diff --git a/packages/core/http/core-http-server-internal/src/__snapshots__/http_config.test.ts.snap b/packages/core/http/core-http-server-internal/src/__snapshots__/http_config.test.ts.snap index 34cdcd15db7df..6cad6f9686a6d 100644 --- a/packages/core/http/core-http-server-internal/src/__snapshots__/http_config.test.ts.snap +++ b/packages/core/http/core-http-server-internal/src/__snapshots__/http_config.test.ts.snap @@ -88,6 +88,7 @@ Object { "allowFromAnyIp": false, "ipAllowlist": Array [], }, + "restrictInternalApis": false, "rewriteBasePath": false, "securityResponseHeaders": Object { "crossOriginOpenerPolicy": "same-origin", diff --git a/packages/core/http/core-http-server-internal/src/http_config.test.ts b/packages/core/http/core-http-server-internal/src/http_config.test.ts index 70002994445f6..bf9ea2fe53875 100644 --- a/packages/core/http/core-http-server-internal/src/http_config.test.ts +++ b/packages/core/http/core-http-server-internal/src/http_config.test.ts @@ -525,23 +525,27 @@ describe('versioned', () => { }); describe('restrictInternalApis', () => { - it('is only allowed on serverless', () => { - expect(() => config.schema.validate({ restrictInternalApis: false }, {})).toThrow( - /a value wasn't expected/ - ); - expect(() => config.schema.validate({ restrictInternalApis: true }, {})).toThrow( - /a value wasn't expected/ - ); + it('is allowed on serverless and traditional', () => { + expect(() => config.schema.validate({ restrictInternalApis: false }, {})).not.toThrow(); + expect(() => config.schema.validate({ restrictInternalApis: true }, {})).not.toThrow(); expect( config.schema.validate({ restrictInternalApis: true }, { serverless: true }) ).toMatchObject({ restrictInternalApis: true, }); + expect( + config.schema.validate({ restrictInternalApis: true }, { traditional: true }) + ).toMatchObject({ + restrictInternalApis: true, + }); }); it('defaults to false', () => { expect( config.schema.validate({ restrictInternalApis: undefined }, { serverless: true }) ).toMatchObject({ restrictInternalApis: false }); + expect( + config.schema.validate({ restrictInternalApis: undefined }, { traditional: true }) + ).toMatchObject({ restrictInternalApis: false }); }); }); diff --git a/packages/core/http/core-http-server-internal/src/http_config.ts b/packages/core/http/core-http-server-internal/src/http_config.ts index 05f88bf8fb34f..d4560febb6f26 100644 --- a/packages/core/http/core-http-server-internal/src/http_config.ts +++ b/packages/core/http/core-http-server-internal/src/http_config.ts @@ -208,6 +208,7 @@ const configSchema = schema.object( // allow access to internal routes by default to prevent breaking changes in current offerings restrictInternalApis: offeringBasedSchema({ serverless: schema.boolean({ defaultValue: false }), + traditional: schema.boolean({ defaultValue: false }), }), versioned: schema.object({ diff --git a/packages/core/http/core-http-server/src/router/route.ts b/packages/core/http/core-http-server/src/router/route.ts index f313d14a7710a..85eef993adcc0 100644 --- a/packages/core/http/core-http-server/src/router/route.ts +++ b/packages/core/http/core-http-server/src/router/route.ts @@ -107,7 +107,7 @@ export interface RouteConfigOptionsBody { * Public routes are stable and intended for external access and are subject to * stricter change management and have long term maintenance windows. * - * @remark On serverless access to internal routes is restricted. + * @remark as of 9.0, access to internal routes is restricted by default. See https://github.com/elastic/kibana/issues/163654. */ export type RouteAccess = 'public' | 'internal'; diff --git a/test/analytics/config.ts b/test/analytics/config.ts index cc162b0a96d4b..aae2458c3ad6f 100644 --- a/test/analytics/config.ts +++ b/test/analytics/config.ts @@ -36,6 +36,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { serverArgs: [ ...functionalConfig.get('kbnTestServer.serverArgs'), '--telemetry.optIn=true', + '--server.restrictInternalApis=false', `--plugin-path=${path.resolve(__dirname, './plugins/analytics_plugin_a')}`, `--plugin-path=${path.resolve(__dirname, './plugins/analytics_ftr_helpers')}`, ], diff --git a/test/analytics/services/kibana_ebt.ts b/test/analytics/services/kibana_ebt.ts index e82196d028fd4..f2b635dcbdbbe 100644 --- a/test/analytics/services/kibana_ebt.ts +++ b/test/analytics/services/kibana_ebt.ts @@ -9,6 +9,7 @@ import '@kbn/analytics-ftr-helpers-plugin/public/types'; import type { EBTHelpersContract } from '@kbn/analytics-ftr-helpers-plugin/common/types'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../functional/ftr_provider_context'; export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBTHelpersContract { @@ -18,6 +19,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT await supertest .post(`/internal/analytics_ftr_helpers/opt_in`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ consent: optIn }) .expect(200); }; @@ -38,6 +40,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT fromTimestamp, }) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); return resp.body; @@ -48,6 +51,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT .get(`/internal/analytics_ftr_helpers/count_events`) .query({ eventTypes: JSON.stringify(eventTypes), withTimeoutMs, fromTimestamp }) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); return resp.body.count; diff --git a/test/analytics/tests/analytics_from_the_server.ts b/test/analytics/tests/analytics_from_the_server.ts index a1b75db9985b3..af15d083419a3 100644 --- a/test/analytics/tests/analytics_from_the_server.ts +++ b/test/analytics/tests/analytics_from_the_server.ts @@ -10,6 +10,7 @@ import expect from '@kbn/expect'; import type { Event, TelemetryCounter } from '@kbn/core/server'; import type { Action } from '@kbn/analytics-plugin-a-plugin/server/custom_shipper'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../services'; export default function ({ getService }: FtrProviderContext) { @@ -23,6 +24,7 @@ export default function ({ getService }: FtrProviderContext) { .get(`/internal/analytics_plugin_a/stats`) .query({ takeNumberOfCounters, eventType: 'test-plugin-lifecycle' }) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); return resp.body; @@ -32,6 +34,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .get(`/internal/analytics_plugin_a/actions`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); return resp.body; diff --git a/test/api_integration/apis/console/autocomplete_entities.ts b/test/api_integration/apis/console/autocomplete_entities.ts index 6cd0f6df35401..2a19f2c9f7f45 100644 --- a/test/api_integration/apis/console/autocomplete_entities.ts +++ b/test/api_integration/apis/console/autocomplete_entities.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { @@ -15,7 +16,10 @@ export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const sendRequest = (query: object) => - supertest.get('/api/console/autocomplete_entities').query(query); + supertest + .get('/api/console/autocomplete_entities') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query(query); describe('/api/console/autocomplete_entities', function () { const indexName = 'test-index-1'; diff --git a/test/api_integration/apis/console/es_config.ts b/test/api_integration/apis/console/es_config.ts index cea71fefb0142..190e35d1f3827 100644 --- a/test/api_integration/apis/console/es_config.ts +++ b/test/api_integration/apis/console/es_config.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -18,6 +19,7 @@ export default function ({ getService }: FtrProviderContext) { const { body } = await supertest .get('/api/console/es_config') .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(body.host).to.be.ok(); }); diff --git a/test/api_integration/apis/console/proxy_route.ts b/test/api_integration/apis/console/proxy_route.ts index bc02a4863eb99..3cc40f318d97b 100644 --- a/test/api_integration/apis/console/proxy_route.ts +++ b/test/api_integration/apis/console/proxy_route.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -19,6 +20,7 @@ export default function ({ getService }: FtrProviderContext) { return await supertest .post('/api/console/proxy?method=GET&path=/.kibana/_settings') .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .then((response) => { expect(response.header).to.have.property('warning'); const { warning } = response.header as { warning: string }; @@ -28,12 +30,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('does not forward x-elastic-product-origin', async () => { - // If we pass the header and we still get the warning back, we assume that the header was not forwarded. return await supertest .post('/api/console/proxy?method=GET&path=/.kibana/_settings') .set('kbn-xsrf', 'true') .set('x-elastic-product-origin', 'kibana') .then((response) => { + expect(response.header).to.have.property('connection', 'close'); expect(response.header).to.have.property('warning'); const { warning } = response.header as { warning: string }; expect(warning.startsWith('299')).to.be(true); diff --git a/test/api_integration/apis/core/capabilities.ts b/test/api_integration/apis/core/capabilities.ts index d99c47213fb04..6816090d36c37 100644 --- a/test/api_integration/apis/core/capabilities.ts +++ b/test/api_integration/apis/core/capabilities.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -17,6 +18,7 @@ export default function ({ getService }: FtrProviderContext) { it(`returns a 400 when an invalid app id is provided`, async () => { const { body } = await supertest .post('/api/core/capabilities') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ applications: ['dashboard', 'discover', 'bad%app'], }) diff --git a/test/api_integration/apis/custom_integration/integrations.ts b/test/api_integration/apis/custom_integration/integrations.ts index ecb53f6200780..a3d50533010f1 100644 --- a/test/api_integration/apis/custom_integration/integrations.ts +++ b/test/api_integration/apis/custom_integration/integrations.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -19,6 +20,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .get(`/internal/customIntegrations/appendCustomIntegrations`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body).to.be.an('array'); @@ -37,6 +39,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .get(`/internal/customIntegrations/replacementCustomIntegrations`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body).to.be.an('array'); diff --git a/test/api_integration/apis/data_view_field_editor/field_preview.ts b/test/api_integration/apis/data_view_field_editor/field_preview.ts index 5190ebde33953..24762ea2242e4 100644 --- a/test/api_integration/apis/data_view_field_editor/field_preview.ts +++ b/test/api_integration/apis/data_view_field_editor/field_preview.ts @@ -9,7 +9,10 @@ import expect from '@kbn/expect'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { getErrorCodeFromErrorReason } from '@kbn/data-view-field-editor-plugin/public/lib/runtime_field_validation'; import { FIELD_PREVIEW_PATH, @@ -92,6 +95,7 @@ export default function ({ getService }: FtrProviderContext) { .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION) .send(payload) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(response.values).eql([test.expected]); @@ -109,6 +113,7 @@ export default function ({ getService }: FtrProviderContext) { index: INDEX_NAME, }) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400); }); @@ -121,6 +126,7 @@ export default function ({ getService }: FtrProviderContext) { index: INDEX_NAME, }) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400); }); @@ -133,6 +139,7 @@ export default function ({ getService }: FtrProviderContext) { context: 'keyword_field', }) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400); }); }); @@ -150,7 +157,8 @@ export default function ({ getService }: FtrProviderContext) { context: 'keyword_field', index: INDEX_NAME, }) - .set('kbn-xsrf', 'xxx'); + .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const errorCode = getErrorCodeFromErrorReason(response.error?.caused_by?.reason); diff --git a/test/api_integration/apis/data_views/deprecations/scripted_fields.ts b/test/api_integration/apis/data_views/deprecations/scripted_fields.ts index 7fcfd432d0782..083fabada4ec7 100644 --- a/test/api_integration/apis/data_views/deprecations/scripted_fields.ts +++ b/test/api_integration/apis/data_views/deprecations/scripted_fields.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import type { DeprecationsGetResponse } from '@kbn/core/server'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -28,7 +29,9 @@ export default function ({ getService }: FtrProviderContext) { }); it('no scripted fields deprecations', async () => { - const { body } = await supertest.get('/api/deprecations/'); + const { body } = await supertest + .get('/api/deprecations/') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const { deprecations } = body as DeprecationsGetResponse; const dataPluginDeprecations = deprecations.filter( @@ -40,27 +43,32 @@ export default function ({ getService }: FtrProviderContext) { it('scripted field deprecation', async () => { const title = `basic_index`; - await supertest.post('/api/index_patterns/index_pattern').send({ - index_pattern: { - title, - fields: { - foo: { - name: 'foo', - type: 'string', - scripted: true, - script: "doc['field_name'].value", - }, - bar: { - name: 'bar', - type: 'number', - scripted: true, - script: "doc['field_name'].value", + await supertest + .post('/api/index_patterns/index_pattern') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send({ + index_pattern: { + title, + fields: { + foo: { + name: 'foo', + type: 'string', + scripted: true, + script: "doc['field_name'].value", + }, + bar: { + name: 'bar', + type: 'number', + scripted: true, + script: "doc['field_name'].value", + }, }, }, - }, - }); + }); - const { body } = await supertest.get('/api/deprecations/'); + const { body } = await supertest + .get('/api/deprecations/') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const { deprecations } = body as DeprecationsGetResponse; const dataPluginDeprecations = deprecations.filter( ({ domainId }) => domainId === 'dataViews' diff --git a/test/api_integration/apis/data_views/existing_indices_route/params.ts b/test/api_integration/apis/data_views/existing_indices_route/params.ts index 4bebcca337260..8e1e4bab0cbdd 100644 --- a/test/api_integration/apis/data_views/existing_indices_route/params.ts +++ b/test/api_integration/apis/data_views/existing_indices_route/params.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { EXISTING_INDICES_PATH } from '@kbn/data-views-plugin/common/constants'; import { FtrProviderContext } from '../../../ftr_provider_context'; @@ -29,6 +32,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({}) .expect(400)); @@ -36,6 +40,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ indices: 'filebeat-*', }) @@ -45,6 +50,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ indices: ['filebeat-*'], }) @@ -54,6 +60,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ indices: ['filebeat-*', 'packetbeat-*'], }) @@ -63,6 +70,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ [randomness.word()]: randomness.word(), }) @@ -72,6 +80,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ indices: 'filebeat-*,packetbeat-*', }) diff --git a/test/api_integration/apis/data_views/existing_indices_route/response.ts b/test/api_integration/apis/data_views/existing_indices_route/response.ts index 8ccc723eff9d9..7959945081219 100644 --- a/test/api_integration/apis/data_views/existing_indices_route/response.ts +++ b/test/api_integration/apis/data_views/existing_indices_route/response.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { EXISTING_INDICES_PATH } from '@kbn/data-views-plugin/common/constants'; import { FtrProviderContext } from '../../../ftr_provider_context'; @@ -28,6 +31,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ indices: ['basic_index', 'bad_index'], }) @@ -38,6 +42,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(EXISTING_INDICES_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ indices: ['bad_index'], }) diff --git a/test/api_integration/apis/data_views/fields_for_wildcard_route/conflicts.ts b/test/api_integration/apis/data_views/fields_for_wildcard_route/conflicts.ts index 19fdbeedaa9f2..852ea100ae051 100644 --- a/test/api_integration/apis/data_views/fields_for_wildcard_route/conflicts.ts +++ b/test/api_integration/apis/data_views/fields_for_wildcard_route/conflicts.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_FOR_WILDCARD_PATH } from '@kbn/data-views-plugin/common/constants'; import expect from '@kbn/expect'; @@ -29,6 +32,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'logs-*' }) .expect(200) .then((resp) => { diff --git a/test/api_integration/apis/data_views/fields_for_wildcard_route/filter.ts b/test/api_integration/apis/data_views/fields_for_wildcard_route/filter.ts index 0d66365907aec..04574801a16c8 100644 --- a/test/api_integration/apis/data_views/fields_for_wildcard_route/filter.ts +++ b/test/api_integration/apis/data_views/fields_for_wildcard_route/filter.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_FOR_WILDCARD_PATH } from '@kbn/data-views-plugin/common/constants'; import expect from '@kbn/expect'; @@ -38,6 +41,7 @@ export default function ({ getService }: FtrProviderContext) { const a = await supertest .put(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'helloworld*' }) .send({ index_filter: { exists: { field: 'bye' } } }); diff --git a/test/api_integration/apis/data_views/fields_for_wildcard_route/params.ts b/test/api_integration/apis/data_views/fields_for_wildcard_route/params.ts index 8b42c645f913a..04aaaa2adc331 100644 --- a/test/api_integration/apis/data_views/fields_for_wildcard_route/params.ts +++ b/test/api_integration/apis/data_views/fields_for_wildcard_route/params.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_FOR_WILDCARD_PATH } from '@kbn/data-views-plugin/common/constants'; import { FtrProviderContext } from '../../../ftr_provider_context'; @@ -29,6 +32,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({}) .expect(400)); @@ -36,6 +40,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', include_unmapped: true, @@ -46,6 +51,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: randomness.word(), [randomness.word()]: randomness.word(), @@ -57,6 +63,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: JSON.stringify(['baz']), @@ -67,6 +74,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: ['baz', 'foo'], @@ -77,6 +85,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: ['baz'], @@ -87,6 +96,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: 'baz', @@ -97,6 +107,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: 'foo,bar', @@ -109,6 +120,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: JSON.stringify(['meta']), @@ -119,6 +131,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: ['_id', 'meta'], @@ -129,6 +142,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: ['_id'], @@ -139,6 +153,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: 'foo,bar', diff --git a/test/api_integration/apis/data_views/fields_for_wildcard_route/response.ts b/test/api_integration/apis/data_views/fields_for_wildcard_route/response.ts index d818e0f85eac2..2b0fa0dab4424 100644 --- a/test/api_integration/apis/data_views/fields_for_wildcard_route/response.ts +++ b/test/api_integration/apis/data_views/fields_for_wildcard_route/response.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_FOR_WILDCARD_PATH } from '@kbn/data-views-plugin/common/constants'; import expect from '@kbn/expect'; @@ -89,6 +92,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index' }) .expect(200, { fields: testFields, @@ -101,6 +105,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', fields: JSON.stringify(['bar']) }) .expect(200, { fields: [testFields[0]], @@ -112,6 +117,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', meta_fields: JSON.stringify(['_id', '_source', 'crazy_meta_field']), @@ -205,6 +211,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'bad_index,basic_index' }) .expect(200, { fields: testFields, @@ -216,6 +223,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'bad_index,bad_index_2' }) .expect(404); }); @@ -224,6 +232,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'bad_index', }) @@ -238,6 +247,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index' }) .expect(200, { fields: [], @@ -251,6 +261,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_FOR_WILDCARD_PATH) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'fields-for-wildcard-000001', meta_fields: ['_id', '_index'], diff --git a/test/api_integration/apis/data_views/fields_route/cache.ts b/test/api_integration/apis/data_views/fields_route/cache.ts index a9ca10d3400ee..e906b34336f40 100644 --- a/test/api_integration/apis/data_views/fields_route/cache.ts +++ b/test/api_integration/apis/data_views/fields_route/cache.ts @@ -10,6 +10,7 @@ import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_PATH } from '@kbn/data-views-plugin/common/constants'; import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -26,11 +27,14 @@ export default function ({ getService }: FtrProviderContext) { ); it('are present', async () => { - const response = await supertest.get(FIELDS_PATH).query({ - pattern: '*', - include_unmapped: true, - apiVersion: INITIAL_REST_VERSION_INTERNAL, - }); + const response = await supertest + .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query({ + pattern: '*', + include_unmapped: true, + apiVersion: INITIAL_REST_VERSION_INTERNAL, + }); const cacheControlHeader = response.get('cache-control'); @@ -44,11 +48,14 @@ export default function ({ getService }: FtrProviderContext) { it('no-cache when data_views:cache_max_age set to zero', async () => { await kibanaServer.uiSettings.update({ 'data_views:cache_max_age': 0 }); - const response = await supertest.get(FIELDS_PATH).query({ - pattern: 'b*', - include_unmapped: true, - apiVersion: INITIAL_REST_VERSION_INTERNAL, - }); + const response = await supertest + .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query({ + pattern: 'b*', + include_unmapped: true, + apiVersion: INITIAL_REST_VERSION_INTERNAL, + }); const cacheControlHeader = response.get('cache-control'); @@ -63,15 +70,19 @@ export default function ({ getService }: FtrProviderContext) { }); it('returns 304 on matching etag', async () => { - const response = await supertest.get(FIELDS_PATH).query({ - pattern: '*', - include_unmapped: true, - apiVersion: INITIAL_REST_VERSION_INTERNAL, - }); + const response = await supertest + .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query({ + pattern: '*', + include_unmapped: true, + apiVersion: INITIAL_REST_VERSION_INTERNAL, + }); await supertest .get(FIELDS_PATH) .set('If-None-Match', response.get('etag')!) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', include_unmapped: true, @@ -81,12 +92,15 @@ export default function ({ getService }: FtrProviderContext) { }); it('handles empty field lists', async () => { - const response = await supertest.get(FIELDS_PATH).query({ - pattern: 'xyz', - include_unmapped: true, - apiVersion: INITIAL_REST_VERSION_INTERNAL, - allow_no_index: true, - }); + const response = await supertest + .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .query({ + pattern: 'xyz', + include_unmapped: true, + apiVersion: INITIAL_REST_VERSION_INTERNAL, + allow_no_index: true, + }); expect(response.body.fields).to.be.empty(); }); diff --git a/test/api_integration/apis/data_views/fields_route/conflicts.ts b/test/api_integration/apis/data_views/fields_route/conflicts.ts index 18bbe689c9937..681512af62e7f 100644 --- a/test/api_integration/apis/data_views/fields_route/conflicts.ts +++ b/test/api_integration/apis/data_views/fields_route/conflicts.ts @@ -10,6 +10,7 @@ import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_PATH } from '@kbn/data-views-plugin/common/constants'; import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -27,6 +28,7 @@ export default function ({ getService }: FtrProviderContext) { it('flags fields with mismatched types as conflicting', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'logs-*', apiVersion: INITIAL_REST_VERSION_INTERNAL }) .expect(200) .then((resp) => { diff --git a/test/api_integration/apis/data_views/fields_route/params.ts b/test/api_integration/apis/data_views/fields_route/params.ts index 3d6dcef506aa5..bdd99b78e670b 100644 --- a/test/api_integration/apis/data_views/fields_route/params.ts +++ b/test/api_integration/apis/data_views/fields_route/params.ts @@ -9,6 +9,7 @@ import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/constants'; import { FIELDS_PATH } from '@kbn/data-views-plugin/common/constants'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -27,6 +28,7 @@ export default function ({ getService }: FtrProviderContext) { it('requires a pattern query param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ apiVersion: INITIAL_REST_VERSION_INTERNAL, }) @@ -35,6 +37,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts include_unmapped param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', include_unmapped: true, @@ -45,6 +48,7 @@ export default function ({ getService }: FtrProviderContext) { it('rejects unexpected query params', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: randomness.word(), [randomness.word()]: randomness.word(), @@ -56,6 +60,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts a JSON formatted fields query param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: JSON.stringify(['baz']), @@ -66,6 +71,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts meta_fields query param in string array', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: ['baz', 'foo'], @@ -76,6 +82,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts single array fields query param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: ['baz'], @@ -86,6 +93,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts single fields query param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: 'baz', @@ -96,6 +104,7 @@ export default function ({ getService }: FtrProviderContext) { it('rejects a comma-separated list of fields', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', fields: 'foo,bar', @@ -108,6 +117,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts a JSON formatted meta_fields query param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: JSON.stringify(['meta']), @@ -118,6 +128,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts meta_fields query param in string array', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: ['_id', 'meta'], @@ -128,6 +139,7 @@ export default function ({ getService }: FtrProviderContext) { it('accepts single meta_fields query param', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: ['_id'], @@ -138,6 +150,7 @@ export default function ({ getService }: FtrProviderContext) { it('rejects a comma-separated list of meta_fields', () => supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: '*', meta_fields: 'foo,bar', diff --git a/test/api_integration/apis/data_views/fields_route/response.ts b/test/api_integration/apis/data_views/fields_route/response.ts index 149ebf4d5ce4a..541434b872eb2 100644 --- a/test/api_integration/apis/data_views/fields_route/response.ts +++ b/test/api_integration/apis/data_views/fields_route/response.ts @@ -11,6 +11,7 @@ import { INITIAL_REST_VERSION_INTERNAL } from '@kbn/data-views-plugin/server/con import { FIELDS_PATH } from '@kbn/data-views-plugin/common/constants'; import expect from '@kbn/expect'; import { sortBy } from 'lodash'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -87,6 +88,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns a flattened version of the fields in es', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', apiVersion: INITIAL_REST_VERSION_INTERNAL }) .expect(200, { fields: testFields, @@ -98,6 +100,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns a single field as requested', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', fields: ['bar'], @@ -112,6 +115,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns a single field as requested with json encoding', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', fields: JSON.stringify(['bar']), @@ -126,6 +130,7 @@ export default function ({ getService }: FtrProviderContext) { it('always returns a field for all passed meta fields', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', meta_fields: ['_id', '_source', 'crazy_meta_field'], @@ -219,6 +224,7 @@ export default function ({ getService }: FtrProviderContext) { it('can request fields by type', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', field_types: 'boolean', @@ -233,6 +239,7 @@ export default function ({ getService }: FtrProviderContext) { it('can request fields by multiple types', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'basic_index', field_types: ['boolean', 'text'], @@ -247,6 +254,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns fields when one pattern exists and the other does not', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'bad_index,basic_index', apiVersion: INITIAL_REST_VERSION_INTERNAL }) .expect(200, { fields: testFields, @@ -257,6 +265,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns 404 when neither exists', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'bad_index,bad_index_2', apiVersion: INITIAL_REST_VERSION_INTERNAL }) .expect(404); }); @@ -264,6 +273,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns 404 when no patterns exist', async () => { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'bad_index', apiVersion: INITIAL_REST_VERSION_INTERNAL, @@ -276,6 +286,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(FIELDS_PATH) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ pattern: 'fields-route-000001', meta_fields: ['_id', '_index'], diff --git a/test/api_integration/apis/data_views/has_user_index_pattern/has_user_index_pattern.ts b/test/api_integration/apis/data_views/has_user_index_pattern/has_user_index_pattern.ts index 0193040dcef2c..f781704bb5af3 100644 --- a/test/api_integration/apis/data_views/has_user_index_pattern/has_user_index_pattern.ts +++ b/test/api_integration/apis/data_views/has_user_index_pattern/has_user_index_pattern.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { INITIAL_REST_VERSION, INITIAL_REST_VERSION_INTERNAL, @@ -42,7 +45,8 @@ export default function ({ getService }: FtrProviderContext) { await esArchiver.emptyKibanaIndex(); const response = await supertest .get(servicePath) - .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL); + .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(response.status).to.be(200); expect(response.body.result).to.be(false); }); @@ -54,6 +58,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post(config.path) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ override: true, [config.serviceKey]: { @@ -63,7 +68,8 @@ export default function ({ getService }: FtrProviderContext) { const response = await supertest .get(servicePath) - .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL); + .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(response.status).to.be(200); expect(response.body.result).to.be(true); @@ -76,6 +82,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post(config.path) .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ override: true, [config.serviceKey]: { @@ -86,7 +93,8 @@ export default function ({ getService }: FtrProviderContext) { const response = await supertest .get(servicePath) - .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL); + .set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION_INTERNAL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); expect(response.status).to.be(200); expect(response.body.result).to.be(true); }); diff --git a/test/api_integration/apis/data_views/resolve_index/resolve_index.ts b/test/api_integration/apis/data_views/resolve_index/resolve_index.ts index 2cf3f6702cddf..cd13d23e80c1e 100644 --- a/test/api_integration/apis/data_views/resolve_index/resolve_index.ts +++ b/test/api_integration/apis/data_views/resolve_index/resolve_index.ts @@ -7,6 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; // node scripts/functional_tests --config test/api_integration/config.js --grep="Resolve index API" @@ -16,9 +17,15 @@ export default function ({ getService }: FtrProviderContext) { describe('Resolve index API', function () { it('should return 200 for a search for indices with wildcard', () => - supertest.get(`/internal/index-pattern-management/resolve_index/test*`).expect(200)); + supertest + .get(`/internal/index-pattern-management/resolve_index/test*`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200)); it('should return 404 for an exact match index', () => - supertest.get(`/internal/index-pattern-management/resolve_index/test`).expect(404)); + supertest + .get(`/internal/index-pattern-management/resolve_index/test`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(404)); }); } diff --git a/test/api_integration/apis/event_annotations/event_annotations.ts b/test/api_integration/apis/event_annotations/event_annotations.ts index 1232bc5d69adb..c6df9b16d3c6c 100644 --- a/test/api_integration/apis/event_annotations/event_annotations.ts +++ b/test/api_integration/apis/event_annotations/event_annotations.ts @@ -22,6 +22,7 @@ import type { } from '@kbn/event-annotation-plugin/common'; import { CONTENT_ID } from '@kbn/event-annotation-plugin/common'; import { EVENT_ANNOTATION_GROUP_TYPE } from '@kbn/event-annotation-common'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; const CONTENT_ENDPOINT = '/api/content_management/rpc'; @@ -94,6 +95,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`${CONTENT_ENDPOINT}/get`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload) .expect(200); @@ -138,6 +140,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`${CONTENT_ENDPOINT}/get`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload) .expect(404); @@ -151,7 +154,11 @@ export default function ({ getService }: FtrProviderContext) { describe('search', () => { const performSearch = (payload: EventAnnotationGroupSearchIn) => - supertest.post(`${CONTENT_ENDPOINT}/search`).set('kbn-xsrf', 'kibana').send(payload); + supertest + .post(`${CONTENT_ENDPOINT}/search`) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(payload); it(`should retrieve existing groups`, async () => { const payload: EventAnnotationGroupSearchIn = { @@ -277,6 +284,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`${CONTENT_ENDPOINT}/create`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload) .expect(200); @@ -325,6 +333,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`${CONTENT_ENDPOINT}/create`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload) .expect(400); @@ -345,6 +354,7 @@ export default function ({ getService }: FtrProviderContext) { return supertest .post(`${CONTENT_ENDPOINT}/create`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload); }; @@ -380,6 +390,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`${CONTENT_ENDPOINT}/update`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload) .expect(200); @@ -431,6 +442,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`${CONTENT_ENDPOINT}/update`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload) .expect(400); @@ -453,6 +465,7 @@ export default function ({ getService }: FtrProviderContext) { return supertest .post(`${CONTENT_ENDPOINT}/update`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(payload); }; const errorResp = await updateWithDataViewSpec(undefined).expect(400); @@ -477,7 +490,11 @@ export default function ({ getService }: FtrProviderContext) { version: API_VERSION, }; - return supertest.post(`${CONTENT_ENDPOINT}/delete`).set('kbn-xsrf', 'kibana').send(payload); + return supertest + .post(`${CONTENT_ENDPOINT}/delete`) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(payload); }; it(`should delete a group`, async () => { diff --git a/test/api_integration/apis/guided_onboarding/get_config.ts b/test/api_integration/apis/guided_onboarding/get_config.ts index 3331a08f33c3b..6ab2095e594b8 100644 --- a/test/api_integration/apis/guided_onboarding/get_config.ts +++ b/test/api_integration/apis/guided_onboarding/get_config.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import { API_BASE_PATH } from '@kbn/guided-onboarding-plugin/common'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; const getConfigsPath = `${API_BASE_PATH}/configs`; @@ -19,7 +20,10 @@ export default function testGetGuideConfig({ getService }: FtrProviderContext) { // check that production guides are present ['siem', 'appSearch', 'websiteSearch', 'databaseSearch', 'kubernetes'].map((guideId) => { it(`returns config for ${guideId}`, async () => { - const response = await supertest.get(`${getConfigsPath}/${guideId}`).expect(200); + const response = await supertest + .get(`${getConfigsPath}/${guideId}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body).not.to.be.empty(); const { config } = response.body; expect(config).to.not.be.empty(); diff --git a/test/api_integration/apis/guided_onboarding/get_guides.ts b/test/api_integration/apis/guided_onboarding/get_guides.ts index bc4a4628317dc..029a4b2eb33b7 100644 --- a/test/api_integration/apis/guided_onboarding/get_guides.ts +++ b/test/api_integration/apis/guided_onboarding/get_guides.ts @@ -15,6 +15,7 @@ import { } from '@kbn/guided-onboarding-plugin/server/saved_objects/guided_setup'; import { appSearchGuideId } from '@kbn/enterprise-search-plugin/common/guided_onboarding/search_guide_config'; import { API_BASE_PATH } from '@kbn/guided-onboarding-plugin/common'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; import { createGuides } from './helpers'; @@ -32,7 +33,10 @@ export default function testGetGuidesState({ getService }: FtrProviderContext) { }); it('returns an empty array if no guides', async () => { - const response = await supertest.get(getGuidesPath).expect(200); + const response = await supertest + .get(getGuidesPath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body).not.to.be.empty(); expect(response.body.state).to.be.empty(); }); @@ -42,7 +46,10 @@ export default function testGetGuidesState({ getService }: FtrProviderContext) { testGuideStep1ActiveState, { ...testGuideStep1ActiveState, guideId: appSearchGuideId }, ]); - const response = await supertest.get(getGuidesPath).expect(200); + const response = await supertest + .get(getGuidesPath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body).not.to.be.empty(); expect(response.body.state).to.eql([ testGuideStep1ActiveState, diff --git a/test/api_integration/apis/guided_onboarding/get_state.ts b/test/api_integration/apis/guided_onboarding/get_state.ts index 54118d993d139..68e291b75dc5e 100644 --- a/test/api_integration/apis/guided_onboarding/get_state.ts +++ b/test/api_integration/apis/guided_onboarding/get_state.ts @@ -19,6 +19,7 @@ import { pluginStateSavedObjectsType, } from '@kbn/guided-onboarding-plugin/server/saved_objects/guided_setup'; import { API_BASE_PATH } from '@kbn/guided-onboarding-plugin/common'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; import { createPluginState, createGuides } from './helpers'; @@ -42,7 +43,10 @@ export default function testGetState({ getService }: FtrProviderContext) { }); it('returns the default plugin state if no saved objects', async () => { - const response = await supertest.get(getStatePath).expect(200); + const response = await supertest + .get(getStatePath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body.pluginState).not.to.be.empty(); expect(response.body).to.eql({ pluginState: mockPluginStateNotStarted, @@ -59,7 +63,10 @@ export default function testGetState({ getService }: FtrProviderContext) { creationDate: new Date().toISOString(), }); - const response = await supertest.get(getStatePath).expect(200); + const response = await supertest + .get(getStatePath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body.pluginState).not.to.be.empty(); expect(response.body).to.eql({ pluginState: { @@ -80,7 +87,10 @@ export default function testGetState({ getService }: FtrProviderContext) { creationDate: new Date().toISOString(), }); - const response = await supertest.get(getStatePath).expect(200); + const response = await supertest + .get(getStatePath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body.pluginState).not.to.be.empty(); expect(response.body).to.eql({ pluginState: { @@ -97,7 +107,10 @@ export default function testGetState({ getService }: FtrProviderContext) { creationDate: getDateXDaysAgo(40), }); - const response = await supertest.get(getStatePath).expect(200); + const response = await supertest + .get(getStatePath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body.pluginState).not.to.be.empty(); expect(response.body.pluginState.isActivePeriod).to.eql(false); }); @@ -109,7 +122,10 @@ export default function testGetState({ getService }: FtrProviderContext) { creationDate: getDateXDaysAgo(20), }); - const response = await supertest.get(getStatePath).expect(200); + const response = await supertest + .get(getStatePath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body.pluginState).not.to.be.empty(); expect(response.body.pluginState.isActivePeriod).to.eql(true); }); @@ -124,7 +140,10 @@ export default function testGetState({ getService }: FtrProviderContext) { creationDate: new Date().toISOString(), }); - const response = await supertest.get(getStatePath).expect(200); + const response = await supertest + .get(getStatePath) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(response.body.pluginState.activeGuide.params).to.eql(testGuideParams); }); }); diff --git a/test/api_integration/apis/guided_onboarding/put_state.ts b/test/api_integration/apis/guided_onboarding/put_state.ts index cf3b7b7bfbc3a..c6682be76d528 100644 --- a/test/api_integration/apis/guided_onboarding/put_state.ts +++ b/test/api_integration/apis/guided_onboarding/put_state.ts @@ -23,6 +23,7 @@ import { import { testGuideId } from '@kbn/guided-onboarding'; import { appSearchGuideId } from '@kbn/enterprise-search-plugin/common/guided_onboarding/search_guide_config'; import { API_BASE_PATH } from '@kbn/guided-onboarding-plugin/common'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; import { createGuides, createPluginState } from './helpers'; @@ -43,6 +44,7 @@ export default function testPutState({ getService }: FtrProviderContext) { const response = await supertest .put(putStatePath) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ status: 'in_progress', }) @@ -72,6 +74,7 @@ export default function testPutState({ getService }: FtrProviderContext) { const response = await supertest .put(putStatePath) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ status: 'in_progress', }) @@ -96,6 +99,7 @@ export default function testPutState({ getService }: FtrProviderContext) { await supertest .put(putStatePath) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ guide: testGuideStep1ActiveState, }) @@ -115,6 +119,7 @@ export default function testPutState({ getService }: FtrProviderContext) { await supertest .put(putStatePath) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ guide: testGuideNotActiveState, }) @@ -139,6 +144,7 @@ export default function testPutState({ getService }: FtrProviderContext) { await supertest .put(putStatePath) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ guide: { ...testGuideStep1ActiveState, @@ -175,6 +181,7 @@ export default function testPutState({ getService }: FtrProviderContext) { await supertest .put(putStatePath) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ guide: { ...testGuideStep2ActiveState, diff --git a/test/api_integration/apis/home/sample_data.ts b/test/api_integration/apis/home/sample_data.ts index 4778acc6f4d7a..d290f772fdec5 100644 --- a/test/api_integration/apis/home/sample_data.ts +++ b/test/api_integration/apis/home/sample_data.ts @@ -10,6 +10,7 @@ import expect from '@kbn/expect'; import type { Response } from 'superagent'; import differenceInMilliseconds from 'date-fns/differenceInMilliseconds'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -43,7 +44,11 @@ export default function ({ getService }: FtrProviderContext) { describe(`list in the ${space} space (before install)`, () => { it('should return list of sample data sets with installed status', async () => { - const resp = await supertest.get(apiPath).set('kbn-xsrf', 'kibana').expect(200); + const resp = await supertest + .get(apiPath) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); const flightsData = findFlightsData(resp); expect(flightsData.status).to.be('not_installed'); @@ -58,13 +63,18 @@ export default function ({ getService }: FtrProviderContext) { describe(`install in the ${space} space`, () => { it('should return 404 if id does not match any sample data sets', async () => { - await supertest.post(`${apiPath}/xxxx`).set('kbn-xsrf', 'kibana').expect(404); + await supertest + .post(`${apiPath}/xxxx`) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(404); }); it('should return 200 if success', async () => { const resp = await supertest .post(`${apiPath}/flights`) .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body).to.eql({ @@ -97,7 +107,10 @@ export default function ({ getService }: FtrProviderContext) { it('should load elasticsearch index containing sample data with dates relative to now parameter', async () => { const nowString = `2000-01-01T00:00:00`; - await supertest.post(`${apiPath}/flights?now=${nowString}`).set('kbn-xsrf', 'kibana'); + await supertest + .post(`${apiPath}/flights?now=${nowString}`) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const resp = await es.search<{ timestamp: string }>({ index: 'kibana_sample_data_flights', @@ -115,7 +128,11 @@ export default function ({ getService }: FtrProviderContext) { describe(`list in the ${space} space (after install)`, () => { it('should return list of sample data sets with installed status', async () => { - const resp = await supertest.get(apiPath).set('kbn-xsrf', 'kibana').expect(200); + const resp = await supertest + .get(apiPath) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); const flightsData = findFlightsData(resp); expect(flightsData.status).to.be('installed'); @@ -143,7 +160,12 @@ export default function ({ getService }: FtrProviderContext) { describe(`uninstall in the ${space} space`, () => { it('should uninstall sample data', async () => { // Note: the second time this happens, the index has already been removed, but the uninstall works anyway - await supertest.delete(`${apiPath}/flights`).set('kbn-xsrf', 'kibana').expect(204); + await supertest + .delete(`${apiPath}/flights`) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(204); }); it('should remove elasticsearch index containing sample data', async () => { @@ -156,7 +178,11 @@ export default function ({ getService }: FtrProviderContext) { describe(`list in the ${space} space (after uninstall)`, () => { it('should return list of sample data sets with installed status', async () => { - const resp = await supertest.get(apiPath).set('kbn-xsrf', 'kibana').expect(200); + const resp = await supertest + .get(apiPath) + .set('kbn-xsrf', 'kibana') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); const flightsData = findFlightsData(resp); expect(flightsData.status).to.be('not_installed'); diff --git a/test/api_integration/apis/kql_telemetry/kql_telemetry.ts b/test/api_integration/apis/kql_telemetry/kql_telemetry.ts index c3e0d20d276b4..7d3224c0306a5 100644 --- a/test/api_integration/apis/kql_telemetry/kql_telemetry.ts +++ b/test/api_integration/apis/kql_telemetry/kql_telemetry.ts @@ -11,7 +11,10 @@ import expect from '@kbn/expect'; import { get } from 'lodash'; import { ANALYTICS_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import { KQL_TELEMETRY_ROUTE_LATEST_VERSION } from '@kbn/data-plugin/common'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -36,6 +39,7 @@ export default function ({ getService }: FtrProviderContext) { .post('/internal/kql_opt_in_stats') .set('content-type', 'application/json') .set(ELASTIC_HTTP_VERSION_HEADER, KQL_TELEMETRY_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ opt_in: true }) .expect(200); @@ -55,6 +59,7 @@ export default function ({ getService }: FtrProviderContext) { .post('/internal/kql_opt_in_stats') .set('content-type', 'application/json') .set(ELASTIC_HTTP_VERSION_HEADER, KQL_TELEMETRY_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ opt_in: false }) .expect(200); @@ -74,6 +79,7 @@ export default function ({ getService }: FtrProviderContext) { .post('/internal/kql_opt_in_stats') .set('content-type', 'application/json') .set(ELASTIC_HTTP_VERSION_HEADER, KQL_TELEMETRY_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ opt_in: true }) .expect('Content-Type', /json/) .expect(200) @@ -87,6 +93,7 @@ export default function ({ getService }: FtrProviderContext) { .post('/internal/kql_opt_in_stats') .set('content-type', 'application/json') .set(ELASTIC_HTTP_VERSION_HEADER, KQL_TELEMETRY_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ opt_in: false }) .expect('Content-Type', /json/) .expect(200) @@ -101,6 +108,7 @@ export default function ({ getService }: FtrProviderContext) { .post('/internal/kql_opt_in_stats') .set('content-type', 'application/json') .set(ELASTIC_HTTP_VERSION_HEADER, KQL_TELEMETRY_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ opt_in: 'notabool' }) .expect(400), supertest diff --git a/test/api_integration/apis/saved_objects/bulk_create.ts b/test/api_integration/apis/saved_objects/bulk_create.ts index 80dbbc14e3b50..3e1ad63e3b6ed 100644 --- a/test/api_integration/apis/saved_objects/bulk_create.ts +++ b/test/api_integration/apis/saved_objects/bulk_create.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -47,6 +48,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses', async () => await supertest .post(`/s/${SPACE_ID}/api/saved_objects/_bulk_create`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(BULK_REQUESTS) .expect(200) .then((resp) => { @@ -87,6 +89,7 @@ export default function ({ getService }: FtrProviderContext) { it('should not return raw id when object id is unspecified', async () => await supertest .post(`/s/${SPACE_ID}/api/saved_objects/_bulk_create`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(BULK_REQUESTS.map(({ id, ...rest }) => rest)) .expect(200) .then((resp) => { diff --git a/test/api_integration/apis/saved_objects/bulk_delete.ts b/test/api_integration/apis/saved_objects/bulk_delete.ts index f5c191e8dabe7..68b2862ff5c8b 100644 --- a/test/api_integration/apis/saved_objects/bulk_delete.ts +++ b/test/api_integration/apis/saved_objects/bulk_delete.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -29,6 +30,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses when deleting many docs', async () => await supertest .post(`/api/saved_objects/_bulk_delete`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'visualization', @@ -60,6 +62,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return generic 404 when deleting an unknown doc', async () => await supertest .post(`/api/saved_objects/_bulk_delete`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([{ type: 'dashboard', id: 'not-a-real-id' }]) .expect(200) .then((resp) => { @@ -82,6 +85,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return the result of deleting valid and invalid objects in the same request', async () => await supertest .post(`/api/saved_objects/_bulk_delete`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'visualization', id: 'not-a-real-vis-id' }, { diff --git a/test/api_integration/apis/saved_objects/bulk_get.ts b/test/api_integration/apis/saved_objects/bulk_get.ts index 37bb4f17b530d..019297455bdd0 100644 --- a/test/api_integration/apis/saved_objects/bulk_get.ts +++ b/test/api_integration/apis/saved_objects/bulk_get.ts @@ -9,6 +9,7 @@ import { MAIN_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -72,6 +73,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses', async () => await supertest .post(`/api/saved_objects/_bulk_get`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(BULK_REQUESTS) .expect(200) .then((resp) => { @@ -147,6 +149,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses that include the managed property of each object', async () => await supertest .post(`/api/saved_objects/_bulk_get`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(BULK_REQUESTS_MANAGED) .expect(200) .then((resp) => { @@ -281,6 +284,7 @@ export default function ({ getService }: FtrProviderContext) { const { body } = await supertest .post(`/api/saved_objects/_bulk_get`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'config', diff --git a/test/api_integration/apis/saved_objects/bulk_update.ts b/test/api_integration/apis/saved_objects/bulk_update.ts index 332cd84926922..2233dbdde641d 100644 --- a/test/api_integration/apis/saved_objects/bulk_update.ts +++ b/test/api_integration/apis/saved_objects/bulk_update.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import _ from 'lodash'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -30,6 +31,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200', async () => { const response = await supertest .put(`/api/saved_objects/_bulk_update`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'visualization', @@ -98,6 +100,7 @@ export default function ({ getService }: FtrProviderContext) { const response = await supertest .put(`/api/saved_objects/_bulk_update`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'visualization', @@ -160,6 +163,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .put(`/api/saved_objects/_bulk_update`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'visualization', @@ -191,6 +195,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return a generic 404', async () => { const response = await supertest .put(`/api/saved_objects/_bulk_update`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([ { type: 'visualization', diff --git a/test/api_integration/apis/saved_objects/create.ts b/test/api_integration/apis/saved_objects/create.ts index 40b1a3617f1fa..1778719fbc502 100644 --- a/test/api_integration/apis/saved_objects/create.ts +++ b/test/api_integration/apis/saved_objects/create.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -30,6 +31,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200', async () => { await supertest .post(`/api/saved_objects/visualization`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ attributes: { title: 'My favorite vis', @@ -72,6 +74,7 @@ export default function ({ getService }: FtrProviderContext) { it('result should not be updated to the latest Kibana version if there are no migrations', async () => { await supertest .post(`/api/saved_objects/visualization`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ attributes: { title: 'My favorite vis', diff --git a/test/api_integration/apis/saved_objects/delete.ts b/test/api_integration/apis/saved_objects/delete.ts index ba2b66548a558..4630943680f3b 100644 --- a/test/api_integration/apis/saved_objects/delete.ts +++ b/test/api_integration/apis/saved_objects/delete.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -29,6 +30,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 when deleting a doc', async () => await supertest .delete(`/api/saved_objects/dashboard/be3733a0-9efe-11e7-acb3-3dab96693fab`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({}); @@ -37,6 +39,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return generic 404 when deleting an unknown doc', async () => await supertest .delete(`/api/saved_objects/dashboard/not-a-real-id`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404) .then((resp) => { expect(resp.body).to.eql({ diff --git a/test/api_integration/apis/saved_objects/delete_unknown_types.ts b/test/api_integration/apis/saved_objects/delete_unknown_types.ts index e61c7d84bc580..b03f6eebc3cfb 100644 --- a/test/api_integration/apis/saved_objects/delete_unknown_types.ts +++ b/test/api_integration/apis/saved_objects/delete_unknown_types.ts @@ -12,6 +12,7 @@ import { MAIN_SAVED_OBJECT_INDEX, ANALYTICS_SAVED_OBJECT_INDEX, } from '@kbn/core-saved-objects-server'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; const delay = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms)); @@ -72,6 +73,7 @@ export default function ({ getService }: FtrProviderContext) { .post(`/internal/saved_objects/deprecations/_delete_unknown_types`) .send({}) .set('kbn-xsrf', 'true') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ success: true }); diff --git a/test/api_integration/apis/saved_objects/find.ts b/test/api_integration/apis/saved_objects/find.ts index 4664171879813..fb100210b19ac 100644 --- a/test/api_integration/apis/saved_objects/find.ts +++ b/test/api_integration/apis/saved_objects/find.ts @@ -11,6 +11,7 @@ import { sortBy } from 'lodash'; import { MAIN_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import expect from '@kbn/expect'; import { SavedObject } from '@kbn/core/server'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -47,6 +48,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses', async () => await supertest .get(`/s/${SPACE_ID}/api/saved_objects/_find?type=visualization&fields=title`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body.saved_objects.map((so: { id: string }) => so.id)).to.eql([ @@ -68,6 +70,7 @@ export default function ({ getService }: FtrProviderContext) { const { body } = await supertest .get(`/s/${SPACE_ID}/api/saved_objects/_find?type=config`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(body.saved_objects.map((so: { id: string }) => so.id)).to.eql(['7.0.0-alpha1']); @@ -81,6 +84,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with empty response', async () => await supertest .get(`/s/${SPACE_ID}/api/saved_objects/_find?type=wigwags`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -97,6 +101,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with empty response', async () => await supertest .get(`/s/${SPACE_ID}/api/saved_objects/_find?type=visualization&page=100&per_page=100`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -112,6 +117,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with empty response', async () => await supertest .get(`/s/${SPACE_ID}/api/saved_objects/_find?type=url&search_fields=a`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -127,6 +133,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with empty response', async () => await supertest .get(`/s/${SPACE_ID}/api/saved_objects/_find?type=visualization&namespaces=foo`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -142,6 +149,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses', async () => await supertest .get(`/api/saved_objects/_find?type=visualization&fields=title&namespaces=${SPACE_ID}`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect( @@ -161,6 +169,7 @@ export default function ({ getService }: FtrProviderContext) { .get( `/api/saved_objects/_find?type=visualization&fields=title&fields=originId&namespaces=*` ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const knownDocuments = resp.body.saved_objects.filter((so: { namespaces: string[] }) => @@ -187,6 +196,7 @@ export default function ({ getService }: FtrProviderContext) { .get( `/s/${SPACE_ID}/api/saved_objects/_find?type=visualization&filter=visualization.attributes.title:"Count of requests"` ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body.saved_objects.map((so: { id: string }) => so.id)).to.eql([ @@ -199,6 +209,7 @@ export default function ({ getService }: FtrProviderContext) { .get( `/s/${SPACE_ID}/api/saved_objects/_find?type=visualization&filter=dashboard.attributes.title:foo` ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400) .then((resp) => { expect(resp.body).to.eql({ @@ -213,6 +224,7 @@ export default function ({ getService }: FtrProviderContext) { .get( `/s/${SPACE_ID}/api/saved_objects/_find?type=dashboard&filter=dashboard.attributes.title:foo { expect(resp.body.error).to.be('Bad Request'); @@ -231,6 +243,7 @@ export default function ({ getService }: FtrProviderContext) { }) )}` ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -255,6 +268,7 @@ export default function ({ getService }: FtrProviderContext) { }) )}` ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400) .then((resp) => { expect(resp.body).to.eql({ @@ -279,6 +293,7 @@ export default function ({ getService }: FtrProviderContext) { }) )}` ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400) .then((resp) => { expect(resp.body).to.eql({ @@ -311,6 +326,7 @@ export default function ({ getService }: FtrProviderContext) { type: 'visualization', has_reference: JSON.stringify({ type: 'ref-type', id: 'ref-1' }), }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -332,6 +348,7 @@ export default function ({ getService }: FtrProviderContext) { ]), has_reference_operator: 'OR', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -354,6 +371,7 @@ export default function ({ getService }: FtrProviderContext) { ]), has_reference_operator: 'AND', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -383,6 +401,7 @@ export default function ({ getService }: FtrProviderContext) { type: 'visualization', has_no_reference: JSON.stringify({ type: 'ref-type', id: 'ref-1' }), }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -405,6 +424,7 @@ export default function ({ getService }: FtrProviderContext) { ]), has_no_reference_operator: 'OR', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -428,6 +448,7 @@ export default function ({ getService }: FtrProviderContext) { ]), has_no_reference_operator: 'AND', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -462,6 +483,7 @@ export default function ({ getService }: FtrProviderContext) { has_reference: JSON.stringify({ type: 'ref-type', id: 'ref-1' }), has_no_reference: JSON.stringify({ type: 'ref-type', id: 'ref-2' }), }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -478,6 +500,7 @@ export default function ({ getService }: FtrProviderContext) { has_reference: JSON.stringify({ type: 'ref-type', id: 'ref-1' }), has_no_reference: JSON.stringify({ type: 'ref-type', id: 'ref-1' }), }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const objects = resp.body.saved_objects; @@ -509,6 +532,7 @@ export default function ({ getService }: FtrProviderContext) { search_fields: 'title', search: 'my-vis*', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const savedObjects = resp.body.saved_objects; @@ -525,6 +549,7 @@ export default function ({ getService }: FtrProviderContext) { search_fields: 'title', search: 'my-*', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const savedObjects = resp.body.saved_objects; @@ -541,6 +566,7 @@ export default function ({ getService }: FtrProviderContext) { search_fields: 'title', search: 'some*vi*', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const savedObjects = resp.body.saved_objects; @@ -557,6 +583,7 @@ export default function ({ getService }: FtrProviderContext) { search_fields: 'title', search: 'visuali*', }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { const savedObjects = resp.body.saved_objects; diff --git a/test/api_integration/apis/saved_objects/get.ts b/test/api_integration/apis/saved_objects/get.ts index 2f03a8d031a1e..d745c0ea2d585 100644 --- a/test/api_integration/apis/saved_objects/get.ts +++ b/test/api_integration/apis/saved_objects/get.ts @@ -9,6 +9,7 @@ import { MAIN_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -37,6 +38,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200', async () => await supertest .get(`/api/saved_objects/visualization/dd7caf20-9efd-11e7-acb3-3dab96693fab`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -74,6 +76,7 @@ export default function ({ getService }: FtrProviderContext) { it("should return an object's managed property", async () => { await supertest .get(`/api/saved_objects/dashboard/11fb046d-0e50-48a0-a410-a744b82cbffd`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { expect(resp.body).to.eql({ @@ -126,7 +129,10 @@ export default function ({ getService }: FtrProviderContext) { }, }); - const { body } = await supertest.get(`/api/saved_objects/config/7.0.0-alpha1`).expect(200); + const { body } = await supertest + .get(`/api/saved_objects/config/7.0.0-alpha1`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(body.coreMigrationVersion).to.be.ok(); expect(body.coreMigrationVersion).not.to.be('7.0.0'); @@ -138,6 +144,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return same generic error as when index does not exist', async () => await supertest .get(`/api/saved_objects/visualization/foobar`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404) .then((resp) => { expect(resp.body).to.eql({ diff --git a/test/api_integration/apis/saved_objects/resolve.ts b/test/api_integration/apis/saved_objects/resolve.ts index b538216e0ec19..6ef773b2c170f 100644 --- a/test/api_integration/apis/saved_objects/resolve.ts +++ b/test/api_integration/apis/saved_objects/resolve.ts @@ -9,6 +9,7 @@ import { MAIN_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -32,6 +33,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200', async () => await supertest .get(`/api/saved_objects/resolve/visualization/dd7caf20-9efd-11e7-acb3-3dab96693fab`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { resp.body.saved_object.updated_at = '2015-01-01T00:00:00.000Z'; @@ -85,6 +87,7 @@ export default function ({ getService }: FtrProviderContext) { const { body } = await supertest .get(`/api/saved_objects/resolve/config/7.0.0-alpha1`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(body.saved_object.coreMigrationVersion).to.be.ok(); @@ -97,6 +100,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return same generic error as when index does not exist', async () => await supertest .get(`/api/saved_objects/resolve/visualization/foobar`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404) .then((resp) => { expect(resp.body).to.eql({ diff --git a/test/api_integration/apis/saved_objects/update.ts b/test/api_integration/apis/saved_objects/update.ts index e04072f0bae0e..744704a7d3537 100644 --- a/test/api_integration/apis/saved_objects/update.ts +++ b/test/api_integration/apis/saved_objects/update.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -33,6 +34,7 @@ export default function ({ getService }: FtrProviderContext) { title: 'My second favorite vis', }, }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp) => { // loose uuid validation @@ -66,6 +68,7 @@ export default function ({ getService }: FtrProviderContext) { title: 'foo', }, }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body).not.to.have.property('references'); @@ -82,6 +85,7 @@ export default function ({ getService }: FtrProviderContext) { }, references, }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body).to.have.property('references'); @@ -97,6 +101,7 @@ export default function ({ getService }: FtrProviderContext) { }, references: [], }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body).to.have.property('references'); @@ -115,10 +120,12 @@ export default function ({ getService }: FtrProviderContext) { description: 'upserted description', }, }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); const { body: upserted } = await supertest .get(`/api/saved_objects/visualization/upserted-viz`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(upserted.attributes).to.eql({ @@ -137,10 +144,12 @@ export default function ({ getService }: FtrProviderContext) { version: 9000, }, }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); const { body: notUpserted } = await supertest .get(`/api/saved_objects/visualization/upserted-viz`) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(notUpserted.attributes).to.eql({ @@ -158,6 +167,7 @@ export default function ({ getService }: FtrProviderContext) { title: 'My second favorite vis', }, }) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404) .then((resp) => { expect(resp.body).eql({ diff --git a/test/api_integration/apis/saved_objects_management/bulk_delete.ts b/test/api_integration/apis/saved_objects_management/bulk_delete.ts index 5c71b982307f6..c1a862eb75b12 100644 --- a/test/api_integration/apis/saved_objects_management/bulk_delete.ts +++ b/test/api_integration/apis/saved_objects_management/bulk_delete.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import type { Response } from 'supertest'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -52,6 +53,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 for an existing object', async () => await supertest .post(endpoint) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([validObject]) .expect(200) .then((response: Response) => { @@ -62,6 +64,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return error for invalid object type', async () => await supertest .post(endpoint) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([invalidObject]) .expect(200) .then((response: Response) => { @@ -72,6 +75,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return mix of successes and errors', async () => await supertest .post(endpoint) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([validObject, invalidObject]) .expect(200) .then((response: Response) => { diff --git a/test/api_integration/apis/saved_objects_management/bulk_get.ts b/test/api_integration/apis/saved_objects_management/bulk_get.ts index 0acbb03fa7d53..01a05ff48758d 100644 --- a/test/api_integration/apis/saved_objects_management/bulk_get.ts +++ b/test/api_integration/apis/saved_objects_management/bulk_get.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import type { Response } from 'supertest'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import type { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -53,6 +54,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 for object that exists and inject metadata', async () => await supertest .post(URL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([validObject]) .expect(200) .then((response: Response) => { @@ -63,6 +65,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return error for invalid object type', async () => await supertest .post(URL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([invalidObject]) .expect(200) .then((response: Response) => { @@ -73,6 +76,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return mix of successes and errors', async () => await supertest .post(URL) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send([validObject, invalidObject]) .expect(200) .then((response: Response) => { diff --git a/test/api_integration/apis/saved_objects_management/find.ts b/test/api_integration/apis/saved_objects_management/find.ts index 539fb10c7ee09..5d5c953065eac 100644 --- a/test/api_integration/apis/saved_objects_management/find.ts +++ b/test/api_integration/apis/saved_objects_management/find.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import { Response } from 'supertest'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -39,6 +40,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with individual responses', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=visualization') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body.saved_objects.map((so: { id: string }) => so.id)).to.eql([ @@ -50,6 +52,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 200 with empty response', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=wigwags') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body).to.eql({ @@ -67,6 +70,7 @@ export default function ({ getService }: FtrProviderContext) { .get( '/api/kibana/management/saved_objects/_find?type=visualization&page=100&perPage=100' ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body).to.eql({ @@ -82,6 +86,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 400 when using searchFields', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=url&searchFields=a') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(400) .then((resp: Response) => { expect(resp.body).to.eql({ @@ -107,6 +112,7 @@ export default function ({ getService }: FtrProviderContext) { it('search for a reference', async () => { await supertest .get('/api/kibana/management/saved_objects/_find') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ type: 'visualization', hasReference: JSON.stringify({ type: 'ref-type', id: 'ref-1' }), @@ -121,6 +127,7 @@ export default function ({ getService }: FtrProviderContext) { it('search for multiple references with OR operator', async () => { await supertest .get('/api/kibana/management/saved_objects/_find') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ type: 'visualization', hasReference: JSON.stringify([ @@ -143,6 +150,7 @@ export default function ({ getService }: FtrProviderContext) { it('search for multiple references with AND operator', async () => { await supertest .get('/api/kibana/management/saved_objects/_find') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ type: 'visualization', hasReference: JSON.stringify([ @@ -163,6 +171,7 @@ export default function ({ getService }: FtrProviderContext) { it('sort objects by "type" in "asc" order', async () => { await supertest .get('/api/kibana/management/saved_objects/_find') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ type: ['visualization', 'dashboard'], sortField: 'type', @@ -179,6 +188,7 @@ export default function ({ getService }: FtrProviderContext) { it('sort objects by "type" in "desc" order', async () => { await supertest .get('/api/kibana/management/saved_objects/_find') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query({ type: ['visualization', 'dashboard'], sortField: 'type', @@ -210,6 +220,7 @@ export default function ({ getService }: FtrProviderContext) { it('should inject meta attributes for searches', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=search') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body.saved_objects).to.have.length(1); @@ -228,6 +239,7 @@ export default function ({ getService }: FtrProviderContext) { it('should inject meta attributes for dashboards', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=dashboard') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body.saved_objects).to.have.length(1); @@ -246,6 +258,7 @@ export default function ({ getService }: FtrProviderContext) { it('should inject meta attributes for visualizations', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=visualization') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body.saved_objects).to.have.length(2); @@ -274,6 +287,7 @@ export default function ({ getService }: FtrProviderContext) { it('should inject meta attributes for index patterns', async () => await supertest .get('/api/kibana/management/saved_objects/_find?type=index-pattern') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((resp: Response) => { expect(resp.body.saved_objects).to.have.length(1); diff --git a/test/api_integration/apis/saved_objects_management/relationships.ts b/test/api_integration/apis/saved_objects_management/relationships.ts index 9245c84674458..15b7ee51d40af 100644 --- a/test/api_integration/apis/saved_objects_management/relationships.ts +++ b/test/api_integration/apis/saved_objects_management/relationships.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import { schema } from '@kbn/config-schema'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -67,6 +68,7 @@ export default function ({ getService }: FtrProviderContext) { it('should validate search response schema', async () => { const resp = await supertest .get(relationshipsUrl('search', '960372e0-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(() => { @@ -77,6 +79,7 @@ export default function ({ getService }: FtrProviderContext) { it('should work for searches', async () => { const resp = await supertest .get(relationshipsUrl('search', '960372e0-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -119,6 +122,7 @@ export default function ({ getService }: FtrProviderContext) { .get( relationshipsUrl('search', '960372e0-3224-11e8-a572-ffca06da1357', ['visualization']) ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -159,6 +163,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 404 if search finds no results', async () => { await supertest .get(relationshipsUrl('search', 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404); }); }); @@ -167,6 +172,7 @@ export default function ({ getService }: FtrProviderContext) { it('should validate dashboard response schema', async () => { const resp = await supertest .get(relationshipsUrl('dashboard', 'b70c7ae0-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(() => { @@ -177,6 +183,7 @@ export default function ({ getService }: FtrProviderContext) { it('should work for dashboards', async () => { const resp = await supertest .get(relationshipsUrl('dashboard', 'b70c7ae0-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -216,6 +223,7 @@ export default function ({ getService }: FtrProviderContext) { it('should filter based on savedObjectTypes', async () => { const resp = await supertest .get(relationshipsUrl('dashboard', 'b70c7ae0-3224-11e8-a572-ffca06da1357', ['search'])) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -255,6 +263,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 404 if dashboard finds no results', async () => { await supertest .get(relationshipsUrl('dashboard', 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404); }); }); @@ -263,6 +272,7 @@ export default function ({ getService }: FtrProviderContext) { it('should validate visualization response schema', async () => { const resp = await supertest .get(relationshipsUrl('visualization', 'a42c0580-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(() => { @@ -273,6 +283,7 @@ export default function ({ getService }: FtrProviderContext) { it('should work for visualizations', async () => { const resp = await supertest .get(relationshipsUrl('visualization', 'a42c0580-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -314,6 +325,7 @@ export default function ({ getService }: FtrProviderContext) { .get( relationshipsUrl('visualization', 'a42c0580-3224-11e8-a572-ffca06da1357', ['search']) ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -338,6 +350,7 @@ export default function ({ getService }: FtrProviderContext) { it('should return 404 if visualizations finds no results', async () => { await supertest .get(relationshipsUrl('visualization', 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404); }); }); @@ -346,6 +359,7 @@ export default function ({ getService }: FtrProviderContext) { it('should validate index-pattern response schema', async () => { const resp = await supertest .get(relationshipsUrl('index-pattern', '8963ca30-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(() => { @@ -356,6 +370,7 @@ export default function ({ getService }: FtrProviderContext) { it('should work for index patterns', async () => { const resp = await supertest .get(relationshipsUrl('index-pattern', '8963ca30-3224-11e8-a572-ffca06da1357')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -397,6 +412,7 @@ export default function ({ getService }: FtrProviderContext) { .get( relationshipsUrl('index-pattern', '8963ca30-3224-11e8-a572-ffca06da1357', ['search']) ) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); expect(resp.body.relations).to.eql([ @@ -421,13 +437,17 @@ export default function ({ getService }: FtrProviderContext) { it('should return 404 if index pattern finds no results', async () => { await supertest .get(relationshipsUrl('index-pattern', 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404); }); }); describe('invalid references', () => { it('should validate the response schema', async () => { - const resp = await supertest.get(relationshipsUrl('dashboard', 'invalid-refs')).expect(200); + const resp = await supertest + .get(relationshipsUrl('dashboard', 'invalid-refs')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(() => { responseSchema.validate(resp.body); @@ -435,7 +455,10 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return the invalid relations', async () => { - const resp = await supertest.get(relationshipsUrl('dashboard', 'invalid-refs')).expect(200); + const resp = await supertest + .get(relationshipsUrl('dashboard', 'invalid-refs')) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect(200); expect(resp.body).to.eql({ invalidRelations: [ diff --git a/test/api_integration/apis/saved_objects_management/scroll_count.ts b/test/api_integration/apis/saved_objects_management/scroll_count.ts index dcaf1fedcd071..761f2aea4184a 100644 --- a/test/api_integration/apis/saved_objects_management/scroll_count.ts +++ b/test/api_integration/apis/saved_objects_management/scroll_count.ts @@ -8,6 +8,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; const apiUrl = '/api/kibana/management/saved_objects/scroll/counts'; @@ -36,6 +37,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns the count for each included types', async () => { const res = await supertest .post(apiUrl) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ typesToInclude: defaultTypes, }) @@ -52,6 +54,7 @@ export default function ({ getService }: FtrProviderContext) { it('only returns count for types to include', async () => { const res = await supertest .post(apiUrl) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ typesToInclude: ['dashboard', 'search'], }) @@ -66,6 +69,7 @@ export default function ({ getService }: FtrProviderContext) { it('filters on title when `searchString` is provided', async () => { const res = await supertest .post(apiUrl) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ typesToInclude: defaultTypes, searchString: 'Amazing', @@ -83,6 +87,7 @@ export default function ({ getService }: FtrProviderContext) { it('includes all requested types even when none match the search', async () => { const res = await supertest .post(apiUrl) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ typesToInclude: ['dashboard', 'search', 'visualization'], searchString: 'nothing-will-match', @@ -139,6 +144,7 @@ export default function ({ getService }: FtrProviderContext) { it('returns the correct count for each included types', async () => { const res = await supertest .post(apiUrl) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ typesToInclude: ['visualization'], }) diff --git a/test/api_integration/apis/saved_queries/saved_queries.ts b/test/api_integration/apis/saved_queries/saved_queries.ts index 679020430b877..f211dfc06da7f 100644 --- a/test/api_integration/apis/saved_queries/saved_queries.ts +++ b/test/api_integration/apis/saved_queries/saved_queries.ts @@ -8,7 +8,10 @@ */ import expect from '@kbn/expect'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { SavedQueryAttributes, SAVED_QUERY_BASE_URL } from '@kbn/data-plugin/common'; import { FtrProviderContext } from '../../ftr_provider_context'; @@ -33,33 +36,46 @@ export default function ({ getService }: FtrProviderContext) { supertest .post(`${SAVED_QUERY_BASE_URL}/_create`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(query); const updateQuery = (id: string, query: Partial = mockSavedQuery) => supertest .put(`${SAVED_QUERY_BASE_URL}/${id}`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(query); const deleteQuery = (id: string) => - supertest.delete(`${SAVED_QUERY_BASE_URL}/${id}`).set(ELASTIC_HTTP_VERSION_HEADER, '1'); + supertest + .delete(`${SAVED_QUERY_BASE_URL}/${id}`) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const getQuery = (id: string) => - supertest.get(`${SAVED_QUERY_BASE_URL}/${id}`).set(ELASTIC_HTTP_VERSION_HEADER, '1'); + supertest + .get(`${SAVED_QUERY_BASE_URL}/${id}`) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const findQueries = (options: { search?: string; perPage?: number; page?: number } = {}) => supertest .post(`${SAVED_QUERY_BASE_URL}/_find`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(options); const countQueries = () => - supertest.get(`${SAVED_QUERY_BASE_URL}/_count`).set(ELASTIC_HTTP_VERSION_HEADER, '1'); + supertest + .get(`${SAVED_QUERY_BASE_URL}/_count`) + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); const isDuplicateTitle = (title: string, id?: string) => supertest .post(`${SAVED_QUERY_BASE_URL}/_is_duplicate_title`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ title, id }); describe('Saved queries API', function () { diff --git a/test/api_integration/apis/scripts/languages.js b/test/api_integration/apis/scripts/languages.js index 2c85f359ce486..b77cc9c01c5ad 100644 --- a/test/api_integration/apis/scripts/languages.js +++ b/test/api_integration/apis/scripts/languages.js @@ -9,7 +9,10 @@ import expect from '@kbn/expect'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { SCRIPT_LANGUAGES_ROUTE_LATEST_VERSION } from '@kbn/data-plugin/common/constants'; export default function ({ getService }) { @@ -20,6 +23,7 @@ export default function ({ getService }) { supertest .get('/internal/scripts/languages') .set(ELASTIC_HTTP_VERSION_HEADER, SCRIPT_LANGUAGES_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((response) => { expect(response.body).to.be.an('array'); @@ -30,6 +34,7 @@ export default function ({ getService }) { supertest .get('/internal/scripts/languages') .set(ELASTIC_HTTP_VERSION_HEADER, SCRIPT_LANGUAGES_ROUTE_LATEST_VERSION) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((response) => { expect(response.body).to.contain('expression'); diff --git a/test/api_integration/apis/search/bsearch.ts b/test/api_integration/apis/search/bsearch.ts index ed080ee4f553c..2c4bcead1d475 100644 --- a/test/api_integration/apis/search/bsearch.ts +++ b/test/api_integration/apis/search/bsearch.ts @@ -10,7 +10,10 @@ import expect from '@kbn/expect'; import request from 'superagent'; import { inflateResponse } from '@kbn/bfetch-plugin/public/streaming'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { BFETCH_ROUTE_VERSION_LATEST } from '@kbn/bfetch-plugin/common'; import { FtrProviderContext } from '../../ftr_provider_context'; import { painlessErrReq } from './painless_err_req'; @@ -35,6 +38,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -68,6 +72,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch?compress=true`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -101,6 +106,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -144,6 +150,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -175,6 +182,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -215,6 +223,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -240,6 +249,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -274,6 +284,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -324,6 +335,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -359,6 +371,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -408,6 +421,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -436,6 +450,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -466,6 +481,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -495,6 +511,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { @@ -526,6 +543,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ batch: [ { diff --git a/test/api_integration/apis/search/search.ts b/test/api_integration/apis/search/search.ts index c3bf86933bd1c..01609bec6f1b9 100644 --- a/test/api_integration/apis/search/search.ts +++ b/test/api_integration/apis/search/search.ts @@ -7,7 +7,10 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import expect from '@kbn/expect'; import { FtrProviderContext } from '../../ftr_provider_context'; import { painlessErrReq } from './painless_err_req'; @@ -31,6 +34,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { body: { @@ -53,6 +57,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { terminateAfter: 1, @@ -78,6 +83,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ body: { query: { @@ -94,6 +100,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/banana`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ body: { query: { @@ -102,9 +109,8 @@ export default function ({ getService }: FtrProviderContext) { }, }) .expect(404); - verifyErrorResponse(resp.body, 404); - expect(resp.body.message).to.contain('banana not found'); + expect(resp.body.message).to.be('Search strategy banana not found'); expect(resp.header).to.have.property(ELASTIC_HTTP_VERSION_HEADER, '1'); }); @@ -112,6 +118,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { timeout: 1, // This should be a time range string! @@ -133,6 +140,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { body: { @@ -150,6 +158,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(painlessErrReq) .expect(400); @@ -162,6 +171,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .delete(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send() .expect(404); verifyErrorResponse(resp.body, 404); @@ -171,6 +181,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .delete(`/internal/search/es/123`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send() .expect(400); verifyErrorResponse(resp.body, 400); diff --git a/test/api_integration/apis/search/sql_search.ts b/test/api_integration/apis/search/sql_search.ts index e4d0f15e24040..374fdd263ee29 100644 --- a/test/api_integration/apis/search/sql_search.ts +++ b/test/api_integration/apis/search/sql_search.ts @@ -8,7 +8,10 @@ */ import expect from '@kbn/expect'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -31,6 +34,7 @@ export default function ({ getService }: FtrProviderContext) { const resp = await supertest .post(`/internal/search/sql`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { query: sqlQuery, @@ -49,6 +53,7 @@ export default function ({ getService }: FtrProviderContext) { const resp1 = await supertest .post(`/internal/search/sql`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { query: sqlQuery, @@ -61,6 +66,7 @@ export default function ({ getService }: FtrProviderContext) { const resp2 = await supertest .post(`/internal/search/sql/${id}`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({}); expect(resp2.status).to.be(200); @@ -77,6 +83,7 @@ export default function ({ getService }: FtrProviderContext) { const resp1 = await supertest .post(`/internal/search/sql`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ params: { query: sqlQuery, @@ -90,6 +97,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post(`/internal/search/sql/${id}`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({}) .expect(200); @@ -97,6 +105,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .delete(`/internal/search/sql/${id}`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send() .expect(200); @@ -104,6 +113,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post(`/internal/search/sql/${id}`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({}) .expect(404); }); diff --git a/test/api_integration/apis/suggestions/suggestions.js b/test/api_integration/apis/suggestions/suggestions.js index ad18af6689c63..97a1dbae734de 100644 --- a/test/api_integration/apis/suggestions/suggestions.js +++ b/test/api_integration/apis/suggestions/suggestions.js @@ -8,7 +8,10 @@ */ import expect from '@kbn/expect'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import { + ELASTIC_HTTP_VERSION_HEADER, + X_ELASTIC_INTERNAL_ORIGIN_REQUEST, +} from '@kbn/core-http-common'; export default function ({ getService }) { const esArchiver = getService('esArchiver'); @@ -37,6 +40,7 @@ export default function ({ getService }) { supertest .post('/internal/kibana/suggestions/values/basic_index') .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ field: 'baz.keyword', query: '', @@ -51,6 +55,7 @@ export default function ({ getService }) { supertest .post('/internal/kibana/suggestions/values/basic_index') .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ field: 'baz.keyword', method: 'terms_agg', @@ -66,6 +71,7 @@ export default function ({ getService }) { supertest .post('/internal/kibana/suggestions/values/basic_index') .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ field: 'baz.keyword', method: 'terms_enum', @@ -81,6 +87,7 @@ export default function ({ getService }) { supertest .post('/internal/kibana/suggestions/values/basic_index') .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ field: 'baz.keyword', query: ' { await supertest .get('/translations/en.json') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect('Cache-Control', 'public, max-age=31536000, immutable') .expect(200); }); it('allows the bootstrap bundles to be cached', async () => { - await supertest.get('/bootstrap.js').expect('Cache-Control', 'must-revalidate').expect(200); + await supertest + .get('/bootstrap.js') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .expect('Cache-Control', 'must-revalidate') + .expect(200); }); }); } diff --git a/test/server_integration/http/platform/status.ts b/test/server_integration/http/platform/status.ts index a00aa46ad9f23..f27a5e624de76 100644 --- a/test/server_integration/http/platform/status.ts +++ b/test/server_integration/http/platform/status.ts @@ -9,6 +9,7 @@ import expect from '@kbn/expect'; import type { ServiceStatus, ServiceStatusLevels } from '@kbn/core/server'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../services/types'; type ServiceStatusSerialized = Omit & { level: string }; @@ -30,6 +31,7 @@ export default function ({ getService }: FtrProviderContext) { supertest .post(`/internal/status_plugin_a/status/set?level=${level}`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); describe('status service', function () { diff --git a/x-pack/test/api_integration/apis/spaces/get_active_space.ts b/x-pack/test/api_integration/apis/spaces/get_active_space.ts index 627b0847aee35..e32f20f0268b5 100644 --- a/x-pack/test/api_integration/apis/spaces/get_active_space.ts +++ b/x-pack/test/api_integration/apis/spaces/get_active_space.ts @@ -6,6 +6,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -30,6 +31,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get('/internal/spaces/_active_space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((response) => { const { id, name, _reserved } = response.body; @@ -45,6 +47,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get('/s/default/internal/spaces/_active_space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((response) => { const { id, name, _reserved } = response.body; @@ -60,6 +63,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get('/s/foo-space/internal/spaces/_active_space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200, { id: 'foo-space', name: 'Foo Space', @@ -72,6 +76,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get('/s/not-found-space/internal/spaces/_active_space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404, { statusCode: 404, error: 'Not Found', diff --git a/x-pack/test/api_integration/apis/spaces/get_content_summary.ts b/x-pack/test/api_integration/apis/spaces/get_content_summary.ts index 39fa00ebd8ff1..07f9226dafa4c 100644 --- a/x-pack/test/api_integration/apis/spaces/get_content_summary.ts +++ b/x-pack/test/api_integration/apis/spaces/get_content_summary.ts @@ -6,6 +6,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; const sampleDashboard = { @@ -71,16 +72,19 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post(`/s/${ATestSpace}/api/content_management/rpc/create`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(sampleDashboard); await supertest .post(`/s/${ATestSpace}/api/content_management/rpc/create`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(sampleDashboard); await supertest .get(`/internal/spaces/${ATestSpace}/content_summary`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((response) => { const { summary, total } = response.body; @@ -100,6 +104,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post(`/s/${BTestSpace}/api/content_management/rpc/create`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(sampleDashboard); await supertest @@ -111,6 +116,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get(`/internal/spaces/${BTestSpace}/content_summary`) .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200) .then((response) => { const { summary, total } = response.body; @@ -137,6 +143,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get('/internal/spaces/not-found-space/content_summary') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(404, { statusCode: 404, error: 'Not Found', diff --git a/x-pack/test/api_integration/apis/spaces/saved_objects.ts b/x-pack/test/api_integration/apis/spaces/saved_objects.ts index 806929e67ebbc..63bf35ce76c6d 100644 --- a/x-pack/test/api_integration/apis/spaces/saved_objects.ts +++ b/x-pack/test/api_integration/apis/spaces/saved_objects.ts @@ -6,6 +6,7 @@ */ import expect from '@kbn/expect'; +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -17,6 +18,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .get('/api/saved_objects/space/default') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send() .expect(404) .then((response: Record) => { @@ -33,6 +35,7 @@ export default function ({ getService }: FtrProviderContext) { it('should not locate any spaces', async () => { await supertest .get('/api/saved_objects/_find?type=space') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .set('kbn-xsrf', 'xxx') .send() .expect(200) @@ -51,6 +54,7 @@ export default function ({ getService }: FtrProviderContext) { it('should not allow a space to be created', async () => { await supertest .post('/api/saved_objects/space/my-space') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .set('kbn-xsrf', 'xxx') .send({ attributes: {} }) .expect(400) @@ -68,6 +72,7 @@ export default function ({ getService }: FtrProviderContext) { it('should not allow a space to be updated', async () => { await supertest .post('/api/saved_objects/space/default') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .set('kbn-xsrf', 'xxx') .send({ attributes: {} }) .expect(400) @@ -85,6 +90,7 @@ export default function ({ getService }: FtrProviderContext) { it('should not allow a space to be deleted', async () => { await supertest .delete('/api/saved_objects/space/default') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .set('kbn-xsrf', 'xxx') .send() .expect(404) diff --git a/x-pack/test/api_integration/apis/spaces/space_attributes.ts b/x-pack/test/api_integration/apis/spaces/space_attributes.ts index 65cff6e1b6876..c9e02b8142e7e 100644 --- a/x-pack/test/api_integration/apis/spaces/space_attributes.ts +++ b/x-pack/test/api_integration/apis/spaces/space_attributes.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -15,6 +16,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post('/api/spaces/space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ id: 'api-test-space', name: 'api test space', @@ -33,6 +35,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post('/api/spaces/space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ id: 'api-test-space2', name: 'Space with image', @@ -55,6 +58,7 @@ export default function ({ getService }: FtrProviderContext) { await supertest .post('/api/spaces/space') .set('kbn-xsrf', 'xxx') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send({ id: 'api-test-space3', name: 'Space with invalid image', diff --git a/x-pack/test/ftr_apis/security_and_spaces/config.ts b/x-pack/test/ftr_apis/security_and_spaces/config.ts index 8cfc662bb0b96..2326d768ee776 100644 --- a/x-pack/test/ftr_apis/security_and_spaces/config.ts +++ b/x-pack/test/ftr_apis/security_and_spaces/config.ts @@ -30,6 +30,8 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { serverArgs: [ ...apiIntegrationConfig.get('kbnTestServer.serverArgs'), '--server.xsrf.disableProtection=true', + // disable internal API restriction. See https://github.com/elastic/kibana/issues/163654 + '--server.restrictInternalApis=false', `--xpack.fleet.registryUrl=http://localhost:12345`, // setting to invalid registry url to prevent installing preconfigured packages ], }, diff --git a/x-pack/test/functional/config.base.js b/x-pack/test/functional/config.base.js index 4fdb988fef098..033a7faa98303 100644 --- a/x-pack/test/functional/config.base.js +++ b/x-pack/test/functional/config.base.js @@ -51,6 +51,8 @@ export default async function ({ readConfigFile }) { '--xpack.discoverEnhanced.actions.exploreDataInContextMenu.enabled=true', '--savedObjects.maxImportPayloadBytes=10485760', // for OSS test management/_import_objects, '--savedObjects.allowHttpApiAccess=false', // override default to not allow hiddenFromHttpApis saved objects access to the http APIs see https://github.com/elastic/dev/issues/2200 + // explicitly disable internal API restriction. See https://github.com/elastic/kibana/issues/163654 + '--server.restrictInternalApis=false', // disable fleet task that writes to metrics.fleet_server.* data streams, impacting functional tests `--xpack.task_manager.unsafe.exclude_task_types=${JSON.stringify(['Fleet-Metrics-Task'])}`, ],