honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[TESTS] run-as in SecurityServerTransportInterceptorTests (elastic/x-pack-elasticsearch#1475) 

Changed existing tests to randomly include a separate "authenticating-user" to verify that the behaviours are correct when run-as is used.
Also includes random roles to completeness.

Related to: elastic/x-pack-elasticsearch@637a865 elastic/x-pack-elasticsearch#1391

Original commit: elastic/x-pack-elasticsearch@e4006bc80a
This commit is contained in:
Tim Vernum 2017-06-06 14:08:14 +10:00 committed by GitHub
parent 98cdc15038
commit 6e7102845b
1 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
plugin/src/test/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptorTests.java
View File

@ -12,6 +12,7 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.concurrent.ThreadContext;
import org.elasticsearch.license.XPackLicenseState;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.test.VersionUtils;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.transport.Transport.Connection;
@ -40,6 +41,7 @@ import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import static org.hamcrest.Matchers.arrayContaining;
import static org.hamcrest.Matchers.equalTo;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.mock;
@ -95,7 +97,8 @@ public class SecurityServerTransportInterceptorTests extends ESTestCase {
}
public void testSendAsync() throws Exception {
final User user = new User("test");
final User authUser = randomBoolean() ? new User("authenticator") : null;
final User user = new User("test", randomRoles(), authUser);
final Authentication authentication = new Authentication(user, new RealmRef("ldap", "foo", "node1"), null);
authentication.writeToContext(threadContext);
SecurityServerTransportInterceptor interceptor = new SecurityServerTransportInterceptor(settings, threadPool,
@ -127,7 +130,8 @@ public class SecurityServerTransportInterceptorTests extends ESTestCase {
}
public void testSendAsyncSwitchToSystem() throws Exception {
final User user = new User("test");
final User authUser = randomBoolean() ? new User("authenticator") : null;
final User user = new User("test", randomRoles(), authUser);
final Authentication authentication = new Authentication(user, new RealmRef("ldap", "foo", "node1"), null);
authentication.writeToContext(threadContext);
threadContext.putTransient(AuthorizationService.ORIGINATING_ACTION_KEY, "indices:foo");
@ -248,7 +252,8 @@ public class SecurityServerTransportInterceptorTests extends ESTestCase {
}
public void testSendToNewerVersionSetsCorrectVersion() throws Exception {
final User user = new User("joe", "role");
final User authUser = randomBoolean() ? new User("authenticator") : null;
final User user = new User("joe", randomRoles(), authUser);
final Authentication authentication = new Authentication(user, new RealmRef("file", "file", "node1"), null);
authentication.writeToContext(threadContext);
threadContext.putTransient(AuthorizationService.ORIGINATING_ACTION_KEY, "indices:foo");
@ -287,7 +292,8 @@ public class SecurityServerTransportInterceptorTests extends ESTestCase {
}
public void testSendToOlderVersionSetsCorrectVersion() throws Exception {
final User user = new User("joe", "role");
final User authUser = randomBoolean() ? new User("authenticator") : null;
final User user = new User("joe", randomRoles(), authUser);
final Authentication authentication = new Authentication(user, new RealmRef("file", "file", "node1"), null);
authentication.writeToContext(threadContext);
threadContext.putTransient(AuthorizationService.ORIGINATING_ACTION_KEY, "indices:foo");
@ -411,4 +417,10 @@ public class SecurityServerTransportInterceptorTests extends ESTestCase {
assertEquals("value", threadContext.getHeader("key"));
}
}
private String[] randomRoles() {
return generateRandomStringArray(3, 10, false, true);
}
}