Making it possible to skip ext user authz if returned URI is undefined

#126

Author: Chris Wiechmann

CHANGELOG.md

@@ -5,8 +5,16 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
+### Fixed
+- Index-Templates failed to install without using a region [#124](https://github.com/Axway-API-Management-Plus/apigateway-openlogging-elk/issues/124)
+
+### Added
+- Skip Ext-HTTP-User-AuthZ if returned URL is undefined [#126](https://github.com/Axway-API-Management-Plus/apigateway-openlogging-elk/issues/126)
+
 ### Changed
 - Updated Elastic-Stack from version 7.12.1 to 7.13.3
+- API-Builder stops/terminates with an error-message and error-code, if Elasticsearch cannot be configured (e.g. Index-Templates cannot be installed)
+
 
 ## [3.3.0] 2021-07-21
 ### Fixed

apibuilder4elastic/custom_flow_nodes/api-builder-plugin-authorization/src/actions.js

@@ -142,6 +142,10 @@ async function addExtHTTPAuthzFilter(params, options) {
 		} else {
 			throw new Error(`Missing method: createRequestUri. You have to defined the createRequestUri method to create the request URI.`);
 		}
+		if(!replacedUri) {
+			logger.info(`User authorization for user: ${user.loginName} is skipped, as returned URI is undefined.`);
+			return elasticQuery;
+		}
 		logger.info(`External groups NOT found in cache with key: '${cacheKey}'. Going to request information from ${replacedUri}`);
 		const resp = await requester(replacedUri, cfg.headers, cfg.method, cfg.body, { logger, ...cfg.options });
 		cache.set(cacheKey, resp);

apibuilder4elastic/custom_flow_nodes/api-builder-plugin-authorization/test/testConfig/authorization-config-extAuthZCustom.js

@@ -18,6 +18,8 @@ var authorizationConfig = {
 
 async function createRequestUri(user, cfg, options) {
 	// Replace the loginName which is part of the URI
+	if(user.loginName == "SKIP-AUTHZ") return undefined;
+	if(user.loginName == "SKIP-AUTHZ-BOOLEAN") return false;
 	return cfg.uri.replace("__loginName__", user.loginName);
 }
 

apibuilder4elastic/custom_flow_nodes/api-builder-plugin-authorization/test/testExtHttpAuthZ1Custom.js

@@ -46,5 +46,29 @@ describe('flow-node Authorization', () => {
 			expect(value).to.deep.equal(expectedQuery);
 			expect(output).to.equal('next');
 		});
+
+		it('should skip the user authorization based on undefined URI', async () => { 
+			var elasticQuery = JSON.parse(fs.readFileSync('./test/mock/givenElasticQuery.json'), null);
+			
+			const { value, output } = await flowNode.addExtHTTPAuthzFilter({
+				user: { loginName: "SKIP-AUTHZ" }, elasticQuery: elasticQuery, restrictionField: "customProperties.field1"
+			});
+
+			expect(value).to.be.instanceOf(Object);
+			expect(value).to.deep.equal(elasticQuery);
+			expect(output).to.equal('next');
+		});
+
+		it('should skip the user authorization based on a returned boolean false as an URI', async () => { 
+			var elasticQuery = JSON.parse(fs.readFileSync('./test/mock/givenElasticQuery.json'), null);
+			
+			const { value, output } = await flowNode.addExtHTTPAuthzFilter({
+				user: { loginName: "SKIP-AUTHZ-BOOLEAN" }, elasticQuery: elasticQuery, restrictionField: "customProperties.field1"
+			});
+
+			expect(value).to.be.instanceOf(Object);
+			expect(value).to.deep.equal(elasticQuery);
+			expect(output).to.equal('next');
+		});
 	});
 });