Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not register tenancy app if disabled in yml #2057

Merged
merged 10 commits into from
Jul 25, 2024
Merged

Do not register tenancy app if disabled in yml #2057

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
d0488dd
Do not register tenancy app if disabled in yml
derek-ho Jul 24, 2024
8022171
Adds a test
derek-ho Jul 24, 2024
48ccd4d
Merge branch 'main' into dont-register-tenant-application
derek-ho Jul 24, 2024
5aa4ba2
Revert type and export
derek-ho Jul 25, 2024
544947a
Merge branch 'dont-register-tenant-application' of github.com:derek-h…
derek-ho Jul 25, 2024
5a06254
Merge branch 'main' into dont-register-tenant-application
derek-ho Jul 25, 2024
900816b
Use constants
derek-ho Jul 25, 2024
af3b5ae
Merge branch 'dont-register-tenant-application' of github.com:derek-h…
derek-ho Jul 25, 2024
9fc2991
Remove extra license field
derek-ho Jul 25, 2024
6c37aca
Refactor with constants
derek-ho Jul 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions common/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,13 @@

export const PLUGIN_ID = 'opensearchDashboardsSecurity';
export const PLUGIN_NAME = 'security-dashboards-plugin';
export const PLUGIN_GET_STARTED_APP_ID = 'security-dashboards-plugin_getstarted';
DarshitChanpura marked this conversation as resolved.
Show resolved Hide resolved
export const PLUGIN_AUTH_APP_ID = 'security-dashboards-plugin_auth';
export const PLUGIN_ROLES_APP_ID = 'security-dashboards-plugin_roles';
export const PLUGIN_USERS_APP_ID = 'security-dashboards-plugin_users';
export const PLUGIN_PERMISSIONS_APP_ID = 'security-dashboards-plugin_permissions';
export const PLUGIN_TENANTS_APP_ID = 'security-dashboards-plugin_tenants';
export const PLUGIN_AUDITLOG_APP_ID = 'security-dashboards-plugin_auditlog';

export const APP_ID_LOGIN = 'login';
export const APP_ID_CUSTOMERROR = 'customerror';
Expand Down
62 changes: 38 additions & 24 deletions public/plugin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,19 @@
PluginInitializerContext,
WorkspaceAvailability,
} from '../../../src/core/public';
import { APP_ID_LOGIN, CUSTOM_ERROR_PAGE_URI, LOGIN_PAGE_URI, PLUGIN_NAME } from '../common';
import {
APP_ID_LOGIN,
CUSTOM_ERROR_PAGE_URI,
LOGIN_PAGE_URI,
PLUGIN_AUDITLOG_APP_ID,
PLUGIN_AUTH_APP_ID,
PLUGIN_GET_STARTED_APP_ID,
PLUGIN_NAME,
PLUGIN_PERMISSIONS_APP_ID,
PLUGIN_ROLES_APP_ID,
PLUGIN_TENANTS_APP_ID,
PLUGIN_USERS_APP_ID,
} from '../common';
import { APP_ID_CUSTOMERROR } from '../common';
import { setupTopNavButton } from './apps/account/account-app';
import { fetchAccountInfoSafe } from './apps/account/utils';
Expand Down Expand Up @@ -175,7 +187,7 @@

if (core.chrome.navGroup.getNavGroupEnabled()) {
core.application.register({
id: `security-dashboards-plugin_getstarted`,
id: PLUGIN_GET_STARTED_APP_ID,
title: 'Get Started',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
Expand All @@ -185,7 +197,7 @@
},
});
core.application.register({
id: `security-dashboards-plugin_auth`,
id: PLUGIN_AUTH_APP_ID,
title: 'Authentication',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
Expand All @@ -195,7 +207,7 @@
},
});
core.application.register({
id: `security-dashboards-plugin_roles`,
id: PLUGIN_ROLES_APP_ID,
title: 'Roles',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
Expand All @@ -205,7 +217,7 @@
},
});
core.application.register({
id: `security-dashboards-plugin_users`,
id: PLUGIN_USERS_APP_ID,
title: 'Internal users',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
Expand All @@ -215,7 +227,7 @@
},
});
core.application.register({
id: `security-dashboards-plugin_permissions`,
id: PLUGIN_PERMISSIONS_APP_ID,
title: 'Permissions',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
Expand All @@ -224,18 +236,20 @@
return mountWrapper(params, '/permissions');
},
});
if (config.multitenancy.enabled) {
core.application.register({
id: PLUGIN_TENANTS_APP_ID,
title: 'Tenants',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
updater$: this.appStateUpdater,
mount: async (params: AppMountParameters) => {
return mountWrapper(params, '/tenants');

Check warning on line 247 in public/plugin.ts

View check run for this annotation

Codecov / codecov/patch

public/plugin.ts#L246-L247 

Added lines #L246 - L247 were not covered by tests
},
});
}
core.application.register({
id: `security-dashboards-plugin_tenants`,
title: 'Tenants',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
updater$: this.appStateUpdater,
mount: async (params: AppMountParameters) => {
return mountWrapper(params, '/tenants');
},
});
core.application.register({
id: `security-dashboards-plugin_auditlog`,
id: PLUGIN_AUDITLOG_APP_ID,
title: 'Audit logs',
order: 8040,
workspaceAvailability: WorkspaceAvailability.outsideWorkspace,
Expand All @@ -248,31 +262,31 @@

core.chrome.navGroup.addNavLinksToGroup(DEFAULT_NAV_GROUPS.dataAdministration, [
{
id: `security-dashboards-plugin_getstarted`,
id: PLUGIN_GET_STARTED_APP_ID,
category: dataAccessUsersCategory,
},
{
id: `security-dashboards-plugin_auth`,
id: PLUGIN_AUTH_APP_ID,
category: dataAccessUsersCategory,
},
{
id: `security-dashboards-plugin_roles`,
id: PLUGIN_ROLES_APP_ID,
category: dataAccessUsersCategory,
},
{
id: `security-dashboards-plugin_users`,
id: PLUGIN_USERS_APP_ID,
category: dataAccessUsersCategory,
},
{
id: `security-dashboards-plugin_permissions`,
id: PLUGIN_PERMISSIONS_APP_ID,
category: dataAccessUsersCategory,
},
{
id: `security-dashboards-plugin_tenants`,
id: PLUGIN_TENANTS_APP_ID,
category: dataAccessUsersCategory,
},
{
id: `security-dashboards-plugin_auditlog`,
id: PLUGIN_AUDITLOG_APP_ID,
category: dataAccessUsersCategory,
},
]);
Expand Down
178 changes: 178 additions & 0 deletions public/test/plugin.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,178 @@
/*
* Copyright OpenSearch Contributors
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/

import { coreMock } from '../../../../src/core/public/mocks';
import { SecurityPlugin } from '../plugin.ts';
import * as pluginModule from '../plugin'; // Import the entire module to mock specific functions
import {
PLUGIN_AUDITLOG_APP_ID,
PLUGIN_AUTH_APP_ID,
PLUGIN_GET_STARTED_APP_ID,
PLUGIN_PERMISSIONS_APP_ID,
PLUGIN_ROLES_APP_ID,
PLUGIN_TENANTS_APP_ID,
PLUGIN_USERS_APP_ID,
} from '../../common/index.ts';

// Mock the hasApiPermission function
jest.mock('../plugin', () => {
const originalModule = jest.requireActual('../plugin');
return {
...originalModule,
hasApiPermission: jest.fn(), // Mock the function here
};
});

describe('SecurityPlugin', () => {
let plugin;
let coreSetup;
let coreStart;
let initializerContext;
let deps;

beforeEach(() => {
coreSetup = coreMock.createSetup();
coreStart = coreMock.createStart();
initializerContext = {
config: {
get: jest.fn().mockReturnValue({
readonly_mode: { roles: [] },
multitenancy: { enabled: true, enable_aggregation_view: false },
clusterPermissions: { include: [] },
indexPermissions: { include: [] },
disabledTransportCategories: { exclude: [] },
disabledRestCategories: { exclude: [] },
ui: { autologout: false },
}),
},
};
deps = {
dataSource: { dataSourceEnabled: true },
savedObjectsManagement: { createSetup: jest.fn() },
};
});

it('does not call register function for certain applications when getNavGroupEnabled is off', async () => {
// Mock hasApiPermission to return false
pluginModule.hasApiPermission.mockResolvedValue(false); // Access the mock via the imported module

// Instantiate the plugin after mocking
plugin = new SecurityPlugin(initializerContext);

// Override getNavGroupEnabled to return false
coreSetup.chrome.navGroup = {
...coreSetup.chrome.navGroup,
getNavGroupEnabled: () => false,
};
// Mock the core.application.register function
const registerSpy = jest.spyOn(coreSetup.application, 'register');

// Execute the setup function
await plugin.setup(coreSetup, deps);

// Assert that the register function was not called for specific applications
const registeredApps = registerSpy.mock.calls.map((call) => call[0].id);
const expectedApps = [
PLUGIN_GET_STARTED_APP_ID,
PLUGIN_AUTH_APP_ID,
PLUGIN_ROLES_APP_ID,
PLUGIN_USERS_APP_ID,
PLUGIN_PERMISSIONS_APP_ID,
PLUGIN_TENANTS_APP_ID,
PLUGIN_AUDITLOG_APP_ID,
];

expectedApps.forEach((app) => {
expect(registeredApps).not.toContain(app);
});
});

it('calls register function for certain applications when getNavGroupEnabled is on', async () => {
// Mock hasApiPermission to return true
pluginModule.hasApiPermission.mockResolvedValue(true); // Access the mock via the imported module

// Instantiate the plugin after mocking
plugin = new SecurityPlugin(initializerContext);

// Override getNavGroupEnabled to return true
coreSetup.chrome.navGroup = {
...coreSetup.chrome.navGroup,
getNavGroupEnabled: () => true,
};
// Mock the core.application.register function
const registerSpy = jest.spyOn(coreSetup.application, 'register');

// Execute the setup function
await plugin.setup(coreSetup, deps);

// Assert that the register function was called for specific applications
const registeredApps = registerSpy.mock.calls.map((call) => call[0].id);
const expectedApps = [
PLUGIN_GET_STARTED_APP_ID,
PLUGIN_AUTH_APP_ID,
PLUGIN_ROLES_APP_ID,
PLUGIN_USERS_APP_ID,
PLUGIN_PERMISSIONS_APP_ID,
PLUGIN_TENANTS_APP_ID,
PLUGIN_AUDITLOG_APP_ID,
];

expectedApps.forEach((app) => {
expect(registeredApps).toContain(app);
});
});

it('does not call register function for tenant app when multitenancy is off', async () => {
DarshitChanpura marked this conversation as resolved.
Show resolved Hide resolved
// Mock hasApiPermission to return true
pluginModule.hasApiPermission.mockResolvedValue(true);

// InitializerContext with multitenancy disabled
initializerContext = {
config: {
get: jest.fn().mockReturnValue({
readonly_mode: { roles: [] },
multitenancy: { enabled: false, enable_aggregation_view: false },
clusterPermissions: { include: [] },
indexPermissions: { include: [] },
disabledTransportCategories: { exclude: [] },
disabledRestCategories: { exclude: [] },
ui: { autologout: false },
}),
},
};

// Instantiate the plugin after mocking
plugin = new SecurityPlugin(initializerContext);

// Override getNavGroupEnabled to return true
coreSetup.chrome.navGroup = {
...coreSetup.chrome.navGroup,
getNavGroupEnabled: () => true,
};
// Mock the core.application.register function
const registerSpy = jest.spyOn(coreSetup.application, 'register');

// Execute the setup function
await plugin.setup(coreSetup, deps);

// Assert that the register function was not called for tenancy app
const registeredApps = registerSpy.mock.calls.map((call) => call[0].id);

expect(registeredApps).not.toContain(PLUGIN_TENANTS_APP_ID);

// Assert that other apps are registered because the feature flag is on
expect(registeredApps).toContain(PLUGIN_GET_STARTED_APP_ID);
});
});
Loading