Merge remote-tracking branch 'origin/master' into strict-booleans

Original commit: elastic/x-pack-elasticsearch@32a533f38f

elasticsearch/src/main/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrail.java

@@ -445,7 +445,8 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
         if (events.contains(REALM_AUTHENTICATION_FAILED)) {
             if (XPackUser.is(token.principal()) == false) {
                 try {
-                    enqueue(message("authentication_failed", action, token, realm, indices(message), message), "authentication_failed");
+                    enqueue(message("realm_authentication_failed", action, token, realm, indices(message), message),
+                            "realm_authentication_failed");
                 } catch (Exception e) {
                     logger.warn("failed to index audit event: [authentication_failed]", e);
                 }
@@ -458,7 +459,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
         if (events.contains(REALM_AUTHENTICATION_FAILED)) {
             if (XPackUser.is(token.principal()) == false) {
                 try {
-                    enqueue(message("authentication_failed", null, token, realm, null, request), "authentication_failed");
+                    enqueue(message("realm_authentication_failed", null, token, realm, null, request), "realm_authentication_failed");
                 } catch (Exception e) {
                     logger.warn("failed to index audit event: [authentication_failed]", e);
                 }

elasticsearch/src/main/java/org/elasticsearch/xpack/watcher/execution/ExecutionPhase.java

@@ -9,13 +9,21 @@ import java.util.Locale;
 
 public enum ExecutionPhase {
 
+    // awaiting execution of the watch
     AWAITS_EXECUTION(false),
+    // initial phase, watch execution has started, but the input is not yet processed
     STARTED(false),
+    // input is being executed
     INPUT(false),
+    // condition phase is being executed
     CONDITION(false),
+    // transform phase (optional, depends if a global transform was configured in the watch)
     WATCH_TRANSFORM(false),
+    // actions phase, all actions, including specific action transforms
     ACTIONS(false),
+    // missing watch, failed execution of input/condition/transform,
     ABORTED(true),
+    // successful run
     FINISHED(true);
 
     private final boolean sealed;

elasticsearch/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java

@@ -521,16 +521,12 @@ public class IndexPrivilegeTests extends AbstractPrivilegeTestCase {
                     assertAccessIsAllowed("admin", "GET", "/" + index + "/foo/1");
                     assertAccessIsAllowed(user, "GET", "/" + index + "/foo/1/_explain", "{ \"query\" : { \"match_all\" : {} } }");
                     assertAccessIsAllowed(user, "GET", "/" + index + "/foo/1/_termvector");
-                    assertAccessIsAllowed(user, "GET",
-                            "/" + index + "/_suggest", "{ \"sgs\" : { \"text\" : \"foo\", \"term\" : { \"field\" : \"body\" } } }");
                     assertUserIsAllowed(user, "search", index);
                 } else {
                     assertAccessIsDenied(user, "GET", "/" + index + "/_count");
                     assertAccessIsDenied(user, "GET", "/" + index + "/_search");
                     assertAccessIsDenied(user, "GET", "/" + index + "/foo/1/_explain", "{ \"query\" : { \"match_all\" : {} } }");
                     assertAccessIsDenied(user, "GET", "/" + index + "/foo/1/_termvector");
-                    assertAccessIsDenied(user,
-                            "GET", "/" + index + "/_suggest", "{ \"sgs\" : { \"text\" : \"foo\", \"term\" : { \"field\" : \"body\" } } }");
                     assertUserIsDenied(user, "search", index);
                 }
                 break;
@@ -538,12 +534,8 @@ public class IndexPrivilegeTests extends AbstractPrivilegeTestCase {
             case "search" :
                 if (userIsAllowed) {
                     assertAccessIsAllowed(user, "GET", "/" + index + "/_search");
-                    assertAccessIsAllowed(user, "GET", "/" + index + "/_suggest", "{ \"my-suggestion\" : { \"text\":\"elasticsearch\", " +
-                            "\"term\" : { \"field\" : \"name\" } } }");
                 } else {
                     assertAccessIsDenied(user, "GET", "/" + index + "/_search");
-                    assertAccessIsDenied(user, "GET", "/" + index + "/_suggest", "{ \"my-suggestion\" : { \"text\":\"elasticsearch\", " +
-                            "\"term\" : { \"field\" : \"name\" } } }");
                 }
                 break;
 

elasticsearch/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java

@@ -8,6 +8,7 @@ package org.elasticsearch.xpack.notification.email.attachment;
 import org.elasticsearch.ElasticsearchParseException;
 import org.elasticsearch.common.ParseField;
 import org.elasticsearch.common.xcontent.ToXContent;
+import org.elasticsearch.common.xcontent.XContent;
 import org.elasticsearch.common.xcontent.XContentBuilder;
 import org.elasticsearch.common.xcontent.XContentParser;
 import org.elasticsearch.common.xcontent.json.JsonXContent;
@@ -115,8 +116,8 @@ public class EmailAttachmentParsersTests extends ESTestCase {
     }
 
     public void testThatTwoAttachmentsWithTheSameIdThrowError() throws Exception {
-        assumeFalse("Test only makes sense if JSON parser doesn't have strict duplicate checks enabled",
-                JsonXContent.isStrictDuplicateDetectionEnabled());
+        assumeFalse("Test only makes sense if XContent parser doesn't have strict duplicate checks enabled",
+                XContent.isStrictDuplicateDetectionEnabled());
         Map<String, EmailAttachmentParser> parsers = new HashMap<>();
         parsers.put("test", new TestEmailAttachmentParser());
         EmailAttachmentsParser parser = new EmailAttachmentsParser(parsers);

elasticsearch/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java

@@ -404,7 +404,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
         auditor.authenticationFailed("_realm", new MockToken(), "_action", message);
         SearchHit hit = getIndexedAuditMessage(enqueuedMessage.get());
 
-        assertAuditMessage(hit, "transport", "authentication_failed");
+        assertAuditMessage(hit, "transport", "realm_authentication_failed");
         Map<String, Object> sourceMap = hit.sourceAsMap();
 
         if (message instanceof RemoteHostMockMessage) {
@@ -430,7 +430,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
         auditor.authenticationFailed("_realm", new MockToken(), request);
         SearchHit hit = getIndexedAuditMessage(enqueuedMessage.get());
 
-        assertAuditMessage(hit, "rest", "authentication_failed");
+        assertAuditMessage(hit, "rest", "realm_authentication_failed");
         Map<String, Object> sourceMap = hit.sourceAsMap();
         assertThat("127.0.0.1", equalTo(sourceMap.get("origin_address")));
         assertThat("_uri", equalTo(sourceMap.get("uri")));

elasticsearch/src/test/java/org/elasticsearch/xpack/watcher/condition/ArrayCompareConditionTests.java

@@ -6,6 +6,7 @@
 package org.elasticsearch.xpack.watcher.condition;
 
 import org.elasticsearch.ElasticsearchParseException;
+import org.elasticsearch.common.xcontent.XContent;
 import org.elasticsearch.common.xcontent.XContentBuilder;
 import org.elasticsearch.common.xcontent.XContentParser;
 import org.elasticsearch.common.xcontent.json.JsonXContent;
@@ -194,8 +195,8 @@ public class ArrayCompareConditionTests extends ESTestCase {
     }
 
     public void testParseContainsDuplicateOperator() throws IOException {
-        assumeFalse("Test only makes sense if JSON parser doesn't have strict duplicate checks enabled",
-                JsonXContent.isStrictDuplicateDetectionEnabled());
+        assumeFalse("Test only makes sense if XContent parser doesn't have strict duplicate checks enabled",
+                XContent.isStrictDuplicateDetectionEnabled());
         ArrayCompareCondition.Op op = randomFrom(ArrayCompareCondition.Op.values());
         ArrayCompareCondition.Quantifier quantifier = randomFrom(ArrayCompareCondition.Quantifier.values());
         Object value = randomFrom("value", 1, null);
@@ -247,8 +248,8 @@ public class ArrayCompareConditionTests extends ESTestCase {
     }
 
     public void testParseContainsDuplicateValue() throws IOException {
-        assumeFalse("Test only makes sense if JSON parser doesn't have strict duplicate checks enabled",
-                JsonXContent.isStrictDuplicateDetectionEnabled());
+        assumeFalse("Test only makes sense if XContent parser doesn't have strict duplicate checks enabled",
+                XContent.isStrictDuplicateDetectionEnabled());
         ArrayCompareCondition.Op op = randomFrom(ArrayCompareCondition.Op.values());
         ArrayCompareCondition.Quantifier quantifier = randomFrom(ArrayCompareCondition.Quantifier.values());
         Object value = randomFrom("value", 1, null);
@@ -274,8 +275,8 @@ public class ArrayCompareConditionTests extends ESTestCase {
     }
 
     public void testParseContainsDuplicateQuantifier() throws IOException {
-        assumeFalse("Test only makes sense if JSON parser doesn't have strict duplicate checks enabled",
-                JsonXContent.isStrictDuplicateDetectionEnabled());
+        assumeFalse("Test only makes sense if XContent parser doesn't have strict duplicate checks enabled",
+                XContent.isStrictDuplicateDetectionEnabled());
         ArrayCompareCondition.Op op = randomFrom(ArrayCompareCondition.Op.values());
         ArrayCompareCondition.Quantifier quantifier = randomFrom(ArrayCompareCondition.Quantifier.values());
         Object value = randomFrom("value", 1, null);

elasticsearch/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BootStrapTests.java

@@ -134,8 +134,10 @@ public class BootStrapTests extends AbstractWatcherIntegrationTestCase {
     }
 
     public void testDeletedWhileQueued() throws Exception {
-        assertAcked(client().admin().indices().prepareCreate(".watches"));
-
+        if (client().admin().indices().prepareExists(Watch.INDEX).get().isExists() == false) {
+            // we rarely create an .watches alias in the base class
+            assertAcked(client().admin().indices().prepareCreate(Watch.INDEX));
+        }
         DateTime now = DateTime.now(UTC);
         Wid wid = new Wid("_id", 1, now);
         ScheduleTriggerEvent event = new ScheduleTriggerEvent("_id", now, now);
@@ -314,8 +316,10 @@ public class BootStrapTests extends AbstractWatcherIntegrationTestCase {
         // Watcher could prevent to start if a watch record tried to executed twice or more and the watch didn't exist
         // for that watch record or the execution threadpool rejected the watch record.
         // A watch record without a watch is the easiest to simulate, so that is what this test does.
-        assertAcked(client().admin().indices().prepareCreate(Watch.INDEX));
-
+        if (client().admin().indices().prepareExists(Watch.INDEX).get().isExists() == false) {
+            // we rarely create an .watches alias in the base class
+            assertAcked(client().admin().indices().prepareCreate(Watch.INDEX));
+        }
         DateTime triggeredTime = new DateTime(2015, 11, 5, 0, 0, 0, 0, DateTimeZone.UTC);
         final String watchRecordIndex = HistoryStore.getHistoryIndexNameForTime(triggeredTime);