diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java index 840574b9cf4..2ef2b1dfbb5 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java @@ -283,7 +283,6 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, private static final Logger logger = LogManager.getLogger(Security.class); private final Settings settings; - private final Environment env; private final boolean enabled; private final boolean transportClientMode; /* what a PITA that we need an extra indirection to initialize this. Yet, once we got rid of guice we can thing about how @@ -313,7 +312,6 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, this.settings = settings; this.transportClientMode = XPackPlugin.transportClientMode(settings); // TODO this is wrong, we should only use the environment that is provided to createComponents - this.env = transportClientMode ? null : new Environment(settings, configPath); this.enabled = XPackSettings.SECURITY_ENABLED.get(settings); if (enabled && transportClientMode == false) { runStartupChecks(settings); @@ -385,7 +383,7 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, IndexNameExpressionResolver expressionResolver) { try { return createComponents(client, threadPool, clusterService, resourceWatcherService, scriptService, xContentRegistry, - expressionResolver); + environment, expressionResolver); } catch (final Exception e) { throw new IllegalStateException("security initialization failed", e); } @@ -394,7 +392,7 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, // pkg private for testing - tests want to pass in their set of extensions hence we are not using the extension service directly Collection createComponents(Client client, ThreadPool threadPool, ClusterService clusterService, ResourceWatcherService resourceWatcherService, ScriptService scriptService, - NamedXContentRegistry xContentRegistry, + NamedXContentRegistry xContentRegistry, Environment environment, IndexNameExpressionResolver expressionResolver) throws Exception { if (enabled == false) { return Collections.emptyList(); @@ -408,7 +406,7 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, new TokenSSLBootstrapCheck(), new PkiRealmBootstrapCheck(getSslService()), new TLSLicenseBootstrapCheck())); - checks.addAll(InternalRealms.getBootstrapChecks(settings, env)); + checks.addAll(InternalRealms.getBootstrapChecks(settings, environment)); this.bootstrapChecks.set(Collections.unmodifiableList(checks)); threadContext.set(threadPool.getThreadContext()); @@ -436,9 +434,9 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, final NativeRoleMappingStore nativeRoleMappingStore = new NativeRoleMappingStore(settings, client, securityIndex.get(), scriptService); final AnonymousUser anonymousUser = new AnonymousUser(settings); - final ReservedRealm reservedRealm = new ReservedRealm(env, settings, nativeUsersStore, + final ReservedRealm reservedRealm = new ReservedRealm(environment, settings, nativeUsersStore, anonymousUser, securityIndex.get(), threadPool); - final SecurityExtension.SecurityComponents extensionComponents = new ExtensionComponents(env, client, clusterService, + final SecurityExtension.SecurityComponents extensionComponents = new ExtensionComponents(environment, client, clusterService, resourceWatcherService, nativeRoleMappingStore); Map realmFactories = new HashMap<>(InternalRealms.getFactories(threadPool, resourceWatcherService, getSslService(), nativeUsersStore, nativeRoleMappingStore, securityIndex.get())); @@ -450,7 +448,8 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, } } } - final Realms realms = new Realms(settings, env, realmFactories, getLicenseState(), threadPool.getThreadContext(), reservedRealm); + final Realms realms = + new Realms(settings, environment, realmFactories, getLicenseState(), threadPool.getThreadContext(), reservedRealm); components.add(nativeUsersStore); components.add(nativeRoleMappingStore); components.add(realms); @@ -463,7 +462,7 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, dlsBitsetCache.set(new DocumentSubsetBitsetCache(settings, threadPool)); final FieldPermissionsCache fieldPermissionsCache = new FieldPermissionsCache(settings); - final FileRolesStore fileRolesStore = new FileRolesStore(settings, env, resourceWatcherService, getLicenseState(), + final FileRolesStore fileRolesStore = new FileRolesStore(settings, environment, resourceWatcherService, getLicenseState(), xContentRegistry); final NativeRolesStore nativeRolesStore = new NativeRolesStore(settings, client, getLicenseState(), securityIndex.get()); final ReservedRolesStore reservedRolesStore = new ReservedRolesStore(); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java index 9b35764032c..11efcc5bca6 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java @@ -134,7 +134,7 @@ public class SecurityTests extends ESTestCase { when(client.threadPool()).thenReturn(threadPool); when(client.settings()).thenReturn(settings); return security.createComponents(client, threadPool, clusterService, mock(ResourceWatcherService.class), mock(ScriptService.class), - xContentRegistry(), new IndexNameExpressionResolver()); + xContentRegistry(), env, new IndexNameExpressionResolver()); } private static T findComponent(Class type, Collection components) {