honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

make tests pass forbidden APIs 

Original commit: elastic/x-pack-elasticsearch@985fc6d2ff
This commit is contained in:
Simon Willnauer 2015-06-15 15:45:35 +02:00
parent fc95323904
commit 78c0159949
13 changed files with 60 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/java/org/elasticsearch/watcher/WatcherPlugin.java
View File

@ -11,11 +11,15 @@ import org.elasticsearch.common.component.LifecycleComponent;
import org.elasticsearch.common.inject.Module;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.plugins.AbstractPlugin;
import org.elasticsearch.script.ScriptModes;
import org.elasticsearch.script.ScriptModule;
import org.elasticsearch.watcher.actions.email.service.InternalEmailService;
import org.elasticsearch.watcher.history.HistoryModule;
import org.elasticsearch.watcher.license.LicenseService;
import org.elasticsearch.watcher.support.Script;
import org.elasticsearch.watcher.support.http.HttpClient;
import org.elasticsearch.watcher.support.init.InitializingService;
import org.elasticsearch.watcher.support.init.proxy.ScriptServiceProxy;
import org.elasticsearch.watcher.support.validation.WatcherSettingsValidation;
import java.util.Collection;
@ -55,6 +59,7 @@ public class WatcherPlugin extends AbstractPlugin {
ImmutableList.<Class<? extends Module>>of(WatcherModule.class);
}
@Override
public Collection<Class<? extends LifecycleComponent>> services() {
if (!enabled || transportClient) {
@ -83,6 +88,10 @@ public class WatcherPlugin extends AbstractPlugin {
return additionalSettings;
}
public void onModule(ScriptModule module) {
module.registerScriptContext(ScriptServiceProxy.INSTANCE);
}
public static boolean watcherEnabled(Settings settings) {
return settings.getAsBoolean(ENABLED_SETTING, true);
}

3
src/main/java/org/elasticsearch/watcher/actions/email/service/Attachment.java
View File

@ -5,6 +5,7 @@
*/
package org.elasticsearch.watcher.actions.email.service;
import org.elasticsearch.common.SuppressForbidden;
import org.elasticsearch.watcher.actions.email.service.support.BodyPartSource;
import org.elasticsearch.common.xcontent.ToXContent;
import org.elasticsearch.common.xcontent.XContentBuilder;
@ -71,10 +72,12 @@ public abstract class Attachment extends BodyPartSource {
this(id, path.getFileName().toString(), path, contentType);
}
@SuppressForbidden(reason = "uses toFile")
public File(String id, String name, Path path) {
this(id, name, path, fileTypeMap.getContentType(path.toFile()));
}
@SuppressForbidden(reason = "uses toFile")
public File(String id, String name, Path path, String contentType) {
super(id, name, contentType);
this.path = path;

3
src/main/java/org/elasticsearch/watcher/actions/email/service/Inline.java
View File

@ -5,6 +5,7 @@
*/
package org.elasticsearch.watcher.actions.email.service;
import org.elasticsearch.common.SuppressForbidden;
import org.elasticsearch.watcher.actions.email.service.support.BodyPartSource;
import org.elasticsearch.common.bytes.BytesArray;
import org.elasticsearch.common.bytes.BytesReference;
@ -70,10 +71,12 @@ public abstract class Inline extends BodyPartSource {
this(id, path.getFileName().toString(), path);
}
@SuppressForbidden(reason = "uses toFile")
public File(String id, String name, Path path) {
this(id, name, path, fileTypeMap.getContentType(path.toFile()));
}
@SuppressForbidden(reason = "uses toFile")
public File(String id, String name, Path path, String contentType) {
super(id, name, contentType);
this.path = path;

2
src/main/java/org/elasticsearch/watcher/client/WatcherClient.java
View File

@ -46,7 +46,7 @@ public class WatcherClient {
private final ElasticsearchClient client;
@Inject
public WatcherClient(ElasticsearchClient client) {
public WatcherClient(Client client) {
this.client = client;
}

19
src/main/java/org/elasticsearch/watcher/support/http/HttpClient.java
View File

@ -13,11 +13,11 @@ import org.elasticsearch.common.component.AbstractLifecycleComponent;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.io.Streams;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.env.Environment;
import org.elasticsearch.watcher.support.http.auth.ApplicableHttpAuth;
import org.elasticsearch.watcher.support.http.auth.HttpAuthRegistry;
import javax.net.ssl.*;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
@ -25,7 +25,6 @@ import java.net.*;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.List;
@ -57,13 +56,15 @@ public class HttpClient extends AbstractLifecycleComponent<HttpClient> {
static final String SETTINGS_SSL_SHIELD_TRUSTSTORE_ALGORITHM = SETTINGS_SSL_SHIELD_PREFIX + "truststore.algorithm";
private final HttpAuthRegistry httpAuthRegistry;
private final Environment env;
private SSLSocketFactory sslSocketFactory;
@Inject
public HttpClient(Settings settings, HttpAuthRegistry httpAuthRegistry) {
public HttpClient(Settings settings, HttpAuthRegistry httpAuthRegistry, Environment env) {
super(settings);
this.httpAuthRegistry = httpAuthRegistry;
this.env = env;
}
@Override
@ -196,8 +197,8 @@ public class HttpClient extends AbstractLifecycleComponent<HttpClient> {
logger.debug("using protocol [{}], keyStore [{}], keyStoreAlgorithm [{}], trustStore [{}] and trustAlgorithm [{}]", sslContextProtocol, keyStore, keyStoreAlgorithm, trustStore, trustStoreAlgorithm);
SSLContext sslContext = SSLContext.getInstance(sslContextProtocol);
KeyManager[] keyManagers = keyManagers(keyStore, keyStorePassword, keyStoreAlgorithm, keyPassword);
TrustManager[] trustManagers = trustManagers(trustStore, trustStorePassword, trustStoreAlgorithm);
KeyManager[] keyManagers = keyManagers(env, keyStore, keyStorePassword, keyStoreAlgorithm, keyPassword);
TrustManager[] trustManagers = trustManagers(env, trustStore, trustStorePassword, trustStoreAlgorithm);
sslContext.init(keyManagers, trustManagers, new SecureRandom());
return sslContext.getSocketFactory();
} catch (Exception e) {
@ -209,11 +210,11 @@ public class HttpClient extends AbstractLifecycleComponent<HttpClient> {
return sslSocketFactory;
}
private static KeyManager[] keyManagers(String keyStore, String keyStorePassword, String keyStoreAlgorithm, String keyPassword) {
private static KeyManager[] keyManagers(Environment env, String keyStore, String keyStorePassword, String keyStoreAlgorithm, String keyPassword) {
if (keyStore == null) {
return null;
}
Path path = Paths.get(keyStore);
Path path = env.homeFile().resolve(keyStore);
if (Files.notExists(path)) {
return null;
}
@ -231,12 +232,12 @@ public class HttpClient extends AbstractLifecycleComponent<HttpClient> {
}
}
private static TrustManager[] trustManagers(String trustStore, String trustStorePassword, String trustStoreAlgorithm) {
private static TrustManager[] trustManagers(Environment env, String trustStore, String trustStorePassword, String trustStoreAlgorithm) {
try {
// Load TrustStore
KeyStore ks = null;
if (trustStore != null) {
Path trustStorePath = Paths.get(trustStore);
Path trustStorePath = env.homeFile().resolve(trustStore);
if (Files.exists(trustStorePath)) {
ks = readKeystore(trustStorePath, trustStorePassword);
}

8
src/main/java/org/elasticsearch/watcher/support/init/proxy/ScriptServiceProxy.java
View File

@ -5,10 +5,8 @@
*/
package org.elasticsearch.watcher.support.init.proxy;
import com.google.common.collect.ImmutableMap;
import org.elasticsearch.common.inject.Injector;
import org.elasticsearch.script.*;
import org.elasticsearch.search.lookup.SearchLookup;
import org.elasticsearch.watcher.support.Script;
import org.elasticsearch.watcher.support.init.InitializingService;
@ -53,11 +51,13 @@ public class ScriptServiceProxy implements InitializingService.Initializable {
return service.executable(script, WatcherScriptContext.CTX);
}
public static final ScriptContext.Plugin INSTANCE = new ScriptContext.Plugin("elasticsearch-watcher", "watch");
private static class WatcherScriptContext implements ScriptContext {
private static final ScriptContext CTX = new WatcherScriptContext();
public static final ScriptContext CTX = new WatcherScriptContext();
@Override
public String getKey() {
return "watcher";
return INSTANCE.getKey();
}
}
}

2
src/main/java/org/elasticsearch/watcher/support/template/TemplateModule.java
View File

@ -8,7 +8,9 @@ package org.elasticsearch.watcher.support.template;
import org.elasticsearch.common.inject.AbstractModule;
import org.elasticsearch.common.inject.Module;
import org.elasticsearch.common.inject.PreProcessModule;
import org.elasticsearch.script.ScriptContext;
import org.elasticsearch.script.ScriptModule;
import org.elasticsearch.watcher.support.init.proxy.ScriptServiceProxy;
import org.elasticsearch.watcher.support.template.xmustache.XMustacheScriptEngineService;
import org.elasticsearch.watcher.support.template.xmustache.XMustacheTemplateEngine;

5
src/main/java/org/elasticsearch/watcher/trigger/schedule/engine/SchedulerScheduleTriggerEngine.java
View File

@ -8,6 +8,7 @@ package org.elasticsearch.watcher.trigger.schedule.engine;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.util.concurrent.FutureUtils;
import org.joda.time.DateTime;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.concurrent.EsExecutors;
@ -123,9 +124,7 @@ public class SchedulerScheduleTriggerEngine extends ScheduleTriggerEngine {
}
public void cancel() {
if (future != null) {
future.cancel(true);
}
FutureUtils.cancel(future);
}
}

13
src/test/java/org/elasticsearch/watcher/actions/webhook/WebhookActionTests.java
View File

@ -5,7 +5,6 @@
*/
package org.elasticsearch.watcher.actions.webhook;
import com.carrotsearch.randomizedtesting.annotations.Repeat;
import com.google.common.collect.ImmutableMap;
import org.joda.time.DateTime;
import org.elasticsearch.common.settings.Settings;
@ -90,7 +89,7 @@ public class WebhookActionTests extends ElasticsearchTestCase {
tp.shutdownNow();
}
@Test @Repeat(iterations = 30)
@Test
public void testExecute() throws Exception {
ExecuteScenario scenario = randomFrom(ExecuteScenario.Success, ExecuteScenario.ErrorCode);
@ -125,7 +124,7 @@ public class WebhookActionTests extends ElasticsearchTestCase {
return builder.build();
}
@Test @Repeat(iterations = 10)
@Test
public void testParser() throws Exception {
Template body = randomBoolean() ? Template.inline("_subject").build() : null;
Template path = Template.inline("_url").build();
@ -146,7 +145,7 @@ public class WebhookActionTests extends ElasticsearchTestCase {
assertThat(executable.action().getRequest(), equalTo(request));
}
@Test @Repeat(iterations = 10)
@Test
public void testParser_SelfGenerated() throws Exception {
Template body = randomBoolean() ? Template.inline("_body").build() : null;
Template path = Template.inline("_url").build();
@ -173,7 +172,7 @@ public class WebhookActionTests extends ElasticsearchTestCase {
assertThat(parsedExecutable.action(), is(action));
}
@Test @Repeat(iterations = 10)
@Test
public void testParser_Builder() throws Exception {
Template body = randomBoolean() ? Template.inline("_body").build() : null;
Template path = Template.inline("_url").build();
@ -199,7 +198,6 @@ public class WebhookActionTests extends ElasticsearchTestCase {
}
@Test(expected = WebhookActionException.class)
@Repeat(iterations = 5)
public void testParser_Failure() throws Exception {
XContentBuilder builder = jsonBuilder().startObject();
if (randomBoolean()) {
@ -224,7 +222,6 @@ public class WebhookActionTests extends ElasticsearchTestCase {
}
@Test
@Repeat(iterations = 10)
public void testTemplatedHttpRequest() throws Exception
{
HttpClient httpClient = ExecuteScenario.Success.client();
@ -259,7 +256,7 @@ public class WebhookActionTests extends ElasticsearchTestCase {
}
@Test @Repeat(iterations = 100)
@Test
public void testValidUrls() throws Exception {
HttpClient httpClient = ExecuteScenario.Success.client();

10
src/test/java/org/elasticsearch/watcher/actions/webhook/WebhookHttpsIntegrationTests.java
View File

@ -17,7 +17,6 @@ import org.elasticsearch.watcher.actions.ActionBuilders;
import org.elasticsearch.watcher.history.HistoryStore;
import org.elasticsearch.watcher.history.WatchRecord;
import org.elasticsearch.watcher.support.http.HttpClient;
import org.elasticsearch.watcher.support.http.HttpClientTest;
import org.elasticsearch.watcher.support.http.HttpRequestTemplate;
import org.elasticsearch.watcher.support.http.Scheme;
import org.elasticsearch.watcher.support.http.auth.basic.BasicAuth;
@ -29,9 +28,7 @@ import org.junit.Before;
import org.junit.Test;
import java.net.BindException;
import java.net.URISyntaxException;
import java.nio.file.Path;
import java.nio.file.Paths;
import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertNoFailures;
import static org.elasticsearch.watcher.client.WatchSourceBuilders.watchBuilder;
@ -50,12 +47,7 @@ public class WebhookHttpsIntegrationTests extends AbstractWatcherIntegrationTest
@Override
protected Settings nodeSettings(int nodeOrdinal) {
Path resource;
try {
resource = Paths.get(HttpClientTest.class.getResource("/org/elasticsearch/shield/keystore/testnode.jks").toURI());
} catch (URISyntaxException e) {
throw new RuntimeException(e);
}
Path resource = getDataPath("/org/elasticsearch/shield/keystore/testnode.jks");
return Settings.builder()
.put(super.nodeSettings(nodeOrdinal))
.put(HttpClient.SETTINGS_SSL_KEYSTORE, resource.toString())

24
src/test/java/org/elasticsearch/watcher/support/http/HttpClientTest.java
View File

@ -14,6 +14,7 @@ import org.elasticsearch.ExceptionsHelper;
import com.google.common.collect.ImmutableMap;
import org.elasticsearch.common.io.PathUtils;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.env.Environment;
import org.elasticsearch.test.ElasticsearchTestCase;
import org.elasticsearch.test.junit.annotations.Network;
import org.elasticsearch.watcher.support.http.auth.HttpAuthFactory;
@ -48,6 +49,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
private HttpClient httpClient;
private HttpAuthRegistry authRegistry;
private SecretService secretService;
private Environment environment = new Environment(Settings.EMPTY);
private int webPort;
@ -59,7 +61,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
try {
webServer = new MockWebServer();
webServer.start(webPort);
httpClient = new HttpClient(Settings.EMPTY, authRegistry).start();
httpClient = new HttpClient(Settings.EMPTY, authRegistry, environment).start();
return;
} catch (BindException be) {
logger.warn("port [{}] was already in use trying next port", webPort);
@ -145,7 +147,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
@Test
public void testHttps() throws Exception {
Path resource = Paths.get(HttpClientTest.class.getResource("/org/elasticsearch/shield/keystore/truststore-testnode-only.jks").toURI());
Path resource = getDataPath("/org/elasticsearch/shield/keystore/truststore-testnode-only.jks");
Settings settings;
if (randomBoolean()) {
@ -159,13 +161,13 @@ public class HttpClientTest extends ElasticsearchTestCase {
.put(HttpClient.SETTINGS_SSL_SHIELD_TRUSTSTORE_PASSWORD, "truststore-testnode-only")
.build();
}
HttpClient httpClient = new HttpClient(settings, authRegistry).start();
HttpClient httpClient = new HttpClient(settings, authRegistry, environment).start();
// We can't use the client created above for the server since it is only a truststore
webServer.useHttps(new HttpClient(Settings.builder()
.put(HttpClient.SETTINGS_SSL_KEYSTORE, PathUtils.get(HttpClientTest.class.getResource("/org/elasticsearch/shield/keystore/testnode.jks").toURI()))
.put(HttpClient.SETTINGS_SSL_KEYSTORE_PASSWORD, "testnode")
.build(), authRegistry)
.build(), authRegistry, environment)
.start()
.getSslSocketFactory(), false);
@ -184,7 +186,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
@Test
public void testHttpsClientAuth() throws Exception {
Path resource = Paths.get(HttpClientTest.class.getResource("/org/elasticsearch/shield/keystore/testnode.jks").toURI());
Path resource = getDataPath("/org/elasticsearch/shield/keystore/testnode.jks");
Settings settings;
if (randomBoolean()) {
settings = Settings.builder()
@ -198,7 +200,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
.build();
}
HttpClient httpClient = new HttpClient(settings, authRegistry).start();
HttpClient httpClient = new HttpClient(settings, authRegistry, environment).start();
webServer.useHttps(new ClientAuthRequiringSSLSocketFactory(httpClient.getSslSocketFactory()), false);
webServer.enqueue(new MockResponse().setResponseCode(200).setBody("body"));
@ -217,7 +219,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
@Test
public void testHttpClientReadKeyWithDifferentPassword() throws Exception {
// This truststore doesn't have a cert with a valid SAN so hostname verification will fail if used
Path resource = Paths.get(HttpClientTest.class.getResource("/org/elasticsearch/shield/keystore/testnode-different-passwords.jks").toURI());
Path resource = getDataPath("/org/elasticsearch/shield/keystore/testnode-different-passwords.jks");
Settings settings;
final boolean watcherSettings = randomBoolean();
@ -235,7 +237,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
.build();
}
HttpClient httpClient = new HttpClient(settings, authRegistry).start();
HttpClient httpClient = new HttpClient(settings, authRegistry, environment).start();
assertThat(httpClient.getSslSocketFactory(), notNullValue());
Settings.Builder badSettings = Settings.builder().put(settings);
@ -246,7 +248,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
}
try {
new HttpClient(badSettings.build(), authRegistry).start();
new HttpClient(badSettings.build(), authRegistry, environment).start();
fail("an exception should have been thrown since the key is not recoverable without the password");
} catch (Exception e) {
UnrecoverableKeyException rootCause = (UnrecoverableKeyException) ExceptionsHelper.unwrap(e, UnrecoverableKeyException.class);
@ -272,7 +274,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
@Test
@Network
public void testHttpsWithoutTruststore() throws Exception {
HttpClient httpClient = new HttpClient(Settings.EMPTY, authRegistry).start();
HttpClient httpClient = new HttpClient(Settings.EMPTY, authRegistry, environment).start();
assertThat(httpClient.getSslSocketFactory(), nullValue());
// Known server with a valid cert from a commercial CA
@ -292,7 +294,7 @@ public class HttpClientTest extends ElasticsearchTestCase {
Settings settings = Settings.builder()
.put(setting, randomBoolean())
.build();
HttpClient httpClient = new HttpClient(settings, authRegistry).start();
HttpClient httpClient = new HttpClient(settings, authRegistry, environment).start();
assertThat(httpClient.getSslSocketFactory(), notNullValue());
// Known server with a valid cert from a commercial CA

4
src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTests.java
View File

@ -694,7 +694,7 @@ public abstract class AbstractWatcherIntegrationTests extends ElasticsearchInteg
} catch (IOException e) {
throw new ElasticsearchException("error writing file in test", e);
}
return file.toFile().getAbsolutePath();
return file.toAbsolutePath().toString();
}
public static String writeFile(Path folder, String name, byte[] content) throws IOException {
@ -704,7 +704,7 @@ public abstract class AbstractWatcherIntegrationTests extends ElasticsearchInteg
} catch (IOException e) {
throw new ElasticsearchException("error writing file in test", e);
}
return file.toFile().getAbsolutePath();
return file.toAbsolutePath().toString();
}
}

9
src/test/java/org/elasticsearch/watcher/test/WatcherTestUtils.java
View File

@ -11,6 +11,7 @@ import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.common.Strings;
import com.google.common.collect.ImmutableMap;
import org.elasticsearch.common.bytes.BytesArray;
import org.elasticsearch.script.ScriptContext;
import org.elasticsearch.script.ScriptContextRegistry;
import org.joda.time.DateTime;
import org.elasticsearch.common.logging.ESLogger;
@ -229,19 +230,19 @@ public final class WatcherTestUtils {
public static ScriptServiceProxy getScriptServiceProxy(ThreadPool tp) throws Exception {
Settings settings = Settings.settingsBuilder()
.put("script.disable_dynamic", "none")
.put("script.inline", "on")
.put("script.indexed", "on")
.put("path.home", ".")
.build();
GroovyScriptEngineService groovyScriptEngineService = new GroovyScriptEngineService(settings);
XMustacheScriptEngineService mustacheScriptEngineService = new XMustacheScriptEngineService(settings);
Set<ScriptEngineService> engineServiceSet = new HashSet<>();
engineServiceSet.add(mustacheScriptEngineService);
engineServiceSet.add(groovyScriptEngineService);
NodeSettingsService nodeSettingsService = new NodeSettingsService(settings);
Class scriptContextRegistryClass = Class.forName("org.elasticsearch.script.ScriptContextRegistry");
Constructor scriptContextRegistryConstructor = scriptContextRegistryClass.getDeclaredConstructors()[0];
scriptContextRegistryConstructor.setAccessible(true);
ScriptContextRegistry registry = (ScriptContextRegistry) scriptContextRegistryConstructor.newInstance(Collections.emptyList());
ScriptContextRegistry registry = (ScriptContextRegistry) scriptContextRegistryConstructor.newInstance(Arrays.asList(ScriptServiceProxy.INSTANCE));
return ScriptServiceProxy.of(new ScriptService(settings, new Environment(settings), engineServiceSet, new ResourceWatcherService(settings, tp), registry));
}