Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unit tests for index and cluster privileges #50867

Open
albertzaharovits opened this issue Jan 10, 2020 · 4 comments
Open

Unit tests for index and cluster privileges #50867

albertzaharovits opened this issue Jan 10, 2020 · 4 comments
Assignees
@amirhmd
Labels
:Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Security Meta label for security team >test Issues or PRs that are addressing/adding tests

Comments

@albertzaharovits
Copy link
Contributor

Lately, see #50489 (comment) and #50643 we've learned that we miss unit test cases for index and cluster privileges. Right now we test them in the integ tests , IndexPrivilegeTests and ClusterPrivilegeTests, but we need to test which actions a privilege grants without having to start a cluster node and create a role and an user; these tests are more suited for a mix of privileges/roles to test the full authorization mechanism.

I think we need a new class of tests, modeled after the AuthorizationServiceTests, where we can pick on every privilege and every index (and cluster) action.
@albertzaharovits albertzaharovits added >test Issues or PRs that are addressing/adding tests :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC labels Jan 10, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Authorization)

@amirhmd
Copy link

amirhmd commented Jan 10, 2020

hi @albertzaharovits is this ready to pick up?

@albertzaharovits
Copy link
Contributor Author

albertzaharovits commented Jan 11, 2020
edited
Loading

Hi @amirhmd , yes, I have assigned it to you.

Upon looking closer, I think it's better to base the new privileges unit tests upon the IndicesPermission class instead of AuthorizationService. You can follow as an example the IndicesPermissionTests. I've changed my mind because the AuthorizationService deals with actions as well as the requests (and the index names contained in those requests) that trigger those actions; it's at a higher level than what a test suite for actions and privileges is concerned about.

I would start by creating a test for a certain cluster privilege (eg monitor) and then run the IndicesPermission#authorize through a list of action names. You can get a list of action names by looking at subclasses of ActionType, eg DeleteDatafeedAction#NAME. It's not yet clear to me how best to construct this list, we'll need to experiment a bit.
But, given that actions can spawn sub-actions, which have a related name, but which are not described anywhere in the action definition (they are a consequence of how the action is coded) we would still need integration tests to assure a privilege is enough to successfully run certain actions. Yet this is not a privilege test, it is an action test, and writing these privilege unit tests would allow us to learn which actions require further integration tests.

@amirhmd
Copy link

amirhmd commented Jan 13, 2020

Thanks @albertzaharovits for the explanation. will ping you if I have a question.

@rjernst rjernst added the Team:Security Meta label for security team label May 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amirhmd amirhmd

Labels
:Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Security Meta label for security team >test Issues or PRs that are addressing/adding tests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rjernst @albertzaharovits @elasticmachine @amirhmd