honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request elastic/elasticsearch#2660 from jaymode/rest_test_teardown 

test: move teardown logic into the rest tests

Original commit: elastic/x-pack-elasticsearch@81a273a4c7
This commit is contained in:
Jay Modi 2016-06-30 12:03:07 -04:00 committed by GitHub
parent 7c1bc0c8de 4999f3a38c
commit 060120b53d
8 changed files with 161 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/authenticate/10_basic.yaml
View File

@ -1,3 +1,4 @@
---
setup: setup:
- skip: - skip:
features: headers features: headers
@ -16,6 +17,13 @@ setup:
"full_name" : "Authenticate User" "full_name" : "Authenticate User"
} }
---
teardown:
- do:
xpack.security.delete_user:
username: "authenticate_user"
ignore: 404
--- ---
"Test authenticate api": "Test authenticate api":

131
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/change_password/10_basic.yaml
View File

@ -1,23 +1,58 @@
--- ---
"Test changing users password": setup:
- skip: - skip:
features: headers features: headers
- do: - do:
cluster.health: cluster.health:
wait_for_status: yellow wait_for_status: yellow
- do: - do:
xpack.security.put_user: xpack.security.put_user:
username: "joe" username: "joe"
body: > body: >
{ {
"password": "s3krit", "password": "s3krit",
"roles" : [ "superuser" ] "roles" : [ "superuser" ]
} }
- match: { user: { created: true } } - do:
xpack.security.put_role:
name: "user"
body: >
{
"cluster": ["monitor"],
"indices": [
{
"names": "*",
"privileges": ["all"]
}
]
}
- do:
xpack.security.put_user:
username: "unprivileged_user"
body: >
{
"password": "s3krit",
"roles" : [ "user" ]
}
# test that the role actually works ---
teardown:
- do:
xpack.security.delete_user:
username: "joe"
ignore: 404
- do:
xpack.security.delete_role:
name: "user"
ignore: 404
- do:
xpack.security.delete_user:
username: "unprivileged_user"
ignore: 404
---
"Test changing users password":
# validate that the user actually works
- do: - do:
headers: headers:
Authorization: "Basic am9lOnMza3JpdA==" Authorization: "Basic am9lOnMza3JpdA=="
@ -49,49 +84,17 @@
--- ---
"Test user changing their own password": "Test user changing their own password":
- skip:
features: headers
- do:
cluster.health:
wait_for_status: yellow
- do:
xpack.security.put_role:
name: "user"
body: >
{
"cluster": ["monitor"],
"indices": [
{
"names": "*",
"privileges": ["all"]
}
]
}
- match: { role: { created: true } }
- do:
xpack.security.put_user:
username: "joe"
body: >
{
"password": "s3krit",
"roles" : [ "user" ]
}
- match: { user: { created: true } }
# test that the role actually works # test that the role actually works
- do: - do:
headers: headers:
Authorization: "Basic am9lOnMza3JpdA==" Authorization: "Basic dW5wcml2aWxlZ2VkX3VzZXI6czNrcml0"
cluster.health: {} cluster.health: {}
- match: { timed_out: false } - match: { timed_out: false }
# change password as the current user. the power_user role only grants the ability to change their own password # change password as the current user. the user role only grants the ability to change their own password
- do: - do:
headers: headers:
Authorization: "Basic am9lOnMza3JpdA==" Authorization: "Basic dW5wcml2aWxlZ2VkX3VzZXI6czNrcml0"
xpack.security.change_password: xpack.security.change_password:
body: > body: >
{ {
@ -102,61 +105,29 @@
- do: - do:
catch: request catch: request
headers: headers:
Authorization: "Basic am9lOnMza3JpdA==" Authorization: "Basic dW5wcml2aWxlZ2VkX3VzZXI6czNrcml0"
cluster.health: {} cluster.health: {}
# login with new credentials # login with new credentials
- do: - do:
headers: headers:
Authorization: "Basic am9lOnMza3JpdDI=" Authorization: "Basic dW5wcml2aWxlZ2VkX3VzZXI6czNrcml0Mg=="
cluster.health: {} cluster.health: {}
- match: { timed_out: false } - match: { timed_out: false }
--- ---
"Test unauthorized user changing anothers password": "Test unauthorized user changing anothers password":
- skip:
features: headers
- do:
cluster.health:
wait_for_status: yellow
- do:
xpack.security.put_role:
name: "user"
body: >
{
"cluster": ["monitor"],
"indices": [
{
"names": "*",
"privileges": ["all"]
}
]
}
- match: { role: { created: true } }
- do:
xpack.security.put_user:
username: "joe"
body: >
{
"password": "s3krit",
"roles" : [ "user" ]
}
- match: { user: { created: true } }
# test that the role actually works # test that the role actually works
- do: - do:
headers: headers:
Authorization: "Basic am9lOnMza3JpdA==" Authorization: "Basic dW5wcml2aWxlZ2VkX3VzZXI6czNrcml0"
cluster.health: {} cluster.health: {}
- match: { timed_out: false } - match: { timed_out: false }
# attempt to change another users password # attempt to change another users password
- do: - do:
headers: headers:
Authorization: "Basic am9lOnMza3JpdA==" Authorization: "Basic dW5wcml2aWxlZ2VkX3VzZXI6czNrcml0"
catch: forbidden catch: forbidden
xpack.security.change_password: xpack.security.change_password:
username: "anotheruser" username: "anotheruser"

39
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/10_basic.yaml
View File

@ -1,12 +1,37 @@
--- ---
"Test put role api": setup:
- skip: - skip:
features: headers features: headers
- do: - do:
cluster.health: cluster.health:
wait_for_status: yellow wait_for_status: yellow
- do:
xpack.security.put_user:
username: "joe"
body: >
{
"password": "s3krit",
"roles" : [ "admin_role" ]
}
---
teardown:
- do:
xpack.security.delete_user:
username: "joe"
ignore: 404
- do:
xpack.security.delete_role:
name: "admin_role"
ignore: 404
- do:
xpack.security.delete_role:
name: "backwards_role"
ignore: 404
---
"Test put role api":
- do: - do:
xpack.security.put_role: xpack.security.put_role:
name: "admin_role" name: "admin_role"
@ -37,16 +62,6 @@
} }
- match: { role: { created: true } } - match: { role: { created: true } }
- do:
xpack.security.put_user:
username: "joe"
body: >
{
"password": "s3krit",
"roles" : [ "admin_role" ]
}
- match: { user: { created: true } }
# test that the role actually works # test that the role actually works
- do: - do:
headers: headers:

28
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/11_idx_arrays.yaml
View File

@ -1,11 +1,32 @@
--- ---
"Test put role api using as array of index names": setup:
- skip: - skip:
features: headers features: headers
- do: - do:
cluster.health: cluster.health:
wait_for_status: yellow wait_for_status: yellow
---
teardown:
- do:
xpack.security.delete_role:
name: "admin_role2"
ignore: 404
- do:
xpack.security.delete_user:
username: "joe"
ignore: 404
- do:
delete:
index: foo
type: doc
id: 1
ignore: 404
---
"Test put role api using as array of index names":
- do: - do:
xpack.security.put_role: xpack.security.put_role:
@ -50,7 +71,6 @@
- match: { _index: foo } - match: { _index: foo }
- match: { _type: doc } - match: { _type: doc }
- match: { _id: "1"} - match: { _id: "1"}
- match: { _version: 1}
- match: { _source: { foo: bar }} - match: { _source: { foo: bar }}
# test that the role works on the cluster level # test that the role works on the cluster level

13
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/users/10_basic.yaml
View File

@ -1,12 +1,21 @@
--- ---
"Test put user api": setup:
- skip: - skip:
features: headers features: headers
- do: - do:
cluster.health: cluster.health:
wait_for_status: yellow wait_for_status: yellow
---
teardown:
- do:
xpack.security.delete_user:
username: "joe"
ignore: 404
---
"Test put user api":
- do: - do:
xpack.security.put_user: xpack.security.put_user:
username: "joe" username: "joe"

22
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/users/15_overwrite_user.yaml
View File

@ -1,22 +1,30 @@
--- ---
"Test overwriting a user": setup:
- skip: - skip:
features: headers features: headers
- do: - do:
cluster.health: cluster.health:
wait_for_status: yellow wait_for_status: yellow
- do: - do:
xpack.security.put_user: xpack.security.put_user:
username: "joe" username: "joe"
body: > body: >
{ {
"password": "s3krit", "password": "s3krit",
"roles" : [ "superuser" ] "roles" : [ "superuser" ]
} }
- match: { user: { created: true } }
---
teardown:
- do:
xpack.security.delete_user:
username: "joe"
ignore: 404
---
"Test overwriting a user":
- do: - do:
xpack.security.get_user: xpack.security.get_user:
username: "joe" username: "joe"

46
elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/users/16_update_user.yaml
View File

@ -1,24 +1,5 @@
--- ---
"Test creating a user without password": setup:
- do:
cluster.health:
wait_for_status: yellow
- do:
catch: request
xpack.security.put_user:
username: "joe"
body: >
{
"roles" : [ "superuser" ]
}
- match: { error.root_cause.0.reason: 'Validation Failed: 1: password must be specified unless you are updating an existing user;' }
---
"Test create user and update without and with password":
- skip:
features: headers
- do: - do:
cluster.health: cluster.health:
wait_for_status: yellow wait_for_status: yellow
@ -31,7 +12,30 @@
"password": "s3krit", "password": "s3krit",
"roles" : [ "superuser" ] "roles" : [ "superuser" ]
} }
- match: { user: { created: true } }
---
teardown:
- do:
xpack.security.delete_user:
username: "joe"
ignore: 404
---
"Test creating a user without password":
- do:
catch: request
xpack.security.put_user:
username: "no_password_user"
body: >
{
"roles" : [ "superuser" ]
}
- match: { error.root_cause.0.reason: 'Validation Failed: 1: password must be specified unless you are updating an existing user;' }
---
"Test create user and update without and with password":
- skip:
features: headers
# test that the role actually works # test that the role actually works
- do: - do:

23
elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java
View File

@ -63,29 +63,6 @@ public abstract class XPackRestTestCase extends ESRestTestCase {
} }
} }
@After
public void clearUsersAndRoles() throws Exception {
// we cannot delete the .security index from a rest test since we aren't the internal user, lets wipe the data
// TODO remove this once the built-in SUPERUSER role is added that can delete the index and we use the built in admin user here
RestTestResponse response = getAdminExecutionContext().callApi("xpack.security.get_user", emptyMap(), emptyList(), emptyMap());
@SuppressWarnings("unchecked")
Map<String, Object> users = (Map<String, Object>) response.getBody();
for (String user: users.keySet()) {
if (ReservedRealm.isReserved(user) == false) {
getAdminExecutionContext().callApi("xpack.security.delete_user", singletonMap("username", user), emptyList(), emptyMap());
}
}
response = getAdminExecutionContext().callApi("xpack.security.get_role", emptyMap(), emptyList(), emptyMap());
@SuppressWarnings("unchecked")
Map<String, Object> roles = (Map<String, Object>) response.getBody();
for (String role: roles.keySet()) {
if (ReservedRolesStore.isReserved(role) == false) {
getAdminExecutionContext().callApi("xpack.security.delete_role", singletonMap("name", role), emptyList(), emptyMap());
}
}
}
@Override @Override
protected Settings restClientSettings() { protected Settings restClientSettings() {
return Settings.builder() return Settings.builder()