mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-17 18:35:25 +00:00
Fix forbidden apis usages, and convert more tests to CommandTestCase
Original commit: elastic/x-pack-elasticsearch@f5400388eb
This commit is contained in:
Ryan Ernst
parent
d880803c2d
commit
8c5d8653e0
@ -18,6 +18,7 @@ import org.elasticsearch.cli.Command;
|
||||
import org.elasticsearch.cli.ExitCodes;
|
||||
import org.elasticsearch.cli.UserError;
|
||||
import org.elasticsearch.cli.Terminal;
|
||||
import org.elasticsearch.common.SuppressForbidden;
|
||||
import org.elasticsearch.common.io.PathUtils;
|
||||
|
||||
import static org.elasticsearch.license.core.CryptUtils.writeEncryptedPrivateKey;
|
||||
@ -51,8 +52,8 @@ public class KeyPairGeneratorTool extends Command {
|
||||
|
||||
@Override
|
||||
protected void execute(Terminal terminal, OptionSet options) throws Exception {
|
||||
Path publicKeyPath = PathUtils.get(publicKeyPathOption.value(options));
|
||||
Path privateKeyPath = PathUtils.get(privateKeyPathOption.value(options));
|
||||
Path publicKeyPath = parsePath(publicKeyPathOption.value(options));
|
||||
Path privateKeyPath = parsePath(privateKeyPathOption.value(options));
|
||||
if (Files.exists(privateKeyPath)) {
|
||||
throw new UserError(ExitCodes.USAGE, privateKeyPath + " already exists");
|
||||
} else if (Files.exists(publicKeyPath)) {
|
||||
@ -70,4 +71,9 @@ public class KeyPairGeneratorTool extends Command {
|
||||
terminal.println(Terminal.Verbosity.VERBOSE, "generating key pair [public key: " + publicKeyPath + ", private key: "
|
||||
+ privateKeyPath + "]");
|
||||
}
|
||||
|
||||
@SuppressForbidden(reason = "Parsing command line path")
|
||||
private static Path parsePath(String path) {
|
||||
return PathUtils.get(path);
|
||||
}
|
||||
}
|
||||
|
||||
@ -14,6 +14,7 @@ import org.elasticsearch.cli.Command;
|
||||
import org.elasticsearch.cli.ExitCodes;
|
||||
import org.elasticsearch.cli.UserError;
|
||||
import org.elasticsearch.cli.Terminal;
|
||||
import org.elasticsearch.common.SuppressForbidden;
|
||||
import org.elasticsearch.common.io.PathUtils;
|
||||
import org.elasticsearch.common.xcontent.ToXContent;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
@ -58,22 +59,8 @@ public class LicenseGeneratorTool extends Command {
|
||||
|
||||
@Override
|
||||
protected void execute(Terminal terminal, OptionSet options) throws Exception {
|
||||
Path publicKeyPath = PathUtils.get(publicKeyPathOption.value(options));
|
||||
Path privateKeyPath = PathUtils.get(privateKeyPathOption.value(options));
|
||||
String licenseSpecString = null;
|
||||
if (options.has(licenseOption)) {
|
||||
licenseSpecString = licenseOption.value(options);
|
||||
}
|
||||
Path licenseSpecPath = null;
|
||||
if (options.has(licenseFileOption)) {
|
||||
licenseSpecPath = PathUtils.get(licenseFileOption.value(options));
|
||||
}
|
||||
execute(terminal, publicKeyPath, privateKeyPath, licenseSpecString, licenseSpecPath);
|
||||
}
|
||||
|
||||
// pkg private for testing
|
||||
void execute(Terminal terminal, Path publicKeyPath, Path privateKeyPath,
|
||||
String licenseSpecString, Path licenseSpecPath) throws Exception {
|
||||
Path publicKeyPath = parsePath(publicKeyPathOption.value(options));
|
||||
Path privateKeyPath = parsePath(privateKeyPathOption.value(options));
|
||||
if (Files.exists(privateKeyPath) == false) {
|
||||
throw new UserError(ExitCodes.USAGE, privateKeyPath + " does not exist");
|
||||
} else if (Files.exists(publicKeyPath) == false) {
|
||||
@ -81,9 +68,10 @@ public class LicenseGeneratorTool extends Command {
|
||||
}
|
||||
|
||||
final License licenseSpec;
|
||||
if (licenseSpecString != null) {
|
||||
licenseSpec = License.fromSource(licenseSpecString);
|
||||
} else if (licenseSpecPath != null) {
|
||||
if (options.has(licenseOption)) {
|
||||
licenseSpec = License.fromSource(licenseOption.value(options));
|
||||
} else if (options.has(licenseFileOption)) {
|
||||
Path licenseSpecPath = parsePath(licenseFileOption.value(options));
|
||||
if (Files.exists(licenseSpecPath) == false) {
|
||||
throw new UserError(ExitCodes.USAGE, licenseSpecPath + " does not exist");
|
||||
}
|
||||
@ -105,4 +93,9 @@ public class LicenseGeneratorTool extends Command {
|
||||
builder.flush();
|
||||
terminal.println(builder.string());
|
||||
}
|
||||
|
||||
@SuppressForbidden(reason = "Parsing command line path")
|
||||
private static Path parsePath(String path) {
|
||||
return PathUtils.get(path);
|
||||
}
|
||||
}
|
||||
|
||||
@ -14,6 +14,7 @@ import org.elasticsearch.cli.Command;
|
||||
import org.elasticsearch.cli.ExitCodes;
|
||||
import org.elasticsearch.cli.UserError;
|
||||
import org.elasticsearch.cli.Terminal;
|
||||
import org.elasticsearch.common.SuppressForbidden;
|
||||
import org.elasticsearch.common.io.PathUtils;
|
||||
import org.elasticsearch.common.xcontent.ToXContent;
|
||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||
@ -46,29 +47,16 @@ public class LicenseVerificationTool extends Command {
|
||||
|
||||
@Override
|
||||
protected void execute(Terminal terminal, OptionSet options) throws Exception {
|
||||
Path publicKeyPath = PathUtils.get(publicKeyPathOption.value(options));
|
||||
String licenseSpecString = null;
|
||||
if (options.has(licenseOption)) {
|
||||
licenseSpecString = licenseOption.value(options);
|
||||
}
|
||||
Path licenseSpecPath = null;
|
||||
if (options.has(licenseFileOption)) {
|
||||
licenseSpecPath = PathUtils.get(licenseFileOption.value(options));
|
||||
}
|
||||
execute(terminal, publicKeyPath, licenseSpecString, licenseSpecPath);
|
||||
}
|
||||
|
||||
// pkg private for tests
|
||||
void execute(Terminal terminal, Path publicKeyPath,
|
||||
String licenseSpecString, Path licenseSpecPath) throws Exception {
|
||||
Path publicKeyPath = parsePath(publicKeyPathOption.value(options));
|
||||
if (Files.exists(publicKeyPath) == false) {
|
||||
throw new UserError(ExitCodes.USAGE, publicKeyPath + " does not exist");
|
||||
}
|
||||
|
||||
final License licenseSpec;
|
||||
if (licenseSpecString != null) {
|
||||
licenseSpec = License.fromSource(licenseSpecString);
|
||||
} else if (licenseSpecPath != null) {
|
||||
if (options.has(licenseOption)) {
|
||||
licenseSpec = License.fromSource(licenseOption.value(options));
|
||||
} else if (options.has(licenseFileOption)) {
|
||||
Path licenseSpecPath = parsePath(licenseFileOption.value(options));
|
||||
if (Files.exists(licenseSpecPath) == false) {
|
||||
throw new UserError(ExitCodes.USAGE, licenseSpecPath + " does not exist");
|
||||
}
|
||||
@ -90,4 +78,9 @@ public class LicenseVerificationTool extends Command {
|
||||
builder.flush();
|
||||
terminal.println(builder.string());
|
||||
}
|
||||
|
||||
@SuppressForbidden(reason = "Parsing command line path")
|
||||
private static Path parsePath(String path) {
|
||||
return PathUtils.get(path);
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,7 +35,7 @@ public class KeyPairGenerationToolTests extends CommandTestCase {
|
||||
e = expectThrows(UserError.class, () -> {
|
||||
execute("--publicKeyPath", dne.toString(), "--privateKeyPath", exists.toString());
|
||||
});
|
||||
assertThat(e.getMessage(), containsString("pri"));
|
||||
assertThat(e.getMessage(), containsString("existing"));
|
||||
assertEquals(ExitCodes.USAGE, e.exitCode);
|
||||
}
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ import org.elasticsearch.cli.Command;
|
||||
import org.elasticsearch.cli.ExitCodes;
|
||||
import org.elasticsearch.cli.UserError;
|
||||
import org.elasticsearch.cli.Terminal;
|
||||
import org.elasticsearch.common.SuppressForbidden;
|
||||
import org.elasticsearch.common.io.PathUtils;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.util.set.Sets;
|
||||
@ -48,19 +49,14 @@ public class SystemKeyTool extends Command {
|
||||
|
||||
@Override
|
||||
protected void execute(Terminal terminal, OptionSet options) throws Exception {
|
||||
Path keyPath = null;
|
||||
List<String> args = arguments.values(options);
|
||||
if (args.size() > 1) {
|
||||
throw new UserError(ExitCodes.USAGE, "No more than one key path can be supplied");
|
||||
} else if (args.size() == 1) {
|
||||
keyPath = PathUtils.get(args.get(0));
|
||||
}
|
||||
execute(terminal, keyPath);
|
||||
}
|
||||
|
||||
// pkg private for tests
|
||||
void execute(Terminal terminal, Path keyPath) throws Exception {
|
||||
if (keyPath == null) {
|
||||
final Path keyPath;
|
||||
if (options.has(arguments)) {
|
||||
List<String> args = arguments.values(options);
|
||||
if (args.size() > 1) {
|
||||
throw new UserError(ExitCodes.USAGE, "No more than one key path can be supplied");
|
||||
}
|
||||
keyPath = parsePath(args.get(0));
|
||||
} else {
|
||||
keyPath = InternalCryptoService.resolveSystemKey(env.settings(), env);
|
||||
}
|
||||
|
||||
@ -79,4 +75,8 @@ public class SystemKeyTool extends Command {
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressForbidden(reason = "Parsing command line path")
|
||||
private static Path parsePath(String path) {
|
||||
return PathUtils.get(path);
|
||||
}
|
||||
}
|
||||
|
||||
@ -11,6 +11,8 @@ import java.nio.file.attribute.PosixFileAttributeView;
|
||||
import java.nio.file.attribute.PosixFilePermission;
|
||||
import java.util.Set;
|
||||
|
||||
import org.elasticsearch.cli.Command;
|
||||
import org.elasticsearch.cli.CommandTestCase;
|
||||
import org.elasticsearch.cli.MockTerminal;
|
||||
import org.elasticsearch.cli.Terminal;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
@ -20,22 +22,27 @@ import org.elasticsearch.test.ESTestCase;
|
||||
import org.elasticsearch.xpack.XPackPlugin;
|
||||
import org.junit.Before;
|
||||
|
||||
public class SystemKeyToolTests extends ESTestCase {
|
||||
private Terminal terminal;
|
||||
private Environment env;
|
||||
// TODO: use jimfs in these tests so they actually run!
|
||||
public class SystemKeyToolTests extends CommandTestCase {
|
||||
Settings.Builder settingsBuilder;
|
||||
Path homeDir;
|
||||
|
||||
@Before
|
||||
public void init() throws Exception {
|
||||
terminal = new MockTerminal();
|
||||
Settings settings = Settings.builder()
|
||||
.put(Environment.PATH_HOME_SETTING.getKey(), createTempDir()).build();
|
||||
env = new Environment(settings);
|
||||
homeDir = createTempDir();
|
||||
settingsBuilder = Settings.builder()
|
||||
.put(Environment.PATH_HOME_SETTING.getKey(), homeDir);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Command newCommand() {
|
||||
return new SystemKeyTool(new Environment(settingsBuilder.build()));
|
||||
}
|
||||
|
||||
public void testGenerate() throws Exception {
|
||||
assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
|
||||
Path path = createTempDir().resolve("key");
|
||||
new SystemKeyTool(env).execute(terminal, path);
|
||||
execute(path.toString());
|
||||
byte[] bytes = Files.readAllBytes(path);
|
||||
// TODO: maybe we should actually check the key is...i dunno...valid?
|
||||
assertEquals(InternalCryptoService.KEY_SIZE / 8, bytes.length);
|
||||
@ -49,19 +56,17 @@ public class SystemKeyToolTests extends ESTestCase {
|
||||
public void testGeneratePathInSettings() throws Exception {
|
||||
assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
|
||||
Path path = createTempDir().resolve("key");
|
||||
Settings settings = Settings.builder().put(env.settings())
|
||||
.put("shield.system_key.file", path.toAbsolutePath().toString()).build();
|
||||
env = new Environment(settings);
|
||||
new SystemKeyTool(env).execute(terminal, (Path) null);
|
||||
settingsBuilder.put("shield.system_key.file", path.toAbsolutePath().toString());
|
||||
execute();
|
||||
byte[] bytes = Files.readAllBytes(path);
|
||||
assertEquals(InternalCryptoService.KEY_SIZE / 8, bytes.length);
|
||||
}
|
||||
|
||||
public void testGenerateDefaultPath() throws Exception {
|
||||
assumeTrue("test cannot run with security manager enabled", System.getSecurityManager() == null);
|
||||
Path keyPath = XPackPlugin.resolveConfigFile(env, "system_key");
|
||||
Path keyPath = homeDir.resolve("config/xpack/system_key");
|
||||
Files.createDirectories(keyPath.getParent());
|
||||
new SystemKeyTool(env).execute(terminal, (Path) null);
|
||||
execute();
|
||||
byte[] bytes = Files.readAllBytes(keyPath);
|
||||
assertEquals(InternalCryptoService.KEY_SIZE / 8, bytes.length);
|
||||
}
|
||||
@ -72,7 +77,7 @@ public class SystemKeyToolTests extends ESTestCase {
|
||||
boolean isPosix = Files.getFileAttributeView(path.getParent(), PosixFileAttributeView.class) != null;
|
||||
assumeTrue("posix filesystem", isPosix);
|
||||
|
||||
new SystemKeyTool(env).execute(terminal, path);
|
||||
execute(path.toString());
|
||||
Set<PosixFilePermission> perms = Files.getPosixFilePermissions(path);
|
||||
assertTrue(perms.toString(), perms.contains(PosixFilePermission.OWNER_READ));
|
||||
assertTrue(perms.toString(), perms.contains(PosixFilePermission.OWNER_WRITE));
|
||||
|
||||
@ -18,6 +18,6 @@ public class CronEvalToolTests extends CommandTestCase {
|
||||
String countOption = randomBoolean() ? "-c" : "--count";
|
||||
int count = randomIntBetween(1, 100);
|
||||
String output = execute(countOption, Integer.toString(count), "0 0 0 1-6 * ?");
|
||||
assertTrue(output, output.contains("Here are the next 60 times this cron expression will trigger"));
|
||||
assertTrue(output, output.contains("Here are the next " + count + " times this cron expression will trigger"));
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user