diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java index 58d7dafac50..0bfc1d75542 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrail.java @@ -6,10 +6,10 @@ package org.elasticsearch.xpack.security.audit; import org.elasticsearch.rest.RestRequest; -import org.elasticsearch.transport.TransportMessage; +import org.elasticsearch.xpack.security.user.User; import org.elasticsearch.xpack.security.authc.AuthenticationToken; import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule; -import org.elasticsearch.xpack.security.user.User; +import org.elasticsearch.transport.TransportMessage; import java.net.InetAddress; diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java index 5882eb84be7..8b7868caad6 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java @@ -5,6 +5,10 @@ */ package org.elasticsearch.xpack.security.audit; +import java.net.InetAddress; +import java.util.Collections; +import java.util.List; + import org.elasticsearch.common.component.AbstractComponent; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.license.XPackLicenseState; @@ -14,10 +18,6 @@ import org.elasticsearch.xpack.security.authc.AuthenticationToken; import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule; import org.elasticsearch.xpack.security.user.User; -import java.net.InetAddress; -import java.util.Collections; -import java.util.List; - public class AuditTrailService extends AbstractComponent implements AuditTrail { private final XPackLicenseState licenseState; diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java index 13789b6aac2..af4bbb63bae 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java @@ -279,7 +279,6 @@ public class LoggingAuditTrail extends AbstractComponent implements AuditTrail, if (events.contains(ACCESS_DENIED)) { String indices = indicesString(message); final LocalNodeInfo localNodeInfo = this.localNodeInfo; - if (indices != null) { logger.info("{}[transport] [access_denied]\t{}, {}, roles=[{}], action=[{}], indices=[{}], request=[{}]", localNodeInfo.prefix, originAttributes(threadContext, message, localNodeInfo), principal(user), diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java index 85b6c5ee0fd..9bba9dfa503 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java @@ -5,6 +5,18 @@ */ package org.elasticsearch.xpack.security.authz; +import java.net.InetSocketAddress; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.SortedMap; +import java.util.concurrent.CopyOnWriteArraySet; +import java.util.stream.Collectors; + import org.elasticsearch.action.AliasesRequest; import org.elasticsearch.action.IndicesRequest; import org.elasticsearch.action.admin.indices.alias.IndicesAliasesRequest; @@ -27,18 +39,6 @@ import org.elasticsearch.transport.RemoteClusterAware; import org.elasticsearch.transport.TransportRequest; import org.elasticsearch.xpack.graph.action.GraphExploreRequest; -import java.net.InetSocketAddress; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.SortedMap; -import java.util.concurrent.CopyOnWriteArraySet; -import java.util.stream.Collectors; - public class IndicesAndAliasesResolver { //placeholder used in the security plugin to indicate that the request is authorized knowing that it will yield an empty response @@ -84,6 +84,7 @@ public class IndicesAndAliasesResolver { *
* Otherwise, N will be added to the local index list. */ + public ResolvedIndices resolve(TransportRequest request, MetaData metaData, AuthorizedIndices authorizedIndices) { if (request instanceof IndicesAliasesRequest) { ResolvedIndices indices = ResolvedIndices.empty(); diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java index 385fb350027..8b7aa2bc46b 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java @@ -6,14 +6,14 @@ package org.elasticsearch.xpack.security.audit; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.license.XPackLicenseState; import org.elasticsearch.rest.RestRequest; -import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.transport.TransportMessage; +import org.elasticsearch.license.XPackLicenseState; +import org.elasticsearch.xpack.security.user.User; import org.elasticsearch.xpack.security.authc.AuthenticationToken; import org.elasticsearch.xpack.security.transport.filter.IPFilter; import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule; -import org.elasticsearch.xpack.security.user.User; +import org.elasticsearch.test.ESTestCase; +import org.elasticsearch.transport.TransportMessage; import org.junit.Before; import java.net.InetAddress; diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java index ea9093bb81f..8936fedcf83 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailMutedTests.java @@ -5,6 +5,11 @@ */ package org.elasticsearch.xpack.security.audit.index; +import java.net.InetAddress; +import java.util.concurrent.BlockingQueue; +import java.util.concurrent.LinkedBlockingQueue; +import java.util.concurrent.atomic.AtomicBoolean; + import org.elasticsearch.action.Action; import org.elasticsearch.action.ActionListener; import org.elasticsearch.action.ActionRequest; @@ -30,11 +35,6 @@ import org.elasticsearch.xpack.security.user.User; import org.junit.After; import org.junit.Before; -import java.net.InetAddress; -import java.util.concurrent.BlockingQueue; -import java.util.concurrent.LinkedBlockingQueue; -import java.util.concurrent.atomic.AtomicBoolean; - import static org.hamcrest.Matchers.is; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verifyZeroInteractions; diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java index 484b0e7acf0..f84713063e4 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java @@ -524,7 +524,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertThat((Iterable) sourceMap.get(IndexAuditTrail.Field.ROLE_NAMES), containsInAnyOrder(role)); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest) message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); } @@ -571,7 +571,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertEquals("_action", sourceMap.get("action")); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest) message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); assertThat((Iterable) sourceMap.get(IndexAuditTrail.Field.ROLE_NAMES), containsInAnyOrder(role));