diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java index 70767c023c5..5958a763eee 100644 --- a/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/SecurityRequestConverters.java @@ -63,7 +63,7 @@ final class SecurityRequestConverters { static Request putUser(PutUserRequest putUserRequest) throws IOException { String endpoint = new RequestConverters.EndpointBuilder() .addPathPartAsIs("_xpack/security/user") - .addPathPart(putUserRequest.getUsername()) + .addPathPart(putUserRequest.getUser().getUsername()) .build(); Request request = new Request(HttpPut.METHOD_NAME, endpoint); request.setEntity(createEntity(putUserRequest, REQUEST_BODY_CONTENT_TYPE)); diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/PutUserRequest.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/PutUserRequest.java index 11e13f621e6..66af9fca31c 100644 --- a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/PutUserRequest.java +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/PutUserRequest.java @@ -21,15 +21,14 @@ package org.elasticsearch.client.security; import org.elasticsearch.client.Validatable; import org.elasticsearch.client.ValidationException; +import org.elasticsearch.client.security.user.User; import org.elasticsearch.common.CharArrays; +import org.elasticsearch.common.Nullable; import org.elasticsearch.common.xcontent.ToXContentObject; import org.elasticsearch.common.xcontent.XContentBuilder; import java.io.IOException; import java.util.Arrays; -import java.util.Collections; -import java.util.List; -import java.util.Map; import java.util.Objects; import java.util.Optional; @@ -38,62 +37,33 @@ import java.util.Optional; */ public final class PutUserRequest implements Validatable, ToXContentObject { - private final String username; - private final List roles; - private final String fullName; - private final String email; - private final Map metadata; - private final char[] password; + private final User user; + private final @Nullable char[] password; private final boolean enabled; private final RefreshPolicy refreshPolicy; /** * Creates a new request that is used to create or update a user in the native realm. * - * @param username the username of the user to be created or updated + * @param user the user to be created or updated * @param password the password of the user. The password array is not modified by this class. * It is the responsibility of the caller to clear the password after receiving * a response. - * @param roles the roles that this user is assigned - * @param fullName the full name of the user that may be used for display purposes - * @param email the email address of the user * @param enabled true if the user is enabled and allowed to access elasticsearch - * @param metadata a map of additional user attributes that may be used in templating roles * @param refreshPolicy the refresh policy for the request. */ - public PutUserRequest(String username, char[] password, List roles, String fullName, String email, boolean enabled, - Map metadata, RefreshPolicy refreshPolicy) { - this.username = Objects.requireNonNull(username, "username is required"); + public PutUserRequest(User user, @Nullable char[] password, boolean enabled, @Nullable RefreshPolicy refreshPolicy) { + this.user = Objects.requireNonNull(user, "user is required, cannot be null"); this.password = password; - this.roles = Collections.unmodifiableList(Objects.requireNonNull(roles, "roles must be specified")); - this.fullName = fullName; - this.email = email; this.enabled = enabled; - this.metadata = metadata == null ? Collections.emptyMap() : Collections.unmodifiableMap(metadata); this.refreshPolicy = refreshPolicy == null ? RefreshPolicy.getDefault() : refreshPolicy; } - public String getUsername() { - return username; + public User getUser() { + return user; } - public List getRoles() { - return roles; - } - - public String getFullName() { - return fullName; - } - - public String getEmail() { - return email; - } - - public Map getMetadata() { - return metadata; - } - - public char[] getPassword() { + public @Nullable char[] getPassword() { return password; } @@ -109,29 +79,25 @@ public final class PutUserRequest implements Validatable, ToXContentObject { public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; - PutUserRequest that = (PutUserRequest) o; - return enabled == that.enabled && - Objects.equals(username, that.username) && - Objects.equals(roles, that.roles) && - Objects.equals(fullName, that.fullName) && - Objects.equals(email, that.email) && - Objects.equals(metadata, that.metadata) && - Arrays.equals(password, that.password) && - refreshPolicy == that.refreshPolicy; + final PutUserRequest that = (PutUserRequest) o; + return Objects.equals(user, that.user) + && Arrays.equals(password, that.password) + && enabled == that.enabled + && refreshPolicy == that.refreshPolicy; } @Override public int hashCode() { - int result = Objects.hash(username, roles, fullName, email, metadata, enabled, refreshPolicy); + int result = Objects.hash(user, enabled, refreshPolicy); result = 31 * result + Arrays.hashCode(password); return result; } @Override public Optional validate() { - if (metadata != null && metadata.keySet().stream().anyMatch(s -> s.startsWith("_"))) { + if (user.getMetadata() != null && user.getMetadata().keySet().stream().anyMatch(s -> s.startsWith("_"))) { ValidationException validationException = new ValidationException(); - validationException.addValidationError("metadata keys may not start with [_]"); + validationException.addValidationError("user metadata keys may not start with [_]"); return Optional.of(validationException); } return Optional.empty(); @@ -140,7 +106,7 @@ public final class PutUserRequest implements Validatable, ToXContentObject { @Override public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { builder.startObject(); - builder.field("username", username); + builder.field("username", user.getUsername()); if (password != null) { byte[] charBytes = CharArrays.toUtf8Bytes(password); try { @@ -149,18 +115,15 @@ public final class PutUserRequest implements Validatable, ToXContentObject { Arrays.fill(charBytes, (byte) 0); } } - if (roles != null) { - builder.field("roles", roles); + builder.field("roles", user.getRoles()); + if (user.getFullName() != null) { + builder.field("full_name", user.getFullName()); } - if (fullName != null) { - builder.field("full_name", fullName); - } - if (email != null) { - builder.field("email", email); - } - if (metadata != null) { - builder.field("metadata", metadata); + if (user.getEmail() != null) { + builder.field("email", user.getEmail()); } + builder.field("metadata", user.getMetadata()); + builder.field("enabled", enabled); return builder.endObject(); } } diff --git a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/user/User.java b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/user/User.java index 977780b46b7..ba6cd5f2f8e 100644 --- a/client/rest-high-level/src/main/java/org/elasticsearch/client/security/user/User.java +++ b/client/rest-high-level/src/main/java/org/elasticsearch/client/security/user/User.java @@ -24,38 +24,59 @@ import org.elasticsearch.common.Strings; import java.util.Collection; import java.util.Collections; +import java.util.HashSet; import java.util.Map; import java.util.Objects; +import java.util.Set; /** - * An authenticated user + * A user to be utilized with security APIs. + * Can be an existing authenticated user or it can be a new user to be enrolled to the native realm. */ public final class User { private final String username; - private final Collection roles; + private final Set roles; private final Map metadata; @Nullable private final String fullName; @Nullable private final String email; + /** + * Builds the user to be utilized with security APIs. + * + * @param username the username, also known as the principal, unique for in the scope of a realm + * @param roles the roles that this user is assigned + * @param metadata a map of additional user attributes that may be used in templating roles + * @param fullName the full name of the user that may be used for display purposes + * @param email the email address of the user + */ public User(String username, Collection roles, Map metadata, @Nullable String fullName, @Nullable String email) { - Objects.requireNonNull(username, "`username` cannot be null"); - Objects.requireNonNull(roles, "`roles` cannot be null. Pass an empty collection instead."); - Objects.requireNonNull(roles, "`metadata` cannot be null. Pass an empty map instead."); - this.username = username; - this.roles = roles; - this.metadata = Collections.unmodifiableMap(metadata); + this.username = username = Objects.requireNonNull(username, "`username` is required, cannot be null"); + this.roles = Collections.unmodifiableSet(new HashSet<>( + Objects.requireNonNull(roles, "`roles` is required, cannot be null. Pass an empty Collection instead."))); + this.metadata = Collections + .unmodifiableMap(Objects.requireNonNull(metadata, "`metadata` is required, cannot be null. Pass an empty map instead.")); this.fullName = fullName; this.email = email; } + /** + * Builds the user to be utilized with security APIs. + * + * @param username the username, also known as the principal, unique for in the scope of a realm + * @param roles the roles that this user is assigned + */ + public User(String username, Collection roles) { + this(username, roles, Collections.emptyMap(), null, null); + } + /** * @return The principal of this user - effectively serving as the * unique identity of the user. Can never be {@code null}. */ - public String username() { + public String getUsername() { return this.username; } @@ -64,28 +85,28 @@ public final class User { * identified by their unique names and each represents as * set of permissions. Can never be {@code null}. */ - public Collection roles() { + public Set getRoles() { return this.roles; } /** * @return The metadata that is associated with this user. Can never be {@code null}. */ - public Map metadata() { + public Map getMetadata() { return metadata; } /** * @return The full name of this user. May be {@code null}. */ - public @Nullable String fullName() { + public @Nullable String getFullName() { return fullName; } /** * @return The email of this user. May be {@code null}. */ - public @Nullable String email() { + public @Nullable String getEmail() { return email; } @@ -103,28 +124,14 @@ public final class User { @Override public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o instanceof User == false) { - return false; - } - - final User user = (User) o; - - if (!username.equals(user.username)) { - return false; - } - if (!roles.equals(user.roles)) { - return false; - } - if (!metadata.equals(user.metadata)) { - return false; - } - if (fullName != null ? !fullName.equals(user.fullName) : user.fullName != null) { - return false; - } - return !(email != null ? !email.equals(user.email) : user.email != null); + if (this == o) return true; + if (o == null || this.getClass() != o.getClass()) return false; + final User that = (User) o; + return Objects.equals(username, that.username) + && Objects.equals(roles, that.roles) + && Objects.equals(metadata, that.metadata) + && Objects.equals(fullName, that.fullName) + && Objects.equals(email, that.email); } @Override diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityIT.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityIT.java index 74a4d58e2bf..5a5091fe758 100644 --- a/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityIT.java +++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityIT.java @@ -25,6 +25,7 @@ import org.elasticsearch.client.security.AuthenticateResponse; import org.elasticsearch.client.security.PutUserRequest; import org.elasticsearch.client.security.PutUserResponse; import org.elasticsearch.client.security.RefreshPolicy; +import org.elasticsearch.client.security.user.User; import org.elasticsearch.common.CharArrays; import java.util.Arrays; @@ -34,12 +35,29 @@ import java.util.List; import java.util.Map; import static org.hamcrest.Matchers.is; -import static org.hamcrest.Matchers.contains; import static org.hamcrest.Matchers.containsString; -import static org.hamcrest.Matchers.empty; public class SecurityIT extends ESRestHighLevelClientTestCase { + public void testPutUser() throws Exception { + final SecurityClient securityClient = highLevelClient().security(); + // create user + final PutUserRequest putUserRequest = randomPutUserRequest(randomBoolean()); + final PutUserResponse putUserResponse = execute(putUserRequest, securityClient::putUser, securityClient::putUserAsync); + // assert user created + assertThat(putUserResponse.isCreated(), is(true)); + // update user + final User updatedUser = randomUser(putUserRequest.getUser().getUsername()); + final PutUserRequest updateUserRequest = randomPutUserRequest(updatedUser, randomBoolean()); + final PutUserResponse updateUserResponse = execute(updateUserRequest, securityClient::putUser, securityClient::putUserAsync); + // assert user not created + assertThat(updateUserResponse.isCreated(), is(false)); + // delete user + final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME, + "/_xpack/security/user/" + putUserRequest.getUser().getUsername()); + highLevelClient().getLowLevelClient().performRequest(deleteUserRequest); + } + public void testAuthenticate() throws Exception { final SecurityClient securityClient = highLevelClient().security(); // test fixture: put enabled user @@ -48,34 +66,30 @@ public class SecurityIT extends ESRestHighLevelClientTestCase { assertThat(putUserResponse.isCreated(), is(true)); // authenticate correctly - final String basicAuthHeader = basicAuthHeader(putUserRequest.getUsername(), putUserRequest.getPassword()); + final String basicAuthHeader = basicAuthHeader(putUserRequest.getUser().getUsername(), putUserRequest.getPassword()); final AuthenticateResponse authenticateResponse = execute(securityClient::authenticate, securityClient::authenticateAsync, authorizationRequestOptions(basicAuthHeader)); - assertThat(authenticateResponse.getUser().username(), is(putUserRequest.getUsername())); - if (putUserRequest.getRoles().isEmpty()) { - assertThat(authenticateResponse.getUser().roles(), is(empty())); - } else { - assertThat(authenticateResponse.getUser().roles(), contains(putUserRequest.getRoles().toArray())); - } - assertThat(authenticateResponse.getUser().metadata(), is(putUserRequest.getMetadata())); - assertThat(authenticateResponse.getUser().fullName(), is(putUserRequest.getFullName())); - assertThat(authenticateResponse.getUser().email(), is(putUserRequest.getEmail())); + assertThat(authenticateResponse.getUser(), is(putUserRequest.getUser())); assertThat(authenticateResponse.enabled(), is(true)); // delete user - final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME, "/_xpack/security/user/" + putUserRequest.getUsername()); + final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME, + "/_xpack/security/user/" + putUserRequest.getUser().getUsername()); highLevelClient().getLowLevelClient().performRequest(deleteUserRequest); // authentication no longer works ElasticsearchStatusException e = expectThrows(ElasticsearchStatusException.class, () -> execute(securityClient::authenticate, securityClient::authenticateAsync, authorizationRequestOptions(basicAuthHeader))); - assertThat(e.getMessage(), containsString("unable to authenticate user [" + putUserRequest.getUsername() + "]")); + assertThat(e.getMessage(), containsString("unable to authenticate user [" + putUserRequest.getUser().getUsername() + "]")); } - private static PutUserRequest randomPutUserRequest(boolean enabled) { + private static User randomUser() { final String username = randomAlphaOfLengthBetween(1, 4); - final char[] password = randomAlphaOfLengthBetween(6, 10).toCharArray(); + return randomUser(username); + } + + private static User randomUser(String username) { final List roles = Arrays.asList(generateRandomStringArray(3, 3, false, true)); final String fullName = randomFrom(random(), null, randomAlphaOfLengthBetween(0, 3)); final String email = randomFrom(random(), null, randomAlphaOfLengthBetween(0, 3)); @@ -91,15 +105,25 @@ public class SecurityIT extends ESRestHighLevelClientTestCase { } else { metadata.put("string_list", Arrays.asList(generateRandomStringArray(4, 4, false, true))); } - return new PutUserRequest(username, password, roles, fullName, email, enabled, metadata, RefreshPolicy.IMMEDIATE); + return new User(username, roles, metadata, fullName, email); } - + + private static PutUserRequest randomPutUserRequest(boolean enabled) { + final User user = randomUser(); + return randomPutUserRequest(user, enabled); + } + + private static PutUserRequest randomPutUserRequest(User user, boolean enabled) { + final char[] password = randomAlphaOfLengthBetween(6, 10).toCharArray(); + return new PutUserRequest(user, password, enabled, RefreshPolicy.IMMEDIATE); + } + private static String basicAuthHeader(String username, char[] password) { final String concat = new StringBuilder().append(username).append(':').append(password).toString(); final byte[] concatBytes = CharArrays.toUtf8Bytes(concat.toCharArray()); return "Basic " + Base64.getEncoder().encodeToString(concatBytes); } - + private static RequestOptions authorizationRequestOptions(String authorizationHeader) { final RequestOptions.Builder builder = RequestOptions.DEFAULT.toBuilder(); builder.addHeader("Authorization", authorizationHeader); diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java index e0499c621f7..d2679906af2 100644 --- a/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java +++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/SecurityRequestConvertersTests.java @@ -36,6 +36,7 @@ import org.elasticsearch.client.security.RefreshPolicy; import org.elasticsearch.client.security.support.expressiondsl.RoleMapperExpression; import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression; import org.elasticsearch.client.security.support.expressiondsl.fields.FieldRoleMapperExpression; +import org.elasticsearch.client.security.user.User; import org.elasticsearch.common.Strings; import org.elasticsearch.test.ESTestCase; @@ -57,23 +58,21 @@ public class SecurityRequestConvertersTests extends ESTestCase { final String email = randomBoolean() ? null : randomAlphaOfLengthBetween(12, 24); final String fullName = randomBoolean() ? null : randomAlphaOfLengthBetween(7, 14); final boolean enabled = randomBoolean(); - final Map metadata; + final Map metadata = new HashMap<>(); if (randomBoolean()) { - metadata = new HashMap<>(); for (int i = 0; i < randomIntBetween(0, 10); i++) { metadata.put(String.valueOf(i), randomAlphaOfLengthBetween(1, 12)); } - } else { - metadata = null; } + final User user = new User(username, roles, metadata, fullName, email); final RefreshPolicy refreshPolicy = randomFrom(RefreshPolicy.values()); final Map expectedParams = getExpectedParamsFromRefreshPolicy(refreshPolicy); - PutUserRequest putUserRequest = new PutUserRequest(username, password, roles, fullName, email, enabled, metadata, refreshPolicy); + PutUserRequest putUserRequest = new PutUserRequest(user, password, enabled, refreshPolicy); Request request = SecurityRequestConverters.putUser(putUserRequest); assertEquals(HttpPut.METHOD_NAME, request.getMethod()); - assertEquals("/_xpack/security/user/" + putUserRequest.getUsername(), request.getEndpoint()); + assertEquals("/_xpack/security/user/" + putUserRequest.getUser().getUsername(), request.getEndpoint()); assertEquals(expectedParams, request.getParameters()); assertToXContentBody(putUserRequest, request.getEntity()); } diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java index 0273b3a0458..ffa30e16c04 100644 --- a/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java +++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/documentation/SecurityDocumentationIT.java @@ -90,8 +90,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { { //tag::put-user-execute char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; - PutUserRequest request = - new PutUserRequest("example", password, Collections.singletonList("superuser"), null, null, true, null, RefreshPolicy.NONE); + User user = new User("example", Collections.singletonList("superuser")); + PutUserRequest request = new PutUserRequest(user, password, true, RefreshPolicy.NONE); PutUserResponse response = client.security().putUser(request, RequestOptions.DEFAULT); //end::put-user-execute @@ -104,8 +104,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { { char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; - PutUserRequest request = new PutUserRequest("example2", password, Collections.singletonList("superuser"), null, null, true, - null, RefreshPolicy.NONE); + User user2 = new User("example2", Collections.singletonList("superuser")); + PutUserRequest request = new PutUserRequest(user2, password, true, RefreshPolicy.NONE); // tag::put-user-execute-listener ActionListener listener = new ActionListener() { @Override @@ -300,8 +300,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { public void testEnableUser() throws Exception { RestHighLevelClient client = highLevelClient(); char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; - PutUserRequest putUserRequest = new PutUserRequest("enable_user", password, Collections.singletonList("superuser"), null, - null, true, null, RefreshPolicy.IMMEDIATE); + User enable_user = new User("enable_user", Collections.singletonList("superuser")); + PutUserRequest putUserRequest = new PutUserRequest(enable_user, password, true, RefreshPolicy.IMMEDIATE); PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT); assertTrue(putUserResponse.isCreated()); @@ -345,8 +345,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { public void testDisableUser() throws Exception { RestHighLevelClient client = highLevelClient(); char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; - PutUserRequest putUserRequest = new PutUserRequest("disable_user", password, Collections.singletonList("superuser"), null, - null, true, null, RefreshPolicy.IMMEDIATE); + User disable_user = new User("disable_user", Collections.singletonList("superuser")); + PutUserRequest putUserRequest = new PutUserRequest(disable_user, password, true, RefreshPolicy.IMMEDIATE); PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT); assertTrue(putUserResponse.isCreated()); { @@ -398,11 +398,11 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { boolean enabled = response.enabled(); // <2> //end::authenticate-response - assertThat(user.username(), is("test_user")); - assertThat(user.roles(), contains(new String[]{"superuser"})); - assertThat(user.fullName(), nullValue()); - assertThat(user.email(), nullValue()); - assertThat(user.metadata().isEmpty(), is(true)); + assertThat(user.getUsername(), is("test_user")); + assertThat(user.getRoles(), contains(new String[] {"superuser"})); + assertThat(user.getFullName(), nullValue()); + assertThat(user.getEmail(), nullValue()); + assertThat(user.getMetadata().isEmpty(), is(true)); assertThat(enabled, is(true)); } @@ -608,8 +608,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { RestHighLevelClient client = highLevelClient(); char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; char[] newPassword = new char[]{'n', 'e', 'w', 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; - PutUserRequest putUserRequest = new PutUserRequest("change_password_user", password, Collections.singletonList("superuser"), - null, null, true, null, RefreshPolicy.NONE); + User user = new User("change_password_user", Collections.singletonList("superuser"), Collections.emptyMap(), null, null); + PutUserRequest putUserRequest = new PutUserRequest(user, password, true, RefreshPolicy.NONE); PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT); assertTrue(putUserResponse.isCreated()); { @@ -774,8 +774,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { { // Setup user - PutUserRequest putUserRequest = new PutUserRequest("token_user", "password".toCharArray(), - Collections.singletonList("kibana_user"), null, null, true, null, RefreshPolicy.IMMEDIATE); + User token_user = new User("token_user", Collections.singletonList("kibana_user")); + PutUserRequest putUserRequest = new PutUserRequest(token_user, "password".toCharArray(), true, RefreshPolicy.IMMEDIATE); PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT); assertTrue(putUserResponse.isCreated()); } @@ -852,8 +852,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase { { // Setup user final char[] password = "password".toCharArray(); - PutUserRequest putUserRequest = new PutUserRequest("invalidate_token", password, - Collections.singletonList("kibana_user"), null, null, true, null, RefreshPolicy.IMMEDIATE); + User invalidate_token_user = new User("invalidate_token", Collections.singletonList("kibana_user")); + PutUserRequest putUserRequest = new PutUserRequest(invalidate_token_user, password, true, RefreshPolicy.IMMEDIATE); PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT); assertTrue(putUserResponse.isCreated()); diff --git a/client/rest-high-level/src/test/java/org/elasticsearch/client/security/AuthenticateResponseTests.java b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/AuthenticateResponseTests.java index ce813f5ecf5..1931ce3f698 100644 --- a/client/rest-high-level/src/test/java/org/elasticsearch/client/security/AuthenticateResponseTests.java +++ b/client/rest-high-level/src/test/java/org/elasticsearch/client/security/AuthenticateResponseTests.java @@ -77,14 +77,14 @@ public class AuthenticateResponseTests extends ESTestCase { final User user = response.getUser(); final boolean enabled = response.enabled(); builder.startObject(); - builder.field(AuthenticateResponse.USERNAME.getPreferredName(), user.username()); - builder.field(AuthenticateResponse.ROLES.getPreferredName(), user.roles()); - builder.field(AuthenticateResponse.METADATA.getPreferredName(), user.metadata()); - if (user.fullName() != null) { - builder.field(AuthenticateResponse.FULL_NAME.getPreferredName(), user.fullName()); + builder.field(AuthenticateResponse.USERNAME.getPreferredName(), user.getUsername()); + builder.field(AuthenticateResponse.ROLES.getPreferredName(), user.getRoles()); + builder.field(AuthenticateResponse.METADATA.getPreferredName(), user.getMetadata()); + if (user.getFullName() != null) { + builder.field(AuthenticateResponse.FULL_NAME.getPreferredName(), user.getFullName()); } - if (user.email() != null) { - builder.field(AuthenticateResponse.EMAIL.getPreferredName(), user.email()); + if (user.getEmail() != null) { + builder.field(AuthenticateResponse.EMAIL.getPreferredName(), user.getEmail()); } builder.field(AuthenticateResponse.ENABLED.getPreferredName(), enabled); builder.endObject(); @@ -92,8 +92,8 @@ public class AuthenticateResponseTests extends ESTestCase { private AuthenticateResponse copy(AuthenticateResponse response) { final User originalUser = response.getUser(); - final User copyUser = new User(originalUser.username(), originalUser.roles(), originalUser.metadata(), originalUser.fullName(), - originalUser.email()); + final User copyUser = new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(), + originalUser.getFullName(), originalUser.getEmail()); return new AuthenticateResponse(copyUser, response.enabled()); } @@ -101,27 +101,27 @@ public class AuthenticateResponseTests extends ESTestCase { final User originalUser = response.getUser(); switch (randomIntBetween(1, 6)) { case 1: - return new AuthenticateResponse(new User(originalUser.username() + "wrong", originalUser.roles(), originalUser.metadata(), - originalUser.fullName(), originalUser.email()), response.enabled()); + return new AuthenticateResponse(new User(originalUser.getUsername() + "wrong", originalUser.getRoles(), + originalUser.getMetadata(), originalUser.getFullName(), originalUser.getEmail()), response.enabled()); case 2: - final Collection wrongRoles = new ArrayList<>(originalUser.roles()); + final Collection wrongRoles = new ArrayList<>(originalUser.getRoles()); wrongRoles.add(randomAlphaOfLengthBetween(1, 4)); - return new AuthenticateResponse(new User(originalUser.username(), wrongRoles, originalUser.metadata(), - originalUser.fullName(), originalUser.email()), response.enabled()); + return new AuthenticateResponse(new User(originalUser.getUsername(), wrongRoles, originalUser.getMetadata(), + originalUser.getFullName(), originalUser.getEmail()), response.enabled()); case 3: - final Map wrongMetadata = new HashMap<>(originalUser.metadata()); + final Map wrongMetadata = new HashMap<>(originalUser.getMetadata()); wrongMetadata.put("wrong_string", randomAlphaOfLengthBetween(0, 4)); - return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), wrongMetadata, - originalUser.fullName(), originalUser.email()), response.enabled()); + return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), wrongMetadata, + originalUser.getFullName(), originalUser.getEmail()), response.enabled()); case 4: - return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), originalUser.metadata(), - originalUser.fullName() + "wrong", originalUser.email()), response.enabled()); + return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(), + originalUser.getFullName() + "wrong", originalUser.getEmail()), response.enabled()); case 5: - return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), originalUser.metadata(), - originalUser.fullName(), originalUser.email() + "wrong"), response.enabled()); + return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(), + originalUser.getFullName(), originalUser.getEmail() + "wrong"), response.enabled()); case 6: - return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), originalUser.metadata(), - originalUser.fullName(), originalUser.email()), !response.enabled()); + return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(), + originalUser.getFullName(), originalUser.getEmail()), !response.enabled()); } throw new IllegalStateException("Bad random number"); }