Skip to content

Commit

Permalink
Adding GET test suite
Browse files Browse the repository at this point in the history
  • Loading branch information
@kobelb
kobelb committed Sep 5, 2018
1 parent 68a5537 commit 6627127
Show file tree
Hide file tree
Showing 5 changed files with 480 additions and 137 deletions.
108 changes: 108 additions & 0 deletions x-pack/test/saved_object_api_integration/common/suites/saved_objects/get.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
import expect from 'expect.js';
import { getIdPrefix, getUrlPrefix } from "../../lib/space_test_utils";
import { DEFAULT_SPACE_ID } from '../../../../../plugins/spaces/common/constants';

export function getTestSuiteFactory(esArchiver, supertest) {
const existsId = 'dd7caf20-9efd-11e7-acb3-3dab96693fab';
const doesntExistId = 'foobar';
const makeGetTest = (describeFn) => (description, {
auth = {
username: undefined,
password: undefined,
},
spaceId = DEFAULT_SPACE_ID,
otherSpaceId = spaceId,
tests
}) => {
describeFn(description, () => {
before(() => esArchiver.load('saved_objects/spaces'));
after(() => esArchiver.unload('saved_objects/spaces'));

it(`should return ${tests.exists.statusCode}`, async () => {
await supertest
.get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/${getIdPrefix(otherSpaceId)}${existsId}`)
.auth(auth.username, auth.password)
.expect(tests.exists.statusCode)
.then(tests.exists.response);
});

describe('document does not exist', () => {
it(`should return ${tests.doesntExist.statusCode}`, async () => {
await supertest
.get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/${getIdPrefix(otherSpaceId)}${doesntExistId}`)
.auth(auth.username, auth.password)
.expect(tests.doesntExist.statusCode)
.then(tests.doesntExist.response);
});
});
});
};

const getTest = makeGetTest(describe);
getTest.only = makeGetTest(describe.only);

const createExpectLegacyForbidden = username => resp => {
expect(resp.body).to.eql({
statusCode: 403,
error: 'Forbidden',
// eslint-disable-next-line max-len
message: `action [indices:data/read/get] is unauthorized for user [${username}]: [security_exception] action [indices:data/read/get] is unauthorized for user [${username}]`
});
};

const createExpectNotFound = (id, spaceId = DEFAULT_SPACE_ID) => (resp) => {
expect(resp.body).to.eql({
error: 'Not Found',
message: `Saved object [visualization/${getIdPrefix(spaceId)}${id}] not found`,
statusCode: 404,
});
};

const createExpectDoesntExistNotFound = (spaceId = DEFAULT_SPACE_ID) => {
return createExpectNotFound(doesntExistId, spaceId);
};

const createExpectExistsNotFound = (spaceId = DEFAULT_SPACE_ID) => {
return createExpectNotFound(existsId, spaceId);
};

const createExpectRbacForbidden = () => (resp) => {
expect(resp.body).to.eql({
error: 'Forbidden',
message: `Unable to get visualization, missing action:saved_objects/visualization/get`,
statusCode: 403,
});
};

const createExpectResults = (spaceId = DEFAULT_SPACE_ID) => (resp) => {
expect(resp.body).to.eql({
id: `${getIdPrefix(spaceId)}dd7caf20-9efd-11e7-acb3-3dab96693fab`,
type: 'visualization',
updated_at: '2017-09-21T18:51:23.794Z',
version: resp.body.version,
attributes: {
title: 'Count of requests',
description: '',
version: 1,
// cheat for some of the more complex attributes
visState: resp.body.attributes.visState,
uiStateJSON: resp.body.attributes.uiStateJSON,
kibanaSavedObjectMeta: resp.body.attributes.kibanaSavedObjectMeta
}
});
};

return {
createExpectDoesntExistNotFound,
createExpectExistsNotFound,
createExpectLegacyForbidden,
createExpectRbacForbidden,
createExpectResults,
getTest
};
}
243 changes: 243 additions & 0 deletions x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/get.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,243 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import { AUTHENTICATION } from '../../../common/lib/authentication';
import { getTestSuiteFactory } from '../../../common/suites/saved_objects/get';
import { SPACES } from '../../../common/lib/spaces';

export default function ({ getService }) {
const supertest = getService('supertestWithoutAuth');
const esArchiver = getService('esArchiver');

const {
createExpectDoesntExistNotFound,
createExpectLegacyForbidden,
createExpectRbacForbidden,
createExpectResults,
getTest
} = getTestSuiteFactory(esArchiver, supertest);

describe('get', () => {
[
{
spaceId: SPACES.DEFAULT.spaceId,
userWithAllAtSpace: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER,
userWithReadAtSpace: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_READ_USER,
userWithAllAtOtherSpace: AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER,
},
{
spaceId: SPACES.SPACE_1.spaceId,
userWithAllAtSpace: AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER,
userWithReadAtSpace: AUTHENTICATION.KIBANA_RBAC_SPACE_1_READ_USER,
userWithAllAtOtherSpace: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER,
}
].forEach(({
spaceId,
userWithAllAtSpace,
userWithReadAtSpace,
userWithAllAtOtherSpace,
}) => {
getTest(AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME, {
auth: {
username: AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME,
password: AUTHENTICATION.NOT_A_KIBANA_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 403,
response: createExpectLegacyForbidden(AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME),
},
doesntExist: {
statusCode: 403,
response: createExpectLegacyForbidden(AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME),
},
}
});


getTest(AUTHENTICATION.SUPERUSER.USERNAME, {
auth: {
username: AUTHENTICATION.SUPERUSER.USERNAME,
password: AUTHENTICATION.SUPERUSER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(AUTHENTICATION.KIBANA_LEGACY_USER.USERNAME, {
auth: {
username: AUTHENTICATION.KIBANA_LEGACY_USER.USERNAME,
password: AUTHENTICATION.KIBANA_LEGACY_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(AUTHENTICATION.KIBANA_LEGACY_DASHBOARD_ONLY_USER.USERNAME, {
auth: {
username: AUTHENTICATION.KIBANA_LEGACY_DASHBOARD_ONLY_USER.USERNAME,
password: AUTHENTICATION.KIBANA_LEGACY_DASHBOARD_ONLY_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_USER.USERNAME, {
auth: {
username: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_USER.USERNAME,
password: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_DASHBOARD_ONLY_USER.USERNAME, {
auth: {
username: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_DASHBOARD_ONLY_USER.USERNAME,
password: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_DASHBOARD_ONLY_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(AUTHENTICATION.KIBANA_RBAC_USER.USERNAME, {
auth: {
username: AUTHENTICATION.KIBANA_RBAC_USER.USERNAME,
password: AUTHENTICATION.KIBANA_RBAC_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(AUTHENTICATION.KIBANA_RBAC_DASHBOARD_ONLY_USER.USERNAME, {
auth: {
username: AUTHENTICATION.KIBANA_RBAC_DASHBOARD_ONLY_USER.USERNAME,
password: AUTHENTICATION.KIBANA_RBAC_DASHBOARD_ONLY_USER.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(`${userWithAllAtSpace.USERNAME} user`, {
auth: {
username: userWithAllAtSpace.USERNAME,
password: userWithAllAtSpace.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(`${userWithReadAtSpace.USERNAME} user`, {
auth: {
username: userWithReadAtSpace.USERNAME,
password: userWithReadAtSpace.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 200,
response: createExpectResults(spaceId),
},
doesntExist: {
statusCode: 404,
response: createExpectDoesntExistNotFound(spaceId),
},
}
});

getTest(`${userWithAllAtOtherSpace.USERNAME} user`, {
auth: {
username: userWithAllAtOtherSpace.USERNAME,
password: userWithAllAtOtherSpace.PASSWORD,
},
spaceId,
tests: {
exists: {
statusCode: 403,
response: createExpectRbacForbidden(),
},
doesntExist: {
statusCode: 403,
response: createExpectRbacForbidden(),
},
}
});
});
});
}
1 change: 1 addition & 0 deletions x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,6 @@ export default function ({ loadTestFile }) {
describe('saved_objects', () => {
loadTestFile(require.resolve('./create'));
loadTestFile(require.resolve('./find'));
loadTestFile(require.resolve('./get'));
});
}
Loading

0 comments on commit 6627127

Please sign in to comment.