Merge remote-tracking branch 'dakrone/fix-too-strict-validation'

Original commit: elastic/x-pack-elasticsearch@efb2d5ece6

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/RoleDescriptor.java

@@ -235,10 +235,6 @@ public class RoleDescriptor implements ToXContent {
                 }
             } else if (ParseFieldMatcher.STRICT.match(currentFieldName, Fields.PRIVILEGES)) {
                 privileges = readStringArray(roleName, parser, true);
-                if (names.length == 0) {
-                    throw new ElasticsearchParseException("failed to parse indices privileges for role [{}]. [{}] cannot be an empty " +
-                            "array", roleName, currentFieldName);
-                }
             } else if (ParseFieldMatcher.STRICT.match(currentFieldName, Fields.FIELDS)) {
                 fields = readStringArray(roleName, parser, true);
             } else {

elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/10_basic.yaml

@@ -22,6 +22,21 @@
             }
   - match: { role: { created: true } }
 
+  - do:
+      xpack.security.put_role:
+        name: "backwards_role"
+        body:  >
+            {
+              "cluster": ["all"],
+              "indices": [
+                {
+                  "privileges": ["all"],
+                  "names": "*"
+                }
+              ]
+            }
+  - match: { role: { created: true } }
+
   - do:
       xpack.security.put_user:
         username: "joe"