for security put back allowed logic back to return empty results

elastic · Jul 22, 2019 · 9bd8719 · 9bd8719
1 parent aec149c
commit 9bd8719
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 20 deletions.
diff --git a/src/core/server/saved_objects/service/lib/repository.test.js b/src/core/server/saved_objects/service/lib/repository.test.js
@@ -1161,12 +1161,9 @@ describe('SavedObjectsRepository', () => {
 
     it('requires index pattern to be defined if filter is defined', async () => {
       callAdminCluster.mockReturnValue(noNamespaceSearchResults);
-      try {
-        await savedObjectsRepository.find({ type: 'foo', filter: 'foo.type: hello' });
-        throw new Error('expected find() to reject');
-      } catch (error) {
-        expect(error.message).toMatch('options.filter is missing index pattern to work correctly');
-      }
+      expect(savedObjectsRepository.find({ type: 'foo', filter: 'foo.type: hello' }))
+        .rejects
+        .toThrowErrorMatchingInlineSnapshot('"options.filter is missing index pattern to work correctly"');
     });
 
     it('passes mappings, schema, search, defaultSearchOperator, searchFields, type, sortField, sortOrder and hasReference to getSearchDsl',
@@ -2130,7 +2127,7 @@ describe('SavedObjectsRepository', () => {
       ).rejects.toEqual(new Error('Unsupported saved object type: \'hiddenType\': Bad Request'));
     });
 
-    it('should return an error object when attempting to \'find\' support and unsupported types', async () => {
+    it('should not return hidden saved ojects when attempting to \'find\' support and unsupported types', async () => {
       callAdminCluster.mockReturnValue({
         hits: {
           total: 1,
@@ -2146,24 +2143,39 @@ describe('SavedObjectsRepository', () => {
           ],
         },
       });
-      expect(savedObjectsRepository.find({ type: ['hiddenType', 'config'] }))
-        .rejects
-        .toThrowErrorMatchingInlineSnapshot('"options.type hiddenType are not allowed"');
+      const results = await savedObjectsRepository.find({ type: ['hiddenType', 'config'] });
+      expect(results).toEqual({
+        total: 1,
+        saved_objects: [
+          {
+            id: 'one',
+            references: [],
+            type: 'config',
+            updated_at: mockTimestamp,
+          },
+        ],
+        page: 1,
+        per_page: 20,
+      });
     });
 
-    it('should return an error object when attempting to \'find\' an unsupported type', async () => {
+    it('should return empty results when attempting to \'find\' an unsupported type', async () => {
       callAdminCluster.mockReturnValue({
         hits: {
           total: 0,
           hits: [],
         },
       });
-      expect(savedObjectsRepository.find({ type: 'hiddenType' }))
-        .rejects
-        .toThrowErrorMatchingInlineSnapshot('"options.type hiddenType are not allowed"');
+      const results = await savedObjectsRepository.find({ type: 'hiddenType' });
+      expect(results).toEqual({
+        total: 0,
+        saved_objects: [],
+        page: 1,
+        per_page: 20,
+      });
     });
 
-    it('should return an error object when attempting to \'find\' more than one unsupported types', async () => {
+    it('should return empty results when attempting to \'find\' more than one unsupported types', async () => {
       const findParams = { type: ['hiddenType', 'hiddenType2'] };
       callAdminCluster.mockReturnValue({
         status: 200,
@@ -2172,9 +2184,13 @@ describe('SavedObjectsRepository', () => {
           hits: [],
         },
       });
-      expect(savedObjectsRepository.find(findParams))
-        .rejects
-        .toThrowErrorMatchingInlineSnapshot('"options.type hiddenType, hiddenType2 are not allowed"');
+      const results = await savedObjectsRepository.find(findParams);
+      expect(results).toEqual({
+        total: 0,
+        saved_objects: [],
+        page: 1,
+        per_page: 20,
+      });
     });
 
     it('should error when attempting to \'delete\' hidden types', async () => {

diff --git a/src/core/server/saved_objects/service/lib/repository.ts b/src/core/server/saved_objects/service/lib/repository.ts
@@ -415,8 +415,12 @@ export class SavedObjectsRepository {
     const types = Array.isArray(type) ? type : [type];
     const allowedTypes = types.filter(t => this._allowedTypes.includes(t));
     if (allowedTypes.length === 0) {
-      const notAllowedTypes = types.filter(t => !this._allowedTypes.includes(t));
-      SavedObjectsErrorHelpers.createUnsupportedTypeError(notAllowedTypes.join(', '));
+      return {
+        page,
+        per_page: perPage,
+        total: 0,
+        saved_objects: [],
+      };
     }
 
     if (searchFields && !Array.isArray(searchFields)) {