Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -525,23 +525,27 @@ describe('versioned', () => {
});

describe('restrictInternalApis', () => {
it('is only allowed on serverless', () => {
expect(() => config.schema.validate({ restrictInternalApis: false }, {})).toThrow(
/a value wasn't expected/
);
expect(() => config.schema.validate({ restrictInternalApis: true }, {})).toThrow(
/a value wasn't expected/
);
it('is allowed on serverless and traditional', () => {
expect(() => config.schema.validate({ restrictInternalApis: false }, {})).not.toThrow();
expect(() => config.schema.validate({ restrictInternalApis: true }, {})).not.toThrow();
expect(
config.schema.validate({ restrictInternalApis: true }, { serverless: true })
).toMatchObject({
restrictInternalApis: true,
});
expect(
config.schema.validate({ restrictInternalApis: true }, { traditional: true })
).toMatchObject({
restrictInternalApis: true,
});
});
it('defaults to false', () => {
expect(
config.schema.validate({ restrictInternalApis: undefined }, { serverless: true })
).toMatchObject({ restrictInternalApis: false });
expect(
config.schema.validate({ restrictInternalApis: undefined }, { traditional: true })
).toMatchObject({ restrictInternalApis: false });
});
});

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,7 @@ const configSchema = schema.object(
// allow access to internal routes by default to prevent breaking changes in current offerings
restrictInternalApis: offeringBasedSchema({
serverless: schema.boolean({ defaultValue: false }),
traditional: schema.boolean({ defaultValue: false }),
}),

versioned: schema.object({
Expand Down
2 changes: 1 addition & 1 deletion packages/core/http/core-http-server/src/router/route.ts
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ export interface RouteConfigOptionsBody {
* Public routes are stable and intended for external access and are subject to
* stricter change management and have long term maintenance windows.
*
* @remark On serverless access to internal routes is restricted.
* @remark as of 9.0, access to internal routes is restricted by default. See https://github.com/elastic/kibana/issues/163654.
*/
export type RouteAccess = 'public' | 'internal';

Expand Down
1 change: 1 addition & 0 deletions test/analytics/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
serverArgs: [
...functionalConfig.get('kbnTestServer.serverArgs'),
'--telemetry.optIn=true',
'--server.restrictInternalApis=false',
Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

set to true to test changes

`--plugin-path=${path.resolve(__dirname, './plugins/analytics_plugin_a')}`,
`--plugin-path=${path.resolve(__dirname, './plugins/analytics_ftr_helpers')}`,
],
Expand Down
4 changes: 4 additions & 0 deletions test/analytics/services/kibana_ebt.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@

import '@kbn/analytics-ftr-helpers-plugin/public/types';
import type { EBTHelpersContract } from '@kbn/analytics-ftr-helpers-plugin/common/types';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import type { FtrProviderContext } from '../../functional/ftr_provider_context';

export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBTHelpersContract {
Expand All @@ -18,6 +19,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT
await supertest
.post(`/internal/analytics_ftr_helpers/opt_in`)
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query({ consent: optIn })
.expect(200);
};
Expand All @@ -38,6 +40,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT
fromTimestamp,
})
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

return resp.body;
Expand All @@ -48,6 +51,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT
.get(`/internal/analytics_ftr_helpers/count_events`)
.query({ eventTypes: JSON.stringify(eventTypes), withTimeoutMs, fromTimestamp })
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

return resp.body.count;
Expand Down
3 changes: 3 additions & 0 deletions test/analytics/tests/analytics_from_the_server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
import expect from '@kbn/expect';
import type { Event, TelemetryCounter } from '@kbn/core/server';
import type { Action } from '@kbn/analytics-plugin-a-plugin/server/custom_shipper';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import type { FtrProviderContext } from '../services';

export default function ({ getService }: FtrProviderContext) {
Expand All @@ -23,6 +24,7 @@ export default function ({ getService }: FtrProviderContext) {
.get(`/internal/analytics_plugin_a/stats`)
.query({ takeNumberOfCounters, eventType: 'test-plugin-lifecycle' })
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

return resp.body;
Expand All @@ -32,6 +34,7 @@ export default function ({ getService }: FtrProviderContext) {
const resp = await supertest
.get(`/internal/analytics_plugin_a/actions`)
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

return resp.body;
Expand Down
6 changes: 5 additions & 1 deletion test/api_integration/apis/console/autocomplete_entities.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,18 @@
*/

import expect from '@kbn/expect';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import type { FtrProviderContext } from '../../ftr_provider_context';

export default ({ getService }: FtrProviderContext) => {
const console = getService('console');
const supertest = getService('supertest');

const sendRequest = (query: object) =>
supertest.get('/api/console/autocomplete_entities').query(query);
supertest
.get('/api/console/autocomplete_entities')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(query);

describe('/api/console/autocomplete_entities', function () {
const indexName = 'test-index-1';
Expand Down
2 changes: 2 additions & 0 deletions test/api_integration/apis/console/es_config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
*/

import expect from '@kbn/expect';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import { FtrProviderContext } from '../../ftr_provider_context';

export default function ({ getService }: FtrProviderContext) {
Expand All @@ -18,6 +19,7 @@ export default function ({ getService }: FtrProviderContext) {
const { body } = await supertest
.get('/api/console/es_config')
.set('kbn-xsrf', 'true')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);
expect(body.host).to.be.ok();
});
Expand Down
4 changes: 3 additions & 1 deletion test/api_integration/apis/console/proxy_route.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
*/

import expect from '@kbn/expect';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import { FtrProviderContext } from '../../ftr_provider_context';

export default function ({ getService }: FtrProviderContext) {
Expand All @@ -19,6 +20,7 @@ export default function ({ getService }: FtrProviderContext) {
return await supertest
.post('/api/console/proxy?method=GET&path=/.kibana/_settings')
.set('kbn-xsrf', 'true')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.then((response) => {
expect(response.header).to.have.property('warning');
const { warning } = response.header as { warning: string };
Expand All @@ -28,12 +30,12 @@ export default function ({ getService }: FtrProviderContext) {
});

it('does not forward x-elastic-product-origin', async () => {
// If we pass the header and we still get the warning back, we assume that the header was not forwarded.
return await supertest
.post('/api/console/proxy?method=GET&path=/.kibana/_settings')
.set('kbn-xsrf', 'true')
.set('x-elastic-product-origin', 'kibana')
.then((response) => {
expect(response.header).to.have.property('connection', 'close');
expect(response.header).to.have.property('warning');
const { warning } = response.header as { warning: string };
expect(warning.startsWith('299')).to.be(true);
Expand Down
2 changes: 2 additions & 0 deletions test/api_integration/apis/core/capabilities.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
*/

import expect from '@kbn/expect';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import { FtrProviderContext } from '../../ftr_provider_context';

export default function ({ getService }: FtrProviderContext) {
Expand All @@ -17,6 +18,7 @@ export default function ({ getService }: FtrProviderContext) {
it(`returns a 400 when an invalid app id is provided`, async () => {
const { body } = await supertest
.post('/api/core/capabilities')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send({
applications: ['dashboard', 'discover', 'bad%app'],
})
Expand Down
3 changes: 3 additions & 0 deletions test/api_integration/apis/custom_integration/integrations.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
*/

import expect from '@kbn/expect';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import { FtrProviderContext } from '../../ftr_provider_context';

export default function ({ getService }: FtrProviderContext) {
Expand All @@ -19,6 +20,7 @@ export default function ({ getService }: FtrProviderContext) {
const resp = await supertest
.get(`/internal/customIntegrations/appendCustomIntegrations`)
.set('kbn-xsrf', 'kibana')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

expect(resp.body).to.be.an('array');
Expand All @@ -37,6 +39,7 @@ export default function ({ getService }: FtrProviderContext) {
const resp = await supertest
.get(`/internal/customIntegrations/replacementCustomIntegrations`)
.set('kbn-xsrf', 'kibana')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

expect(resp.body).to.be.an('array');
Expand Down
12 changes: 10 additions & 2 deletions test/api_integration/apis/data_view_field_editor/field_preview.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@

import expect from '@kbn/expect';

import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common';
import {
ELASTIC_HTTP_VERSION_HEADER,
X_ELASTIC_INTERNAL_ORIGIN_REQUEST,
} from '@kbn/core-http-common';
import { getErrorCodeFromErrorReason } from '@kbn/data-view-field-editor-plugin/public/lib/runtime_field_validation';
import {
FIELD_PREVIEW_PATH,
Expand Down Expand Up @@ -92,6 +95,7 @@ export default function ({ getService }: FtrProviderContext) {
.set(ELASTIC_HTTP_VERSION_HEADER, INITIAL_REST_VERSION)
.send(payload)
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(200);

expect(response.values).eql([test.expected]);
Expand All @@ -109,6 +113,7 @@ export default function ({ getService }: FtrProviderContext) {
index: INDEX_NAME,
})
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(400);
});

Expand All @@ -121,6 +126,7 @@ export default function ({ getService }: FtrProviderContext) {
index: INDEX_NAME,
})
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(400);
});

Expand All @@ -133,6 +139,7 @@ export default function ({ getService }: FtrProviderContext) {
context: 'keyword_field',
})
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.expect(400);
});
});
Expand All @@ -150,7 +157,8 @@ export default function ({ getService }: FtrProviderContext) {
context: 'keyword_field',
index: INDEX_NAME,
})
.set('kbn-xsrf', 'xxx');
.set('kbn-xsrf', 'xxx')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');

const errorCode = getErrorCodeFromErrorReason(response.error?.caused_by?.reason);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@

import expect from '@kbn/expect';
import type { DeprecationsGetResponse } from '@kbn/core/server';
import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common';
import { FtrProviderContext } from '../../../ftr_provider_context';

export default function ({ getService }: FtrProviderContext) {
Expand All @@ -28,7 +29,9 @@ export default function ({ getService }: FtrProviderContext) {
});

it('no scripted fields deprecations', async () => {
const { body } = await supertest.get('/api/deprecations/');
const { body } = await supertest
.get('/api/deprecations/')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');

const { deprecations } = body as DeprecationsGetResponse;
const dataPluginDeprecations = deprecations.filter(
Expand All @@ -40,27 +43,32 @@ export default function ({ getService }: FtrProviderContext) {

it('scripted field deprecation', async () => {
const title = `basic_index`;
await supertest.post('/api/index_patterns/index_pattern').send({
index_pattern: {
title,
fields: {
foo: {
name: 'foo',
type: 'string',
scripted: true,
script: "doc['field_name'].value",
},
bar: {
name: 'bar',
type: 'number',
scripted: true,
script: "doc['field_name'].value",
await supertest
.post('/api/index_patterns/index_pattern')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send({
index_pattern: {
title,
fields: {
foo: {
name: 'foo',
type: 'string',
scripted: true,
script: "doc['field_name'].value",
},
bar: {
name: 'bar',
type: 'number',
scripted: true,
script: "doc['field_name'].value",
},
},
},
},
});
});

const { body } = await supertest.get('/api/deprecations/');
const { body } = await supertest
.get('/api/deprecations/')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
const { deprecations } = body as DeprecationsGetResponse;
const dataPluginDeprecations = deprecations.filter(
({ domainId }) => domainId === 'dataViews'
Expand Down
Loading