diff --git a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureAlertingCommentsRestApiIT.kt b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureAlertingCommentsRestApiIT.kt index 1826d8724..1da468485 100644 --- a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureAlertingCommentsRestApiIT.kt +++ b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureAlertingCommentsRestApiIT.kt @@ -5,6 +5,8 @@ package org.opensearch.alerting.resthandler +import org.apache.hc.core5.http.ContentType.APPLICATION_JSON +import org.apache.hc.core5.http.io.entity.StringEntity import org.junit.After import org.junit.Before import org.junit.BeforeClass @@ -12,10 +14,12 @@ import org.opensearch.alerting.ALERTING_ACK_ALERTS_ROLE import org.opensearch.alerting.ALERTING_FULL_ACCESS_ROLE import org.opensearch.alerting.ALERTING_READ_ONLY_ACCESS import org.opensearch.alerting.AlertingRestTestCase +import org.opensearch.alerting.makeRequest import org.opensearch.alerting.randomAlert import org.opensearch.alerting.settings.AlertingSettings.Companion.ALERTING_COMMENTS_ENABLED import org.opensearch.client.ResponseException import org.opensearch.client.RestClient +import org.opensearch.common.xcontent.XContentType import org.opensearch.commons.alerting.model.Alert import org.opensearch.commons.rest.SecureRestClientBuilder import org.opensearch.core.rest.RestStatus @@ -359,32 +363,31 @@ class SecureAlertingCommentsRestApiIT : AlertingRestTestCase() { } } - // TODO: Uncomment and this should pass in CIs -// fun `test user cannot directly search comments system index`() { -// createUserWithRoles( -// userA, -// listOf(ALERTING_FULL_ACCESS_ROLE), -// listOf(), -// false -// ) -// -// val monitor = createRandomMonitor(refresh = true) -// val alert = createAlert(randomAlert(monitor).copy(state = Alert.State.ACTIVE)) -// val alertId = alert.id -// val commentContent = "test comment" -// -// createAlertComment(alertId, commentContent, userAClient!!).id -// -// val query = SearchSourceBuilder().query(QueryBuilders.matchAllQuery()) -// val searchResponse = userAClient!!.makeRequest( -// "GET", -// ".opensearch-alerting-comments-history-*/_search", -// StringEntity(query.toString(), APPLICATION_JSON) -// ) -// -// val xcp = createParser(XContentType.JSON.xContent(), searchResponse.entity.content) -// val hits = xcp.map()["hits"]!! as Map> -// val numberDocsFound = hits["total"]?.get("value") -// assertEquals("User was able to directly inspect alerting comments system index docs", 0, numberDocsFound) -// } + fun `test user cannot directly search comments system index`() { + createUserWithRoles( + userA, + listOf(ALERTING_FULL_ACCESS_ROLE), + listOf(), + false + ) + + val monitor = createRandomMonitor(refresh = true) + val alert = createAlert(randomAlert(monitor).copy(state = Alert.State.ACTIVE)) + val alertId = alert.id + val commentContent = "test comment" + + createAlertComment(alertId, commentContent, userAClient!!).id + + val query = SearchSourceBuilder().query(QueryBuilders.matchAllQuery()) + val searchResponse = userAClient!!.makeRequest( + "GET", + ".opensearch-alerting-comments-history-*/_search", + StringEntity(query.toString(), APPLICATION_JSON) + ) + + val xcp = createParser(XContentType.JSON.xContent(), searchResponse.entity.content) + val hits = xcp.map()["hits"]!! as Map> + val numberDocsFound = hits["total"]?.get("value") + assertEquals("User was able to directly inspect alerting comments system index docs", 0, numberDocsFound) + } }