From a23124e7990b4f59ba9a51b4d151752c5ecbcc61 Mon Sep 17 00:00:00 2001 From: Matt Apperson Date: Fri, 19 Oct 2018 10:17:45 -0400 Subject: [PATCH] [BeatsCM] Fixes and issue where if security is disabled, BeatsCM breaks Kibana (#24249) * fix spelling * fix license and security checks * removed unused vars * cleanup * remove security check from route def as it is already managed in-route --- .../framework/kibana_framework_adapter.ts | 27 +++++++------------ .../public/lib/compose/kibana.ts | 5 +--- .../public/lib/compose/memory.ts | 9 +------ .../framework/kibana_framework_adapter.ts | 18 ++++++++++--- .../server/rest_api/beats/update.ts | 3 --- 5 files changed, 25 insertions(+), 37 deletions(-) diff --git a/x-pack/plugins/beats_management/public/lib/adapters/framework/kibana_framework_adapter.ts b/x-pack/plugins/beats_management/public/lib/adapters/framework/kibana_framework_adapter.ts index a0c24557267a25..b9f339f6be1a06 100644 --- a/x-pack/plugins/beats_management/public/lib/adapters/framework/kibana_framework_adapter.ts +++ b/x-pack/plugins/beats_management/public/lib/adapters/framework/kibana_framework_adapter.ts @@ -25,8 +25,6 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { private routes: any; private XPackInfoProvider: any; private xpackInfo: null | any; - private notifier: any; - private kbnUrlService: any; private chrome: any; constructor( @@ -34,8 +32,7 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { management: any, routes: any, chrome: any, - XPackInfoProvider: any, - Notifier: any + XPackInfoProvider: any ) { this.adapterService = new KibanaAdapterServiceProvider(); this.management = management; @@ -44,7 +41,6 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { this.chrome = chrome; this.XPackInfoProvider = XPackInfoProvider; this.appState = {}; - this.notifier = new Notifier({ location: 'Beats' }); } public get baseURLPath(): string { @@ -58,7 +54,9 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { }; public render = (component: React.ReactElement) => { - this.rootComponent = component; + if (this.hadValidLicense() && this.securityEnabled()) { + this.rootComponent = component; + } }; public hadValidLicense() { @@ -77,10 +75,10 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { } public registerManagementSection(pluginId: string, displayName: string, basePath: string) { - this.register(this.uiModule); + if (this.hadValidLicense() && this.securityEnabled()) { + this.register(this.uiModule); - this.hookAngular(() => { - if (this.hadValidLicense() && this.securityEnabled()) { + this.hookAngular(() => { const registerSection = () => this.management.register(pluginId, { display: 'Beats', // TODO these need to be config options not hard coded in the adapter @@ -97,13 +95,8 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { order: 30, url: `#${basePath}`, }); - } - - if (!this.securityEnabled()) { - this.notifier.error(this.xpackInfo.get(`features.beats_management.message`)); - this.kbnUrlService.redirect('/management'); - } - }); + }); + } } private manageAngularLifecycle($scope: any, $route: any, elem: any) { @@ -131,10 +124,8 @@ export class KibanaFrameworkAdapter implements FrameworkAdapter { this.chrome.dangerouslyGetActiveInjector().then(($injector: any) => { const Private = $injector.get('Private'); const xpackInfo = Private(this.XPackInfoProvider); - const kbnUrlService = $injector.get('kbnUrl'); this.xpackInfo = xpackInfo; - this.kbnUrlService = kbnUrlService; done(); }); } diff --git a/x-pack/plugins/beats_management/public/lib/compose/kibana.ts b/x-pack/plugins/beats_management/public/lib/compose/kibana.ts index 9ff3bbe613d838..659b3acf9dba7e 100644 --- a/x-pack/plugins/beats_management/public/lib/compose/kibana.ts +++ b/x-pack/plugins/beats_management/public/lib/compose/kibana.ts @@ -14,8 +14,6 @@ import chrome from 'ui/chrome'; import { management } from 'ui/management'; // @ts-ignore: path dynamic for kibana import { uiModules } from 'ui/modules'; -// @ts-ignore -import { Notifier } from 'ui/notify'; // @ts-ignore: path dynamic for kibana import routes from 'ui/routes'; @@ -54,8 +52,7 @@ export function compose(): FrontendLibs { management, routes, chrome, - XPackInfoProvider, - Notifier + XPackInfoProvider ); const libs: FrontendLibs = { diff --git a/x-pack/plugins/beats_management/public/lib/compose/memory.ts b/x-pack/plugins/beats_management/public/lib/compose/memory.ts index adfba95df01d88..fd56de9a776074 100644 --- a/x-pack/plugins/beats_management/public/lib/compose/memory.ts +++ b/x-pack/plugins/beats_management/public/lib/compose/memory.ts @@ -47,14 +47,7 @@ export function compose( }; const pluginUIModule = uiModules.get('app/beats_management'); - const framework = new KibanaFrameworkAdapter( - pluginUIModule, - management, - routes, - null, - null, - null - ); + const framework = new KibanaFrameworkAdapter(pluginUIModule, management, routes, null, null); const libs: FrontendLibs = { ...domainLibs, elasticsearch: new ElasticsearchLib(esAdapter), diff --git a/x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts b/x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts index 815b3696ef1402..9253c69227f4c9 100644 --- a/x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts +++ b/x-pack/plugins/beats_management/server/lib/adapters/framework/kibana_framework_adapter.ts @@ -59,6 +59,9 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter { } public exposeStaticDir(urlPath: string, dir: string): void { + if (!this.isSecurityEnabled()) { + return; + } this.server.route({ handler: { directory: { @@ -90,6 +93,13 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter { }); } + private isSecurityEnabled = () => { + return ( + this.server.plugins.xpack_main.info.isAvailable() && + this.server.plugins.xpack_main.info.feature('security').isEnabled() + ); + }; + private validateConfig() { // @ts-ignore const config = this.server.config(); @@ -111,7 +121,7 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter { securityEnabled: false, licenseValid: false, message: - 'You cannot manage Beats centeral management because license information is not available at this time.', + 'You cannot manage Beats central management because license information is not available at this time.', }; } @@ -127,7 +137,7 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter { return { securityEnabled: true, licenseValid: false, - message: `Your ${licenseType} license does not support Beats centeral management features. Please upgrade your license.`, + message: `Your ${licenseType} license does not support Beats central management features. Please upgrade your license.`, }; } @@ -136,14 +146,14 @@ export class KibanaBackendFrameworkAdapter implements BackendFrameworkAdapter { return { securityEnabled: true, licenseValid: false, - message: `You cannot edit, create, or delete your Beats centeral management configurations because your ${licenseType} license has expired.`, + message: `You cannot edit, create, or delete your Beats central management configurations because your ${licenseType} license has expired.`, }; } // Security is not enabled in ES if (!isSecurityEnabled) { const message = - 'Security must be enabled in order to use Beats centeral management features.' + + 'Security must be enabled in order to use Beats central management features.' + ' Please set xpack.security.enabled: true in your elasticsearch.yml.'; return { securityEnabled: false, diff --git a/x-pack/plugins/beats_management/server/rest_api/beats/update.ts b/x-pack/plugins/beats_management/server/rest_api/beats/update.ts index 6e64c0bea502a1..1194787fcbaaaa 100644 --- a/x-pack/plugins/beats_management/server/rest_api/beats/update.ts +++ b/x-pack/plugins/beats_management/server/rest_api/beats/update.ts @@ -15,9 +15,6 @@ export const createBeatUpdateRoute = (libs: CMServerLibs) => ({ path: '/api/beats/agent/{beatId}', licenseRequired: true, config: { - auth: { - mode: 'optional', - }, validate: { headers: Joi.object({ 'kbn-beats-access-token': Joi.string(),