user email validation

test/functional/config.js

@@ -163,6 +163,10 @@ export default async function ({ readConfigFile }) {
         pathname: '/app/kibana',
         hash: '/dev_tools/console',
       },
+      account: {
+        pathname: '/app/kibana',
+        hash: '/account',
+      },
       home: {
         pathname: '/app/kibana',
         hash: '/home',

x-pack/plugins/security/public/views/account/account.html

@@ -31,7 +31,7 @@ <h1 class="kuiTitle">
       Username
     </label>
     <div class="euiText">
-      <p ng-bind="::user.username"></p>
+      <p ng-bind="::user.username" data-test-subj=usernameField></p>
     </div>
   </div>
 
@@ -41,7 +41,7 @@ <h1 class="kuiTitle">
       Email
     </label>
     <div class="euiText">
-      <p ng-bind="::accountController.getEmail()"></p>
+      <p ng-bind="::accountController.getEmail()" data-test-subj=emailIdField></p>
     </div>
   </div>
 

x-pack/plugins/security/public/views/account/account.js

@@ -33,7 +33,10 @@ routes.when('/account', {
       }
 
       $scope.user.$changePassword()
-        .then(() => toastNotifications.addSuccess('Updated password'))
+        .then(() => toastNotifications.addSuccess({
+          title: 'Password successfully updated.',
+          'data-test-subj': 'passwordUpdateSuccess',
+        }))
         .then(onSuccess)
         .catch(error => {
           if (error.status === 401) {

x-pack/plugins/security/public/views/management/change_password_form/change_password_form.html

@@ -9,6 +9,7 @@
     <a
       kbn-accessible-click
       class="kuiLink"
+      data-test-subj="changePasswordLink"
       ng-show="!changePasswordController.isFormVisible"
       ng-click="changePasswordController.showForm()"
     >
@@ -29,6 +30,7 @@
           type="password"
           class="kuiTextInput fullWidth"
           id="password"
+          data-test-subj="currentPasswordInput"
           name="password"
           ng-model="changePasswordController.currentPassword"
           required
@@ -52,6 +54,7 @@
           type="password"
           class="kuiTextInput fullWidth"
           id="newPassword"
+          data-test-subj="newPasswordInput"
           name="newPassword"
           ng-model="changePasswordController.newPassword"
           required
@@ -76,6 +79,7 @@
           type="password"
           class="kuiTextInput fullWidth"
           name="confirmPassword"
+          data-test-subj="confirmPasswordInput"
           ng-model="changePasswordController.newPasswordConfirmation"
           required
         />
@@ -102,6 +106,7 @@
       <div class="kuiFormFooter">
         <button
           type="button"
+          data-test-subj="saveChangesButton"
           class="kuiButton kuiButton--primary"
           ng-click="onChangePassword({ newPassword: changePasswordController.newPassword, currentPassword: changePasswordController.currentPassword, onSuccess: changePasswordController.hideForm, onIncorrectPassword: changePasswordController.onIncorrectPassword })"
           ng-disabled="changePasswordForm.newPassword.$invalid || (changePasswordController.newPassword !== changePasswordController.newPasswordConfirmation)"

x-pack/plugins/security/public/views/nav_control/nav_control.html

@@ -4,6 +4,7 @@
     icon="'plugins/security/images/person.svg'"
     tooltip-content="accountTooltip(user.full_name || user.username)"
     label="user.full_name || user.username"
+    data-test-subj="loggedInUser"
   ></global-nav-link>
 
   <global-nav-link

x-pack/test/functional/apps/security/index.js

@@ -13,5 +13,6 @@ export default function ({ loadTestFile }) {
     loadTestFile(require.resolve('./secure_roles_perm'));
     loadTestFile(require.resolve('./field_level_security'));
     loadTestFile(require.resolve('./rbac_phase1'));
+    loadTestFile(require.resolve('./user_email'));
   });
 }

x-pack/test/functional/apps/security/user_email.js

@@ -0,0 +1,72 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import expect from 'expect.js';
+import { indexBy } from 'lodash';
+export default function ({ getService, getPageObjects }) {
+
+  const PageObjects = getPageObjects(['security', 'settings', 'common', 'accountSetting']);
+  const config = getService('config');
+  const log = getService('log');
+  const esArchiver = getService('esArchiver');
+
+  describe('useremail', function () {
+    before(async () => {
+      await esArchiver.load('discover');
+      await PageObjects.settings.navigateTo();
+      await PageObjects.security.clickElasticsearchUsers();
+    });
+
+    it('should show the default elastic and kibana users', async function () {
+      const users = indexBy(await PageObjects.security.getElasticsearchUsers(), 'username');
+      log.info('actualUsers = %j', users);
+      log.info('config = %j', config.get('servers.elasticsearch.hostname'));
+      if (config.get('servers.elasticsearch.hostname') === 'localhost') {
+        expect(users.elastic.roles).to.eql(['superuser']);
+        expect(users.elastic.reserved).to.be(true);
+        expect(users.kibana.roles).to.eql(['kibana_system']);
+        expect(users.kibana.reserved).to.be(true);
+      } else {
+        expect(users.anonymous.roles).to.eql(['anonymous']);
+        expect(users.anonymous.reserved).to.be(true);
+      }
+    });
+
+    it('should add new user', async function () {
+      await PageObjects.security.addUser({ username: 'newuser', password: 'changeme',
+        confirmPassword: 'changeme', fullname: 'newuserFirst newuserLast', email: '[email protected]',
+        save: true, roles: ['kibana_user', 'superuser'] });
+      const users = indexBy(await PageObjects.security.getElasticsearchUsers(), 'username');
+      log.debug('actualUsers = %j', users);
+      expect(users.newuser.roles).to.eql(['kibana_user', 'superuser']);
+      expect(users.newuser.fullname).to.eql('newuserFirst newuserLast');
+      expect(users.newuser.email).to.eql('[email protected]');
+      expect(users.newuser.reserved).to.be(false);
+      await PageObjects.security.logout();
+    });
+
+    it('login as new user and verify email', async function () {
+      await PageObjects.security.login('newuser', 'changeme');
+      await PageObjects.accountSetting.verifyAccountSettings('[email protected]', 'newuser');
+    });
+
+    it('click changepassword link, change the password and re-login', async function () {
+      await PageObjects.accountSetting.verifyAccountSettings('[email protected]', 'newuser');
+      await PageObjects.accountSetting.changePassword('changeme', 'mechange');
+      await PageObjects.security.logout();
+    });
+
+
+    it('login as new user with changed password', async function () {
+      await PageObjects.security.login('newuser', 'mechange');
+      await PageObjects.accountSetting.verifyAccountSettings('[email protected]', 'newuser');
+    });
+
+    after(async function () {
+      await PageObjects.security.logout();
+    });
+  });
+}

x-pack/test/functional/config.js

@@ -16,6 +16,7 @@ import {
   GrokDebuggerPageProvider,
   WatcherPageProvider,
   ReportingPageProvider,
+  AccountSettingProvider,
 } from './page_objects';
 
 import {
@@ -107,6 +108,7 @@ export default async function ({ readConfigFile }) {
     pageObjects: {
       ...kibanaFunctionalConfig.get('pageObjects'),
       security: SecurityPageProvider,
+      accountSetting: AccountSettingProvider,
       monitoring: MonitoringPageProvider,
       logstash: LogstashPageProvider,
       graph: GraphPageProvider,

x-pack/test/functional/page_objects/accountsetting_page.js

@@ -0,0 +1,34 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+//import { map as mapAsync } from 'bluebird';
+import expect from 'expect.js';
+
+export function AccountSettingProvider({ getService }) {
+  const testSubjects = getService('testSubjects');
+
+  class AccountSettingsPage {
+    async verifyAccountSettings(expectedEmail, expectedUserName) {
+      await testSubjects.click('loggedInUser');
+      const usernameField = await testSubjects.find('usernameField');
+      const userName = await usernameField.getVisibleText();
+      expect(userName).to.be(expectedUserName);
+      const emailIdField = await testSubjects.find('emailIdField');
+      const emailField = await emailIdField.getVisibleText();
+      expect(emailField).to.be(expectedEmail);
+    }
+
+    async changePassword(currentPassword, newPassword) {
+      await testSubjects.click('changePasswordLink');
+      await testSubjects.setValue('newPasswordInput', newPassword);
+      await testSubjects.setValue('currentPasswordInput', currentPassword);
+      await testSubjects.setValue('confirmPasswordInput', newPassword);
+      await testSubjects.click('saveChangesButton');
+      await testSubjects.existOrFail('passwordUpdateSuccess');
+    }
+  }
+  return new AccountSettingsPage();
+}

x-pack/test/functional/page_objects/index.js

@@ -11,3 +11,4 @@ export { GraphPageProvider } from './graph_page';
 export { GrokDebuggerPageProvider } from './grok_debugger_page';
 export { WatcherPageProvider } from './watcher_page';
 export { ReportingPageProvider } from './reporting_page';
+export { AccountSettingProvider } from './accountsetting_page';