security: Fail search request if profile is used and DLS is active.

Original commit: elastic/x-pack-elasticsearch@b83536460d
2017-10-26 09:48:57 +02:00 · 2017-10-26 09:48:57 +02:00 · 9a1c103bb2
parent 0c7caabea1
commit 9a1c103bb2
3 changed files with 52 additions and 0 deletions
--- a/docs/en/security/limitations.asciidoc
+++ b/docs/en/security/limitations.asciidoc
@ -64,6 +64,7 @@ When a user's role enables document level security for an index:
 ** The `percolate` query isn't supported.
 * If suggesters are specified and document level security is enabled then
  the specified suggesters are ignored.
+* A search request cannot be profiled if document level security is enabled.

 [float]
 [[alias-limitations]]
--- a/plugin/src/main/java/org/elasticsearch/xpack/security/action/interceptor/SearchRequestInterceptor.java
+++ b/plugin/src/main/java/org/elasticsearch/xpack/security/action/interceptor/SearchRequestInterceptor.java
@ -33,6 +33,10 @@ public class SearchRequestInterceptor extends FieldAndDocumentLevelSecurityReque
                throw new ElasticsearchSecurityException("Suggest isn't supported if document level security is enabled",
                        RestStatus.BAD_REQUEST);
            }
+            if (request.source() != null && request.source().profile()) {
+                throw new ElasticsearchSecurityException("A search request cannot be profiled if document level security is enabled",
+                        RestStatus.BAD_REQUEST);
+            }
        }
    }

--- a/plugin/src/test/java/org/elasticsearch/integration/DocumentLevelSecurityTests.java
+++ b/plugin/src/test/java/org/elasticsearch/integration/DocumentLevelSecurityTests.java
@ -25,6 +25,7 @@ import org.elasticsearch.common.settings.SecureString;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.unit.TimeValue;
 import org.elasticsearch.common.xcontent.XContentBuilder;
+import org.elasticsearch.index.query.FuzzyQueryBuilder;
 import org.elasticsearch.index.query.InnerHitBuilder;
 import org.elasticsearch.index.query.QueryBuilder;
 import org.elasticsearch.index.query.QueryBuilders;
@ -37,6 +38,9 @@ import org.elasticsearch.rest.RestStatus;
 import org.elasticsearch.search.aggregations.AggregationBuilders;
 import org.elasticsearch.search.aggregations.bucket.global.Global;
 import org.elasticsearch.search.aggregations.bucket.terms.Terms;
+import org.elasticsearch.search.profile.ProfileResult;
+import org.elasticsearch.search.profile.ProfileShardResult;
+import org.elasticsearch.search.profile.query.QueryProfileShardResult;
 import org.elasticsearch.search.sort.SortBuilders;
 import org.elasticsearch.search.sort.SortMode;
 import org.elasticsearch.search.sort.SortOrder;
@ -1054,4 +1058,47 @@ public class DocumentLevelSecurityTests extends SecurityIntegTestCase {
        assertThat(e.getMessage(), equalTo("Suggest isn't supported if document level security is enabled"));
    }

+    public void testProfile() throws Exception {
+        assertAcked(client().admin().indices().prepareCreate("test")
+                .setSettings(Settings.builder().put("index.number_of_shards", 1))
+                .addMapping("type1", "field1", "type=text", "other_field", "type=text")
+        );
+
+        client().prepareIndex("test", "type1", "1")
+                .setSource(jsonBuilder().startObject()
+                        .field("field1", "value1")
+                        .field("other_field", "value")
+                        .endObject()).get();
+        // A document that is always included by role query of both roles:
+        client().prepareIndex("test", "type1", "2")
+                .setSource(jsonBuilder().startObject()
+                        .field("field1", "value1")
+                        .field("field2", "value2")
+                        .endObject()).get();
+        refresh("test");
+
+        SearchResponse response = client()
+                .prepareSearch("test")
+                .setProfile(true)
+                .setQuery(new FuzzyQueryBuilder("other_field", "valeu"))
+                .get();
+        assertNoFailures(response);
+
+        assertThat(response.getProfileResults().size(), equalTo(1));
+        ProfileShardResult shardResult = response.getProfileResults().get(response.getProfileResults().keySet().toArray()[0]);
+        assertThat(shardResult.getQueryProfileResults().size(), equalTo(1));
+        QueryProfileShardResult queryProfileShardResult = shardResult.getQueryProfileResults().get(0);
+        assertThat(queryProfileShardResult.getQueryResults().size(), equalTo(1));
+        ProfileResult profileResult = queryProfileShardResult.getQueryResults().get(0);
+        assertThat(profileResult.getLuceneDescription(), equalTo("(other_field:value)^0.8"));
+
+        Exception e = expectThrows(ElasticsearchSecurityException.class, () -> client()
+                .filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user2", USERS_PASSWD)))
+                .prepareSearch("test")
+                .setProfile(true)
+                .setQuery(new FuzzyQueryBuilder("other_field", "valeu"))
+                .get());
+        assertThat(e.getMessage(), equalTo("A search request cannot be profiled if document level security is enabled"));
+    }
+
 }