From 23ba4e56f927285a61a144879d5f8c2a8e5754f3 Mon Sep 17 00:00:00 2001 From: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Date: Mon, 1 Nov 2021 09:37:22 -0400 Subject: [PATCH] [Reporting] Remove `Boom` (#116289) (#116621) * remove use of boom from info response handler; also changed unauthd response to forbidden to avoid client logging user out * rather return 500 with err.message * added jest tests for common cases on the info route Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Jean-Louis Leysens --- .../server/routes/lib/request_handler.ts | 11 +++++-- .../server/routes/management/jobs.test.ts | 30 +++++++++++++++++++ .../server/routes/management/jobs.ts | 9 ++++-- 3 files changed, 46 insertions(+), 4 deletions(-) diff --git a/x-pack/plugins/reporting/server/routes/lib/request_handler.ts b/x-pack/plugins/reporting/server/routes/lib/request_handler.ts index a87f5c2913031..2100c4c3c43ac 100644 --- a/x-pack/plugins/reporting/server/routes/lib/request_handler.ts +++ b/x-pack/plugins/reporting/server/routes/lib/request_handler.ts @@ -6,6 +6,7 @@ */ import Boom from '@hapi/boom'; +import { i18n } from '@kbn/i18n'; import { KibanaRequest, KibanaResponseFactory } from 'kibana/server'; import { ReportingCore } from '../..'; import { API_BASE_URL } from '../../../common/constants'; @@ -153,7 +154,13 @@ export class RequestHandler { }); } - // unknown error, can't convert to 4xx - throw err; + return this.res.customError({ + statusCode: 500, + body: + err?.message || + i18n.translate('xpack.reporting.errorHandler.unknownError', { + defaultMessage: 'Unknown error', + }), + }); } } diff --git a/x-pack/plugins/reporting/server/routes/management/jobs.test.ts b/x-pack/plugins/reporting/server/routes/management/jobs.test.ts index 02a0ddc94a043..a54be44258ed3 100644 --- a/x-pack/plugins/reporting/server/routes/management/jobs.test.ts +++ b/x-pack/plugins/reporting/server/routes/management/jobs.test.ts @@ -178,6 +178,36 @@ describe('GET /api/reporting/jobs/download', () => { await supertest(httpSetup.server.listener).get('/api/reporting/jobs/download/poo').expect(401); }); + it(`returns job's info`, async () => { + mockEsClient.search.mockResolvedValueOnce({ + body: getHits({ + jobtype: 'base64EncodedJobType', + payload: {}, // payload is irrelevant + }), + } as any); + + registerJobInfoRoutes(core); + + await server.start(); + + await supertest(httpSetup.server.listener).get('/api/reporting/jobs/info/test').expect(200); + }); + + it(`returns 403 if a user cannot view a job's info`, async () => { + mockEsClient.search.mockResolvedValueOnce({ + body: getHits({ + jobtype: 'customForbiddenJobType', + payload: {}, // payload is irrelevant + }), + } as any); + + registerJobInfoRoutes(core); + + await server.start(); + + await supertest(httpSetup.server.listener).get('/api/reporting/jobs/info/test').expect(403); + }); + it('when a job is incomplete', async () => { mockEsClient.search.mockResolvedValueOnce({ body: getHits({ diff --git a/x-pack/plugins/reporting/server/routes/management/jobs.ts b/x-pack/plugins/reporting/server/routes/management/jobs.ts index 99c317453ca0f..54fc13ffbb613 100644 --- a/x-pack/plugins/reporting/server/routes/management/jobs.ts +++ b/x-pack/plugins/reporting/server/routes/management/jobs.ts @@ -5,8 +5,8 @@ * 2.0. */ -import Boom from '@hapi/boom'; import { schema } from '@kbn/config-schema'; +import { i18n } from '@kbn/i18n'; import { ReportingCore } from '../../'; import { ROUTE_TAG_CAN_REDIRECT } from '../../../../security/server'; import { API_BASE_URL } from '../../../common/constants'; @@ -115,7 +115,12 @@ export function registerJobInfoRoutes(reporting: ReportingCore) { const { jobtype: jobType } = result; if (!jobTypes.includes(jobType)) { - throw Boom.unauthorized(`Sorry, you are not authorized to view ${jobType} info`); + return res.forbidden({ + body: i18n.translate('xpack.reporting.jobsQuery.infoError.unauthorizedErrorMessage', { + defaultMessage: 'Sorry, you are not authorized to view {jobType} info', + values: { jobType }, + }), + }); } return res.ok({