diff --git a/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.md b/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.md index 2cc149e2e2a79..0b7e6467667cb 100644 --- a/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.md +++ b/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.md @@ -26,6 +26,7 @@ export interface UiSettingsParams | [readonly](./kibana-plugin-core-public.uisettingsparams.readonly.md) | boolean | a flag indicating that value cannot be changed | | [requiresPageReload](./kibana-plugin-core-public.uisettingsparams.requirespagereload.md) | boolean | a flag indicating whether new value applying requires page reloading | | [schema](./kibana-plugin-core-public.uisettingsparams.schema.md) | Type<T> | | +| [sensitive](./kibana-plugin-core-public.uisettingsparams.sensitive.md) | boolean | a flag indicating that value might contain user sensitive data. used by telemetry to mask the value of the setting when sent. | | [type](./kibana-plugin-core-public.uisettingsparams.type.md) | UiSettingsType | defines a type of UI element [UiSettingsType](./kibana-plugin-core-public.uisettingstype.md) | | [validation](./kibana-plugin-core-public.uisettingsparams.validation.md) | ImageValidation | StringValidation | | | [value](./kibana-plugin-core-public.uisettingsparams.value.md) | T | default value to fall back to if a user doesn't provide any | diff --git a/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.sensitive.md b/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.sensitive.md new file mode 100644 index 0000000000000..e12f3c5649f17 --- /dev/null +++ b/docs/development/core/public/kibana-plugin-core-public.uisettingsparams.sensitive.md @@ -0,0 +1,13 @@ + + +[Home](./index.md) > [kibana-plugin-core-public](./kibana-plugin-core-public.md) > [UiSettingsParams](./kibana-plugin-core-public.uisettingsparams.md) > [sensitive](./kibana-plugin-core-public.uisettingsparams.sensitive.md) + +## UiSettingsParams.sensitive property + +a flag indicating that value might contain user sensitive data. used by telemetry to mask the value of the setting when sent. + +Signature: + +```typescript +sensitive?: boolean; +``` diff --git a/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.issensitive.md b/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.issensitive.md new file mode 100644 index 0000000000000..a6f263e0b0f55 --- /dev/null +++ b/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.issensitive.md @@ -0,0 +1,13 @@ + + +[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [IUiSettingsClient](./kibana-plugin-core-server.iuisettingsclient.md) > [isSensitive](./kibana-plugin-core-server.iuisettingsclient.issensitive.md) + +## IUiSettingsClient.isSensitive property + +Shows whether the uiSetting is a sensitive value. Used by telemetry to not send sensitive values. + +Signature: + +```typescript +isSensitive: (key: string) => boolean; +``` diff --git a/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.md b/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.md index af99b5e5bb215..dd4a69c13a2d9 100644 --- a/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.md +++ b/docs/development/core/server/kibana-plugin-core-server.iuisettingsclient.md @@ -21,6 +21,7 @@ export interface IUiSettingsClient | [getRegistered](./kibana-plugin-core-server.iuisettingsclient.getregistered.md) | () => Readonly<Record<string, PublicUiSettingsParams>> | Returns registered uiSettings values [UiSettingsParams](./kibana-plugin-core-server.uisettingsparams.md) | | [getUserProvided](./kibana-plugin-core-server.iuisettingsclient.getuserprovided.md) | <T = any>() => Promise<Record<string, UserProvidedValues<T>>> | Retrieves a set of all uiSettings values set by the user. | | [isOverridden](./kibana-plugin-core-server.iuisettingsclient.isoverridden.md) | (key: string) => boolean | Shows whether the uiSettings value set by the user. | +| [isSensitive](./kibana-plugin-core-server.iuisettingsclient.issensitive.md) | (key: string) => boolean | Shows whether the uiSetting is a sensitive value. Used by telemetry to not send sensitive values. | | [remove](./kibana-plugin-core-server.iuisettingsclient.remove.md) | (key: string) => Promise<void> | Removes uiSettings value by key. | | [removeMany](./kibana-plugin-core-server.iuisettingsclient.removemany.md) | (keys: string[]) => Promise<void> | Removes multiple uiSettings values by keys. | | [set](./kibana-plugin-core-server.iuisettingsclient.set.md) | (key: string, value: any) => Promise<void> | Writes uiSettings value and marks it as set by the user. | diff --git a/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.md b/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.md index 4dfde5200e7e9..d35afc4a149d1 100644 --- a/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.md +++ b/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.md @@ -26,6 +26,7 @@ export interface UiSettingsParams | [readonly](./kibana-plugin-core-server.uisettingsparams.readonly.md) | boolean | a flag indicating that value cannot be changed | | [requiresPageReload](./kibana-plugin-core-server.uisettingsparams.requirespagereload.md) | boolean | a flag indicating whether new value applying requires page reloading | | [schema](./kibana-plugin-core-server.uisettingsparams.schema.md) | Type<T> | | +| [sensitive](./kibana-plugin-core-server.uisettingsparams.sensitive.md) | boolean | a flag indicating that value might contain user sensitive data. used by telemetry to mask the value of the setting when sent. | | [type](./kibana-plugin-core-server.uisettingsparams.type.md) | UiSettingsType | defines a type of UI element [UiSettingsType](./kibana-plugin-core-server.uisettingstype.md) | | [validation](./kibana-plugin-core-server.uisettingsparams.validation.md) | ImageValidation | StringValidation | | | [value](./kibana-plugin-core-server.uisettingsparams.value.md) | T | default value to fall back to if a user doesn't provide any | diff --git a/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.sensitive.md b/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.sensitive.md new file mode 100644 index 0000000000000..f2c7de19dde1a --- /dev/null +++ b/docs/development/core/server/kibana-plugin-core-server.uisettingsparams.sensitive.md @@ -0,0 +1,13 @@ + + +[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [UiSettingsParams](./kibana-plugin-core-server.uisettingsparams.md) > [sensitive](./kibana-plugin-core-server.uisettingsparams.sensitive.md) + +## UiSettingsParams.sensitive property + +a flag indicating that value might contain user sensitive data. used by telemetry to mask the value of the setting when sent. + +Signature: + +```typescript +sensitive?: boolean; +``` diff --git a/packages/kbn-telemetry-tools/src/tools/serializer.ts b/packages/kbn-telemetry-tools/src/tools/serializer.ts index a941fa2a9d01f..bad40b5388407 100644 --- a/packages/kbn-telemetry-tools/src/tools/serializer.ts +++ b/packages/kbn-telemetry-tools/src/tools/serializer.ts @@ -19,7 +19,7 @@ export enum TelemetryKinds { Date = 10001, } -interface DescriptorValue { +export interface DescriptorValue { kind: ts.SyntaxKind | TelemetryKinds; type: keyof typeof ts.SyntaxKind | keyof typeof TelemetryKinds; } @@ -42,6 +42,13 @@ export function isObjectDescriptor(value: any) { return false; } +export function descriptorToObject(descriptor: Descriptor | DescriptorValue) { + return Object.entries(descriptor).reduce((acc, [key, value]) => { + acc[key] = value.kind ? kindToDescriptorName(value.kind) : descriptorToObject(value); + return acc; + }, {} as Record); +} + export function kindToDescriptorName(kind: number) { switch (kind) { case ts.SyntaxKind.StringKeyword: @@ -158,6 +165,16 @@ export function getDescriptor(node: ts.Node, program: ts.Program): Descriptor | if (symbolName === 'Date') { return { kind: TelemetryKinds.Date, type: 'Date' }; } + + // Support Array + if (symbolName === 'Array') { + if (node.typeArguments?.length !== 1) { + throw Error('Array type only supports 1 type parameter Array'); + } + const typeArgument = node.typeArguments[0]; + return { items: getDescriptor(typeArgument, program) }; + } + // Support `Record` if (symbolName === 'Record') { const descriptor = getDescriptor(node.typeArguments![1], program); @@ -243,7 +260,7 @@ export function getDescriptor(node: ts.Node, program: ts.Program): Descriptor | case ts.SyntaxKind.UnionType: case ts.SyntaxKind.AnyKeyword: default: - throw new Error(`Unknown type ${ts.SyntaxKind[node.kind]}; ${node.getText()}`); + throw new Error(`Unknown type ${ts.SyntaxKind[node.kind]}`); } } diff --git a/src/core/public/public.api.md b/src/core/public/public.api.md index 52fc8fbf33910..e5e5efa675115 100644 --- a/src/core/public/public.api.md +++ b/src/core/public/public.api.md @@ -1502,6 +1502,7 @@ export interface UiSettingsParams { requiresPageReload?: boolean; // (undocumented) schema: Type; + sensitive?: boolean; type?: UiSettingsType; // (undocumented) validation?: ImageValidation | StringValidation; diff --git a/src/core/server/server.api.md b/src/core/server/server.api.md index 0b058011267eb..fc90284ffe5b2 100644 --- a/src/core/server/server.api.md +++ b/src/core/server/server.api.md @@ -1195,6 +1195,7 @@ export interface IUiSettingsClient { getRegistered: () => Readonly>; getUserProvided: () => Promise>>; isOverridden: (key: string) => boolean; + isSensitive: (key: string) => boolean; remove: (key: string) => Promise; removeMany: (keys: string[]) => Promise; set: (key: string, value: any) => Promise; @@ -3100,6 +3101,7 @@ export interface UiSettingsParams { requiresPageReload?: boolean; // (undocumented) schema: Type; + sensitive?: boolean; type?: UiSettingsType; // (undocumented) validation?: ImageValidation | StringValidation; diff --git a/src/core/server/ui_settings/settings/notifications.ts b/src/core/server/ui_settings/settings/notifications.ts index a60732ecb807a..cedd52289a68c 100644 --- a/src/core/server/ui_settings/settings/notifications.ts +++ b/src/core/server/ui_settings/settings/notifications.ts @@ -35,6 +35,7 @@ export const getNotificationsSettings = (): Record => }, }), category: ['notifications'], + sensitive: true, schema: schema.string(), }, 'notifications:lifetime:banner': { diff --git a/src/core/server/ui_settings/types.ts b/src/core/server/ui_settings/types.ts index eb2d8b00dc488..73f46e4db3b2c 100644 --- a/src/core/server/ui_settings/types.ts +++ b/src/core/server/ui_settings/types.ts @@ -65,6 +65,10 @@ export interface IUiSettingsClient { * Shows whether the uiSettings value set by the user. */ isOverridden: (key: string) => boolean; + /** + * Shows whether the uiSetting is a sensitive value. Used by telemetry to not send sensitive values. + */ + isSensitive: (key: string) => boolean; } /** @internal */ diff --git a/src/core/server/ui_settings/ui_settings_client.test.ts b/src/core/server/ui_settings/ui_settings_client.test.ts index 7fa5a85e5154e..26c4d9e8e6dd9 100644 --- a/src/core/server/ui_settings/ui_settings_client.test.ts +++ b/src/core/server/ui_settings/ui_settings_client.test.ts @@ -644,6 +644,38 @@ describe('ui settings', () => { }); }); + describe('#isSensitive()', () => { + it('returns false if sensitive config is not set', () => { + const defaults = { + foo: { + schema: schema.string(), + value: '1', + }, + }; + + const { uiSettings } = setup({ defaults }); + expect(uiSettings.isSensitive('foo')).toBe(false); + }); + + it('returns false if key is not in the settings', () => { + const { uiSettings } = setup(); + expect(uiSettings.isSensitive('baz')).toBe(false); + }); + + it('returns true if overrides defined and key is overridden', () => { + const defaults = { + foo: { + schema: schema.string(), + sensitive: true, + value: '1', + }, + }; + + const { uiSettings } = setup({ defaults }); + expect(uiSettings.isSensitive('foo')).toBe(true); + }); + }); + describe('#isOverridden()', () => { it('returns false if no overrides defined', () => { const { uiSettings } = setup(); diff --git a/src/core/server/ui_settings/ui_settings_client.ts b/src/core/server/ui_settings/ui_settings_client.ts index 2ba8caaba5170..b8a46a2f994aa 100644 --- a/src/core/server/ui_settings/ui_settings_client.ts +++ b/src/core/server/ui_settings/ui_settings_client.ts @@ -52,7 +52,6 @@ export class UiSettingsClient implements IUiSettingsClient { constructor(options: UiSettingsServiceOptions) { const { type, id, buildNum, savedObjectsClient, log, defaults = {}, overrides = {} } = options; - this.type = type; this.id = id; this.buildNum = buildNum; @@ -132,6 +131,11 @@ export class UiSettingsClient implements IUiSettingsClient { return this.overrides.hasOwnProperty(key); } + isSensitive(key: string): boolean { + const definition = this.defaults[key]; + return !!definition?.sensitive; + } + private assertUpdateAllowed(key: string) { if (this.isOverridden(key)) { throw new CannotOverrideError(`Unable to update "${key}" because it is overridden`); diff --git a/src/core/server/ui_settings/ui_settings_service.mock.ts b/src/core/server/ui_settings/ui_settings_service.mock.ts index a03412e37f551..771b9d243656a 100644 --- a/src/core/server/ui_settings/ui_settings_service.mock.ts +++ b/src/core/server/ui_settings/ui_settings_service.mock.ts @@ -25,6 +25,7 @@ const createClientMock = () => { remove: jest.fn(), removeMany: jest.fn(), isOverridden: jest.fn(), + isSensitive: jest.fn(), }; mocked.get.mockResolvedValue(false); mocked.getAll.mockResolvedValue({}); diff --git a/src/core/types/ui_settings.ts b/src/core/types/ui_settings.ts index 24dfbbeea6726..92e8f6ef2f41e 100644 --- a/src/core/types/ui_settings.ts +++ b/src/core/types/ui_settings.ts @@ -56,6 +56,11 @@ export interface UiSettingsParams { requiresPageReload?: boolean; /** a flag indicating that value cannot be changed */ readonly?: boolean; + /** + * a flag indicating that value might contain user sensitive data. + * used by telemetry to mask the value of the setting when sent. + */ + sensitive?: boolean; /** defines a type of UI element {@link UiSettingsType} */ type?: UiSettingsType; /** optional deprecation information. Used to generate a deprecation warning. */ diff --git a/src/plugins/kibana_usage_collection/README.md b/src/plugins/kibana_usage_collection/README.md index 69711d30cdc74..85d362cf0a9b1 100644 --- a/src/plugins/kibana_usage_collection/README.md +++ b/src/plugins/kibana_usage_collection/README.md @@ -6,6 +6,6 @@ This plugin registers the basic usage collectors from Kibana: - UI Metrics - Ops stats - Number of Saved Objects per type -- Non-default UI Settings +- [User-changed UI Settings](./server/collectors/management/README.md) - CSP configuration - Core Metrics diff --git a/src/plugins/kibana_usage_collection/common/constants.ts b/src/plugins/kibana_usage_collection/common/constants.ts index 4505c59e0f630..052367765a6ec 100644 --- a/src/plugins/kibana_usage_collection/common/constants.ts +++ b/src/plugins/kibana_usage_collection/common/constants.ts @@ -13,3 +13,7 @@ export const PLUGIN_NAME = 'kibana_usage_collection'; * The type name used to publish Kibana usage stats in the formatted as bulk. */ export const KIBANA_STATS_TYPE = 'kibana_stats'; +/** + * Redacted keyword; used as a value for sensitive ui settings + */ +export const REDACTED_KEYWORD = '[REDACTED]'; diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/README.md b/src/plugins/kibana_usage_collection/server/collectors/management/README.md new file mode 100644 index 0000000000000..b539136d57b89 --- /dev/null +++ b/src/plugins/kibana_usage_collection/server/collectors/management/README.md @@ -0,0 +1,51 @@ +# User-changed UI Settings - Management Collector + +The Usage Collector `stack_management` reports user changed settings. +All user changed UI Settings are automatically collected. + +After adding a new setting you will be required to do the following steps: + +1. Update the [schema](./schema.ts) to include the setting name and schema type. +``` +export const stackManagementSchema: MakeSchemaFrom = { + 'MY_UI_SETTING': { type: 'keyword' }, +} +``` + +2. Update the [UsageStats interface](./types.ts) with the setting name and typescript type. +``` +export interface UsageStats { + 'MY_UI_SETTING': string; +} +``` +3. Run the telemetry checker with `--fix` flag to automatically fix the mappings + +``` +node scripts/telemetry_check --fix +``` + +If you forget any of the steps our telemetry tools and tests will help you through the process! + +## Sensitive fields + +If the configured UI setting might contain user sensitive information simply add the property `sensitive: true` to the ui setting registration config. + +``` +uiSettings.register({ + [NEWS_FEED_URL_SETTING]: { + name: i18n.translate('xpack.securitySolution.uiSettings.newsFeedUrl', { + defaultMessage: 'News feed URL', + }), + value: NEWS_FEED_URL_SETTING_DEFAULT, + sensitive: true, + description: i18n.translate('xpack.securitySolution.uiSettings.newsFeedUrlDescription', { + defaultMessage: '

News feed content will be retrieved from this URL

', + }), + category: [APP_ID], + requiresPageReload: true, + schema: schema.string(), + }, +}), +``` + +The value of any UI setting marked as `sensitive` will be reported as a keyword `[REDACTED]` instead of the actual value. This hides the actual sensitive information while giving us some intelligence over which fields the users are interactive with the most. diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/__snapshots__/index.test.ts.snap b/src/plugins/kibana_usage_collection/server/collectors/management/__snapshots__/index.test.ts.snap deleted file mode 100644 index def230dea8d70..0000000000000 --- a/src/plugins/kibana_usage_collection/server/collectors/management/__snapshots__/index.test.ts.snap +++ /dev/null @@ -1,7 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[`telemetry_application_usage_collector fetch() 1`] = ` -Object { - "my-key": "my-value", -} -`; diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/index.test.ts b/src/plugins/kibana_usage_collection/server/collectors/management/index.test.ts deleted file mode 100644 index 38baf02d6fe1b..0000000000000 --- a/src/plugins/kibana_usage_collection/server/collectors/management/index.test.ts +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * and the Server Side Public License, v 1; you may not use this file except in - * compliance with, at your election, the Elastic License or the Server Side - * Public License, v 1. - */ - -import { loggingSystemMock, uiSettingsServiceMock } from '../../../../../core/server/mocks'; -import { - Collector, - createUsageCollectionSetupMock, - createCollectorFetchContextMock, -} from '../../../../usage_collection/server/usage_collection.mock'; - -import { registerManagementUsageCollector } from './'; - -const logger = loggingSystemMock.createLogger(); - -describe('telemetry_application_usage_collector', () => { - let collector: Collector; - - const usageCollectionMock = createUsageCollectionSetupMock(); - usageCollectionMock.makeUsageCollector.mockImplementation((config) => { - collector = new Collector(logger, config); - return createUsageCollectionSetupMock().makeUsageCollector(config); - }); - - const uiSettingsClient = uiSettingsServiceMock.createClient(); - const getUiSettingsClient = jest.fn(() => uiSettingsClient); - const mockedFetchContext = createCollectorFetchContextMock(); - - beforeAll(() => { - registerManagementUsageCollector(usageCollectionMock, getUiSettingsClient); - }); - - test('registered collector is set', () => { - expect(collector).not.toBeUndefined(); - }); - - test('isReady() => false if no client', () => { - getUiSettingsClient.mockImplementationOnce(() => undefined as any); - expect(collector.isReady()).toBe(false); - }); - - test('isReady() => true', () => { - expect(collector.isReady()).toBe(true); - }); - - test('fetch()', async () => { - uiSettingsClient.getUserProvided.mockImplementationOnce(async () => ({ - 'my-key': { userValue: 'my-value' }, - })); - await expect(collector.fetch(mockedFetchContext)).resolves.toMatchSnapshot(); - }); - - test('fetch() should not fail if invoked when not ready', async () => { - getUiSettingsClient.mockImplementationOnce(() => undefined as any); - await expect(collector.fetch(mockedFetchContext)).resolves.toBe(undefined); - }); -}); diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/schema.ts b/src/plugins/kibana_usage_collection/server/collectors/management/schema.ts index 28eeb461f7a86..b644f282c1f36 100644 --- a/src/plugins/kibana_usage_collection/server/collectors/management/schema.ts +++ b/src/plugins/kibana_usage_collection/server/collectors/management/schema.ts @@ -7,18 +7,25 @@ */ import { MakeSchemaFrom } from 'src/plugins/usage_collection/server'; -import { UsageStats } from './telemetry_management_collector'; +import { UsageStats } from './types'; -// Retrieved by changing all the current settings in Kibana (we'll need to revisit it in the future). -// I would suggest we use flattened type for the mappings of this collector. export const stackManagementSchema: MakeSchemaFrom = { + // sensitive + 'timelion:quandl.key': { type: 'keyword' }, + 'securitySolution:defaultIndex': { type: 'keyword' }, + 'securitySolution:newsFeedUrl': { type: 'keyword' }, + 'xpackReporting:customPdfLogo': { type: 'keyword' }, + 'notifications:banner': { type: 'keyword' }, + 'timelion:graphite.url': { type: 'keyword' }, + 'xpackDashboardMode:roles': { type: 'keyword' }, + 'securitySolution:ipReputationLinks': { type: 'keyword' }, + // non-sensitive 'visualize:enableLabs': { type: 'boolean' }, 'visualization:heatmap:maxBuckets': { type: 'long' }, 'visualization:colorMapping': { type: 'text' }, 'visualization:regionmap:showWarnings': { type: 'boolean' }, 'visualization:dimmingOpacity': { type: 'float' }, 'visualization:tileMap:maxPrecision': { type: 'long' }, - 'securitySolution:ipReputationLinks': { type: 'text' }, 'csv:separator': { type: 'keyword' }, 'visualization:tileMap:WMSdefaults': { type: 'text' }, 'timelion:target_buckets': { type: 'long' }, @@ -27,14 +34,11 @@ export const stackManagementSchema: MakeSchemaFrom = { 'timelion:min_interval': { type: 'keyword' }, 'timelion:default_rows': { type: 'long' }, 'timelion:default_columns': { type: 'long' }, - 'timelion:quandl.key': { type: 'keyword' }, 'timelion:es.default_index': { type: 'keyword' }, 'timelion:showTutorial': { type: 'boolean' }, 'securitySolution:timeDefaults': { type: 'keyword' }, 'securitySolution:defaultAnomalyScore': { type: 'long' }, - 'securitySolution:defaultIndex': { type: 'keyword' }, // it's an array 'securitySolution:refreshIntervalDefaults': { type: 'keyword' }, - 'securitySolution:newsFeedUrl': { type: 'keyword' }, 'securitySolution:enableNewsFeed': { type: 'boolean' }, 'search:includeFrozen': { type: 'boolean' }, 'courier:maxConcurrentShardRequests': { type: 'long' }, @@ -43,21 +47,29 @@ export const stackManagementSchema: MakeSchemaFrom = { 'courier:customRequestPreference': { type: 'keyword' }, 'courier:ignoreFilterIfFieldNotInIndex': { type: 'boolean' }, 'rollups:enableIndexPatterns': { type: 'boolean' }, - 'xpackReporting:customPdfLogo': { type: 'text' }, 'notifications:lifetime:warning': { type: 'long' }, 'notifications:lifetime:banner': { type: 'long' }, 'notifications:lifetime:info': { type: 'long' }, - 'notifications:banner': { type: 'text' }, 'notifications:lifetime:error': { type: 'long' }, 'doc_table:highlight': { type: 'boolean' }, 'discover:searchOnPageLoad': { type: 'boolean' }, // eslint-disable-next-line @typescript-eslint/naming-convention 'doc_table:hideTimeColumn': { type: 'boolean' }, 'discover:sampleSize': { type: 'long' }, - defaultColumns: { type: 'keyword' }, // it's an array + defaultColumns: { + type: 'array', + items: { + type: 'keyword', + }, + }, 'context:defaultSize': { type: 'long' }, 'discover:aggs:terms:size': { type: 'long' }, - 'context:tieBreakerFields': { type: 'keyword' }, // it's an array + 'context:tieBreakerFields': { + type: 'array', + items: { + type: 'keyword', + }, + }, 'discover:sort:defaultOrder': { type: 'keyword' }, 'context:step': { type: 'long' }, 'accessibility:disableAnimations': { type: 'boolean' }, @@ -79,7 +91,12 @@ export const stackManagementSchema: MakeSchemaFrom = { 'query:queryString:options': { type: 'keyword' }, 'metrics:max_buckets': { type: 'long' }, 'query:allowLeadingWildcards': { type: 'boolean' }, - metaFields: { type: 'keyword' }, // it's an array + metaFields: { + type: 'array', + items: { + type: 'keyword', + }, + }, 'indexPattern:placeholder': { type: 'keyword' }, 'histogram:barTarget': { type: 'long' }, 'histogram:maxBars': { type: 'long' }, @@ -101,4 +118,14 @@ export const stackManagementSchema: MakeSchemaFrom = { 'csv:quoteValues': { type: 'boolean' }, 'dateFormat:dow': { type: 'keyword' }, dateFormat: { type: 'keyword' }, + 'autocomplete:useTimeRange': { type: 'boolean' }, + 'search:timeout': { type: 'long' }, + 'visualization:visualize:legacyChartsLibrary': { type: 'boolean' }, + 'doc_table:legacy': { type: 'boolean' }, + 'discover:modifyColumnsOnSwitch': { type: 'boolean' }, + 'discover:searchFieldsFromSource': { type: 'boolean' }, + 'securitySolution:rulesTableRefresh': { type: 'text' }, + 'apm:enableSignificantTerms': { type: 'boolean' }, + 'apm:enableServiceOverview': { type: 'boolean' }, + 'apm:enableCorrelations': { type: 'boolean' }, }; diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.test.ts b/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.test.ts new file mode 100644 index 0000000000000..4bcd98f894e2a --- /dev/null +++ b/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.test.ts @@ -0,0 +1,140 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * and the Server Side Public License, v 1; you may not use this file except in + * compliance with, at your election, the Elastic License or the Server Side + * Public License, v 1. + */ + +import { loggingSystemMock, uiSettingsServiceMock } from '../../../../../core/server/mocks'; +import { + Collector, + createUsageCollectionSetupMock, + createCollectorFetchContextMock, +} from '../../../../usage_collection/server/usage_collection.mock'; + +import { + registerManagementUsageCollector, + createCollectorFetch, +} from './telemetry_management_collector'; + +const logger = loggingSystemMock.createLogger(); + +describe('telemetry_application_usage_collector', () => { + let collector: Collector; + + const usageCollectionMock = createUsageCollectionSetupMock(); + usageCollectionMock.makeUsageCollector.mockImplementation((config) => { + collector = new Collector(logger, config); + return createUsageCollectionSetupMock().makeUsageCollector(config); + }); + + const uiSettingsClient = uiSettingsServiceMock.createClient(); + const getUiSettingsClient = jest.fn(() => uiSettingsClient); + const mockedFetchContext = createCollectorFetchContextMock(); + + beforeAll(() => { + registerManagementUsageCollector(usageCollectionMock, getUiSettingsClient); + }); + + test('registered collector is set', () => { + expect(collector).not.toBeUndefined(); + }); + + test('isReady() => false if no client', () => { + getUiSettingsClient.mockImplementationOnce(() => undefined as any); + expect(collector.isReady()).toBe(false); + }); + + test('isReady() => true', () => { + expect(collector.isReady()).toBe(true); + }); + + test('fetch()', async () => { + uiSettingsClient.getUserProvided.mockImplementationOnce(async () => ({ + 'visualization:colorMapping': { userValue: 'red' }, + })); + await expect(collector.fetch(mockedFetchContext)).resolves.toEqual({ + 'visualization:colorMapping': 'red', + }); + }); + + test('fetch() should not fail if invoked when not ready', async () => { + getUiSettingsClient.mockImplementationOnce(() => undefined as any); + await expect(collector.fetch(mockedFetchContext)).resolves.toBe(undefined); + }); +}); + +describe('createCollectorFetch', () => { + const mockUserSettings = { + item1: { userValue: 'test' }, + item2: { userValue: 123 }, + item3: { userValue: false }, + }; + + const mockIsSensitive = (key: string) => { + switch (key) { + case 'item1': + case 'item2': + return false; + case 'item3': + return true; + default: + throw new Error(`Unexpected ui setting: ${key}`); + } + }; + + it('returns #fetchUsageStats function', () => { + const getUiSettingsClient = jest.fn(() => undefined); + const fetchFunction = createCollectorFetch(getUiSettingsClient); + expect(typeof fetchFunction).toBe('function'); + }); + + describe('#fetchUsageStats', () => { + it('returns undefined if no uiSettingsClient returned from getUiSettingsClient', async () => { + const getUiSettingsClient = jest.fn(() => undefined); + const fetchFunction = createCollectorFetch(getUiSettingsClient); + const result = await fetchFunction(); + expect(result).toBe(undefined); + expect(getUiSettingsClient).toBeCalledTimes(1); + }); + + it('returns all user changed settings', async () => { + const uiSettingsClient = uiSettingsServiceMock.createClient(); + const getUiSettingsClient = jest.fn(() => uiSettingsClient); + uiSettingsClient.getUserProvided.mockResolvedValue(mockUserSettings); + uiSettingsClient.isSensitive.mockImplementation(mockIsSensitive); + const fetchFunction = createCollectorFetch(getUiSettingsClient); + const result = await fetchFunction(); + expect(typeof result).toBe('object'); + expect(Object.keys(result!)).toEqual(Object.keys(mockUserSettings)); + }); + + it('returns the actual values of non-sensitive settings', async () => { + const uiSettingsClient = uiSettingsServiceMock.createClient(); + const getUiSettingsClient = jest.fn(() => uiSettingsClient); + uiSettingsClient.getUserProvided.mockResolvedValue(mockUserSettings); + uiSettingsClient.isSensitive.mockImplementation(mockIsSensitive); + const fetchFunction = createCollectorFetch(getUiSettingsClient); + const result = await fetchFunction(); + expect(typeof result).toBe('object'); + expect(result!).toMatchObject({ + item1: 'test', + item2: 123, + }); + }); + + it('returns [REDACTED] as a value for sensitive settings', async () => { + const uiSettingsClient = uiSettingsServiceMock.createClient(); + const getUiSettingsClient = jest.fn(() => uiSettingsClient); + uiSettingsClient.getUserProvided.mockResolvedValue(mockUserSettings); + uiSettingsClient.isSensitive.mockImplementation(mockIsSensitive); + const fetchFunction = createCollectorFetch(getUiSettingsClient); + const result = await fetchFunction(); + expect(typeof result).toBe('object'); + expect(result!).toMatchObject({ + item3: '[REDACTED]', + }); + }); + }); +}); diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.ts b/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.ts index c45f3d6139d95..651fbbd5a897a 100644 --- a/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.ts +++ b/src/plugins/kibana_usage_collection/server/collectors/management/telemetry_management_collector.ts @@ -9,12 +9,8 @@ import { IUiSettingsClient } from 'kibana/server'; import { UsageCollectionSetup } from 'src/plugins/usage_collection/server'; import { stackManagementSchema } from './schema'; - -export interface UsageStats extends Record { - // We don't support `type` yet. Only interfaces. So I added at least 1 known key to the generic - // Record extension to avoid eslint reverting it back to a `type` - 'visualize:enableLabs': boolean; -} +import { UsageStats } from './types'; +import { REDACTED_KEYWORD } from '../../../common/constants'; export function createCollectorFetch(getUiSettingsClient: () => IUiSettingsClient | undefined) { return async function fetchUsageStats(): Promise { @@ -23,11 +19,12 @@ export function createCollectorFetch(getUiSettingsClient: () => IUiSettingsClien return; } - const user = await uiSettingsClient.getUserProvided(); - const modifiedEntries = Object.keys(user) - .filter((key: string) => key !== 'buildNum') - .reduce((obj: any, key: string) => { - obj[key] = user[key].userValue; + const userProvided = await uiSettingsClient.getUserProvided(); + const modifiedEntries = Object.entries(userProvided) + .filter(([key]) => key !== 'buildNum') + .reduce((obj: any, [key, { userValue }]) => { + const sensitive = uiSettingsClient.isSensitive(key); + obj[key] = sensitive ? REDACTED_KEYWORD : userValue; return obj; }, {}); diff --git a/src/plugins/kibana_usage_collection/server/collectors/management/types.ts b/src/plugins/kibana_usage_collection/server/collectors/management/types.ts new file mode 100644 index 0000000000000..417841ee89569 --- /dev/null +++ b/src/plugins/kibana_usage_collection/server/collectors/management/types.ts @@ -0,0 +1,117 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * and the Server Side Public License, v 1; you may not use this file except in + * compliance with, at your election, the Elastic License or the Server Side + * Public License, v 1. + */ + +export interface UsageStats { + /** + * sensitive settings + */ + 'timelion:quandl.key': string; + 'securitySolution:defaultIndex': string; + 'securitySolution:newsFeedUrl': string; + 'xpackReporting:customPdfLogo': string; + 'notifications:banner': string; + 'timelion:graphite.url': string; + 'xpackDashboardMode:roles': string; + 'securitySolution:ipReputationLinks': string; + /** + * non-sensitive settings + */ + 'autocomplete:useTimeRange': boolean; + 'search:timeout': number; + 'visualization:visualize:legacyChartsLibrary': boolean; + 'doc_table:legacy': boolean; + 'discover:modifyColumnsOnSwitch': boolean; + 'discover:searchFieldsFromSource': boolean; + 'securitySolution:rulesTableRefresh': string; + 'apm:enableSignificantTerms': boolean; + 'apm:enableServiceOverview': boolean; + 'apm:enableCorrelations': boolean; + 'visualize:enableLabs': boolean; + 'visualization:heatmap:maxBuckets': number; + 'visualization:colorMapping': string; + 'visualization:regionmap:showWarnings': boolean; + 'visualization:dimmingOpacity': number; + 'visualization:tileMap:maxPrecision': number; + 'csv:separator': string; + 'visualization:tileMap:WMSdefaults': string; + 'timelion:target_buckets': number; + 'timelion:max_buckets': number; + 'timelion:es.timefield': string; + 'timelion:min_interval': string; + 'timelion:default_rows': number; + 'timelion:default_columns': number; + 'timelion:es.default_index': string; + 'timelion:showTutorial': boolean; + 'securitySolution:timeDefaults': string; + 'securitySolution:defaultAnomalyScore': number; + 'securitySolution:refreshIntervalDefaults': string; + 'securitySolution:enableNewsFeed': boolean; + 'search:includeFrozen': boolean; + 'courier:maxConcurrentShardRequests': number; + 'courier:batchSearches': boolean; + 'courier:setRequestPreference': string; + 'courier:customRequestPreference': string; + 'courier:ignoreFilterIfFieldNotInIndex': boolean; + 'rollups:enableIndexPatterns': boolean; + 'notifications:lifetime:warning': number; + 'notifications:lifetime:banner': number; + 'notifications:lifetime:info': number; + 'notifications:lifetime:error': number; + 'doc_table:highlight': boolean; + 'discover:searchOnPageLoad': boolean; + // eslint-disable-next-line @typescript-eslint/naming-convention + 'doc_table:hideTimeColumn': boolean; + 'discover:sampleSize': number; + defaultColumns: string[]; + 'context:defaultSize': number; + 'discover:aggs:terms:size': number; + 'context:tieBreakerFields': string[]; + 'discover:sort:defaultOrder': string; + 'context:step': number; + 'accessibility:disableAnimations': boolean; + 'ml:fileDataVisualizerMaxFileSize': string; + 'ml:anomalyDetection:results:enableTimeDefaults': boolean; + 'ml:anomalyDetection:results:timeDefaults': string; + 'truncate:maxHeight': number; + 'timepicker:timeDefaults': string; + 'timepicker:refreshIntervalDefaults': string; + 'timepicker:quickRanges': string; + 'theme:version': string; + 'theme:darkMode': boolean; + 'state:storeInSessionStorage': boolean; + 'savedObjects:perPage': number; + 'search:queryLanguage': string; + 'shortDots:enable': boolean; + 'sort:options': string; + 'savedObjects:listingLimit': number; + 'query:queryString:options': string; + 'metrics:max_buckets': number; + 'query:allowLeadingWildcards': boolean; + metaFields: string[]; + 'indexPattern:placeholder': string; + 'histogram:barTarget': number; + 'histogram:maxBars': number; + 'format:number:defaultLocale': string; + 'format:percent:defaultPattern': string; + 'format:number:defaultPattern': string; + 'history:limit': number; + 'format:defaultTypeMap': string; + 'format:currency:defaultPattern': string; + defaultIndex: string; + 'format:bytes:defaultPattern': string; + 'filters:pinnedByDefault': boolean; + 'filterEditor:suggestValues': boolean; + 'fields:popularLimit': number; + dateNanosFormat: string; + defaultRoute: string; + 'dateFormat:tz': string; + 'dateFormat:scaled': string; + 'csv:quoteValues': boolean; + 'dateFormat:dow': string; + dateFormat: string; +} diff --git a/src/plugins/telemetry/schema/oss_plugins.json b/src/plugins/telemetry/schema/oss_plugins.json index 7bac6a809eca3..950fdf9405b75 100644 --- a/src/plugins/telemetry/schema/oss_plugins.json +++ b/src/plugins/telemetry/schema/oss_plugins.json @@ -4076,6 +4076,27 @@ }, "stack_management": { "properties": { + "timelion:quandl.key": { + "type": "keyword" + }, + "securitySolution:defaultIndex": { + "type": "keyword" + }, + "securitySolution:newsFeedUrl": { + "type": "keyword" + }, + "xpackReporting:customPdfLogo": { + "type": "keyword" + }, + "notifications:banner": { + "type": "keyword" + }, + "timelion:graphite.url": { + "type": "keyword" + }, + "xpackDashboardMode:roles": { + "type": "keyword" + }, "visualize:enableLabs": { "type": "boolean" }, @@ -4095,7 +4116,7 @@ "type": "long" }, "securitySolution:ipReputationLinks": { - "type": "text" + "type": "keyword" }, "csv:separator": { "type": "keyword" @@ -4121,9 +4142,6 @@ "timelion:default_columns": { "type": "long" }, - "timelion:quandl.key": { - "type": "keyword" - }, "timelion:es.default_index": { "type": "keyword" }, @@ -4136,15 +4154,9 @@ "securitySolution:defaultAnomalyScore": { "type": "long" }, - "securitySolution:defaultIndex": { - "type": "keyword" - }, "securitySolution:refreshIntervalDefaults": { "type": "keyword" }, - "securitySolution:newsFeedUrl": { - "type": "keyword" - }, "securitySolution:enableNewsFeed": { "type": "boolean" }, @@ -4169,9 +4181,6 @@ "rollups:enableIndexPatterns": { "type": "boolean" }, - "xpackReporting:customPdfLogo": { - "type": "text" - }, "notifications:lifetime:warning": { "type": "long" }, @@ -4181,9 +4190,6 @@ "notifications:lifetime:info": { "type": "long" }, - "notifications:banner": { - "type": "text" - }, "notifications:lifetime:error": { "type": "long" }, @@ -4200,7 +4206,10 @@ "type": "long" }, "defaultColumns": { - "type": "keyword" + "type": "array", + "items": { + "type": "keyword" + } }, "context:defaultSize": { "type": "long" @@ -4209,7 +4218,10 @@ "type": "long" }, "context:tieBreakerFields": { - "type": "keyword" + "type": "array", + "items": { + "type": "keyword" + } }, "discover:sort:defaultOrder": { "type": "keyword" @@ -4275,7 +4287,10 @@ "type": "boolean" }, "metaFields": { - "type": "keyword" + "type": "array", + "items": { + "type": "keyword" + } }, "indexPattern:placeholder": { "type": "keyword" @@ -4339,6 +4354,36 @@ }, "dateFormat": { "type": "keyword" + }, + "autocomplete:useTimeRange": { + "type": "boolean" + }, + "search:timeout": { + "type": "long" + }, + "visualization:visualize:legacyChartsLibrary": { + "type": "boolean" + }, + "doc_table:legacy": { + "type": "boolean" + }, + "discover:modifyColumnsOnSwitch": { + "type": "boolean" + }, + "discover:searchFieldsFromSource": { + "type": "boolean" + }, + "securitySolution:rulesTableRefresh": { + "type": "text" + }, + "apm:enableSignificantTerms": { + "type": "boolean" + }, + "apm:enableServiceOverview": { + "type": "boolean" + }, + "apm:enableCorrelations": { + "type": "boolean" } } }, diff --git a/src/plugins/usage_collection/server/collector/collector.ts b/src/plugins/usage_collection/server/collector/collector.ts index ccc17ea1c5967..8e8a74902d479 100644 --- a/src/plugins/usage_collection/server/collector/collector.ts +++ b/src/plugins/usage_collection/server/collector/collector.ts @@ -14,17 +14,38 @@ import { KibanaRequest, } from 'src/core/server'; -export type AllowedSchemaNumberTypes = 'long' | 'integer' | 'short' | 'byte' | 'double' | 'float'; +export type AllowedSchemaNumberTypes = + | 'long' + | 'integer' + | 'short' + | 'byte' + | 'double' + | 'float' + | 'date'; +export type AllowedSchemaStringTypes = 'keyword' | 'text' | 'date'; +export type AllowedSchemaBooleanTypes = 'boolean'; -export type AllowedSchemaTypes = AllowedSchemaNumberTypes | 'keyword' | 'text' | 'boolean' | 'date'; +export type AllowedSchemaTypes = + | AllowedSchemaNumberTypes + | AllowedSchemaStringTypes + | AllowedSchemaBooleanTypes; export interface SchemaField { type: string; } +export type PossibleSchemaTypes = U extends string + ? AllowedSchemaStringTypes + : U extends number + ? AllowedSchemaNumberTypes + : U extends boolean + ? AllowedSchemaBooleanTypes + : // allow any schema type from the union if typescript is unable to resolve the exact U type + AllowedSchemaTypes; + export type RecursiveMakeSchemaFrom = U extends object ? MakeSchemaFrom - : { type: AllowedSchemaTypes }; + : { type: PossibleSchemaTypes }; // Using Required to enforce all optional keys in the object export type MakeSchemaFrom = { diff --git a/src/plugins/vis_type_timelion/server/plugin.ts b/src/plugins/vis_type_timelion/server/plugin.ts index f999c1dfc773a..fca557efc01e3 100644 --- a/src/plugins/vis_type_timelion/server/plugin.ts +++ b/src/plugins/vis_type_timelion/server/plugin.ts @@ -173,6 +173,7 @@ export class Plugin { defaultMessage: '{experimentalLabel} Your API key from www.quandl.com', values: { experimentalLabel: `[${experimentalLabel}]` }, }), + sensitive: true, category: ['timelion'], schema: schema.string(), }, diff --git a/x-pack/plugins/dashboard_mode/server/ui_settings.ts b/x-pack/plugins/dashboard_mode/server/ui_settings.ts index f692ec8a33fc9..59de82cf7b3ab 100644 --- a/x-pack/plugins/dashboard_mode/server/ui_settings.ts +++ b/x-pack/plugins/dashboard_mode/server/ui_settings.ts @@ -22,6 +22,7 @@ export function getUiSettings(): Record> { }), value: [DASHBOARD_ONLY_USER_ROLE], category: ['dashboard'], + sensitive: true, deprecation: { message: i18n.translate('xpack.dashboardMode.uiSettings.dashboardsOnlyRolesDeprecation', { defaultMessage: 'This setting is deprecated and will be removed in Kibana 8.0.', diff --git a/x-pack/plugins/reporting/server/plugin.ts b/x-pack/plugins/reporting/server/plugin.ts index 05556f050e213..35101dbaab246 100644 --- a/x-pack/plugins/reporting/server/plugin.ts +++ b/x-pack/plugins/reporting/server/plugin.ts @@ -52,6 +52,7 @@ export class ReportingPlugin description: i18n.translate('xpack.reporting.pdfFooterImageDescription', { defaultMessage: `Custom image to use in the PDF's footer`, }), + sensitive: true, type: 'image', schema: schema.nullable(schema.byteSize({ max: '200kb' })), category: [PLUGIN_ID], diff --git a/x-pack/plugins/security_solution/server/ui_settings.ts b/x-pack/plugins/security_solution/server/ui_settings.ts index 548f718e1bc80..0d679cdefb92c 100644 --- a/x-pack/plugins/security_solution/server/ui_settings.ts +++ b/x-pack/plugins/security_solution/server/ui_settings.ts @@ -78,6 +78,8 @@ export const initUiSettings = (uiSettings: CoreSetup['uiSettings']) => { name: i18n.translate('xpack.securitySolution.uiSettings.defaultIndexLabel', { defaultMessage: 'Elasticsearch indices', }), + sensitive: true, + value: DEFAULT_INDEX_PATTERN, description: i18n.translate('xpack.securitySolution.uiSettings.defaultIndexDescription', { defaultMessage: @@ -147,6 +149,7 @@ export const initUiSettings = (uiSettings: CoreSetup['uiSettings']) => { defaultMessage: 'News feed URL', }), value: NEWS_FEED_URL_SETTING_DEFAULT, + sensitive: true, description: i18n.translate('xpack.securitySolution.uiSettings.newsFeedUrlDescription', { defaultMessage: '

News feed content will be retrieved from this URL

', }), @@ -167,6 +170,7 @@ export const initUiSettings = (uiSettings: CoreSetup['uiSettings']) => { 'Array of URL templates to build the list of reputation URLs to be displayed on the IP Details page.', } ), + sensitive: true, category: [APP_ID], requiresPageReload: true, schema: schema.arrayOf( diff --git a/x-pack/test/usage_collection/config.ts b/x-pack/test/usage_collection/config.ts index 27b12a1ff298c..d31ecc444d00d 100644 --- a/x-pack/test/usage_collection/config.ts +++ b/x-pack/test/usage_collection/config.ts @@ -24,7 +24,10 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { return { ...xpackFunctionalConfig.getAll(), // list paths to the files that contain your plugins tests - testFiles: [resolve(__dirname, './test_suites/application_usage')], + testFiles: [ + resolve(__dirname, './test_suites/application_usage'), + resolve(__dirname, './test_suites/stack_management_usage'), + ], services, pageObjects, diff --git a/x-pack/test/usage_collection/plugins/stack_management_usage_test/kibana.json b/x-pack/test/usage_collection/plugins/stack_management_usage_test/kibana.json new file mode 100644 index 0000000000000..b586de3fa4d79 --- /dev/null +++ b/x-pack/test/usage_collection/plugins/stack_management_usage_test/kibana.json @@ -0,0 +1,9 @@ +{ + "id": "StackManagementUsageTest", + "version": "1.0.0", + "kibanaVersion": "kibana", + "configPath": ["xpack", "StackManagementUsageTest"], + "requiredPlugins": [], + "server": false, + "ui": true +} diff --git a/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/index.ts b/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/index.ts new file mode 100644 index 0000000000000..82aae6988052a --- /dev/null +++ b/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/index.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { StackManagementUsageTest } from './plugin'; + +export function plugin() { + return new StackManagementUsageTest(); +} diff --git a/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/plugin.ts b/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/plugin.ts new file mode 100644 index 0000000000000..3cd10a1d4c178 --- /dev/null +++ b/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/plugin.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Plugin, CoreSetup, CoreStart } from 'kibana/public'; +import './types'; + +export class StackManagementUsageTest implements Plugin { + public setup(core: CoreSetup) {} + + public start(core: CoreStart) { + const allUiSettings = core.uiSettings.getAll(); + window.__registeredUiSettings__ = allUiSettings; + } +} diff --git a/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/types.ts b/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/types.ts new file mode 100644 index 0000000000000..c49ec89d94b9f --- /dev/null +++ b/x-pack/test/usage_collection/plugins/stack_management_usage_test/public/types.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IUiSettingsClient } from 'src/core/public'; +export {}; // Hack to declare this file as a module so TS allows us to extend the Global Window interface + +declare global { + interface Window { + __registeredUiSettings__: ReturnType; + } +} diff --git a/x-pack/test/usage_collection/plugins/stack_management_usage_test/tsconfig.json b/x-pack/test/usage_collection/plugins/stack_management_usage_test/tsconfig.json new file mode 100644 index 0000000000000..f1bf94a38de8f --- /dev/null +++ b/x-pack/test/usage_collection/plugins/stack_management_usage_test/tsconfig.json @@ -0,0 +1,12 @@ +{ + "extends": "../../../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "./target", + "skipLibCheck": true + }, + "include": [ + "public/**/*.ts", + "public/**/*.tsx", + ], + "exclude": [] +} diff --git a/x-pack/test/usage_collection/test_suites/stack_management_usage/index.ts b/x-pack/test/usage_collection/test_suites/stack_management_usage/index.ts new file mode 100644 index 0000000000000..b8f0cf522605e --- /dev/null +++ b/x-pack/test/usage_collection/test_suites/stack_management_usage/index.ts @@ -0,0 +1,60 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import _ from 'lodash'; +import { FtrProviderContext } from '../../ftr_provider_context'; +import { stackManagementSchema } from '../../../../../src/plugins/kibana_usage_collection/server/collectors/management/schema'; + +export default function ({ getService, getPageObjects }: FtrProviderContext) { + describe('Stack Management', function () { + this.tags('ciGroup1'); + const { common } = getPageObjects(['common']); + const browser = getService('browser'); + + let registeredSettings: Record; + + before(async () => { + await common.navigateToApp('home'); // Navigate to Home to make sure all the appIds are loaded + registeredSettings = await browser.execute(() => window.__registeredUiSettings__); + }); + + it('registers all UI Settings in the UsageStats interface', () => { + const unreportedUISettings = Object.keys(registeredSettings) + .filter((key) => key !== 'buildNum') + .filter((key) => typeof _.get(stackManagementSchema, key) === 'undefined'); + + if (unreportedUISettings.length) { + throw new Error( + `Detected the following unregistered UI Settings in the stack management collector: + ${JSON.stringify(unreportedUISettings, null)} + Update the management collector schema and its UsageStats interface. + Refer to src/plugins/kibana_usage_collection/server/collectors/management/README.md for additional information. + ` + ); + } + }); + + it('registers all sensitive UI settings as keyword type', async () => { + const sensitiveSettings = Object.entries(registeredSettings) + .filter(([, config]) => config.sensitive) + .map(([key]) => key); + + const nonBooleanSensitiveProps = sensitiveSettings + .map((key) => ({ key, ..._.get(stackManagementSchema, key) })) + .filter((keyDescriptor) => keyDescriptor.type !== 'keyword'); + + if (nonBooleanSensitiveProps.length) { + throw new Error( + `Detected the following sensitive UI Settings in the stack management collector not having a 'keyword' type: + ${JSON.stringify(nonBooleanSensitiveProps, null)} + Update each setting in the management collector schema with ({ type: 'keyword' }). + Refer to src/plugins/kibana_usage_collection/server/collectors/management/README.md for additional information. + ` + ); + } + }); + }); +}