-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Upgrade Assistant] Add permissions check to logs step #112420
Changes from 15 commits
d6ee0af
8fddc7d
9bdca01
69d4457
93ce8e3
d53055b
1c28563
a4a20da
0f4b4dc
b8ae396
65bd246
3cd92e3
c0f13fd
0030b0b
602ccf9
efe2e20
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0 and the Server Side Public License, v 1; you may not use this file except | ||
* in compliance with, at your election, the Elastic License 2.0 or the Server | ||
* Side Public License, v 1. | ||
*/ | ||
|
||
import { convertPrivilegesToArray } from './with_privileges'; | ||
|
||
describe('convertPrivilegesToArray', () => { | ||
test('extracts section and privilege', () => { | ||
expect(convertPrivilegesToArray('index.index_name')).toEqual([['index', 'index_name']]); | ||
expect(convertPrivilegesToArray(['index.index_name', 'cluster.management'])).toEqual([ | ||
['index', 'index_name'], | ||
['cluster', 'management'], | ||
]); | ||
expect(convertPrivilegesToArray('index.index_name.with-many.dots')).toEqual([ | ||
['index', 'index_name.with-many.dots'], | ||
]); | ||
}); | ||
|
||
test('throws when it cannot extract section and privilege', () => { | ||
expect(() => { | ||
convertPrivilegesToArray('bad_privilege_string'); | ||
}).toThrow('Required privilege must have the format "section.privilege"'); | ||
}); | ||
}); |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,4 +6,4 @@ | |
* Side Public License, v 1. | ||
*/ | ||
|
||
export { Privileges, MissingPrivileges } from '../__packages_do_not_import__/authorization'; | ||
export { Privileges, MissingPrivileges } from '../__packages_do_not_import__/authorization/types'; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I had to change these types to be exported directly from the types file, otherwise it doesn't tree-shake the rest of the things exported from the |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,10 +22,13 @@ jest.mock('../../../../public/application/lib/logs_checkpoint', () => { | |
}); | ||
|
||
import { DeprecationLoggingStatus } from '../../../../common/types'; | ||
import { DEPRECATION_LOGS_SOURCE_ID } from '../../../../common/constants'; | ||
import { OverviewTestBed, setupOverviewPage } from '../overview.helpers'; | ||
import { setupEnvironment, advanceTime } from '../../helpers'; | ||
import { DEPRECATION_LOGS_COUNT_POLL_INTERVAL_MS } from '../../../../common/constants'; | ||
import { | ||
DEPRECATION_LOGS_INDEX, | ||
DEPRECATION_LOGS_SOURCE_ID, | ||
DEPRECATION_LOGS_COUNT_POLL_INTERVAL_MS, | ||
} from '../../../../common/constants'; | ||
|
||
const getLoggingResponse = (toggle: boolean): DeprecationLoggingStatus => ({ | ||
isDeprecationLogIndexingEnabled: toggle, | ||
|
@@ -389,4 +392,39 @@ describe('Overview - Fix deprecation logs step', () => { | |
expect(exists('apiCompatibilityNoteTitle')).toBe(true); | ||
}); | ||
}); | ||
|
||
describe('Privileges check', () => { | ||
test(`permissions warning callout is hidden if user has the right privileges`, async () => { | ||
const { exists } = testBed; | ||
|
||
// Index privileges warning callout should not be shown | ||
expect(exists('noIndexPermissionsCallout')).toBe(false); | ||
// Analyze logs and Resolve logs sections should be shown | ||
expect(exists('externalLinksTitle')).toBe(true); | ||
expect(exists('deprecationsCountTitle')).toBe(true); | ||
}); | ||
|
||
test(`doesn't show analyze and resolve logs if it doesn't have the right privileges`, async () => { | ||
await act(async () => { | ||
testBed = await setupOverviewPage({ | ||
privileges: { | ||
hasAllPrivileges: false, | ||
missingPrivileges: { | ||
index: [DEPRECATION_LOGS_INDEX], | ||
}, | ||
}, | ||
}); | ||
}); | ||
|
||
const { exists, component } = testBed; | ||
|
||
component.update(); | ||
|
||
// No index privileges warning callout should be shown | ||
expect(exists('noIndexPermissionsCallout')).toBe(true); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do we have any tests that assert this isn't shown when the user has the required privileges? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Nice call, I've just added one that checks for that also |
||
// Analyze logs and Resolve logs sections should be hidden | ||
expect(exists('externalLinksTitle')).toBe(false); | ||
expect(exists('deprecationsCountTitle')).toBe(false); | ||
}); | ||
}); | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I patched this block of code to also accept privileges that might contain dots in its name. I extracted this part into its own function and wrote a few tests for it, I decided not to write tests for the HOC itself because it seemed a bit outside the scope of this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome!!