Remove XPackDeleteByQueryAction BWC (elastic/x-pack-elasticsearch#1400)
5.5 will use delete by query from the module directly and has the BWC layer in-place. This change therefore removes the BWC layer from 6.0 Relates to elastic/x-pack-elasticsearch#1378 Original commit: elastic/x-pack-elasticsearch@d4d4d6bc61
This commit is contained in:
parent
9f7f8ffb4d
commit
0215356f12
|
@ -56,7 +56,6 @@ import org.elasticsearch.xpack.action.TransportXPackInfoAction;
|
|||
import org.elasticsearch.xpack.action.TransportXPackUsageAction;
|
||||
import org.elasticsearch.xpack.action.XPackInfoAction;
|
||||
import org.elasticsearch.xpack.action.XPackUsageAction;
|
||||
import org.elasticsearch.xpack.common.action.XPackDeleteByQueryAction;
|
||||
import org.elasticsearch.xpack.common.http.HttpClient;
|
||||
import org.elasticsearch.xpack.common.http.HttpRequestTemplate;
|
||||
import org.elasticsearch.xpack.common.http.HttpSettings;
|
||||
|
@ -399,7 +398,6 @@ public class XPackPlugin extends Plugin implements ScriptPlugin, ActionPlugin, I
|
|||
List<ActionHandler<? extends ActionRequest, ? extends ActionResponse>> actions = new ArrayList<>();
|
||||
actions.add(new ActionHandler<>(XPackInfoAction.INSTANCE, TransportXPackInfoAction.class));
|
||||
actions.add(new ActionHandler<>(XPackUsageAction.INSTANCE, TransportXPackUsageAction.class));
|
||||
actions.add(new ActionHandler<>(XPackDeleteByQueryAction.INSTANCE, XPackDeleteByQueryAction.TransportAction.class));
|
||||
actions.addAll(licensing.getActions());
|
||||
actions.addAll(monitoring.getActions());
|
||||
actions.addAll(security.getActions());
|
||||
|
|
|
@ -1,76 +0,0 @@
|
|||
/*
|
||||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||
* or more contributor license agreements. Licensed under the Elastic License;
|
||||
* you may not use this file except in compliance with the Elastic License.
|
||||
*/
|
||||
package org.elasticsearch.xpack.common.action;
|
||||
|
||||
import org.elasticsearch.action.Action;
|
||||
import org.elasticsearch.action.ActionListener;
|
||||
import org.elasticsearch.index.reindex.BulkByScrollResponse;
|
||||
import org.elasticsearch.index.reindex.DeleteByQueryAction;
|
||||
import org.elasticsearch.index.reindex.DeleteByQueryRequest;
|
||||
import org.elasticsearch.index.reindex.DeleteByQueryRequestBuilder;
|
||||
import org.elasticsearch.action.support.ActionFilters;
|
||||
import org.elasticsearch.action.support.HandledTransportAction;
|
||||
import org.elasticsearch.action.support.IndicesOptions;
|
||||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.client.ElasticsearchClient;
|
||||
import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
|
||||
import org.elasticsearch.common.inject.Inject;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.tasks.Task;
|
||||
import org.elasticsearch.threadpool.ThreadPool;
|
||||
import org.elasticsearch.transport.TransportService;
|
||||
|
||||
public class XPackDeleteByQueryAction extends Action<DeleteByQueryRequest, BulkByScrollResponse,
|
||||
DeleteByQueryRequestBuilder> {
|
||||
|
||||
public static final XPackDeleteByQueryAction INSTANCE = new XPackDeleteByQueryAction();
|
||||
// Ideally we'd use an "internal" action here as we don't want transport client users running it
|
||||
// but unfortunately the _xpack user is forbidden to run "internal" actions as these are really
|
||||
// intended to be run as the system user
|
||||
public static final String NAME = "indices:internal/data/write/xpackdeletebyquery";
|
||||
|
||||
private XPackDeleteByQueryAction() {
|
||||
super(NAME);
|
||||
}
|
||||
|
||||
@Override
|
||||
public DeleteByQueryRequestBuilder newRequestBuilder(ElasticsearchClient client) {
|
||||
return DeleteByQueryAction.INSTANCE.newRequestBuilder(client);
|
||||
}
|
||||
|
||||
@Override
|
||||
public BulkByScrollResponse newResponse() {
|
||||
return DeleteByQueryAction.INSTANCE.newResponse();
|
||||
}
|
||||
|
||||
public static class TransportAction extends HandledTransportAction<DeleteByQueryRequest, BulkByScrollResponse> {
|
||||
private final Client client;
|
||||
|
||||
@Inject
|
||||
public TransportAction(Settings settings, ThreadPool threadPool, ActionFilters actionFilters,
|
||||
IndexNameExpressionResolver resolver, TransportService transportService, Client client) {
|
||||
super(settings, XPackDeleteByQueryAction.NAME, threadPool, transportService, actionFilters, resolver, DeleteByQueryRequest::new);
|
||||
this.client = client;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doExecute(Task task, DeleteByQueryRequest request, ActionListener<BulkByScrollResponse> listener) {
|
||||
this.client.execute(DeleteByQueryAction.INSTANCE, request, listener);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doExecute(DeleteByQueryRequest request, ActionListener<BulkByScrollResponse> listener) {
|
||||
throw new UnsupportedOperationException("task required");
|
||||
}
|
||||
}
|
||||
|
||||
private static IndicesOptions addIgnoreUnavailable(IndicesOptions indicesOptions) {
|
||||
return IndicesOptions.fromOptions(true, indicesOptions.allowNoIndices(),
|
||||
indicesOptions.expandWildcardsOpen(), indicesOptions.expandWildcardsClosed(),
|
||||
indicesOptions);
|
||||
}
|
||||
|
||||
}
|
|
@ -34,7 +34,6 @@ import org.elasticsearch.common.util.set.Sets;
|
|||
import org.elasticsearch.threadpool.ThreadPool;
|
||||
import org.elasticsearch.transport.TransportActionProxy;
|
||||
import org.elasticsearch.transport.TransportRequest;
|
||||
import org.elasticsearch.xpack.common.action.XPackDeleteByQueryAction;
|
||||
import org.elasticsearch.xpack.security.SecurityLifecycleService;
|
||||
import org.elasticsearch.xpack.security.action.user.AuthenticateAction;
|
||||
import org.elasticsearch.xpack.security.action.user.ChangePasswordAction;
|
||||
|
@ -201,12 +200,6 @@ public class AuthorizationService extends AbstractComponent {
|
|||
throw denial(authentication, action, request);
|
||||
}
|
||||
|
||||
// we only want the xpack user to use the xpack delete by query action
|
||||
if (XPackDeleteByQueryAction.NAME.equals(action)
|
||||
&& XPackUser.is(authentication.getUser()) == false) {
|
||||
throw denial(authentication, action, request);
|
||||
}
|
||||
|
||||
// some APIs are indices requests that are not actually associated with indices. For example,
|
||||
// search scroll request, is categorized under the indices context, but doesn't hold indices names
|
||||
// (in this case, the security check on the indices was done on the search request that initialized
|
||||
|
|
|
@ -81,7 +81,6 @@ import org.elasticsearch.license.GetLicenseAction;
|
|||
import org.elasticsearch.test.ESTestCase;
|
||||
import org.elasticsearch.threadpool.ThreadPool;
|
||||
import org.elasticsearch.transport.TransportRequest;
|
||||
import org.elasticsearch.xpack.common.action.XPackDeleteByQueryAction;
|
||||
import org.elasticsearch.xpack.security.SecurityLifecycleService;
|
||||
import org.elasticsearch.xpack.security.action.user.AuthenticateAction;
|
||||
import org.elasticsearch.xpack.security.action.user.AuthenticateRequest;
|
||||
|
@ -695,30 +694,6 @@ public class AuthorizationServiceTests extends ESTestCase {
|
|||
assertThat(request.indices(), arrayContaining(".security"));
|
||||
}
|
||||
|
||||
public void testOnlyXPackUserCanExecuteXPackDBQAction() {
|
||||
final User superuser = new User("custom_admin", ReservedRolesStore.SUPERUSER_ROLE_DESCRIPTOR.getName());
|
||||
roleMap.put(ReservedRolesStore.SUPERUSER_ROLE_DESCRIPTOR.getName(), ReservedRolesStore.SUPERUSER_ROLE_DESCRIPTOR);
|
||||
ClusterState state = mock(ClusterState.class);
|
||||
when(clusterService.state()).thenReturn(state);
|
||||
when(state.metaData()).thenReturn(MetaData.builder()
|
||||
.put(new IndexMetaData.Builder(SecurityLifecycleService.SECURITY_INDEX_NAME)
|
||||
.settings(Settings.builder().put("index.version.created", Version.CURRENT).build())
|
||||
.numberOfShards(1).numberOfReplicas(0).build(), true)
|
||||
.build());
|
||||
|
||||
String action = XPackDeleteByQueryAction.NAME;
|
||||
DeleteByQueryRequest request = new DeleteByQueryRequest(new SearchRequest("_all"));
|
||||
authorize(createAuthentication(XPackUser.INSTANCE), action, request);
|
||||
verify(auditTrail).accessGranted(XPackUser.INSTANCE, action, request);
|
||||
assertThat(request.indices(), arrayContaining(".security"));
|
||||
|
||||
DeleteByQueryRequest request1 = new DeleteByQueryRequest(new SearchRequest("_all"));
|
||||
assertThrowsAuthorizationException(
|
||||
() -> authorize(createAuthentication(superuser), action, request1),
|
||||
action, superuser.principal());
|
||||
verify(auditTrail).accessDenied(superuser, action, request1);
|
||||
}
|
||||
|
||||
public void testAnonymousRolesAreAppliedToOtherUsers() {
|
||||
TransportRequest request = new ClusterHealthRequest();
|
||||
Settings settings = Settings.builder().put(AnonymousUser.ROLES_SETTING.getKey(), "anonymous_user_role").build();
|
||||
|
|
|
@ -141,7 +141,6 @@ cluster:admin/xpack/ml/datafeed/stop
|
|||
cluster:admin/xpack/ml/datafeed/start
|
||||
cluster:admin/xpack/ml/job/open
|
||||
cluster:admin/xpack/ml/job/update
|
||||
indices:internal/data/write/xpackdeletebyquery
|
||||
cluster:internal/xpack/ml/job/update/process
|
||||
cluster:admin/xpack/ml/delete_expired_data
|
||||
cluster:admin/persistent/start
|
||||
|
|
Loading…
Reference in New Issue