From c8ecef0b040c628ccb6f2cb5ec992c5a4a275d88 Mon Sep 17 00:00:00 2001 From: sumukhswamy Date: Thu, 26 Jun 2025 13:49:46 -0700 Subject: [PATCH 1/4] security-patch-test Signed-off-by: sumukhswamy --- .../reports-dashboards/05-security.spec.js | 86 +++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 cypress/integration/plugins/reports-dashboards/05-security.spec.js diff --git a/cypress/integration/plugins/reports-dashboards/05-security.spec.js b/cypress/integration/plugins/reports-dashboards/05-security.spec.js new file mode 100644 index 000000000..287dbccf4 --- /dev/null +++ b/cypress/integration/plugins/reports-dashboards/05-security.spec.js @@ -0,0 +1,86 @@ +/* + * Copyright OpenSearch Contributors + * SPDX-License-Identifier: Apache-2.0 + */ + +import { BASE_PATH } from '../../../utils/constants'; + +if (Cypress.env('security_enabled')) { + describe('Reporting Security - Internal User with reports_full_access', () => { + const username = 'reportuser'; + const password = 'TestPassword123!'; + const roleName = `reports_full_access_${Math.random() + .toString(36) + .substring(2, 10)}`; + + it('creates a new internal user', () => { + cy.visit(`${BASE_PATH}/app/security-dashboards-plugin#/users`); + cy.contains('Internal users'); + cy.get('a[href="#/users/create"]').click({ force: true }); + + cy.get('input[data-test-subj="name-text"]').type(username); + cy.get('input[data-test-subj="password"]').type(password); + cy.get('input[data-test-subj="re-enter-password"]').type(password); + cy.get('button').contains('Create').click(); + + cy.contains(username).should('exist'); + }); + + it('creates a new role with reports_full_access permissions', () => { + Cypress.on('uncaught:exception', (err) => { + return false; + }); + + cy.visit(`${BASE_PATH}/app/security-dashboards-plugin#/roles/create`); + + cy.get('input[data-test-subj="name-text"]').type(roleName); + + const permissions = [ + 'cluster:admin/opendistro/reports/definition/create', + 'cluster:admin/opendistro/reports/definition/delete', + 'cluster:admin/opendistro/reports/definition/get', + 'cluster:admin/opendistro/reports/definition/list', + 'cluster:admin/opendistro/reports/definition/on_demand', + 'cluster:admin/opendistro/reports/definition/update', + 'cluster:admin/opendistro/reports/instance/get', + 'cluster:admin/opendistro/reports/instance/list', + 'cluster:admin/opendistro/reports/menu/download', + ]; + + permissions.forEach((perm) => { + cy.get('input[data-test-subj="comboBoxSearchInput"]') + .eq(0) + .type(`${perm}{downArrow}{enter}`); + }); + + cy.get('button').contains('Create').click(); + cy.contains(roleName).should('exist'); + }); + + it('maps the user to the reports_full_access role', () => { + cy.visit( + `${BASE_PATH}/app/security-dashboards-plugin#/roles/edit/${roleName}/mapuser` + ); + cy.contains('Map users'); + + cy.get('div[data-test-subj="comboBoxInput"]').type(username); + cy.get('button[id="map"]').click(); + + cy.contains(username).should('exist'); + }); + + it.skip('verifies the user can access reporting', () => { + cy.visit(`${BASE_PATH}/logout`); + cy.visit(BASE_PATH); + + cy.get('input[name="username"]').type(username); + cy.get('input[name="password"]').type(password); + cy.get('button[type="submit"]').click(); + + cy.visit(`${BASE_PATH}/app/reports-dashboards#/`); + cy.contains('Reporting').should('exist'); + cy.get('#createReportHomepageButton').should('exist').click(); + cy.contains('Create new report').should('exist'); + }); + }); +} From f65820028984a09bbcd0a8dfd7711e2b99a4131e Mon Sep 17 00:00:00 2001 From: sumukhswamy Date: Thu, 26 Jun 2025 14:17:04 -0700 Subject: [PATCH 2/4] security-patch-test Signed-off-by: sumukhswamy --- .../plugins/reports-dashboards/05-security.spec.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cypress/integration/plugins/reports-dashboards/05-security.spec.js b/cypress/integration/plugins/reports-dashboards/05-security.spec.js index 287dbccf4..c511a1e0d 100644 --- a/cypress/integration/plugins/reports-dashboards/05-security.spec.js +++ b/cypress/integration/plugins/reports-dashboards/05-security.spec.js @@ -5,7 +5,7 @@ import { BASE_PATH } from '../../../utils/constants'; -if (Cypress.env('security_enabled')) { +if (Cypress.env('SECURITY_ENABLED')) { describe('Reporting Security - Internal User with reports_full_access', () => { const username = 'reportuser'; const password = 'TestPassword123!'; @@ -27,7 +27,7 @@ if (Cypress.env('security_enabled')) { }); it('creates a new role with reports_full_access permissions', () => { - Cypress.on('uncaught:exception', (err) => { + Cypress.on('uncaught:exception', () => { return false; }); From 92d10f26dc6bcb46c186f13c66a6fa0c0cdb2fd3 Mon Sep 17 00:00:00 2001 From: sumukhswamy Date: Thu, 26 Jun 2025 15:22:43 -0700 Subject: [PATCH 3/4] security-patch-test Signed-off-by: sumukhswamy --- .../plugins/reports-dashboards/01-create.spec.js | 2 +- .../plugins/reports-dashboards/02-edit.spec.js | 8 ++++---- .../plugins/reports-dashboards/05-security.spec.js | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cypress/integration/plugins/reports-dashboards/01-create.spec.js b/cypress/integration/plugins/reports-dashboards/01-create.spec.js index 5016dbd87..3ee63cae2 100644 --- a/cypress/integration/plugins/reports-dashboards/01-create.spec.js +++ b/cypress/integration/plugins/reports-dashboards/01-create.spec.js @@ -223,7 +223,7 @@ describe('Cypress', () => { function visitCreateReportDefinitionPage() { cy.visit(`${BASE_PATH}/app/reports-dashboards#/`, { - waitForGetTenant: true, + waitForGetTenant: false, }); cy.location('pathname', { timeout: TIMEOUT }).should( 'include', diff --git a/cypress/integration/plugins/reports-dashboards/02-edit.spec.js b/cypress/integration/plugins/reports-dashboards/02-edit.spec.js index 53ced4565..2d70ff969 100644 --- a/cypress/integration/plugins/reports-dashboards/02-edit.spec.js +++ b/cypress/integration/plugins/reports-dashboards/02-edit.spec.js @@ -8,7 +8,7 @@ import { BASE_PATH, TIMEOUT } from '../../../utils/constants'; describe('Cypress', () => { it('Visit edit page, update name and description', () => { cy.visit(`${BASE_PATH}/app/reports-dashboards#/`, { - waitForGetTenant: true, + waitForGetTenant: false, }); cy.location('pathname', { timeout: TIMEOUT }).should( 'include', @@ -70,7 +70,7 @@ describe('Cypress', () => { it('Visit edit page, change report trigger', () => { cy.visit(`${BASE_PATH}/app/reports-dashboards#/`, { - waitForGetTenant: true, + waitForGetTenant: false, }); cy.location('pathname', { timeout: TIMEOUT }).should( 'include', @@ -129,7 +129,7 @@ describe('Cypress', () => { it('Visit edit page, change report trigger back', () => { cy.visit(`${BASE_PATH}/app/reports-dashboards#/`, { - waitForGetTenant: true, + waitForGetTenant: false, }); cy.location('pathname', { timeout: TIMEOUT }).should( 'include', @@ -185,4 +185,4 @@ describe('Cypress', () => { // check that re-direct to home page cy.get('#reportDefinitionDetailsLink').should('exist'); }); -}); +}); \ No newline at end of file diff --git a/cypress/integration/plugins/reports-dashboards/05-security.spec.js b/cypress/integration/plugins/reports-dashboards/05-security.spec.js index c511a1e0d..4af5fbeff 100644 --- a/cypress/integration/plugins/reports-dashboards/05-security.spec.js +++ b/cypress/integration/plugins/reports-dashboards/05-security.spec.js @@ -69,7 +69,7 @@ if (Cypress.env('SECURITY_ENABLED')) { cy.contains(username).should('exist'); }); - it.skip('verifies the user can access reporting', () => { + it('verifies the user can access reporting', () => { cy.visit(`${BASE_PATH}/logout`); cy.visit(BASE_PATH); From 5b06f23c6a4c64041e3be4f47f4766043a10c8c5 Mon Sep 17 00:00:00 2001 From: sumukhswamy Date: Thu, 26 Jun 2025 18:45:15 -0700 Subject: [PATCH 4/4] security-patch-test Signed-off-by: sumukhswamy --- .../integration/plugins/reports-dashboards/05-security.spec.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cypress/integration/plugins/reports-dashboards/05-security.spec.js b/cypress/integration/plugins/reports-dashboards/05-security.spec.js index 4af5fbeff..29e8ceede 100644 --- a/cypress/integration/plugins/reports-dashboards/05-security.spec.js +++ b/cypress/integration/plugins/reports-dashboards/05-security.spec.js @@ -73,7 +73,7 @@ if (Cypress.env('SECURITY_ENABLED')) { cy.visit(`${BASE_PATH}/logout`); cy.visit(BASE_PATH); - cy.get('input[name="username"]').type(username); + cy.get('input[name="username"]', { timeout: 10000 }).should('be.visible').type(username); cy.get('input[name="password"]').type(password); cy.get('button[type="submit"]').click();