Skip to content

Commit

Permalink
Add specs
Browse files Browse the repository at this point in the history
  • Loading branch information
Alejandro Fernández Gómez committed May 4, 2021
1 parent 2353909 commit 368748d
Showing 1 changed file with 231 additions and 0 deletions.
231 changes: 231 additions & 0 deletions x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,231 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

jest.mock('./epm/packages');
import type { SavedObjectsClientContract } from 'kibana/server';

import { savedObjectsClientMock } from '../../../../../src/core/server/mocks';
import type { PackagePolicy, RegistryDataStream } from '../types';

import { getPackageInfo } from './epm/packages';
import {
getDataStreamPermissions,
storedPackagePoliciesToAgentPermissions,
} from './package_policies_to_agent_permissions';

const getPackageInfoMock = getPackageInfo as jest.MockedFunction<typeof getPackageInfo>;

describe('storedPackagePoliciesToAgentPermissions()', () => {
let soClient: jest.Mocked<SavedObjectsClientContract>;
beforeEach(() => {
soClient = savedObjectsClientMock.create();
});

it('Returns `undefined` if there are no package policies', async () => {
const permissions = await storedPackagePoliciesToAgentPermissions(soClient, []);
expect(permissions).toBeUndefined();
});

it('Returns the default permissions for string package policies', async () => {
const permissions = await storedPackagePoliciesToAgentPermissions(soClient, ['foo']);
expect(permissions).toMatchObject({
_fallback: {
cluster: ['monitor'],
indices: [
{
names: [
'logs-*',
'metrics-*',
'traces-*',
'synthetics-*',
'.logs-endpoint.diagnostic.collection-*',
],
privileges: ['auto_configure', 'create_doc'],
},
],
},
});
});

it('Returns the default permissions if a package policy does not have a package', async () => {
const permissions = await storedPackagePoliciesToAgentPermissions(soClient, [
{ name: 'foo', package: undefined } as PackagePolicy,
]);

expect(permissions).toMatchObject({
foo: {
cluster: ['monitor'],
indices: [
{
names: [
'logs-*',
'metrics-*',
'traces-*',
'synthetics-*',
'.logs-endpoint.diagnostic.collection-*',
],
privileges: ['auto_configure', 'create_doc'],
},
],
},
});
});

it('Returns the permissions for the enabled inputs', async () => {
getPackageInfoMock.mockResolvedValueOnce({
name: 'test-package',
version: '0.0.0',
latestVersion: '0.0.0',
release: 'experimental',
format_version: '1.0.0',
title: 'Test Package',
description: '',
icons: [],
owner: { github: '' },
status: 'not_installed',
assets: {
kibana: {
dashboard: [],
visualization: [],
search: [],
index_pattern: [],
map: [],
lens: [],
security_rule: [],
ml_module: [],
},
elasticsearch: {
component_template: [],
ingest_pipeline: [],
ilm_policy: [],
transform: [],
index_template: [],
data_stream_ilm_policy: [],
},
},
data_streams: [
{
type: 'logs',
dataset: 'some-logs',
title: '',
release: '',
package: 'test-package',
path: '',
ingest_pipeline: '',
streams: [{ input: 'test-logs', title: 'Test Logs', template_path: '' }],
},
{
type: 'metrics',
dataset: 'some-metrics',
title: '',
release: '',
package: 'test-package',
path: '',
ingest_pipeline: '',
streams: [{ input: 'test-metrics', title: 'Test Logs', template_path: '' }],
},
],
});

const packagePolicies: PackagePolicy[] = [
{
id: '12345',
name: 'test-policy',
namespace: 'test',
enabled: true,
package: { name: 'test-package', version: '0.0.0', title: 'Test Package' },
inputs: [
{ type: 'test-logs', enabled: true, streams: [] },
{ type: 'test-metrics', enabled: false, streams: [] },
],
created_at: '',
updated_at: '',
created_by: '',
updated_by: '',
revision: 1,
policy_id: '',
output_id: '',
},
];

const permissions = await storedPackagePoliciesToAgentPermissions(soClient, packagePolicies);
expect(permissions).toMatchObject({
'test-policy': {
indices: [
{
names: ['logs-some-logs-test'],
privileges: ['auto_configure', 'create_doc'],
},
],
},
});
});
});

describe('getDataStreamPermissions()', () => {
it('returns defaults for a datastream with no permissions', () => {
const dataStream = { type: 'logs', dataset: 'test' } as RegistryDataStream;
const permissions = getDataStreamPermissions(dataStream);

expect(permissions).toMatchObject({
names: ['logs-test-*'],
privileges: ['auto_configure', 'create_doc'],
});
});

it('adds the namespace to the index name', () => {
const dataStream = { type: 'logs', dataset: 'test' } as RegistryDataStream;
const permissions = getDataStreamPermissions(dataStream, 'namespace');

expect(permissions).toMatchObject({
names: ['logs-test-namespace'],
privileges: ['auto_configure', 'create_doc'],
});
});

it('appends a wildcard if dataset is prefix', () => {
const dataStream = {
type: 'logs',
dataset: 'test',
dataset_is_prefix: true,
} as RegistryDataStream;
const permissions = getDataStreamPermissions(dataStream, 'namespace');

expect(permissions).toMatchObject({
names: ['logs-test-namespace-*'],
privileges: ['auto_configure', 'create_doc'],
});
});

it('prepends a dot if datastream is hidden', () => {
const dataStream = {
type: 'logs',
dataset: 'test',
hidden: true,
} as RegistryDataStream;
const permissions = getDataStreamPermissions(dataStream, 'namespace');

expect(permissions).toMatchObject({
names: ['.logs-test-namespace'],
privileges: ['auto_configure', 'create_doc'],
});
});

it('uses custom permissions if they are present in the datastream', () => {
const dataStream = {
type: 'logs',
dataset: 'test',
permissions: { indices: ['read', 'write'] },
} as RegistryDataStream;
const permissions = getDataStreamPermissions(dataStream, 'namespace');

expect(permissions).toMatchObject({
names: ['logs-test-namespace'],
privileges: ['read', 'write'],
});
});
});

0 comments on commit 368748d

Please sign in to comment.