diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditUtil.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditUtil.java index 7993927b758..e7aa41a0b9d 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditUtil.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditUtil.java @@ -5,12 +5,17 @@ */ package org.elasticsearch.xpack.security.audit; +import org.elasticsearch.action.CompositeIndicesRequest; import org.elasticsearch.action.IndicesRequest; import org.elasticsearch.common.xcontent.XContentHelper; import org.elasticsearch.rest.RestRequest; import org.elasticsearch.transport.TransportMessage; import java.io.IOException; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; /** * @@ -28,10 +33,24 @@ public class AuditUtil { return ""; } - public static String[] indices(TransportMessage message) { + public static Set indices(TransportMessage message) { if (message instanceof IndicesRequest) { - return ((IndicesRequest) message).indices(); + return arrayToSetOrNull(((IndicesRequest) message).indices()); + } else if (message instanceof CompositeIndicesRequest) { + Set indices = new HashSet<>(); + for (IndicesRequest indicesRequest : ((CompositeIndicesRequest)message).subRequests()) { + if (indicesRequest.indices() != null) { + Collections.addAll(indices, indicesRequest.indices()); + } + } + if (indices.isEmpty() == false) { + return indices; + } } return null; } + + private static Set arrayToSetOrNull(String[] indices) { + return indices == null ? null : new HashSet<>(Arrays.asList(indices)); + } } diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrail.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrail.java index 34a1b7c6150..9cdfd4381d8 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrail.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrail.java @@ -25,9 +25,9 @@ import org.elasticsearch.cluster.ClusterState; import org.elasticsearch.cluster.ClusterStateListener; import org.elasticsearch.cluster.metadata.IndexMetaData; import org.elasticsearch.common.Nullable; +import org.elasticsearch.common.Strings; import org.elasticsearch.common.collect.Tuple; import org.elasticsearch.common.component.AbstractComponent; -import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.io.Streams; import org.elasticsearch.common.logging.ESLogger; import org.elasticsearch.common.network.NetworkAddress; @@ -74,6 +74,7 @@ import java.util.EnumSet; import java.util.List; import java.util.Locale; import java.util.Map; +import java.util.Set; import java.util.concurrent.BlockingQueue; import java.util.concurrent.LinkedBlockingQueue; import java.util.concurrent.atomic.AtomicReference; @@ -528,7 +529,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl } private Message message(String type, @Nullable String action, @Nullable User user, - @Nullable String[] indices, TransportMessage message) throws Exception { + @Nullable Set indices, TransportMessage message) throws Exception { Message msg = new Message().start(); common("transport", type, msg.builder); @@ -551,7 +552,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl } } if (indices != null) { - msg.builder.array(Field.INDICES, indices); + msg.builder.array(Field.INDICES, indices.toArray(Strings.EMPTY_ARRAY)); } msg.builder.field(Field.REQUEST, message.getClass().getSimpleName()); @@ -560,7 +561,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl // FIXME - clean up the message generation private Message message(String type, @Nullable String action, @Nullable AuthenticationToken token, - @Nullable String realm, @Nullable String[] indices, TransportMessage message) throws Exception { + @Nullable String realm, @Nullable Set indices, TransportMessage message) throws Exception { Message msg = new Message().start(); common("transport", type, msg.builder); @@ -576,7 +577,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl msg.builder.field(Field.REALM, realm); } if (indices != null) { - msg.builder.array(Field.INDICES, indices); + msg.builder.array(Field.INDICES, indices.toArray(Strings.EMPTY_ARRAY)); } msg.builder.field(Field.REQUEST, message.getClass().getSimpleName()); @@ -584,7 +585,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl } private Message message(String type, @Nullable String action, @Nullable AuthenticationToken token, - @Nullable String realm, @Nullable String[] indices, RestRequest request) throws Exception { + @Nullable String realm, @Nullable Set indices, RestRequest request) throws Exception { Message msg = new Message().start(); common("rest", type, msg.builder); @@ -601,7 +602,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl msg.builder.field(Field.REALM, realm); } if (indices != null) { - msg.builder.array(Field.INDICES, indices); + msg.builder.array(Field.INDICES, indices.toArray(Strings.EMPTY_ARRAY)); } msg.builder.field(Field.REQUEST_BODY, restRequestContent(request)); msg.builder.field(Field.ORIGIN_TYPE, "rest"); diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java index 2b74749b5fd..3f688680b9e 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java @@ -8,10 +8,6 @@ package org.elasticsearch.xpack.security.audit.logfile; import org.elasticsearch.cluster.node.DiscoveryNode; import org.elasticsearch.cluster.service.ClusterService; import org.elasticsearch.common.component.AbstractComponent; -import org.elasticsearch.common.component.AbstractLifecycleComponent; -import org.elasticsearch.common.component.Lifecycle; -import org.elasticsearch.common.component.LifecycleListener; -import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.logging.ESLogger; import org.elasticsearch.common.logging.Loggers; import org.elasticsearch.common.network.NetworkAddress; @@ -31,15 +27,15 @@ import org.elasticsearch.xpack.security.authz.privilege.SystemPrivilege; import org.elasticsearch.xpack.security.rest.RemoteHostHeader; import org.elasticsearch.xpack.security.transport.filter.SecurityIpFilterRule; import org.elasticsearch.threadpool.ThreadPool; -import org.elasticsearch.transport.Transport; import org.elasticsearch.transport.TransportMessage; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.SocketAddress; import java.util.List; +import java.util.Set; -import static org.elasticsearch.common.Strings.arrayToCommaDelimitedString; +import static org.elasticsearch.common.Strings.collectionToCommaDelimitedString; import static org.elasticsearch.xpack.security.audit.AuditUtil.indices; import static org.elasticsearch.xpack.security.audit.AuditUtil.restRequestContent; import static org.elasticsearch.xpack.security.Security.setting; @@ -453,8 +449,8 @@ public class LoggingAuditTrail extends AbstractComponent implements AuditTrail { } static String indicesString(TransportMessage message) { - String[] indices = indices(message); - return indices == null ? null : arrayToCommaDelimitedString(indices); + Set indices = indices(message); + return indices == null ? null : collectionToCommaDelimitedString(indices); } static String principal(User user) { diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditUtilTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditUtilTests.java new file mode 100644 index 00000000000..33948c0b286 --- /dev/null +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditUtilTests.java @@ -0,0 +1,107 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +package org.elasticsearch.xpack.security.audit; + +import org.elasticsearch.action.CompositeIndicesRequest; +import org.elasticsearch.action.IndicesRequest; +import org.elasticsearch.action.support.IndicesOptions; +import org.elasticsearch.common.Strings; +import org.elasticsearch.test.ESTestCase; +import org.elasticsearch.transport.TransportMessage; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import static org.hamcrest.Matchers.hasItems; + +/** + * Unit tests for the audit utils class + */ +public class AuditUtilTests extends ESTestCase { + + public void testIndicesRequest() { + assertNull(AuditUtil.indices(new MockIndicesRequest(null))); + final int numberOfIndices = randomIntBetween(1, 100); + List expectedIndices = new ArrayList<>(); + final boolean includeDuplicates = randomBoolean(); + for (int i = 0; i < numberOfIndices; i++) { + String name = randomAsciiOfLengthBetween(1, 30); + expectedIndices.add(name); + if (includeDuplicates) { + expectedIndices.add(name); + } + } + final Set uniqueExpectedIndices = new HashSet<>(expectedIndices); + final Set result = AuditUtil.indices(new MockIndicesRequest(expectedIndices.toArray(Strings.EMPTY_ARRAY))); + assertNotNull(result); + assertEquals(uniqueExpectedIndices.size(), result.size()); + assertThat(result, hasItems(uniqueExpectedIndices.toArray(Strings.EMPTY_ARRAY))); + } + + public void testCompositeIndicesRequest() { + assertNull(AuditUtil.indices(new MockCompositeIndicesRequest(Collections.emptyList()))); + assertNull(AuditUtil.indices(new MockCompositeIndicesRequest(Collections.singletonList(new MockIndicesRequest(null))))); + final int numberOfIndicesRequests = randomIntBetween(1, 10); + final boolean includeDuplicates = randomBoolean(); + List expectedIndices = new ArrayList<>(); + List indicesRequests = new ArrayList<>(numberOfIndicesRequests); + for (int i = 0; i < numberOfIndicesRequests; i++) { + final int numberOfIndices = randomIntBetween(1, 12); + List indices = new ArrayList<>(numberOfIndices); + for (int j = 0; j < numberOfIndices; j++) { + String name = randomAsciiOfLengthBetween(1, 30); + indices.add(name); + if (includeDuplicates) { + indices.add(name); + } + } + expectedIndices.addAll(indices); + indicesRequests.add(new MockIndicesRequest(indices.toArray(Strings.EMPTY_ARRAY))); + } + + final Set uniqueExpectedIndices = new HashSet<>(expectedIndices); + final Set result = AuditUtil.indices(new MockCompositeIndicesRequest(indicesRequests)); + assertNotNull(result); + assertEquals(uniqueExpectedIndices.size(), result.size()); + assertThat(result, hasItems(uniqueExpectedIndices.toArray(Strings.EMPTY_ARRAY))); + } + + private static class MockIndicesRequest extends TransportMessage implements IndicesRequest { + + private final String[] indices; + + private MockIndicesRequest(String[] indices) { + this.indices = indices; + } + + @Override + public String[] indices() { + return indices; + } + + @Override + public IndicesOptions indicesOptions() { + return null; + } + } + + private static class MockCompositeIndicesRequest extends TransportMessage implements CompositeIndicesRequest { + + private final List requests; + + private MockCompositeIndicesRequest(List requests) { + this.requests = requests; + } + + @Override + public List subRequests() { + return requests; + } + } +} diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java index 921640fb23a..7118f687fc5 100644 --- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/index/IndexAuditTrailTests.java @@ -70,7 +70,7 @@ import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rol import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rollover.HOURLY; import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rollover.MONTHLY; import static org.elasticsearch.xpack.security.audit.index.IndexNameResolver.Rollover.WEEKLY; -import static org.hamcrest.Matchers.contains; +import static org.hamcrest.Matchers.containsInAnyOrder; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.notNullValue; @@ -298,7 +298,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertEquals("transport", sourceMap.get("origin_type")); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, contains((Object[]) ((IndicesRequest) message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest) message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); } @@ -356,7 +356,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertEquals("transport", sourceMap.get("origin_type")); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, contains((Object[]) ((IndicesRequest) message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest) message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); } @@ -412,7 +412,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertEquals("_realm", sourceMap.get("realm")); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, contains((Object[]) ((IndicesRequest)message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); } @@ -458,7 +458,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertEquals("_action", sourceMap.get("action")); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, contains((Object[]) ((IndicesRequest)message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); } @@ -503,7 +503,7 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase { assertEquals("_action", sourceMap.get("action")); if (message instanceof IndicesRequest) { List indices = (List) sourceMap.get("indices"); - assertThat(indices, contains((Object[]) ((IndicesRequest)message).indices())); + assertThat(indices, containsInAnyOrder((Object[]) ((IndicesRequest)message).indices())); } assertEquals(sourceMap.get("request"), message.getClass().getSimpleName()); } diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrailTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrailTests.java index fc447fa2628..3c9d37efac2 100644 --- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrailTests.java +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrailTests.java @@ -9,20 +9,19 @@ import org.elasticsearch.action.IndicesRequest; import org.elasticsearch.action.support.IndicesOptions; import org.elasticsearch.cluster.node.DiscoveryNode; import org.elasticsearch.cluster.service.ClusterService; +import org.elasticsearch.common.Strings; import org.elasticsearch.common.bytes.BytesArray; import org.elasticsearch.common.bytes.BytesReference; -import org.elasticsearch.common.component.Lifecycle; import org.elasticsearch.common.network.NetworkAddress; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.common.transport.BoundTransportAddress; import org.elasticsearch.common.transport.InetSocketTransportAddress; import org.elasticsearch.common.transport.LocalTransportAddress; import org.elasticsearch.common.transport.TransportAddress; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.rest.RestRequest; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.transport.Transport; import org.elasticsearch.transport.TransportMessage; +import org.elasticsearch.xpack.security.audit.AuditUtil; import org.elasticsearch.xpack.security.audit.logfile.CapturingLogger.Level; import org.elasticsearch.xpack.security.authc.AuthenticationToken; import org.elasticsearch.xpack.security.rest.RemoteHostHeader; @@ -135,7 +134,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.WARN, prefix + "[transport] [anonymous_access_denied]\t" + origins + - ", action=[_action], indices=[idx1,idx2]"); + ", action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.WARN, prefix + "[transport] [anonymous_access_denied]\t" + origins + ", action=[_action]"); } @@ -144,7 +143,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [anonymous_access_denied]\t" + origins + - ", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [anonymous_access_denied]\t" + origins + ", action=[_action], request=[MockMessage]"); @@ -196,7 +195,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins + - ", principal=[_principal], action=[_action], indices=[idx1,idx2]"); + ", principal=[_principal], action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins + ", principal=[_principal], action=[_action]"); @@ -206,7 +205,8 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins + - ", principal=[_principal], action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", principal=[_principal], action=[_action], indices=[" + indices(message) + + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins + ", principal=[_principal], action=[_action], request=[MockMessage]"); @@ -229,7 +229,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins + - ", action=[_action], indices=[idx1,idx2]"); + ", action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.ERROR, prefix + "[transport] [authentication_failed]\t" + origins + ", action=[_action]"); @@ -239,7 +239,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins + - ", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [authentication_failed]\t" + origins + ", action=[_action], request=[MockMessage]"); @@ -319,7 +319,8 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.TRACE, prefix + "[transport] [authentication_failed]\trealm=[_realm], " + origins + - ", principal=[_principal], action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", principal=[_principal], action=[_action], indices=[" + indices(message) + "], " + + "request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.TRACE, prefix + "[transport] [authentication_failed]\trealm=[_realm], " + origins + ", principal=[_principal], action=[_action], request=[MockMessage]"); @@ -379,7 +380,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + - ", action=[_action], indices=[idx1,idx2]"); + ", action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + ", action=[_action]"); @@ -389,7 +390,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + - ", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + ", action=[_action], request=[MockMessage]"); @@ -417,7 +418,7 @@ public class LoggingAuditTrailTests extends ESTestCase { if (message instanceof IndicesRequest) { assertMsg(logger, Level.TRACE, prefix + "[transport] [access_granted]\t" + origins + ", principal=[" + SystemUser.INSTANCE.principal() - + "], action=[internal:_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + + "], action=[internal:_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.TRACE, prefix + "[transport] [access_granted]\t" + origins + ", principal=[" + SystemUser.INSTANCE.principal() + "], action=[internal:_action], request=[MockMessage]"); @@ -451,7 +452,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + - ", action=[internal:_action], indices=[idx1,idx2]"); + ", action=[internal:_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.INFO, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + ", action=[internal:_action]"); @@ -461,7 +462,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + - ", action=[internal:_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[internal:_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_granted]\t" + origins + ", " + userInfo + ", action=[internal:_action], request=[MockMessage]"); @@ -493,7 +494,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.ERROR, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo + - ", action=[_action], indices=[idx1,idx2]"); + ", action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.ERROR, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo + ", action=[_action]"); @@ -503,7 +504,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo + - ", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [access_denied]\t" + origins + ", " + userInfo + ", action=[_action], request=[MockMessage]"); @@ -554,7 +555,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + - ", action=[_action], indices=[idx1,idx2]"); + ", action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + ", action=[_action]"); } @@ -563,7 +564,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins + - ", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins + ", action=[_action], request=[MockMessage]"); @@ -595,7 +596,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case INFO: if (message instanceof IndicesRequest) { assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo + - ", action=[_action], indices=[idx1,idx2]"); + ", action=[_action], indices=[" + indices(message) + "]"); } else { assertMsg(logger, Level.ERROR, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo + ", action=[_action]"); @@ -605,7 +606,7 @@ public class LoggingAuditTrailTests extends ESTestCase { case TRACE: if (message instanceof IndicesRequest) { assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo + - ", action=[_action], indices=[idx1,idx2], request=[MockIndicesRequest]"); + ", action=[_action], indices=[" + indices(message) + "], request=[MockIndicesRequest]"); } else { assertMsg(logger, Level.DEBUG, prefix + "[transport] [tampered_request]\t" + origins + ", " + userInfo + ", action=[_action], request=[MockMessage]"); @@ -760,6 +761,10 @@ public class LoggingAuditTrailTests extends ESTestCase { return InetAddress.getByAddress(hostname, bytes); } + private static String indices(TransportMessage message) { + return Strings.collectionToCommaDelimitedString(AuditUtil.indices(message)); + } + private static class MockMessage extends TransportMessage { private MockMessage(ThreadContext threadContext) throws IOException {