honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FileRolesStore: Make sure default path is loaded correctly on startup 

The wrong path was used as default path. Also added logging information
for all files, so one can at least check the paths.

Original commit: elastic/x-pack-elasticsearch@893493fd17
This commit is contained in:
Alexander Reelsen 2014-09-10 12:06:12 +02:00
parent f15d5c4aa3
commit 787a415c27
4 changed files with 22 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/org/elasticsearch/shield/authc/esusers/FileUserPasswdStore.java
View File

@ -86,6 +86,9 @@ public class FileUserPasswdStore extends AbstractComponent implements UserPasswd
* empty map is returned
*/
public static ImmutableMap<String, char[]> parseFile(Path path, @Nullable ESLogger logger) {
if (logger != null) {
logger.trace("Reading users file located at [{}]", path);
}
if (!Files.exists(path)) {
return ImmutableMap.of();
}

4
src/main/java/org/elasticsearch/shield/authc/esusers/FileUserRolesStore.java
View File

@ -79,6 +79,10 @@ public class FileUserRolesStore extends AbstractComponent implements UserRolesSt
* an empty map is returned
*/
public static ImmutableMap<String, String[]> parseFile(Path path, @Nullable ESLogger logger) {
if (logger != null) {
logger.trace("Reading users roles file located at [{}]", path);
}
if (!Files.exists(path)) {
return ImmutableMap.of();
}

16
src/main/java/org/elasticsearch/shield/authz/store/FileRolesStore.java
View File

@ -12,6 +12,7 @@ import org.elasticsearch.common.collect.ImmutableSet;
import org.elasticsearch.common.component.AbstractComponent;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.jackson.dataformat.yaml.snakeyaml.error.YAMLException;
import org.elasticsearch.common.logging.ESLogger;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentFactory;
@ -20,6 +21,7 @@ import org.elasticsearch.common.xcontent.yaml.YamlXContent;
import org.elasticsearch.env.Environment;
import org.elasticsearch.shield.authz.Permission;
import org.elasticsearch.shield.authz.Privilege;
import org.elasticsearch.shield.plugin.SecurityPlugin;
import org.elasticsearch.watcher.FileChangesListener;
import org.elasticsearch.watcher.FileWatcher;
import org.elasticsearch.watcher.ResourceWatcherService;
@ -57,7 +59,7 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
public FileRolesStore(Settings settings, Environment env, ResourceWatcherService watcherService, Listener listener) {
super(settings);
file = resolveFile(componentSettings, env);
permissions = parseFile(file);
permissions = parseFile(file, logger);
FileWatcher watcher = new FileWatcher(file.getParent().toFile());
watcher.addListener(new FileListener());
watcherService.add(watcher, ResourceWatcherService.Frequency.HIGH);
@ -72,12 +74,18 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
public static Path resolveFile(Settings settings, Environment env) {
String location = settings.get("files.roles");
if (location == null) {
return env.configFile().toPath().resolve(".roles.yml");
File shieldDirectory = new File(env.configFile(), SecurityPlugin.NAME);
return shieldDirectory.toPath().resolve(".roles.yml");
}
return Paths.get(location);
}
public static ImmutableMap<String, Permission.Global> parseFile(Path path) {
public static ImmutableMap<String, Permission.Global> parseFile(Path path, ESLogger logger) {
if (logger != null) {
logger.trace("Reading roles file located at [{}]", path);
}
if (!Files.exists(path)) {
return ImmutableMap.of();
}
@ -218,7 +226,7 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
@Override
public void onFileChanged(File file) {
if (file.equals(FileRolesStore.this.file.toFile())) {
permissions = parseFile(file.toPath());
permissions = parseFile(file.toPath(), logger);
listener.onRefresh();
}
}

6
src/test/java/org/elasticsearch/shield/authz/store/FileRolesStoreTests.java
View File

@ -42,7 +42,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
@Test
public void testParseFile() throws Exception {
Path path = Paths.get(getClass().getResource("roles.yml").toURI());
Map<String, Permission.Global> roles = FileRolesStore.parseFile(path);
Map<String, Permission.Global> roles = FileRolesStore.parseFile(path, logger);
assertThat(roles, notNullValue());
assertThat(roles.size(), is(3));
@ -155,7 +155,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
public void testThatEmptyFileDoesNotResultInLoop() throws Exception {
File file = tempFolder.newFile();
com.google.common.io.Files.write("#".getBytes(Charsets.UTF_8), file);
Map<String, Permission.Global> roles = FileRolesStore.parseFile(file.toPath());
Map<String, Permission.Global> roles = FileRolesStore.parseFile(file.toPath(), logger);
assertThat(roles.keySet(), is(empty()));
}
@ -163,6 +163,6 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
public void testThatInvalidYAMLThrowsElasticsearchException() throws Exception {
File file = tempFolder.newFile();
com.google.common.io.Files.write("user: cluster: ALL indices: '.*': ALL".getBytes(Charsets.UTF_8), file);
FileRolesStore.parseFile(file.toPath());
FileRolesStore.parseFile(file.toPath(), logger);
}
}