switch to RoleDescriptor jsonification, rename esusersSettings -> fileRealmSettings

Original commit: elastic/x-pack-elasticsearch@a7181a329a
This commit is contained in:
Lee Hinman 2016-06-29 09:56:52 -06:00
parent b4c19734ac
commit 27fb1e036e
2 changed files with 9 additions and 53 deletions

View File

@ -244,9 +244,9 @@ public class ESNativeRealmMigrateTool extends MultiCommand {
public void importUsers(Terminal terminal, Settings settings, Environment env, OptionSet options) {
String usersCsv = usersToMigrateCsv.value(options);
String[] usersToMigrate = (usersCsv != null) ? usersCsv.split(",") : Strings.EMPTY_ARRAY;
Settings esusersSettings = Realms.fileRealmSettings(settings);
Path usersFile = FileUserPasswdStore.resolveFile(esusersSettings, env);
Path usersRolesFile = FileUserRolesStore.resolveFile(esusersSettings, env);
Settings fileRealmSettings = Realms.fileRealmSettings(settings);
Path usersFile = FileUserPasswdStore.resolveFile(fileRealmSettings, env);
Path usersRolesFile = FileUserRolesStore.resolveFile(fileRealmSettings, env);
terminal.println("importing users from [" + usersFile + "]...");
Map<String, char[]> userToHashedPW = FileUserPasswdStore.parseFile(usersFile, null);
Map<String, String[]> userToRoles = FileUserRolesStore.parseFile(usersRolesFile, null);
@ -303,67 +303,22 @@ public class ESNativeRealmMigrateTool extends MultiCommand {
public static String createRoleJson(RoleDescriptor rd) throws IOException {
XContentBuilder builder = jsonBuilder();
builder.startObject();
{
String[] clusterStrings = rd.getClusterPrivileges();
String[] runAs = rd.getRunAs();
RoleDescriptor.IndicesPrivileges[] indicesPrivileges = rd.getIndicesPrivileges();
if (clusterStrings != null && clusterStrings.length > 0) {
builder.array("cluster", clusterStrings);
}
if (runAs != null && runAs.length > 0) {
builder.array("run_as", runAs);
}
if (indicesPrivileges != null && indicesPrivileges.length > 0) {
builder.startArray("indices");
for (RoleDescriptor.IndicesPrivileges ip : indicesPrivileges) {
builder.startObject();
{
String[] indices = ip.getIndices();
String[] privs = ip.getPrivileges();
String[] fields = ip.getFields();
BytesReference query = ip.getQuery();
if (indices != null && indices.length > 0) {
builder.array("names", indices);
}
if (privs != null && privs.length > 0) {
builder.array("privileges", privs);
}
if (fields != null && fields.length > 0) {
builder.array("fields", fields);
}
if (query != null) {
builder.field("query", query.toUtf8());
}
}
builder.endObject();
}
builder.endArray();
}
}
builder.endObject();
rd.toXContent(builder, ToXContent.EMPTY_PARAMS);
return builder.string();
}
public void importRoles(Terminal terminal, Settings settings, Environment env, OptionSet options) {
String rolesCsv = rolesToMigrateCsv.value(options);
String[] rolesToMigrate = (rolesCsv != null) ? rolesCsv.split(",") : Strings.EMPTY_ARRAY;
Settings esusersSettings = Realms.fileRealmSettings(settings);
Path rolesFile = FileRolesStore.resolveFile(esusersSettings, env).toAbsolutePath();
Settings fileRealmSettings = Realms.fileRealmSettings(settings);
Path rolesFile = FileRolesStore.resolveFile(fileRealmSettings, env).toAbsolutePath();
terminal.println("importing roles from [" + rolesFile + "]...");
Map<String, RoleDescriptor> roles = FileRolesStore.parseRoleDescriptors(rolesFile, null, true, Settings.EMPTY);
Set<String> existingRoles;
try {
existingRoles = getRolesThatExist(terminal, settings, env, options);
} catch (Exception e) {
thow new ElasticsearchException("failed to get roles that already exist, skipping role import", e);
throw new ElasticsearchException("failed to get roles that already exist, skipping role import", e);
}
if (rolesToMigrate.length == 0) {
rolesToMigrate = roles.keySet().toArray(new String[roles.size()]);

View File

@ -43,7 +43,8 @@ public class ESNativeRealmMigrateToolTests extends CommandTestCase {
String[] runAs = Strings.EMPTY_ARRAY;
RoleDescriptor rd = new RoleDescriptor("rolename", cluster, ips, runAs);
assertThat(ESNativeRealmMigrateTool.MigrateUserOrRoles.createRoleJson(rd),
equalTo("{\"indices\":[{\"names\":[\"i1\",\"i2\",\"i3\"],\"privileges\":[\"all\"],\"fields\":[\"body\"]}]}"));
equalTo("{\"cluster\":[],\"indices\":[{\"names\":[\"i1\",\"i2\",\"i3\"]," +
"\"privileges\":[\"all\"],\"fields\":[\"body\"]}],\"run_as\":[]}"));
}