[Reporting/JobListing] fix user ID for non-security in queries

elastic · Aug 18, 2020 · 85abb52 · 85abb52
1 parent 0707e29
commit 85abb52
Show file tree

Hide file tree

Showing 10 changed files with 115 additions and 108 deletions.
diff --git a/x-pack/plugins/reporting/server/lib/enqueue_job.ts b/x-pack/plugins/reporting/server/lib/enqueue_job.ts
@@ -6,15 +6,14 @@
 
 import { KibanaRequest, RequestHandlerContext } from 'src/core/server';
 import { ReportingCore } from '../';
-import { AuthenticatedUser } from '../../../security/server';
-import { CreateJobBaseParams, CreateJobFn } from '../types';
+import { CreateJobBaseParams, CreateJobFn, ReportingUser } from '../types';
 import { LevelLogger } from './';
 import { Report } from './store';
 
 export type EnqueueJobFn = (
   exportTypeId: string,
   jobParams: CreateJobBaseParams,
-  user: AuthenticatedUser | null,
+  user: ReportingUser,
   context: RequestHandlerContext,
   request: KibanaRequest
 ) => Promise<Report>;
@@ -28,13 +27,12 @@ export function enqueueJobFactory(
   return async function enqueueJob(
     exportTypeId: string,
     jobParams: CreateJobBaseParams,
-    user: AuthenticatedUser | null,
+    user: ReportingUser,
     context: RequestHandlerContext,
     request: KibanaRequest
   ) {
     type ScheduleTaskFnType = CreateJobFn<CreateJobBaseParams>;
 
-    const username: string | null = user ? user.username : null;
     const exportType = reporting.getExportTypesRegistry().getById(exportTypeId);
 
     if (exportType == null) {
@@ -50,7 +48,7 @@ export function enqueueJobFactory(
     const payload = await scheduleTask(jobParams, context, request);
 
     // store the pending report, puts it in the Reporting Management UI table
-    const report = await store.addReport(exportType.jobType, username, payload);
+    const report = await store.addReport(exportType.jobType, user, payload);
 
     logger.info(`Scheduled ${exportType.name} report: ${report._id}`);
 

diff --git a/x-pack/plugins/reporting/server/lib/store/report.ts b/x-pack/plugins/reporting/server/lib/store/report.ts
@@ -18,7 +18,7 @@ interface ReportingDocument {
   _seq_no: unknown;
   _primary_term: unknown;
   jobtype: string;
-  created_by: string | null;
+  created_by: string | false;
   payload: {
     headers: string; // encrypted headers
     objectType: string;
@@ -53,7 +53,7 @@ export class Report implements Partial<ReportingDocument> {
 
   public readonly jobtype: string;
   public readonly created_at?: string;
-  public readonly created_by?: string | null;
+  public readonly created_by?: string | false;
   public readonly payload: {
     headers: string; // encrypted headers
     objectType: string;

diff --git a/x-pack/plugins/reporting/server/lib/store/store.test.ts b/x-pack/plugins/reporting/server/lib/store/store.test.ts
@@ -53,7 +53,9 @@ describe('ReportingStore', () => {
         headers: 'rp_headers_1',
         objectType: 'testOt',
       };
-      await expect(store.addReport(reportType, 'username1', reportPayload)).resolves.toMatchObject({
+      await expect(
+        store.addReport(reportType, { username: 'username1' }, reportPayload)
+      ).resolves.toMatchObject({
         _primary_term: undefined,
         _seq_no: undefined,
         attempts: 0,
@@ -84,9 +86,9 @@ describe('ReportingStore', () => {
         headers: 'rp_headers_2',
         objectType: 'testOt',
       };
-      expect(store.addReport(reportType, 'user1', reportPayload)).rejects.toMatchInlineSnapshot(
-        `[Error: Invalid index interval: centurially]`
-      );
+      expect(
+        store.addReport(reportType, { username: 'user1' }, reportPayload)
+      ).rejects.toMatchInlineSnapshot(`[Error: Invalid index interval: centurially]`);
     });
 
     it('handles error creating the index', async () => {
@@ -102,7 +104,7 @@ describe('ReportingStore', () => {
         objectType: 'testOt',
       };
       await expect(
-        store.addReport(reportType, 'user1', reportPayload)
+        store.addReport(reportType, { username: 'user1' }, reportPayload)
       ).rejects.toMatchInlineSnapshot(`[Error: horrible error]`);
     });
 
@@ -125,7 +127,7 @@ describe('ReportingStore', () => {
         objectType: 'testOt',
       };
       await expect(
-        store.addReport(reportType, 'user1', reportPayload)
+        store.addReport(reportType, { username: 'user1' }, reportPayload)
       ).rejects.toMatchInlineSnapshot(`[Error: devastating error]`);
     });
 
@@ -143,7 +145,9 @@ describe('ReportingStore', () => {
         headers: 'rp_headers_5',
         objectType: 'testOt',
       };
-      await expect(store.addReport(reportType, 'user1', reportPayload)).resolves.toMatchObject({
+      await expect(
+        store.addReport(reportType, { username: 'user1' }, reportPayload)
+      ).resolves.toMatchObject({
         _primary_term: undefined,
         _seq_no: undefined,
         attempts: 0,
@@ -174,7 +178,7 @@ describe('ReportingStore', () => {
         headers: 'rp_test_headers',
         objectType: 'testOt',
       };
-      await expect(store.addReport(reportType, null, reportPayload)).resolves.toMatchObject({
+      await expect(store.addReport(reportType, false, reportPayload)).resolves.toMatchObject({
         _primary_term: undefined,
         _seq_no: undefined,
         attempts: 0,

diff --git a/x-pack/plugins/reporting/server/lib/store/store.ts b/x-pack/plugins/reporting/server/lib/store/store.ts
@@ -7,7 +7,11 @@
 import { ElasticsearchServiceSetup } from 'src/core/server';
 import { LevelLogger, statuses } from '../';
 import { ReportingCore } from '../../';
-import { CreateJobBaseParams, CreateJobBaseParamsEncryptedFields } from '../../types';
+import {
+  CreateJobBaseParams,
+  CreateJobBaseParamsEncryptedFields,
+  ReportingUser,
+} from '../../types';
 import { indexTimestamp } from './index_timestamp';
 import { mapping } from './mapping';
 import { Report } from './report';
@@ -140,7 +144,7 @@ export class ReportingStore {
 
   public async addReport(
     type: string,
-    username: string | null,
+    user: ReportingUser,
     payload: CreateJobBaseParams & CreateJobBaseParamsEncryptedFields
   ): Promise<Report> {
     const timestamp = indexTimestamp(this.indexInterval);
@@ -151,7 +155,7 @@ export class ReportingStore {
       _index: index,
       payload,
       jobtype: type,
-      created_by: username,
+      created_by: user ? user.username : false,
       ...this.jobSettings,
     });
 

diff --git a/x-pack/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts b/x-pack/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts
@@ -5,11 +5,10 @@
  */
 
 import { RequestHandler, RouteMethod } from 'src/core/server';
-import { AuthenticatedUser } from '../../../../security/server';
 import { ReportingCore } from '../../core';
+import { ReportingUser } from '../../types';
 import { getUserFactory } from './get_user';
 
-type ReportingUser = AuthenticatedUser | null;
 const superuserRole = 'superuser';
 
 export type RequestHandlerUser<P, Q, B> = RequestHandler<P, Q, B> extends (...a: infer U) => infer R
@@ -23,7 +22,7 @@ export const authorizedUserPreRoutingFactory = function authorizedUserPreRouting
   const getUser = getUserFactory(setupDeps.security);
   return <P, Q, B>(handler: RequestHandlerUser<P, Q, B>): RequestHandler<P, Q, B, RouteMethod> => {
     return (context, req, res) => {
-      let user: ReportingUser = null;
+      let user: ReportingUser = false;
       if (setupDeps.security && setupDeps.security.license.isEnabled()) {
         // find the authenticated user, or null if security is not enabled
         user = getUser(req);

diff --git a/x-pack/plugins/reporting/server/routes/lib/get_user.ts b/x-pack/plugins/reporting/server/routes/lib/get_user.ts
@@ -9,6 +9,6 @@ import { SecurityPluginSetup } from '../../../../security/server';
 
 export function getUserFactory(security?: SecurityPluginSetup) {
   return (request: KibanaRequest) => {
-    return security?.authc.getCurrentUser(request) ?? null;
+    return security?.authc.getCurrentUser(request) ?? false;
   };
 }
diff --git a/x-pack/plugins/reporting/server/routes/lib/job_response_handler.ts b/x-pack/plugins/reporting/server/routes/lib/job_response_handler.ts
@@ -6,8 +6,8 @@
 
 import { kibanaResponseFactory } from 'kibana/server';
 import { ReportingCore } from '../../';
-import { AuthenticatedUser } from '../../../../security/server';
 import { WHITELISTED_JOB_CONTENT_TYPES } from '../../../common/constants';
+import { ReportingUser } from '../../types';
 import { getDocumentPayloadFactory } from './get_document_payload';
 import { jobsQueryFactory } from './jobs_query';
 
@@ -27,7 +27,7 @@ export function downloadJobResponseHandlerFactory(reporting: ReportingCore) {
   return async function jobResponseHandler(
     res: typeof kibanaResponseFactory,
     validJobTypes: string[],
-    user: AuthenticatedUser | null,
+    user: ReportingUser,
     params: JobResponseHandlerParams,
     opts: JobResponseHandlerOpts = {}
   ) {
@@ -71,7 +71,7 @@ export function deleteJobResponseHandlerFactory(reporting: ReportingCore) {
   return async function deleteJobResponseHander(
     res: typeof kibanaResponseFactory,
     validJobTypes: string[],
-    user: AuthenticatedUser | null,
+    user: ReportingUser,
     params: JobResponseHandlerParams
   ) {
     const { docId } = params;