Add support for Elasticsearch security

2024-11-06 18:05:20 +00:00 · 2019-03-01 19:54:36 +01:00 · 2019-03-01 19:54:36 +01:00 · b140400c7f
commit b140400c7f
parent 1a873df018
1 changed files with 31 additions and 29 deletions
--- a/server/lib/elastic-wrapper.js
+++ b/server/lib/elastic-wrapper.js
@ -11,7 +11,7 @@
 */
 import { knownFields } from '../integration-files/known-fields';
 import { monitoringKnownFields } from '../integration-files/monitoring-known-fields';
-import querystring from 'querystring';
+
 export class ElasticWrapper {
  constructor(server) {
    this._server = server;
@ -243,25 +243,27 @@ export class ElasticWrapper {
        return Promise.reject(
          new Error('No valid index pattern id for update index pattern')
        );
-
+      const pattern = await this.getIndexPatternUsingGet(id);
      let detectedFields = [];
      try {
        // Merge fields logic
-        const patternId = id.includes('index-pattern')
-          ? id.split('index-pattern:')[1]
-          : id;
-        const meta_fields = ['_source', '_id', '_type', '_index', '_score'];
-        const standardRequest = {
-          url: `/api/index_patterns/_fields_for_wildcard?${querystring.stringify(
-            { pattern: patternId, meta_fields }
-          )}`,
-          method: 'GET'
-        };
-        const standardResponse = await this._server.inject(standardRequest);
-        detectedFields = ((standardResponse || {}).result || {}).fields || [];
-      } catch (error) {} //eslint-disable-line
+        const patternTitle =
+          (((pattern || {})._source || {})['index-pattern'] || {}).title || '';

-      const pattern = await this.getIndexPatternUsingGet(id);
+        const metaFields = ['_source', '_id', '_type', '_index', '_score'];
+        const callCluster = this.elasticRequest.callWithInternalUser;
+        const patternService = await this._server.indexPatternsServiceFactory({
+          callCluster
+        });
+        detectedFields = await patternService.getFieldsForWildcard({
+          pattern: patternTitle,
+          metaFields
+        });
+
+        if (!Array.isArray(detectedFields)) {
+          detectedFields = [];
+        }
+      } catch (error) { } //eslint-disable-line

      let currentFields = [];

@ -274,9 +276,9 @@ export class ElasticWrapper {
            item =>
              item.name &&
              item.name !==
-                'data.aws.service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat' &&
+              'data.aws.service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat' &&
              item.name !==
-                'data.aws.service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon'
+              'data.aws.service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon'
          );

          for (const field of knownFields) {
@ -613,17 +615,17 @@ export class ElasticWrapper {

      const data = req
        ? await this.elasticRequest.callWithRequest(req, 'update', {
-            index: '.wazuh',
-            type: 'wazuh-configuration',
-            id: id,
-            body: doc
-          })
+          index: '.wazuh',
+          type: 'wazuh-configuration',
+          id: id,
+          body: doc
+        })
        : await this.elasticRequest.callWithInternalUser('update', {
-            index: '.wazuh',
-            type: 'wazuh-configuration',
-            id: id,
-            body: doc
-          });
+          index: '.wazuh',
+          type: 'wazuh-configuration',
+          id: id,
+          body: doc
+        });

      return data;
    } catch (error) {
@ -698,7 +700,7 @@ export class ElasticWrapper {
      return (
        this.usingSearchGuard ||
        ((((data || {}).defaults || {}).xpack || {}).security || {}).enabled ==
-          'true'
+        'true'
      );
    } catch (error) {
      return Promise.reject(error);