remove use of ImmutableList in shield
Original commit: elastic/x-pack-elasticsearch@83be549a11
This commit is contained in:
jaymode
parent
b9ac72efd7
commit
2de31460c8
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.action.ActionModule;
|
||||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.client.support.Headers;
|
||||
|
|
@ -117,26 +116,25 @@ public class ShieldPlugin extends Plugin {
|
|||
if (enabled && clientMode == false) {
|
||||
failIfShieldQueryCacheIsNotActive(settings, false);
|
||||
}
|
||||
return ImmutableList.of();
|
||||
return Collections.emptyList();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Module> shardModules(Settings settings) {
|
||||
if (enabled && clientMode == false) {
|
||||
failIfShieldQueryCacheIsNotActive(settings, false);
|
||||
return ImmutableList.<Module>of(new AccessControlShardModule(settings));
|
||||
return Collections.<Module>singletonList(new AccessControlShardModule(settings));
|
||||
} else {
|
||||
return ImmutableList.of();
|
||||
return Collections.emptyList();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Class<? extends LifecycleComponent>> nodeServices() {
|
||||
ImmutableList.Builder<Class<? extends LifecycleComponent>> builder = ImmutableList.builder();
|
||||
if (enabled && clientMode == false) {
|
||||
builder.add(LicenseService.class).add(InternalCryptoService.class).add(FileRolesStore.class).add(Realms.class).add(IPFilter.class);
|
||||
return Arrays.<Class<? extends LifecycleComponent>>asList(LicenseService.class, InternalCryptoService.class, FileRolesStore.class, Realms.class, IPFilter.class);
|
||||
}
|
||||
return builder.build();
|
||||
return Collections.emptyList();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authc;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.common.inject.multibindings.MapBinder;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.shield.authc.activedirectory.ActiveDirectoryRealm;
|
||||
|
|
@ -22,7 +21,7 @@ import java.util.Map.Entry;
|
|||
*/
|
||||
public class AuthenticationModule extends AbstractShieldModule.Node {
|
||||
|
||||
private static final List<String> INTERNAL_REALM_TYPES = ImmutableList.of(ESUsersRealm.TYPE, ActiveDirectoryRealm.TYPE, LdapRealm.TYPE, PkiRealm.TYPE);
|
||||
private static final List<String> INTERNAL_REALM_TYPES = Arrays.asList(ESUsersRealm.TYPE, ActiveDirectoryRealm.TYPE, LdapRealm.TYPE, PkiRealm.TYPE);
|
||||
|
||||
private final Map<String, Class<? extends Realm.Factory<? extends Realm<? extends AuthenticationToken>>>> customRealms = new HashMap<>();
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authc.activedirectory;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.primitives.Ints;
|
||||
import com.unboundid.ldap.sdk.*;
|
||||
import org.elasticsearch.common.Strings;
|
||||
|
|
@ -47,11 +46,10 @@ public class ActiveDirectoryGroupsResolver implements GroupsResolver {
|
|||
throw Exceptions.authenticationError("failed to fetch AD groups for DN [{}]", e, userDn);
|
||||
}
|
||||
|
||||
ImmutableList.Builder<String> groups = ImmutableList.builder();
|
||||
List<String> groupList = new ArrayList<>();
|
||||
for (SearchResultEntry entry : results.getSearchEntries()) {
|
||||
groups.add(entry.getDN());
|
||||
groupList.add(entry.getDN());
|
||||
}
|
||||
List<String> groupList = groups.build();
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("found these groups [{}] for userDN [{}]", groupList, userDn);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,11 +5,12 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authz;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.shield.User;
|
||||
import org.elasticsearch.transport.TransportRequest;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
|
|
@ -21,7 +22,7 @@ public interface AuthorizationService {
|
|||
* @param user The user
|
||||
* @param action The action
|
||||
*/
|
||||
ImmutableList<String> authorizedIndicesAndAliases(User user, String action);
|
||||
List<String> authorizedIndicesAndAliases(User user, String action);
|
||||
|
||||
/**
|
||||
* Verifies that the given user can execute the given request (and action). If the user doesn't
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ package org.elasticsearch.shield.authz;
|
|||
|
||||
import com.google.common.base.Predicate;
|
||||
import com.google.common.base.Predicates;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.Sets;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.action.CompositeIndicesRequest;
|
||||
|
|
@ -34,8 +33,7 @@ import org.elasticsearch.shield.authz.indicesresolver.IndicesAndAliasesResolver;
|
|||
import org.elasticsearch.shield.authz.store.RolesStore;
|
||||
import org.elasticsearch.transport.TransportRequest;
|
||||
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.*;
|
||||
|
||||
import static org.elasticsearch.shield.support.Exceptions.authorizationError;
|
||||
|
||||
|
|
@ -68,12 +66,12 @@ public class InternalAuthorizationService extends AbstractComponent implements A
|
|||
}
|
||||
|
||||
@Override
|
||||
public ImmutableList<String> authorizedIndicesAndAliases(User user, String action) {
|
||||
public List<String> authorizedIndicesAndAliases(User user, String action) {
|
||||
String[] roles = user.roles();
|
||||
if (roles.length == 0) {
|
||||
return ImmutableList.of();
|
||||
return Collections.emptyList();
|
||||
}
|
||||
ImmutableList.Builder<Predicate<String>> predicates = ImmutableList.builder();
|
||||
List<Predicate<String>> predicates = new ArrayList<>();
|
||||
for (String role : roles) {
|
||||
Permission.Global.Role global = rolesStore.role(role);
|
||||
if (global != null) {
|
||||
|
|
@ -81,8 +79,8 @@ public class InternalAuthorizationService extends AbstractComponent implements A
|
|||
}
|
||||
}
|
||||
|
||||
ImmutableList.Builder<String> indicesAndAliases = ImmutableList.builder();
|
||||
Predicate<String> predicate = Predicates.or(predicates.build());
|
||||
List<String> indicesAndAliases = new ArrayList<>();
|
||||
Predicate<String> predicate = Predicates.or(predicates);
|
||||
MetaData metaData = clusterService.state().metaData();
|
||||
// TODO: can this be done smarter? I think there are usually more indices/aliases in the cluster then indices defined a roles?
|
||||
for (Map.Entry<String, AliasOrIndex> entry : metaData.getAliasAndIndexLookup().entrySet()) {
|
||||
|
|
@ -91,7 +89,7 @@ public class InternalAuthorizationService extends AbstractComponent implements A
|
|||
indicesAndAliases.add(aliasOrIndex);
|
||||
}
|
||||
}
|
||||
return indicesAndAliases.build();
|
||||
return Collections.unmodifiableList(indicesAndAliases);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -9,7 +9,10 @@ import com.google.common.base.Predicate;
|
|||
import com.google.common.cache.CacheBuilder;
|
||||
import com.google.common.cache.CacheLoader;
|
||||
import com.google.common.cache.LoadingCache;
|
||||
import com.google.common.collect.*;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Iterators;
|
||||
import com.google.common.collect.UnmodifiableIterator;
|
||||
import org.elasticsearch.cluster.metadata.AliasOrIndex;
|
||||
import org.elasticsearch.cluster.metadata.IndexMetaData;
|
||||
import org.elasticsearch.cluster.metadata.MetaData;
|
||||
|
|
@ -118,7 +121,7 @@ public interface Permission {
|
|||
|
||||
private final String name;
|
||||
private Cluster.Core cluster = Cluster.Core.NONE;
|
||||
private ImmutableList.Builder<Indices.Group> groups = ImmutableList.builder();
|
||||
private List<Indices.Group> groups = new ArrayList<>();
|
||||
|
||||
private Builder(String name) {
|
||||
this.name = name;
|
||||
|
|
@ -140,8 +143,7 @@ public interface Permission {
|
|||
}
|
||||
|
||||
public Role build() {
|
||||
ImmutableList<Indices.Group> list = groups.build();
|
||||
Indices.Core indices = list.isEmpty() ? Indices.Core.NONE : new Indices.Core(list.toArray(new Indices.Group[list.size()]));
|
||||
Indices.Core indices = groups.isEmpty() ? Indices.Core.NONE : new Indices.Core(groups.toArray(new Indices.Group[groups.size()]));
|
||||
return new Role(name, cluster, indices);
|
||||
}
|
||||
}
|
||||
|
|
@ -149,7 +151,7 @@ public interface Permission {
|
|||
|
||||
static class Compound extends Global {
|
||||
|
||||
public Compound(ImmutableList<Global> globals) {
|
||||
public Compound(List<Global> globals) {
|
||||
super(new Cluster.Globals(globals), new Indices.Globals(globals));
|
||||
}
|
||||
|
||||
|
|
@ -159,7 +161,7 @@ public interface Permission {
|
|||
|
||||
public static class Builder {
|
||||
|
||||
private ImmutableList.Builder<Global> globals = ImmutableList.builder();
|
||||
private List<Global> globals = new ArrayList<>();
|
||||
|
||||
private Builder() {
|
||||
}
|
||||
|
|
@ -170,7 +172,7 @@ public interface Permission {
|
|||
}
|
||||
|
||||
public Compound build() {
|
||||
return new Compound(globals.build());
|
||||
return new Compound(Collections.unmodifiableList(globals));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -218,9 +220,9 @@ public interface Permission {
|
|||
|
||||
static class Globals implements Cluster {
|
||||
|
||||
private final ImmutableList<Global> globals;
|
||||
private final List<Global> globals;
|
||||
|
||||
public Globals(ImmutableList<Global> globals) {
|
||||
public Globals(List<Global> globals) {
|
||||
this.globals = globals;
|
||||
}
|
||||
|
||||
|
|
@ -275,13 +277,13 @@ public interface Permission {
|
|||
.build(new CacheLoader<String, Predicate<String>>() {
|
||||
@Override
|
||||
public Predicate<String> load(String action) throws Exception {
|
||||
ImmutableList.Builder<String> indices = ImmutableList.builder();
|
||||
List<String> indices = new ArrayList<>();
|
||||
for (Group group : groups) {
|
||||
if (group.actionMatcher.apply(action)) {
|
||||
indices.add(group.indices);
|
||||
indices.addAll(Arrays.asList(group.indices));
|
||||
}
|
||||
}
|
||||
return new AutomatonPredicate(Automatons.patterns(indices.build()));
|
||||
return new AutomatonPredicate(Automatons.patterns(Collections.unmodifiableList(indices)));
|
||||
}
|
||||
});
|
||||
|
||||
|
|
@ -392,9 +394,9 @@ public interface Permission {
|
|||
|
||||
public static class Globals implements Indices {
|
||||
|
||||
private final ImmutableList<Global> globals;
|
||||
private final List<Global> globals;
|
||||
|
||||
public Globals(ImmutableList<Global> globals) {
|
||||
public Globals(List<Global> globals) {
|
||||
this.globals = globals;
|
||||
}
|
||||
|
||||
|
|
@ -453,7 +455,7 @@ public interface Permission {
|
|||
private final Iterator<Global> globals;
|
||||
private Iterator<Group> current;
|
||||
|
||||
Iter(ImmutableList<Global> globals) {
|
||||
Iter(List<Global> globals) {
|
||||
this.globals = globals.iterator();
|
||||
advance();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authz.indicesresolver;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.Sets;
|
||||
import org.elasticsearch.action.AliasesRequest;
|
||||
import org.elasticsearch.action.CompositeIndicesRequest;
|
||||
|
|
@ -66,7 +65,7 @@ public class DefaultIndicesAndAliasesResolver implements IndicesAndAliasesResolv
|
|||
private Set<String> resolveIndicesAndAliases(User user, String action, IndicesRequest indicesRequest, MetaData metaData) {
|
||||
if (indicesRequest.indicesOptions().expandWildcardsOpen() || indicesRequest.indicesOptions().expandWildcardsClosed()) {
|
||||
if (indicesRequest instanceof IndicesRequest.Replaceable) {
|
||||
ImmutableList<String> authorizedIndices = authzService.authorizedIndicesAndAliases(user, action);
|
||||
List<String> authorizedIndices = authzService.authorizedIndicesAndAliases(user, action);
|
||||
List<String> indices = replaceWildcardsWithAuthorizedIndices(indicesRequest.indices(), indicesRequest.indicesOptions(), metaData, authorizedIndices);
|
||||
((IndicesRequest.Replaceable) indicesRequest).indices(indices.toArray(new String[indices.size()]));
|
||||
} else {
|
||||
|
|
@ -86,7 +85,7 @@ public class DefaultIndicesAndAliasesResolver implements IndicesAndAliasesResolv
|
|||
//AliasesRequest extends IndicesRequest.Replaceable, hence its indices have already been properly replaced.
|
||||
AliasesRequest aliasesRequest = (AliasesRequest) indicesRequest;
|
||||
if (aliasesRequest.expandAliasesWildcards()) {
|
||||
ImmutableList<String> authorizedIndices = authzService.authorizedIndicesAndAliases(user, action);
|
||||
List<String> authorizedIndices = authzService.authorizedIndicesAndAliases(user, action);
|
||||
List<String> aliases = replaceWildcardsWithAuthorizedAliases(aliasesRequest.aliases(), loadAuthorizedAliases(authorizedIndices, metaData));
|
||||
aliasesRequest.aliases(aliases.toArray(new String[aliases.size()]));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.license;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.ElasticsearchException;
|
||||
import org.elasticsearch.common.component.AbstractLifecycleComponent;
|
||||
import org.elasticsearch.common.inject.Inject;
|
||||
|
|
@ -17,10 +16,7 @@ import org.elasticsearch.license.core.License;
|
|||
import org.elasticsearch.license.plugin.core.LicensesClientService;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
*
|
||||
|
|
@ -46,7 +42,7 @@ public class LicenseService extends AbstractLifecycleComponent<LicenseService> {
|
|||
super(settings);
|
||||
this.licensesClientService = licensesClientService;
|
||||
this.notifier = notifier;
|
||||
this.expirationLoggers = ImmutableList.of(
|
||||
this.expirationLoggers = Arrays.asList(
|
||||
new LicensesClientService.ExpirationCallback.Pre(days(7), days(30), days(1)) {
|
||||
@Override
|
||||
public void on(License license, LicensesClientService.ExpirationStatus status) {
|
||||
|
|
|
|||
|
|
@ -5,13 +5,13 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.support;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import dk.brics.automaton.Automaton;
|
||||
import dk.brics.automaton.BasicAutomata;
|
||||
import dk.brics.automaton.BasicOperations;
|
||||
import dk.brics.automaton.RegExp;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -35,7 +35,7 @@ public final class Automatons {
|
|||
* Builds and returns an automaton that will represent the union of all the given patterns.
|
||||
*/
|
||||
public static Automaton patterns(String... patterns) {
|
||||
return patterns(ImmutableList.copyOf(patterns));
|
||||
return patterns(Arrays.asList(patterns));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authc;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.ElasticsearchException;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.common.io.stream.BytesStreamOutput;
|
||||
|
|
@ -27,6 +26,7 @@ import org.junit.Rule;
|
|||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -68,7 +68,7 @@ public class InternalAuthenticationServiceTests extends ESTestCase {
|
|||
realms = new Realms(Settings.EMPTY, new Environment(settings), Collections.<String, Realm.Factory>emptyMap(), mock(ShieldSettingsFilter.class)) {
|
||||
@Override
|
||||
protected List<Realm> initRealms() {
|
||||
return ImmutableList.of(firstRealm, secondRealm);
|
||||
return Arrays.asList(firstRealm, secondRealm);
|
||||
}
|
||||
};
|
||||
realms.start();
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
package org.elasticsearch.shield.authc.esusers;
|
||||
|
||||
import com.google.common.base.Charsets;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import org.elasticsearch.common.logging.ESLogger;
|
||||
import org.elasticsearch.common.logging.ESLoggerFactory;
|
||||
|
|
@ -29,6 +28,8 @@ import java.nio.file.Files;
|
|||
import java.nio.file.Path;
|
||||
import java.nio.file.StandardCopyOption;
|
||||
import java.nio.file.StandardOpenOption;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.CountDownLatch;
|
||||
|
|
@ -68,7 +69,7 @@ public class FileUserPasswdStoreTests extends ESTestCase {
|
|||
Path file = createTempFile();
|
||||
|
||||
// writing in utf_16 should cause a parsing error as we try to read the file in utf_8
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
|
||||
Settings esusersSettings = Settings.builder()
|
||||
.put("files.users", file.toAbsolutePath())
|
||||
|
|
@ -146,7 +147,7 @@ public class FileUserPasswdStoreTests extends ESTestCase {
|
|||
watcherService.start();
|
||||
|
||||
// now replacing the content of the users file with something that cannot be read
|
||||
Files.write(tmp, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(tmp, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
|
||||
if (!latch.await(5, TimeUnit.SECONDS)) {
|
||||
fail("Waited too long for the updated file to be picked up");
|
||||
|
|
@ -198,7 +199,7 @@ public class FileUserPasswdStoreTests extends ESTestCase {
|
|||
public void testParseFile_WhenCannotReadFile() throws Exception {
|
||||
Path file = createTempFile();
|
||||
// writing in utf_16 should cause a parsing error as we try to read the file in utf_8
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
CapturingLogger logger = new CapturingLogger(CapturingLogger.Level.INFO);
|
||||
try {
|
||||
FileUserPasswdStore.parseFile(file, logger);
|
||||
|
|
@ -211,7 +212,7 @@ public class FileUserPasswdStoreTests extends ESTestCase {
|
|||
@Test
|
||||
public void testParseFile_InvalidLineDoesNotResultInLoggerNPE() throws Exception {
|
||||
Path file = createTempFile();
|
||||
Files.write(file, ImmutableList.of("NotValidUsername=Password", "user:pass"), Charsets.UTF_8);
|
||||
Files.write(file, Arrays.asList("NotValidUsername=Password", "user:pass"), Charsets.UTF_8);
|
||||
Map<String, char[]> users = FileUserPasswdStore.parseFile(file, null);
|
||||
assertThat(users, notNullValue());
|
||||
assertThat(users.keySet(), hasSize(1));
|
||||
|
|
@ -221,7 +222,7 @@ public class FileUserPasswdStoreTests extends ESTestCase {
|
|||
public void testParseFileLenient_WhenCannotReadFile() throws Exception {
|
||||
Path file = createTempFile();
|
||||
// writing in utf_16 should cause a parsing error as we try to read the file in utf_8
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
CapturingLogger logger = new CapturingLogger(CapturingLogger.Level.INFO);
|
||||
Map<String, char[]> users = FileUserPasswdStore.parseFileLenient(file, logger);
|
||||
assertThat(users, notNullValue());
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
package org.elasticsearch.shield.authc.esusers;
|
||||
|
||||
import com.google.common.base.Charsets;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.common.Strings;
|
||||
import org.elasticsearch.common.logging.ESLogger;
|
||||
import org.elasticsearch.common.logging.ESLoggerFactory;
|
||||
|
|
@ -27,10 +26,7 @@ import java.nio.file.Files;
|
|||
import java.nio.file.Path;
|
||||
import java.nio.file.StandardCopyOption;
|
||||
import java.nio.file.StandardOpenOption;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.*;
|
||||
import java.util.concurrent.CountDownLatch;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
|
|
@ -156,7 +152,7 @@ public class FileUserRolesStoreTests extends ESTestCase {
|
|||
watcherService.start();
|
||||
|
||||
// now replacing the content of the users file with something that cannot be read
|
||||
Files.write(tmp, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(tmp, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
|
||||
if (!latch.await(5, TimeUnit.SECONDS)) {
|
||||
fail("Waited too long for the updated file to be picked up");
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
package org.elasticsearch.shield.authc.support;
|
||||
|
||||
import com.google.common.base.Charsets;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.unboundid.ldap.sdk.DN;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
|
|
@ -75,7 +74,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
public void testMapper_ConfiguredWithUnreadableFile() throws Exception {
|
||||
Path file = createTempFile();
|
||||
// writing in utf_16 should cause a parsing error as we try to read the file in utf_8
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
|
||||
ResourceWatcherService watcherService = new ResourceWatcherService(settings, threadPool);
|
||||
DnRoleMapper mapper = createMapper(file, watcherService);
|
||||
|
|
@ -99,7 +98,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
}
|
||||
});
|
||||
|
||||
Set<String> roles = mapper.resolveRoles("", ImmutableList.of("cn=shield,ou=marvel,o=superheros"));
|
||||
Set<String> roles = mapper.resolveRoles("", Collections.singletonList("cn=shield,ou=marvel,o=superheros"));
|
||||
assertThat(roles, notNullValue());
|
||||
assertThat(roles.size(), is(1));
|
||||
assertThat(roles, contains("shield"));
|
||||
|
|
@ -116,7 +115,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
fail("Waited too long for the updated file to be picked up");
|
||||
}
|
||||
|
||||
roles = mapper.resolveRoles("", ImmutableList.of("cn=fantastic_four,ou=marvel,o=superheros"));
|
||||
roles = mapper.resolveRoles("", Collections.singletonList("cn=fantastic_four,ou=marvel,o=superheros"));
|
||||
assertThat(roles, notNullValue());
|
||||
assertThat(roles.size(), is(1));
|
||||
assertThat(roles, contains("fantastic_four"));
|
||||
|
|
@ -139,7 +138,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
}
|
||||
});
|
||||
|
||||
Set<String> roles = mapper.resolveRoles("", ImmutableList.of("cn=shield,ou=marvel,o=superheros"));
|
||||
Set<String> roles = mapper.resolveRoles("", Collections.singletonList("cn=shield,ou=marvel,o=superheros"));
|
||||
assertThat(roles, notNullValue());
|
||||
assertThat(roles.size(), is(1));
|
||||
assertThat(roles, contains("shield"));
|
||||
|
|
@ -147,7 +146,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
watcherService.start();
|
||||
|
||||
// now replacing the content of the users file with something that cannot be read
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
|
||||
if (!latch.await(5, TimeUnit.SECONDS)) {
|
||||
fail("Waited too long for the updated file to be picked up");
|
||||
|
|
@ -211,7 +210,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
public void testParseFile_WhenCannotReadFile() throws Exception {
|
||||
Path file = createTempFile();
|
||||
// writing in utf_16 should cause a parsing error as we try to read the file in utf_8
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
CapturingLogger logger = new CapturingLogger(CapturingLogger.Level.INFO);
|
||||
try {
|
||||
DnRoleMapper.parseFile(file, logger, "_type", "_name");
|
||||
|
|
@ -225,7 +224,7 @@ public class DnRoleMapperTests extends ESTestCase {
|
|||
public void testParseFileLenient_WhenCannotReadFile() throws Exception {
|
||||
Path file = createTempFile();
|
||||
// writing in utf_16 should cause a parsing error as we try to read the file in utf_8
|
||||
Files.write(file, ImmutableList.of("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
Files.write(file, Collections.singletonList("aldlfkjldjdflkjd"), Charsets.UTF_16);
|
||||
CapturingLogger logger = new CapturingLogger(CapturingLogger.Level.INFO);
|
||||
ImmutableMap<DN, Set<String>> mappings = DnRoleMapper.parseFileLenient(file, logger, "_type", "_name");
|
||||
assertThat(mappings, notNullValue());
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authz;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.Version;
|
||||
import org.elasticsearch.action.admin.indices.alias.Alias;
|
||||
|
|
@ -31,6 +30,8 @@ import org.elasticsearch.transport.TransportRequest;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import static org.elasticsearch.test.ShieldTestsUtils.assertAuthenticationException;
|
||||
import static org.elasticsearch.test.ShieldTestsUtils.assertAuthorizationException;
|
||||
import static org.hamcrest.Matchers.*;
|
||||
|
|
@ -253,7 +254,7 @@ public class InternalAuthorizationServiceTests extends ESTestCase {
|
|||
public void testIndicesAliasesWithNoRolesUser() {
|
||||
User user = new User.Simple("test user");
|
||||
|
||||
ImmutableList<String> list = internalAuthorizationService.authorizedIndicesAndAliases(user, "");
|
||||
List<String> list = internalAuthorizationService.authorizedIndicesAndAliases(user, "");
|
||||
assertThat(list.isEmpty(), is(true));
|
||||
}
|
||||
|
||||
|
|
@ -279,7 +280,7 @@ public class InternalAuthorizationServiceTests extends ESTestCase {
|
|||
.build(), true)
|
||||
.build());
|
||||
|
||||
ImmutableList<String> list = internalAuthorizationService.authorizedIndicesAndAliases(user, SearchAction.NAME);
|
||||
List<String> list = internalAuthorizationService.authorizedIndicesAndAliases(user, SearchAction.NAME);
|
||||
assertThat(list, containsInAnyOrder("a1", "a2", "aaaaaa", "b", "ab"));
|
||||
assertThat(list.contains("bbbbb"), is(false));
|
||||
assertThat(list.contains("ba"), is(false));
|
||||
|
|
|
|||
|
|
@ -6,12 +6,13 @@
|
|||
package org.elasticsearch.shield.authz;
|
||||
|
||||
import com.google.common.base.Predicate;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.action.get.GetAction;
|
||||
import org.elasticsearch.test.ESTestCase;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Iterator;
|
||||
|
||||
import static org.elasticsearch.shield.authz.Privilege.Index.*;
|
||||
|
|
@ -51,7 +52,7 @@ public class PermissionTests extends ESTestCase {
|
|||
builder.set(Cluster.action("cluster:monitor/nodes/info"));
|
||||
Permission.Global.Role noIndicesPermission = builder.build();
|
||||
|
||||
Permission.Indices.Globals indicesGlobals = new Permission.Indices.Globals(ImmutableList.<Permission.Global>of(noIndicesPermission, permission));
|
||||
Permission.Indices.Globals indicesGlobals = new Permission.Indices.Globals(Collections.<Permission.Global>unmodifiableList(Arrays.asList(noIndicesPermission, permission)));
|
||||
Iterator<Permission.Indices.Group> iterator = indicesGlobals.iterator();
|
||||
assertThat(iterator.hasNext(), is(equalTo(true)));
|
||||
int count = 0;
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
*/
|
||||
package org.elasticsearch.shield.authz.indicesresolver;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import org.elasticsearch.Version;
|
||||
import org.elasticsearch.action.admin.indices.alias.IndicesAliasesAction;
|
||||
import org.elasticsearch.action.admin.indices.alias.IndicesAliasesRequest;
|
||||
|
|
@ -33,6 +32,8 @@ import org.elasticsearch.test.ESTestCase;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Set;
|
||||
|
||||
import static org.hamcrest.Matchers.*;
|
||||
|
|
@ -70,17 +71,17 @@ public class DefaultIndicesResolverTests extends ESTestCase {
|
|||
user = new User.Simple("user", "role");
|
||||
|
||||
String[] authorizedIndices = new String[]{"bar", "bar-closed", "foofoobar", "foofoo", "missing", "foofoo-closed"};
|
||||
when(authzService.authorizedIndicesAndAliases(user, SearchAction.NAME)).thenReturn(ImmutableList.copyOf(authorizedIndices));
|
||||
when(authzService.authorizedIndicesAndAliases(user, MultiSearchAction.NAME)).thenReturn(ImmutableList.copyOf(authorizedIndices));
|
||||
when(authzService.authorizedIndicesAndAliases(user, MultiGetAction.NAME)).thenReturn(ImmutableList.copyOf(authorizedIndices));
|
||||
when(authzService.authorizedIndicesAndAliases(user, IndicesAliasesAction.NAME)).thenReturn(ImmutableList.copyOf(authorizedIndices));
|
||||
when(authzService.authorizedIndicesAndAliases(user, GetAliasesAction.NAME)).thenReturn(ImmutableList.copyOf(authorizedIndices));
|
||||
when(authzService.authorizedIndicesAndAliases(user, DeleteIndexAction.NAME)).thenReturn(ImmutableList.copyOf(authorizedIndices));
|
||||
when(authzService.authorizedIndicesAndAliases(user, SearchAction.NAME)).thenReturn(Collections.unmodifiableList(Arrays.asList(authorizedIndices)));
|
||||
when(authzService.authorizedIndicesAndAliases(user, MultiSearchAction.NAME)).thenReturn(Collections.unmodifiableList(Arrays.asList(authorizedIndices)));
|
||||
when(authzService.authorizedIndicesAndAliases(user, MultiGetAction.NAME)).thenReturn(Collections.unmodifiableList(Arrays.asList(authorizedIndices)));
|
||||
when(authzService.authorizedIndicesAndAliases(user, IndicesAliasesAction.NAME)).thenReturn(Collections.unmodifiableList(Arrays.asList(authorizedIndices)));
|
||||
when(authzService.authorizedIndicesAndAliases(user, GetAliasesAction.NAME)).thenReturn(Collections.unmodifiableList(Arrays.asList(authorizedIndices)));
|
||||
when(authzService.authorizedIndicesAndAliases(user, DeleteIndexAction.NAME)).thenReturn(Collections.unmodifiableList(Arrays.asList(authorizedIndices)));
|
||||
userNoIndices = new User.Simple("test", "test");
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, IndicesAliasesAction.NAME)).thenReturn(ImmutableList.<String>of());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, GetAliasesAction.NAME)).thenReturn(ImmutableList.<String>of());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, SearchAction.NAME)).thenReturn(ImmutableList.<String>of());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, MultiSearchAction.NAME)).thenReturn(ImmutableList.<String>of());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, IndicesAliasesAction.NAME)).thenReturn(Collections.<String>emptyList());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, GetAliasesAction.NAME)).thenReturn(Collections.<String>emptyList());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, SearchAction.NAME)).thenReturn(Collections.<String>emptyList());
|
||||
when(authzService.authorizedIndicesAndAliases(userNoIndices, MultiSearchAction.NAME)).thenReturn(Collections.<String>emptyList());
|
||||
|
||||
defaultIndicesResolver = new DefaultIndicesAndAliasesResolver(authzService);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
package org.elasticsearch.shield.authz.store;
|
||||
|
||||
import com.google.common.base.Charsets;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
|
|
@ -195,7 +194,7 @@ public class FileRolesStoreTests extends ESTestCase {
|
|||
@Test
|
||||
public void testThatEmptyFileDoesNotResultInLoop() throws Exception {
|
||||
Path file = createTempFile();
|
||||
Files.write(file, ImmutableList.of("#"), Charsets.UTF_8);
|
||||
Files.write(file, Collections.singletonList("#"), Charsets.UTF_8);
|
||||
Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(file, Collections.<Permission.Global.Role>emptySet(), logger);
|
||||
assertThat(roles.keySet(), is(empty()));
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue