity Provider is for a different user than currently authenticated.' ); return AuthenticationResult.redirectTo( - `${this.options.basePath.get(request)}/overwritten_session`, + `${this.options.basePath.serverBasePath}/security/overwritten_session`, { state: newState } ); } diff --git a/x-pack/plugins/security/server/config.test.ts b/x-pack/plugins/security/server/config.test.ts index 64c695670fa19..9f7f2736766ed 100644 --- a/x-pack/plugins/security/server/config.test.ts +++ b/x-pack/plugins/security/server/config.test.ts @@ -14,6 +14,9 @@ describe('config schema', () => { it('generates proper defaults', () => { expect(ConfigSchema.validate({})).toMatchInlineSnapshot(` Object { + "audit": Object { + "enabled": false, + }, "authc": Object { "http": Object { "autoSchemesEnabled": true, @@ -27,6 +30,7 @@ describe('config schema', () => { ], }, "cookieName": "sid", + "enabled": true, "encryptionKey": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "loginAssistanceMessage": "", "secureCookies": false, @@ -39,6 +43,9 @@ describe('config schema', () => { expect(ConfigSchema.validate({}, { dist: false })).toMatchInlineSnapshot(` Object { + "audit": Object { + "enabled": false, + }, "authc": Object { "http": Object { "autoSchemesEnabled": true, @@ -52,6 +59,7 @@ describe('config schema', () => { ], }, "cookieName": "sid", + "enabled": true, "encryptionKey": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "loginAssistanceMessage": "", "secureCookies": false, @@ -64,6 +72,9 @@ describe('config schema', () => { expect(ConfigSchema.validate({}, { dist: true })).toMatchInlineSnapshot(` Object { + "audit": Object { + "enabled": false, + }, "authc": Object { "http": Object { "autoSchemesEnabled": true, @@ -77,6 +88,7 @@ describe('config schema', () => { ], }, "cookieName": "sid", + "enabled": true, "loginAssistanceMessage": "", "secureCookies": false, "session": Object { diff --git a/x-pack/plugins/security/server/config.ts b/x-pack/plugins/security/server/config.ts index 8663a6e61c203..2345249e94bc8 100644 --- a/x-pack/plugins/security/server/config.ts +++ b/x-pack/plugins/security/server/config.ts @@ -24,41 +24,41 @@ const providerOptionsSchema = (providerType: string, optionsSchema: Type) = schema.never() ); -export const ConfigSchema = schema.object( - { - loginAssistanceMessage: schema.string({ defaultValue: '' }), - cookieName: schema.string({ defaultValue: 'sid' }), - encryptionKey: schema.conditional( - schema.contextRef('dist'), - true, - schema.maybe(schema.string({ minLength: 32 })), - schema.string({ minLength: 32, defaultValue: 'a'.repeat(32) }) +export const ConfigSchema = schema.object({ + enabled: schema.boolean({ defaultValue: true }), + loginAssistanceMessage: schema.string({ defaultValue: '' }), + cookieName: schema.string({ defaultValue: 'sid' }), + encryptionKey: schema.conditional( + schema.contextRef('dist'), + true, + schema.maybe(schema.string({ minLength: 32 })), + schema.string({ minLength: 32, defaultValue: 'a'.repeat(32) }) + ), + session: schema.object({ + idleTimeout: schema.nullable(schema.duration()), + lifespan: schema.nullable(schema.duration()), + }), + secureCookies: schema.boolean({ defaultValue: false }), + authc: schema.object({ + providers: schema.arrayOf(schema.string(), { defaultValue: ['basic'], minSize: 1 }), + oidc: providerOptionsSchema('oidc', schema.object({ realm: schema.string() })), + saml: providerOptionsSchema( + 'saml', + schema.object({ + realm: schema.string(), + maxRedirectURLSize: schema.byteSize({ defaultValue: '2kb' }), + }) ), - session: schema.object({ - idleTimeout: schema.nullable(schema.duration()), - lifespan: schema.nullable(schema.duration()), + http: schema.object({ + enabled: schema.boolean({ defaultValue: true }), + autoSchemesEnabled: schema.boolean({ defaultValue: true }), + schemes: schema.arrayOf(schema.string(), { defaultValue: ['apikey'] }), }), - secureCookies: schema.boolean({ defaultValue: false }), - authc: schema.object({ - providers: schema.arrayOf(schema.string(), { defaultValue: ['basic'], minSize: 1 }), - oidc: providerOptionsSchema('oidc', schema.object({ realm: schema.string() })), - saml: providerOptionsSchema( - 'saml', - schema.object({ - realm: schema.string(), - maxRedirectURLSize: schema.byteSize({ defaultValue: '2kb' }), - }) - ), - http: schema.object({ - enabled: schema.boolean({ defaultValue: true }), - autoSchemesEnabled: schema.boolean({ defaultValue: true }), - schemes: schema.arrayOf(schema.string(), { defaultValue: ['apikey'] }), - }), - }), - }, - // This option should be removed as soon as we entirely migrate config from legacy Security plugin. - { allowUnknowns: true } -); + }), + audit: schema.object({ + enabled: schema.boolean({ defaultValue: false }), + }), +}); export function createConfig$(context: PluginInitializerContext, isTLSEnabled: boolean) { return context.config.create>().pipe( diff --git a/x-pack/plugins/security/server/index.ts b/x-pack/plugins/security/server/index.ts index e1167af0be7f0..0b17f0554fac8 100644 --- a/x-pack/plugins/security/server/index.ts +++ b/x-pack/plugins/security/server/index.ts @@ -44,6 +44,9 @@ export const config: PluginConfigDescriptor> = { return settings; }, ], + exposeToBrowser: { + loginAssistanceMessage: true, + }, }; export const plugin: PluginInitializer< RecursiveReadonly, diff --git a/x-pack/plugins/security/server/plugin.test.ts b/x-pack/plugins/security/server/plugin.test.ts index 6f5c79e873e86..a1ef352056d6a 100644 --- a/x-pack/plugins/security/server/plugin.test.ts +++ b/x-pack/plugins/security/server/plugin.test.ts @@ -50,8 +50,6 @@ describe('Security Plugin', () => { Object { "__legacyCompat": Object { "config": Object { - "cookieName": "sid", - "loginAssistanceMessage": undefined, "secureCookies": true, }, "license": Object { diff --git a/x-pack/plugins/security/server/plugin.ts b/x-pack/plugins/security/server/plugin.ts index 328f2917fd550..13300ee55eba0 100644 --- a/x-pack/plugins/security/server/plugin.ts +++ b/x-pack/plugins/security/server/plugin.ts @@ -65,11 +65,7 @@ export interface SecurityPluginSetup { registerLegacyAPI: (legacyAPI: LegacyAPI) => void; registerPrivilegesWithCluster: () => void; license: SecurityLicense; - config: RecursiveReadonly<{ - secureCookies: boolean; - cookieName: string; - loginAssistanceMessage: string; - }>; + config: RecursiveReadonly<{ secureCookies: boolean }>; }; } @@ -161,6 +157,7 @@ export class Plugin { authc, authz, csp: core.http.csp, + license, }); return deepFreeze({ @@ -187,13 +184,10 @@ export class Plugin { license, - // We should stop exposing this config as soon as only new platform plugin consumes it. The only - // exception may be `sessionTimeout` as other parts of the app may want to know it. - config: { - loginAssistanceMessage: config.loginAssistanceMessage, - secureCookies: config.secureCookies, - cookieName: config.cookieName, - }, + // We should stop exposing this config as soon as only new platform plugin consumes it. + // This is only currently required because we use legacy code to inject this as metadata + // for consumption by public code in the new platform. + config: { secureCookies: config.secureCookies }, }, }); } diff --git a/x-pack/plugins/security/server/routes/authentication/basic.test.ts b/x-pack/plugins/security/server/routes/authentication/basic.test.ts index cc1c94d799be6..694d0fca97a2c 100644 --- a/x-pack/plugins/security/server/routes/authentication/basic.test.ts +++ b/x-pack/plugins/security/server/routes/authentication/basic.test.ts @@ -14,27 +14,21 @@ import { } from '../../../../../../src/core/server'; import { LICENSE_CHECK_STATE } from '../../../../licensing/server'; import { Authentication, AuthenticationResult } from '../../authentication'; -import { ConfigType } from '../../config'; import { defineBasicRoutes } from './basic'; -import { - elasticsearchServiceMock, - httpServerMock, - httpServiceMock, - loggingServiceMock, -} from '../../../../../../src/core/server/mocks'; +import { httpServerMock } from '../../../../../../src/core/server/mocks'; import { mockAuthenticatedUser } from '../../../common/model/authenticated_user.mock'; -import { authenticationMock } from '../../authentication/index.mock'; -import { authorizationMock } from '../../authorization/index.mock'; +import { routeDefinitionParamsMock } from '../index.mock'; describe('Basic authentication routes', () => { let router: jest.Mocked; let authc: jest.Mocked; let mockContext: RequestHandlerContext; beforeEach(() => { - router = httpServiceMock.createRouter(); + const routeParamsMock = routeDefinitionParamsMock.create(); + router = routeParamsMock.router; - authc = authenticationMock.create(); + authc = routeParamsMock.authc; authc.isProviderEnabled.mockImplementation(provider => provider === 'basic'); mockContext = ({ @@ -43,16 +37,7 @@ describe('Basic authentication routes', () => { }, } as unknown) as RequestHandlerContext; - defineBasicRoutes({ - router, - clusterClient: elasticsearchServiceMock.createClusterClient(), - basePath: httpServiceMock.createBasePath(), - logger: loggingServiceMock.create().get(), - config: { authc: { providers: ['saml'] } } as ConfigType, - authc, - authz: authorizationMock.create(), - csp: httpServiceMock.createSetupContract().csp, - }); + defineBasicRoutes(routeParamsMock); }); describe('login', () => { diff --git a/x-pack/plugins/security/server/routes/authentication/common.test.ts b/x-pack/plugins/security/server/routes/authentication/common.test.ts index 4666b5abad756..b611ffffee935 100644 --- a/x-pack/plugins/security/server/routes/authentication/common.test.ts +++ b/x-pack/plugins/security/server/routes/authentication/common.test.ts @@ -14,26 +14,20 @@ import { } from '../../../../../../src/core/server'; import { LICENSE_CHECK_STATE } from '../../../../licensing/server'; import { Authentication, DeauthenticationResult } from '../../authentication'; -import { ConfigType } from '../../config'; import { defineCommonRoutes } from './common'; -import { - elasticsearchServiceMock, - httpServerMock, - httpServiceMock, - loggingServiceMock, -} from '../../../../../../src/core/server/mocks'; +import { httpServerMock } from '../../../../../../src/core/server/mocks'; import { mockAuthenticatedUser } from '../../../common/model/authenticated_user.mock'; -import { authenticationMock } from '../../authentication/index.mock'; -import { authorizationMock } from '../../authorization/index.mock'; +import { routeDefinitionParamsMock } from '../index.mock'; describe('Common authentication routes', () => { let router: jest.Mocked; let authc: jest.Mocked; let mockContext: RequestHandlerContext; beforeEach(() => { - router = httpServiceMock.createRouter(); - authc = authenticationMock.create(); + const routeParamsMock = routeDefinitionParamsMock.create(); + router = routeParamsMock.router; + authc = routeParamsMock.authc; mockContext = ({ licensing: { @@ -41,16 +35,7 @@ describe('Common authentication routes', () => { }, } as unknown) as RequestHandlerContext; - defineCommonRoutes({ - router, - clusterClient: elasticsearchServiceMock.createClusterClient(), - basePath: httpServiceMock.createBasePath(), - logger: loggingServiceMock.create().get(), - config: { authc: { providers: ['saml'] } } as ConfigType, - authc, - authz: authorizationMock.create(), - csp: httpServiceMock.createSetupContract().csp, - }); + defineCommonRoutes(routeParamsMock); }); describe('logout', () => { diff --git a/x-pack/plugins/security/server/routes/authentication/index.test.ts b/x-pack/plugins/security/server/routes/authentication/index.test.ts index 5450dfafa5e49..bb7c7fb9ceb99 100644 --- a/x-pack/plugins/security/server/routes/authentication/index.test.ts +++ b/x-pack/plugins/security/server/routes/authentication/index.test.ts @@ -5,30 +5,15 @@ */ import { defineAuthenticationRoutes } from '.'; -import { ConfigType } from '../../config'; -import { - elasticsearchServiceMock, - httpServiceMock, - loggingServiceMock, -} from '../../../../../../src/core/server/mocks'; -import { authenticationMock } from '../../authentication/index.mock'; -import { authorizationMock } from '../../authorization/index.mock'; +import { routeDefinitionParamsMock } from '../index.mock'; describe('Authentication routes', () => { it('does not register any SAML related routes if SAML auth provider is not enabled', () => { - const router = httpServiceMock.createRouter(); + const routeParamsMock = routeDefinitionParamsMock.create(); + const router = routeParamsMock.router; - defineAuthenticationRoutes({ - router, - clusterClient: elasticsearchServiceMock.createClusterClient(), - basePath: httpServiceMock.createBasePath(), - logger: loggingServiceMock.create().get(), - config: { authc: { providers: ['basic'] } } as ConfigType, - authc: authenticationMock.create(), - authz: authorizationMock.create(), - csp: httpServiceMock.createSetupContract().csp, - }); + defineAuthenticationRoutes(routeParamsMock); const samlRoutePathPredicate = ([{ path }]: [{ path: string }, any]) => path.startsWith('/api/security/saml/'); diff --git a/x-pack/plugins/security/server/routes/authentication/saml.test.ts b/x-pack/plugins/security/server/routes/authentication/saml.test.ts index b6447273c2559..b4434715a72ba 100644 --- a/x-pack/plugins/security/server/routes/authentication/saml.test.ts +++ b/x-pack/plugins/security/server/routes/authentication/saml.test.ts @@ -7,36 +7,21 @@ import { Type } from '@kbn/config-schema'; import { Authentication, AuthenticationResult, SAMLLoginStep } from '../../authentication'; import { defineSAMLRoutes } from './saml'; -import { ConfigType } from '../../config'; import { IRouter, RequestHandler, RouteConfig } from '../../../../../../src/core/server'; -import { - elasticsearchServiceMock, - httpServerMock, - httpServiceMock, - loggingServiceMock, -} from '../../../../../../src/core/server/mocks'; -import { authenticationMock } from '../../authentication/index.mock'; +import { httpServerMock } from '../../../../../../src/core/server/mocks'; import { mockAuthenticatedUser } from '../../../common/model/authenticated_user.mock'; -import { authorizationMock } from '../../authorization/index.mock'; +import { routeDefinitionParamsMock } from '../index.mock'; describe('SAML authentication routes', () => { let router: jest.Mocked; let authc: jest.Mocked; beforeEach(() => { - router = httpServiceMock.createRouter(); - authc = authenticationMock.create(); - - defineSAMLRoutes({ - router, - clusterClient: elasticsearchServiceMock.createClusterClient(), - basePath: httpServiceMock.createBasePath(), - logger: loggingServiceMock.create().get(), - config: { authc: { providers: ['saml'] } } as ConfigType, - authc, - authz: authorizationMock.create(), - csp: httpServiceMock.createSetupContract().csp, - }); + const routeParamsMock = routeDefinitionParamsMock.create(); + router = routeParamsMock.router; + authc = routeParamsMock.authc; + + defineSAMLRoutes(routeParamsMock); }); describe('Assertion consumer service endpoint', () => { diff --git a/x-pack/plugins/security/server/routes/index.mock.ts b/x-pack/plugins/security/server/routes/index.mock.ts index 8a32e6b00bdf4..0821ed8b96af9 100644 --- a/x-pack/plugins/security/server/routes/index.mock.ts +++ b/x-pack/plugins/security/server/routes/index.mock.ts @@ -12,6 +12,7 @@ import { import { authenticationMock } from '../authentication/index.mock'; import { authorizationMock } from '../authorization/index.mock'; import { ConfigSchema } from '../config'; +import { licenseMock } from '../../common/licensing/index.mock'; export const routeDefinitionParamsMock = { create: () => ({ @@ -23,5 +24,6 @@ export const routeDefinitionParamsMock = { config: { ...ConfigSchema.validate({}), encryptionKey: 'some-enc-key' }, authc: authenticationMock.create(), authz: authorizationMock.create(), + license: licenseMock.create(), }), }; diff --git a/x-pack/plugins/security/server/routes/index.ts b/x-pack/plugins/security/server/routes/index.ts index 01df67cacb800..a372fcf092707 100644 --- a/x-pack/plugins/security/server/routes/index.ts +++ b/x-pack/plugins/security/server/routes/index.ts @@ -5,6 +5,7 @@ */ import { CoreSetup, IClusterClient, IRouter, Logger } from '../../../../../src/core/server'; +import { SecurityLicense } from '../../common/licensing'; import { Authentication } from '../authentication'; import { Authorization } from '../authorization'; import { ConfigType } from '../config'; @@ -15,6 +16,7 @@ import { defineApiKeysRoutes } from './api_keys'; import { defineIndicesRoutes } from './indices'; import { defineUsersRoutes } from './users'; import { defineRoleMappingRoutes } from './role_mapping'; +import { defineViewRoutes } from './views'; /** * Describes parameters used to define HTTP routes. @@ -28,6 +30,7 @@ export interface RouteDefinitionParams { config: ConfigType; authc: Authentication; authz: Authorization; + license: SecurityLicense; } export function defineRoutes(params: RouteDefinitionParams) { @@ -37,4 +40,5 @@ export function defineRoutes(params: RouteDefinitionParams) { defineIndicesRoutes(params); defineUsersRoutes(params); defineRoleMappingRoutes(params); + defineViewRoutes(params); } diff --git a/x-pack/plugins/security/server/routes/users/change_password.test.ts b/x-pack/plugins/security/server/routes/users/change_password.test.ts index 34509edc2e9d2..b40a4e406205c 100644 --- a/x-pack/plugins/security/server/routes/users/change_password.test.ts +++ b/x-pack/plugins/security/server/routes/users/change_password.test.ts @@ -18,18 +18,11 @@ import { } from '../../../../../../src/core/server'; import { LICENSE_CHECK_STATE } from '../../../../licensing/server'; import { Authentication, AuthenticationResult } from '../../authentication'; -import { ConfigType } from '../../config'; import { defineChangeUserPasswordRoutes } from './change_password'; -import { - elasticsearchServiceMock, - loggingServiceMock, - httpServiceMock, - httpServerMock, -} from '../../../../../../src/core/server/mocks'; +import { elasticsearchServiceMock, httpServerMock } from '../../../../../../src/core/server/mocks'; import { mockAuthenticatedUser } from '../../../common/model/authenticated_user.mock'; -import { authorizationMock } from '../../authorization/index.mock'; -import { authenticationMock } from '../../authentication/index.mock'; +import { routeDefinitionParamsMock } from '../index.mock'; describe('Change password', () => { let router: jest.Mocked; @@ -51,8 +44,9 @@ describe('Change password', () => { } beforeEach(() => { - router = httpServiceMock.createRouter(); - authc = authenticationMock.create(); + const routeParamsMock = routeDefinitionParamsMock.create(); + router = routeParamsMock.router; + authc = routeParamsMock.authc; authc.getCurrentUser.mockReturnValue(mockAuthenticatedUser({ username: 'user' })); authc.login.mockResolvedValue(AuthenticationResult.succeeded(mockAuthenticatedUser())); @@ -64,7 +58,7 @@ describe('Change password', () => { }); mockScopedClusterClient = elasticsearchServiceMock.createScopedClusterClient(); - mockClusterClient = elasticsearchServiceMock.createClusterClient(); + mockClusterClient = routeParamsMock.clusterClient; mockClusterClient.asScoped.mockReturnValue(mockScopedClusterClient); mockContext = ({ @@ -73,16 +67,7 @@ describe('Change password', () => { }, } as unknown) as RequestHandlerContext; - defineChangeUserPasswordRoutes({ - router, - clusterClient: mockClusterClient, - basePath: httpServiceMock.createBasePath(), - logger: loggingServiceMock.create().get(), - config: { authc: { providers: ['saml'] } } as ConfigType, - authc, - authz: authorizationMock.create(), - csp: httpServiceMock.createSetupContract().csp, - }); + defineChangeUserPasswordRoutes(routeParamsMock); const [changePasswordRouteConfig, changePasswordRouteHandler] = router.post.mock.calls[0]; routeConfig = changePasswordRouteConfig; diff --git a/x-pack/plugins/security/server/routes/views/account_management.ts b/x-pack/plugins/security/server/routes/views/account_management.ts new file mode 100644 index 0000000000000..3c84483d8f494 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/account_management.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { RouteDefinitionParams } from '..'; + +/** + * Defines routes required for the Account Management view. + */ +export function defineAccountManagementRoutes({ router, csp }: RouteDefinitionParams) { + router.get({ path: '/security/account', validate: false }, async (context, request, response) => { + return response.ok({ + body: await context.core.rendering.render({ includeUserSettings: true }), + headers: { 'content-security-policy': csp.header }, + }); + }); +} diff --git a/x-pack/plugins/security/server/routes/views/index.test.ts b/x-pack/plugins/security/server/routes/views/index.test.ts new file mode 100644 index 0000000000000..63e8a518c6198 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/index.test.ts @@ -0,0 +1,65 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { defineViewRoutes } from '.'; + +import { routeDefinitionParamsMock } from '../index.mock'; + +describe('View routes', () => { + it('does not register Login routes if both `basic` and `token` providers are disabled', () => { + const routeParamsMock = routeDefinitionParamsMock.create(); + routeParamsMock.authc.isProviderEnabled.mockImplementation( + provider => provider !== 'basic' && provider !== 'token' + ); + + defineViewRoutes(routeParamsMock); + + expect(routeParamsMock.router.get.mock.calls.map(([{ path }]) => path)).toMatchInlineSnapshot(` + Array [ + "/security/account", + "/security/logged_out", + "/logout", + "/security/overwritten_session", + ] + `); + }); + + it('registers Login routes if `basic` provider is enabled', () => { + const routeParamsMock = routeDefinitionParamsMock.create(); + routeParamsMock.authc.isProviderEnabled.mockImplementation(provider => provider !== 'token'); + + defineViewRoutes(routeParamsMock); + + expect(routeParamsMock.router.get.mock.calls.map(([{ path }]) => path)).toMatchInlineSnapshot(` + Array [ + "/login", + "/internal/security/login_state", + "/security/account", + "/security/logged_out", + "/logout", + "/security/overwritten_session", + ] + `); + }); + + it('registers Login routes if `token` provider is enabled', () => { + const routeParamsMock = routeDefinitionParamsMock.create(); + routeParamsMock.authc.isProviderEnabled.mockImplementation(provider => provider !== 'basic'); + + defineViewRoutes(routeParamsMock); + + expect(routeParamsMock.router.get.mock.calls.map(([{ path }]) => path)).toMatchInlineSnapshot(` + Array [ + "/login", + "/internal/security/login_state", + "/security/account", + "/security/logged_out", + "/logout", + "/security/overwritten_session", + ] + `); + }); +}); diff --git a/x-pack/plugins/security/server/routes/views/index.ts b/x-pack/plugins/security/server/routes/views/index.ts new file mode 100644 index 0000000000000..91e57aed44ab6 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/index.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { defineAccountManagementRoutes } from './account_management'; +import { defineLoggedOutRoutes } from './logged_out'; +import { defineLoginRoutes } from './login'; +import { defineLogoutRoutes } from './logout'; +import { defineOverwrittenSessionRoutes } from './overwritten_session'; +import { RouteDefinitionParams } from '..'; + +export function defineViewRoutes(params: RouteDefinitionParams) { + if (params.authc.isProviderEnabled('basic') || params.authc.isProviderEnabled('token')) { + defineLoginRoutes(params); + } + + defineAccountManagementRoutes(params); + defineLoggedOutRoutes(params); + defineLogoutRoutes(params); + defineOverwrittenSessionRoutes(params); +} diff --git a/x-pack/plugins/security/server/routes/views/logged_out.test.ts b/x-pack/plugins/security/server/routes/views/logged_out.test.ts new file mode 100644 index 0000000000000..822802b62d874 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/logged_out.test.ts @@ -0,0 +1,83 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + RequestHandler, + RouteConfig, + kibanaResponseFactory, +} from '../../../../../../src/core/server'; +import { Authentication } from '../../authentication'; +import { defineLoggedOutRoutes } from './logged_out'; + +import { coreMock, httpServerMock } from '../../../../../../src/core/server/mocks'; +import { routeDefinitionParamsMock } from '../index.mock'; + +describe('LoggedOut view routes', () => { + let authc: jest.Mocked; + let routeHandler: RequestHandler; + let routeConfig: RouteConfig; + beforeEach(() => { + const routeParamsMock = routeDefinitionParamsMock.create(); + authc = routeParamsMock.authc; + + defineLoggedOutRoutes(routeParamsMock); + + const [ + loggedOutRouteConfig, + loggedOutRouteHandler, + ] = routeParamsMock.router.get.mock.calls.find( + ([{ path }]) => path === '/security/logged_out' + )!; + + routeConfig = loggedOutRouteConfig; + routeHandler = loggedOutRouteHandler; + }); + + it('correctly defines route.', () => { + expect(routeConfig.options).toEqual({ authRequired: false }); + expect(routeConfig.validate).toBe(false); + }); + + it('redirects user to the root page if they have a session already.', async () => { + authc.getSessionInfo.mockResolvedValue({ + provider: 'basic', + now: 0, + idleTimeoutExpiration: null, + lifespanExpiration: null, + }); + + const request = httpServerMock.createKibanaRequest(); + + await expect(routeHandler({} as any, request, kibanaResponseFactory)).resolves.toEqual({ + options: { headers: { location: '/mock-server-basepath/' } }, + status: 302, + }); + + expect(authc.getSessionInfo).toHaveBeenCalledWith(request); + }); + + it('renders view if user does not have an active session.', async () => { + authc.getSessionInfo.mockResolvedValue(null); + + const request = httpServerMock.createKibanaRequest(); + const contextMock = coreMock.createRequestHandlerContext(); + + await expect( + routeHandler({ core: contextMock } as any, request, kibanaResponseFactory) + ).resolves.toEqual({ + options: { + headers: { + 'content-security-policy': + "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'", + }, + }, + status: 200, + }); + + expect(authc.getSessionInfo).toHaveBeenCalledWith(request); + expect(contextMock.rendering.render).toHaveBeenCalledWith({ includeUserSettings: false }); + }); +}); diff --git a/x-pack/plugins/security/server/routes/views/logged_out.ts b/x-pack/plugins/security/server/routes/views/logged_out.ts new file mode 100644 index 0000000000000..2f69d8c35f03e --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/logged_out.ts @@ -0,0 +1,48 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { RouteDefinitionParams } from '..'; + +/** + * Defines routes required for the Logged Out view. + */ +export function defineLoggedOutRoutes({ + router, + logger, + authc, + csp, + basePath, +}: RouteDefinitionParams) { + router.get( + { + path: '/security/logged_out', + validate: false, + options: { authRequired: false }, + }, + async (context, request, response) => { + // Authentication flow isn't triggered automatically for this route, so we should explicitly + // check whether user has an active session already. + const isUserAlreadyLoggedIn = (await authc.getSessionInfo(request)) !== null; + if (isUserAlreadyLoggedIn) { + logger.debug('User is already authenticated, redirecting...'); + return response.redirected({ + headers: { location: `${basePath.serverBasePath}/` }, + }); + } + + return response.ok({ + body: await context.core.rendering.render({ includeUserSettings: false }), + headers: { 'content-security-policy': csp.header }, + }); + } + ); +} diff --git a/x-pack/plugins/security/server/routes/views/login.test.ts b/x-pack/plugins/security/server/routes/views/login.test.ts new file mode 100644 index 0000000000000..d14aa226e17ba --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/login.test.ts @@ -0,0 +1,197 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { URL } from 'url'; +import { Type } from '@kbn/config-schema'; +import { + RequestHandler, + RouteConfig, + kibanaResponseFactory, + IRouter, +} from '../../../../../../src/core/server'; +import { SecurityLicense } from '../../../common/licensing'; +import { Authentication } from '../../authentication'; +import { defineLoginRoutes } from './login'; + +import { coreMock, httpServerMock } from '../../../../../../src/core/server/mocks'; +import { routeDefinitionParamsMock } from '../index.mock'; + +describe('Login view routes', () => { + let authc: jest.Mocked; + let router: jest.Mocked; + let license: jest.Mocked; + beforeEach(() => { + const routeParamsMock = routeDefinitionParamsMock.create(); + authc = routeParamsMock.authc; + router = routeParamsMock.router; + license = routeParamsMock.license; + + defineLoginRoutes(routeParamsMock); + }); + + describe('View route', () => { + let routeHandler: RequestHandler; + let routeConfig: RouteConfig; + beforeEach(() => { + const [loginRouteConfig, loginRouteHandler] = router.get.mock.calls.find( + ([{ path }]) => path === '/login' + )!; + + routeConfig = loginRouteConfig; + routeHandler = loginRouteHandler; + }); + + it('correctly defines route.', () => { + expect(routeConfig.options).toEqual({ authRequired: false }); + + expect(routeConfig.validate).toEqual({ + body: undefined, + query: expect.any(Type), + params: undefined, + }); + + const queryValidator = (routeConfig.validate as any).query as Type; + expect(queryValidator.validate({})).toEqual({}); + + expect(queryValidator.validate({ next: 'some-next' })).toEqual({ next: 'some-next' }); + expect(queryValidator.validate({ msg: 'some-msg' })).toEqual({ msg: 'some-msg' }); + expect(queryValidator.validate({ next: 'some-next', msg: 'some-msg', unknown: 1 })).toEqual({ + next: 'some-next', + msg: 'some-msg', + unknown: 1, + }); + + expect(() => queryValidator.validate({ next: 1 })).toThrowErrorMatchingInlineSnapshot( + `"[next]: expected value of type [string] but got [number]"` + ); + + expect(() => queryValidator.validate({ msg: 1 })).toThrowErrorMatchingInlineSnapshot( + `"[msg]: expected value of type [string] but got [number]"` + ); + }); + + it('redirects user to the root page if they have a session already or login is disabled.', async () => { + for (const { query, expectedLocation } of [ + { query: {}, expectedLocation: '/mock-server-basepath/' }, + { + query: { next: '/mock-server-basepath/app/kibana' }, + expectedLocation: '/mock-server-basepath/app/kibana', + }, + { + query: { next: 'http://evil.com/mock-server-basepath/app/kibana' }, + expectedLocation: '/mock-server-basepath/', + }, + ]) { + const request = httpServerMock.createKibanaRequest({ query }); + (request as any).url = new URL( + `${request.url.path}${request.url.search}`, + 'https://kibana.co' + ); + + // Redirect if user has an active session even if `showLogin` is `true`. + authc.getSessionInfo.mockResolvedValue({ + provider: 'basic', + now: 0, + idleTimeoutExpiration: null, + lifespanExpiration: null, + }); + license.getFeatures.mockReturnValue({ showLogin: true } as any); + await expect(routeHandler({} as any, request, kibanaResponseFactory)).resolves.toEqual({ + options: { headers: { location: `${expectedLocation}` } }, + status: 302, + }); + + // Redirect if `showLogin` is `false` even if user doesn't have an active session even. + authc.getSessionInfo.mockResolvedValue(null); + license.getFeatures.mockReturnValue({ showLogin: false } as any); + await expect(routeHandler({} as any, request, kibanaResponseFactory)).resolves.toEqual({ + options: { headers: { location: `${expectedLocation}` } }, + status: 302, + }); + } + }); + + it('renders view if user does not have an active session and login page can be shown.', async () => { + authc.getSessionInfo.mockResolvedValue(null); + license.getFeatures.mockReturnValue({ showLogin: true } as any); + + const request = httpServerMock.createKibanaRequest(); + const contextMock = coreMock.createRequestHandlerContext(); + + await expect( + routeHandler({ core: contextMock } as any, request, kibanaResponseFactory) + ).resolves.toEqual({ + options: { + headers: { + 'content-security-policy': + "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'", + }, + }, + status: 200, + }); + + expect(authc.getSessionInfo).toHaveBeenCalledWith(request); + expect(contextMock.rendering.render).toHaveBeenCalledWith({ includeUserSettings: false }); + }); + }); + + describe('Login state route', () => { + let routeHandler: RequestHandler; + let routeConfig: RouteConfig; + beforeEach(() => { + const [loginStateRouteConfig, loginStateRouteHandler] = router.get.mock.calls.find( + ([{ path }]) => path === '/internal/security/login_state' + )!; + + routeConfig = loginStateRouteConfig; + routeHandler = loginStateRouteHandler; + }); + + it('correctly defines route.', () => { + expect(routeConfig.options).toEqual({ authRequired: false }); + expect(routeConfig.validate).toBe(false); + }); + + it('returns only required license features.', async () => { + license.getFeatures.mockReturnValue({ + allowLogin: true, + allowRbac: false, + allowRoleDocumentLevelSecurity: true, + allowRoleFieldLevelSecurity: false, + layout: 'error-es-unavailable', + showLinks: false, + showRoleMappingsManagement: true, + showLogin: true, + }); + + const request = httpServerMock.createKibanaRequest(); + const contextMock = coreMock.createRequestHandlerContext(); + + await expect( + routeHandler({ core: contextMock } as any, request, kibanaResponseFactory) + ).resolves.toEqual({ + options: { body: { allowLogin: true, layout: 'error-es-unavailable', showLogin: true } }, + payload: { allowLogin: true, layout: 'error-es-unavailable', showLogin: true }, + status: 200, + }); + }); + + it('returns `form` layout if it is not specified in the license.', async () => { + license.getFeatures.mockReturnValue({ allowLogin: true, showLogin: true } as any); + + const request = httpServerMock.createKibanaRequest(); + const contextMock = coreMock.createRequestHandlerContext(); + + await expect( + routeHandler({ core: contextMock } as any, request, kibanaResponseFactory) + ).resolves.toEqual({ + options: { body: { allowLogin: true, layout: 'form', showLogin: true } }, + payload: { allowLogin: true, layout: 'form', showLogin: true }, + status: 200, + }); + }); + }); +}); diff --git a/x-pack/plugins/security/server/routes/views/login.ts b/x-pack/plugins/security/server/routes/views/login.ts new file mode 100644 index 0000000000000..e2e162d298e45 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/login.ts @@ -0,0 +1,64 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { schema } from '@kbn/config-schema'; +import { parseNext } from '../../../common/parse_next'; +import { RouteDefinitionParams } from '..'; + +/** + * Defines routes required for the Login view. + */ +export function defineLoginRoutes({ + router, + logger, + authc, + csp, + basePath, + license, +}: RouteDefinitionParams) { + router.get( + { + path: '/login', + validate: { + query: schema.object( + { + next: schema.maybe(schema.string()), + msg: schema.maybe(schema.string()), + }, + { allowUnknowns: true } + ), + }, + options: { authRequired: false }, + }, + async (context, request, response) => { + // Default to true if license isn't available or it can't be resolved for some reason. + const shouldShowLogin = license.isEnabled() ? license.getFeatures().showLogin : true; + + // Authentication flow isn't triggered automatically for this route, so we should explicitly + // check whether user has an active session already. + const isUserAlreadyLoggedIn = (await authc.getSessionInfo(request)) !== null; + if (isUserAlreadyLoggedIn || !shouldShowLogin) { + logger.debug('User is already authenticated, redirecting...'); + return response.redirected({ + headers: { location: parseNext(request.url?.href ?? '', basePath.serverBasePath) }, + }); + } + + return response.ok({ + body: await context.core.rendering.render({ includeUserSettings: false }), + headers: { 'content-security-policy': csp.header }, + }); + } + ); + + router.get( + { path: '/internal/security/login_state', validate: false, options: { authRequired: false } }, + async (context, request, response) => { + const { showLogin, allowLogin, layout = 'form' } = license.getFeatures(); + return response.ok({ body: { showLogin, allowLogin, layout } }); + } + ); +} diff --git a/x-pack/plugins/security/server/routes/views/logout.ts b/x-pack/plugins/security/server/routes/views/logout.ts new file mode 100644 index 0000000000000..8fa8e689a1c38 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/logout.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { RouteDefinitionParams } from '..'; + +/** + * Defines routes required for the Logout out view. + */ +export function defineLogoutRoutes({ router, csp }: RouteDefinitionParams) { + router.get( + { + path: '/logout', + validate: false, + options: { authRequired: false }, + }, + async (context, request, response) => { + return response.ok({ + body: await context.core.rendering.render({ includeUserSettings: false }), + headers: { 'content-security-policy': csp.header }, + }); + } + ); +} diff --git a/x-pack/plugins/security/server/routes/views/overwritten_session.ts b/x-pack/plugins/security/server/routes/views/overwritten_session.ts new file mode 100644 index 0000000000000..c21ab1c207362 --- /dev/null +++ b/x-pack/plugins/security/server/routes/views/overwritten_session.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { RouteDefinitionParams } from '..'; + +/** + * Defines routes required for the Overwritten Session view. + */ +export function defineOverwrittenSessionRoutes({ router, csp }: RouteDefinitionParams) { + router.get( + { path: '/security/overwritten_session', validate: false }, + async (context, request, response) => { + return response.ok({ + body: await context.core.rendering.render({ includeUserSettings: true }), + headers: { 'content-security-policy': csp.header }, + }); + } + ); +} diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index dbab88da973a1..09ee5cd304ac9 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -256,7 +256,6 @@ "common.ui.stateManagement.unableToStoreHistoryInSessionErrorMessage": "セッションがいっぱいで安全に削除できるアイテムが見つからないため、Kibana は履歴アイテムを保存できません。\n\nこれは大抵新規タブに移動することで解決されますが、より大きな問題が原因である可能性もあります。このメッセージが定期的に表示される場合は、{gitHubIssuesUrl} で問題を報告してください。", "common.ui.url.replacementFailedErrorMessage": "置換に失敗、未解決の表現式: {expr}", "common.ui.url.savedObjectIsMissingNotificationMessage": "保存されたオブジェクトがありません", - "common.ui.vis.defaultFeedbackMessage": "フィードバックがありますか?{link} で問題を報告してください。", "common.ui.vis.kibanaMap.leaflet.fitDataBoundsAriaLabel": "データバウンドを合わせる", "common.ui.vis.kibanaMap.zoomWarning": "ズームレベルが最大に達しました。完全にズームインするには、Elasticsearch と Kibana の {defaultDistribution} にアップグレードしてください。{ems} でより多くのズームレベルが利用できます。または、独自のマップサーバーを構成できます。詳細は { wms } または { configSettings} をご覧ください。", "data.search.aggs.aggGroups.bucketsText": "バケット", @@ -2852,6 +2851,7 @@ "timelion.vis.intervalLabel": "間隔", "uiActions.actionPanel.title": "オプション", "uiActions.errors.incompatibleAction": "操作に互換性がありません", + "visualizations.defaultFeedbackMessage": "フィードバックがありますか?{link} で問題を報告してください。", "visualizations.newVisWizard.betaDescription": "このビジュアライゼーションはベータ段階で、変更される可能性があります。デザインとコードはオフィシャル GA 機能よりも完成度が低く、現状のまま保証なしで提供されています。ベータ機能にはオフィシャル GA 機能の SLA が適用されません", "visualizations.newVisWizard.betaTitle": "ベータ", "visualizations.newVisWizard.chooseSourceTitle": "ソースの選択", @@ -7533,9 +7533,6 @@ "xpack.ml.calendarsList.table.idColumnName": "ID", "xpack.ml.calendarsList.table.jobsColumnName": "ジョブ", "xpack.ml.calendarsList.table.newButtonLabel": "新規", - "xpack.ml.checkLicense.licenseHasExpiredMessage": "{licenseTypeName} 機械学習ライセンスが期限切れになりました。", - "xpack.ml.checkLicense.licenseInformationNotAvailableThisTimeMessage": "現在ライセンス情報が利用できないため機械学習を使用できません。", - "xpack.ml.checkLicense.mlIsUnavailableMessage": "機械学習が利用できません", "xpack.ml.controls.checkboxShowCharts.showChartsCheckboxLabel": "チャートを表示", "xpack.ml.controls.selectInterval.autoLabel": "自動", "xpack.ml.controls.selectInterval.dayLabel": "1 日", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index afd12dba8ada7..993beffe5fbf1 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -256,7 +256,6 @@ "common.ui.stateManagement.unableToStoreHistoryInSessionErrorMessage": "Kibana 无法将历史记录项存储在您的会话中,因为其已满,并且似乎没有任何可安全删除的项。\n\n通常可通过移至新的标签页来解决此问题,但这会导致更大的问题。如果您有规律地看到此消息,请在 {gitHubIssuesUrl} 提交问题。", "common.ui.url.replacementFailedErrorMessage": "替换失败,未解析的表达式:{expr}", "common.ui.url.savedObjectIsMissingNotificationMessage": "已保存对象缺失", - "common.ui.vis.defaultFeedbackMessage": "想反馈?请在“{link}中创建问题。", "common.ui.vis.kibanaMap.leaflet.fitDataBoundsAriaLabel": "适应数据边界", "common.ui.vis.kibanaMap.zoomWarning": "已达到缩放级别最大数目。要一直放大,请升级到 Elasticsearch 和 Kibana 的 {defaultDistribution}。您可以通过 {ems} 免费使用其他缩放级别。或者,您可以配置自己的地图服务器。请前往 { wms } 或 { configSettings} 以获取详细信息。", "data.search.aggs.aggGroups.bucketsText": "存储桶", @@ -2853,6 +2852,7 @@ "timelion.vis.intervalLabel": "时间间隔", "uiActions.actionPanel.title": "选项", "uiActions.errors.incompatibleAction": "操作不兼容", + "visualizations.defaultFeedbackMessage": "想反馈?请在“{link}中创建问题。", "visualizations.newVisWizard.betaDescription": "此可视化为公测版,可能会进行更改。设计和代码相对于正式发行版功能还不够成熟,将按原样提供,且不提供任何保证。公测版功能不受正式发行版功能支持 SLA 的约束", "visualizations.newVisWizard.betaTitle": "公测版", "visualizations.newVisWizard.chooseSourceTitle": "选择源", @@ -7533,9 +7533,6 @@ "xpack.ml.calendarsList.table.idColumnName": "ID", "xpack.ml.calendarsList.table.jobsColumnName": "作业", "xpack.ml.calendarsList.table.newButtonLabel": "新建", - "xpack.ml.checkLicense.licenseHasExpiredMessage": "您的 {licenseTypeName} Machine Learning 许可证已过期。", - "xpack.ml.checkLicense.licenseInformationNotAvailableThisTimeMessage": "您不能使用 Machine Learning,因为许可证信息当前不可用。", - "xpack.ml.checkLicense.mlIsUnavailableMessage": "Machine Learning 不可用", "xpack.ml.controls.checkboxShowCharts.showChartsCheckboxLabel": "显示图表", "xpack.ml.controls.selectInterval.autoLabel": "自动", "xpack.ml.controls.selectInterval.dayLabel": "1 天", diff --git a/x-pack/test/kerberos_api_integration/apis/security/kerberos_login.ts b/x-pack/test/kerberos_api_integration/apis/security/kerberos_login.ts index 55853f8b0fbde..b561c9ea47513 100644 --- a/x-pack/test/kerberos_api_integration/apis/security/kerberos_login.ts +++ b/x-pack/test/kerberos_api_integration/apis/security/kerberos_login.ts @@ -242,7 +242,7 @@ export default function({ getService }: FtrProviderContext) { expect(cookies).to.have.length(1); checkCookieIsCleared(request.cookie(cookies[0])!); - expect(logoutResponse.headers.location).to.be('/logged_out'); + expect(logoutResponse.headers.location).to.be('/security/logged_out'); // Token that was stored in the previous cookie should be invalidated as well and old // session cookie should not allow API access. diff --git a/x-pack/test/pki_api_integration/apis/security/pki_auth.ts b/x-pack/test/pki_api_integration/apis/security/pki_auth.ts index 6cb92585de36e..fe772a3b1d460 100644 --- a/x-pack/test/pki_api_integration/apis/security/pki_auth.ts +++ b/x-pack/test/pki_api_integration/apis/security/pki_auth.ts @@ -290,7 +290,7 @@ export default function({ getService }: FtrProviderContext) { expect(cookies).to.have.length(1); checkCookieIsCleared(request.cookie(cookies[0])!); - expect(logoutResponse.headers.location).to.be('/logged_out'); + expect(logoutResponse.headers.location).to.be('/security/logged_out'); }); it('should redirect to home page if session cookie is not provided', async () => { diff --git a/x-pack/test/saml_api_integration/apis/security/saml_login.ts b/x-pack/test/saml_api_integration/apis/security/saml_login.ts index b8296aa703607..e49d95f2ec6c2 100644 --- a/x-pack/test/saml_api_integration/apis/security/saml_login.ts +++ b/x-pack/test/saml_api_integration/apis/security/saml_login.ts @@ -728,7 +728,7 @@ export default function({ getService }: FtrProviderContext) { .set('kbn-xsrf', 'xxx') .set('Cookie', existingSessionCookie.cookieString()) .send({ SAMLResponse: await createSAMLResponse({ username: newUsername }) }) - .expect('location', '/overwritten_session') + .expect('location', '/security/overwritten_session') .expect(302); const newSessionCookie = request.cookie(