honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

security: extract indices from CompositeIndicesRequests and exclude duplicates 

This change allows us to log the indices from a composite indices request by getting the indices
from all of the sub requests. Additionally, indices are no longer duplicated when auditing.

Closes elastic/elasticsearch#2623
Closes elastic/elasticsearch#2618

Original commit: elastic/x-pack-elasticsearch@f1d3d87bcf
This commit is contained in:
jaymode 2016-08-29 12:06:45 -04:00
parent d3dff6659b
commit 473728afb4
6 changed files with 172 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditUtil.java
View File

@ -5,12 +5,17 @@
*/
package org.elasticsearch.xpack.security.audit;
import org.elasticsearch.action.CompositeIndicesRequest;
import org.elasticsearch.action.IndicesRequest;
import org.elasticsearch.common.xcontent.XContentHelper;
import org.elasticsearch.rest.RestRequest;
import org.elasticsearch.transport.TransportMessage;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
/**
*
@ -28,10 +33,24 @@ public class AuditUtil {
return "";
}
public static String[] indices(TransportMessage message) {
public static Set<String> indices(TransportMessage message) {
if (message instanceof IndicesRequest) {
return ((IndicesRequest) message).indices();
return arrayToSetOrNull(((IndicesRequest) message).indices());
} else if (message instanceof CompositeIndicesRequest) {
Set<String> indices = new HashSet<>();
for (IndicesRequest indicesRequest : ((CompositeIndicesRequest)message).subRequests()) {
if (indicesRequest.indices() != null) {
Collections.addAll(indices, indicesRequest.indices());
}
}
if (indices.isEmpty() == false) {
return indices;
}
}
return null;
}
private static Set<String> arrayToSetOrNull(String[] indices) {
return indices == null ? null : new HashSet<>(Arrays.asList(indices));
}
}

15
elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrail.java
View File

@ -25,9 +25,9 @@ import org.elasticsearch.cluster.ClusterState;
import org.elasticsearch.cluster.ClusterStateListener;
import org.elasticsearch.cluster.metadata.IndexMetaData;
import org.elasticsearch.common.Nullable;
import org.elasticsearch.common.Strings;
import org.elasticsearch.common.collect.Tuple;
import org.elasticsearch.common.component.AbstractComponent;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.io.Streams;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.network.NetworkAddress;
@ -74,6 +74,7 @@ import java.util.EnumSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.atomic.AtomicReference;
@ -528,7 +529,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
}
private Message message(String type, @Nullable String action, @Nullable User user,
@Nullable String[] indices, TransportMessage message) throws Exception {
@Nullable Set<String> indices, TransportMessage message) throws Exception {
Message msg = new Message().start();
common("transport", type, msg.builder);
@ -551,7 +552,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
}
}
if (indices != null) {
msg.builder.array(Field.INDICES, indices);
msg.builder.array(Field.INDICES, indices.toArray(Strings.EMPTY_ARRAY));
}
msg.builder.field(Field.REQUEST, message.getClass().getSimpleName());
@ -560,7 +561,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
// FIXME - clean up the message generation
private Message message(String type, @Nullable String action, @Nullable AuthenticationToken token,
@Nullable String realm, @Nullable String[] indices, TransportMessage message) throws Exception {
@Nullable String realm, @Nullable Set<String> indices, TransportMessage message) throws Exception {
Message msg = new Message().start();
common("transport", type, msg.builder);
@ -576,7 +577,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
msg.builder.field(Field.REALM, realm);
}
if (indices != null) {
msg.builder.array(Field.INDICES, indices);
msg.builder.array(Field.INDICES, indices.toArray(Strings.EMPTY_ARRAY));
}
msg.builder.field(Field.REQUEST, message.getClass().getSimpleName());
@ -584,7 +585,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
}
private Message message(String type, @Nullable String action, @Nullable AuthenticationToken token,
@Nullable String realm, @Nullable String[] indices, RestRequest request) throws Exception {
@Nullable String realm, @Nullable Set<String> indices, RestRequest request) throws Exception {
Message msg = new Message().start();
common("rest", type, msg.builder);
@ -601,7 +602,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
msg.builder.field(Field.REALM, realm);
}
if (indices != null) {
msg.builder.array(Field.INDICES, indices);
msg.builder.array(Field.INDICES, indices.toArray(Strings.EMPTY_ARRAY));
}
msg.builder.field(Field.REQUEST_BODY, restRequestContent(request));
msg.builder.field(Field.ORIGIN_TYPE, "rest");

12
elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java
View File

@ -8,10 +8,6 @@ package org.elasticsearch.xpack.security.audit.logfile;
import org.elasticsearch.cluster.node.DiscoveryNode;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.component.AbstractComponent;
import org.elasticsearch.common.component.AbstractLifecycleComponent;
import org.elasticsearch.common.component.Lifecycle;
import org.elasticsearch.common.component.LifecycleListener;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.logging.Loggers;
import org.elasticsearch.common.network.NetworkAddress;
@ -31,15 +27,15 @@ import org.elasticsearch.xpack.security.authz.privilege.SystemPrivilege;
import org.elasticsearch.xpack.security.rest.RemoteHostHeader;
import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.TransportMessage;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.util.List;
import java.util.Set;
import static org.elasticsearch.common.Strings.arrayToCommaDelimitedString;
import static org.elasticsearch.common.Strings.collectionToCommaDelimitedString;
import static org.elasticsearch.xpack.security.audit.AuditUtil.indices;
import static org.elasticsearch.xpack.security.audit.AuditUtil.restRequestContent;
import static org.elasticsearch.xpack.security.Security.setting;
@ -453,8 +449,8 @@ public class LoggingAuditTrail extends AbstractComponent implements AuditTrail {
}
static String indicesString(TransportMessage message) {
String[] indices = indices(message);
return indices == null ? null : arrayToCommaDelimitedString(indices);
Set<String> indices = indices(message);
return indices == null ? null : collectionToCommaDelimitedString(indices);
}
static String principal(User user) {

107
elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditUtilTests.java Normal file
View File

@ -0,0 +1,107 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
package org.elasticsearch.xpack.security.audit;
import org.elasticsearch.action.CompositeIndicesRequest;
import org.elasticsearch.action.IndicesRequest;
import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.common.Strings;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.transport.TransportMessage;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import static org.hamcrest.Matchers.hasItems;
/**
* Unit tests for the audit utils class
*/
public class AuditUtilTests extends ESTestCase {
public void testIndicesRequest() {
assertNull(AuditUtil.indices(new MockIndicesRequest(null)));
final int numberOfIndices = randomIntBetween(1, 100);
List<String> expectedIndices = new ArrayList<>();
final boolean includeDuplicates = randomBoolean();
for (int i = 0; i < numberOfIndices; i++) {
String name = randomAsciiOfLengthBetween(1, 30);
expectedIndices.add(name);
if (includeDuplicates) {
expectedIndices.add(name);
}
}
final Set<String> uniqueExpectedIndices = new HashSet<>(expectedIndices);
final Set<String> result = AuditUtil.indices(new MockIndicesRequest(expectedIndices.toArray(Strings.EMPTY_ARRAY)));
assertNotNull(result);
assertEquals(uniqueExpectedIndices.size(), result.size());
assertThat(result, hasItems(uniqueExpectedIndices.toArray(Strings.EMPTY_ARRAY)));
}
public void testCompositeIndicesRequest() {
assertNull(AuditUtil.indices(new MockCompositeIndicesRequest(Collections.emptyList())));
assertNull(AuditUtil.indices(new MockCompositeIndicesRequest(Collections.singletonList(new MockIndicesRequest(null)))));
final int numberOfIndicesRequests = randomIntBetween(1, 10);
final boolean includeDuplicates = randomBoolean();
List<String> expectedIndices = new ArrayList<>();
List<IndicesRequest> indicesRequests = new ArrayList<>(numberOfIndicesRequests);
for (int i = 0; i < numberOfIndicesRequests; i++) {
final int numberOfIndices = randomIntBetween(1, 12);
List<String> indices = new ArrayList<>(numberOfIndices);
for (int j = 0; j < numberOfIndices; j++) {
String name = randomAsciiOfLengthBetween(1, 30);
indices.add(name);
if (includeDuplicates) {
indices.add(name);
}
}
expectedIndices.addAll(indices);
indicesRequests.add(new MockIndicesRequest(indices.toArray(Strings.EMPTY_ARRAY)));
}
final Set<String> uniqueExpectedIndices = new HashSet<>(expectedIndices);
final Set<String> result = AuditUtil.indices(new MockCompositeIndicesRequest(indicesRequests));
assertNotNull(result);
assertEquals(uniqueExpectedIndices.size(), result.size());
assertThat(result, hasItems(uniqueExpectedIndices.toArray(Strings.EMPTY_ARRAY)));
}
private static class MockIndicesRequest extends TransportMessage implements IndicesRequest {
private final String[] indices;
private MockIndicesRequest(String[] indices) {
this.indices = indices;
}
@Override
public String[] indices() {
return indices;
}
@Override
public IndicesOptions indicesOptions() {
return null;
}
}
private static class MockCompositeIndicesRequest extends TransportMessage implements CompositeIndicesRequest {
private final List<? extends IndicesRequest> requests;
private MockCompositeIndicesRequest(List<? extends IndicesRequest> requests) {
this.requests = requests;
}
@Override
public List<? extends IndicesRequest> subRequests() {
return requests;
}
}
}

12
elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java
View File

@ -70,7 +70,7 @@ import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rol
import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rollover.HOURLY;
import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rollover.MONTHLY;
import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rollover.WEEKLY;
import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;
@ -298,7 +298,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
assertEquals("transport", sourceMap.get("origin_type"));
if (message instanceof IndicesRequest) {
List<Object> indices = (List<Object>) sourceMap.get("indices");
assertThat(indices, contains((Object[]) ((IndicesRequest) message).indices()));
assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest) message).indices()));
}
assertEquals(sourceMap.get("request"), message.getClass().getSimpleName());
}
@ -356,7 +356,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
assertEquals("transport", sourceMap.get("origin_type"));
if (message instanceof IndicesRequest) {
List<Object> indices = (List<Object>) sourceMap.get("indices");
assertThat(indices, contains((Object[]) ((IndicesRequest) message).indices()));
assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest) message).indices()));
}
assertEquals(sourceMap.get("request"), message.getClass().getSimpleName());
}
@ -412,7 +412,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
assertEquals("_realm", sourceMap.get("realm"));
if (message instanceof IndicesRequest) {
List<Object> indices = (List<Object>) sourceMap.get("indices");
assertThat(indices, contains((Object[]) ((IndicesRequest)message).indices()));
assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices()));
}
assertEquals(sourceMap.get("request"), message.getClass().getSimpleName());
}
@ -458,7 +458,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
assertEquals("_action", sourceMap.get("action"));
if (message instanceof IndicesRequest) {
List<Object> indices = (List<Object>) sourceMap.get("indices");
assertThat(indices, contains((Object[]) ((IndicesRequest)message).indices()));
assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices()));
}
assertEquals(sourceMap.get("request"), message.getClass().getSimpleName());
}
@ -503,7 +503,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
assertEquals("_action", sourceMap.get("action"));
if (message instanceof IndicesRequest) {
List<Object> indices = (List<Object>) sourceMap.get("indices");
assertThat(indices, contains((Object[]) ((IndicesRequest)message).indices()));
assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices()));
}
assertEquals(sourceMap.get("request"), message.getClass().getSimpleName());
}

47
elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrailTests.java
View File

@ -9,20 +9,19 @@ import org.elasticsearch.action.IndicesRequest;
import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.cluster.node.DiscoveryNode;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.Strings;
import org.elasticsearch.common.bytes.BytesArray;
import org.elasticsearch.common.bytes.BytesReference;
import org.elasticsearch.common.component.Lifecycle;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.BoundTransportAddress;
import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.common.transport.LocalTransportAddress;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.rest.RestRequest;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.TransportMessage;
import org.elasticsearch.xpack.security.audit.AuditUtil;
import org.elasticsearch.xpack.security.audit.logfile.CapturingLogger.Level;
import org.elasticsearch.xpack.security.authc.AuthenticationToken;
import org.elasticsearch.xpack.security.rest.RemoteHostHeader;
@ -135,7 +134,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.WARN, prefix + "[transport] [anonymous_access_denied]\t" + origins +
", action=[_action], indices=[idx1,idx2]");
", action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.WARN, prefix + "[transport] [anonymous_access_denied]\t" + origins + ", action=[_action]");
}
@ -144,7 +143,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [anonymous_access_denied]\t" + origins +
", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [anonymous_access_denied]\t" + origins +
", action=[_action], request=[MockMessage]");
@ -196,7 +195,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins +
", principal=[_principal], action=[_action], indices=[idx1,idx2]");
", principal=[_principal], action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins +
", principal=[_principal], action=[_action]");
@ -206,7 +205,8 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins +
", principal=[_principal], action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", principal=[_principal], action=[_action], indices=[" + indices(message) +
"], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins +
", principal=[_principal], action=[_action], request=[MockMessage]");
@ -229,7 +229,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins +
", action=[_action], indices=[idx1,idx2]");
", action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins +
", action=[_action]");
@ -239,7 +239,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins +
", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins +
", action=[_action], request=[MockMessage]");
@ -319,7 +319,8 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.TRACE, prefix + "[transport] [authentication_failed]\trealm=[_realm], " + origins +
", principal=[_principal], action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", principal=[_principal], action=[_action], indices=[" + indices(message) + "], " +
"request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.TRACE, prefix + "[transport] [authentication_failed]\trealm=[_realm], " + origins +
", principal=[_principal], action=[_action], request=[MockMessage]");
@ -379,7 +380,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[_action], indices=[idx1,idx2]");
", action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[_action]");
@ -389,7 +390,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[_action], request=[MockMessage]");
@ -417,7 +418,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.TRACE, prefix + "[transport] [access_granted]\t" + origins + ", principal=[" +
SystemUser.INSTANCE.principal()
+ "], action=[internal:_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
+ "], action=[internal:_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.TRACE, prefix + "[transport] [access_granted]\t" + origins + ", principal=[" +
SystemUser.INSTANCE.principal() + "], action=[internal:_action], request=[MockMessage]");
@ -451,7 +452,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[internal:_action], indices=[idx1,idx2]");
", action=[internal:_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[internal:_action]");
@ -461,7 +462,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[internal:_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[internal:_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo +
", action=[internal:_action], request=[MockMessage]");
@ -493,7 +494,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.ERROR, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo +
", action=[_action], indices=[idx1,idx2]");
", action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.ERROR, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo +
", action=[_action]");
@ -503,7 +504,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo +
", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo +
", action=[_action], request=[MockMessage]");
@ -554,7 +555,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins +
", action=[_action], indices=[idx1,idx2]");
", action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + ", action=[_action]");
}
@ -563,7 +564,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins +
", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins +
", action=[_action], request=[MockMessage]");
@ -595,7 +596,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case INFO:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo +
", action=[_action], indices=[idx1,idx2]");
", action=[_action], indices=[" + indices(message) + "]");
} else {
assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo +
", action=[_action]");
@ -605,7 +606,7 @@ public class LoggingAuditTrailTests extends ESTestCase {
case TRACE:
if (message instanceof IndicesRequest) {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo +
", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]");
", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]");
} else {
assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo +
", action=[_action], request=[MockMessage]");
@ -760,6 +761,10 @@ public class LoggingAuditTrailTests extends ESTestCase {
return InetAddress.getByAddress(hostname, bytes);
}
private static String indices(TransportMessage message) {
return Strings.collectionToCommaDelimitedString(AuditUtil.indices(message));
}
private static class MockMessage extends TransportMessage {
private MockMessage(ThreadContext threadContext) throws IOException {