Skip to content

Commit

Permalink
[8.x] [Data Usage] add functional tests for privileges (#199377) (#19…
Browse files Browse the repository at this point in the history
…9849)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Data Usage] add functional tests for privileges
(#199377)](#199377)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Sandra
G","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-12T18:03:37Z","message":"[Data
Usage] add functional tests for privileges (#199377)\n\n##
Summary\r\n\r\nfunctional tests for data usage plugin privileges and
roles","sha":"0ab841f6d66d604a1028832cc62f21f01bd02390","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"title":"[Data
Usage] add functional tests for
privileges","number":199377,"url":"https://github.com/elastic/kibana/pull/199377","mergeCommit":{"message":"[Data
Usage] add functional tests for privileges (#199377)\n\n##
Summary\r\n\r\nfunctional tests for data usage plugin privileges and
roles","sha":"0ab841f6d66d604a1028832cc62f21f01bd02390"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199377","number":199377,"mergeCommit":{"message":"[Data
Usage] add functional tests for privileges (#199377)\n\n##
Summary\r\n\r\nfunctional tests for data usage plugin privileges and
roles","sha":"0ab841f6d66d604a1028832cc62f21f01bd02390"}}]}] BACKPORT-->

Co-authored-by: Sandra G <[email protected]>
  • Loading branch information
kibanamachine and neptunian authored Nov 12, 2024
1 parent 953bc0f commit 0c70304
Show file tree
Hide file tree
Showing 4 changed files with 124 additions and 0 deletions.
15 changes: 15 additions & 0 deletions x-pack/test_serverless/functional/page_objects/svl_common_page.ts
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,21 @@ export function SvlCommonPageProvider({ getService, getPageObjects }: FtrProvide
await this.loginWithRole('viewer');
},

/**
*
* Login to Kibana using SAML authentication with Editor role (observability, security)
*/
async loginAsEditor() {
await this.loginWithRole('editor');
},

/**
* Login to Kibana using SAML authentication with Developer role (search)
*/
async loginAsDeveloper() {
await this.loginWithRole('developer');
},

/**
* Login to Kibana using SAML authentication with Editor/Developer role
*/
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ export function SvlManagementPageProvider({ getService }: FtrProviderContext) {
async assertDataUsageManagementCardExists() {
await testSubjects.existOrFail('app-card-data_usage');
},
async assertDataUsageManagementCardDoesNotExist() {
await testSubjects.missingOrFail('app-card-data_usage');
},
async clickDataUsageManagementCard() {
await testSubjects.click('app-card-data_usage');
},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,6 @@ import { FtrProviderContext } from '../../../ftr_provider_context';
export default ({ loadTestFile }: FtrProviderContext) => {
describe('Data Usage', function () {
loadTestFile(require.resolve('./main'));
loadTestFile(require.resolve('./privileges'));
});
};
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import { FtrProviderContext } from '../../../ftr_provider_context';

export default ({ getPageObjects, getService }: FtrProviderContext) => {
const pageObjects = getPageObjects(['svlCommonPage', 'svlManagementPage', 'common']);
const testSubjects = getService('testSubjects');
const samlAuth = getService('samlAuth');
const retry = getService('retry');
const dataUsageAppUrl = 'management/data/data_usage';

const navigateAndVerify = async (expectedVisible: boolean) => {
await pageObjects.common.navigateToApp('management');
await retry.waitFor('page to be visible', async () =>
testSubjects.exists('cards-navigation-page')
);

if (expectedVisible) {
await pageObjects.svlManagementPage.assertDataUsageManagementCardExists();
await pageObjects.common.navigateToApp(dataUsageAppUrl);
await testSubjects.exists('DataUsagePage');
} else {
await pageObjects.svlManagementPage.assertDataUsageManagementCardDoesNotExist();
await pageObjects.common.navigateToApp(dataUsageAppUrl);
await testSubjects.missingOrFail('DataUsagePage');
}
};

describe('privileges', function () {
// plugin needs to be enabled in serverless
this.tags(['skipMKI']);

it('renders for the admin role', async () => {
await pageObjects.svlCommonPage.loginAsAdmin();
await navigateAndVerify(true);
});

it('does not render for viewer', async () => {
await pageObjects.svlCommonPage.loginAsViewer();
await navigateAndVerify(false);
});
describe('with editor role', function () {
// editor role does not exist in search solution
this.tags(['skipSvlSearch']);
it('does not render for default (editor) role', async () => {
await pageObjects.svlCommonPage.loginAsEditor();
await navigateAndVerify(false);
});
});
describe('with developer role', function () {
// developer role only exists in ecs solution
this.tags(['skipSvlOblt', 'skipSvlSec']);
it('renders for developer role', async () => {
await pageObjects.svlCommonPage.loginAsDeveloper();
await navigateAndVerify(true);
});
});
describe('with custom role', function () {
// custom roles aren't available in observability yet
this.tags(['skipSvlOblt']);
afterEach(async () => {
await samlAuth.deleteCustomRole();
});
it('renders with a custom role that has the monitor cluster privilege', async () => {
await samlAuth.setCustomRole({
elasticsearch: {
cluster: ['monitor'],
indices: [{ names: ['*'], privileges: ['all'] }],
},
kibana: [
{
base: ['all'],
feature: {},
spaces: ['*'],
},
],
});
await pageObjects.svlCommonPage.loginWithCustomRole();
await navigateAndVerify(true);
});

it('does not render with a custom role that does not have the monitor cluster privilege', async () => {
await samlAuth.setCustomRole({
elasticsearch: {
indices: [{ names: ['*'], privileges: ['all'] }],
},
kibana: [
{
base: ['all'],
feature: {},
spaces: ['*'],
},
],
});
await pageObjects.svlCommonPage.loginWithCustomRole();
await navigateAndVerify(false);
});
});
});
};

0 comments on commit 0c70304

Please sign in to comment.