Allow URL params for Security plugin intercept calls (#1276)

* Allow url params in intercept

Signed-off-by: Craig Perkins <[email protected]>

* Disable home modal

Signed-off-by: Craig Perkins <[email protected]>

* Update cypress/integration/plugins/security-dashboards-plugin/change_tenant_successfully.js

Signed-off-by: SuZhou-Joe <[email protected]>

* Fix CI check on main

Signed-off-by: Craig Perkins <[email protected]>

* Change text back

Signed-off-by: Craig Perkins <[email protected]>

* Move tenancy test over

Signed-off-by: Derek Ho <[email protected]>

* Use correct header when creating dashboard in tenancy_change_on_shortlink.js

Signed-off-by: Craig Perkins <[email protected]>

* Adjust import

Signed-off-by: Craig Perkins <[email protected]>

* Remove @

Signed-off-by: Craig Perkins <[email protected]>

* Add wildcard

Signed-off-by: Craig Perkins <[email protected]>

* Fix sanity_tests.spec.js

Signed-off-by: Craig Perkins <[email protected]>

* Close the modal

Signed-off-by: Craig Perkins <[email protected]>

---------

Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: SuZhou-Joe <[email protected]>
Signed-off-by: Derek Ho <[email protected]>
Co-authored-by: SuZhou-Joe <[email protected]>
Co-authored-by: Derek Ho <[email protected]>

Author: 3 people

cypress.json

@@ -17,6 +17,7 @@
     "remoteDataSourceBasicAuthPassword": "admin",
     "SECURITY_ENABLED": false,
     "AGGREGATION_VIEW": false,
+    "MULTITENANCY_ENABLED": true,
     "username": "admin",
     "password": "myStrongPassword123!",
     "ENDPOINT_WITH_PROXY": false,

cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js

@@ -117,6 +117,8 @@ if (Cypress.env('SECURITY_ENABLED') && Cypress.env('AGGREGATION_VIEW')) {
       ADMIN_AUTH.newUser = Cypress.env('username');
       ADMIN_AUTH.newPassword = Cypress.env('password');
       CURRENT_TENANT.newTenant = 'private';
+      cy.deleteIndexPattern('index-pattern1', { failOnStatusCode: false });
+      cy.deleteIndexPattern('index-pattern2', { failOnStatusCode: false });
     });
   });
 }

cypress/integration/plugins/security-dashboards-plugin/change_tenant_successfully.js

@@ -12,6 +12,8 @@ if (Cypress.env('SECURITY_ENABLED')) {
 
     before(() => {
       cy.server();
+      localStorage.setItem('home:welcome:show', false);
+      localStorage.setItem('home:newThemeModal:show', false);
     });
     it('Checks that the tenant switcher can switch tenants despite a different tenant being present in the tenant query parameter.', function () {
       CURRENT_TENANT.newTenant = tenantName;

cypress/integration/plugins/security-dashboards-plugin/multi_tenancy.js

@@ -39,6 +39,10 @@ if (Cypress.env('SECURITY_ENABLED')) {
         indexPatternPrivateTenantHeaderSetUp
       );
     });
+    after(() => {
+      cy.deleteIndexPattern('index-pattern1', { failOnStatusCode: false });
+      cy.deleteIndexPattern('index-pattern2', { failOnStatusCode: false });
+    });
     it('Test 1 Disable Multi Tenancy ', () => {
       CURRENT_TENANT.newTenant = 'private';
 

cypress/integration/plugins/security-dashboards-plugin/readonly.js

@@ -62,6 +62,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
             `"${TEST_CONFIG.tenant.name}"`
           );
           window.localStorage.setItem('home:newThemeModal:show', false);
+          window.localStorage.setItem('home:welcome:show', false);
         },
       });
       cy.waitForLoader();

cypress/integration/plugins/security-dashboards-plugin/sanity_tests.spec.js

@@ -6,9 +6,8 @@
 import {
   BASE_PATH,
   SEC_UI_TENANTS_PATH,
-  SEC_TENANTS_FIXTURES_PATH,
   SEC_INTERNALUSERS_FIXTURES_PATH,
-  SEC_API_INTERNAL_USERS_PATH,
+  SEC_API_INTERNAL_ACCOUNTS_PATH,
 } from '../../../utils/constants';
 
 if (Cypress.env('SECURITY_ENABLED')) {
@@ -48,17 +47,14 @@ if (Cypress.env('SECURITY_ENABLED')) {
         tenantDescription
       );
 
-      cy.mockTenantsAction(
-        SEC_TENANTS_FIXTURES_PATH + '/tenants_post_creation_response.json',
-        () => {
-          cy.get('button[id="submit"]').first().click({ force: true });
-        }
-      );
+      cy.get('button[id="submit"]').first().click({ force: true });
 
       cy.url().should((url) => {
         expect(url).to.contain('/tenants');
       });
 
+      cy.reload();
+
       cy.contains('h3', 'Tenants');
       // should contain the new tenant that was just created
       cy.contains('.euiTableCellContent', tenantName);
@@ -69,7 +65,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
       // Navigate to Security/Internal User Database section
 
       cy.visit(`${BASE_PATH}/app/security-dashboards-plugin#/users`);
-      cy.intercept(SEC_API_INTERNAL_USERS_PATH, {
+      cy.intercept(`${SEC_API_INTERNAL_ACCOUNTS_PATH}*`, {
         fixture:
           SEC_INTERNALUSERS_FIXTURES_PATH + '/internalusers_info_response.json',
       }).as('listUserResponse');
@@ -85,7 +81,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
       // Submit the form to create the user
       cy.get('button').contains('Create').click();
 
-      cy.intercept(SEC_API_INTERNAL_USERS_PATH, {
+      cy.intercept(`${SEC_API_INTERNAL_ACCOUNTS_PATH}*`, {
         fixture:
           SEC_INTERNALUSERS_FIXTURES_PATH +
           '/internalusers_response_post_new_user_creation.json',
@@ -161,7 +157,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
       // Step 3: Navigate to Manage data to add an index pattern
       cy.visit(`${BASE_PATH}/app/home`);
       cy.get('button[aria-label="Closes this modal window"]').click();
-      cy.get('a').contains('Manage').click(); // Adjust the selector as needed
+      cy.contains('Manage').click(); // Adjust the selector as needed
 
       // Step 4: Add the index pattern
       cy.get('[data-test-subj="indexPatterns"]').click();

cypress/integration/plugins/security-dashboards-plugin/switch_tenant.js

@@ -7,12 +7,12 @@ export function switchTenantTo(newTenant) {
   cy.getElementByTestId('account-popover').click();
   cy.intercept({
     method: 'GET',
-    url: '/api/v1/auth/dashboardsinfo',
+    url: '/api/v1/auth/dashboardsinfo*',
   }).as('waitForDashboardsInfo');
 
   cy.intercept({
     method: 'GET',
-    url: '/api/v1/configuration/account',
+    url: '/api/v1/configuration/account*',
   }).as('waitForAccountInfo');
 
   cy.getElementByTestId('switch-tenants').click();
@@ -37,7 +37,7 @@ export function switchTenantTo(newTenant) {
 
   cy.intercept({
     method: 'POST',
-    url: '/api/v1/multitenancy/tenant',
+    url: '/api/v1/multitenancy/tenant*',
   }).as('waitForUpdatingTenants');
   cy.getElementByTestId('tenant-switch-modal')
     .find('[data-test-subj="confirm"]')

cypress/integration/plugins/security-dashboards-plugin/tenancy_change_on_shortlink.js

@@ -5,31 +5,11 @@
 
 import { CURRENT_TENANT } from '../../../utils/commands';
 import { switchTenantTo } from './switch_tenant';
-import indexPatternGlobalTenantHeaderSetUp from '../../../fixtures/plugins/security-dashboards-plugin/indexpatterns/indexPatternGlobalTenantHeader.json';
-import indexPatternPrivateTenantHeaderSetUp from '../../../fixtures/plugins/security-dashboards-plugin/indexpatterns/indexPatternPrivateTenantHeader.json';
 
 if (Cypress.env('SECURITY_ENABLED')) {
   describe('Multi Tenancy Tests: ', () => {
     before(() => {
       cy.server();
-
-      cy.createIndexPattern(
-        'index-pattern1',
-        {
-          title: 's*',
-          timeFieldName: 'timestamp',
-        },
-        indexPatternGlobalTenantHeaderSetUp
-      );
-
-      cy.createIndexPattern(
-        'index-pattern2',
-        {
-          title: 'se*',
-          timeFieldName: 'timestamp',
-        },
-        indexPatternPrivateTenantHeaderSetUp
-      );
     });
 
     it('Tests that when the short URL is copied and pasted, it will route correctly with the right tenant', function () {
@@ -43,7 +23,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
           title: dashboardName,
         },
         {
-          security_tenant: 'private',
+          securitytenant: 'private',
         }
       );
 
@@ -83,13 +63,10 @@ if (Cypress.env('SECURITY_ENABLED')) {
         .should('be.visible')
         .click();
 
-      cy.getElementByTestId('savedObjectTitle').type(dashboardName);
-
       cy.intercept({
         method: 'POST',
         url: '/api/saved_objects/_bulk_get',
       }).as('waitForReloadingDashboard');
-      cy.getElementByTestId('confirmSaveSavedObjectButton').click();
       cy.wait('@waitForReloadingDashboard');
       cy.wait(2000);
 
@@ -113,36 +90,26 @@ if (Cypress.env('SECURITY_ENABLED')) {
           cy.log('Short url is ' + shortUrl);
           // Navigate away to avoid the non existing dashboard in the next tenant.
           switchTenantTo('global');
+          cy.waitForLoader();
+          cy.getElementByTestId('account-popover').click();
+          cy.get('#tenantName').should('contain.text', 'Global');
 
           // Since we can't reliably read the clipboard data, we have to append the tenant parameter manually
           cy.visit(shortUrl + '?security_tenant=private', {
-            excludeTenant: true, // We are passing the tenant as a query parameter. Mainly because of readability.
-            onBeforeLoad(window) {
-              // Here we are simulating the new tab scenario which isn't supported by Cypress
-              window.sessionStorage.clear();
-            },
-          });
+            waitForGetTenant: true, // We are passing the tenant as a query parameter. Mainly because of readability.
+            excludeTenant: true,
+            cache: 'clear',
+          }).reload();
+
+          cy.waitForLoader();
 
-          cy.url({ timeout: 10000 }).should('contain', 'security_tenant=');
+          cy.getElementByTestId('account-popover').should('be.visible').click();
+          cy.get('#tenantName').should('contain.text', 'Private');
           cy.getElementByTestId('breadcrumb last').should(
             'contain.text',
             dashboardName
           );
         });
     });
-    after(() => {
-      cy.deleteIndexPattern('index-pattern1', {
-        headers: {
-          securitytenant: ['global'],
-          'osd-xsrf': true,
-        },
-      });
-      cy.deleteIndexPattern('index-pattern2', {
-        headers: {
-          securitytenant: ['private'],
-          'osd-xsrf': true,
-        },
-      });
-    });
   });
 }

cypress/integration/plugins/security-dashboards-plugin/inaccessible_tenancy_features.js renamed to cypress/integration/plugins/security/inaccessible_tenancy_features.js

@@ -3,19 +3,19 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { TENANTS_MANAGE_PATH } from '../../../utils/dashboards/constants';
+import { SECURITY_PLUGIN_PATH } from '../../../utils/dashboards/constants';
 
-if (Cypress.env('SECURITY_ENABLED')) {
+if (Cypress.env('SECURITY_ENABLED') && !Cypress.env('MULTITENANCY_ENABLED')) {
   describe('Multi Tenancy Tests: ', () => {
     before(() => {
       cy.server();
     });
     it('Test Dashboards tenancy features should not be accessible ', () => {
       // This test is to ensure tenancy related features are not accessible when opensearch_security.multitenancy.enabled is disabled in the opensearchdashboard.yaml
-      cy.visit(TENANTS_MANAGE_PATH);
+      cy.visit(SECURITY_PLUGIN_PATH);
       cy.waitForLoader();
 
-      cy.contains('You have not enabled multi tenancy').should('exist');
+      cy.get('[title="Tenants"]').should('not.exist');
 
       // Switch tenants button should not exist when multi-tenancy is disabled.
       cy.get('#user-icon-btn').click();

cypress/integration/plugins/security/tenants_spec.js

@@ -24,7 +24,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
         }
       );
 
-      cy.contains('h3', 'Dashboards tenants');
+      cy.contains('h3', 'Tenants');
 
       // One of the many tenants
       cy.contains('.euiTableCellContent', 'Global');
@@ -69,7 +69,7 @@ if (Cypress.env('SECURITY_ENABLED')) {
         expect(url).to.contain('/tenants');
       });
 
-      cy.contains('h3', 'Dashboards tenants');
+      cy.contains('h3', 'Tenants');
       // should contain the new tenant that was just created
       cy.contains('.euiTableCellContent', tenantName);
       cy.contains('span', tenantDescription);