Add test for aggregation view feature (opensearch-project#334)

Signed-off-by: Jakub Przybylski <jakub.przybylski@eliatra.com>

cypress.json

@@ -12,11 +12,12 @@
   "env": {
     "openSearchUrl": "http://localhost:9200",
     "SECURITY_ENABLED": false,
+    "AGGREGATION_VIEW": false,
     "username": "admin",
     "password": "admin",
     "ENDPOINT_WITH_PROXY": false,
     "MANAGED_SERVICE_ENDPOINT": false,
     "VISBUILDER_ENABLED": false,
     "DATASOURCE_MANAGEMENT_ENABLED": false
   }
-}
+}

cypress/fixtures/plugins/security-dashboards-plugin/indexpatterns/indexPatternTenantHeader.json

@@ -0,0 +1,3 @@
+{
+  "securitytenant": ["test"]
+}

cypress/fixtures/plugins/security-dashboards-plugin/roles/roleWithTest.json

@@ -0,0 +1,24 @@
+{
+  "cluster_permissions": [
+      "cluster_all"
+    ],
+  "index_permissions": [{
+    "index_patterns": [
+      "*"
+    ],
+    "dls": "",
+    "fls": [],
+    "masked_fields": [],
+    "allowed_actions": [
+      "indices_all"
+    ]
+  }],
+  "tenant_permissions": [{
+    "tenant_patterns": [
+      "test"
+    ],
+    "allowed_actions": [
+      "kibana_all_write"
+    ]
+  }]
+}

cypress/fixtures/plugins/security-dashboards-plugin/roles/roleWithoutTest.json

@@ -0,0 +1,20 @@
+{
+  "cluster_permissions": [
+      "cluster_all"
+    ],
+  "index_permissions": [{
+    "index_patterns": [
+      "*"
+    ],
+    "dls": "",
+    "fls": [],
+    "masked_fields": [],
+    "allowed_actions": [
+      "indices_all"
+    ]
+  }],
+  "tenant_permissions": [{
+    "tenant_patterns": [],
+    "allowed_actions": []
+  }]
+}

cypress/fixtures/plugins/security-dashboards-plugin/rolesmapping/kibanauserRoleMapping.json

@@ -0,0 +1,4 @@
+{
+  "backend_roles" : [ "kibanauser" ],
+  "users" : [ "test1", "test2" ]
+}

cypress/fixtures/plugins/security-dashboards-plugin/rolesmapping/roleWithTestMapping.json

@@ -0,0 +1,3 @@
+{
+  "users" : [ "test1" ]
+}

cypress/fixtures/plugins/security-dashboards-plugin/rolesmapping/roleWithoutTestMapping.json

@@ -0,0 +1,3 @@
+{
+  "users" : [ "test2" ]
+}

cypress/fixtures/plugins/security-dashboards-plugin/tenants/testTenant.json

@@ -0,0 +1,3 @@
+{
+  "description": "This test tenant for aggregation view feature testing."
+}

cypress/fixtures/plugins/security-dashboards-plugin/users/testUser.json

@@ -0,0 +1,3 @@
+{
+  "password": "password"
+}

cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js

@@ -0,0 +1,108 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import {
+  SAVED_OBJECTS_PATH,
+} from '../../../utils/dashboards/constants';
+
+import { 
+  ADMIN_AUTH,
+  CURRENT_TENANT,
+ } from '../../../utils/commands';
+
+import tenantDescription from '../../../fixtures/plugins/security-dashboards-plugin/tenants/testTenant';
+import testUsersSetUp from '../../../fixtures/plugins/security-dashboards-plugin/users/testUser';
+import roleWithTestSetUp from '../../../fixtures/plugins/security-dashboards-plugin/roles/roleWithTest';
+import roleWithoutTestSetUp from '../../../fixtures/plugins/security-dashboards-plugin/roles/roleWithoutTest';
+import kibanaRoleMappingSetUp from '../../../fixtures/plugins/security-dashboards-plugin/rolesmapping/kibanauserRoleMapping';
+import roleWithTestMappingSetUp from '../../../fixtures/plugins/security-dashboards-plugin/rolesmapping/roleWithTestMapping';
+import roleWithoutTestMappingSetUp from '../../../fixtures/plugins/security-dashboards-plugin/rolesmapping/roleWithoutTestMapping';
+import indexPatternTenantHeaderSetUp from '../../../fixtures/plugins/security-dashboards-plugin/indexpatterns/indexPatternTenantHeader';
+
+const tenantName = 'test';
+const userName1 = 'test1';
+const userName2 = 'test2';
+const password = 'password';
+const roleName1 = 'roleWithTest';
+const roleName2 = 'roleWithoutTest';
+const kibanaRoleName = 'kibana_user'
+
+if (Cypress.env('SECURITY_ENABLED') && Cypress.env('AGGREGATION_VIEW')) {
+  describe('Saved objects table test', () => {
+    // start a server so that server responses can be mocked via fixtures
+    // in all of the below test cases
+    before(() => {
+      cy.server();
+      cy.createTenant(tenantName, tenantDescription);
+
+      cy.createIndexPattern('index-pattern1', {
+        title: 's*',
+        timeFieldName: 'timestamp',
+      });
+      cy.createIndexPattern('index-pattern2', {
+        title: 'se*',
+        timeFieldName: 'timestamp',
+      },
+      indexPatternTenantHeaderSetUp        
+      );
+
+      cy.createInternalUser(userName1, testUsersSetUp);
+      cy.createInternalUser(userName2, testUsersSetUp);
+
+      cy.createRole(roleName1, roleWithTestSetUp);
+      cy.createRole(roleName2, roleWithoutTestSetUp);
+
+      cy.createRoleMapping(kibanaRoleName, kibanaRoleMappingSetUp);
+      cy.createRoleMapping(roleName1, roleWithTestMappingSetUp);
+      cy.createRoleMapping(roleName2, roleWithoutTestMappingSetUp);
+
+      cy.wait(300000);
+    });
+
+    it('should check the saved objects as global tenant', () => {
+      CURRENT_TENANT.newTenant = 'global';
+      cy.visit(SAVED_OBJECTS_PATH);
+      cy.contains('a', 'Saved objects');
+      cy.contains('a', 's*');
+      cy.contains('a', 'se*');
+    });
+
+    it('should login as test1 and check saved object', () =>{
+      CURRENT_TENANT.newTenant = 'private';
+      ADMIN_AUTH.newUser = userName1;
+      ADMIN_AUTH.newPassword = password;
+
+      cy.visit(SAVED_OBJECTS_PATH);
+      cy.url().should((url) => {
+        expect(url).to.contain('/management');
+      });
+
+      cy.wait(5000);
+      cy.contains('a', 'se*');
+      cy.contains('a', 's*').should('not.exist');
+    });
+
+    it('should login as test2 and check saved object', () =>{
+      CURRENT_TENANT.newTenant = 'private';
+      ADMIN_AUTH.newUser = userName2;
+      ADMIN_AUTH.newPassword = password;
+
+      cy.visit(SAVED_OBJECTS_PATH);
+      cy.url().should((url) => {
+        expect(url).to.contain('/management');
+      });
+
+      cy.wait(5000);
+      cy.contains('a', 'se*').should('not.exist');
+      cy.contains('a', 's*').should('not.exist');
+    });
+
+    after(() => {
+      ADMIN_AUTH.newUser = Cypress.env('username');
+      ADMIN_AUTH.newPassword = Cypress.env('password');
+      CURRENT_TENANT.newTenant = 'private';
+    });
+  });
+}

cypress/support/index.js

@@ -25,6 +25,7 @@ import '../utils/dashboards/datasource-management-dashboards-plugin/commands';
 import '../utils/plugins/index-management-dashboards-plugin/commands';
 import '../utils/plugins/anomaly-detection-dashboards-plugin/commands';
 import '../utils/plugins/security/commands';
+import '../utils/plugins/security-dashboards-plugin/commands';
 import '../utils/plugins/alerting-dashboards-plugin/commands';
 
 // Alternatively you can use CommonJS syntax:

cypress/utils/commands.js

@@ -5,11 +5,24 @@
 
 import { BASE_PATH, IM_API } from './constants';
 
-const ADMIN_AUTH = {
+export const ADMIN_AUTH = {
   username: Cypress.env('username'),
   password: Cypress.env('password'),
+  set newUser(changedUsername) {
+    this.username = changedUsername
+  },
+  set newPassword(changedPassword) {
+    this.password = changedPassword;
+  },
 };
 
+export const CURRENT_TENANT = {
+  defaultTenant:'private',
+  set newTenant(changedTenant) {
+    this.defaultTenant = changedTenant; 
+  },
+}
+
 export const supressNoRequestOccurred = () => {
   cy.on('fail', (err) => {
     if (err.message.includes('No request ever occurred.')) return false;
@@ -33,7 +46,7 @@ Cypress.Commands.overwrite('visit', (orig, url, options) => {
         auth: ADMIN_AUTH,
       };
     }
-    newOptions.qs = { security_tenant: 'private' };
+    newOptions.qs = { security_tenant: CURRENT_TENANT.defaultTenant };
     if (waitForGetTenant) {
       cy.intercept('GET', '/api/v1/multitenancy/tenant').as('getTenant');
       orig(url, newOptions);
@@ -185,7 +198,7 @@ Cypress.Commands.add('bulkUploadDocs', (fixturePath, index) => {
   });
 });
 
-Cypress.Commands.add('createIndexPattern', (id, attributes) => {
+Cypress.Commands.add('createIndexPattern', (id, attributes, header = {}) => {
   const url = `${
     Cypress.config().baseUrl
   }/api/saved_objects/index-pattern/${id}`;
@@ -196,6 +209,7 @@ Cypress.Commands.add('createIndexPattern', (id, attributes) => {
     headers: {
       'content-type': 'application/json;charset=UTF-8',
       'osd-xsrf': true,
+      ...header,
     },
     body: JSON.stringify({
       attributes,

cypress/utils/constants.js

@@ -12,3 +12,4 @@ export * from './plugins/reports-dashboards/constants';
 export * from './plugins/query-workbench-dashboards/constants';
 export * from './plugins/security/constants';
 export * from './plugins/notifications-dashboards/constants';
+export * from './plugins/security-dashboards-plugin/constants';

cypress/utils/dashboards/constants.js

@@ -2,3 +2,11 @@
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
  */
+
+import { BASE_PATH } from '../base_constants';
+
+// STACK MANAGEMENT PATH
+export const STACK_MANAGEMENT_PATH = BASE_PATH + '/app/management';
+
+export const INDEX_PATTERN_PATH = STACK_MANAGEMENT_PATH + '/opensearch-dashboards/indexPatterns';
+export const SAVED_OBJECTS_PATH = STACK_MANAGEMENT_PATH + '/opensearch-dashboards/objects';

cypress/utils/index.d.ts

@@ -46,15 +46,16 @@ declare namespace Cypress {
     /**
      * Adds an index pattern
      * @example
-     * cy.createIndexPattern('patterId', 'patt*', 'timestamp')
+     * cy.createIndexPattern('patterId', { title: 'patt*', timeFieldName: 'timestamp' })
      */
     createIndexPattern<S = any>(
       id: string,
       attributes: {
         title: string;
         timeFieldName?: string;
         [key: string]: any;
-      }
+      },
+      header: string,
     ): Chainable<S>;
 
     /**

cypress/utils/plugins/security-dashboards-plugin/commands.js

@@ -0,0 +1,48 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { SEC_API } from '../../constants';
+
+/**
+ *****************************
+ SECURITY DASHBOARDS PLUGIN COMMANDS
+ *****************************
+ */
+
+ Cypress.Commands.add('createTenant', (tenantID, tenantJson) => {
+  cy.request(
+    'PUT',
+    `${Cypress.env('openSearchUrl')}${SEC_API.TENANTS_BASE}/${tenantID}`,
+    tenantJson
+  );
+  cy.wait(10000);
+});
+
+Cypress.Commands.add('createInternalUser', (userID, userJson) => {
+  cy.request(
+    'PUT',
+    `${Cypress.env('openSearchUrl')}${SEC_API.INTERNALUSERS_BASE}/${userID}`,
+    userJson
+  );
+  cy.wait(10000);
+});
+
+Cypress.Commands.add('createRole', (roleID, roleJson) => {
+  cy.request(
+    'PUT',
+    `${Cypress.env('openSearchUrl')}${SEC_API.ROLE_BASE}/${roleID}`,
+    roleJson
+  );
+  cy.wait(10000);
+});
+
+Cypress.Commands.add('createRoleMapping', (roleID, rolemappingJson) => {
+  cy.request(
+    'PUT',
+    `${Cypress.env('openSearchUrl')}${SEC_API.ROLE_MAPPING_BASE}/${roleID}`,
+    rolemappingJson
+  );
+  cy.wait(10000);
+});

cypress/utils/plugins/security-dashboards-plugin/constants.js

@@ -0,0 +1,19 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/**
+ *****************************
+ SECURITY DASHBOARDS PLUGIN CONSTANTS
+ *****************************
+ */
+
+//Security API Constants
+export const SEC_API_PREFIX = '/_plugins/_security/api';
+export const SEC_API = {
+    TENANTS_BASE: `${SEC_API_PREFIX}/tenants`,
+    INTERNALUSERS_BASE: `${SEC_API_PREFIX}/internalusers`,
+    ROLE_BASE: `${SEC_API_PREFIX}/roles`,
+    ROLE_MAPPING_BASE: `${SEC_API_PREFIX}/rolesmapping`,
+}