Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Beats/security #22500

Merged
merged 3 commits into from
Aug 30, 2018
Merged

Beats/security #22500

merged 3 commits into from
Aug 30, 2018

Conversation

mattapperson
Copy link
Contributor

This adds a license check system to beats management.

Routes now have an extra option of licenseRequired.
UI now is enabled/disabled based on one of 2 factors:

  1. A valid gold, or better license
  2. Security is enabled on Kibana

The only route that returns a non-error if no valid license is the get configs route

@elasticmachine
Copy link
Contributor

💔 Build Failed

@elasticmachine
Copy link
Contributor

💔 Build Failed

@justinkambic
Copy link
Contributor

justinkambic commented Aug 29, 2018
edited
Loading

To functionally test, should I try to access Beats CM while running a trial vs basic license, and then run a snapshot with gold added, and try security as well?

Plan

  • Attempt to access on basic - should fail
  • Attempt to access on gold - should work
  • Attempt to access on trial (i.e. platinum) - should work
  • Attempt to access on gold with security disabled - should fail
  • Attempt to access on trial with security disabled - should fail

justinkambic
justinkambic requested changes Aug 29, 2018
View reviewed changes
Copy link
Contributor

@justinkambic justinkambic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should tweak the error message displayed when license information is not available.

Aside from that the code LGTM, going to work on functional tests now.

x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts

private checkLicense(xPackInfo: any) {
// If, for some reason, we cannot get the license information
// from Elasticsearch, assume worst case and disable the Logstash pipeline UI
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Logstash pipeline UI

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

heh, yup

x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts
securityEnabled: false,
licenseValid: false,
message:
'You cannot manage Beats centeral management because license information is not available at this time.',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we update this language to say

You cannot use Beats Central Management because license information is not available at this time.

@justinkambic
Copy link
Contributor

Functionally this looks good to me, provided you don't need me to test anything beyond what I've already outlined above.

justinkambic
justinkambic approved these changes Aug 30, 2018
View reviewed changes
Copy link
Contributor

@justinkambic justinkambic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Great work!

@mattapperson mattapperson merged commit e4b3ad2 into elastic:feature/x-pack/management/beats Aug 30, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justinkambic justinkambic justinkambic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mattapperson @elasticmachine @justinkambic