Refactoring for 5.0 - phase 4
- renaming `ShieldPlugin` to `Shield` (it's no longer a plugin) - renaming `WatcherPlugin` to `Watcher` (it's no longer a plugin) - renaming `MarvelPlugin` to `Marvel` (it's no longer a plugin) - renaming `LicensePlugin` to `Licensing` (it's no longer a plugin) - renamed setting:`watcher.enabled` -> `xpack.watcher.enabled` - renamed setting:`marvel.enabled` -> `xpack.marvel.enabled` Original commit: elastic/x-pack-elasticsearch@35a6540b11
This commit is contained in:
parent
dbff0e1144
commit
42c9eead60
|
@ -32,8 +32,8 @@ integTest {
|
|||
|
||||
cluster {
|
||||
plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack')
|
||||
systemProperty 'es.watcher.enabled', 'false'
|
||||
systemProperty 'es.marvel.enabled', 'false'
|
||||
systemProperty 'es.xpack.watcher.enabled', 'false'
|
||||
systemProperty 'es.xpack.marvel.enabled', 'false'
|
||||
setupCommand 'setupDummyUser',
|
||||
'bin/xpack/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin'
|
||||
waitCondition = { node, ant ->
|
||||
|
|
|
@ -9,7 +9,7 @@ integTest {
|
|||
cluster {
|
||||
plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack')
|
||||
systemProperty 'es.script.inline', 'true'
|
||||
systemProperty 'es.shield.enabled', 'false'
|
||||
systemProperty 'es.marvel.enabled', 'false'
|
||||
systemProperty 'es.xpack.shield.enabled', 'false'
|
||||
systemProperty 'es.xpack.marvel.enabled', 'false'
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,8 +8,8 @@ dependencies {
|
|||
integTest {
|
||||
cluster {
|
||||
plugin 'x-pack', project(':x-plugins:elasticsearch:x-pack')
|
||||
systemProperty 'es.shield.enabled', 'false'
|
||||
systemProperty 'es.marvel.enabled', 'false'
|
||||
systemProperty 'es.xpack.shield.enabled', 'false'
|
||||
systemProperty 'es.xpack.marvel.enabled', 'false'
|
||||
systemProperty 'es.http.port', '9400'
|
||||
}
|
||||
}
|
||||
|
|
|
@ -27,13 +27,12 @@ import org.elasticsearch.license.plugin.core.LicensesService;
|
|||
import org.elasticsearch.license.plugin.rest.RestDeleteLicenseAction;
|
||||
import org.elasticsearch.license.plugin.rest.RestGetLicenseAction;
|
||||
import org.elasticsearch.license.plugin.rest.RestPutLicenseAction;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
|
||||
public class LicensePlugin extends Plugin {
|
||||
public class Licensing {
|
||||
|
||||
public static final String NAME = "license";
|
||||
private final boolean isEnabled;
|
||||
|
@ -44,7 +43,7 @@ public class LicensePlugin extends Plugin {
|
|||
}
|
||||
|
||||
@Inject
|
||||
public LicensePlugin(Settings settings) {
|
||||
public Licensing(Settings settings) {
|
||||
if (DiscoveryNode.clientNode(settings)) {
|
||||
// Enable plugin only on node clients
|
||||
this.isEnabled = "node".equals(settings.get(Client.CLIENT_TYPE_SETTING_S.getKey()));
|
||||
|
@ -54,16 +53,6 @@ public class LicensePlugin extends Plugin {
|
|||
transportClient = "transport".equals(settings.get(Client.CLIENT_TYPE_SETTING_S.getKey()));
|
||||
}
|
||||
|
||||
@Override
|
||||
public String name() {
|
||||
return NAME;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String description() {
|
||||
return "Internal Elasticsearch Licensing Plugin";
|
||||
}
|
||||
|
||||
public void onModule(NetworkModule module) {
|
||||
if (transportClient == false) {
|
||||
module.registerRestHandler(RestPutLicenseAction.class);
|
||||
|
@ -78,7 +67,6 @@ public class LicensePlugin extends Plugin {
|
|||
module.registerAction(DeleteLicenseAction.INSTANCE, TransportDeleteLicenseAction.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Class<? extends LifecycleComponent>> nodeServices() {
|
||||
Collection<Class<? extends LifecycleComponent>> services = new ArrayList<>();
|
||||
if (isEnabled) {
|
||||
|
@ -87,11 +75,9 @@ public class LicensePlugin extends Plugin {
|
|||
return services;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
if (isEnabled) {
|
||||
return Collections.<Module>singletonList(new LicenseModule());
|
||||
return Collections.<Module>singletonList(new LicensingModule());
|
||||
}
|
||||
return Collections.emptyList();
|
||||
}
|
|
@ -11,7 +11,7 @@ import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
|||
import org.elasticsearch.license.plugin.core.LicensesManagerService;
|
||||
import org.elasticsearch.license.plugin.core.LicensesService;
|
||||
|
||||
public class LicenseModule extends AbstractModule {
|
||||
public class LicensingModule extends AbstractModule {
|
||||
|
||||
@Override
|
||||
protected void configure() {
|
|
@ -23,9 +23,12 @@ import org.elasticsearch.license.plugin.core.LicenseState;
|
|||
import org.elasticsearch.license.plugin.core.LicensesManagerService;
|
||||
import org.elasticsearch.license.plugin.core.LicensesMetaData;
|
||||
import org.elasticsearch.license.plugin.core.LicensesStatus;
|
||||
import org.elasticsearch.marvel.Marvel;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.test.ESIntegTestCase;
|
||||
import org.elasticsearch.test.InternalTestCluster;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
|
||||
import java.util.ArrayList;
|
||||
|
@ -44,9 +47,9 @@ public abstract class AbstractLicensesIntegrationTestCase extends ESIntegTestCas
|
|||
@Override
|
||||
protected Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put("shield.enabled", false)
|
||||
.put("marvel.enabled", false)
|
||||
.put("watcher.enabled", false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Marvel.NAME), false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Watcher.NAME), false)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ import org.elasticsearch.common.xcontent.XContentFactory;
|
|||
import org.elasticsearch.common.xcontent.XContentParser;
|
||||
import org.elasticsearch.common.xcontent.XContentType;
|
||||
import org.elasticsearch.license.core.License;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.license.plugin.Licensing;
|
||||
import org.elasticsearch.license.plugin.TestUtils;
|
||||
import org.elasticsearch.test.ESTestCase;
|
||||
|
||||
|
@ -49,7 +49,7 @@ public class LicensesMetaDataSerializationTests extends ESTestCase {
|
|||
}
|
||||
|
||||
public void testLicenseMetadataParsingDoesNotSwallowOtherMetaData() throws Exception {
|
||||
new LicensePlugin(Settings.EMPTY); // makes sure LicensePlugin is registered in Custom MetaData
|
||||
new Licensing(Settings.EMPTY); // makes sure LicensePlugin is registered in Custom MetaData
|
||||
License license = TestUtils.generateSignedLicense(TimeValue.timeValueHours(2));
|
||||
LicensesMetaData licensesMetaData = new LicensesMetaData(license);
|
||||
RepositoryMetaData repositoryMetaData = new RepositoryMetaData("repo", "fs", Settings.EMPTY);
|
||||
|
|
|
@ -23,7 +23,6 @@ import org.elasticsearch.marvel.agent.settings.MarvelSettings;
|
|||
import org.elasticsearch.marvel.cleaner.CleanerService;
|
||||
import org.elasticsearch.marvel.license.LicenseModule;
|
||||
import org.elasticsearch.marvel.license.MarvelLicensee;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
|
||||
import java.util.ArrayList;
|
||||
|
@ -33,12 +32,11 @@ import java.util.Collections;
|
|||
import java.util.List;
|
||||
import java.util.function.Function;
|
||||
|
||||
public class MarvelPlugin extends Plugin {
|
||||
public class Marvel {
|
||||
|
||||
private static final ESLogger logger = Loggers.getLogger(XPackPlugin.class);
|
||||
|
||||
public static final String NAME = "marvel";
|
||||
public static final String ENABLED = NAME + ".enabled";
|
||||
public static final Setting<String> INDEX_MARVEL_VERSION_SETTING =
|
||||
new Setting<>("index.marvel.plugin.version", "", Function.identity(), false, Setting.Scope.INDEX);
|
||||
public static final Setting<String> INDEX_MARVEL_TEMPLATE_VERSION_SETTING =
|
||||
|
@ -48,17 +46,15 @@ public class MarvelPlugin extends Plugin {
|
|||
private final Settings settings;
|
||||
private final boolean enabled;
|
||||
|
||||
public MarvelPlugin(Settings settings) {
|
||||
public Marvel(Settings settings) {
|
||||
this.settings = settings;
|
||||
this.enabled = marvelEnabled(settings);
|
||||
this.enabled = enabled(settings);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String name() {
|
||||
return NAME;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String description() {
|
||||
return "Elasticsearch Marvel";
|
||||
}
|
||||
|
@ -67,7 +63,6 @@ public class MarvelPlugin extends Plugin {
|
|||
return enabled;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
List<Module> modules = new ArrayList<>();
|
||||
|
||||
|
@ -81,9 +76,8 @@ public class MarvelPlugin extends Plugin {
|
|||
return Collections.unmodifiableList(modules);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Class<? extends LifecycleComponent>> nodeServices() {
|
||||
if (!enabled) {
|
||||
if (enabled == false) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
return Arrays.<Class<? extends LifecycleComponent>>asList(MarvelLicensee.class,
|
||||
|
@ -91,13 +85,14 @@ public class MarvelPlugin extends Plugin {
|
|||
CleanerService.class);
|
||||
}
|
||||
|
||||
public static boolean marvelEnabled(Settings settings) {
|
||||
if (!"node".equals(settings.get(Client.CLIENT_TYPE_SETTING_S.getKey()))) {
|
||||
public static boolean enabled(Settings settings) {
|
||||
if ("node".equals(settings.get(Client.CLIENT_TYPE_SETTING_S.getKey())) == false) {
|
||||
logger.trace("marvel cannot be started on a transport client");
|
||||
return false;
|
||||
}
|
||||
// By default, marvel is disabled on tribe nodes
|
||||
return settings.getAsBoolean(ENABLED, !isTribeNode(settings) && !isTribeClientNode(settings));
|
||||
return settings.getAsBoolean(XPackPlugin.featureEnabledSetting(Marvel.NAME),
|
||||
!isTribeNode(settings) && !isTribeClientNode(settings));
|
||||
}
|
||||
|
||||
static boolean isTribeNode(Settings settings) {
|
||||
|
@ -134,7 +129,7 @@ public class MarvelPlugin extends Plugin {
|
|||
// TODO convert these settings to where they belong
|
||||
module.registerSetting(Setting.simpleString("marvel.agent.exporter.es.ssl.truststore.password", false, Setting.Scope.CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("marvel.agent.exporter.es.ssl.truststore.path", false, Setting.Scope.CLUSTER));
|
||||
module.registerSetting(Setting.boolSetting("marvel.enabled", false, false, Setting.Scope.CLUSTER));
|
||||
module.registerSetting(Setting.boolSetting(XPackPlugin.featureEnabledSetting(Marvel.NAME), true, false, Setting.Scope.CLUSTER));
|
||||
module.registerSettingsFilter("marvel.agent.exporters.*.auth.password");
|
||||
}
|
||||
}
|
|
@ -19,7 +19,7 @@ import org.elasticsearch.marvel.agent.exporter.MarvelDoc;
|
|||
import org.elasticsearch.marvel.agent.settings.MarvelSettings;
|
||||
import org.elasticsearch.marvel.license.MarvelLicensee;
|
||||
import org.elasticsearch.shield.InternalClient;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
|
@ -72,7 +72,7 @@ public class IndexRecoveryCollector extends AbstractCollector<IndexRecoveryColle
|
|||
results.add(indexRecoveryDoc);
|
||||
}
|
||||
} catch (IndexNotFoundException e) {
|
||||
if (ShieldPlugin.enabled(settings) && IndexNameExpressionResolver.isAllIndices(Arrays.asList(marvelSettings.indices()))) {
|
||||
if (Shield.enabled(settings) && IndexNameExpressionResolver.isAllIndices(Arrays.asList(marvelSettings.indices()))) {
|
||||
logger.debug("collector [{}] - unable to collect data for missing index [{}]", name(), e.getIndex());
|
||||
} else {
|
||||
throw e;
|
||||
|
|
|
@ -21,7 +21,7 @@ import org.elasticsearch.marvel.agent.exporter.MarvelDoc;
|
|||
import org.elasticsearch.marvel.agent.settings.MarvelSettings;
|
||||
import org.elasticsearch.marvel.license.MarvelLicensee;
|
||||
import org.elasticsearch.shield.InternalClient;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
|
@ -86,7 +86,7 @@ public class IndexStatsCollector extends AbstractCollector<IndexStatsCollector>
|
|||
results.add(indexStatsDoc);
|
||||
}
|
||||
} catch (IndexNotFoundException e) {
|
||||
if (ShieldPlugin.enabled(settings) && IndexNameExpressionResolver.isAllIndices(Arrays.asList(marvelSettings.indices()))) {
|
||||
if (Shield.enabled(settings) && IndexNameExpressionResolver.isAllIndices(Arrays.asList(marvelSettings.indices()))) {
|
||||
logger.debug("collector [{}] - unable to collect data for missing index [{}]", name(), e.getIndex());
|
||||
} else {
|
||||
throw e;
|
||||
|
|
|
@ -19,7 +19,7 @@ import org.elasticsearch.marvel.agent.exporter.MarvelDoc;
|
|||
import org.elasticsearch.marvel.agent.settings.MarvelSettings;
|
||||
import org.elasticsearch.marvel.license.MarvelLicensee;
|
||||
import org.elasticsearch.shield.InternalClient;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
|
@ -71,7 +71,7 @@ public class IndicesStatsCollector extends AbstractCollector<IndicesStatsCollect
|
|||
|
||||
return Collections.singletonList(indicesStatsDoc);
|
||||
} catch (IndexNotFoundException e) {
|
||||
if (ShieldPlugin.enabled(settings) && IndexNameExpressionResolver.isAllIndices(Arrays.asList(marvelSettings.indices()))) {
|
||||
if (Shield.enabled(settings) && IndexNameExpressionResolver.isAllIndices(Arrays.asList(marvelSettings.indices()))) {
|
||||
logger.debug("collector [{}] - unable to collect data for missing index [{}]", name(), e.getIndex());
|
||||
return Collections.emptyList();
|
||||
}
|
||||
|
|
|
@ -11,7 +11,7 @@ import org.elasticsearch.common.settings.ClusterSettings;
|
|||
import org.elasticsearch.common.settings.Setting;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.marvel.MarvelPlugin;
|
||||
import org.elasticsearch.marvel.Marvel;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
@ -19,7 +19,7 @@ import java.util.function.Function;
|
|||
|
||||
public class MarvelSettings extends AbstractComponent {
|
||||
|
||||
private static final String PREFIX = MarvelPlugin.NAME + ".agent.";
|
||||
private static final String PREFIX = Marvel.NAME + ".agent.";
|
||||
|
||||
public static final String MARVEL_INDICES_PREFIX = ".marvel-es-";
|
||||
public static final String MARVEL_DATA_INDEX_PREFIX = MARVEL_INDICES_PREFIX + "data-";
|
||||
|
|
|
@ -14,14 +14,14 @@ import org.elasticsearch.license.plugin.core.AbstractLicenseeComponent;
|
|||
import org.elasticsearch.license.plugin.core.LicenseState;
|
||||
import org.elasticsearch.license.plugin.core.Licensee;
|
||||
import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
||||
import org.elasticsearch.marvel.MarvelPlugin;
|
||||
import org.elasticsearch.marvel.Marvel;
|
||||
|
||||
|
||||
public class MarvelLicensee extends AbstractLicenseeComponent<MarvelLicensee> implements Licensee {
|
||||
|
||||
@Inject
|
||||
public MarvelLicensee(Settings settings, LicenseeRegistry clientService) {
|
||||
super(settings, MarvelPlugin.NAME, clientService);
|
||||
super(settings, Marvel.NAME, clientService);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -21,7 +21,7 @@ public class MarvelPluginClientTests extends ESTestCase {
|
|||
.put(Client.CLIENT_TYPE_SETTING_S.getKey(), TransportClient.CLIENT_TYPE)
|
||||
.build();
|
||||
|
||||
MarvelPlugin plugin = new MarvelPlugin(settings);
|
||||
Marvel plugin = new Marvel(settings);
|
||||
assertThat(plugin.isEnabled(), is(false));
|
||||
Collection<Module> modules = plugin.nodeModules();
|
||||
assertThat(modules.size(), is(0));
|
||||
|
@ -32,7 +32,7 @@ public class MarvelPluginClientTests extends ESTestCase {
|
|||
Settings settings = Settings.builder()
|
||||
.put(Client.CLIENT_TYPE_SETTING_S.getKey(), "node")
|
||||
.build();
|
||||
MarvelPlugin plugin = new MarvelPlugin(settings);
|
||||
Marvel plugin = new Marvel(settings);
|
||||
assertThat(plugin.isEnabled(), is(true));
|
||||
Collection<Module> modules = plugin.nodeModules();
|
||||
assertThat(modules.size(), is(5));
|
||||
|
|
|
@ -29,25 +29,32 @@ public class MarvelPluginTests extends MarvelIntegTestCase {
|
|||
}
|
||||
|
||||
public void testMarvelEnabled() {
|
||||
internalCluster().startNode(Settings.builder().put(MarvelPlugin.ENABLED, true).build());
|
||||
internalCluster().startNode(Settings.builder()
|
||||
.put(XPackPlugin.featureEnabledSetting(Marvel.NAME), true)
|
||||
.build());
|
||||
assertPluginIsLoaded();
|
||||
assertServiceIsBound(AgentService.class);
|
||||
}
|
||||
|
||||
public void testMarvelDisabled() {
|
||||
internalCluster().startNode(Settings.builder().put(MarvelPlugin.ENABLED, false).build());
|
||||
internalCluster().startNode(Settings.builder()
|
||||
.put(XPackPlugin.featureEnabledSetting(Marvel.NAME), false)
|
||||
.build());
|
||||
assertPluginIsLoaded();
|
||||
assertServiceIsNotBound(AgentService.class);
|
||||
}
|
||||
|
||||
public void testMarvelEnabledOnTribeNode() {
|
||||
internalCluster().startNode(Settings.builder().put(MarvelPlugin.ENABLED, true).put(MarvelPlugin.TRIBE_NAME_SETTING, "t1").build());
|
||||
internalCluster().startNode(Settings.builder()
|
||||
.put(XPackPlugin.featureEnabledSetting(Marvel.NAME), true)
|
||||
.put(Marvel.TRIBE_NAME_SETTING, "t1")
|
||||
.build());
|
||||
assertPluginIsLoaded();
|
||||
assertServiceIsBound(AgentService.class);
|
||||
}
|
||||
|
||||
public void testMarvelDisabledOnTribeNode() {
|
||||
internalCluster().startNode(Settings.builder().put(MarvelPlugin.TRIBE_NAME_SETTING, "t1").build());
|
||||
internalCluster().startNode(Settings.builder().put(Marvel.TRIBE_NAME_SETTING, "t1").build());
|
||||
assertPluginIsLoaded();
|
||||
assertServiceIsNotBound(AgentService.class);
|
||||
}
|
||||
|
|
|
@ -18,7 +18,7 @@ import org.elasticsearch.common.network.NetworkModule;
|
|||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.unit.TimeValue;
|
||||
import org.elasticsearch.license.core.License;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.license.plugin.Licensing;
|
||||
import org.elasticsearch.license.plugin.core.LicenseState;
|
||||
import org.elasticsearch.license.plugin.core.Licensee;
|
||||
import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
||||
|
@ -37,7 +37,6 @@ import java.util.Arrays;
|
|||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.Callable;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import static org.elasticsearch.common.unit.TimeValue.timeValueMinutes;
|
||||
|
@ -181,9 +180,9 @@ public class AbstractCollectorTestCase extends MarvelIntegTestCase {
|
|||
}, 30L, TimeUnit.SECONDS);
|
||||
}
|
||||
|
||||
public static class InternalLicensePlugin extends LicensePlugin {
|
||||
public static class InternalLicensing extends Licensing {
|
||||
|
||||
public InternalLicensePlugin() {
|
||||
public InternalLicensing() {
|
||||
super(Settings.EMPTY);
|
||||
}
|
||||
|
||||
|
@ -219,7 +218,7 @@ public class AbstractCollectorTestCase extends MarvelIntegTestCase {
|
|||
|
||||
public InternalXPackPlugin(Settings settings) {
|
||||
super(settings);
|
||||
licensePlugin = new InternalLicensePlugin();
|
||||
licensing = new InternalLicensing();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ import org.elasticsearch.common.inject.Module;
|
|||
import org.elasticsearch.common.network.NetworkModule;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.license.core.License;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.license.plugin.Licensing;
|
||||
import org.elasticsearch.license.plugin.core.LicenseState;
|
||||
import org.elasticsearch.license.plugin.core.Licensee;
|
||||
import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
||||
|
@ -80,17 +80,12 @@ public class LicenseIntegrationTests extends MarvelIntegTestCase {
|
|||
}
|
||||
}
|
||||
|
||||
public static class MockLicensePlugin extends LicensePlugin {
|
||||
public static class MockLicensing extends Licensing {
|
||||
|
||||
public MockLicensePlugin() {
|
||||
public MockLicensing() {
|
||||
super(Settings.EMPTY);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String description() {
|
||||
return name();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
return Collections.<Module>singletonList(new InternalLicenseModule());
|
||||
|
@ -167,7 +162,7 @@ public class LicenseIntegrationTests extends MarvelIntegTestCase {
|
|||
public static class InternalXPackPlugin extends XPackPlugin {
|
||||
public InternalXPackPlugin(Settings settings) {
|
||||
super(settings);
|
||||
licensePlugin = new MockLicensePlugin();
|
||||
licensing = new MockLicensing();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ import org.elasticsearch.marvel.agent.AgentService;
|
|||
import org.elasticsearch.marvel.agent.exporter.MarvelTemplateUtils;
|
||||
import org.elasticsearch.marvel.agent.settings.MarvelSettings;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.esusers.ESUsersRealm;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
|
@ -30,6 +30,7 @@ import org.elasticsearch.test.TestCluster;
|
|||
import org.elasticsearch.test.store.MockFSIndexStore;
|
||||
import org.elasticsearch.test.transport.AssertingLocalTransport;
|
||||
import org.elasticsearch.test.transport.MockTransportService;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
import org.hamcrest.Matcher;
|
||||
import org.jboss.netty.util.internal.SystemPropertyUtil;
|
||||
|
@ -77,7 +78,7 @@ public abstract class MarvelIntegTestCase extends ESIntegTestCase {
|
|||
.put(super.nodeSettings(nodeOrdinal))
|
||||
|
||||
//TODO: for now lets isolate marvel tests from watcher (randomize this later)
|
||||
.put("watcher.enabled", false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Watcher.NAME), false)
|
||||
// we do this by default in core, but for marvel this isn't needed and only adds noise.
|
||||
.put("index.store.mock.check_index_on_close", false);
|
||||
|
||||
|
@ -424,7 +425,7 @@ public abstract class MarvelIntegTestCase extends ESIntegTestCase {
|
|||
.put("shield.audit.enabled", auditLogsEnabled)
|
||||
// Test framework sometimes randomily selects the 'index' or 'none' cache and that makes the
|
||||
// validation in ShieldPlugin fail. Shield can only run with this query cache impl
|
||||
.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), ShieldPlugin.OPT_OUT_QUERY_CACHE);
|
||||
.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), Shield.OPT_OUT_QUERY_CACHE);
|
||||
} catch (IOException ex) {
|
||||
throw new RuntimeException("failed to build settings for shield", ex);
|
||||
}
|
||||
|
|
|
@ -8,13 +8,14 @@ package org.elasticsearch.shield;
|
|||
import org.elasticsearch.action.ActionModule;
|
||||
import org.elasticsearch.common.component.LifecycleComponent;
|
||||
import org.elasticsearch.common.inject.Module;
|
||||
import org.elasticsearch.common.logging.ESLogger;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.network.NetworkModule;
|
||||
import org.elasticsearch.common.settings.Setting;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.settings.SettingsModule;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.index.IndexModule;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.shield.action.ShieldActionFilter;
|
||||
import org.elasticsearch.shield.action.ShieldActionModule;
|
||||
import org.elasticsearch.shield.action.realm.ClearRealmCacheAction;
|
||||
|
@ -43,6 +44,7 @@ import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
|
|||
import org.elasticsearch.shield.authz.AuthorizationModule;
|
||||
import org.elasticsearch.shield.authz.accesscontrol.OptOutQueryCache;
|
||||
import org.elasticsearch.shield.authz.accesscontrol.ShieldIndexSearcherWrapper;
|
||||
import org.elasticsearch.shield.authz.privilege.ClusterPrivilege;
|
||||
import org.elasticsearch.shield.authz.store.FileRolesStore;
|
||||
import org.elasticsearch.shield.crypto.CryptoModule;
|
||||
import org.elasticsearch.shield.crypto.InternalCryptoService;
|
||||
|
@ -79,7 +81,9 @@ import java.util.Map;
|
|||
/**
|
||||
*
|
||||
*/
|
||||
public class ShieldPlugin extends Plugin {
|
||||
public class Shield {
|
||||
|
||||
private static final ESLogger logger = Loggers.getLogger(XPackPlugin.class);
|
||||
|
||||
public static final String NAME = "shield";
|
||||
public static final String DLS_FLS_FEATURE = "shield.dls_fls";
|
||||
|
@ -90,7 +94,7 @@ public class ShieldPlugin extends Plugin {
|
|||
private final boolean transportClientMode;
|
||||
private ShieldLicenseState shieldLicenseState;
|
||||
|
||||
public ShieldPlugin(Settings settings) {
|
||||
public Shield(Settings settings) {
|
||||
this.settings = settings;
|
||||
this.transportClientMode = XPackPlugin.transportClientMode(settings);
|
||||
this.enabled = XPackPlugin.featureEnabled(settings, NAME, true);
|
||||
|
@ -99,17 +103,6 @@ public class ShieldPlugin extends Plugin {
|
|||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String name() {
|
||||
return NAME;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String description() {
|
||||
return "Elasticsearch Shield (security)";
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
|
||||
if (enabled == false) {
|
||||
|
@ -139,7 +132,6 @@ public class ShieldPlugin extends Plugin {
|
|||
new SSLModule(settings));
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Class<? extends LifecycleComponent>> nodeServices() {
|
||||
if (enabled == false || transportClientMode == true) {
|
||||
return Collections.emptyList();
|
||||
|
@ -158,16 +150,15 @@ public class ShieldPlugin extends Plugin {
|
|||
|
||||
}
|
||||
|
||||
@Override
|
||||
public Settings additionalSettings() {
|
||||
if (enabled == false) {
|
||||
return Settings.EMPTY;
|
||||
}
|
||||
|
||||
Settings.Builder settingsBuilder = Settings.settingsBuilder();
|
||||
settingsBuilder.put(NetworkModule.TRANSPORT_TYPE_KEY, ShieldPlugin.NAME);
|
||||
settingsBuilder.put(NetworkModule.TRANSPORT_SERVICE_TYPE_KEY, ShieldPlugin.NAME);
|
||||
settingsBuilder.put(NetworkModule.HTTP_TYPE_SETTING.getKey(), ShieldPlugin.NAME);
|
||||
settingsBuilder.put(NetworkModule.TRANSPORT_TYPE_KEY, Shield.NAME);
|
||||
settingsBuilder.put(NetworkModule.TRANSPORT_SERVICE_TYPE_KEY, Shield.NAME);
|
||||
settingsBuilder.put(NetworkModule.HTTP_TYPE_SETTING.getKey(), Shield.NAME);
|
||||
addUserSettings(settingsBuilder);
|
||||
addTribeSettings(settingsBuilder);
|
||||
addQueryCacheSettings(settingsBuilder);
|
||||
|
@ -203,7 +194,6 @@ public class ShieldPlugin extends Plugin {
|
|||
settingsModule.registerSettingsFilter("transport.profiles.*.shield.*");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void onIndexModule(IndexModule module) {
|
||||
if (enabled == false) {
|
||||
return;
|
||||
|
@ -217,7 +207,7 @@ public class ShieldPlugin extends Plugin {
|
|||
shieldLicenseState));
|
||||
}
|
||||
if (transportClientMode == false) {
|
||||
module.registerQueryCache(ShieldPlugin.OPT_OUT_QUERY_CACHE, OptOutQueryCache::new);
|
||||
module.registerQueryCache(Shield.OPT_OUT_QUERY_CACHE, OptOutQueryCache::new);
|
||||
failIfShieldQueryCacheIsNotActive(module.getSettings(), false);
|
||||
}
|
||||
}
|
||||
|
@ -246,8 +236,8 @@ public class ShieldPlugin extends Plugin {
|
|||
|
||||
if (transportClientMode) {
|
||||
if (enabled) {
|
||||
module.registerTransport(ShieldPlugin.NAME, ShieldNettyTransport.class);
|
||||
module.registerTransportService(ShieldPlugin.NAME, ShieldClientTransportService.class);
|
||||
module.registerTransport(Shield.NAME, ShieldNettyTransport.class);
|
||||
module.registerTransportService(Shield.NAME, ShieldClientTransportService.class);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
@ -256,8 +246,8 @@ public class ShieldPlugin extends Plugin {
|
|||
module.registerRestHandler(RestShieldInfoAction.class);
|
||||
|
||||
if (enabled) {
|
||||
module.registerTransport(ShieldPlugin.NAME, ShieldNettyTransport.class);
|
||||
module.registerTransportService(ShieldPlugin.NAME, ShieldServerTransportService.class);
|
||||
module.registerTransport(Shield.NAME, ShieldNettyTransport.class);
|
||||
module.registerTransportService(Shield.NAME, ShieldServerTransportService.class);
|
||||
module.registerRestHandler(RestAuthenticateAction.class);
|
||||
module.registerRestHandler(RestClearRealmCacheAction.class);
|
||||
module.registerRestHandler(RestClearRolesCacheAction.class);
|
||||
|
@ -267,7 +257,19 @@ public class ShieldPlugin extends Plugin {
|
|||
module.registerRestHandler(RestGetRolesAction.class);
|
||||
module.registerRestHandler(RestAddRoleAction.class);
|
||||
module.registerRestHandler(RestDeleteRoleAction.class);
|
||||
module.registerHttpTransport(ShieldPlugin.NAME, ShieldNettyHttpServerTransport.class);
|
||||
module.registerHttpTransport(Shield.NAME, ShieldNettyHttpServerTransport.class);
|
||||
}
|
||||
}
|
||||
|
||||
public static void registerClusterPrivilege(String name, String... patterns) {
|
||||
try {
|
||||
ClusterPrivilege.addCustom(name, patterns);
|
||||
} catch (Exception se) {
|
||||
logger.warn("could not register cluster privilege [{}]", name);
|
||||
|
||||
// we need to prevent bubbling the shield exception here for the tests. In the tests
|
||||
// we create multiple nodes in the same jvm and since the custom cluster is a static binding
|
||||
// multiple nodes will try to add the same privileges multiple times.
|
||||
}
|
||||
}
|
||||
|
|
@ -19,7 +19,7 @@ import org.elasticsearch.common.inject.Inject;
|
|||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.license.plugin.core.LicenseUtils;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.SystemUser;
|
||||
import org.elasticsearch.shield.User;
|
||||
import org.elasticsearch.shield.action.interceptor.RequestInterceptor;
|
||||
|
@ -88,7 +88,7 @@ public class ShieldActionFilter extends AbstractComponent implements ActionFilte
|
|||
logger.error("blocking [{}] operation due to expired license. Cluster health, cluster stats and indices stats \n" +
|
||||
"operations are blocked on shield license expiration. All data operations (read and write) continue to work. \n" +
|
||||
"If you have a new license, please update it. Otherwise, please reach out to your support contact.", action);
|
||||
throw LicenseUtils.newComplianceException(ShieldPlugin.NAME);
|
||||
throw LicenseUtils.newComplianceException(Shield.NAME);
|
||||
}
|
||||
|
||||
// only restore the context if it is not empty. This is needed because sometimes a response is sent to the user
|
||||
|
|
|
@ -10,7 +10,6 @@ import org.elasticsearch.common.inject.internal.Nullable;
|
|||
import org.elasticsearch.common.logging.ESLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.authc.RealmConfig;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.RefreshListener;
|
||||
|
|
|
@ -11,7 +11,6 @@ import org.elasticsearch.common.inject.internal.Nullable;
|
|||
import org.elasticsearch.common.logging.ESLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.authc.RealmConfig;
|
||||
import org.elasticsearch.shield.authc.support.RefreshListener;
|
||||
import org.elasticsearch.shield.support.NoOpLogger;
|
||||
|
|
|
@ -12,7 +12,6 @@ import org.elasticsearch.common.Nullable;
|
|||
import org.elasticsearch.common.logging.ESLogger;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.authc.RealmConfig;
|
||||
import org.elasticsearch.watcher.FileChangesListener;
|
||||
import org.elasticsearch.watcher.FileWatcher;
|
||||
|
|
|
@ -20,7 +20,7 @@ import org.elasticsearch.common.xcontent.XContentParser;
|
|||
import org.elasticsearch.common.xcontent.json.JsonXContent;
|
||||
import org.elasticsearch.common.xcontent.yaml.YamlXContent;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.SystemUser;
|
||||
import org.elasticsearch.shield.XPackUser;
|
||||
import org.elasticsearch.shield.authc.support.RefreshListener;
|
||||
|
@ -301,12 +301,12 @@ public class FileRolesStore extends AbstractLifecycleComponent<RolesStore> imple
|
|||
}
|
||||
if (name != null) {
|
||||
if ((query != null || (fields != null && fields.isEmpty() == false)) &&
|
||||
ShieldPlugin.flsDlsEnabled(settings) == false) {
|
||||
Shield.flsDlsEnabled(settings) == false) {
|
||||
logger.error("invalid role definition [{}] in roles file [{}]. " +
|
||||
"document and field level security is not enabled. " +
|
||||
"set [{}] to [true] in the configuration file. skipping role...",
|
||||
roleName, path.toAbsolutePath(),
|
||||
XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE));
|
||||
XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE));
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
|
@ -12,7 +12,6 @@ import org.elasticsearch.common.component.AbstractLifecycleComponent;
|
|||
import org.elasticsearch.common.inject.Inject;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.authc.support.CharArrays;
|
||||
import org.elasticsearch.watcher.FileChangesListener;
|
||||
import org.elasticsearch.watcher.FileWatcher;
|
||||
|
|
|
@ -13,7 +13,7 @@ import org.elasticsearch.license.core.License;
|
|||
import org.elasticsearch.license.plugin.core.AbstractLicenseeComponent;
|
||||
import org.elasticsearch.license.plugin.core.Licensee;
|
||||
import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -25,7 +25,7 @@ public class ShieldLicensee extends AbstractLicenseeComponent<ShieldLicensee> im
|
|||
|
||||
@Inject
|
||||
public ShieldLicensee(Settings settings, LicenseeRegistry clientService, ShieldLicenseState shieldLicenseState) {
|
||||
super(settings, ShieldPlugin.NAME, clientService);
|
||||
super(settings, Shield.NAME, clientService);
|
||||
this.shieldLicenseState = shieldLicenseState;
|
||||
this.isTribeNode = settings.getGroups("tribe", true).isEmpty() == false;
|
||||
}
|
||||
|
|
|
@ -19,7 +19,7 @@ import org.elasticsearch.rest.RestController;
|
|||
import org.elasticsearch.rest.RestRequest;
|
||||
import org.elasticsearch.rest.RestStatus;
|
||||
import org.elasticsearch.shield.ShieldBuild;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.license.ShieldLicenseState;
|
||||
|
||||
import static org.elasticsearch.rest.RestRequest.Method.GET;
|
||||
|
@ -37,7 +37,7 @@ public class RestShieldInfoAction extends BaseRestHandler {
|
|||
super(settings, client);
|
||||
this.clusterName = clusterName;
|
||||
this.shieldLicenseState = licenseState;
|
||||
this.shieldEnabled = ShieldPlugin.enabled(settings);
|
||||
this.shieldEnabled = Shield.enabled(settings);
|
||||
controller.registerHandler(GET, "/_shield", this);
|
||||
controller.registerHandler(HEAD, "/_shield", this);
|
||||
}
|
||||
|
|
|
@ -8,7 +8,7 @@ package org.elasticsearch.shield.support;
|
|||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.common.inject.AbstractModule;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -22,7 +22,7 @@ public abstract class AbstractShieldModule extends AbstractModule {
|
|||
public AbstractShieldModule(Settings settings) {
|
||||
this.settings = settings;
|
||||
this.clientMode = !"node".equals(settings.get(Client.CLIENT_TYPE_SETTING_S.getKey()));
|
||||
this.shieldEnabled = ShieldPlugin.enabled(settings);
|
||||
this.shieldEnabled = Shield.enabled(settings);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -7,7 +7,7 @@ package org.elasticsearch.shield.support;
|
|||
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.rest.RestStatus;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -19,13 +19,13 @@ public class Exceptions {
|
|||
|
||||
public static ElasticsearchSecurityException authenticationError(String msg, Throwable cause, Object... args) {
|
||||
ElasticsearchSecurityException e = new ElasticsearchSecurityException(msg, RestStatus.UNAUTHORIZED, cause, args);
|
||||
e.addHeader("WWW-Authenticate", "Basic realm=\"" + ShieldPlugin.NAME + "\"");
|
||||
e.addHeader("WWW-Authenticate", "Basic realm=\"" + Shield.NAME + "\"");
|
||||
return e;
|
||||
}
|
||||
|
||||
public static ElasticsearchSecurityException authenticationError(String msg, Object... args) {
|
||||
ElasticsearchSecurityException e = new ElasticsearchSecurityException(msg, RestStatus.UNAUTHORIZED, args);
|
||||
e.addHeader("WWW-Authenticate", "Basic realm=\"" + ShieldPlugin.NAME + "\"");
|
||||
e.addHeader("WWW-Authenticate", "Basic realm=\"" + Shield.NAME + "\"");
|
||||
return e;
|
||||
}
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ import org.elasticsearch.action.get.GetResponse;
|
|||
import org.elasticsearch.action.update.UpdateResponse;
|
||||
import org.elasticsearch.common.network.NetworkModule;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -31,7 +31,7 @@ public class BulkUpdateTests extends ShieldIntegTestCase {
|
|||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(NetworkModule.HTTP_ENABLED.getKey(), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), randomBoolean())
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), randomBoolean())
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ package org.elasticsearch.integration;
|
|||
import org.elasticsearch.action.search.SearchResponse;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.index.IndexModule;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -76,7 +76,7 @@ public class DocumentAndFieldLevelSecurityTests extends ShieldIntegTestCase {
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ import org.elasticsearch.action.index.IndexRequestBuilder;
|
|||
import org.elasticsearch.action.search.SearchResponse;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.index.query.QueryBuilders;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -75,7 +75,7 @@ public class DocumentLevelSecurityRandomTests extends ShieldIntegTestCase {
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ import org.elasticsearch.search.aggregations.bucket.children.Children;
|
|||
import org.elasticsearch.search.aggregations.bucket.global.Global;
|
||||
import org.elasticsearch.search.aggregations.bucket.terms.Terms;
|
||||
import org.elasticsearch.search.sort.SortOrder;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -88,7 +88,7 @@ public class DocumentLevelSecurityTests extends ShieldIntegTestCase {
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ import org.elasticsearch.action.search.SearchResponse;
|
|||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.index.query.QueryBuilders;
|
||||
import org.elasticsearch.search.sort.SortOrder;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -112,7 +112,7 @@ public class FieldLevelSecurityRandomTests extends ShieldIntegTestCase {
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@ import org.elasticsearch.rest.RestStatus;
|
|||
import org.elasticsearch.search.aggregations.AggregationBuilders;
|
||||
import org.elasticsearch.search.aggregations.bucket.terms.Terms;
|
||||
import org.elasticsearch.search.sort.SortOrder;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.test.ESIntegTestCase;
|
||||
|
@ -117,7 +117,7 @@ public class FieldLevelSecurityTests extends ShieldIntegTestCase {
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ package org.elasticsearch.integration;
|
|||
import org.elasticsearch.action.admin.indices.alias.Alias;
|
||||
import org.elasticsearch.action.get.GetResponse;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -61,7 +61,7 @@ public class IndicesPermissionsWithAliasesWildcardsAndRegexsTests extends Shield
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -25,13 +25,12 @@ import org.elasticsearch.common.network.NetworkModule;
|
|||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.license.core.License.OperationMode;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.license.plugin.Licensing;
|
||||
import org.elasticsearch.license.plugin.core.LicenseState;
|
||||
import org.elasticsearch.license.plugin.core.Licensee;
|
||||
import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
||||
import org.elasticsearch.node.Node;
|
||||
import org.elasticsearch.rest.RestStatus;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
import org.elasticsearch.test.ShieldSettingsSource;
|
||||
|
@ -139,7 +138,7 @@ public class LicensingTests extends ShieldIntegTestCase {
|
|||
fail("expected an license expired exception when executing an index stats action");
|
||||
} catch (ElasticsearchSecurityException ee) {
|
||||
// expected
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(ShieldPlugin.NAME));
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(Shield.NAME));
|
||||
assertThat(ee.status(), is(RestStatus.UNAUTHORIZED));
|
||||
}
|
||||
|
||||
|
@ -148,7 +147,7 @@ public class LicensingTests extends ShieldIntegTestCase {
|
|||
fail("expected an license expired exception when executing cluster stats action");
|
||||
} catch (ElasticsearchSecurityException ee) {
|
||||
// expected
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(ShieldPlugin.NAME));
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(Shield.NAME));
|
||||
assertThat(ee.status(), is(RestStatus.UNAUTHORIZED));
|
||||
}
|
||||
|
||||
|
@ -157,7 +156,7 @@ public class LicensingTests extends ShieldIntegTestCase {
|
|||
fail("expected an license expired exception when executing cluster health action");
|
||||
} catch (ElasticsearchSecurityException ee) {
|
||||
// expected
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(ShieldPlugin.NAME));
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(Shield.NAME));
|
||||
assertThat(ee.status(), is(RestStatus.UNAUTHORIZED));
|
||||
}
|
||||
|
||||
|
@ -166,7 +165,7 @@ public class LicensingTests extends ShieldIntegTestCase {
|
|||
fail("expected an license expired exception when executing cluster health action");
|
||||
} catch (ElasticsearchSecurityException ee) {
|
||||
// expected
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(ShieldPlugin.NAME));
|
||||
assertThat(ee.getHeader("es.license.expired.feature"), hasItem(Shield.NAME));
|
||||
assertThat(ee.status(), is(RestStatus.UNAUTHORIZED));
|
||||
}
|
||||
|
||||
|
@ -244,14 +243,14 @@ public class LicensingTests extends ShieldIntegTestCase {
|
|||
}
|
||||
}
|
||||
|
||||
public static class InternalLicensePlugin extends LicensePlugin {
|
||||
public static class InternalLicensing extends Licensing {
|
||||
|
||||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
return Collections.<Module>singletonList(new InternalLicenseModule());
|
||||
}
|
||||
|
||||
public InternalLicensePlugin() {
|
||||
public InternalLicensing() {
|
||||
super(Settings.EMPTY);
|
||||
}
|
||||
|
||||
|
@ -273,7 +272,7 @@ public class LicensingTests extends ShieldIntegTestCase {
|
|||
|
||||
public InternalXPackPlugin(Settings settings) {
|
||||
super(settings);
|
||||
licensePlugin = new InternalLicensePlugin();
|
||||
licensing = new InternalLicensing();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -40,11 +40,11 @@ public class ShieldF {
|
|||
settings.put("http.cors.enabled", "true");
|
||||
settings.put("http.cors.allow-origin", "*");
|
||||
settings.put("script.inline", "true");
|
||||
settings.put("shield.enabled", "true");
|
||||
settings.put("xpack.shield.enabled", "true");
|
||||
settings.put("security.manager.enabled", "false");
|
||||
// Disable Marvel to prevent cluster activity
|
||||
settings.put("marvel.enabled", "false");
|
||||
settings.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), ShieldPlugin.OPT_OUT_QUERY_CACHE);
|
||||
settings.put("xpack.marvel.enabled", "false");
|
||||
settings.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), Shield.OPT_OUT_QUERY_CACHE);
|
||||
settings.put("cluster.name", ShieldF.class.getSimpleName());
|
||||
|
||||
String homeDir = System.getProperty("es.path.home");
|
||||
|
|
|
@ -66,7 +66,7 @@ public class ShieldPluginEnabledDisabledTests extends ShieldIntegTestCase {
|
|||
logger.info("******* shield is " + (enabled ? "enabled" : "disabled"));
|
||||
return Settings.settingsBuilder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME), enabled)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), enabled)
|
||||
.put(NetworkModule.HTTP_ENABLED.getKey(), true)
|
||||
.build();
|
||||
}
|
||||
|
@ -75,7 +75,7 @@ public class ShieldPluginEnabledDisabledTests extends ShieldIntegTestCase {
|
|||
protected Settings transportClientSettings() {
|
||||
return Settings.settingsBuilder()
|
||||
.put(super.transportClientSettings())
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME), enabled)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), enabled)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -16,16 +16,16 @@ import static org.hamcrest.Matchers.arrayContaining;
|
|||
|
||||
public class ShieldPluginSettingsTests extends ESTestCase {
|
||||
|
||||
private static final String TRIBE_T1_SHIELD_ENABLED = "tribe.t1." + XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME);
|
||||
private static final String TRIBE_T2_SHIELD_ENABLED = "tribe.t2." + XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME);
|
||||
private static final String TRIBE_T1_SHIELD_ENABLED = "tribe.t1." + XPackPlugin.featureEnabledSetting(Shield.NAME);
|
||||
private static final String TRIBE_T2_SHIELD_ENABLED = "tribe.t2." + XPackPlugin.featureEnabledSetting(Shield.NAME);
|
||||
|
||||
public void testShieldIsMandatoryOnTribes() {
|
||||
Settings settings = Settings.builder().put("tribe.t1.cluster.name", "non_existing")
|
||||
.put("tribe.t2.cluster.name", "non_existing").build();
|
||||
|
||||
ShieldPlugin shieldPlugin = new ShieldPlugin(settings);
|
||||
Shield shield = new Shield(settings);
|
||||
|
||||
Settings additionalSettings = shieldPlugin.additionalSettings();
|
||||
Settings additionalSettings = shield.additionalSettings();
|
||||
|
||||
|
||||
assertThat(additionalSettings.getAsArray("tribe.t1.plugin.mandatory", null), arrayContaining(XPackPlugin.NAME));
|
||||
|
@ -36,11 +36,11 @@ public class ShieldPluginSettingsTests extends ESTestCase {
|
|||
Settings settings = Settings.builder().put("tribe.t1.cluster.name", "non_existing")
|
||||
.putArray("tribe.t1.plugin.mandatory", "test_plugin").build();
|
||||
|
||||
ShieldPlugin shieldPlugin = new ShieldPlugin(settings);
|
||||
Shield shield = new Shield(settings);
|
||||
|
||||
//simulate what PluginsService#updatedSettings does to make sure we don't override existing mandatory plugins
|
||||
try {
|
||||
Settings.builder().put(settings).put(shieldPlugin.additionalSettings()).build();
|
||||
Settings.builder().put(settings).put(shield.additionalSettings()).build();
|
||||
fail("shield cannot change the value of a setting that is already defined, so a exception should be thrown");
|
||||
} catch (IllegalStateException e) {
|
||||
assertThat(e.getMessage(), containsString(XPackPlugin.NAME));
|
||||
|
@ -52,10 +52,10 @@ public class ShieldPluginSettingsTests extends ESTestCase {
|
|||
Settings settings = Settings.builder().put("tribe.t1.cluster.name", "non_existing")
|
||||
.putArray("tribe.t1.plugin.mandatory", "test_plugin", XPackPlugin.NAME).build();
|
||||
|
||||
ShieldPlugin shieldPlugin = new ShieldPlugin(settings);
|
||||
Shield shield = new Shield(settings);
|
||||
|
||||
//simulate what PluginsService#updatedSettings does to make sure we don't override existing mandatory plugins
|
||||
Settings finalSettings = Settings.builder().put(settings).put(shieldPlugin.additionalSettings()).build();
|
||||
Settings finalSettings = Settings.builder().put(settings).put(shield.additionalSettings()).build();
|
||||
|
||||
String[] finalMandatoryPlugins = finalSettings.getAsArray("tribe.t1.plugin.mandatory", null);
|
||||
assertThat(finalMandatoryPlugins, notNullValue());
|
||||
|
@ -68,9 +68,9 @@ public class ShieldPluginSettingsTests extends ESTestCase {
|
|||
Settings settings = Settings.builder().put("tribe.t1.cluster.name", "non_existing")
|
||||
.put("tribe.t2.cluster.name", "non_existing").build();
|
||||
|
||||
ShieldPlugin shieldPlugin = new ShieldPlugin(settings);
|
||||
Shield shield = new Shield(settings);
|
||||
|
||||
Settings additionalSettings = shieldPlugin.additionalSettings();
|
||||
Settings additionalSettings = shield.additionalSettings();
|
||||
|
||||
assertThat(additionalSettings.getAsBoolean(TRIBE_T1_SHIELD_ENABLED, null), equalTo(true));
|
||||
assertThat(additionalSettings.getAsBoolean(TRIBE_T2_SHIELD_ENABLED, null), equalTo(true));
|
||||
|
@ -81,10 +81,10 @@ public class ShieldPluginSettingsTests extends ESTestCase {
|
|||
.put(TRIBE_T1_SHIELD_ENABLED, false)
|
||||
.put("tribe.t2.cluster.name", "non_existing").build();
|
||||
|
||||
ShieldPlugin shieldPlugin = new ShieldPlugin(settings);
|
||||
Shield shield = new Shield(settings);
|
||||
|
||||
try {
|
||||
shieldPlugin.additionalSettings();
|
||||
shield.additionalSettings();
|
||||
fail("shield cannot change the value of a setting that is already defined, so a exception should be thrown");
|
||||
} catch (IllegalStateException e) {
|
||||
assertThat(e.getMessage(), containsString(TRIBE_T1_SHIELD_ENABLED));
|
||||
|
@ -97,10 +97,10 @@ public class ShieldPluginSettingsTests extends ESTestCase {
|
|||
.put("tribe.t2.cluster.name", "non_existing")
|
||||
.putArray("tribe.t1.plugin.mandatory", "test_plugin", XPackPlugin.NAME).build();
|
||||
|
||||
ShieldPlugin shieldPlugin = new ShieldPlugin(settings);
|
||||
Shield shield = new Shield(settings);
|
||||
|
||||
try {
|
||||
shieldPlugin.additionalSettings();
|
||||
shield.additionalSettings();
|
||||
fail("shield cannot change the value of a setting that is already defined, so a exception should be thrown");
|
||||
} catch (IllegalStateException e) {
|
||||
assertThat(e.getMessage(), containsString(TRIBE_T1_SHIELD_ENABLED));
|
||||
|
|
|
@ -25,7 +25,7 @@ import org.elasticsearch.index.IndexModule;
|
|||
import org.elasticsearch.index.IndexNotFoundException;
|
||||
import org.elasticsearch.rest.RestRequest;
|
||||
import org.elasticsearch.search.SearchHit;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.SystemUser;
|
||||
import org.elasticsearch.shield.User;
|
||||
import org.elasticsearch.shield.XPackUser;
|
||||
|
@ -167,7 +167,7 @@ public class IndexAuditTrailTests extends ShieldIntegTestCase {
|
|||
public Settings nodeSettings(int nodeOrdinal) {
|
||||
Settings.Builder builder = Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME), useShield);
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), useShield);
|
||||
|
||||
// For tests we forcefully configure Shield's custom query cache because the test framework
|
||||
// randomizes the query cache impl but if shield is disabled then we don't need to forcefully
|
||||
|
@ -191,7 +191,7 @@ public class IndexAuditTrailTests extends ShieldIntegTestCase {
|
|||
|
||||
Settings.Builder builder = Settings.builder()
|
||||
.put(settings)
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME), useShield)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), useShield)
|
||||
.put(remoteSettings(NetworkAddress.formatAddress(inet.address().getAddress()), inet.address().getPort(), cluster2Name))
|
||||
.put("shield.audit.index.client.shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD);
|
||||
|
||||
|
|
|
@ -16,6 +16,8 @@ import org.elasticsearch.shield.authc.support.RefreshListener;
|
|||
import org.elasticsearch.test.ESTestCase;
|
||||
import org.elasticsearch.threadpool.ThreadPool;
|
||||
import org.elasticsearch.watcher.ResourceWatcherService;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
|
||||
|
@ -224,7 +226,7 @@ public class FileUserRolesStoreTests extends ESTestCase {
|
|||
Path usersRoles = writeUsersRoles("role1:admin");
|
||||
|
||||
Settings settings = Settings.builder()
|
||||
.put("watcher.enabled", "false")
|
||||
.put(XPackPlugin.featureEnabledSetting(Watcher.NAME), "false")
|
||||
.put("path.home", createTempDir())
|
||||
.build();
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@ import org.elasticsearch.shield.authc.support.SecuredStringTests;
|
|||
import org.elasticsearch.shield.ssl.ClientSSLService;
|
||||
import org.elasticsearch.shield.support.NoOpLogger;
|
||||
import org.elasticsearch.test.junit.annotations.Network;
|
||||
import org.elasticsearch.watcher.WatcherPlugin;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
import org.junit.Before;
|
||||
|
||||
|
@ -534,7 +534,7 @@ public class LdapUserSearchSessionFactoryTests extends LdapTestCase {
|
|||
|
||||
// disable watcher, because watcher takes some time when starting, which results in problems
|
||||
// having a quick start/stop cycle like below
|
||||
builder.put(WatcherPlugin.ENABLED_SETTING, false);
|
||||
builder.put(XPackPlugin.featureEnabledSetting(Watcher.NAME), false);
|
||||
|
||||
try (Node node = new MockNode(builder.build(), Version.CURRENT, Collections.singletonList(XPackPlugin.class))) {
|
||||
node.start();
|
||||
|
|
|
@ -7,7 +7,7 @@ package org.elasticsearch.shield.authz.store;
|
|||
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.audit.logfile.CapturingLogger;
|
||||
import org.elasticsearch.shield.authc.support.RefreshListener;
|
||||
import org.elasticsearch.shield.authz.permission.ClusterPermission;
|
||||
|
@ -54,7 +54,7 @@ public class FileRolesStoreTests extends ESTestCase {
|
|||
public void testParseFile() throws Exception {
|
||||
Path path = getDataPath("roles.yml");
|
||||
Map<String, Role> roles = FileRolesStore.parseFile(path, logger, Settings.builder()
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), true)
|
||||
.build());
|
||||
assertThat(roles, notNullValue());
|
||||
assertThat(roles.size(), is(10));
|
||||
|
@ -211,7 +211,7 @@ public class FileRolesStoreTests extends ESTestCase {
|
|||
Path path = getDataPath("roles.yml");
|
||||
CapturingLogger logger = new CapturingLogger(CapturingLogger.Level.ERROR);
|
||||
Map<String, Role> roles = FileRolesStore.parseFile(path, logger, Settings.builder()
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.DLS_FLS_FEATURE), false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.DLS_FLS_FEATURE), false)
|
||||
.build());
|
||||
assertThat(roles, notNullValue());
|
||||
assertThat(roles.size(), is(7));
|
||||
|
|
|
@ -10,7 +10,7 @@ import org.elasticsearch.common.cli.CliToolTestCase;
|
|||
import org.elasticsearch.common.cli.Terminal;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.crypto.InternalCryptoService;
|
||||
import org.elasticsearch.shield.crypto.tool.SystemKeyTool.Generate;
|
||||
import org.junit.Before;
|
||||
|
@ -88,7 +88,7 @@ public class SystemKeyToolTests extends CliToolTestCase {
|
|||
public void testGenerateDefaultPath() throws Exception {
|
||||
assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
|
||||
Path config = createTempDir();
|
||||
Path shieldConfig = config.resolve(ShieldPlugin.NAME);
|
||||
Path shieldConfig = config.resolve(Shield.NAME);
|
||||
Files.createDirectories(shieldConfig);
|
||||
Path path = shieldConfig.resolve("system_key");
|
||||
when(env.configFile()).thenReturn(config);
|
||||
|
@ -102,7 +102,7 @@ public class SystemKeyToolTests extends CliToolTestCase {
|
|||
public void testThatSystemKeyMayOnlyBeReadByOwner() throws Exception {
|
||||
assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
|
||||
Path config = createTempDir();
|
||||
Path shieldConfig = config.resolve(ShieldPlugin.NAME);
|
||||
Path shieldConfig = config.resolve(Shield.NAME);
|
||||
Files.createDirectories(shieldConfig);
|
||||
Path path = shieldConfig.resolve("system_key");
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ package org.elasticsearch.shield.test;
|
|||
|
||||
import org.elasticsearch.ElasticsearchSecurityException;
|
||||
import org.elasticsearch.rest.RestStatus;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.contains;
|
||||
|
@ -21,6 +21,6 @@ public class ShieldAssertions {
|
|||
assertThat(e.status(), is(RestStatus.UNAUTHORIZED));
|
||||
assertThat(e.getHeaderKeys(), hasSize(1));
|
||||
assertThat(e.getHeader("WWW-Authenticate"), notNullValue());
|
||||
assertThat(e.getHeader("WWW-Authenticate"), contains("Basic realm=\"" + ShieldPlugin.NAME + "\""));
|
||||
assertThat(e.getHeader("WWW-Authenticate"), contains("Basic realm=\"" + Shield.NAME + "\""));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -10,8 +10,9 @@ import org.elasticsearch.common.io.PathUtils;
|
|||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||
import org.elasticsearch.index.IndexModule;
|
||||
import org.elasticsearch.marvel.Marvel;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.esusers.ESUsersRealm;
|
||||
import org.elasticsearch.shield.authc.esnative.ESNativeRealm;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
|
@ -21,6 +22,7 @@ import org.elasticsearch.shield.test.ShieldTestUtils;
|
|||
import org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport;
|
||||
import org.elasticsearch.shield.transport.netty.ShieldNettyTransport;
|
||||
import org.elasticsearch.test.discovery.ClusterDiscoveryConfiguration;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
|
||||
import java.net.URISyntaxException;
|
||||
|
@ -119,8 +121,8 @@ public class ShieldSettingsSource extends ClusterDiscoveryConfiguration.UnicastZ
|
|||
Settings.Builder builder = settingsBuilder().put(super.nodeSettings(nodeOrdinal))
|
||||
|
||||
//TODO: for now isolate shield tests from watcher & marvel (randomize this later)
|
||||
.put("watcher.enabled", false)
|
||||
.put("marvel.enabled", false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Watcher.NAME), false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Marvel.NAME), false)
|
||||
|
||||
.put("shield.audit.enabled", randomBoolean())
|
||||
.put("shield.audit.logfile.prefix.emit_node_host_address", randomBoolean())
|
||||
|
@ -136,7 +138,7 @@ public class ShieldSettingsSource extends ClusterDiscoveryConfiguration.UnicastZ
|
|||
.put("shield.authz.store.files.roles", writeFile(folder, "roles.yml", configRoles()))
|
||||
// Test framework sometimes randomly selects the 'index' or 'none' cache and that makes the
|
||||
// validation in ShieldPlugin fail.
|
||||
.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), ShieldPlugin.OPT_OUT_QUERY_CACHE)
|
||||
.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), Shield.OPT_OUT_QUERY_CACHE)
|
||||
.put(getNodeSSLSettings());
|
||||
|
||||
return builder.build();
|
||||
|
|
|
@ -9,7 +9,7 @@ import org.apache.lucene.util.IOUtils;
|
|||
import org.elasticsearch.action.Action;
|
||||
import org.elasticsearch.common.io.PathUtils;
|
||||
import org.elasticsearch.common.io.Streams;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.license.plugin.Licensing;
|
||||
import org.elasticsearch.shield.action.ShieldActionModule;
|
||||
import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
|
@ -110,7 +110,7 @@ public class KnownActionsTests extends ShieldIntegTestCase {
|
|||
loadActions(collectSubClasses(Action.class, ShieldActionModule.class), actions);
|
||||
|
||||
// also loading all actions from the licensing plugin
|
||||
loadActions(collectSubClasses(Action.class, LicensePlugin.class), actions);
|
||||
loadActions(collectSubClasses(Action.class, Licensing.class), actions);
|
||||
|
||||
return unmodifiableSet(actions);
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
package org.elasticsearch.transport;
|
||||
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.transport.ShieldServerTransportService;
|
||||
import org.elasticsearch.test.ShieldIntegTestCase;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
|
@ -22,7 +22,7 @@ public class ShieldServerTransportServiceTests extends ShieldIntegTestCase {
|
|||
protected Settings transportClientSettings() {
|
||||
return Settings.settingsBuilder()
|
||||
.put(super.transportClientSettings())
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME), true)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), true)
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -15,12 +15,12 @@ import org.elasticsearch.common.settings.Settings;
|
|||
import org.elasticsearch.common.settings.SettingsModule;
|
||||
import org.elasticsearch.env.Environment;
|
||||
import org.elasticsearch.index.IndexModule;
|
||||
import org.elasticsearch.license.plugin.LicensePlugin;
|
||||
import org.elasticsearch.marvel.MarvelPlugin;
|
||||
import org.elasticsearch.license.plugin.Licensing;
|
||||
import org.elasticsearch.marvel.Marvel;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.script.ScriptModule;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.watcher.WatcherPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
|
||||
import java.nio.file.Path;
|
||||
import java.security.AccessController;
|
||||
|
@ -63,17 +63,18 @@ public class XPackPlugin extends Plugin {
|
|||
}
|
||||
|
||||
protected final Settings settings;
|
||||
protected LicensePlugin licensePlugin;
|
||||
protected ShieldPlugin shieldPlugin;
|
||||
protected MarvelPlugin marvelPlugin;
|
||||
protected WatcherPlugin watcherPlugin;
|
||||
|
||||
protected Licensing licensing;
|
||||
protected Shield shield;
|
||||
protected Marvel marvel;
|
||||
protected Watcher watcher;
|
||||
|
||||
public XPackPlugin(Settings settings) {
|
||||
this.settings = settings;
|
||||
this.licensePlugin = new LicensePlugin(settings);
|
||||
this.shieldPlugin = new ShieldPlugin(settings);
|
||||
this.marvelPlugin = new MarvelPlugin(settings);
|
||||
this.watcherPlugin = new WatcherPlugin(settings);
|
||||
this.licensing = new Licensing(settings);
|
||||
this.shield = new Shield(settings);
|
||||
this.marvel = new Marvel(settings);
|
||||
this.watcher = new Watcher(settings);
|
||||
}
|
||||
|
||||
@Override public String name() {
|
||||
|
@ -87,60 +88,56 @@ public class XPackPlugin extends Plugin {
|
|||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
ArrayList<Module> modules = new ArrayList<>();
|
||||
modules.addAll(licensePlugin.nodeModules());
|
||||
modules.addAll(shieldPlugin.nodeModules());
|
||||
modules.addAll(watcherPlugin.nodeModules());
|
||||
modules.addAll(marvelPlugin.nodeModules());
|
||||
modules.addAll(licensing.nodeModules());
|
||||
modules.addAll(shield.nodeModules());
|
||||
modules.addAll(watcher.nodeModules());
|
||||
modules.addAll(marvel.nodeModules());
|
||||
return modules;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Class<? extends LifecycleComponent>> nodeServices() {
|
||||
ArrayList<Class<? extends LifecycleComponent>> services = new ArrayList<>();
|
||||
services.addAll(licensePlugin.nodeServices());
|
||||
services.addAll(shieldPlugin.nodeServices());
|
||||
services.addAll(watcherPlugin.nodeServices());
|
||||
services.addAll(marvelPlugin.nodeServices());
|
||||
services.addAll(licensing.nodeServices());
|
||||
services.addAll(shield.nodeServices());
|
||||
services.addAll(watcher.nodeServices());
|
||||
services.addAll(marvel.nodeServices());
|
||||
return services;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Settings additionalSettings() {
|
||||
Settings.Builder builder = Settings.builder();
|
||||
builder.put(licensePlugin.additionalSettings());
|
||||
builder.put(shieldPlugin.additionalSettings());
|
||||
builder.put(watcherPlugin.additionalSettings());
|
||||
builder.put(marvelPlugin.additionalSettings());
|
||||
builder.put(shield.additionalSettings());
|
||||
builder.put(watcher.additionalSettings());
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
public void onModule(ScriptModule module) {
|
||||
watcherPlugin.onModule(module);
|
||||
watcher.onModule(module);
|
||||
}
|
||||
|
||||
public void onModule(SettingsModule module) {
|
||||
shieldPlugin.onModule(module);
|
||||
marvelPlugin.onModule(module);
|
||||
watcherPlugin.onModule(module);
|
||||
licensePlugin.onModule(module);
|
||||
shield.onModule(module);
|
||||
marvel.onModule(module);
|
||||
watcher.onModule(module);
|
||||
licensing.onModule(module);
|
||||
}
|
||||
|
||||
public void onModule(NetworkModule module) {
|
||||
licensePlugin.onModule(module);
|
||||
shieldPlugin.onModule(module);
|
||||
watcherPlugin.onModule(module);
|
||||
licensing.onModule(module);
|
||||
shield.onModule(module);
|
||||
watcher.onModule(module);
|
||||
}
|
||||
|
||||
public void onModule(ActionModule module) {
|
||||
licensePlugin.onModule(module);
|
||||
shieldPlugin.onModule(module);
|
||||
watcherPlugin.onModule(module);
|
||||
licensing.onModule(module);
|
||||
shield.onModule(module);
|
||||
watcher.onModule(module);
|
||||
}
|
||||
|
||||
public void onIndexModule(IndexModule module) {
|
||||
shieldPlugin.onIndexModule(module);
|
||||
watcherPlugin.onIndexModule(module);
|
||||
marvelPlugin.onIndexModule(module);
|
||||
shield.onIndexModule(module);
|
||||
}
|
||||
|
||||
public static boolean transportClientMode(Settings settings) {
|
||||
|
|
|
@ -6,12 +6,12 @@
|
|||
package org.elasticsearch.xpack;
|
||||
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.watcher.test.TimeWarpedWatcherPlugin;
|
||||
import org.elasticsearch.watcher.test.TimeWarpedWatcher;
|
||||
|
||||
public class TimeWarpedXPackPlugin extends XPackPlugin {
|
||||
|
||||
public TimeWarpedXPackPlugin(Settings settings) {
|
||||
super(settings);
|
||||
watcherPlugin = new TimeWarpedWatcherPlugin(settings);
|
||||
watcher = new TimeWarpedWatcher(settings);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,10 +20,8 @@ import org.elasticsearch.common.regex.Regex;
|
|||
import org.elasticsearch.common.settings.Setting;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.settings.SettingsModule;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.script.ScriptModule;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.authz.privilege.ClusterPrivilege;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.watcher.actions.WatcherActionModule;
|
||||
import org.elasticsearch.watcher.actions.email.service.EmailService;
|
||||
import org.elasticsearch.watcher.actions.email.service.InternalEmailService;
|
||||
|
@ -52,7 +50,6 @@ import org.elasticsearch.watcher.rest.action.RestPutWatchAction;
|
|||
import org.elasticsearch.watcher.rest.action.RestWatchServiceAction;
|
||||
import org.elasticsearch.watcher.rest.action.RestWatcherInfoAction;
|
||||
import org.elasticsearch.watcher.rest.action.RestWatcherStatsAction;
|
||||
import org.elasticsearch.watcher.support.secret.SecretService;
|
||||
import org.elasticsearch.watcher.support.WatcherIndexTemplateRegistry.TemplateConfig;
|
||||
import org.elasticsearch.watcher.support.clock.ClockModule;
|
||||
import org.elasticsearch.watcher.support.http.HttpClient;
|
||||
|
@ -61,6 +58,7 @@ import org.elasticsearch.watcher.support.init.InitializingModule;
|
|||
import org.elasticsearch.watcher.support.init.InitializingService;
|
||||
import org.elasticsearch.watcher.support.init.proxy.ScriptServiceProxy;
|
||||
import org.elasticsearch.watcher.support.secret.SecretModule;
|
||||
import org.elasticsearch.watcher.support.secret.SecretService;
|
||||
import org.elasticsearch.watcher.support.text.TextTemplateModule;
|
||||
import org.elasticsearch.watcher.support.validation.WatcherSettingsValidation;
|
||||
import org.elasticsearch.watcher.transform.TransformModule;
|
||||
|
@ -97,16 +95,16 @@ import java.util.function.Function;
|
|||
import static org.elasticsearch.common.settings.Setting.Scope.CLUSTER;
|
||||
import static org.elasticsearch.common.settings.Settings.settingsBuilder;
|
||||
|
||||
public class WatcherPlugin extends Plugin {
|
||||
public class Watcher {
|
||||
|
||||
public static final String NAME = "watcher";
|
||||
public static final String ENABLED_SETTING = NAME + ".enabled";
|
||||
|
||||
public static final Setting<String> INDEX_WATCHER_VERSION_SETTING =
|
||||
new Setting<>("index.watcher.plugin.version", "", Function.identity(), false, Setting.Scope.INDEX);
|
||||
public static final Setting<String> INDEX_WATCHER_TEMPLATE_VERSION_SETTING =
|
||||
new Setting<>("index.watcher.template.version", "", Function.identity(), false, Setting.Scope.INDEX);
|
||||
|
||||
private final static ESLogger logger = Loggers.getLogger(XPackPlugin.class);
|
||||
private static final ESLogger logger = Loggers.getLogger(XPackPlugin.class);
|
||||
|
||||
static {
|
||||
MetaData.registerPrototype(WatcherMetaData.TYPE, WatcherMetaData.PROTO);
|
||||
|
@ -116,31 +114,21 @@ public class WatcherPlugin extends Plugin {
|
|||
protected final boolean transportClient;
|
||||
protected final boolean enabled;
|
||||
|
||||
public WatcherPlugin(Settings settings) {
|
||||
public Watcher(Settings settings) {
|
||||
this.settings = settings;
|
||||
transportClient = "transport".equals(settings.get(Client.CLIENT_TYPE_SETTING_S.getKey()));
|
||||
enabled = watcherEnabled(settings);
|
||||
enabled = enabled(settings);
|
||||
validAutoCreateIndex(settings);
|
||||
|
||||
// adding the watcher privileges to shield
|
||||
if (ShieldPlugin.enabled(settings)) {
|
||||
registerClusterPrivilege("manage_watcher", "cluster:admin/watcher/*", "cluster:monitor/watcher/*");
|
||||
registerClusterPrivilege("monitor_watcher", "cluster:monitor/watcher/*");
|
||||
if (Shield.enabled(settings)) {
|
||||
Shield.registerClusterPrivilege("manage_watcher", "cluster:admin/watcher/*", "cluster:monitor/watcher/*");
|
||||
Shield.registerClusterPrivilege("monitor_watcher", "cluster:monitor/watcher/*");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@Override public String name() {
|
||||
return NAME;
|
||||
}
|
||||
|
||||
@Override public String description() {
|
||||
return "Elasticsearch Watcher";
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Module> nodeModules() {
|
||||
if (!enabled || transportClient) {
|
||||
if (enabled == false|| transportClient) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
return Arrays.<Module>asList(
|
||||
|
@ -163,9 +151,8 @@ public class WatcherPlugin extends Plugin {
|
|||
new SecretModule(settings));
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<Class<? extends LifecycleComponent>> nodeServices() {
|
||||
if (!enabled || transportClient) {
|
||||
if (enabled == false|| transportClient) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
return Arrays.<Class<? extends LifecycleComponent>>asList(
|
||||
|
@ -182,9 +169,8 @@ public class WatcherPlugin extends Plugin {
|
|||
WatcherSettingsValidation.class);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Settings additionalSettings() {
|
||||
if (!enabled || transportClient) {
|
||||
if (enabled == false || transportClient) {
|
||||
return Settings.EMPTY;
|
||||
}
|
||||
Settings additionalSettings = settingsBuilder()
|
||||
|
@ -210,14 +196,10 @@ public class WatcherPlugin extends Plugin {
|
|||
module.registerSetting(INDEX_WATCHER_TEMPLATE_VERSION_SETTING);
|
||||
module.registerSetting(Setting.intSetting("watcher.execution.scroll.size", 0, false, CLUSTER));
|
||||
module.registerSetting(Setting.intSetting("watcher.watch.scroll.size", 0, false, CLUSTER));
|
||||
module.registerSetting(Setting.boolSetting("watcher.enabled", false, false, CLUSTER));
|
||||
module.registerSetting(Setting.boolSetting(XPackPlugin.featureEnabledSetting(Watcher.NAME), true, false, CLUSTER));
|
||||
module.registerSetting(SecretService.Secure.ENCRYPT_SENSITIVE_DATA_SETTING);
|
||||
|
||||
// TODO add real settings for these
|
||||
module.registerSetting(Setting.simpleString("resource.reload.interval", false, CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("resource.reload.enabled", false, CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("resource.reload.interval.low", false, CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("resource.reload.interval.medium", false, CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("watcher.internal.ops.search.default_timeout", false, CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("watcher.internal.ops.bulk.default_timeout", false, CLUSTER));
|
||||
module.registerSetting(Setting.simpleString("watcher.internal.ops.index.default_timeout", false, CLUSTER));
|
||||
|
@ -245,7 +227,7 @@ public class WatcherPlugin extends Plugin {
|
|||
}
|
||||
|
||||
public void onModule(NetworkModule module) {
|
||||
if (enabled && !transportClient) {
|
||||
if (enabled && transportClient == false) {
|
||||
module.registerRestHandler(RestPutWatchAction.class);
|
||||
module.registerRestHandler(RestDeleteWatchAction.class);
|
||||
module.registerRestHandler(RestWatcherStatsAction.class);
|
||||
|
@ -272,8 +254,8 @@ public class WatcherPlugin extends Plugin {
|
|||
}
|
||||
}
|
||||
|
||||
public static boolean watcherEnabled(Settings settings) {
|
||||
return settings.getAsBoolean(ENABLED_SETTING, true);
|
||||
public static boolean enabled(Settings settings) {
|
||||
return XPackPlugin.featureEnabled(settings, NAME, true);
|
||||
}
|
||||
|
||||
static void validAutoCreateIndex(Settings settings) {
|
||||
|
@ -336,16 +318,4 @@ public class WatcherPlugin extends Plugin {
|
|||
"[.watcher-history-YYYY.MM.dd] are allowed to be created", value);
|
||||
}
|
||||
|
||||
void registerClusterPrivilege(String name, String... patterns) {
|
||||
try {
|
||||
ClusterPrivilege.addCustom(name, patterns);
|
||||
} catch (Exception se) {
|
||||
logger.warn("could not register cluster privilege [{}]", name);
|
||||
|
||||
// we need to prevent bubbling the shield exception here for the tests. In the tests
|
||||
// we create multiple nodes in the same jvm and since the custom cluster is a static binding
|
||||
// multiple nodes will try to add the same privileges multiple times.
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -10,12 +10,10 @@ import org.elasticsearch.common.settings.Settings;
|
|||
import org.elasticsearch.common.util.concurrent.EsExecutors;
|
||||
import org.elasticsearch.common.util.concurrent.EsThreadPoolExecutor;
|
||||
import org.elasticsearch.threadpool.ThreadPool;
|
||||
import org.elasticsearch.watcher.WatcherPlugin;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.watcher.support.ThreadPoolSettingsBuilder;
|
||||
|
||||
import java.util.concurrent.BlockingQueue;
|
||||
import java.util.concurrent.LinkedBlockingDeque;
|
||||
import java.util.concurrent.LinkedBlockingQueue;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
/**
|
||||
|
@ -23,7 +21,7 @@ import java.util.stream.Stream;
|
|||
*/
|
||||
public class InternalWatchExecutor implements WatchExecutor {
|
||||
|
||||
public static final String THREAD_POOL_NAME = WatcherPlugin.NAME;
|
||||
public static final String THREAD_POOL_NAME = Watcher.NAME;
|
||||
|
||||
public static Settings additionalSettings(Settings nodeSettings) {
|
||||
Settings settings = nodeSettings.getAsSettings("threadpool." + THREAD_POOL_NAME);
|
||||
|
|
|
@ -12,7 +12,7 @@ import org.elasticsearch.license.core.License;
|
|||
import org.elasticsearch.license.plugin.core.AbstractLicenseeComponent;
|
||||
import org.elasticsearch.license.plugin.core.LicenseState;
|
||||
import org.elasticsearch.license.plugin.core.LicenseeRegistry;
|
||||
import org.elasticsearch.watcher.WatcherPlugin;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
|
||||
import static org.elasticsearch.license.core.License.OperationMode.GOLD;
|
||||
import static org.elasticsearch.license.core.License.OperationMode.PLATINUM;
|
||||
|
@ -20,7 +20,7 @@ import static org.elasticsearch.license.core.License.OperationMode.TRIAL;
|
|||
|
||||
public class WatcherLicensee extends AbstractLicenseeComponent<WatcherLicensee> {
|
||||
|
||||
public static final String ID = WatcherPlugin.NAME;
|
||||
public static final String ID = Watcher.NAME;
|
||||
|
||||
@Inject
|
||||
public WatcherLicensee(Settings settings, LicenseeRegistry clientService) {
|
||||
|
|
|
@ -7,7 +7,7 @@ package org.elasticsearch.watcher.support.secret;
|
|||
|
||||
import org.elasticsearch.common.inject.AbstractModule;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -17,7 +17,7 @@ public class SecretModule extends AbstractModule {
|
|||
private final boolean shieldEnabled;
|
||||
|
||||
public SecretModule(Settings settings) {
|
||||
shieldEnabled = ShieldPlugin.enabled(settings);
|
||||
shieldEnabled = Shield.enabled(settings);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -14,7 +14,7 @@ import org.elasticsearch.common.network.NetworkModule;
|
|||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.http.HttpServerTransport;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.test.ESIntegTestCase;
|
||||
import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
|
||||
import org.elasticsearch.test.rest.client.http.HttpRequestBuilder;
|
||||
|
@ -40,10 +40,10 @@ public class WatcherPluginDisableTests extends ESIntegTestCase {
|
|||
protected Settings nodeSettings(int nodeOrdinal) {
|
||||
return Settings.settingsBuilder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
.put(WatcherPlugin.ENABLED_SETTING, false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Watcher.NAME), false)
|
||||
|
||||
// disable shield because of query cache check and authentication/authorization
|
||||
.put(XPackPlugin.featureEnabledSetting(ShieldPlugin.NAME), false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Shield.NAME), false)
|
||||
|
||||
.put(NetworkModule.HTTP_ENABLED.getKey(), true)
|
||||
.build();
|
||||
|
|
|
@ -11,29 +11,29 @@ import org.elasticsearch.test.ESTestCase;
|
|||
public class WatcherPluginTests extends ESTestCase {
|
||||
|
||||
public void testValidAutoCreateIndex() {
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.EMPTY);
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", true).build());
|
||||
Watcher.validAutoCreateIndex(Settings.EMPTY);
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", true).build());
|
||||
try {
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", false).build());
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", false).build());
|
||||
fail("IllegalArgumentException expected");
|
||||
} catch (IllegalArgumentException e) {
|
||||
}
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index",
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index",
|
||||
".watches,.triggered_watches,.watcher-history*").build());
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", "*w*").build());
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".w*,.t*").build());
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", "*w*").build());
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".w*,.t*").build());
|
||||
try {
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".watches").build());
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".watches").build());
|
||||
fail("IllegalArgumentException expected");
|
||||
} catch (IllegalArgumentException e) {
|
||||
}
|
||||
try {
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".triggered_watch").build());
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".triggered_watch").build());
|
||||
fail("IllegalArgumentException expected");
|
||||
} catch (IllegalArgumentException e) {
|
||||
}
|
||||
try {
|
||||
WatcherPlugin.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".watcher-history*").build());
|
||||
Watcher.validAutoCreateIndex(Settings.builder().put("action.auto_create_index", ".watcher-history*").build());
|
||||
fail("IllegalArgumentException expected");
|
||||
} catch (IllegalArgumentException e) {
|
||||
}
|
||||
|
|
|
@ -23,11 +23,12 @@ import org.elasticsearch.common.xcontent.XContentHelper;
|
|||
import org.elasticsearch.common.xcontent.support.XContentMapValues;
|
||||
import org.elasticsearch.index.IndexModule;
|
||||
import org.elasticsearch.index.query.QueryBuilder;
|
||||
import org.elasticsearch.marvel.Marvel;
|
||||
import org.elasticsearch.plugins.Plugin;
|
||||
import org.elasticsearch.script.MockMustacheScriptEngine;
|
||||
import org.elasticsearch.search.SearchHit;
|
||||
import org.elasticsearch.search.builder.SearchSourceBuilder;
|
||||
import org.elasticsearch.shield.ShieldPlugin;
|
||||
import org.elasticsearch.shield.Shield;
|
||||
import org.elasticsearch.shield.authc.esusers.ESUsersRealm;
|
||||
import org.elasticsearch.shield.authc.support.Hasher;
|
||||
import org.elasticsearch.shield.authc.support.SecuredString;
|
||||
|
@ -129,7 +130,7 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
|
|||
return Settings.builder()
|
||||
.put(super.nodeSettings(nodeOrdinal))
|
||||
//TODO: for now lets isolate watcher tests from marvel (randomize this later)
|
||||
.put("marvel.enabled", false)
|
||||
.put(XPackPlugin.featureEnabledSetting(Marvel.NAME), false)
|
||||
// we do this by default in core, but for watcher this isn't needed and only adds noise.
|
||||
.put("index.store.mock.check_index_on_close", false)
|
||||
.put("watcher.execution.scroll.size", randomIntBetween(1, 100))
|
||||
|
@ -720,7 +721,7 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
|
|||
.put("shield.audit.enabled", auditLogsEnabled)
|
||||
// Test framework sometimes randomily selects the 'index' or 'none' cache and that makes the
|
||||
// validation in ShieldPlugin fail. Shield can only run with this query cache impl
|
||||
.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), ShieldPlugin.OPT_OUT_QUERY_CACHE)
|
||||
.put(IndexModule.INDEX_QUERY_CACHE_TYPE_SETTING.getKey(), Shield.OPT_OUT_QUERY_CACHE)
|
||||
.build();
|
||||
} catch (IOException ex) {
|
||||
throw new RuntimeException("failed to build settings for shield", ex);
|
||||
|
|
|
@ -8,7 +8,7 @@ package org.elasticsearch.watcher.test;
|
|||
import org.elasticsearch.common.inject.Module;
|
||||
import org.elasticsearch.common.logging.Loggers;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.watcher.WatcherPlugin;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.watcher.execution.ExecutionModule;
|
||||
import org.elasticsearch.watcher.execution.SyncTriggerListener;
|
||||
import org.elasticsearch.watcher.execution.WatchExecutor;
|
||||
|
@ -29,11 +29,11 @@ import java.util.stream.Stream;
|
|||
/**
|
||||
*
|
||||
*/
|
||||
public class TimeWarpedWatcherPlugin extends WatcherPlugin {
|
||||
public class TimeWarpedWatcher extends Watcher {
|
||||
|
||||
public TimeWarpedWatcherPlugin(Settings settings) {
|
||||
public TimeWarpedWatcher(Settings settings) {
|
||||
super(settings);
|
||||
Loggers.getLogger(TimeWarpedWatcherPlugin.class, settings).info("using time warped watchers plugin");
|
||||
Loggers.getLogger(TimeWarpedWatcher.class, settings).info("using time warped watchers plugin");
|
||||
|
||||
}
|
||||
|
|
@ -14,7 +14,7 @@ import org.elasticsearch.common.settings.Settings;
|
|||
import org.elasticsearch.node.MockNode;
|
||||
import org.elasticsearch.node.Node;
|
||||
import org.elasticsearch.search.builder.SearchSourceBuilder;
|
||||
import org.elasticsearch.watcher.WatcherPlugin;
|
||||
import org.elasticsearch.watcher.Watcher;
|
||||
import org.elasticsearch.watcher.client.WatchSourceBuilder;
|
||||
import org.elasticsearch.watcher.client.WatcherClient;
|
||||
import org.elasticsearch.watcher.support.http.HttpRequestTemplate;
|
||||
|
@ -60,7 +60,7 @@ public class WatcherExecutorServiceBenchmark {
|
|||
|
||||
protected static void start() throws Exception {
|
||||
Node node = new MockNode(Settings.builder().put(SETTINGS).put("node.data", false).build(), Version.CURRENT,
|
||||
Arrays.asList(WatcherBenchmarkPlugin.class, XPackPlugin.class));
|
||||
Arrays.asList(XPackBenchmarkPlugin.class));
|
||||
client = node.client();
|
||||
client.admin().cluster().prepareHealth("*").setWaitForGreenStatus().get();
|
||||
Thread.sleep(5000);
|
||||
|
@ -202,11 +202,19 @@ public class WatcherExecutorServiceBenchmark {
|
|||
|
||||
}
|
||||
|
||||
public static final class WatcherBenchmarkPlugin extends WatcherPlugin {
|
||||
public static final class XPackBenchmarkPlugin extends XPackPlugin {
|
||||
|
||||
public WatcherBenchmarkPlugin(Settings settings) {
|
||||
|
||||
public XPackBenchmarkPlugin(Settings settings) {
|
||||
super(settings);
|
||||
Loggers.getLogger(WatcherBenchmarkPlugin.class, settings).info("using watcher benchmark plugin");
|
||||
watcher = new BenchmarkWatcher(settings);
|
||||
}
|
||||
|
||||
public static class BenchmarkWatcher extends Watcher {
|
||||
|
||||
public BenchmarkWatcher(Settings settings) {
|
||||
super(settings);
|
||||
Loggers.getLogger(XPackBenchmarkPlugin.class, settings).info("using watcher benchmark plugin");
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -235,6 +243,8 @@ public class WatcherExecutorServiceBenchmark {
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue