diff --git a/x-pack/test_serverless/api_integration/test_suites/common/search_oss/bsearch.ts b/x-pack/test_serverless/api_integration/test_suites/common/search_oss/bsearch.ts index ba1f974a01608d6..063f6623738bbb2 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/search_oss/bsearch.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/search_oss/bsearch.ts @@ -10,6 +10,7 @@ import request from 'superagent'; import { inflateResponse } from '@kbn/bfetch-plugin/public/streaming'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { BFETCH_ROUTE_VERSION_LATEST } from '@kbn/bfetch-plugin/common'; +import { RoleCredentials } from '../../../../shared/services'; import type { FtrProviderContext } from '../../../ftr_provider_context'; import { painlessErrReq } from './painless_err_req'; import { verifyErrorResponse } from './verify_error'; @@ -24,18 +25,28 @@ function parseBfetchResponse(resp: request.Response, compressed: boolean = false } export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); const esArchiver = getService('esArchiver'); const svlCommonApi = getService('svlCommonApi'); + const svlUserManager = getService('svlUserManager'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); + let roleAuthc: RoleCredentials; + describe('bsearch', () => { + before(async () => { + roleAuthc = await svlUserManager.createApiKeyForRole('admin'); + }); + after(async () => { + await svlUserManager.invalidateApiKeyForRole(roleAuthc); + }); describe('post', () => { it('should return 200 a single response', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ batch: [ { @@ -66,11 +77,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 200 a single response from compressed', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/bsearch?compress=true`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ batch: [ { @@ -101,11 +113,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return a batch of successful responses', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ batch: [ { @@ -146,11 +159,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return error for not found strategy', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ batch: [ { @@ -179,11 +193,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 400 when index type is provided in "es" strategy', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ batch: [ { @@ -221,11 +236,12 @@ export default function ({ getService }: FtrProviderContext) { await esArchiver.unload('test/functional/fixtures/es_archiver/logstash_functional'); }); it('should return 400 "search_phase_execution_exception" for Painless error in "es" strategy', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/bsearch`) .set(ELASTIC_HTTP_VERSION_HEADER, BFETCH_ROUTE_VERSION_LATEST) // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ batch: [ { diff --git a/x-pack/test_serverless/api_integration/test_suites/common/search_oss/search.ts b/x-pack/test_serverless/api_integration/test_suites/common/search_oss/search.ts index 85a57a2c2d272ad..51702ad4e272a66 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/search_oss/search.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/search_oss/search.ts @@ -7,17 +7,27 @@ import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import expect from '@kbn/expect'; +import { RoleCredentials } from '../../../../shared/services'; import type { FtrProviderContext } from '../../../ftr_provider_context'; import { painlessErrReq } from './painless_err_req'; import { verifyErrorResponse } from './verify_error'; export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); const esArchiver = getService('esArchiver'); const svlCommonApi = getService('svlCommonApi'); const kibanaServer = getService('kibanaServer'); + const svlUserManager = getService('svlUserManager'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); + let roleAuthc: RoleCredentials; + describe('search', () => { + before(async () => { + roleAuthc = await svlUserManager.createApiKeyForRole('admin'); + }); + after(async () => { + await svlUserManager.invalidateApiKeyForRole(roleAuthc); + }); before(async () => { // TODO: emptyKibanaIndex fails in Serverless with // "index_not_found_exception: no such index [.kibana_ingest]", @@ -31,11 +41,12 @@ export default function ({ getService }: FtrProviderContext) { }); describe('post', () => { it('should return 200 when correctly formatted searches are provided', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ params: { body: { @@ -55,11 +66,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 200 if terminated early', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ params: { terminateAfter: 1, @@ -82,11 +94,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 404 when if no strategy is provided', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ body: { query: { @@ -100,11 +113,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 404 when if unknown strategy is provided', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search/banana`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ body: { query: { @@ -120,11 +134,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 400 with illegal ES argument', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ params: { timeout: 1, // This should be a time range string! @@ -143,11 +158,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 400 with a bad body', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send({ params: { body: { @@ -162,11 +178,12 @@ export default function ({ getService }: FtrProviderContext) { }); it('should return 400 for a painless error', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .post(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send(painlessErrReq) .expect(400); @@ -176,22 +193,24 @@ export default function ({ getService }: FtrProviderContext) { describe('delete', () => { it('should return 404 when no search id provided', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .delete(`/internal/search/es`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send() .expect(404); verifyErrorResponse(resp.body, 404); }); it('should return 400 when trying a delete on a non supporting strategy', async () => { - const resp = await supertest + const resp = await supertestWithoutAuth .delete(`/internal/search/es/123`) .set(ELASTIC_HTTP_VERSION_HEADER, '1') // TODO: API requests in Serverless require internal request headers .set(svlCommonApi.getInternalRequestHeader()) + .set(roleAuthc.apiKeyHeader) .send() .expect(400); verifyErrorResponse(resp.body, 400);