From f58f347fe1f21ca42c29ea264b8561ebe397ceb9 Mon Sep 17 00:00:00 2001 From: javanna Date: Thu, 19 May 2016 11:46:55 +0200 Subject: [PATCH 01/29] Replace HttpRequestBuilder usages with official RestClient Original commit: elastic/x-pack-elasticsearch@7428498b471d06dac2c677ef6d4fc0125949be1f --- .../shield/audit/IndexAuditIT.java | 14 ++- .../example/realm/CustomRealmIT.java | 29 ++++-- .../shield/MarvelSettingsFilterTests.java | 80 ++++++---------- .../AbstractPrivilegeTestCase.java | 68 +++++++------- .../integration/BulkUpdateTests.java | 84 ++++++++++------- .../integration/ClearRealmsCacheTests.java | 34 +++---- .../integration/ClearRolesCacheTests.java | 25 ++--- .../integration/IndexPrivilegeTests.java | 19 +++- .../integration/LicensingTests.java | 23 +++-- .../ShieldPluginEnabledDisabledTests.java | 16 ---- .../shield/ShieldPluginTests.java | 41 ++++----- .../shield/authc/RunAsIntegTests.java | 91 +++++++++++-------- .../authc/pki/PkiOptionalClientAuthTests.java | 37 ++++---- .../PkiWithoutClientAuthenticationTests.java | 28 +++--- .../shield/authc/pki/PkiWithoutSSLTests.java | 27 +++--- .../action/RestAuthenticateActionTests.java | 62 ++++++++----- .../transport/ssl/SslClientAuthTests.java | 32 +++---- .../watcher/WatcherPluginDisableTests.java | 19 ++-- .../WatcherSettingsFilterTests.java | 60 +++++------- 19 files changed, 395 insertions(+), 394 deletions(-) diff --git a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java index e8858992dde..3f50acc809c 100644 --- a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java +++ b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java @@ -6,10 +6,13 @@ package org.elasticsearch.shield.audit; import com.carrotsearch.hppc.cursors.ObjectCursor; +import org.apache.http.message.BasicHeader; import org.elasticsearch.action.admin.indices.template.delete.DeleteIndexTemplateResponse; import org.elasticsearch.action.admin.indices.template.get.GetIndexTemplatesResponse; import org.elasticsearch.action.search.SearchResponse; import org.elasticsearch.cluster.ClusterState; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.cluster.metadata.IndexTemplateMetaData; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.index.query.QueryBuilders; @@ -19,7 +22,6 @@ import org.elasticsearch.shield.audit.index.IndexAuditTrail; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ESIntegTestCase; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.xpack.XPackPlugin; import java.util.Collection; @@ -36,10 +38,12 @@ public class IndexAuditIT extends ESIntegTestCase { private static final String PASS = "changeme"; public void testShieldIndexAuditTrailWorking() throws Exception { - HttpResponse response = httpClient().path("/") - .addHeader("Authorization", UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))) - .execute(); - assertThat(response.getStatusCode(), is(200)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } final AtomicReference lastClusterState = new AtomicReference<>(); final AtomicBoolean indexExists = new AtomicBoolean(false); diff --git a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java index 0e46268b2a2..0ff3537e54a 100644 --- a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java +++ b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java @@ -5,9 +5,13 @@ */ package org.elasticsearch.example.realm; +import org.apache.http.message.BasicHeader; import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.settings.Settings; @@ -16,7 +20,6 @@ import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.env.Environment; import org.elasticsearch.plugins.Plugin; import org.elasticsearch.test.ESIntegTestCase; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.xpack.XPackPlugin; import java.util.Collection; @@ -43,18 +46,24 @@ public class CustomRealmIT extends ESIntegTestCase { } public void testHttpConnectionWithNoAuthentication() throws Exception { - HttpResponse response = httpClient().path("/").execute(); - assertThat(response.getStatusCode(), is(401)); - String value = response.getHeaders().get("WWW-Authenticate"); - assertThat(value, is("custom-challenge")); + try (RestClient restClient = restClient()) { + restClient.performRequest("GET", "/", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + ElasticsearchResponse response = e.getElasticsearchResponse(); + assertThat(response.getStatusLine().getStatusCode(), is(401)); + String value = response.getFirstHeader("WWW-Authenticate"); + assertThat(value, is("custom-challenge")); + } } public void testHttpAuthentication() throws Exception { - HttpResponse response = httpClient().path("/") - .addHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER) - .addHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW) - .execute(); - assertThat(response.getStatusCode(), is(200)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, + new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER), + new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW)); + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } public void testTransportClient() throws Exception { diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java index f847966061a..1d7426060c0 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java @@ -5,21 +5,19 @@ */ package org.elasticsearch.marvel.shield; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; +import org.apache.http.Header; +import org.apache.http.message.BasicHeader; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.json.JsonXContent; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.marvel.MonitoringSettings; import org.elasticsearch.marvel.test.MarvelIntegTestCase; import org.elasticsearch.shield.authc.support.SecuredString; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.hamcrest.Matchers; -import org.junit.After; -import java.io.IOException; +import java.util.Collections; import java.util.Map; import static org.elasticsearch.common.xcontent.support.XContentMapValues.extractValue; @@ -29,13 +27,6 @@ import static org.hamcrest.CoreMatchers.nullValue; public class MarvelSettingsFilterTests extends MarvelIntegTestCase { - private CloseableHttpClient httpClient = HttpClients.createDefault(); - - @After - public void cleanup() throws IOException { - httpClient.close(); - } - @Override protected Settings nodeSettings(int nodeOrdinal) { return Settings.builder() @@ -53,46 +44,35 @@ public class MarvelSettingsFilterTests extends MarvelIntegTestCase { } public void testGetSettingsFiltered() throws Exception { - String body = executeRequest("GET", "/_nodes/settings", null, null).getBody(); - Map response = JsonXContent.jsonXContent.createParser(body).map(); - Map nodes = (Map) response.get("nodes"); - for (Object node : nodes.values()) { - Map settings = (Map) ((Map) node).get("settings"); - - assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.equalTo("http")); - assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.equalTo("false")); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification"); + try (RestClient restClient = restClient()) { + Header[] headers; + if (shieldEnabled) { + headers = new Header[] { + new BasicHeader(BASIC_AUTH_HEADER, + basicAuthHeaderValue(ShieldSettings.TEST_USERNAME, + new SecuredString(ShieldSettings.TEST_PASSWORD.toCharArray())))}; + } else { + headers = new Header[0]; + } + ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers); + Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); + @SuppressWarnings("unchecked") + Map nodes = (Map) responseMap.get("nodes"); + for (Object node : nodes.values()) { + @SuppressWarnings("unchecked") + Map settings = (Map) ((Map) node).get("settings"); + assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.equalTo("http")); + assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.equalTo("false")); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification"); + } } } private void assertNullSetting(Map settings, String setting) { assertThat(extractValue(setting, settings), nullValue()); } - - protected HttpResponse executeRequest(String method, String path, String body, Map params) throws IOException { - HttpServerTransport httpServerTransport = internalCluster().getInstance(HttpServerTransport.class, - internalCluster().getMasterName()); - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(httpClient) - .httpTransport(httpServerTransport) - .method(method) - .path(path); - - if (params != null) { - for (Map.Entry entry : params.entrySet()) { - requestBuilder.addParam(entry.getKey(), entry.getValue()); - } - } - if (body != null) { - requestBuilder.body(body); - } - if (shieldEnabled) { - requestBuilder.addHeader(BASIC_AUTH_HEADER, - basicAuthHeaderValue(ShieldSettings.TEST_USERNAME, new SecuredString(ShieldSettings.TEST_PASSWORD.toCharArray()))); - } - return requestBuilder.execute(); - } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java index efc3f2109cd..20e76bf1031 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java @@ -5,16 +5,18 @@ */ package org.elasticsearch.integration; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.elasticsearch.http.HttpServerTransport; +import org.apache.http.HttpEntity; +import org.apache.http.StatusLine; +import org.apache.http.entity.StringEntity; +import org.apache.http.message.BasicHeader; +import org.apache.http.util.EntityUtils; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ShieldIntegTestCase; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; -import org.junit.After; import java.io.IOException; import java.util.HashMap; @@ -32,19 +34,17 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { protected static final String USERS_PASSWD_HASHED = new String(Hasher.BCRYPT.hash(new SecuredString("passwd".toCharArray()))); - private CloseableHttpClient httpClient = HttpClients.createDefault(); - - @After - public void cleanup() throws IOException { - httpClient.close(); - } - protected void assertAccessIsAllowed(String user, String method, String uri, String body, Map params) throws IOException { - HttpResponse response = executeRequest(user, method, uri, body, params); - String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri, - response.getStatusCode(), response.getReasonPhrase(), response.getBody()); - assertThat(message, response.getStatusCode(), is(not(greaterThanOrEqualTo(400)))); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest(method, uri, params, entityOrNull(body), + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray())))); + StatusLine statusLine = response.getStatusLine(); + String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri, + statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity())); + assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400)))); + } } protected void assertAccessIsAllowed(String user, String method, String uri, String body) throws IOException { @@ -65,28 +65,24 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { protected void assertAccessIsDenied(String user, String method, String uri, String body, Map params) throws IOException { - HttpResponse response = executeRequest(user, method, uri, body, params); - String message = String.format(Locale.ROOT, "%s %s body %s: Expected 403, got %s %s with body %s", method, uri, body, - response.getStatusCode(), response.getReasonPhrase(), response.getBody()); - assertThat(message, response.getStatusCode(), is(403)); + try (RestClient restClient = restClient()) { + restClient.performRequest(method, uri, params, entityOrNull(body), + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray())))); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + StatusLine statusLine = e.getElasticsearchResponse().getStatusLine(); + String message = String.format(Locale.ROOT, "%s %s body %s: Expected 403, got %s %s with body %s", method, uri, body, + statusLine.getStatusCode(), statusLine.getReasonPhrase(), e.getResponseBody()); + assertThat(message, statusLine.getStatusCode(), is(403)); + } } - protected HttpResponse executeRequest(String user, String method, String uri, String body, - Map params) throws IOException { - HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); - - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(httpClient).httpTransport(httpServerTransport); - requestBuilder.path(uri); - requestBuilder.method(method); - for (Map.Entry entry : params.entrySet()) { - requestBuilder.addParam(entry.getKey(), entry.getValue()); - } + private static HttpEntity entityOrNull(String body) { + HttpEntity entity = null; if (body != null) { - requestBuilder.body(body); + entity = new StringEntity(body, RestClient.JSON_CONTENT_TYPE); } - requestBuilder.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(user, - new SecuredString("passwd".toCharArray()))); - return requestBuilder.execute(); + return entity; } - } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java index 4c0f825a143..50590bb7bbc 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java @@ -5,9 +5,15 @@ */ package org.elasticsearch.integration; +import org.apache.http.Header; +import org.apache.http.entity.StringEntity; +import org.apache.http.message.BasicHeader; +import org.apache.http.util.EntityUtils; import org.elasticsearch.action.bulk.BulkResponse; import org.elasticsearch.action.get.GetResponse; import org.elasticsearch.action.update.UpdateResponse; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.Security; @@ -15,10 +21,10 @@ import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.xpack.XPackPlugin; import java.io.IOException; +import java.util.Collections; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; @@ -49,8 +55,8 @@ public class BulkUpdateTests extends ShieldIntegTestCase { .get().isCreated(); assertThat(created, is(false)); getResponse = internalCluster().transportClient().prepareGet("index1", "type", "1").setFields("test", "not test").get(); - assertThat((String) getResponse.getField("test").getValue(), equalTo("test")); - assertThat((String) getResponse.getField("not test").getValue(), equalTo("not test")); + assertThat(getResponse.getField("test").getValue(), equalTo("test")); + assertThat(getResponse.getField("not test").getValue(), equalTo("not test")); // this part is important. Without this, the document may be read from the translog which would bypass the bug where // FLS kicks in because the request can't be found and only returns meta fields @@ -62,43 +68,55 @@ public class BulkUpdateTests extends ShieldIntegTestCase { assertThat(((UpdateResponse)response.getItems()[0].getResponse()).isCreated(), is(false)); getResponse = internalCluster().transportClient().prepareGet("index1", "type", "1"). setFields("test", "not test", "bulk updated").get(); - assertThat((String) getResponse.getField("test").getValue(), equalTo("test")); - assertThat((String) getResponse.getField("not test").getValue(), equalTo("not test")); - assertThat((String) getResponse.getField("bulk updated").getValue(), equalTo("bulk updated")); + assertThat(getResponse.getField("test").getValue(), equalTo("test")); + assertThat(getResponse.getField("not test").getValue(), equalTo("not test")); + assertThat(getResponse.getField("bulk updated").getValue(), equalTo("bulk updated")); } public void testThatBulkUpdateDoesNotLoseFieldsHttp() throws IOException { final String path = "/index1/type/1"; - final String basicAuthHeader = UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())); + final Header basicAuthHeader = new BasicHeader("Authorization", + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); - httpClient().path(path).addHeader("Authorization", basicAuthHeader).method("PUT").body("{\"test\":\"test\"}").execute(); - HttpResponse response = httpClient().path(path).addHeader("Authorization", basicAuthHeader).method("GET").execute(); - assertThat(response.getBody(), containsString("\"test\":\"test\"")); + try (RestClient restClient = restClient()) { + StringEntity body = new StringEntity("{\"test\":\"test\"}", RestClient.JSON_CONTENT_TYPE); + ElasticsearchResponse response = restClient.performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader); + assertThat(response.getStatusLine().getStatusCode(), equalTo(201)); - if (randomBoolean()) { + response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader); + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\"")); + + if (randomBoolean()) { + flushAndRefresh(); + } + + //update with new field + body = new StringEntity("{\"doc\": {\"not test\": \"not test\"}}", RestClient.JSON_CONTENT_TYPE); + response = restClient.performRequest("POST", path + "/_update", Collections.emptyMap(), body, basicAuthHeader); + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + + response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader); + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + String responseBody = EntityUtils.toString(response.getEntity()); + assertThat(responseBody, containsString("\"test\":\"test\"")); + assertThat(responseBody, containsString("\"not test\":\"not test\"")); + + // this part is important. Without this, the document may be read from the translog which would bypass the bug where + // FLS kicks in because the request can't be found and only returns meta fields flushAndRefresh(); + + body = new StringEntity("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n" + + "{\"doc\": {\"bulk updated\":\"bulk updated\"}}\n", RestClient.JSON_CONTENT_TYPE); + response = restClient.performRequest("POST", "/_bulk", Collections.emptyMap(), body, basicAuthHeader); + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + + response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader); + responseBody = EntityUtils.toString(response.getEntity()); + assertThat(responseBody, containsString("\"test\":\"test\"")); + assertThat(responseBody, containsString("\"not test\":\"not test\"")); + assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\"")); } - - //update with new field - httpClient().path(path + "/_update").addHeader("Authorization", basicAuthHeader).method("POST"). - body("{\"doc\": {\"not test\": \"not test\"}}").execute(); - response = httpClient().path(path).addHeader("Authorization", basicAuthHeader).method("GET").execute(); - assertThat(response.getBody(), containsString("\"test\":\"test\"")); - assertThat(response.getBody(), containsString("\"not test\":\"not test\"")); - - // this part is important. Without this, the document may be read from the translog which would bypass the bug where - // FLS kicks in because the request can't be found and only returns meta fields - flushAndRefresh(); - - // update with bulk - httpClient().path("/_bulk").addHeader("Authorization", basicAuthHeader).method("POST") - .body("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n{\"doc\": {\"bulk updated\":\"bulk " + - "updated\"}}\n") - .execute(); - response = httpClient().path(path).addHeader("Authorization", basicAuthHeader).method("GET").execute(); - assertThat(response.getBody(), containsString("\"test\":\"test\"")); - assertThat(response.getBody(), containsString("\"not test\":\"not test\"")); - assertThat(response.getBody(), containsString("\"bulk updated\":\"bulk updated\"")); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java index 303b3e90ca0..241309fc6c5 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java @@ -5,14 +5,14 @@ */ package org.elasticsearch.integration; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; +import org.apache.http.util.EntityUtils; import org.elasticsearch.action.ActionListener; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.Strings; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.http.HttpServerTransport; -import org.elasticsearch.shield.user.User; import org.elasticsearch.shield.action.realm.ClearRealmCacheRequest; import org.elasticsearch.shield.action.realm.ClearRealmCacheResponse; import org.elasticsearch.shield.authc.Realm; @@ -22,10 +22,9 @@ import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.SecuredStringTests; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.client.SecurityClient; +import org.elasticsearch.shield.user.User; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.junit.BeforeClass; import java.util.ArrayList; @@ -39,7 +38,6 @@ import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicReference; import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.not; import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.sameInstance; @@ -168,21 +166,13 @@ public class ClearRealmsCacheTests extends ShieldIntegTestCase { } static void executeHttpRequest(String path, Map params) throws Exception { - try (CloseableHttpClient client = HttpClients.createDefault()) { - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(client) - .httpTransport(internalCluster().getDataNodeInstance(HttpServerTransport.class)) - .method("POST") - .path(path); - for (Map.Entry entry : params.entrySet()) { - requestBuilder.addParam(entry.getKey(), entry.getValue()); - } - requestBuilder.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); - HttpResponse response = requestBuilder.execute(); - assertThat(response.hasBody(), is(true)); - String body = response.getBody(); - assertThat(body.contains("cluster_name"), is(true)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("POST", path, params, null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertNotNull(response.getEntity()); + assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name")); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java index a2cda298e38..ae3cdd7db8c 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java @@ -5,18 +5,20 @@ */ package org.elasticsearch.integration; +import org.apache.http.message.BasicHeader; import org.elasticsearch.action.delete.DeleteResponse; import org.elasticsearch.action.update.UpdateResponse; import org.elasticsearch.client.Client; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.Strings; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.rest.RestStatus; -import org.elasticsearch.shield.action.role.PutRoleResponse; -import org.elasticsearch.shield.action.role.GetRolesResponse; import org.elasticsearch.shield.ShieldTemplateService; -import org.elasticsearch.shield.authc.esnative.NativeRealm; +import org.elasticsearch.shield.action.role.GetRolesResponse; +import org.elasticsearch.shield.action.role.PutRoleResponse; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.authz.RoleDescriptor; @@ -24,11 +26,11 @@ import org.elasticsearch.shield.authz.store.NativeRolesStore; import org.elasticsearch.shield.client.SecurityClient; import org.elasticsearch.test.NativeRealmIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.junit.Before; import org.junit.BeforeClass; import java.util.Arrays; +import java.util.Collections; import java.util.List; import static org.hamcrest.Matchers.arrayWithSize; @@ -127,7 +129,7 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { final boolean useHttp = randomBoolean(); final boolean clearAll = randomBoolean(); logger.debug("--> starting to clear roles. using http [{}] clearing all [{}]", useHttp, clearAll); - String[] rolesToClear = clearAll ? (randomBoolean() ? roles : null) : toModify.toArray(Strings.EMPTY_ARRAY); + String[] rolesToClear = clearAll ? (randomBoolean() ? roles : null) : toModify.toArray(new String[toModify.size()]); if (useHttp) { String path; if (rolesToClear == null) { @@ -135,12 +137,13 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { } else { path = "/_xpack/security/role/" + Strings.arrayToCommaDelimitedString(rolesToClear) + "/_clear_cache"; } - HttpResponse response = httpClient().path(path).method("POST") - .addHeader("Authorization", - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))) - .execute(); - assertThat(response.getStatusCode(), is(RestStatus.OK.getStatus())); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("POST", path, Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus())); + } } else { securityClient.prepareClearRolesCache().names(rolesToClear).get(); } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java index 5519eea89fa..1eeae9976a0 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java @@ -5,19 +5,22 @@ */ package org.elasticsearch.integration; -import org.apache.lucene.util.LuceneTestCase.BadApple; +import org.apache.http.message.BasicHeader; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.shield.authc.support.SecuredString; +import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ESIntegTestCase; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.junit.Before; import java.util.Collections; -import java.util.HashMap; import java.util.Locale; import java.util.Map; import static java.util.Collections.singletonMap; +import static org.apache.lucene.util.LuceneTestCase.BadApple; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.is; @@ -303,8 +306,14 @@ public class IndexPrivilegeTests extends AbstractPrivilegeTestCase { } public void testThatUnknownUserIsRejectedProperly() throws Exception { - HttpResponse response = executeRequest("idonotexist", "GET", "/", null, new HashMap<>()); - assertThat(response.getStatusCode(), is(401)); + try (RestClient restClient = restClient()){ + restClient.performRequest("GET", "/", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue("idonotexist", new SecuredString("passwd".toCharArray())))); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } } private void assertUserExecutes(String user, String action, String index, boolean userIsAllowed) throws Exception { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java index 550d280eaf6..fa555000938 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java @@ -14,6 +14,9 @@ import org.elasticsearch.action.admin.cluster.stats.ClusterStatsResponse; import org.elasticsearch.action.admin.indices.stats.IndicesStatsResponse; import org.elasticsearch.action.index.IndexResponse; import org.elasticsearch.client.Client; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.component.AbstractComponent; @@ -194,13 +197,21 @@ public class LicensingTests extends ShieldIntegTestCase { } public void testRestAuthenticationByLicenseType() throws Exception { - // the default of the licensing tests is basic - assertThat(httpClient().path("/").execute().getStatusCode(), is(200)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null); + // the default of the licensing tests is basic + assertThat(response.getStatusLine().getStatusCode(), is(200)); - // generate a new license with a mode that enables auth - OperationMode mode = randomFrom(OperationMode.GOLD, OperationMode.TRIAL, OperationMode.PLATINUM, OperationMode.STANDARD); - enableLicensing(mode); - assertThat(httpClient().path("/").execute().getStatusCode(), is(401)); + // generate a new license with a mode that enables auth + OperationMode mode = randomFrom(OperationMode.GOLD, OperationMode.TRIAL, OperationMode.PLATINUM, OperationMode.STANDARD); + enableLicensing(mode); + try { + restClient.performRequest("GET", "/", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } + } } public void testTransportClientAuthenticationByLicenseType() throws Exception { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginEnabledDisabledTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginEnabledDisabledTests.java index fbb4b49145e..c8b74c18c51 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginEnabledDisabledTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginEnabledDisabledTests.java @@ -5,22 +5,12 @@ */ package org.elasticsearch.shield; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.integration.LicensingTests; -import org.elasticsearch.license.core.License.OperationMode; -import org.elasticsearch.shield.authc.support.SecuredString; -import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.transport.ShieldServerTransportService; import org.elasticsearch.shield.transport.netty.ShieldNettyTransport; import org.elasticsearch.test.ShieldIntegTestCase; -import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; -import org.elasticsearch.test.rest.json.JsonPath; import org.elasticsearch.transport.Transport; import org.elasticsearch.transport.TransportService; import org.elasticsearch.xpack.XPackPlugin; @@ -28,13 +18,7 @@ import org.hamcrest.Matcher; import org.junit.After; import org.junit.BeforeClass; -import java.io.IOException; - -import static org.elasticsearch.rest.RestStatus.OK; -import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; -import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.instanceOf; -import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.not; /** diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java index 2f543a4b280..7d8ac262c3f 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java @@ -5,24 +5,22 @@ */ package org.elasticsearch.shield; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import java.io.IOException; +import java.util.Collections; import static org.elasticsearch.rest.RestStatus.OK; import static org.elasticsearch.rest.RestStatus.UNAUTHORIZED; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; -import static org.hamcrest.Matchers.allOf; -import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.is; public class ShieldPluginTests extends ShieldIntegTestCase { @@ -36,24 +34,21 @@ public class ShieldPluginTests extends ShieldIntegTestCase { } public void testThatPluginIsLoaded() throws IOException { - HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); - try (CloseableHttpClient httpClient = HttpClients.createDefault()) { - logger.info("executing unauthorized request to /_xpack info"); - HttpResponse response = new HttpRequestBuilder(httpClient).httpTransport(httpServerTransport) - .method("GET") - .path("/_xpack") - .execute(); - assertThat(response.getStatusCode(), is(UNAUTHORIZED.getStatus())); + try (RestClient restClient = restClient()) { + try { + logger.info("executing unauthorized request to /_xpack info"); + restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(UNAUTHORIZED.getStatus())); + } logger.info("executing authorized request to /_xpack infos"); - response = new HttpRequestBuilder(httpClient).httpTransport(httpServerTransport) - .method("GET") - .path("/_xpack") - .addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))) - .execute(); - assertThat(response.getStatusCode(), is(OK.getStatus())); + ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus())); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java index 5da10e734b3..a1a75f2d1ec 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java @@ -5,10 +5,14 @@ */ package org.elasticsearch.shield.authc; +import org.apache.http.message.BasicHeader; import org.elasticsearch.ElasticsearchSecurityException; import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -20,7 +24,6 @@ import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.transport.netty.ShieldNettyTransport; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.xpack.XPackPlugin; import java.util.Collections; @@ -115,30 +118,37 @@ public class RunAsIntegTests extends ShieldIntegTestCase { public void testUserImpersonationUsingHttp() throws Exception { // use the transport client user and try to run as - HttpResponse response = httpClient().method("GET") - .path("/_nodes") - .addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(TRANSPORT_CLIENT_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))) - .addHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME) - .execute(); - assertThat(response.getStatusCode(), is(403)); + try (RestClient restClient = restClient()) { + try { + restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(TRANSPORT_CLIENT_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME)); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } - //the run as user shouldn't have access to the nodes api - response = httpClient().method("GET") - .path("/_nodes") - .addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))) - .execute(); - assertThat(response.getStatusCode(), is(403)); + try { + //the run as user shouldn't have access to the nodes api + restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD)))); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } - // but when running as a different user it should work - response = httpClient().method("GET") - .path("/_nodes") - .addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))) - .addHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME) - .execute(); - assertThat(response.getStatusCode(), is(200)); + // but when running as a different user it should work + ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME)); + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } public void testEmptyUserImpersonationHeader() throws Exception { @@ -164,13 +174,16 @@ public class RunAsIntegTests extends ShieldIntegTestCase { } public void testEmptyHeaderUsingHttp() throws Exception { - HttpResponse response = httpClient().method("GET") - .path("/_nodes") - .addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))) - .addHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, "") - .execute(); - assertThat(response.getStatusCode(), is(401)); + try (RestClient restClient = restClient()) { + restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, "")); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } } public void testNonExistentRunAsUser() throws Exception { @@ -196,13 +209,17 @@ public class RunAsIntegTests extends ShieldIntegTestCase { } public void testNonExistentRunAsUserUsingHttp() throws Exception { - HttpResponse response = httpClient().method("GET") - .path("/_nodes") - .addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))) - .addHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, "idontexist") - .execute(); - assertThat(response.getStatusCode(), is(403)); + + try (RestClient restClient = restClient()) { + restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, "idontexist")); + fail("request should have failed"); + } catch (ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } } // build our own here to better mimic an actual client... diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java index 4e983854641..5198454adc0 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java @@ -7,11 +7,14 @@ package org.elasticsearch.shield.authc.pki; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.transport.InetSocketTransportAddress; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.shield.Security; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; @@ -20,8 +23,6 @@ import org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport; import org.elasticsearch.shield.transport.netty.ShieldNettyTransport; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.transport.Transport; import org.elasticsearch.xpack.XPackPlugin; import org.junit.BeforeClass; @@ -34,6 +35,7 @@ import java.nio.file.Files; import java.nio.file.Path; import java.security.KeyStore; import java.security.SecureRandom; +import java.util.Collections; import static org.elasticsearch.test.ShieldSettingsSource.DEFAULT_PASSWORD; import static org.elasticsearch.test.ShieldSettingsSource.DEFAULT_USER_NAME; @@ -78,23 +80,20 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase { } public void testRestClientWithoutClientCertificate() throws Exception { - HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); + CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(getSSLContext()).build(); + try (RestClient restClient = restClient(httpClient, "https")) { + try { + restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } - try (CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(getSSLContext()).build()) { - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(httpClient) - .host("localhost") - .port(((InetSocketTransportAddress)httpServerTransport.boundAddress().publishAddress()).address().getPort()) - .protocol("https") - .method("GET") - .path("/_nodes"); - HttpResponse response = requestBuilder.execute(); - assertThat(response.getStatusCode(), is(401)); - - requestBuilder.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); - response = requestBuilder.execute(); - assertThat(response.getStatusCode(), is(200)); + ElasticsearchResponse response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java index f874fcfebe2..7026062188f 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java @@ -8,11 +8,12 @@ package org.elasticsearch.shield.authc.pki; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; import org.elasticsearch.client.Client; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.common.transport.InetSocketTransportAddress; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.transport.SSLClientAuth; @@ -21,14 +22,13 @@ import org.elasticsearch.shield.transport.netty.ShieldNettyTransport; import org.elasticsearch.test.ESIntegTestCase.ClusterScope; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import java.security.SecureRandom; import java.security.cert.X509Certificate; +import java.util.Collections; import java.util.Locale; import static org.hamcrest.Matchers.is; @@ -77,21 +77,15 @@ public class PkiWithoutClientAuthenticationTests extends ShieldIntegTestCase { } public void testThatHttpWorks() throws Exception { - HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new SecureRandom()); - try (CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(sc).build()) { - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(httpClient) - .host("localhost") - .port(((InetSocketTransportAddress)httpServerTransport.boundAddress().publishAddress()).address().getPort()) - .protocol("https") - .method("GET") - .path("/_nodes"); - requestBuilder.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); - HttpResponse response = requestBuilder.execute(); - assertThat(response.getStatusCode(), is(200)); + CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(sc).build(); + try (RestClient restClient = restClient(httpClient, "https")) { + ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java index fcfc3cccdb0..33bd6b423e2 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java @@ -5,19 +5,19 @@ */ package org.elasticsearch.shield.authc.pki; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; import org.elasticsearch.client.Client; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.ESIntegTestCase.ClusterScope; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; + +import java.util.Collections; import static org.hamcrest.Matchers.is; @@ -44,17 +44,12 @@ public class PkiWithoutSSLTests extends ShieldIntegTestCase { } public void testThatHttpWorks() throws Exception { - HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); - try (CloseableHttpClient httpClient = HttpClients.createDefault()) { - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(httpClient) - .httpTransport(httpServerTransport) - .method("GET") - .path("/_nodes"); - requestBuilder.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); - HttpResponse response = requestBuilder.execute(); - assertThat(response.getStatusCode(), is(200)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java index 23cdaf239be..4ec2040d1cc 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java @@ -5,6 +5,11 @@ */ package org.elasticsearch.shield.rest.action; +import org.apache.http.message.BasicHeader; +import org.apache.http.util.EntityUtils; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -12,10 +17,10 @@ import org.elasticsearch.shield.authz.InternalAuthorizationService; import org.elasticsearch.shield.user.AnonymousUser; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.test.rest.json.JsonPath; import org.junit.BeforeClass; +import java.util.Collections; import java.util.List; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; @@ -47,32 +52,41 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { } public void testAuthenticateApi() throws Exception { - HttpResponse response = httpClient().method("GET").path("/_xpack/security/_authenticate") - .addHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))) - .execute(); - - assertThat(response.getStatusCode(), is(200)); - JsonPath jsonPath = new JsonPath(response.getBody()); - assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME)); - List roles = (List) jsonPath.evaluate("roles"); - assertThat(roles.size(), is(1)); - assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), + null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); + assertThat(response.getStatusLine().getStatusCode(), is(200)); + JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); + assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME)); + @SuppressWarnings("unchecked") + List roles = (List) jsonPath.evaluate("roles"); + assertThat(roles.size(), is(1)); + assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE)); + } } public void testAuthenticateApiWithoutAuthentication() throws Exception { - HttpResponse response = httpClient().method("GET").path("/_xpack/security/_authenticate") - .execute(); - - if (anonymousEnabled) { - assertThat(response.getStatusCode(), is(200)); - JsonPath jsonPath = new JsonPath(response.getBody()); - assertThat(jsonPath.evaluate("username").toString(), equalTo("anon")); - List roles = (List) jsonPath.evaluate("roles"); - assertThat(roles.size(), is(2)); - assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo")); - } else { - assertThat(response.getStatusCode(), is(401)); + try (RestClient restClient = restClient()) { + ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", + Collections.emptyMap(), null); + if (anonymousEnabled) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); + assertThat(jsonPath.evaluate("username").toString(), equalTo("anon")); + @SuppressWarnings("unchecked") + List roles = (List) jsonPath.evaluate("roles"); + assertThat(roles.size(), is(2)); + assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo")); + } else { + fail("request should have failed"); + } + } catch(ElasticsearchResponseException e) { + if (anonymousEnabled) { + fail("request should have succeeded"); + } else { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java index 1948175177d..5f18c7eb4e3 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java @@ -9,20 +9,21 @@ import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.SSLContexts; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; +import org.apache.http.util.EntityUtils; import org.elasticsearch.ElasticsearchException; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.transport.TransportAddress; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.shield.Security; import org.elasticsearch.shield.ssl.ClientSSLService; import org.elasticsearch.shield.ssl.SSLConfiguration.Global; import org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport; import org.elasticsearch.shield.transport.netty.ShieldNettyTransport; import org.elasticsearch.test.ShieldIntegTestCase; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.transport.Transport; import org.elasticsearch.xpack.XPackPlugin; @@ -30,10 +31,12 @@ import javax.net.ssl.SSLHandshakeException; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Path; +import java.util.Collections; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; import static org.elasticsearch.test.ShieldSettingsSource.getSSLSettingsForStore; import static org.hamcrest.Matchers.containsString; +import static org.hamcrest.Matchers.equalTo; public class SslClientAuthTests extends ShieldIntegTestCase { @Override @@ -59,14 +62,8 @@ public class SslClientAuthTests extends ShieldIntegTestCase { SSLContexts.createDefault(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); - - try { - new HttpRequestBuilder(client) - .httpTransport(internalCluster().getInstance(HttpServerTransport.class)) - .method("GET").path("/") - .protocol("https") - .execute(); + try (RestClient restClient = restClient(HttpClients.custom().setSSLSocketFactory(socketFactory).build(), "https")) { + restClient.performRequest("GET", "/", Collections.emptyMap(), null); fail("Expected SSLHandshakeException"); } catch (SSLHandshakeException e) { assertThat(e.getMessage(), containsString("unable to find valid certification path to requested target")); @@ -85,13 +82,12 @@ public class SslClientAuthTests extends ShieldIntegTestCase { CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); - HttpResponse response = new HttpRequestBuilder(client) - .httpTransport(internalCluster().getInstance(HttpServerTransport.class)) - .method("GET").path("/") - .protocol("https") - .addHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword())) - .execute(); - assertThat(response.getBody(), containsString("You Know, for Search")); + try (RestClient restClient = restClient(client, "https")) { + ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, + new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword()))); + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search")); + } } public void testThatTransportWorksWithoutSslClientAuth() throws Exception { diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java index 54d266b47fa..004de9874af 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java @@ -6,10 +6,10 @@ package org.elasticsearch.xpack.watcher; import org.apache.http.HttpStatus; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.http.HttpServerTransport; @@ -18,12 +18,10 @@ import org.elasticsearch.plugins.Plugin; import org.elasticsearch.shield.Security; import org.elasticsearch.test.ESIntegTestCase; import org.elasticsearch.test.ESIntegTestCase.ClusterScope; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.threadpool.ThreadPoolInfo; -import org.elasticsearch.xpack.watcher.execution.InternalWatchExecutor; import org.elasticsearch.xpack.XPackPlugin; +import org.elasticsearch.xpack.watcher.execution.InternalWatchExecutor; import java.util.Collection; import java.util.Collections; @@ -70,12 +68,11 @@ public class WatcherPluginDisableTests extends ESIntegTestCase { public void testRestEndpoints() throws Exception { HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); - try (CloseableHttpClient httpClient = HttpClients.createDefault()) { - HttpRequestBuilder request = new HttpRequestBuilder(httpClient).httpTransport(httpServerTransport) - .method("GET") - .path("/_xpack/watcher"); - HttpResponse response = request.execute(); - assertThat(response.getStatusCode(), is(HttpStatus.SC_BAD_REQUEST)); + try (RestClient restClient = restClient()) { + restClient.performRequest("GET", "/_xpack/watcher", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(HttpStatus.SC_BAD_REQUEST)); } } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java index 12f2fb6b423..303e844b5d5 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java @@ -5,26 +5,27 @@ */ package org.elasticsearch.xpack.watcher.test.integration; +import org.apache.http.Header; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; +import org.apache.http.message.BasicHeader; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.elasticsearch.common.xcontent.support.XContentMapValues; -import org.elasticsearch.http.HttpServerTransport; +import org.elasticsearch.marvel.test.MarvelIntegTestCase; import org.elasticsearch.shield.authc.support.SecuredString; -import org.elasticsearch.test.rest.client.http.HttpRequestBuilder; -import org.elasticsearch.test.rest.client.http.HttpResponse; import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase; import org.junit.After; import java.io.IOException; +import java.util.Collections; import java.util.Map; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.BASIC_AUTH_HEADER; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; -import static org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase.ShieldSettings.TEST_PASSWORD; -import static org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase.ShieldSettings.TEST_USERNAME; import static org.hamcrest.CoreMatchers.nullValue; import static org.hamcrest.Matchers.is; @@ -52,37 +53,26 @@ public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCa } public void testGetSettingsSmtpPassword() throws Exception { - String body = executeRequest("GET", "/_nodes/settings", null, null).getBody(); - Map response = JsonXContent.jsonXContent.createParser(body).map(); - Map nodes = (Map) response.get("nodes"); - for (Object node : nodes.values()) { - Map settings = (Map) ((Map) node).get("settings"); - assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings), - is((Object) "_user")); - assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings), - nullValue()); - } - } - - protected HttpResponse executeRequest(String method, String path, String body, Map params) throws IOException { - HttpServerTransport httpServerTransport = getInstanceFromMaster(HttpServerTransport.class); - HttpRequestBuilder requestBuilder = new HttpRequestBuilder(httpClient) - .httpTransport(httpServerTransport) - .method(method) - .path(path); - - if (params != null) { - for (Map.Entry entry : params.entrySet()) { - requestBuilder.addParam(entry.getKey(), entry.getValue()); + try (RestClient restClient = restClient()) { + Header[] headers; + if (shieldEnabled()) { + headers = new Header[] { + new BasicHeader(BASIC_AUTH_HEADER, + basicAuthHeaderValue(MarvelIntegTestCase.ShieldSettings.TEST_USERNAME, + new SecuredString(MarvelIntegTestCase.ShieldSettings.TEST_PASSWORD.toCharArray())))}; + } else { + headers = new Header[0]; + } + ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers); + Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); + Map nodes = (Map) responseMap.get("nodes"); + for (Object node : nodes.values()) { + Map settings = (Map) ((Map) node).get("settings"); + assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings), + is((Object) "_user")); + assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings), + nullValue()); } } - if (body != null) { - requestBuilder.body(body); - } - if (shieldEnabled()) { - requestBuilder.addHeader(BASIC_AUTH_HEADER, - basicAuthHeaderValue(TEST_USERNAME, new SecuredString(TEST_PASSWORD.toCharArray()))); - } - return requestBuilder.execute(); } } From e882fb3a1890c48d7f75b14c1d4ec61a8a49d1c0 Mon Sep 17 00:00:00 2001 From: javanna Date: Thu, 19 May 2016 15:19:22 +0200 Subject: [PATCH 02/29] Replace rest test client with low level RestClient We still have a wrapper called RestTestClient that is very specific to Rest tests, as well as RestTestResponse etc. but all the low level bits around http connections etc. are now handled by RestClient. Original commit: elastic/x-pack-elasticsearch@304487ecc5b8fe4b192da165b5b681296537415a --- .../smoketest/SmokeTestPluginsSslIT.java | 8 ++++---- .../xpack/test/rest/XPackRestTestCase.java | 20 ++++++++++--------- 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/elasticsearch/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java b/elasticsearch/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java index 17878a9e51f..50027ae656a 100644 --- a/elasticsearch/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java +++ b/elasticsearch/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java @@ -14,7 +14,7 @@ import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; -import org.elasticsearch.test.rest.client.RestClient; +import org.elasticsearch.test.rest.client.RestTestClient; import org.elasticsearch.test.rest.parser.RestTestParseException; import org.junit.AfterClass; import org.junit.BeforeClass; @@ -65,9 +65,9 @@ public class SmokeTestPluginsSslIT extends ESRestTestCase { String token = basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray())); return Settings.builder() .put(ThreadContext.PREFIX + ".Authorization", token) - .put(RestClient.PROTOCOL, "https") - .put(RestClient.TRUSTSTORE_PATH, keyStore) - .put(RestClient.TRUSTSTORE_PASSWORD, KEYSTORE_PASS) + .put(RestTestClient.PROTOCOL, "https") + .put(RestTestClient.TRUSTSTORE_PATH, keyStore) + .put(RestTestClient.TRUSTSTORE_PASSWORD, KEYSTORE_PASS) .build(); } } diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java index 675834e9245..5bda0f4e9c0 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java @@ -5,15 +5,6 @@ */ package org.elasticsearch.xpack.test.rest; -import java.io.IOException; -import java.io.InputStreamReader; -import java.net.URI; -import java.net.URL; -import java.nio.charset.StandardCharsets; -import java.util.Collections; -import java.util.List; -import java.util.Map; - import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; import org.apache.http.client.methods.CloseableHttpResponse; @@ -40,9 +31,19 @@ import org.elasticsearch.test.rest.parser.RestTestParseException; import org.junit.After; import org.junit.Before; +import java.io.IOException; +import java.io.InputStreamReader; +import java.net.URI; +import java.net.URL; +import java.nio.charset.StandardCharsets; +import java.util.Collections; +import java.util.List; +import java.util.Map; + import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; import static org.hamcrest.Matchers.is; + public abstract class XPackRestTestCase extends ESRestTestCase { private static final String BASIC_AUTH_VALUE = basicAuthHeaderValue("test_user", new SecuredString("changeme".toCharArray())); @@ -101,6 +102,7 @@ public abstract class XPackRestTestCase extends ESRestTestCase { @After public void clearShieldUsersAndRoles() throws Exception { + //TODO change this to use RestClient, also look for usages of HttpClient directly // we cannot delete the .security index from a rest test since we aren't the internal user, lets wipe the data // TODO remove this once the built-in SUPERUSER role is added that can delete the index and we use the built in admin user here try (CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { From 57f8063c3acb00298492acb35c359a70b67caad1 Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 20 May 2016 11:17:24 +0200 Subject: [PATCH 03/29] update XPackRestTestCase to use low level RestClient Original commit: elastic/x-pack-elasticsearch@8c16c9b06e9a5dc40f9c973da1afed13ea95e5f6 --- .../xpack/test/rest/XPackRestTestCase.java | 102 +++++++----------- 1 file changed, 40 insertions(+), 62 deletions(-) diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java index 5bda0f4e9c0..dd1a23e028d 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java @@ -5,15 +5,12 @@ */ package org.elasticsearch.xpack.test.rest; + import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpDelete; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.client.methods.HttpPut; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; +import org.apache.http.util.EntityUtils; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.io.Streams; import org.elasticsearch.common.settings.Settings; @@ -24,7 +21,9 @@ import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentFactory; import org.elasticsearch.common.xcontent.XContentParser; import org.elasticsearch.license.plugin.TestUtils; +import org.elasticsearch.shield.authc.esnative.ReservedRealm; import org.elasticsearch.shield.authc.support.SecuredString; +import org.elasticsearch.shield.authz.store.ReservedRolesStore; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; import org.elasticsearch.test.rest.parser.RestTestParseException; @@ -33,8 +32,6 @@ import org.junit.Before; import java.io.IOException; import java.io.InputStreamReader; -import java.net.URI; -import java.net.URL; import java.nio.charset.StandardCharsets; import java.util.Collections; import java.util.List; @@ -59,31 +56,17 @@ public abstract class XPackRestTestCase extends ESRestTestCase { @Before public void startWatcher() throws Exception { - try (CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", - null, - url.getHost(), - url.getPort(), - "/_xpack/watcher/_start", null, null)); - request.addHeader("Authorization", BASIC_AUTH_VALUE); - try (CloseableHttpResponse response = client.execute(request)) { - } + try (ElasticsearchResponse response = getRestClient() + .performRequest("PUT", "/_xpack/watcher/_start", Collections.emptyMap(), null)) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } @After public void stopWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", - null, - url.getHost(), - url.getPort(), - "/_xpack/watcher/_stop", null, null)); - request.addHeader("Authorization", BASIC_AUTH_VALUE); - try (CloseableHttpResponse response = client.execute(request)) { - } + try (ElasticsearchResponse response = getRestClient() + .performRequest("PUT", "/_xpack/watcher/_stop", Collections.emptyMap(), null)) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } @@ -102,45 +85,40 @@ public abstract class XPackRestTestCase extends ESRestTestCase { @After public void clearShieldUsersAndRoles() throws Exception { - //TODO change this to use RestClient, also look for usages of HttpClient directly // we cannot delete the .security index from a rest test since we aren't the internal user, lets wipe the data // TODO remove this once the built-in SUPERUSER role is added that can delete the index and we use the built in admin user here - try (CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - final URL url = getClusterUrls()[0]; - HttpGet getUsersRequest = new HttpGet(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/security/user", null, null)); - getUsersRequest.addHeader("Authorization", BASIC_AUTH_VALUE); - try (CloseableHttpResponse closeableHttpResponse = client.execute(getUsersRequest)) { - assertThat(closeableHttpResponse.getStatusLine().getStatusCode(), is(200)); - String response = Streams.copyToString( - new InputStreamReader(closeableHttpResponse.getEntity().getContent(), StandardCharsets.UTF_8)); - Map responseMap = XContentFactory.xContent(response).createParser(response).map(); + String response; + try (ElasticsearchResponse elasticsearchResponse = getRestClient() + .performRequest("GET", "/_xpack/security/user", Collections.emptyMap(), null)) { + assertThat(elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); + response = Streams.copyToString(new InputStreamReader(elasticsearchResponse.getEntity().getContent(), StandardCharsets.UTF_8)); + } - // in the structure of this API, the users are the keyset - for (String user : responseMap.keySet()) { - HttpDelete delete = new HttpDelete(new URI("http", null, url.getHost(), url.getPort(), - "/_xpack/security/user/" + user, null, null)); - delete.addHeader("Authorization", BASIC_AUTH_VALUE); - try (CloseableHttpResponse deleteResponse = client.execute(delete)) { - } + Map responseMap = XContentFactory.xContent(response).createParser(response).map(); + // in the structure of this API, the users are the keyset + for (String user : responseMap.keySet()) { + if (ReservedRealm.isReserved(user) == false) { + try (ElasticsearchResponse elasticsearchResponse = getRestClient() + .performRequest("DELETE", "/_xpack/security/user/" + user, Collections.emptyMap(), null)) { + assertThat(EntityUtils.toString(elasticsearchResponse.getEntity()), elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); + } catch(ElasticsearchResponseException e) { + logger.error(e.getResponseBody()); } } + } - HttpGet getRolesRequest = new HttpGet(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/security/role", - null, null)); - getRolesRequest.addHeader("Authorization", BASIC_AUTH_VALUE); - try (CloseableHttpResponse closeableHttpResponse = client.execute(getRolesRequest)) { - assertThat(closeableHttpResponse.getStatusLine().getStatusCode(), is(200)); - String response = Streams.copyToString( - new InputStreamReader(closeableHttpResponse.getEntity().getContent(), StandardCharsets.UTF_8)); - Map responseMap = XContentFactory.xContent(response).createParser(response).map(); - - // in the structure of this API, the users are the keyset - for (String role : responseMap.keySet()) { - HttpDelete delete = new HttpDelete(new URI("http", null, url.getHost(), url.getPort(), - "/_xpack/security/role/" + role, null, null)); - delete.addHeader("Authorization", BASIC_AUTH_VALUE); - try (CloseableHttpResponse deleteResponse = client.execute(delete)) { - } + try (ElasticsearchResponse elasticsearchResponse = getRestClient() + .performRequest("GET", "/_xpack/security/role", Collections.emptyMap(), null)) { + assertThat(elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); + response = Streams.copyToString(new InputStreamReader(elasticsearchResponse.getEntity().getContent(), StandardCharsets.UTF_8)); + } + responseMap = XContentFactory.xContent(response).createParser(response).map(); + // in the structure of this API, the roles are the keyset + for (String role : responseMap.keySet()) { + if (ReservedRolesStore.isReserved(role) == false) { + try (ElasticsearchResponse elasticsearchResponse = getRestClient() + .performRequest("DELETE", "/_xpack/security/role/" + role, Collections.emptyMap(), null)) { + assertThat(elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); } } } From 4e2766df11758d238b0593ab5ce41130da13d779 Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 20 May 2016 11:32:02 +0200 Subject: [PATCH 04/29] replace some more usage of HttpClient with RestClient Original commit: elastic/x-pack-elasticsearch@a3cb53b7a06d517eaf6e131d94037e8ad7a85500 --- .../smoketest/GraphWithShieldIT.java | 16 +---- .../smoketest/WatcherRestTestCase.java | 25 ++----- .../smoketest/WatcherRestTestCase.java | 21 ++---- .../smoketest/WatcherRestTestCase.java | 25 ++----- .../smoketest/WatcherWithShieldIT.java | 29 ++------ .../shield/user/AnonymousUserIntegTests.java | 40 ++++------- .../xpack/test/rest/XPackRestTestCase.java | 70 +++++++------------ 7 files changed, 65 insertions(+), 161 deletions(-) diff --git a/elasticsearch/qa/smoke-test-graph-with-shield/src/test/java/org/elasticsearch/smoketest/GraphWithShieldIT.java b/elasticsearch/qa/smoke-test-graph-with-shield/src/test/java/org/elasticsearch/smoketest/GraphWithShieldIT.java index f86fd8ee11c..71477cee204 100644 --- a/elasticsearch/qa/smoke-test-graph-with-shield/src/test/java/org/elasticsearch/smoketest/GraphWithShieldIT.java +++ b/elasticsearch/qa/smoke-test-graph-with-shield/src/test/java/org/elasticsearch/smoketest/GraphWithShieldIT.java @@ -7,32 +7,18 @@ package org.elasticsearch.smoketest; import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; - -import org.apache.http.client.methods.HttpPut; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; -//import org.elasticsearch.client.support.Headers; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; -import org.elasticsearch.plugins.Plugin; -//import org.elasticsearch.shield.ShieldPlugin; import org.elasticsearch.shield.authc.support.SecuredString; -import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; import org.elasticsearch.test.rest.parser.RestTestParseException; -import org.junit.After; -import org.junit.Before; import java.io.IOException; -import java.net.URI; -import java.net.URL; -import java.util.Collection; -import java.util.Collections; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; + public class GraphWithShieldIT extends ESRestTestCase { private final static String TEST_ADMIN_USERNAME = "test_admin"; diff --git a/elasticsearch/qa/smoke-test-watcher-with-groovy/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java b/elasticsearch/qa/smoke-test-watcher-with-groovy/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java index 59430d0b378..af80d098c1c 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-groovy/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java +++ b/elasticsearch/qa/smoke-test-watcher-with-groovy/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java @@ -5,22 +5,19 @@ */ package org.elasticsearch.smoketest; -import java.io.IOException; -import java.net.URI; -import java.net.URL; - import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.apache.http.client.methods.HttpPut; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; import org.elasticsearch.test.rest.parser.RestTestParseException; import org.junit.After; import org.junit.Before; +import java.io.IOException; + +import static java.util.Collections.emptyList; +import static java.util.Collections.emptyMap; + public abstract class WatcherRestTestCase extends ESRestTestCase { public WatcherRestTestCase(@Name("yaml") RestTestCandidate testCandidate) { @@ -34,19 +31,11 @@ public abstract class WatcherRestTestCase extends ESRestTestCase { @Before public void startWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_start", null, null)); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); } @After public void stopWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_stop", null, null)); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); } } diff --git a/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java b/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java index 17e0367317e..af80d098c1c 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java +++ b/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java @@ -7,10 +7,6 @@ package org.elasticsearch.smoketest; import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.apache.http.client.methods.HttpPut; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; import org.elasticsearch.test.rest.parser.RestTestParseException; @@ -18,8 +14,9 @@ import org.junit.After; import org.junit.Before; import java.io.IOException; -import java.net.URI; -import java.net.URL; + +import static java.util.Collections.emptyList; +import static java.util.Collections.emptyMap; public abstract class WatcherRestTestCase extends ESRestTestCase { @@ -34,19 +31,11 @@ public abstract class WatcherRestTestCase extends ESRestTestCase { @Before public void startWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_start", null, null)); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); } @After public void stopWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_stop", null, null)); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); } } diff --git a/elasticsearch/qa/smoke-test-watcher-with-painless/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java b/elasticsearch/qa/smoke-test-watcher-with-painless/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java index 59430d0b378..af80d098c1c 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-painless/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java +++ b/elasticsearch/qa/smoke-test-watcher-with-painless/src/test/java/org/elasticsearch/smoketest/WatcherRestTestCase.java @@ -5,22 +5,19 @@ */ package org.elasticsearch.smoketest; -import java.io.IOException; -import java.net.URI; -import java.net.URL; - import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.apache.http.client.methods.HttpPut; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; import org.elasticsearch.test.rest.parser.RestTestParseException; import org.junit.After; import org.junit.Before; +import java.io.IOException; + +import static java.util.Collections.emptyList; +import static java.util.Collections.emptyMap; + public abstract class WatcherRestTestCase extends ESRestTestCase { public WatcherRestTestCase(@Name("yaml") RestTestCandidate testCandidate) { @@ -34,19 +31,11 @@ public abstract class WatcherRestTestCase extends ESRestTestCase { @Before public void startWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_start", null, null)); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); } @After public void stopWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_stop", null, null)); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); } } diff --git a/elasticsearch/qa/smoke-test-watcher-with-shield/src/test/java/org/elasticsearch/smoketest/WatcherWithShieldIT.java b/elasticsearch/qa/smoke-test-watcher-with-shield/src/test/java/org/elasticsearch/smoketest/WatcherWithShieldIT.java index a541b3776d9..5860b38efea 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-shield/src/test/java/org/elasticsearch/smoketest/WatcherWithShieldIT.java +++ b/elasticsearch/qa/smoke-test-watcher-with-shield/src/test/java/org/elasticsearch/smoketest/WatcherWithShieldIT.java @@ -5,26 +5,21 @@ */ package org.elasticsearch.smoketest; -import java.io.IOException; -import java.net.URI; -import java.net.URL; - import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.apache.http.client.methods.HttpPut; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.apache.http.impl.conn.BasicHttpClientConnectionManager; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.shield.authc.support.SecuredString; -import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; import org.elasticsearch.test.rest.parser.RestTestParseException; import org.junit.After; import org.junit.Before; +import java.io.IOException; + +import static java.util.Collections.emptyList; +import static java.util.Collections.emptyMap; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; public class WatcherWithShieldIT extends ESRestTestCase { @@ -43,24 +38,12 @@ public class WatcherWithShieldIT extends ESRestTestCase { @Before public void startWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_start", null, null)); - String token = basicAuthHeaderValue(TEST_ADMIN_USERNAME, new SecuredString(TEST_ADMIN_PASSWORD.toCharArray())); - request.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, token); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); } @After public void stopWatcher() throws Exception { - try(CloseableHttpClient client = HttpClients.createMinimal(new BasicHttpClientConnectionManager())) { - URL url = getClusterUrls()[0]; - HttpPut request = new HttpPut(new URI("http", null, url.getHost(), url.getPort(), "/_xpack/watcher/_stop", null, null)); - String token = basicAuthHeaderValue(TEST_ADMIN_USERNAME, new SecuredString(TEST_ADMIN_PASSWORD.toCharArray())); - request.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, token); - client.execute(request); - } + getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); } @Override diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java index db701be1b1f..0b8b8036e4d 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java @@ -5,25 +5,17 @@ */ package org.elasticsearch.shield.user; -import org.apache.http.client.methods.CloseableHttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClients; -import org.elasticsearch.common.io.Streams; +import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.common.transport.InetSocketTransportAddress; -import org.elasticsearch.common.transport.TransportAddress; -import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.shield.authz.InternalAuthorizationService; import org.elasticsearch.test.ShieldIntegTestCase; -import java.io.InputStreamReader; -import java.nio.charset.StandardCharsets; -import java.util.Locale; +import java.util.Collections; import static org.hamcrest.Matchers.containsString; -import static org.hamcrest.Matchers.instanceOf; import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.nullValue; @@ -51,28 +43,22 @@ public class AnonymousUserIntegTests extends ShieldIntegTestCase { } public void testAnonymousViaHttp() throws Exception { - try (CloseableHttpClient client = HttpClients.createDefault(); - CloseableHttpResponse response = client.execute(new HttpGet(getNodeUrl() + "_nodes"))) { - int statusCode = response.getStatusLine().getStatusCode(); - String data = Streams.copyToString(new InputStreamReader(response.getEntity().getContent(), StandardCharsets.UTF_8)); + try (RestClient restClient = restClient()) { + restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + int statusCode = e.getElasticsearchResponse().getStatusLine().getStatusCode(); + ElasticsearchResponse response = e.getElasticsearchResponse(); if (authorizationExceptionsEnabled) { assertThat(statusCode, is(403)); assertThat(response.getFirstHeader("WWW-Authenticate"), nullValue()); - assertThat(data, containsString("security_exception")); + assertThat(e.getResponseBody(), containsString("security_exception")); } else { assertThat(statusCode, is(401)); assertThat(response.getFirstHeader("WWW-Authenticate"), notNullValue()); - assertThat(response.getFirstHeader("WWW-Authenticate").getValue(), containsString("Basic")); - assertThat(data, containsString("security_exception")); + assertThat(response.getFirstHeader("WWW-Authenticate"), containsString("Basic")); + assertThat(e.getResponseBody(), containsString("security_exception")); } } } - - private String getNodeUrl() { - TransportAddress transportAddress = - randomFrom(internalCluster().getInstance(HttpServerTransport.class).boundAddress().boundAddresses()); - assertThat(transportAddress, is(instanceOf(InetSocketTransportAddress.class))); - InetSocketTransportAddress inetSocketTransportAddress = (InetSocketTransportAddress) transportAddress; - return String.format(Locale.ROOT, "http://%s:%s/", "localhost", inetSocketTransportAddress.address().getPort()); - } } diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java index dd1a23e028d..0dedb417891 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java @@ -8,11 +8,8 @@ package org.elasticsearch.xpack.test.rest; import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.apache.http.util.EntityUtils; -import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; import org.elasticsearch.common.bytes.BytesReference; -import org.elasticsearch.common.io.Streams; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.util.concurrent.ThreadContext; @@ -26,19 +23,20 @@ import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authz.store.ReservedRolesStore; import org.elasticsearch.test.rest.ESRestTestCase; import org.elasticsearch.test.rest.RestTestCandidate; +import org.elasticsearch.test.rest.client.RestTestResponse; import org.elasticsearch.test.rest.parser.RestTestParseException; import org.junit.After; import org.junit.Before; import java.io.IOException; -import java.io.InputStreamReader; -import java.nio.charset.StandardCharsets; -import java.util.Collections; import java.util.List; import java.util.Map; +import static java.util.Collections.emptyList; +import static java.util.Collections.emptyMap; +import static java.util.Collections.singletonList; +import static java.util.Collections.singletonMap; import static org.elasticsearch.shield.authc.support.UsernamePasswordToken.basicAuthHeaderValue; -import static org.hamcrest.Matchers.is; public abstract class XPackRestTestCase extends ESRestTestCase { @@ -56,17 +54,19 @@ public abstract class XPackRestTestCase extends ESRestTestCase { @Before public void startWatcher() throws Exception { - try (ElasticsearchResponse response = getRestClient() - .performRequest("PUT", "/_xpack/watcher/_start", Collections.emptyMap(), null)) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); + try { + getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); + } catch(ElasticsearchResponseException e) { + //TODO ignore for now, needs to be fixed though } } @After public void stopWatcher() throws Exception { - try (ElasticsearchResponse response = getRestClient() - .performRequest("PUT", "/_xpack/watcher/_stop", Collections.emptyMap(), null)) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); + try { + getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); + } catch(ElasticsearchResponseException e) { + //TODO ignore for now, needs to be fixed though } } @@ -76,10 +76,10 @@ public abstract class XPackRestTestCase extends ESRestTestCase { TestUtils.generateSignedLicense("trial", TimeValue.timeValueHours(2)).toXContent(builder, ToXContent.EMPTY_PARAMS); final BytesReference bytes = builder.bytes(); try (XContentParser parser = XContentFactory.xContent(bytes).createParser(bytes)) { - final List> bodies = Collections.singletonList(Collections.singletonMap("license", + final List> bodies = singletonList(singletonMap("license", parser.map())); - getAdminExecutionContext().callApi("license.post", Collections.singletonMap("acknowledge", "true"), - bodies, Collections.singletonMap("Authorization", BASIC_AUTH_VALUE)); + getAdminExecutionContext().callApi("license.post", singletonMap("acknowledge", "true"), + bodies, singletonMap("Authorization", BASIC_AUTH_VALUE)); } } @@ -87,39 +87,21 @@ public abstract class XPackRestTestCase extends ESRestTestCase { public void clearShieldUsersAndRoles() throws Exception { // we cannot delete the .security index from a rest test since we aren't the internal user, lets wipe the data // TODO remove this once the built-in SUPERUSER role is added that can delete the index and we use the built in admin user here - String response; - try (ElasticsearchResponse elasticsearchResponse = getRestClient() - .performRequest("GET", "/_xpack/security/user", Collections.emptyMap(), null)) { - assertThat(elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); - response = Streams.copyToString(new InputStreamReader(elasticsearchResponse.getEntity().getContent(), StandardCharsets.UTF_8)); - } - - Map responseMap = XContentFactory.xContent(response).createParser(response).map(); - // in the structure of this API, the users are the keyset - for (String user : responseMap.keySet()) { + RestTestResponse response = getAdminExecutionContext().callApi("xpack.security.get_user", emptyMap(), emptyList(), emptyMap()); + @SuppressWarnings("unchecked") + Map users = (Map) response.getBody(); + for (String user: users.keySet()) { if (ReservedRealm.isReserved(user) == false) { - try (ElasticsearchResponse elasticsearchResponse = getRestClient() - .performRequest("DELETE", "/_xpack/security/user/" + user, Collections.emptyMap(), null)) { - assertThat(EntityUtils.toString(elasticsearchResponse.getEntity()), elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); - } catch(ElasticsearchResponseException e) { - logger.error(e.getResponseBody()); - } + getAdminExecutionContext().callApi("xpack.security.delete_user", singletonMap("username", user), emptyList(), emptyMap()); } } - try (ElasticsearchResponse elasticsearchResponse = getRestClient() - .performRequest("GET", "/_xpack/security/role", Collections.emptyMap(), null)) { - assertThat(elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); - response = Streams.copyToString(new InputStreamReader(elasticsearchResponse.getEntity().getContent(), StandardCharsets.UTF_8)); - } - responseMap = XContentFactory.xContent(response).createParser(response).map(); - // in the structure of this API, the roles are the keyset - for (String role : responseMap.keySet()) { + response = getAdminExecutionContext().callApi("xpack.security.get_role", emptyMap(), emptyList(), emptyMap()); + @SuppressWarnings("unchecked") + Map roles = (Map) response.getBody(); + for (String role: roles.keySet()) { if (ReservedRolesStore.isReserved(role) == false) { - try (ElasticsearchResponse elasticsearchResponse = getRestClient() - .performRequest("DELETE", "/_xpack/security/role/" + role, Collections.emptyMap(), null)) { - assertThat(elasticsearchResponse.getStatusLine().getStatusCode(), is(200)); - } + getAdminExecutionContext().callApi("xpack.security.delete_role", singletonMap("name", role), emptyList(), emptyMap()); } } } From ad9a64e85428573c43ea372a51a1828da7570272 Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 3 Jun 2016 16:42:06 +0200 Subject: [PATCH 05/29] [TEST] add a lot of forgotten try with resources to wrap ElasticsearchResponses Original commit: elastic/x-pack-elasticsearch@e4634ea59940eae319108312596213320fb535ed --- .../shield/audit/IndexAuditIT.java | 7 ++- .../example/realm/CustomRealmIT.java | 7 ++- .../shield/MarvelSettingsFilterTests.java | 28 +++++----- .../AbstractPrivilegeTestCase.java | 13 +++-- .../integration/BulkUpdateTests.java | 47 +++++++++------- .../integration/ClearRealmsCacheTests.java | 9 +-- .../integration/ClearRolesCacheTests.java | 7 ++- .../integration/LicensingTests.java | 7 ++- .../shield/ShieldPluginTests.java | 7 ++- .../shield/authc/RunAsIntegTests.java | 7 ++- .../authc/pki/PkiOptionalClientAuthTests.java | 7 ++- .../PkiWithoutClientAuthenticationTests.java | 7 ++- .../shield/authc/pki/PkiWithoutSSLTests.java | 7 ++- .../action/RestAuthenticateActionTests.java | 56 ++++++++++--------- .../transport/ssl/SslClientAuthTests.java | 9 +-- .../WatcherSettingsFilterTests.java | 20 ++++--- 16 files changed, 136 insertions(+), 109 deletions(-) diff --git a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java index 3f50acc809c..96e9359092a 100644 --- a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java +++ b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java @@ -39,10 +39,11 @@ public class IndexAuditIT extends ESIntegTestCase { public void testShieldIndexAuditTrailWorking() throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(200)); + UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } final AtomicReference lastClusterState = new AtomicReference<>(); diff --git a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java index 0ff3537e54a..73850d50a66 100644 --- a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java +++ b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java @@ -59,10 +59,11 @@ public class CustomRealmIT extends ESIntegTestCase { public void testHttpAuthentication() throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER), - new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW)); - assertThat(response.getStatusLine().getStatusCode(), is(200)); + new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } } diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java index 1d7426060c0..36ea1a6a24a 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java @@ -54,20 +54,22 @@ public class MarvelSettingsFilterTests extends MarvelIntegTestCase { } else { headers = new Header[0]; } - ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers); - Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); - @SuppressWarnings("unchecked") - Map nodes = (Map) responseMap.get("nodes"); - for (Object node : nodes.values()) { + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", + Collections.emptyMap(), null, headers)) { + Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); @SuppressWarnings("unchecked") - Map settings = (Map) ((Map) node).get("settings"); - assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.equalTo("http")); - assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.equalTo("false")); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification"); + Map nodes = (Map) responseMap.get("nodes"); + for (Object node : nodes.values()) { + @SuppressWarnings("unchecked") + Map settings = (Map) ((Map) node).get("settings"); + assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.equalTo("http")); + assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.equalTo("false")); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification"); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java index 20e76bf1031..b18bd6baaf1 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java @@ -37,13 +37,14 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { protected void assertAccessIsAllowed(String user, String method, String uri, String body, Map params) throws IOException { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest(method, uri, params, entityOrNull(body), + try (ElasticsearchResponse response = restClient.performRequest(method, uri, params, entityOrNull(body), new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray())))); - StatusLine statusLine = response.getStatusLine(); - String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri, - statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity())); - assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400)))); + UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray()))))) { + StatusLine statusLine = response.getStatusLine(); + String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri, + statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity())); + assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400)))); + } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java index 50590bb7bbc..56cd09794d4 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java @@ -81,12 +81,15 @@ public class BulkUpdateTests extends ShieldIntegTestCase { try (RestClient restClient = restClient()) { StringEntity body = new StringEntity("{\"test\":\"test\"}", RestClient.JSON_CONTENT_TYPE); - ElasticsearchResponse response = restClient.performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader); - assertThat(response.getStatusLine().getStatusCode(), equalTo(201)); + try (ElasticsearchResponse response = restClient.performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(201)); + } + + try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\"")); + } - response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader); - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\"")); if (randomBoolean()) { flushAndRefresh(); @@ -94,14 +97,17 @@ public class BulkUpdateTests extends ShieldIntegTestCase { //update with new field body = new StringEntity("{\"doc\": {\"not test\": \"not test\"}}", RestClient.JSON_CONTENT_TYPE); - response = restClient.performRequest("POST", path + "/_update", Collections.emptyMap(), body, basicAuthHeader); - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + try (ElasticsearchResponse response = restClient.performRequest("POST", path + "/_update", + Collections.emptyMap(), body, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + } - response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader); - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - String responseBody = EntityUtils.toString(response.getEntity()); - assertThat(responseBody, containsString("\"test\":\"test\"")); - assertThat(responseBody, containsString("\"not test\":\"not test\"")); + try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + String responseBody = EntityUtils.toString(response.getEntity()); + assertThat(responseBody, containsString("\"test\":\"test\"")); + assertThat(responseBody, containsString("\"not test\":\"not test\"")); + } // this part is important. Without this, the document may be read from the translog which would bypass the bug where // FLS kicks in because the request can't be found and only returns meta fields @@ -109,14 +115,17 @@ public class BulkUpdateTests extends ShieldIntegTestCase { body = new StringEntity("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n" + "{\"doc\": {\"bulk updated\":\"bulk updated\"}}\n", RestClient.JSON_CONTENT_TYPE); - response = restClient.performRequest("POST", "/_bulk", Collections.emptyMap(), body, basicAuthHeader); - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + try (ElasticsearchResponse response = restClient.performRequest("POST", "/_bulk", + Collections.emptyMap(), body, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + } - response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader); - responseBody = EntityUtils.toString(response.getEntity()); - assertThat(responseBody, containsString("\"test\":\"test\"")); - assertThat(responseBody, containsString("\"not test\":\"not test\"")); - assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\"")); + try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + String responseBody = EntityUtils.toString(response.getEntity()); + assertThat(responseBody, containsString("\"test\":\"test\"")); + assertThat(responseBody, containsString("\"not test\":\"not test\"")); + assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\"")); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java index 241309fc6c5..015f37bd7f0 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java @@ -167,12 +167,13 @@ public class ClearRealmsCacheTests extends ShieldIntegTestCase { static void executeHttpRequest(String path, Map params) throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("POST", path, params, null, + try (ElasticsearchResponse response = restClient.performRequest("POST", path, params, null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertNotNull(response.getEntity()); - assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name")); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertNotNull(response.getEntity()); + assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name")); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java index ae3cdd7db8c..63f7187acb3 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java @@ -138,11 +138,12 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { path = "/_xpack/security/role/" + Strings.arrayToCommaDelimitedString(rolesToClear) + "/_clear_cache"; } try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("POST", path, Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("POST", path, Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus())); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus())); + } } } else { securityClient.prepareClearRolesCache().names(rolesToClear).get(); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java index fa555000938..4285cd2b4ff 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java @@ -198,9 +198,10 @@ public class LicensingTests extends ShieldIntegTestCase { public void testRestAuthenticationByLicenseType() throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null); - // the default of the licensing tests is basic - assertThat(response.getStatusLine().getStatusCode(), is(200)); + try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null)) { + // the default of the licensing tests is basic + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } // generate a new license with a mode that enables auth OperationMode mode = randomFrom(OperationMode.GOLD, OperationMode.TRIAL, OperationMode.PLATINUM, OperationMode.STANDARD); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java index 7d8ac262c3f..6ca7c04d67b 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java @@ -44,11 +44,12 @@ public class ShieldPluginTests extends ShieldIntegTestCase { } logger.info("executing authorized request to /_xpack infos"); - ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus())); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus())); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java index a1a75f2d1ec..e2599cc6f85 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java @@ -142,12 +142,13 @@ public class RunAsIntegTests extends ShieldIntegTestCase { } // but when running as a different user it should work - ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), - new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME)); - assertThat(response.getStatusLine().getStatusCode(), is(200)); + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java index 5198454adc0..2f81cee337b 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java @@ -89,11 +89,12 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase { assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); } - ElasticsearchResponse response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(200)); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java index 7026062188f..924336336ac 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java @@ -81,11 +81,12 @@ public class PkiWithoutClientAuthenticationTests extends ShieldIntegTestCase { sc.init(null, trustAllCerts, new SecureRandom()); CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(sc).build(); try (RestClient restClient = restClient(httpClient, "https")) { - ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(200)); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java index 33bd6b423e2..004cf0019cd 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java @@ -45,11 +45,12 @@ public class PkiWithoutSSLTests extends ShieldIntegTestCase { public void testThatHttpWorks() throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(200)); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java index 4ec2040d1cc..281ac582f29 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java @@ -53,39 +53,41 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { public void testAuthenticateApi() throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray())))); - assertThat(response.getStatusLine().getStatusCode(), is(200)); - JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); - assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME)); - @SuppressWarnings("unchecked") - List roles = (List) jsonPath.evaluate("roles"); - assertThat(roles.size(), is(1)); - assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE)); + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); + assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME)); + @SuppressWarnings("unchecked") + List roles = (List) jsonPath.evaluate("roles"); + assertThat(roles.size(), is(1)); + assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE)); + } } } public void testAuthenticateApiWithoutAuthentication() throws Exception { try (RestClient restClient = restClient()) { - ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", - Collections.emptyMap(), null); - if (anonymousEnabled) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); - assertThat(jsonPath.evaluate("username").toString(), equalTo("anon")); - @SuppressWarnings("unchecked") - List roles = (List) jsonPath.evaluate("roles"); - assertThat(roles.size(), is(2)); - assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo")); - } else { - fail("request should have failed"); - } - } catch(ElasticsearchResponseException e) { - if (anonymousEnabled) { - fail("request should have succeeded"); - } else { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", + Collections.emptyMap(), null)) { + if (anonymousEnabled) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); + assertThat(jsonPath.evaluate("username").toString(), equalTo("anon")); + @SuppressWarnings("unchecked") + List roles = (List) jsonPath.evaluate("roles"); + assertThat(roles.size(), is(2)); + assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo")); + } else { + fail("request should have failed"); + } + } catch(ElasticsearchResponseException e) { + if (anonymousEnabled) { + fail("request should have succeeded"); + } else { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java index 5f18c7eb4e3..e03d4f7f1ec 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java @@ -83,10 +83,11 @@ public class SslClientAuthTests extends ShieldIntegTestCase { CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); try (RestClient restClient = restClient(client, "https")) { - ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, - new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword()))); - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search")); + try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, + new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword())))) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search")); + } } } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java index 303e844b5d5..84022c36164 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java @@ -63,15 +63,17 @@ public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCa } else { headers = new Header[0]; } - ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers); - Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); - Map nodes = (Map) responseMap.get("nodes"); - for (Object node : nodes.values()) { - Map settings = (Map) ((Map) node).get("settings"); - assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings), - is((Object) "_user")); - assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings), - nullValue()); + try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", + Collections.emptyMap(), null, headers)) { + Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); + Map nodes = (Map) responseMap.get("nodes"); + for (Object node : nodes.values()) { + Map settings = (Map) ((Map) node).get("settings"); + assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings), + is((Object) "_user")); + assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings), + nullValue()); + } } } } From 601169833bff00b4df166466c9d18a2fd665de2a Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 3 Jun 2016 17:09:43 +0200 Subject: [PATCH 06/29] [TEST] remove usage of deprecated apis Original commit: elastic/x-pack-elasticsearch@4f4af3f5c5f118c45f9c7cad2ddb3009eb8164da --- .../shield/authc/pki/PkiOptionalClientAuthTests.java | 2 +- .../shield/authc/pki/PkiWithoutClientAuthenticationTests.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java index 2f81cee337b..1684052fe0e 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java @@ -80,7 +80,7 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase { } public void testRestClientWithoutClientCertificate() throws Exception { - CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(getSSLContext()).build(); + CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(getSSLContext()).build(); try (RestClient restClient = restClient(httpClient, "https")) { try { restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java index 924336336ac..c8be61d519a 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java @@ -79,7 +79,7 @@ public class PkiWithoutClientAuthenticationTests extends ShieldIntegTestCase { public void testThatHttpWorks() throws Exception { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new SecureRandom()); - CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(sc).build(); + CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sc).build(); try (RestClient restClient = restClient(httpClient, "https")) { try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, From e240ca8043100c1593f79ddf3a697ea4b533c14a Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 3 Jun 2016 18:00:53 +0200 Subject: [PATCH 07/29] [TEST] adapt to "create standard RestClient at first request and reuse it" A RestClient instance is now created whenever EsIntegTestCase#getRestClient is invoked for the first time. It is then kept until the cluster is cleared (depending on the cluster scope of the test). Renamed other two restClient methods to createRestClient, as that instance needs to be closed and managed in the tests. Original commit: elastic/x-pack-elasticsearch@3a9d6f6e906dac005c365fc48cf8f90a24e4d9fc --- .../shield/audit/IndexAuditIT.java | 13 ++- .../example/realm/CustomRealmIT.java | 16 ++-- .../shield/MarvelSettingsFilterTests.java | 49 ++++++----- .../AbstractPrivilegeTestCase.java | 20 +++-- .../integration/BulkUpdateTests.java | 81 +++++++++---------- .../integration/ClearRealmsCacheTests.java | 15 ++-- .../integration/ClearRolesCacheTests.java | 13 ++- .../integration/IndexPrivilegeTests.java | 6 +- .../integration/LicensingTests.java | 27 +++---- .../shield/ShieldPluginTests.java | 29 +++---- .../shield/authc/RunAsIntegTests.java | 66 +++++++-------- .../authc/pki/PkiOptionalClientAuthTests.java | 2 +- .../PkiWithoutClientAuthenticationTests.java | 2 +- .../shield/authc/pki/PkiWithoutSSLTests.java | 13 ++- .../action/RestAuthenticateActionTests.java | 61 +++++++------- .../transport/ssl/SslClientAuthTests.java | 4 +- .../shield/user/AnonymousUserIntegTests.java | 5 +- .../watcher/WatcherPluginDisableTests.java | 5 +- .../WatcherSettingsFilterTests.java | 41 +++++----- 19 files changed, 212 insertions(+), 256 deletions(-) diff --git a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java index 96e9359092a..4d728a63ac3 100644 --- a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java +++ b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java @@ -10,9 +10,8 @@ import org.apache.http.message.BasicHeader; import org.elasticsearch.action.admin.indices.template.delete.DeleteIndexTemplateResponse; import org.elasticsearch.action.admin.indices.template.get.GetIndexTemplatesResponse; import org.elasticsearch.action.search.SearchResponse; -import org.elasticsearch.cluster.ClusterState; import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.RestClient; +import org.elasticsearch.cluster.ClusterState; import org.elasticsearch.cluster.metadata.IndexTemplateMetaData; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.index.query.QueryBuilders; @@ -38,12 +37,10 @@ public class IndexAuditIT extends ESIntegTestCase { private static final String PASS = "changeme"; public void testShieldIndexAuditTrailWorking() throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))))) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); } final AtomicReference lastClusterState = new AtomicReference<>(); diff --git a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java index 73850d50a66..8bbaf98c7ef 100644 --- a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java +++ b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java @@ -11,7 +11,6 @@ import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.settings.Settings; @@ -32,6 +31,7 @@ import static org.hamcrest.Matchers.is; * Integration test to test authentication with the custom realm */ public class CustomRealmIT extends ESIntegTestCase { + @Override protected Settings externalClusterClientSettings() { return Settings.builder() @@ -46,8 +46,8 @@ public class CustomRealmIT extends ESIntegTestCase { } public void testHttpConnectionWithNoAuthentication() throws Exception { - try (RestClient restClient = restClient()) { - restClient.performRequest("GET", "/", Collections.emptyMap(), null); + try { + getRestClient().performRequest("GET", "/", Collections.emptyMap(), null); fail("request should have failed"); } catch(ElasticsearchResponseException e) { ElasticsearchResponse response = e.getElasticsearchResponse(); @@ -58,12 +58,10 @@ public class CustomRealmIT extends ESIntegTestCase { } public void testHttpAuthentication() throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, - new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER), - new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW))) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/", Collections.emptyMap(), null, + new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER), + new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java index 36ea1a6a24a..ef09ede1b18 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java @@ -8,7 +8,6 @@ package org.elasticsearch.marvel.shield; import org.apache.http.Header; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.json.JsonXContent; @@ -44,32 +43,30 @@ public class MarvelSettingsFilterTests extends MarvelIntegTestCase { } public void testGetSettingsFiltered() throws Exception { - try (RestClient restClient = restClient()) { - Header[] headers; - if (shieldEnabled) { - headers = new Header[] { - new BasicHeader(BASIC_AUTH_HEADER, - basicAuthHeaderValue(ShieldSettings.TEST_USERNAME, - new SecuredString(ShieldSettings.TEST_PASSWORD.toCharArray())))}; - } else { - headers = new Header[0]; - } - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", - Collections.emptyMap(), null, headers)) { - Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); + Header[] headers; + if (shieldEnabled) { + headers = new Header[] { + new BasicHeader(BASIC_AUTH_HEADER, + basicAuthHeaderValue(ShieldSettings.TEST_USERNAME, + new SecuredString(ShieldSettings.TEST_PASSWORD.toCharArray())))}; + } else { + headers = new Header[0]; + } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes/settings", + Collections.emptyMap(), null, headers)) { + Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); + @SuppressWarnings("unchecked") + Map nodes = (Map) responseMap.get("nodes"); + for (Object node : nodes.values()) { @SuppressWarnings("unchecked") - Map nodes = (Map) responseMap.get("nodes"); - for (Object node : nodes.values()) { - @SuppressWarnings("unchecked") - Map settings = (Map) ((Map) node).get("settings"); - assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.equalTo("http")); - assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.equalTo("false")); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password"); - assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification"); - } + Map settings = (Map) ((Map) node).get("settings"); + assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.equalTo("http")); + assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.equalTo("false")); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password"); + assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification"); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java index b18bd6baaf1..403d7296956 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java @@ -36,15 +36,13 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { protected void assertAccessIsAllowed(String user, String method, String uri, String body, Map params) throws IOException { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest(method, uri, params, entityOrNull(body), - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray()))))) { - StatusLine statusLine = response.getStatusLine(); - String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri, - statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity())); - assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400)))); - } + try (ElasticsearchResponse response = getRestClient().performRequest(method, uri, params, entityOrNull(body), + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray()))))) { + StatusLine statusLine = response.getStatusLine(); + String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri, + statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity())); + assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400)))); } } @@ -66,8 +64,8 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { protected void assertAccessIsDenied(String user, String method, String uri, String body, Map params) throws IOException { - try (RestClient restClient = restClient()) { - restClient.performRequest(method, uri, params, entityOrNull(body), + try { + getRestClient().performRequest(method, uri, params, entityOrNull(body), new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray())))); fail("request should have failed"); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java index 56cd09794d4..4ca7a37f12d 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java @@ -79,53 +79,50 @@ public class BulkUpdateTests extends ShieldIntegTestCase { UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); - try (RestClient restClient = restClient()) { - StringEntity body = new StringEntity("{\"test\":\"test\"}", RestClient.JSON_CONTENT_TYPE); - try (ElasticsearchResponse response = restClient.performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader)) { - assertThat(response.getStatusLine().getStatusCode(), equalTo(201)); - } + StringEntity body = new StringEntity("{\"test\":\"test\"}", RestClient.JSON_CONTENT_TYPE); + try (ElasticsearchResponse response = getRestClient().performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(201)); + } - try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\"")); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\"")); + } - - if (randomBoolean()) { - flushAndRefresh(); - } - - //update with new field - body = new StringEntity("{\"doc\": {\"not test\": \"not test\"}}", RestClient.JSON_CONTENT_TYPE); - try (ElasticsearchResponse response = restClient.performRequest("POST", path + "/_update", - Collections.emptyMap(), body, basicAuthHeader)) { - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - } - - try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - String responseBody = EntityUtils.toString(response.getEntity()); - assertThat(responseBody, containsString("\"test\":\"test\"")); - assertThat(responseBody, containsString("\"not test\":\"not test\"")); - } - - // this part is important. Without this, the document may be read from the translog which would bypass the bug where - // FLS kicks in because the request can't be found and only returns meta fields + if (randomBoolean()) { flushAndRefresh(); + } - body = new StringEntity("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n" + - "{\"doc\": {\"bulk updated\":\"bulk updated\"}}\n", RestClient.JSON_CONTENT_TYPE); - try (ElasticsearchResponse response = restClient.performRequest("POST", "/_bulk", - Collections.emptyMap(), body, basicAuthHeader)) { - assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); - } + //update with new field + body = new StringEntity("{\"doc\": {\"not test\": \"not test\"}}", RestClient.JSON_CONTENT_TYPE); + try (ElasticsearchResponse response = getRestClient().performRequest("POST", path + "/_update", + Collections.emptyMap(), body, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + } - try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { - String responseBody = EntityUtils.toString(response.getEntity()); - assertThat(responseBody, containsString("\"test\":\"test\"")); - assertThat(responseBody, containsString("\"not test\":\"not test\"")); - assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\"")); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + String responseBody = EntityUtils.toString(response.getEntity()); + assertThat(responseBody, containsString("\"test\":\"test\"")); + assertThat(responseBody, containsString("\"not test\":\"not test\"")); + } + + // this part is important. Without this, the document may be read from the translog which would bypass the bug where + // FLS kicks in because the request can't be found and only returns meta fields + flushAndRefresh(); + + body = new StringEntity("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n" + + "{\"doc\": {\"bulk updated\":\"bulk updated\"}}\n", RestClient.JSON_CONTENT_TYPE); + try (ElasticsearchResponse response = getRestClient().performRequest("POST", "/_bulk", + Collections.emptyMap(), body, basicAuthHeader)) { + assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); + } + + try (ElasticsearchResponse response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + String responseBody = EntityUtils.toString(response.getEntity()); + assertThat(responseBody, containsString("\"test\":\"test\"")); + assertThat(responseBody, containsString("\"not test\":\"not test\"")); + assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\"")); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java index 015f37bd7f0..2f6ecf5c03e 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java @@ -9,7 +9,6 @@ import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; import org.elasticsearch.action.ActionListener; import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.Strings; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -166,14 +165,12 @@ public class ClearRealmsCacheTests extends ShieldIntegTestCase { } static void executeHttpRequest(String path, Map params) throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("POST", path, params, null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { - assertNotNull(response.getEntity()); - assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name")); - } + try (ElasticsearchResponse response = getRestClient().performRequest("POST", path, params, null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertNotNull(response.getEntity()); + assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name")); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java index 63f7187acb3..7fa00aff8f7 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java @@ -10,7 +10,6 @@ import org.elasticsearch.action.delete.DeleteResponse; import org.elasticsearch.action.update.UpdateResponse; import org.elasticsearch.client.Client; import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.Strings; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -137,13 +136,11 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { } else { path = "/_xpack/security/role/" + Strings.arrayToCommaDelimitedString(rolesToClear) + "/_clear_cache"; } - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("POST", path, Collections.emptyMap(), null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { - assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus())); - } + try (ElasticsearchResponse response = getRestClient().performRequest("POST", path, Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus())); } } else { securityClient.prepareClearRolesCache().names(rolesToClear).get(); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java index 1eeae9976a0..813c8007d6b 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java @@ -7,7 +7,6 @@ package org.elasticsearch.integration; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -21,7 +20,6 @@ import java.util.Map; import static java.util.Collections.singletonMap; import static org.apache.lucene.util.LuceneTestCase.BadApple; -import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.is; //test is just too slow, please fix it to not be sleep-based @@ -306,8 +304,8 @@ public class IndexPrivilegeTests extends AbstractPrivilegeTestCase { } public void testThatUnknownUserIsRejectedProperly() throws Exception { - try (RestClient restClient = restClient()){ - restClient.performRequest("GET", "/", Collections.emptyMap(), null, + try { + getRestClient().performRequest("GET", "/", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue("idonotexist", new SecuredString("passwd".toCharArray())))); fail("request should have failed"); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java index 4285cd2b4ff..608cdf2a4e5 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java @@ -16,7 +16,6 @@ import org.elasticsearch.action.index.IndexResponse; import org.elasticsearch.client.Client; import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.component.AbstractComponent; @@ -197,21 +196,19 @@ public class LicensingTests extends ShieldIntegTestCase { } public void testRestAuthenticationByLicenseType() throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null)) { - // the default of the licensing tests is basic - assertThat(response.getStatusLine().getStatusCode(), is(200)); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/", Collections.emptyMap(), null)) { + // the default of the licensing tests is basic + assertThat(response.getStatusLine().getStatusCode(), is(200)); + } - // generate a new license with a mode that enables auth - OperationMode mode = randomFrom(OperationMode.GOLD, OperationMode.TRIAL, OperationMode.PLATINUM, OperationMode.STANDARD); - enableLicensing(mode); - try { - restClient.performRequest("GET", "/", Collections.emptyMap(), null); - fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); - } + // generate a new license with a mode that enables auth + OperationMode mode = randomFrom(OperationMode.GOLD, OperationMode.TRIAL, OperationMode.PLATINUM, OperationMode.STANDARD); + enableLicensing(mode); + try { + getRestClient().performRequest("GET", "/", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java index 6ca7c04d67b..5f5217572fe 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java @@ -8,7 +8,6 @@ package org.elasticsearch.shield; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; @@ -34,22 +33,20 @@ public class ShieldPluginTests extends ShieldIntegTestCase { } public void testThatPluginIsLoaded() throws IOException { - try (RestClient restClient = restClient()) { - try { - logger.info("executing unauthorized request to /_xpack info"); - restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null); - fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(UNAUTHORIZED.getStatus())); - } + try { + logger.info("executing unauthorized request to /_xpack info"); + getRestClient().performRequest("GET", "/_xpack", Collections.emptyMap(), null); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(UNAUTHORIZED.getStatus())); + } - logger.info("executing authorized request to /_xpack infos"); - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { - assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus())); - } + logger.info("executing authorized request to /_xpack infos"); + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_xpack", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus())); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java index e2599cc6f85..f7cea02f24e 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java @@ -12,7 +12,6 @@ import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -45,7 +44,7 @@ public class RunAsIntegTests extends ShieldIntegTestCase { " cluster: [ 'cluster:monitor/nodes/liveness' ]\n" + "run_as_role:\n" + " run_as: [ '" + ShieldSettingsSource.DEFAULT_USER_NAME + "', 'idontexist' ]\n"; - + @Override public Settings nodeSettings(int nodeOrdinal) { return Settings.builder() @@ -118,37 +117,35 @@ public class RunAsIntegTests extends ShieldIntegTestCase { public void testUserImpersonationUsingHttp() throws Exception { // use the transport client user and try to run as - try (RestClient restClient = restClient()) { - try { - restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(TRANSPORT_CLIENT_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), - new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME)); - fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); - } + try { + getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(TRANSPORT_CLIENT_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME)); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } - try { - //the run as user shouldn't have access to the nodes api - restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD)))); - fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); - } - - // but when running as a different user it should work - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try { + //the run as user shouldn't have access to the nodes api + getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, - SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), - new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME))) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - } + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD)))); + fail("request should have failed"); + } catch(ElasticsearchResponseException e) { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } + + // but when running as a different user it should work + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, + SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), + new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } @@ -175,8 +172,8 @@ public class RunAsIntegTests extends ShieldIntegTestCase { } public void testEmptyHeaderUsingHttp() throws Exception { - try (RestClient restClient = restClient()) { - restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try { + getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), @@ -210,9 +207,8 @@ public class RunAsIntegTests extends ShieldIntegTestCase { } public void testNonExistentRunAsUserUsingHttp() throws Exception { - - try (RestClient restClient = restClient()) { - restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try { + getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java index 1684052fe0e..2942576a12b 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java @@ -81,7 +81,7 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase { public void testRestClientWithoutClientCertificate() throws Exception { CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(getSSLContext()).build(); - try (RestClient restClient = restClient(httpClient, "https")) { + try (RestClient restClient = createRestClient(httpClient, "https")) { try { restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null); fail("request should have failed"); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java index c8be61d519a..1c9ac544942 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java @@ -80,7 +80,7 @@ public class PkiWithoutClientAuthenticationTests extends ShieldIntegTestCase { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new SecureRandom()); CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sc).build(); - try (RestClient restClient = restClient(httpClient, "https")) { + try (RestClient restClient = createRestClient(httpClient, "https")) { try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java index 004cf0019cd..e96a9541a7c 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java @@ -8,7 +8,6 @@ package org.elasticsearch.shield.authc.pki; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.Client; import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -44,13 +43,11 @@ public class PkiWithoutSSLTests extends ShieldIntegTestCase { } public void testThatHttpWorks() throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, - new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, - UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, + new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, + UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java index 281ac582f29..d209624ac7a 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java @@ -9,7 +9,6 @@ import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -52,42 +51,38 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { } public void testAuthenticateApi() throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), - null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, - new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); - assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME)); - @SuppressWarnings("unchecked") - List roles = (List) jsonPath.evaluate("roles"); - assertThat(roles.size(), is(1)); - assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE)); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), + null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); + assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME)); + @SuppressWarnings("unchecked") + List roles = (List) jsonPath.evaluate("roles"); + assertThat(roles.size(), is(1)); + assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE)); } } public void testAuthenticateApiWithoutAuthentication() throws Exception { - try (RestClient restClient = restClient()) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", - Collections.emptyMap(), null)) { - if (anonymousEnabled) { - assertThat(response.getStatusLine().getStatusCode(), is(200)); - JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); - assertThat(jsonPath.evaluate("username").toString(), equalTo("anon")); - @SuppressWarnings("unchecked") - List roles = (List) jsonPath.evaluate("roles"); - assertThat(roles.size(), is(2)); - assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo")); - } else { - fail("request should have failed"); - } - } catch(ElasticsearchResponseException e) { - if (anonymousEnabled) { - fail("request should have succeeded"); - } else { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); - } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_xpack/security/_authenticate", + Collections.emptyMap(), null)) { + if (anonymousEnabled) { + assertThat(response.getStatusLine().getStatusCode(), is(200)); + JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); + assertThat(jsonPath.evaluate("username").toString(), equalTo("anon")); + @SuppressWarnings("unchecked") + List roles = (List) jsonPath.evaluate("roles"); + assertThat(roles.size(), is(2)); + assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo")); + } else { + fail("request should have failed"); + } + } catch(ElasticsearchResponseException e) { + if (anonymousEnabled) { + fail("request should have succeeded"); + } else { + assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java index e03d4f7f1ec..75220748053 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java @@ -62,7 +62,7 @@ public class SslClientAuthTests extends ShieldIntegTestCase { SSLContexts.createDefault(), SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - try (RestClient restClient = restClient(HttpClients.custom().setSSLSocketFactory(socketFactory).build(), "https")) { + try (RestClient restClient = createRestClient(HttpClients.custom().setSSLSocketFactory(socketFactory).build(), "https")) { restClient.performRequest("GET", "/", Collections.emptyMap(), null); fail("Expected SSLHandshakeException"); } catch (SSLHandshakeException e) { @@ -82,7 +82,7 @@ public class SslClientAuthTests extends ShieldIntegTestCase { CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); - try (RestClient restClient = restClient(client, "https")) { + try (RestClient restClient = createRestClient(client, "https")) { try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword())))) { assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java index 0b8b8036e4d..7e591237221 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java @@ -7,7 +7,6 @@ package org.elasticsearch.shield.user; import org.elasticsearch.client.ElasticsearchResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authz.InternalAuthorizationService; @@ -43,8 +42,8 @@ public class AnonymousUserIntegTests extends ShieldIntegTestCase { } public void testAnonymousViaHttp() throws Exception { - try (RestClient restClient = restClient()) { - restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null); + try { + getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null); fail("request should have failed"); } catch(ElasticsearchResponseException e) { int statusCode = e.getElasticsearchResponse().getStatusLine().getStatusCode(); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java index 004de9874af..ca54d0d9e84 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java @@ -9,7 +9,6 @@ import org.apache.http.HttpStatus; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; import org.elasticsearch.client.ElasticsearchResponseException; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.http.HttpServerTransport; @@ -68,8 +67,8 @@ public class WatcherPluginDisableTests extends ESIntegTestCase { public void testRestEndpoints() throws Exception { HttpServerTransport httpServerTransport = internalCluster().getDataNodeInstance(HttpServerTransport.class); - try (RestClient restClient = restClient()) { - restClient.performRequest("GET", "/_xpack/watcher", Collections.emptyMap(), null); + try { + getRestClient().performRequest("GET", "/_xpack/watcher", Collections.emptyMap(), null); fail("request should have failed"); } catch(ElasticsearchResponseException e) { assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(HttpStatus.SC_BAD_REQUEST)); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java index 84022c36164..422f5ecac1d 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java @@ -10,7 +10,6 @@ import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.json.JsonXContent; @@ -53,27 +52,25 @@ public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCa } public void testGetSettingsSmtpPassword() throws Exception { - try (RestClient restClient = restClient()) { - Header[] headers; - if (shieldEnabled()) { - headers = new Header[] { - new BasicHeader(BASIC_AUTH_HEADER, - basicAuthHeaderValue(MarvelIntegTestCase.ShieldSettings.TEST_USERNAME, - new SecuredString(MarvelIntegTestCase.ShieldSettings.TEST_PASSWORD.toCharArray())))}; - } else { - headers = new Header[0]; - } - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", - Collections.emptyMap(), null, headers)) { - Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); - Map nodes = (Map) responseMap.get("nodes"); - for (Object node : nodes.values()) { - Map settings = (Map) ((Map) node).get("settings"); - assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings), - is((Object) "_user")); - assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings), - nullValue()); - } + Header[] headers; + if (shieldEnabled()) { + headers = new Header[] { + new BasicHeader(BASIC_AUTH_HEADER, + basicAuthHeaderValue(MarvelIntegTestCase.ShieldSettings.TEST_USERNAME, + new SecuredString(MarvelIntegTestCase.ShieldSettings.TEST_PASSWORD.toCharArray())))}; + } else { + headers = new Header[0]; + } + try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes/settings", + Collections.emptyMap(), null, headers)) { + Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); + Map nodes = (Map) responseMap.get("nodes"); + for (Object node : nodes.values()) { + Map settings = (Map) ((Map) node).get("settings"); + assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings), + is((Object) "_user")); + assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings), + nullValue()); } } } From db27d0ab20193784090801f41f85b24e2c53002b Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 3 Jun 2016 18:28:45 +0200 Subject: [PATCH 08/29] rename ElasticsearchResponse#getFirstHeader to getHeader Original commit: elastic/x-pack-elasticsearch@8ca2f6d6dd985bad4cf7a20f73c1b0034efe482f --- .../java/org/elasticsearch/example/realm/CustomRealmIT.java | 2 +- .../elasticsearch/shield/user/AnonymousUserIntegTests.java | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java index 8bbaf98c7ef..ac0b4d3b6a6 100644 --- a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java +++ b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java @@ -52,7 +52,7 @@ public class CustomRealmIT extends ESIntegTestCase { } catch(ElasticsearchResponseException e) { ElasticsearchResponse response = e.getElasticsearchResponse(); assertThat(response.getStatusLine().getStatusCode(), is(401)); - String value = response.getFirstHeader("WWW-Authenticate"); + String value = response.getHeader("WWW-Authenticate"); assertThat(value, is("custom-challenge")); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java index 7e591237221..b3446289985 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java @@ -50,12 +50,12 @@ public class AnonymousUserIntegTests extends ShieldIntegTestCase { ElasticsearchResponse response = e.getElasticsearchResponse(); if (authorizationExceptionsEnabled) { assertThat(statusCode, is(403)); - assertThat(response.getFirstHeader("WWW-Authenticate"), nullValue()); + assertThat(response.getHeader("WWW-Authenticate"), nullValue()); assertThat(e.getResponseBody(), containsString("security_exception")); } else { assertThat(statusCode, is(401)); - assertThat(response.getFirstHeader("WWW-Authenticate"), notNullValue()); - assertThat(response.getFirstHeader("WWW-Authenticate"), containsString("Basic")); + assertThat(response.getHeader("WWW-Authenticate"), notNullValue()); + assertThat(response.getHeader("WWW-Authenticate"), containsString("Basic")); assertThat(e.getResponseBody(), containsString("security_exception")); } } From 359bc7b028a6c01e15ac9c016a75e537801a0f01 Mon Sep 17 00:00:00 2001 From: javanna Date: Fri, 3 Jun 2016 23:14:33 +0200 Subject: [PATCH 09/29] fix line length issue Original commit: elastic/x-pack-elasticsearch@e9afa504a5bbbd072b72150b8f81cb58c1f51bcd --- .../shield/rest/action/RestAuthenticateActionTests.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java index d209624ac7a..86c08fc2d82 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java @@ -51,8 +51,9 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { } public void testAuthenticateApi() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), - null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, + try (ElasticsearchResponse response = getRestClient().performRequest( + "GET", "/_xpack/security/_authenticate", Collections.emptyMap(), null, + new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { assertThat(response.getStatusLine().getStatusCode(), is(200)); JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity())); From a45b260244eb92b4ccdf5633db64678d137567c6 Mon Sep 17 00:00:00 2001 From: javanna Date: Sat, 4 Jun 2016 01:10:47 +0200 Subject: [PATCH 10/29] [TEST] lower to 5s the wait for the Thread.sleep Original commit: elastic/x-pack-elasticsearch@6efeb937cd37983fb5d65ac3b00ad6eeeb0ef815 --- .../rest-api-spec/test/watcher_mustache/10_webhook.yaml | 2 +- .../rest-api-spec/test/watcher_mustache/20_array_access.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/10_webhook.yaml b/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/10_webhook.yaml index b770ed31968..1a7ade5b783 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/10_webhook.yaml +++ b/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/10_webhook.yaml @@ -55,7 +55,7 @@ catch: request_timeout cluster.health: wait_for_nodes: 99 - timeout: 10s + timeout: 5s - match: { "timed_out": true } - do: diff --git a/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/20_array_access.yaml b/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/20_array_access.yaml index 153d0334d42..bd051ab6d87 100644 --- a/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/20_array_access.yaml +++ b/elasticsearch/qa/smoke-test-watcher-with-mustache/src/test/resources/rest-api-spec/test/watcher_mustache/20_array_access.yaml @@ -53,7 +53,7 @@ catch: request_timeout cluster.health: wait_for_nodes: 99 - timeout: 10s + timeout: 5s - match: { "timed_out": true } - do: From 8bf2d93fac692a7e52300272e189a8607cd48685 Mon Sep 17 00:00:00 2001 From: javanna Date: Thu, 9 Jun 2016 16:55:39 +0200 Subject: [PATCH 11/29] rename ElasticsearchResponse and ElasticsearchResponseException to Response and ResponseException Original commit: elastic/x-pack-elasticsearch@edfd24f003631b455a535bb33fc0be5696842ae4 --- .../shield/audit/IndexAuditIT.java | 4 ++-- .../example/realm/CustomRealmIT.java | 10 ++++----- .../shield/MarvelSettingsFilterTests.java | 4 ++-- .../AbstractPrivilegeTestCase.java | 10 ++++----- .../integration/BulkUpdateTests.java | 14 ++++++------ .../integration/ClearRealmsCacheTests.java | 4 ++-- .../integration/ClearRolesCacheTests.java | 4 ++-- .../integration/IndexPrivilegeTests.java | 6 ++--- .../integration/LicensingTests.java | 10 ++++----- .../shield/ShieldPluginTests.java | 10 ++++----- .../shield/authc/RunAsIntegTests.java | 22 +++++++++---------- .../authc/pki/PkiOptionalClientAuthTests.java | 10 ++++----- .../PkiWithoutClientAuthenticationTests.java | 4 ++-- .../shield/authc/pki/PkiWithoutSSLTests.java | 4 ++-- .../action/RestAuthenticateActionTests.java | 12 +++++----- .../transport/ssl/SslClientAuthTests.java | 4 ++-- .../shield/user/AnonymousUserIntegTests.java | 10 ++++----- .../xpack/test/rest/XPackRestTestCase.java | 6 ++--- .../watcher/WatcherPluginDisableTests.java | 6 ++--- .../WatcherSettingsFilterTests.java | 4 ++-- 20 files changed, 79 insertions(+), 79 deletions(-) diff --git a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java index 4d728a63ac3..98d5ec97b16 100644 --- a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java +++ b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java @@ -10,7 +10,7 @@ import org.apache.http.message.BasicHeader; import org.elasticsearch.action.admin.indices.template.delete.DeleteIndexTemplateResponse; import org.elasticsearch.action.admin.indices.template.get.GetIndexTemplatesResponse; import org.elasticsearch.action.search.SearchResponse; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.cluster.ClusterState; import org.elasticsearch.cluster.metadata.IndexTemplateMetaData; import org.elasticsearch.common.settings.Settings; @@ -37,7 +37,7 @@ public class IndexAuditIT extends ESIntegTestCase { private static final String PASS = "changeme"; public void testShieldIndexAuditTrailWorking() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, + try (Response response = getRestClient().performRequest("GET", "/_cluster/health", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))))) { assertThat(response.getStatusLine().getStatusCode(), is(200)); diff --git a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java index ac0b4d3b6a6..2721747ea7a 100644 --- a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java +++ b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java @@ -9,8 +9,8 @@ import org.apache.http.message.BasicHeader; import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.settings.Settings; @@ -49,8 +49,8 @@ public class CustomRealmIT extends ESIntegTestCase { try { getRestClient().performRequest("GET", "/", Collections.emptyMap(), null); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - ElasticsearchResponse response = e.getElasticsearchResponse(); + } catch(ResponseException e) { + Response response = e.getResponse(); assertThat(response.getStatusLine().getStatusCode(), is(401)); String value = response.getHeader("WWW-Authenticate"); assertThat(value, is("custom-challenge")); @@ -58,7 +58,7 @@ public class CustomRealmIT extends ESIntegTestCase { } public void testHttpAuthentication() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/", Collections.emptyMap(), null, + try (Response response = getRestClient().performRequest("GET", "/", Collections.emptyMap(), null, new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER), new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW))) { assertThat(response.getStatusLine().getStatusCode(), is(200)); diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java index ef09ede1b18..7f5bc46c758 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java @@ -7,7 +7,7 @@ package org.elasticsearch.marvel.shield; import org.apache.http.Header; import org.apache.http.message.BasicHeader; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.json.JsonXContent; @@ -52,7 +52,7 @@ public class MarvelSettingsFilterTests extends MarvelIntegTestCase { } else { headers = new Header[0]; } - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes/settings", + try (Response response = getRestClient().performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers)) { Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); @SuppressWarnings("unchecked") diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java index 403d7296956..27d61768dd6 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java @@ -10,8 +10,8 @@ import org.apache.http.StatusLine; import org.apache.http.entity.StringEntity; import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.RestClient; import org.elasticsearch.shield.authc.support.Hasher; import org.elasticsearch.shield.authc.support.SecuredString; @@ -36,7 +36,7 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { protected void assertAccessIsAllowed(String user, String method, String uri, String body, Map params) throws IOException { - try (ElasticsearchResponse response = getRestClient().performRequest(method, uri, params, entityOrNull(body), + try (Response response = getRestClient().performRequest(method, uri, params, entityOrNull(body), new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray()))))) { StatusLine statusLine = response.getStatusLine(); @@ -69,8 +69,8 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase { new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray())))); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - StatusLine statusLine = e.getElasticsearchResponse().getStatusLine(); + } catch(ResponseException e) { + StatusLine statusLine = e.getResponse().getStatusLine(); String message = String.format(Locale.ROOT, "%s %s body %s: Expected 403, got %s %s with body %s", method, uri, body, statusLine.getStatusCode(), statusLine.getReasonPhrase(), e.getResponseBody()); assertThat(message, statusLine.getStatusCode(), is(403)); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java index 4ca7a37f12d..1be0438bfeb 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java @@ -12,7 +12,7 @@ import org.apache.http.util.EntityUtils; import org.elasticsearch.action.bulk.BulkResponse; import org.elasticsearch.action.get.GetResponse; import org.elasticsearch.action.update.UpdateResponse; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -80,11 +80,11 @@ public class BulkUpdateTests extends ShieldIntegTestCase { new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))); StringEntity body = new StringEntity("{\"test\":\"test\"}", RestClient.JSON_CONTENT_TYPE); - try (ElasticsearchResponse response = getRestClient().performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader)) { + try (Response response = getRestClient().performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader)) { assertThat(response.getStatusLine().getStatusCode(), equalTo(201)); } - try (ElasticsearchResponse response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + try (Response response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\"")); } @@ -95,12 +95,12 @@ public class BulkUpdateTests extends ShieldIntegTestCase { //update with new field body = new StringEntity("{\"doc\": {\"not test\": \"not test\"}}", RestClient.JSON_CONTENT_TYPE); - try (ElasticsearchResponse response = getRestClient().performRequest("POST", path + "/_update", + try (Response response = getRestClient().performRequest("POST", path + "/_update", Collections.emptyMap(), body, basicAuthHeader)) { assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); } - try (ElasticsearchResponse response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + try (Response response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); String responseBody = EntityUtils.toString(response.getEntity()); assertThat(responseBody, containsString("\"test\":\"test\"")); @@ -113,12 +113,12 @@ public class BulkUpdateTests extends ShieldIntegTestCase { body = new StringEntity("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n" + "{\"doc\": {\"bulk updated\":\"bulk updated\"}}\n", RestClient.JSON_CONTENT_TYPE); - try (ElasticsearchResponse response = getRestClient().performRequest("POST", "/_bulk", + try (Response response = getRestClient().performRequest("POST", "/_bulk", Collections.emptyMap(), body, basicAuthHeader)) { assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); } - try (ElasticsearchResponse response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { + try (Response response = getRestClient().performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) { String responseBody = EntityUtils.toString(response.getEntity()); assertThat(responseBody, containsString("\"test\":\"test\"")); assertThat(responseBody, containsString("\"not test\":\"not test\"")); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java index 2f6ecf5c03e..1cac9ebe17a 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java @@ -8,7 +8,7 @@ package org.elasticsearch.integration; import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; import org.elasticsearch.action.ActionListener; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.common.Strings; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -165,7 +165,7 @@ public class ClearRealmsCacheTests extends ShieldIntegTestCase { } static void executeHttpRequest(String path, Map params) throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("POST", path, params, null, + try (Response response = getRestClient().performRequest("POST", path, params, null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java index 7fa00aff8f7..5475eadfd72 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java @@ -9,7 +9,7 @@ import org.apache.http.message.BasicHeader; import org.elasticsearch.action.delete.DeleteResponse; import org.elasticsearch.action.update.UpdateResponse; import org.elasticsearch.client.Client; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.common.Strings; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -136,7 +136,7 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { } else { path = "/_xpack/security/role/" + Strings.arrayToCommaDelimitedString(rolesToClear) + "/_clear_cache"; } - try (ElasticsearchResponse response = getRestClient().performRequest("POST", path, Collections.emptyMap(), null, + try (Response response = getRestClient().performRequest("POST", path, Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java index 813c8007d6b..a7b8a1243a4 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/IndexPrivilegeTests.java @@ -6,7 +6,7 @@ package org.elasticsearch.integration; import org.apache.http.message.BasicHeader; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -309,8 +309,8 @@ public class IndexPrivilegeTests extends AbstractPrivilegeTestCase { new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue("idonotexist", new SecuredString("passwd".toCharArray())))); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401)); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java index 608cdf2a4e5..99ba156370e 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java @@ -14,8 +14,8 @@ import org.elasticsearch.action.admin.cluster.stats.ClusterStatsResponse; import org.elasticsearch.action.admin.indices.stats.IndicesStatsResponse; import org.elasticsearch.action.index.IndexResponse; import org.elasticsearch.client.Client; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.component.AbstractComponent; @@ -196,7 +196,7 @@ public class LicensingTests extends ShieldIntegTestCase { } public void testRestAuthenticationByLicenseType() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/", Collections.emptyMap(), null)) { + try (Response response = getRestClient().performRequest("GET", "/", Collections.emptyMap(), null)) { // the default of the licensing tests is basic assertThat(response.getStatusLine().getStatusCode(), is(200)); } @@ -207,8 +207,8 @@ public class LicensingTests extends ShieldIntegTestCase { try { getRestClient().performRequest("GET", "/", Collections.emptyMap(), null); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401)); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java index 5f5217572fe..556de7da39c 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java @@ -6,8 +6,8 @@ package org.elasticsearch.shield; import org.apache.http.message.BasicHeader; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; @@ -37,12 +37,12 @@ public class ShieldPluginTests extends ShieldIntegTestCase { logger.info("executing unauthorized request to /_xpack info"); getRestClient().performRequest("GET", "/_xpack", Collections.emptyMap(), null); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(UNAUTHORIZED.getStatus())); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(UNAUTHORIZED.getStatus())); } logger.info("executing authorized request to /_xpack infos"); - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_xpack", Collections.emptyMap(), null, + try (Response response = getRestClient().performRequest("GET", "/_xpack", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java index f7cea02f24e..3f876f936ed 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java @@ -10,8 +10,8 @@ import org.elasticsearch.ElasticsearchSecurityException; import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -124,8 +124,8 @@ public class RunAsIntegTests extends ShieldIntegTestCase { SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME)); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403)); } try { @@ -135,12 +135,12 @@ public class RunAsIntegTests extends ShieldIntegTestCase { UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD)))); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403)); } // but when running as a different user it should work - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try (Response response = getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER, SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), @@ -179,8 +179,8 @@ public class RunAsIntegTests extends ShieldIntegTestCase { SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, "")); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401)); } } @@ -214,8 +214,8 @@ public class RunAsIntegTests extends ShieldIntegTestCase { SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))), new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, "idontexist")); fail("request should have failed"); - } catch (ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(403)); + } catch (ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403)); } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java index 2942576a12b..796d1d5f95b 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java @@ -8,8 +8,8 @@ package org.elasticsearch.shield.authc.pki; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicHeader; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; @@ -85,11 +85,11 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase { try { restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401)); } - try (ElasticsearchResponse response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null, + try (Response response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java index 1c9ac544942..939ecf0483b 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java @@ -10,7 +10,7 @@ import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.Client; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.client.RestClient; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; @@ -81,7 +81,7 @@ public class PkiWithoutClientAuthenticationTests extends ShieldIntegTestCase { sc.init(null, trustAllCerts, new SecureRandom()); CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(sc).build(); try (RestClient restClient = createRestClient(httpClient, "https")) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try (Response response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java index e96a9541a7c..8f60d2b41f3 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java @@ -7,7 +7,7 @@ package org.elasticsearch.shield.authc.pki; import org.apache.http.message.BasicHeader; import org.elasticsearch.client.Client; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -43,7 +43,7 @@ public class PkiWithoutSSLTests extends ShieldIntegTestCase { } public void testThatHttpWorks() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, + try (Response response = getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null, new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER, UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java index 86c08fc2d82..9e009ef036c 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java @@ -7,8 +7,8 @@ package org.elasticsearch.shield.rest.action; import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authc.support.SecuredString; @@ -51,7 +51,7 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { } public void testAuthenticateApi() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest( + try (Response response = getRestClient().performRequest( "GET", "/_xpack/security/_authenticate", Collections.emptyMap(), null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME, new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) { @@ -66,7 +66,7 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { } public void testAuthenticateApiWithoutAuthentication() throws Exception { - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_xpack/security/_authenticate", + try (Response response = getRestClient().performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(), null)) { if (anonymousEnabled) { assertThat(response.getStatusLine().getStatusCode(), is(200)); @@ -79,11 +79,11 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase { } else { fail("request should have failed"); } - } catch(ElasticsearchResponseException e) { + } catch(ResponseException e) { if (anonymousEnabled) { fail("request should have succeeded"); } else { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401)); + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(401)); } } } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java index 75220748053..487b76fc1b6 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java @@ -12,7 +12,7 @@ import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicHeader; import org.apache.http.util.EntityUtils; import org.elasticsearch.ElasticsearchException; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.client.RestClient; import org.elasticsearch.client.transport.TransportClient; import org.elasticsearch.common.network.NetworkModule; @@ -83,7 +83,7 @@ public class SslClientAuthTests extends ShieldIntegTestCase { CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build(); try (RestClient restClient = createRestClient(client, "https")) { - try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, + try (Response response = restClient.performRequest("GET", "/", Collections.emptyMap(), null, new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword())))) { assertThat(response.getStatusLine().getStatusCode(), equalTo(200)); assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search")); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java index b3446289985..58995319020 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/user/AnonymousUserIntegTests.java @@ -5,8 +5,8 @@ */ package org.elasticsearch.shield.user; -import org.elasticsearch.client.ElasticsearchResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.authz.InternalAuthorizationService; @@ -45,9 +45,9 @@ public class AnonymousUserIntegTests extends ShieldIntegTestCase { try { getRestClient().performRequest("GET", "/_nodes", Collections.emptyMap(), null); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - int statusCode = e.getElasticsearchResponse().getStatusLine().getStatusCode(); - ElasticsearchResponse response = e.getElasticsearchResponse(); + } catch(ResponseException e) { + int statusCode = e.getResponse().getStatusLine().getStatusCode(); + Response response = e.getResponse(); if (authorizationExceptionsEnabled) { assertThat(statusCode, is(403)); assertThat(response.getHeader("WWW-Authenticate"), nullValue()); diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java index 0dedb417891..e023e2644ac 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java @@ -8,7 +8,7 @@ package org.elasticsearch.xpack.test.rest; import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; @@ -56,7 +56,7 @@ public abstract class XPackRestTestCase extends ESRestTestCase { public void startWatcher() throws Exception { try { getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); - } catch(ElasticsearchResponseException e) { + } catch(ResponseException e) { //TODO ignore for now, needs to be fixed though } } @@ -65,7 +65,7 @@ public abstract class XPackRestTestCase extends ESRestTestCase { public void stopWatcher() throws Exception { try { getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); - } catch(ElasticsearchResponseException e) { + } catch(ResponseException e) { //TODO ignore for now, needs to be fixed though } } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java index ca54d0d9e84..5b7899708d2 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/WatcherPluginDisableTests.java @@ -8,7 +8,7 @@ package org.elasticsearch.xpack.watcher; import org.apache.http.HttpStatus; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; -import org.elasticsearch.client.ElasticsearchResponseException; +import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.http.HttpServerTransport; @@ -70,8 +70,8 @@ public class WatcherPluginDisableTests extends ESIntegTestCase { try { getRestClient().performRequest("GET", "/_xpack/watcher", Collections.emptyMap(), null); fail("request should have failed"); - } catch(ElasticsearchResponseException e) { - assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(HttpStatus.SC_BAD_REQUEST)); + } catch(ResponseException e) { + assertThat(e.getResponse().getStatusLine().getStatusCode(), is(HttpStatus.SC_BAD_REQUEST)); } } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java index 422f5ecac1d..b61fd4e0231 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java @@ -9,7 +9,7 @@ import org.apache.http.Header; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicHeader; -import org.elasticsearch.client.ElasticsearchResponse; +import org.elasticsearch.client.Response; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.json.JsonXContent; @@ -61,7 +61,7 @@ public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCa } else { headers = new Header[0]; } - try (ElasticsearchResponse response = getRestClient().performRequest("GET", "/_nodes/settings", + try (Response response = getRestClient().performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers)) { Map responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map(); Map nodes = (Map) responseMap.get("nodes"); From 4f55896af83deec4005078c2e73a283b206b1529 Mon Sep 17 00:00:00 2001 From: Alexander Reelsen Date: Wed, 22 Jun 2016 08:40:03 +0200 Subject: [PATCH 12/29] Tests: Fix ManualPublicSmtpServersTester to make it work again Original commit: elastic/x-pack-elasticsearch@8cf12ed485fb5ae779ea443b9430d019c1ed24e6 --- .../email/ManualPublicSmtpServersTester.java | 93 +++++++++---------- 1 file changed, 46 insertions(+), 47 deletions(-) diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java index caa645927df..69b18898c94 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java @@ -10,13 +10,14 @@ import org.elasticsearch.cli.Terminal; import org.elasticsearch.common.settings.ClusterSettings; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.ToXContent; -import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.xpack.common.secret.SecretService; -import java.io.IOException; +import java.io.InputStream; import java.util.Collections; import java.util.Locale; +import static com.google.common.base.Preconditions.checkNotNull; + @AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/379") public class ManualPublicSmtpServersTester { @@ -26,13 +27,13 @@ public class ManualPublicSmtpServersTester { public static void main(String[] args) throws Exception { test(Profile.GMAIL, Settings.builder() - .put("xpack.notification.email.service.account.gmail.smtp.auth", true) - .put("xpack.notification.email.service.account.gmail.smtp.starttls.enable", true) - .put("xpack.notification.email.service.account.gmail.smtp.host", "smtp.gmail.com") - .put("xpack.notification.email.service.account.gmail.smtp.port", 587) - .put("xpack.notification.email.service.account.gmail.smtp.user", terminal.readText("username: ")) - .put("xpack.notification.email.service.account.gmail.smtp.password", new String(terminal.readSecret("password: "))) - .put("xpack.notification.email.service.account.gmail.email_defaults.to", terminal.readText("to: ")) + .put("xpack.notification.email.account.gmail.smtp.auth", true) + .put("xpack.notification.email.account.gmail.smtp.starttls.enable", true) + .put("xpack.notification.email.account.gmail.smtp.host", "smtp.gmail.com") + .put("xpack.notification.email.account.gmail.smtp.port", 587) + .put("xpack.notification.email.account.gmail.smtp.user", terminal.readText("username: ")) + .put("xpack.notification.email.account.gmail.smtp.password", new String(terminal.readSecret("password: "))) + .put("xpack.notification.email.account.gmail.email_defaults.to", terminal.readText("to: ")) ); } } @@ -41,13 +42,13 @@ public class ManualPublicSmtpServersTester { public static void main(String[] args) throws Exception { test(Profile.STANDARD, Settings.builder() - .put("xpack.notification.email.service.account.outlook.smtp.auth", true) - .put("xpack.notification.email.service.account.outlook.smtp.starttls.enable", true) - .put("xpack.notification.email.service.account.outlook.smtp.host", "smtp-mail.outlook.com") - .put("xpack.notification.email.service.account.outlook.smtp.port", 587) - .put("xpack.notification.email.service.account.outlook.smtp.user", "elastic.user@outlook.com") - .put("xpack.notification.email.service.account.outlook.smtp.password", "fantastic42") - .put("xpack.notification.email.service.account.outlook.email_defaults.to", "elastic.user@outlook.com") + .put("xpack.notification.email.account.outlook.smtp.auth", true) + .put("xpack.notification.email.account.outlook.smtp.starttls.enable", true) + .put("xpack.notification.email.account.outlook.smtp.host", "smtp-mail.outlook.com") + .put("xpack.notification.email.account.outlook.smtp.port", 587) + .put("xpack.notification.email.account.outlook.smtp.user", "elastic.user@outlook.com") + .put("xpack.notification.email.account.outlook.smtp.password", "fantastic42") + .put("xpack.notification.email.account.outlook.email_defaults.to", "elastic.user@outlook.com") .put() ); } @@ -57,15 +58,15 @@ public class ManualPublicSmtpServersTester { public static void main(String[] args) throws Exception { test(Profile.STANDARD, Settings.builder() - .put("xpack.notification.email.service.account.yahoo.smtp.starttls.enable", true) - .put("xpack.notification.email.service.account.yahoo.smtp.auth", true) - .put("xpack.notification.email.service.account.yahoo.smtp.host", "smtp.mail.yahoo.com") - .put("xpack.notification.email.service.account.yahoo.smtp.port", 587) - .put("xpack.notification.email.service.account.yahoo.smtp.user", "elastic.user@yahoo.com") - .put("xpack.notification.email.service.account.yahoo.smtp.password", "fantastic42") + .put("xpack.notification.email.account.yahoo.smtp.starttls.enable", true) + .put("xpack.notification.email.account.yahoo.smtp.auth", true) + .put("xpack.notification.email.account.yahoo.smtp.host", "smtp.mail.yahoo.com") + .put("xpack.notification.email.account.yahoo.smtp.port", 587) + .put("xpack.notification.email.account.yahoo.smtp.user", "elastic.user@yahoo.com") + .put("xpack.notification.email.account.yahoo.smtp.password", "fantastic42") // note: from must be set to the same authenticated user account - .put("xpack.notification.email.service.account.yahoo.email_defaults.from", "elastic.user@yahoo.com") - .put("xpack.notification.email.service.account.yahoo.email_defaults.to", "elastic.user@yahoo.com") + .put("xpack.notification.email.account.yahoo.email_defaults.from", "elastic.user@yahoo.com") + .put("xpack.notification.email.account.yahoo.email_defaults.to", "elastic.user@yahoo.com") ); } } @@ -75,42 +76,40 @@ public class ManualPublicSmtpServersTester { public static void main(String[] args) throws Exception { test(Profile.STANDARD, Settings.builder() - .put("xpack.notification.email.service.account.ses.smtp.auth", true) - .put("xpack.notification.email.service.account.ses.smtp.starttls.enable", true) - .put("xpack.notification.email.service.account.ses.smtp.starttls.required", true) - .put("xpack.notification.email.service.account.ses.smtp.host", "email-smtp.us-east-1.amazonaws.com") - .put("xpack.notification.email.service.account.ses.smtp.port", 587) - .put("xpack.notification.email.service.account.ses.smtp.user", terminal.readText("user: ")) - .put("xpack.notification.email.service.account.ses.email_defaults.from", "dummy.user@elasticsearch.com") - .put("xpack.notification.email.service.account.ses.email_defaults.to", terminal.readText("to: ")) - .put("xpack.notification.email.service.account.ses.smtp.password", + .put("xpack.notification.email.account.ses.smtp.auth", true) + .put("xpack.notification.email.account.ses.smtp.starttls.enable", true) + .put("xpack.notification.email.account.ses.smtp.starttls.required", true) + .put("xpack.notification.email.account.ses.smtp.host", "email-smtp.us-east-1.amazonaws.com") + .put("xpack.notification.email.account.ses.smtp.port", 587) + .put("xpack.notification.email.account.ses.smtp.user", terminal.readText("user: ")) + .put("xpack.notification.email.account.ses.email_defaults.from", "dummy.user@elasticsearch.com") + .put("xpack.notification.email.account.ses.email_defaults.to", terminal.readText("to: ")) + .put("xpack.notification.email.account.ses.smtp.password", new String(terminal.readSecret("password: "))) ); } } - static void test(Profile profile, Settings.Builder builder) throws Exception { - InternalEmailService service = startEmailService(builder); + static void test(Profile profile, Settings.Builder settingsBuilder) throws Exception { + String path = "/org/elasticsearch/xpack/watcher/actions/email/service/logo.png"; + checkNotNull(InternalEmailServiceTests.class.getResourceAsStream(path)); + + InternalEmailService service = startEmailService(settingsBuilder); try { - ToXContent content = new ToXContent() { - @Override - public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { - return builder.startObject() - .field("key1", "value1") - .field("key2", "value2") - .field("key3", "value3") - .endObject(); - } - }; + ToXContent content = (xContentBuilder, params) -> xContentBuilder.startObject() + .field("key1", "value1") + .field("key2", "value2") + .field("key3", "value3") + .endObject(); Email email = Email.builder() .id("_id") .subject("_subject") .textBody("_text_body") - .htmlBody("html body

") + .htmlBody("html body

") .attach(new Attachment.XContent.Yaml("test.yml", content)) - .inline(new Inline.Stream("logo", "logo.jpg", () -> InternalEmailServiceTests.class.getResourceAsStream("logo.png"))) + .inline(new Inline.Stream("logo.png", "logo.png", () -> InternalEmailServiceTests.class.getResourceAsStream(path))) .build(); EmailService.EmailSent sent = service.send(email, null, profile); From 5883efc976a1e9cdbc7e8a446c67f52747ebc158 Mon Sep 17 00:00:00 2001 From: Alexander Reelsen Date: Wed, 22 Jun 2016 14:31:27 +0200 Subject: [PATCH 13/29] Watcher: Remove support for _timestamp field in index action (elastic/elasticsearch#2575) The watch index action was using the _timestamp field by default. This functionality now needs to be configured explicitely for a special field that is part of that document which is going to be indexed. Relates elastic/elasticsearchelastic/elasticsearch#18980 Original commit: elastic/x-pack-elasticsearch@dfa4cf22967e85bde1ba525063bbf2b734391d33 --- .../messy/tests/GroovyScriptConditionIT.java | 15 +-- .../messy/tests/ScriptConditionSearchIT.java | 20 ++-- .../actions/index/ExecutableIndexAction.java | 33 +++--- .../actions/index/IndexActionTests.java | 49 ++++---- .../compare/CompareConditionSearchTests.java | 18 ++- .../script/ScriptConditionSearchTests.java | 105 ------------------ .../test/integration/BasicWatcherTests.java | 2 +- 7 files changed, 56 insertions(+), 186 deletions(-) delete mode 100644 elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/script/ScriptConditionSearchTests.java diff --git a/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/GroovyScriptConditionIT.java b/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/GroovyScriptConditionIT.java index 1830ee07723..8f9b29ff95a 100644 --- a/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/GroovyScriptConditionIT.java +++ b/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/GroovyScriptConditionIT.java @@ -66,13 +66,10 @@ public class GroovyScriptConditionIT extends AbstractWatcherIntegrationTestCase } public void testGroovyClosureWithAggregations() throws Exception { - client().admin().indices().prepareCreate(".monitoring") - .addMapping("cluster_stats", "_timestamp", "enabled=true") - .get(); - for (int seconds = 0; seconds < 60; seconds += 5) { - client().prepareIndex(".monitoring", "cluster_stats").setTimestamp("2005-01-01T00:00:" + - String.format(Locale.ROOT, "%02d", seconds)).setSource("status", randomFrom("green", "yellow")).get(); + String timestamp = "2005-01-01T00:00:" + String.format(Locale.ROOT, "%02d", seconds); + client().prepareIndex(".monitoring", "cluster_stats") + .setSource("status", randomFrom("green", "yellow"), "@timestamp", timestamp).get(); } refresh(); @@ -80,7 +77,7 @@ public class GroovyScriptConditionIT extends AbstractWatcherIntegrationTestCase SearchRequestBuilder builder = client().prepareSearch(".monitoring") .addAggregation( AggregationBuilders - .dateHistogram("minutes").field("_timestamp").interval(TimeUnit.MILLISECONDS.convert(5, TimeUnit.SECONDS)) + .dateHistogram("minutes").field("@timestamp").interval(TimeUnit.MILLISECONDS.convert(5, TimeUnit.SECONDS)) .order(Histogram.Order.COUNT_DESC) .subAggregation(AggregationBuilders.terms("status").field("status.keyword").size(3))); SearchResponse unmetResponse = builder.get(); @@ -101,8 +98,8 @@ public class GroovyScriptConditionIT extends AbstractWatcherIntegrationTestCase assertFalse(condition.execute(unmetContext).met()); for (int seconds = 0; seconds < 60; seconds += 5) { - client().prepareIndex(".monitoring", "cluster_stats").setTimestamp("2005-01-01T00:01:" + - String.format(Locale.ROOT, "%02d", seconds)).setSource("status", randomFrom("red")).get(); + String timestamp = "2005-01-01T00:01:" + String.format(Locale.ROOT, "%02d", seconds); + client().prepareIndex(".monitoring", "cluster_stats").setSource("status", randomFrom("red"), "@timestamp", timestamp).get(); } refresh(); diff --git a/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/ScriptConditionSearchIT.java b/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/ScriptConditionSearchIT.java index d467b68a68c..18c8b508cd0 100644 --- a/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/ScriptConditionSearchIT.java +++ b/elasticsearch/qa/messy-test-watcher-with-groovy/src/test/java/org/elasticsearch/messy/tests/ScriptConditionSearchIT.java @@ -20,11 +20,11 @@ import org.elasticsearch.search.internal.InternalSearchHits; import org.elasticsearch.search.internal.InternalSearchResponse; import org.elasticsearch.threadpool.TestThreadPool; import org.elasticsearch.threadpool.ThreadPool; +import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.watcher.condition.script.ExecutableScriptCondition; import org.elasticsearch.xpack.watcher.condition.script.ScriptCondition; import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; import org.elasticsearch.xpack.watcher.support.Script; -import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase; import org.elasticsearch.xpack.watcher.watch.Payload; import org.junit.After; @@ -61,18 +61,14 @@ public class ScriptConditionSearchIT extends AbstractWatcherIntegrationTestCase } public void testExecuteWithAggs() throws Exception { - client().admin().indices().prepareCreate("my-index") - .addMapping("my-type", "_timestamp", "enabled=true") - .get(); - - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:00").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:10").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:20").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:30").setSource("{}").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:00").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:10").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:20").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:30").get(); refresh(); SearchResponse response = client().prepareSearch("my-index") - .addAggregation(AggregationBuilders.dateHistogram("rate").field("_timestamp") + .addAggregation(AggregationBuilders.dateHistogram("rate").field("@timestamp") .dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) .get(); @@ -83,10 +79,10 @@ public class ScriptConditionSearchIT extends AbstractWatcherIntegrationTestCase WatchExecutionContext ctx = mockExecutionContext("_name", new Payload.XContent(response)); assertFalse(condition.execute(ctx).met()); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:40").setSource("{}").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:40").get(); refresh(); - response = client().prepareSearch("my-index").addAggregation(AggregationBuilders.dateHistogram("rate").field("_timestamp") + response = client().prepareSearch("my-index").addAggregation(AggregationBuilders.dateHistogram("rate").field("@timestamp") .dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) .get(); diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/actions/index/ExecutableIndexAction.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/actions/index/ExecutableIndexAction.java index 1b90a7d10b6..b5703c18ff1 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/actions/index/ExecutableIndexAction.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/actions/index/ExecutableIndexAction.java @@ -15,7 +15,6 @@ import org.elasticsearch.common.logging.ESLogger; import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentType; -import org.elasticsearch.index.mapper.internal.TimestampFieldMapper; import org.elasticsearch.xpack.watcher.actions.Action; import org.elasticsearch.xpack.watcher.actions.ExecutableAction; import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; @@ -24,6 +23,7 @@ import org.elasticsearch.xpack.watcher.support.WatcherDateTimeUtils; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource; import org.elasticsearch.xpack.watcher.watch.Payload; +import org.joda.time.DateTime; import java.io.IOException; import java.util.HashMap; @@ -63,19 +63,9 @@ public class ExecutableIndexAction extends ExecutableAction { } IndexRequest indexRequest = new IndexRequest(); - indexRequest.index(action.index); indexRequest.type(action.docType); - - if (action.executionTimeField != null && !TimestampFieldMapper.NAME.equals(action.executionTimeField)) { - if (!(data instanceof HashMap)) { - data = new HashMap<>(data); // ensuring mutability - } - data.put(action.executionTimeField, WatcherDateTimeUtils.formatDate(ctx.executionTime())); - } else { - indexRequest.timestamp(WatcherDateTimeUtils.formatDate(ctx.executionTime())); - } - + data = addTimestampToDocument(data, ctx.executionTime()); indexRequest.source(jsonBuilder().prettyPrint().map(data)); if (ctx.simulateAction(actionId)) { @@ -100,14 +90,7 @@ public class ExecutableIndexAction extends ExecutableAction { IndexRequest indexRequest = new IndexRequest(); indexRequest.index(action.index); indexRequest.type(action.docType); - if (action.executionTimeField != null && !TimestampFieldMapper.NAME.equals(action.executionTimeField)) { - if (!(doc instanceof HashMap)) { - doc = new HashMap<>(doc); // ensuring mutability - } - doc.put(action.executionTimeField, WatcherDateTimeUtils.formatDate(ctx.executionTime())); - } else { - indexRequest.timestamp(WatcherDateTimeUtils.formatDate(ctx.executionTime())); - } + doc = addTimestampToDocument(doc, ctx.executionTime()); indexRequest.source(jsonBuilder().prettyPrint().map(doc)); bulkRequest.add(indexRequest); } @@ -121,6 +104,16 @@ public class ExecutableIndexAction extends ExecutableAction { return new IndexAction.Result.Success(new XContentSource(jsonBuilder.bytes(), XContentType.JSON)); } + private Map addTimestampToDocument(Map data, DateTime executionTime) { + if (action.executionTimeField != null) { + if (!(data instanceof HashMap)) { + data = new HashMap<>(data); // ensuring mutability + } + data.put(action.executionTimeField, WatcherDateTimeUtils.formatDate(executionTime)); + } + return data; + } + static void indexResponseToXContent(XContentBuilder builder, IndexResponse response) throws IOException { builder.startObject() .field("created", response.isCreated()) diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/index/IndexActionTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/index/IndexActionTests.java index 4eb7c7e3968..a6bf5c9b717 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/index/IndexActionTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/index/IndexActionTests.java @@ -6,6 +6,7 @@ package org.elasticsearch.xpack.watcher.actions.index; import org.elasticsearch.ElasticsearchParseException; +import org.elasticsearch.action.search.SearchRequestBuilder; import org.elasticsearch.action.search.SearchResponse; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; @@ -64,14 +65,8 @@ public class IndexActionTests extends ESIntegTestCase { } public void testIndexActionExecuteSingleDoc() throws Exception { - String timestampField = randomFrom(null, "_timestamp", "@timestamp"); - boolean customTimestampField = "@timestamp".equals(timestampField); - - if (timestampField == null || "_timestamp".equals(timestampField)) { - assertThat(prepareCreate("test-index") - .addMapping("test-type", "{ \"test-type\" : { \"_timestamp\" : { \"enabled\" : \"true\" }}}") - .get().isAcknowledged(), is(true)); - } + String timestampField = randomFrom(null, "@timestamp"); + boolean customTimestampField = timestampField != null; IndexAction action = new IndexAction("test-index", "test-type", timestampField, null, null); ExecutableIndexAction executable = new ExecutableIndexAction(action, logger, WatcherClientProxy.of(client()), null); @@ -92,12 +87,15 @@ public class IndexActionTests extends ESIntegTestCase { refresh(); //Manually refresh to make sure data is available - SearchResponse searchResponse = client().prepareSearch("test-index") + SearchRequestBuilder searchRequestbuilder = client().prepareSearch("test-index") .setTypes("test-type") - .setSource(searchSource() - .query(matchAllQuery()) - .aggregation(terms("timestamps").field(customTimestampField ? timestampField : "_timestamp"))) - .get(); + .setSource(searchSource().query(matchAllQuery())); + + if (customTimestampField) { + searchRequestbuilder.addAggregation(terms("timestamps").field(timestampField)); + } + + SearchResponse searchResponse = searchRequestbuilder.get(); assertThat(searchResponse.getHits().totalHits(), equalTo(1L)); SearchHit hit = searchResponse.getHits().getAt(0); @@ -106,28 +104,24 @@ public class IndexActionTests extends ESIntegTestCase { assertThat(hit.getSource().size(), is(2)); assertThat(hit.getSource(), hasEntry("foo", (Object) "bar")); assertThat(hit.getSource(), hasEntry(timestampField, (Object) WatcherDateTimeUtils.formatDate(executionTime))); + + Terms terms = searchResponse.getAggregations().get("timestamps"); + assertThat(terms, notNullValue()); + assertThat(terms.getBuckets(), hasSize(1)); + assertThat(terms.getBuckets().get(0).getKeyAsNumber().longValue(), is(executionTime.getMillis())); + assertThat(terms.getBuckets().get(0).getDocCount(), is(1L)); } else { assertThat(hit.getSource().size(), is(1)); assertThat(hit.getSource(), hasEntry("foo", (Object) "bar")); } - Terms terms = searchResponse.getAggregations().get("timestamps"); - assertThat(terms, notNullValue()); - assertThat(terms.getBuckets(), hasSize(1)); - assertThat(terms.getBuckets().get(0).getKeyAsNumber().longValue(), is(executionTime.getMillis())); - assertThat(terms.getBuckets().get(0).getDocCount(), is(1L)); } public void testIndexActionExecuteMultiDoc() throws Exception { - String timestampField = randomFrom(null, "_timestamp", "@timestamp"); + String timestampField = randomFrom(null, "@timestamp"); boolean customTimestampField = "@timestamp".equals(timestampField); - if (timestampField == null || "_timestamp".equals(timestampField)) { - assertAcked(prepareCreate("test-index") - .addMapping("test-type", "_timestamp", "enabled=true", "foo", "type=keyword")); - } else { - assertAcked(prepareCreate("test-index") - .addMapping("test-type", "foo", "type=keyword")); - } + assertAcked(prepareCreate("test-index") + .addMapping("test-type", "foo", "type=keyword")); Object list = randomFrom( new Map[] { singletonMap("foo", "bar"), singletonMap("foo", "bar1") }, @@ -160,8 +154,7 @@ public class IndexActionTests extends ESIntegTestCase { SearchResponse searchResponse = client().prepareSearch("test-index") .setTypes("test-type") .setSource(searchSource().sort("foo", SortOrder.ASC) - .query(matchAllQuery()) - .aggregation(terms("timestamps").field(customTimestampField ? timestampField : "_timestamp"))) + .query(matchAllQuery())) .get(); assertThat(searchResponse.getHits().totalHits(), equalTo(2L)); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/compare/CompareConditionSearchTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/compare/CompareConditionSearchTests.java index 77b2b420625..dd0fadad6db 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/compare/CompareConditionSearchTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/compare/CompareConditionSearchTests.java @@ -39,18 +39,14 @@ public class CompareConditionSearchTests extends AbstractWatcherIntegrationTestC } public void testExecuteWithAggs() throws Exception { - client().admin().indices().prepareCreate("my-index") - .addMapping("my-type", "_timestamp", "enabled=true") - .get(); - - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:00").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:10").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:20").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:30").setSource("{}").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:00").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:10").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:20").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:30").get(); refresh(); SearchResponse response = client().prepareSearch("my-index") - .addAggregation(AggregationBuilders.dateHistogram("rate").field("_timestamp") + .addAggregation(AggregationBuilders.dateHistogram("rate").field("@timestamp") .dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) .get(); @@ -65,12 +61,12 @@ public class CompareConditionSearchTests extends AbstractWatcherIntegrationTestC assertThat(resolvedValues.size(), is(1)); assertThat(resolvedValues, hasEntry("ctx.payload.aggregations.rate.buckets.0.doc_count", (Object) 4)); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:40").setSource("{}").get(); + client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:40").get(); refresh(); response = client().prepareSearch("my-index") .addAggregation(AggregationBuilders.dateHistogram("rate") - .field("_timestamp").dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) + .field("@timestamp").dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) .get(); ctx = mockExecutionContext("_name", new Payload.XContent(response)); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/script/ScriptConditionSearchTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/script/ScriptConditionSearchTests.java deleted file mode 100644 index f814c67f1f9..00000000000 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/condition/script/ScriptConditionSearchTests.java +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -package org.elasticsearch.xpack.watcher.condition.script; - -import org.apache.lucene.util.LuceneTestCase.AwaitsFix; -import org.elasticsearch.action.search.SearchResponse; -import org.elasticsearch.action.search.ShardSearchFailure; -import org.elasticsearch.common.text.Text; -import org.elasticsearch.index.Index; -import org.elasticsearch.search.SearchShardTarget; -import org.elasticsearch.search.aggregations.AggregationBuilders; -import org.elasticsearch.search.aggregations.bucket.histogram.DateHistogramInterval; -import org.elasticsearch.search.aggregations.bucket.histogram.Histogram; -import org.elasticsearch.search.internal.InternalSearchHit; -import org.elasticsearch.search.internal.InternalSearchHits; -import org.elasticsearch.search.internal.InternalSearchResponse; -import org.elasticsearch.threadpool.TestThreadPool; -import org.elasticsearch.threadpool.ThreadPool; -import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; -import org.elasticsearch.xpack.watcher.support.Script; -import org.elasticsearch.xpack.common.ScriptServiceProxy; -import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase; -import org.elasticsearch.xpack.watcher.test.WatcherTestUtils; -import org.elasticsearch.xpack.watcher.watch.Payload; -import org.junit.After; -import org.junit.Before; - -import static org.elasticsearch.xpack.watcher.test.WatcherTestUtils.mockExecutionContext; -import static org.hamcrest.Matchers.is; -import static org.mockito.Mockito.when; - -/** - */ -@AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/724") -public class ScriptConditionSearchTests extends AbstractWatcherIntegrationTestCase { - private ThreadPool tp = null; - private ScriptServiceProxy scriptService; - - @Before - public void init() throws Exception { - tp = new TestThreadPool(ThreadPool.Names.SAME); - scriptService = WatcherTestUtils.getScriptServiceProxy(tp); - } - - @After - public void cleanup() { - tp.shutdownNow(); - } - - public void testExecuteWithAggs() throws Exception { - client().admin().indices().prepareCreate("my-index") - .addMapping("my-type", "_timestamp", "enabled=true") - .get(); - - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:00").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:10").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:20").setSource("{}").get(); - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:30").setSource("{}").get(); - refresh(); - - SearchResponse response = client().prepareSearch("my-index") - .addAggregation(AggregationBuilders.dateHistogram("rate") - .field("_timestamp").dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) - .get(); - - ExecutableScriptCondition condition = new ExecutableScriptCondition( - new ScriptCondition(Script.inline("ctx.payload.aggregations.rate.buckets[0]?.doc_count >= 5").build()), - logger, scriptService); - - WatchExecutionContext ctx = mockExecutionContext("_name", new Payload.XContent(response)); - assertFalse(condition.execute(ctx).met()); - - client().prepareIndex("my-index", "my-type").setTimestamp("2005-01-01T00:40").setSource("{}").get(); - refresh(); - - response = client().prepareSearch("my-index") - .addAggregation(AggregationBuilders.dateHistogram("rate") - .field("_timestamp").dateHistogramInterval(DateHistogramInterval.HOUR).order(Histogram.Order.COUNT_DESC)) - .get(); - - ctx = mockExecutionContext("_name", new Payload.XContent(response)); - assertThat(condition.execute(ctx).met(), is(true)); - } - - public void testExecuteAccessHits() throws Exception { - ExecutableScriptCondition condition = new ExecutableScriptCondition( - new ScriptCondition(Script.inline("ctx.payload.hits?.hits[0]?._score == 1.0").build()), logger, scriptService); - InternalSearchHit hit = new InternalSearchHit(0, "1", new Text("type"), null); - hit.score(1f); - hit.shard(new SearchShardTarget("a", new Index("a", "testUUID"), 0)); - - InternalSearchResponse internalSearchResponse = new InternalSearchResponse( - new InternalSearchHits(new InternalSearchHit[]{hit}, 1L, 1f), null, null, null, false, false); - SearchResponse response = new SearchResponse(internalSearchResponse, "", 3, 3, 500L, new ShardSearchFailure[0]); - - WatchExecutionContext ctx = mockExecutionContext("_watch_name", new Payload.XContent(response)); - assertThat(condition.execute(ctx).met(), is(true)); - hit.score(2f); - when(ctx.payload()).thenReturn(new Payload.XContent(response)); - assertThat(condition.execute(ctx).met(), is(false)); - } -} diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java index b552439b30e..8c42d426bd4 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java @@ -384,7 +384,7 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase { timeWarp().clock().setTime(SystemClock.INSTANCE.nowUTC()); String watchName = "_name"; - assertAcked(prepareCreate("events").addMapping("event", "_timestamp", "enabled=true", "level", "type=text")); + assertAcked(prepareCreate("events").addMapping("event", "level", "type=text")); watcherClient().preparePutWatch(watchName) .setSource(watchBuilder() From ffae647b8ba87538e440d1934f3fe93e3234f1ed Mon Sep 17 00:00:00 2001 From: javanna Date: Wed, 22 Jun 2016 15:51:53 +0200 Subject: [PATCH 14/29] [TEST] remove start and stop watcher from XPackRestTestCase We were ignoring the response code which is always 401 because the license is not good to start watcher. Plus all tests run fine without these methods. Original commit: elastic/x-pack-elasticsearch@f93e1c2777ee196a04eb506d2482d155c91ce6f3 --- .../xpack/test/rest/XPackRestTestCase.java | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java index 731e755e6af..d366e80fd7e 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/test/rest/XPackRestTestCase.java @@ -8,7 +8,6 @@ package org.elasticsearch.xpack.test.rest; import com.carrotsearch.randomizedtesting.annotations.Name; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; -import org.elasticsearch.client.ResponseException; import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; @@ -51,24 +50,6 @@ public abstract class XPackRestTestCase extends ESRestTestCase { return ESRestTestCase.createParameters(0, 1); } - @Before - public void startWatcher() throws Exception { - try { - getAdminExecutionContext().callApi("xpack.watcher.start", emptyMap(), emptyList(), emptyMap()); - } catch(ResponseException e) { - //TODO ignore for now, needs to be fixed though - } - } - - @After - public void stopWatcher() throws Exception { - try { - getAdminExecutionContext().callApi("xpack.watcher.stop", emptyMap(), emptyList(), emptyMap()); - } catch(ResponseException e) { - //TODO ignore for now, needs to be fixed though - } - } - @Before public void installLicense() throws Exception { final XContentBuilder builder = XContentFactory.jsonBuilder(); From 9aecf6330ab56294c25dd8c972262bd552405382 Mon Sep 17 00:00:00 2001 From: Nik Everett Date: Wed, 22 Jun 2016 12:45:25 -0400 Subject: [PATCH 15/29] Handle core removing addField It is addStoredField now. Original commit: elastic/x-pack-elasticsearch@265d716b3108140510a052e912bd1fcd86d42adc --- .../integration/FieldLevelSecurityTests.java | 48 +++++++++---------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java index 20569ae8b68..4c4ec18f2e4 100644 --- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java @@ -709,9 +709,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { SearchResponse response = client() .filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user1", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(1)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -719,9 +719,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user2 is granted access to field2 only: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user2", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(1)); assertThat(response.getHits().getAt(0).fields().get("field2").getValue(), equalTo("value2")); @@ -729,9 +729,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user3 is granted access to field1 and field2: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user3", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(2)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -740,18 +740,18 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user4 is granted access to no fields: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user4", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(0)); // user5 has no field level security configured: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user5", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(3)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -761,9 +761,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user6 has field level security configured with access to field*: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user6", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(3)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -773,9 +773,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user7 has access to all fields due to a mix of roles without field level security and with: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user7", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(3)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -785,9 +785,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user8 has field level security configured with access to field1 and field2: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user8", USERS_PASSWD))) .prepareSearch("test") - .addField("field1") - .addField("field2") - .addField("field3") + .addStoredField("field1") + .addStoredField("field2") + .addStoredField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(2)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); From f6abf979ce8a7dd42c315c233c483b3f9308f1b6 Mon Sep 17 00:00:00 2001 From: Alexander Reelsen Date: Thu, 23 Jun 2016 09:06:02 +0200 Subject: [PATCH 16/29] Fixed compilation issue Relates elastic/elasticsearchelastic/elasticsearch#18914 Original commit: elastic/x-pack-elasticsearch@35b6960b9e8dada776a062164ba721ce6e728203 --- .../agent/resolver/cluster/ClusterStatsResolverTests.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/cluster/ClusterStatsResolverTests.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/cluster/ClusterStatsResolverTests.java index 6d69e5150aa..acccd2da2c9 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/cluster/ClusterStatsResolverTests.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/cluster/ClusterStatsResolverTests.java @@ -23,6 +23,7 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.transport.BoundTransportAddress; import org.elasticsearch.common.transport.DummyTransportAddress; import org.elasticsearch.common.transport.TransportAddress; +import org.elasticsearch.common.unit.ByteSizeValue; import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.http.HttpInfo; import org.elasticsearch.index.Index; @@ -112,7 +113,7 @@ public class ClusterStatsResolverTests extends MonitoringIndexNameResolverTestCa Settings.EMPTY, DummyOsInfo.INSTANCE, new ProcessInfo(randomInt(), randomBoolean()), JvmInfo.jvmInfo(), new ThreadPoolInfo(Collections.singletonList(new ThreadPool.Info("test_threadpool", ThreadPool.ThreadPoolType.FIXED, 5))), new TransportInfo(transportAddress, Collections.emptyMap()), new HttpInfo(transportAddress, randomLong()), - new PluginsAndModules(), new IngestInfo(Collections.emptyList())); + new PluginsAndModules(), new IngestInfo(Collections.emptyList()), new ByteSizeValue(randomIntBetween(1, 1024))); } From 99ade9609179719babfd6f807a41ce8811dc632d Mon Sep 17 00:00:00 2001 From: Tanguy Leroux Date: Mon, 13 Jun 2016 16:46:52 +0200 Subject: [PATCH 17/29] Watcher: Remove usage of SearchRequest's template support Template support is going to be removed from the Search API to its own Search Template API in the lang-mustache module (see elastic/elasticsearch#17906, elastic/elasticsearch#18765). This commit changes Watcher's SearchInput and SearchTransform classes so that it now uses a WatcherSearchTemplateRequest that contains both the search request and the template. Search request and template are rendered using WatcherSearchTemplateRequestService before being executed. Original commit: elastic/x-pack-elasticsearch@bfa16ab80f0ee52e9be074b76168e27778e265b6 --- .../messy/tests/SearchInputIT.java | 161 +++++++---- .../messy/tests/SearchTransformIT.java | 172 ++++++++---- .../tests/SecurityCachePermissionIT.java | 58 ++-- .../org/elasticsearch/transport/actions | 1 - .../org/elasticsearch/transport/handlers | 1 - .../elasticsearch/xpack/watcher/Watcher.java | 3 +- .../xpack/watcher/input/InputBuilders.java | 10 +- .../input/search/ExecutableSearchInput.java | 13 +- .../watcher/input/search/SearchInput.java | 35 ++- .../input/search/SearchInputFactory.java | 16 +- .../xpack/watcher/support/WatcherUtils.java | 256 +----------------- .../search/WatcherSearchTemplateRequest.java | 254 +++++++++++++++++ .../search/WatcherSearchTemplateService.java | 125 +++++++++ .../watcher/transform/TransformBuilders.java | 8 +- .../search/ExecutableSearchTransform.java | 8 +- .../transform/search/SearchTransform.java | 31 +-- .../search/SearchTransformFactory.java | 12 +- .../integration/HistoryIntegrationTests.java | 2 +- .../actions/webhook/WebhookActionTests.java | 10 +- .../execution/TriggeredWatchTests.java | 8 +- .../watcher/support/WatcherUtilsTests.java | 99 ++++--- .../xpack/watcher/test/WatcherTestUtils.java | 34 ++- .../test/integration/BasicWatcherTests.java | 37 +-- .../xpack/watcher/watch/WatchTests.java | 86 +++--- 24 files changed, 850 insertions(+), 590 deletions(-) create mode 100644 elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateRequest.java create mode 100644 elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateService.java diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java index b2d46d4a4ac..2e8cb6c1bd1 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java @@ -12,31 +12,40 @@ import org.elasticsearch.common.bytes.BytesArray; import org.elasticsearch.common.io.Streams; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; +import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentParser; -import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.elasticsearch.common.xcontent.support.XContentMapValues; import org.elasticsearch.indices.query.IndicesQueriesRegistry; import org.elasticsearch.plugins.Plugin; -import org.elasticsearch.script.ScriptService.ScriptType; -import org.elasticsearch.script.Template; +import org.elasticsearch.plugins.ScriptPlugin; +import org.elasticsearch.script.ScriptContext; +import org.elasticsearch.script.ScriptService; import org.elasticsearch.script.mustache.MustachePlugin; +import org.elasticsearch.search.aggregations.AggregatorParsers; import org.elasticsearch.search.builder.SearchSourceBuilder; +import org.elasticsearch.search.suggest.Suggesters; import org.elasticsearch.test.ESIntegTestCase; import org.elasticsearch.test.ESIntegTestCase.ClusterScope; +import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.common.text.TextTemplate; import org.elasticsearch.xpack.watcher.actions.ActionWrapper; import org.elasticsearch.xpack.watcher.actions.ExecutableActions; import org.elasticsearch.xpack.watcher.condition.always.ExecutableAlwaysCondition; import org.elasticsearch.xpack.watcher.execution.TriggeredExecutionContext; import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; +import org.elasticsearch.xpack.watcher.input.Input; import org.elasticsearch.xpack.watcher.input.search.ExecutableSearchInput; import org.elasticsearch.xpack.watcher.input.search.SearchInput; import org.elasticsearch.xpack.watcher.input.search.SearchInputFactory; import org.elasticsearch.xpack.watcher.input.simple.ExecutableSimpleInput; import org.elasticsearch.xpack.watcher.input.simple.SimpleInput; +import org.elasticsearch.xpack.watcher.support.Script; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; +import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource; import org.elasticsearch.xpack.watcher.trigger.schedule.IntervalSchedule; import org.elasticsearch.xpack.watcher.trigger.schedule.ScheduleTrigger; import org.elasticsearch.xpack.watcher.trigger.schedule.ScheduleTriggerEvent; @@ -67,7 +76,6 @@ import static org.elasticsearch.test.ESIntegTestCase.Scope.SUITE; import static org.elasticsearch.xpack.watcher.test.WatcherTestUtils.getRandomSupportedSearchType; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; -import static org.hamcrest.Matchers.notNullValue; import static org.joda.time.DateTimeZone.UTC; /** @@ -81,10 +89,11 @@ public class SearchInputIT extends ESIntegTestCase { Collection> types = new ArrayList<>(); types.addAll(super.nodePlugins()); types.add(MustachePlugin.class); + types.add(CustomScriptContextPlugin.class); return types; } - private final static String TEMPLATE_QUERY = "{\"query\":{\"filtered\":{\"query\":{\"match\":{\"event_type\":{\"query\":\"a\"," + + private final static String TEMPLATE_QUERY = "{\"query\":{\"bool\":{\"must\":{\"match\":{\"event_type\":{\"query\":\"a\"," + "\"type\":\"boolean\"}}},\"filter\":{\"range\":{\"_timestamp\":" + "{\"from\":\"{{ctx.trigger.scheduled_time}}||-{{seconds_param}}\",\"to\":\"{{ctx.trigger.scheduled_time}}\"," + "\"include_lower\":true,\"include_upper\":true}}}}}}"; @@ -100,7 +109,6 @@ public class SearchInputIT extends ESIntegTestCase { throw new RuntimeException("failed to create config dir"); } - String path = "/org/elasticsearch/xpack/watcher/input/search/config/scripts/test_disk_template.mustache"; try (InputStream stream = SearchInputIT.class.getResourceAsStream("/org/elasticsearch/xpack/watcher/input/search/config/scripts" + "/test_disk_template.mustache"); OutputStream out = Files.newOutputStream(scriptPath.resolve("test_disk_template.mustache"))) { @@ -126,14 +134,15 @@ public class SearchInputIT extends ESIntegTestCase { SearchSourceBuilder searchSourceBuilder = searchSource().query( boolQuery().must(matchQuery("event_type", "a")).must(rangeQuery("_timestamp") .from("{{ctx.trigger.scheduled_time}}||-30s").to("{{ctx.trigger.triggered_time}}"))); - SearchRequest request = client() + SearchRequest searchRequest = client() .prepareSearch() .setSearchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE) .request() .source(searchSourceBuilder); + WatcherSearchTemplateRequest request = new WatcherSearchTemplateRequest(searchRequest); ExecutableSearchInput searchInput = new ExecutableSearchInput(new SearchInput(request, null, null, null), logger, - WatcherClientProxy.of(client()), null); + WatcherClientProxy.of(client()), watcherSearchTemplateService(), null); WatchExecutionContext ctx = new TriggeredExecutionContext( new Watch("test-watch", new ScheduleTrigger(new IntervalSchedule(new IntervalSchedule.Interval(1, IntervalSchedule.Interval.Unit.MINUTES))), @@ -149,21 +158,21 @@ public class SearchInputIT extends ESIntegTestCase { timeValueSeconds(5)); SearchInput.Result result = searchInput.execute(ctx, new Payload.Simple()); - assertThat((Integer) XContentMapValues.extractValue("hits.total", result.payload().data()), equalTo(0)); + assertThat(XContentMapValues.extractValue("hits.total", result.payload().data()), equalTo(0)); assertNotNull(result.executedRequest()); - assertEquals(result.executedRequest().searchType(), request.searchType()); - assertArrayEquals(result.executedRequest().indices(), request.indices()); - assertEquals(result.executedRequest().indicesOptions(), request.indicesOptions()); + assertThat(result.status(), is(Input.Result.Status.SUCCESS)); + assertEquals(result.executedRequest().searchType(), request.getRequest().searchType()); + assertArrayEquals(result.executedRequest().indices(), request.getRequest().indices()); + assertEquals(result.executedRequest().indicesOptions(), request.getRequest().indicesOptions()); + + XContentSource source = toXContentSource(result); + assertThat(source.getValue("query.bool.must.1.range._timestamp.from"), equalTo("1970-01-01T00:00:00.000Z||-30s")); + assertThat(source.getValue("query.bool.must.1.range._timestamp.to"), equalTo("1970-01-01T00:00:00.000Z")); } public void testSearchInlineTemplate() throws Exception { WatchExecutionContext ctx = createContext(); - final String expectedTemplateString = "{\"query\":{\"filtered\":{\"query\":{\"match\":{\"event_type\":{\"query\":\"a\"," - + "\"type\":\"boolean\"}}},\"filter\":{\"range\":{\"_timestamp\":" - + "{\"from\":\"{{ctx.trigger.scheduled_time}}||-{{seconds_param}}\",\"to\":\"{{ctx.trigger.scheduled_time}}\"," - + "\"include_lower\":true,\"include_upper\":true}}}}}}"; - Map triggerParams = new HashMap(); triggerParams.put("triggered_time", new DateTime(1970, 01, 01, 00, 01, 00, 000, ISOChronology.getInstanceUTC())); triggerParams.put("scheduled_time", new DateTime(1970, 01, 01, 00, 01, 00, 000, ISOChronology.getInstanceUTC())); @@ -178,17 +187,26 @@ public class SearchInputIT extends ESIntegTestCase { Map expectedParams = new HashMap(); expectedParams.put("seconds_param", "30s"); expectedParams.put("ctx", ctxParams); - Template expectedTemplate = new Template(expectedTemplateString, ScriptType.INLINE, null, XContentType.JSON, expectedParams); Map params = new HashMap<>(); params.put("seconds_param", "30s"); - Template template = new Template(TEMPLATE_QUERY, ScriptType.INLINE, null, XContentType.JSON, params); + Script template = Script.inline(TEMPLATE_QUERY).lang("mustache").params(params).build(); - SearchRequest request = client().prepareSearch().setSearchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE) - .setIndices("test-search-index").setTemplate(template).request(); + SearchRequest request = client().prepareSearch() + .setSearchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE) + .setIndices("test-search-index").request(); - SearchInput.Result executedResult = executeSearchInput(request, ctx); - assertThat(executedResult.executedRequest().template(), equalTo(expectedTemplate)); + SearchInput.Result executedResult = executeSearchInput(request, template, ctx); + + assertNotNull(executedResult.executedRequest()); + assertThat(executedResult.status(), is(Input.Result.Status.SUCCESS)); + assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + assertArrayEquals(executedResult.executedRequest().indices(), request.indices()); + assertEquals(executedResult.executedRequest().indicesOptions(), request.indicesOptions()); + + XContentSource source = toXContentSource(executedResult); + assertThat(source.getValue("query.bool.filter.0.range._timestamp.from"), equalTo("1970-01-01T00:01:00.000Z||-30s")); + assertThat(source.getValue("query.bool.filter.0.range._timestamp.to"), equalTo("1970-01-01T00:01:00.000Z")); } public void testSearchIndexedTemplate() throws Exception { @@ -204,17 +222,24 @@ public class SearchInputIT extends ESIntegTestCase { Map params = new HashMap<>(); params.put("seconds_param", "30s"); - Template template = new Template("test-template", ScriptType.STORED, null, null, params); + Script template = Script.indexed("test-template").lang("mustache").params(params).build(); jsonBuilder().value(TextTemplate.indexed("test-template").params(params).build()).bytes(); SearchRequest request = client().prepareSearch().setSearchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE) - .setIndices("test-search-index").setTemplate(template).request(); + .setIndices("test-search-index").request(); + + SearchInput.Result executedResult = executeSearchInput(request, template, ctx); + + assertNotNull(executedResult.executedRequest()); + assertThat(executedResult.status(), is(Input.Result.Status.SUCCESS)); + assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + assertArrayEquals(executedResult.executedRequest().indices(), request.indices()); + assertEquals(executedResult.executedRequest().indicesOptions(), request.indicesOptions()); + + XContentSource source = toXContentSource(executedResult); + assertThat(source.getValue("query.bool.filter.0.range._timestamp.from"), equalTo("1970-01-01T00:01:00.000Z||-30s")); + assertThat(source.getValue("query.bool.filter.0.range._timestamp.to"), equalTo("1970-01-01T00:01:00.000Z")); - SearchInput.Result executedResult = executeSearchInput(request, ctx); - Template resultTemplate = executedResult.executedRequest().template(); - assertThat(resultTemplate, notNullValue()); - assertThat(resultTemplate.getScript(), equalTo("test-template")); - assertThat(resultTemplate.getType(), equalTo(ScriptType.STORED)); } public void testSearchOnDiskTemplate() throws Exception { @@ -223,15 +248,16 @@ public class SearchInputIT extends ESIntegTestCase { Map params = new HashMap<>(); params.put("seconds_param", "30s"); - Template template = new Template("test_disk_template", ScriptType.FILE, null, null, params); + Script template = Script.file("test_disk_template").lang("mustache").params(params).build(); SearchRequest request = client().prepareSearch().setSearchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE) - .setIndices("test-search-index").setTemplate(template).request(); + .setIndices("test-search-index").request(); - SearchInput.Result executedResult = executeSearchInput(request, ctx); - Template resultTemplate = executedResult.executedRequest().template(); - assertThat(resultTemplate, notNullValue()); - assertThat(resultTemplate.getScript(), equalTo("test_disk_template")); - assertThat(resultTemplate.getType(), equalTo(ScriptType.FILE)); + SearchInput.Result executedResult = executeSearchInput(request, template, ctx); + + assertNotNull(executedResult.executedRequest()); + assertThat(executedResult.status(), is(Input.Result.Status.SUCCESS)); + assertArrayEquals(executedResult.executedRequest().indices(), request.indices()); + assertEquals(executedResult.executedRequest().indicesOptions(), request.indicesOptions()); } public void testDifferentSearchType() throws Exception { @@ -241,14 +267,16 @@ public class SearchInputIT extends ESIntegTestCase { ); SearchType searchType = getRandomSupportedSearchType(); - SearchRequest request = client() + SearchRequest searchRequest = client() .prepareSearch() .setSearchType(searchType) .request() .source(searchSourceBuilder); + WatcherSearchTemplateRequest request = new WatcherSearchTemplateRequest(searchRequest); + ExecutableSearchInput searchInput = new ExecutableSearchInput(new SearchInput(request, null, null, null), logger, - WatcherClientProxy.of(client()), null); + WatcherClientProxy.of(client()), watcherSearchTemplateService(), null); WatchExecutionContext ctx = new TriggeredExecutionContext( new Watch("test-watch", new ScheduleTrigger(new IntervalSchedule(new IntervalSchedule.Interval(1, IntervalSchedule.Interval.Unit.MINUTES))), @@ -264,15 +292,20 @@ public class SearchInputIT extends ESIntegTestCase { timeValueSeconds(5)); SearchInput.Result result = searchInput.execute(ctx, new Payload.Simple()); - assertThat((Integer) XContentMapValues.extractValue("hits.total", result.payload().data()), equalTo(0)); + assertThat(XContentMapValues.extractValue("hits.total", result.payload().data()), equalTo(0)); assertNotNull(result.executedRequest()); + assertThat(result.status(), is(Input.Result.Status.SUCCESS)); assertEquals(result.executedRequest().searchType(), searchType); - assertArrayEquals(result.executedRequest().indices(), request.indices()); - assertEquals(result.executedRequest().indicesOptions(), request.indicesOptions()); + assertArrayEquals(result.executedRequest().indices(), searchRequest.indices()); + assertEquals(result.executedRequest().indicesOptions(), searchRequest.indicesOptions()); + + XContentSource source = toXContentSource(result); + assertThat(source.getValue("query.bool.must.1.range._timestamp.from"), equalTo("1970-01-01T00:00:00.000Z||-30s")); + assertThat(source.getValue("query.bool.must.1.range._timestamp.to"), equalTo("1970-01-01T00:00:00.000Z")); } public void testParserValid() throws Exception { - SearchRequest request = client().prepareSearch() + SearchRequest searchRequest = client().prepareSearch() .setSearchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE) .request() .source(searchSource() @@ -280,13 +313,13 @@ public class SearchInputIT extends ESIntegTestCase { .from("{{ctx.trigger.scheduled_time}}||-30s").to("{{ctx.trigger.triggered_time}}")))); TimeValue timeout = randomBoolean() ? TimeValue.timeValueSeconds(randomInt(10)) : null; - XContentBuilder builder = jsonBuilder().value(new SearchInput(request, null, timeout, null)); + XContentBuilder builder = jsonBuilder().value(new SearchInput(new WatcherSearchTemplateRequest(searchRequest), null, timeout, null)); XContentParser parser = JsonXContent.jsonXContent.createParser(builder.bytes()); parser.nextToken(); IndicesQueriesRegistry indicesQueryRegistry = internalCluster().getInstance(IndicesQueriesRegistry.class); SearchInputFactory factory = new SearchInputFactory(Settings.EMPTY, WatcherClientProxy.of(client()), indicesQueryRegistry, - null, null); + null, null, scriptService()); SearchInput searchInput = factory.parseInput("_id", parser); assertEquals(SearchInput.TYPE, searchInput.type()); @@ -309,15 +342,47 @@ public class SearchInputIT extends ESIntegTestCase { timeValueSeconds(5)); } - private SearchInput.Result executeSearchInput(SearchRequest request, WatchExecutionContext ctx) throws IOException { + private SearchInput.Result executeSearchInput(SearchRequest request, Script template, WatchExecutionContext ctx) throws IOException { createIndex("test-search-index"); ensureGreen("test-search-index"); - SearchInput.Builder siBuilder = SearchInput.builder(request); + SearchInput.Builder siBuilder = SearchInput.builder(new WatcherSearchTemplateRequest(request, template)); SearchInput si = siBuilder.build(); - ExecutableSearchInput searchInput = new ExecutableSearchInput(si, logger, WatcherClientProxy.of(client()), null); + ExecutableSearchInput searchInput = new ExecutableSearchInput(si, logger, WatcherClientProxy.of(client()), + watcherSearchTemplateService(), null); return searchInput.execute(ctx, new Payload.Simple()); } + protected WatcherSearchTemplateService watcherSearchTemplateService() { + String master = internalCluster().getMasterName(); + return new WatcherSearchTemplateService(internalCluster().clusterService(master).getSettings(), + ScriptServiceProxy.of(internalCluster().getInstance(ScriptService.class, master), internalCluster().clusterService(master)), + internalCluster().getInstance(IndicesQueriesRegistry.class, master), + internalCluster().getInstance(AggregatorParsers.class, master), + internalCluster().getInstance(Suggesters.class, master) + ); + } + + protected ScriptServiceProxy scriptService() { + return ScriptServiceProxy.of(internalCluster().getInstance(ScriptService.class), internalCluster().clusterService()); + } + + private XContentSource toXContentSource(SearchInput.Result result) throws IOException { + try (XContentBuilder builder = jsonBuilder()) { + result.executedRequest().source().toXContent(builder, ToXContent.EMPTY_PARAMS); + return new XContentSource(builder); + } + } + + /** + * Custom plugin that registers XPack script context. + */ + public static class CustomScriptContextPlugin extends Plugin implements ScriptPlugin { + + @Override + public ScriptContext.Plugin getCustomScriptContexts() { + return ScriptServiceProxy.INSTANCE; + } + } } diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchTransformIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchTransformIT.java index d2b9f47bbd3..7cb66e537fc 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchTransformIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchTransformIT.java @@ -11,25 +11,28 @@ import org.elasticsearch.action.search.SearchResponse; import org.elasticsearch.action.search.SearchType; import org.elasticsearch.client.Requests; import org.elasticsearch.common.bytes.BytesArray; -import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.io.Streams; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.unit.TimeValue; +import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentFactory; import org.elasticsearch.common.xcontent.XContentParser; -import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.elasticsearch.common.xcontent.support.XContentMapValues; import org.elasticsearch.index.query.QueryBuilders; import org.elasticsearch.indices.query.IndicesQueriesRegistry; import org.elasticsearch.plugins.Plugin; -import org.elasticsearch.script.ScriptService.ScriptType; -import org.elasticsearch.script.Template; +import org.elasticsearch.plugins.ScriptPlugin; +import org.elasticsearch.script.ScriptContext; +import org.elasticsearch.script.ScriptService; import org.elasticsearch.script.mustache.MustachePlugin; +import org.elasticsearch.search.aggregations.AggregatorParsers; import org.elasticsearch.search.builder.SearchSourceBuilder; +import org.elasticsearch.search.suggest.Suggesters; import org.elasticsearch.test.ESIntegTestCase; import org.elasticsearch.test.ESIntegTestCase.ClusterScope; +import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.common.text.TextTemplate; import org.elasticsearch.xpack.watcher.actions.ExecutableActions; import org.elasticsearch.xpack.watcher.condition.always.ExecutableAlwaysCondition; @@ -37,7 +40,11 @@ import org.elasticsearch.xpack.watcher.execution.TriggeredExecutionContext; import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; import org.elasticsearch.xpack.watcher.input.simple.ExecutableSimpleInput; import org.elasticsearch.xpack.watcher.input.simple.SimpleInput; +import org.elasticsearch.xpack.watcher.support.Script; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; +import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource; import org.elasticsearch.xpack.watcher.transform.Transform; import org.elasticsearch.xpack.watcher.transform.TransformBuilders; import org.elasticsearch.xpack.watcher.transform.search.ExecutableSearchTransform; @@ -100,6 +107,7 @@ public class SearchTransformIT extends ESIntegTestCase { Collection> types = new ArrayList<>(); types.addAll(super.nodePlugins()); types.add(MustachePlugin.class); + types.add(CustomScriptContextPlugin.class); return types; } @@ -154,7 +162,8 @@ public class SearchTransformIT extends ESIntegTestCase { SearchRequest request = Requests.searchRequest("idx").source(new SearchSourceBuilder().query(QueryBuilders.matchAllQuery())); SearchTransform searchTransform = TransformBuilders.searchTransform(request).build(); - ExecutableSearchTransform transform = new ExecutableSearchTransform(searchTransform, logger, WatcherClientProxy.of(client()), null); + ExecutableSearchTransform transform = new ExecutableSearchTransform(searchTransform, logger, WatcherClientProxy.of(client()), + watcherSearchTemplateService(), null); WatchExecutionContext ctx = mockExecutionContext("_name", EMPTY_PAYLOAD); @@ -188,7 +197,8 @@ public class SearchTransformIT extends ESIntegTestCase { new SearchSourceBuilder().query(QueryBuilders.wrapperQuery(jsonBuilder().startObject() .startObject("_unknown_query_").endObject().endObject().bytes()))); SearchTransform searchTransform = TransformBuilders.searchTransform(request).build(); - ExecutableSearchTransform transform = new ExecutableSearchTransform(searchTransform, logger, WatcherClientProxy.of(client()), null); + ExecutableSearchTransform transform = new ExecutableSearchTransform(searchTransform, logger, WatcherClientProxy.of(client()), + watcherSearchTemplateService(), null); WatchExecutionContext ctx = mockExecutionContext("_name", EMPTY_PAYLOAD); @@ -200,23 +210,27 @@ public class SearchTransformIT extends ESIntegTestCase { assertThat(result.reason(), containsString("no [query] registered for [_unknown_query_]")); // extract the base64 encoded query from the template script, path is: query -> wrapper -> query - String jsonQuery = result.executedRequest().template().getScript(); - Map map = XContentFactory.xContent(jsonQuery).createParser(jsonQuery).map(); + try (XContentBuilder builder = jsonBuilder()) { + result.executedRequest().source().toXContent(builder, ToXContent.EMPTY_PARAMS); - assertThat(map, hasKey("query")); - assertThat(map.get("query"), instanceOf(Map.class)); + String jsonQuery = builder.string(); + Map map = XContentFactory.xContent(jsonQuery).createParser(jsonQuery).map(); - map = (Map) map.get("query"); - assertThat(map, hasKey("wrapper")); - assertThat(map.get("wrapper"), instanceOf(Map.class)); + assertThat(map, hasKey("query")); + assertThat(map.get("query"), instanceOf(Map.class)); - map = (Map) map.get("wrapper"); - assertThat(map, hasKey("query")); - assertThat(map.get("query"), instanceOf(String.class)); + map = (Map) map.get("query"); + assertThat(map, hasKey("wrapper")); + assertThat(map.get("wrapper"), instanceOf(Map.class)); - String queryAsBase64 = (String) map.get("query"); - String decodedQuery = new String(Base64.getDecoder().decode(queryAsBase64), StandardCharsets.UTF_8); - assertThat(decodedQuery, containsString("_unknown_query_")); + map = (Map) map.get("wrapper"); + assertThat(map, hasKey("query")); + assertThat(map.get("query"), instanceOf(String.class)); + + String queryAsBase64 = (String) map.get("query"); + String decodedQuery = new String(Base64.getDecoder().decode(queryAsBase64), StandardCharsets.UTF_8); + assertThat(decodedQuery, containsString("_unknown_query_")); + } } public void testExecuteMustacheTemplate() throws Exception { @@ -252,7 +266,8 @@ public class SearchTransformIT extends ESIntegTestCase { .must(termQuery("value", "{{ctx.payload.value}}")))); SearchTransform searchTransform = TransformBuilders.searchTransform(request).build(); - ExecutableSearchTransform transform = new ExecutableSearchTransform(searchTransform, logger, WatcherClientProxy.of(client()), null); + ExecutableSearchTransform transform = new ExecutableSearchTransform(searchTransform, logger, WatcherClientProxy.of(client()), + watcherSearchTemplateService(), null); ScheduleTriggerEvent event = new ScheduleTriggerEvent("_name", parseDate("2015-01-04T00:00:00", UTC), parseDate("2015-01-01T00:00:00", UTC)); @@ -319,24 +334,24 @@ public class SearchTransformIT extends ESIntegTestCase { IndicesQueriesRegistry indicesQueryRegistry = internalCluster().getInstance(IndicesQueriesRegistry.class); SearchTransformFactory transformFactory = new SearchTransformFactory(Settings.EMPTY, WatcherClientProxy.of(client()), - indicesQueryRegistry, null, null); + indicesQueryRegistry, null, null, scriptService()); ExecutableSearchTransform executable = transformFactory.parseExecutable("_id", parser); assertThat(executable, notNullValue()); assertThat(executable.type(), is(SearchTransform.TYPE)); assertThat(executable.transform().getRequest(), notNullValue()); if (indices != null) { - assertThat(executable.transform().getRequest().indices(), arrayContainingInAnyOrder(indices)); + assertThat(executable.transform().getRequest().getRequest().indices(), arrayContainingInAnyOrder(indices)); } if (searchType != null) { - assertThat(executable.transform().getRequest().searchType(), is(searchType)); + assertThat(executable.transform().getRequest().getRequest().searchType(), is(searchType)); } if (templateName != null) { - assertThat(executable.transform().getRequest().template(), - equalTo(new Template("template1", ScriptType.FILE, null, null, null))); + assertThat(executable.transform().getRequest().getTemplate(), + equalTo(Script.file("template1").build())); } SearchSourceBuilder source = new SearchSourceBuilder().query(QueryBuilders.matchAllQuery()); - assertThat(executable.transform().getRequest().source(), equalTo(source)); + assertThat(executable.transform().getRequest().getRequest().source(), equalTo(source)); assertThat(executable.transform().getTimeout(), equalTo(readTimeout)); } @@ -348,11 +363,6 @@ public class SearchTransformIT extends ESIntegTestCase { "{\"from\":\"{{ctx.trigger.scheduled_time}}||-{{seconds_param}}\",\"to\":\"{{ctx.trigger.scheduled_time}}\"," + "\"include_lower\":true,\"include_upper\":true}}}]}}}"; - final String expectedTemplateString = "{\"query\":{\"bool\":{\"must\":[{\"match\":{\"event_type\":{\"query\":\"a\"," - + "\"type\":\"boolean\"}}},{\"range\":{\"_timestamp\":" - + "{\"from\":\"{{ctx.trigger.scheduled_time}}||-{{seconds_param}}\",\"to\":\"{{ctx.trigger.scheduled_time}}\"," - + "\"include_lower\":true,\"include_upper\":true}}}]}}}"; - Map triggerParams = new HashMap(); triggerParams.put("triggered_time", new DateTime(1970, 01, 01, 00, 01, 00, 000, ISOChronology.getInstanceUTC())); triggerParams.put("scheduled_time", new DateTime(1970, 01, 01, 00, 01, 00, 000, ISOChronology.getInstanceUTC())); @@ -367,18 +377,24 @@ public class SearchTransformIT extends ESIntegTestCase { Map expectedParams = new HashMap(); expectedParams.put("seconds_param", "30s"); expectedParams.put("ctx", ctxParams); - Template expectedTemplate = new Template(expectedTemplateString, ScriptType.INLINE, null, XContentType.JSON, expectedParams); Map params = new HashMap<>(); params.put("seconds_param", "30s"); - Template template = new Template(templateQuery, ScriptType.INLINE, null, XContentType.JSON, params); + Script template = Script.inline(templateQuery).lang("mustache").params(params).build(); SearchRequest request = client().prepareSearch().setSearchType(ExecutableSearchTransform.DEFAULT_SEARCH_TYPE) - .setIndices("test-search-index").setTemplate(template).request(); + .setIndices("test-search-index").request(); - SearchTransform.Result executedResult = executeSearchTransform(request, ctx); + SearchTransform.Result executedResult = executeSearchTransform(request, template, ctx); - assertThat(executedResult.executedRequest().template(), equalTo(expectedTemplate)); + assertThat(executedResult.status(), is(Transform.Result.Status.SUCCESS)); + assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + assertArrayEquals(executedResult.executedRequest().indices(), request.indices()); + assertEquals(executedResult.executedRequest().indicesOptions(), request.indicesOptions()); + + XContentSource source = toXContentSource(executedResult); + assertThat(source.getValue("query.bool.must.1.range._timestamp.from"), equalTo("1970-01-01T00:01:00.000Z||-30s")); + assertThat(source.getValue("query.bool.must.1.range._timestamp.to"), equalTo("1970-01-01T00:01:00.000Z")); } public void testSearchIndexedTemplate() throws Exception { @@ -399,24 +415,24 @@ public class SearchTransformIT extends ESIntegTestCase { Map params = new HashMap<>(); params.put("seconds_param", "30s"); - BytesReference templateSource = jsonBuilder() - .value(TextTemplate.indexed("test-script").params(params).build()) - .bytes(); - Template template = new Template("test-script", ScriptType.STORED, null, null, null); + Script template = Script.indexed("test-script").lang("mustache").params(params).build(); SearchRequest request = client() .prepareSearch() .setSearchType(ExecutableSearchTransform.DEFAULT_SEARCH_TYPE) .setIndices("test-search-index") - .setTemplate(template) .request(); - SearchTransform.Result result = executeSearchTransform(request, ctx); + SearchTransform.Result result = executeSearchTransform(request, template, ctx); + assertNotNull(result.executedRequest()); - Template resultTemplate = result.executedRequest().template(); - assertThat(resultTemplate, notNullValue()); - assertThat(resultTemplate.getScript(), equalTo("test-script")); - assertThat(resultTemplate.getType(), equalTo(ScriptType.STORED)); + assertThat(result.status(), is(Transform.Result.Status.SUCCESS)); + assertArrayEquals(result.executedRequest().indices(), request.indices()); + assertEquals(result.executedRequest().indicesOptions(), request.indicesOptions()); + + XContentSource source = toXContentSource(result); + assertThat(source.getValue("query.bool.must.1.range._timestamp.from"), equalTo("1970-01-01T00:01:00.000Z||-30s")); + assertThat(source.getValue("query.bool.must.1.range._timestamp.to"), equalTo("1970-01-01T00:01:00.000Z")); } public void testSearchOnDiskTemplate() throws Exception { @@ -425,16 +441,20 @@ public class SearchTransformIT extends ESIntegTestCase { Map params = new HashMap<>(); params.put("seconds_param", "30s"); - Template template = new Template("test_disk_template", ScriptType.FILE, null, null, null); + Script template = Script.file("test_disk_template").lang("mustache").params(params).build(); SearchRequest request = client().prepareSearch().setSearchType(ExecutableSearchTransform.DEFAULT_SEARCH_TYPE) - .setIndices("test-search-index").setTemplate(template).request(); + .setIndices("test-search-index").request(); + + SearchTransform.Result result = executeSearchTransform(request, template, ctx); - SearchTransform.Result result = executeSearchTransform(request, ctx); assertNotNull(result.executedRequest()); - Template resultTemplate = result.executedRequest().template(); - assertThat(resultTemplate, notNullValue()); - assertThat(resultTemplate.getScript(), equalTo("test_disk_template")); - assertThat(resultTemplate.getType(), equalTo(ScriptType.FILE)); + assertThat(result.status(), is(Transform.Result.Status.SUCCESS)); + assertArrayEquals(result.executedRequest().indices(), request.indices()); + assertEquals(result.executedRequest().indicesOptions(), request.indicesOptions()); + + XContentSource source = toXContentSource(result); + assertThat(source.getValue("query.bool.must.1.range._timestamp.from"), equalTo("1970-01-01T00:01:00.000Z||-30s")); + assertThat(source.getValue("query.bool.must.1.range._timestamp.to"), equalTo("1970-01-01T00:01:00.000Z")); } public void testDifferentSearchType() throws Exception { @@ -453,13 +473,18 @@ public class SearchTransformIT extends ESIntegTestCase { .request() .source(searchSourceBuilder); - SearchTransform.Result result = executeSearchTransform(request, ctx); + SearchTransform.Result result = executeSearchTransform(request, null, ctx); - assertThat((Integer) XContentMapValues.extractValue("hits.total", result.payload().data()), equalTo(0)); + assertThat(XContentMapValues.extractValue("hits.total", result.payload().data()), equalTo(0)); assertThat(result.executedRequest(), notNullValue()); + assertThat(result.status(), is(Transform.Result.Status.SUCCESS)); assertThat(result.executedRequest().searchType(), is(searchType)); assertThat(result.executedRequest().indices(), arrayContainingInAnyOrder(request.indices())); assertThat(result.executedRequest().indicesOptions(), equalTo(request.indicesOptions())); + + XContentSource source = toXContentSource(result); + assertThat(source.getValue("query.bool.must.1.range._timestamp.from"), equalTo("1970-01-01T00:01:00.000Z||-30s")); + assertThat(source.getValue("query.bool.must.1.range._timestamp.to"), equalTo("1970-01-01T00:01:00.000Z")); } private WatchExecutionContext createContext() { @@ -479,17 +504,31 @@ public class SearchTransformIT extends ESIntegTestCase { timeValueSeconds(5)); } - private SearchTransform.Result executeSearchTransform(SearchRequest request, WatchExecutionContext ctx) throws IOException { + private SearchTransform.Result executeSearchTransform(SearchRequest request, Script template, WatchExecutionContext ctx) + throws IOException { createIndex("test-search-index"); ensureGreen("test-search-index"); - SearchTransform searchTransform = TransformBuilders.searchTransform(request).build(); + SearchTransform searchTransform = TransformBuilders.searchTransform(new WatcherSearchTemplateRequest(request, template)).build(); ExecutableSearchTransform executableSearchTransform = new ExecutableSearchTransform(searchTransform, logger, - WatcherClientProxy.of(client()), null); + WatcherClientProxy.of(client()), watcherSearchTemplateService(), null); return executableSearchTransform.execute(ctx, Payload.Simple.EMPTY); } + protected WatcherSearchTemplateService watcherSearchTemplateService() { + String master = internalCluster().getMasterName(); + return new WatcherSearchTemplateService(internalCluster().clusterService(master).getSettings(), + ScriptServiceProxy.of(internalCluster().getInstance(ScriptService.class, master), internalCluster().clusterService(master)), + internalCluster().getInstance(IndicesQueriesRegistry.class, master), + internalCluster().getInstance(AggregatorParsers.class, master), + internalCluster().getInstance(Suggesters.class, master) + ); + } + + protected ScriptServiceProxy scriptService() { + return ScriptServiceProxy.of(internalCluster().getInstance(ScriptService.class), internalCluster().clusterService()); + } private static Map doc(String date, String value) { Map doc = new HashMap<>(); @@ -498,4 +537,21 @@ public class SearchTransformIT extends ESIntegTestCase { return doc; } + private XContentSource toXContentSource(SearchTransform.Result result) throws IOException { + try (XContentBuilder builder = jsonBuilder()) { + result.executedRequest().source().toXContent(builder, ToXContent.EMPTY_PARAMS); + return new XContentSource(builder); + } + } + + /** + * Custom plugin that registers XPack script context. + */ + public static class CustomScriptContextPlugin extends Plugin implements ScriptPlugin { + + @Override + public ScriptContext.Plugin getCustomScriptContexts() { + return ScriptServiceProxy.INSTANCE; + } + } } diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java index 048952045cd..d679370840b 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java @@ -5,32 +5,32 @@ */ package org.elasticsearch.messy.tests; +import org.elasticsearch.ElasticsearchSecurityException; import org.elasticsearch.Version; import org.elasticsearch.action.search.SearchPhaseExecutionException; import org.elasticsearch.action.search.SearchResponse; -import org.elasticsearch.common.bytes.BytesArray; import org.elasticsearch.index.query.QueryBuilders; import org.elasticsearch.indices.TermsLookup; import org.elasticsearch.plugins.Plugin; -import org.elasticsearch.script.ScriptService; import org.elasticsearch.script.Template; import org.elasticsearch.script.mustache.MustachePlugin; import org.elasticsearch.script.mustache.MustacheScriptEngineService; -import org.elasticsearch.xpack.security.authc.support.SecuredString; import org.elasticsearch.test.SecurityIntegTestCase; import org.elasticsearch.test.SecuritySettingsSource; +import org.elasticsearch.xpack.security.authc.support.SecuredString; import org.junit.Before; import org.junit.BeforeClass; import java.util.ArrayList; import java.util.Collection; -import java.util.Collections; +import static java.util.Collections.singletonMap; +import static org.elasticsearch.script.ScriptService.ScriptType.INLINE; import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.is; -@SecurityIntegTestCase.AwaitsFix(bugUrl = "clean up test to not use mustache templates, otherwise needs many resources here") +//@SecurityIntegTestCase.AwaitsFix(bugUrl = "clean up test to not use mustache templates, otherwise needs many resources here") public class SecurityCachePermissionIT extends SecurityIntegTestCase { static final String READ_ONE_IDX_USER = "read_user"; @@ -72,18 +72,6 @@ public class SecurityCachePermissionIT extends SecurityIntegTestCase { public void loadData() { index("data", "a", "1", "{ \"name\": \"John\", \"token\": \"token1\" }"); index("tokens", "tokens", "1", "{ \"group\": \"1\", \"tokens\": [\"token1\", \"token2\"] }"); - client().admin().cluster().preparePutStoredScript().setSource(new BytesArray("{\n" + - "\"template\": {\n" + - " \"query\": {\n" + - " \"exists\": {\n" + - " \"field\": \"{{name}}\"\n" + - " }\n" + - " }\n" + - " }\n" + - "}")) - .setScriptLang("mustache") - .setId("testTemplate") - .execute().actionGet(); refresh(); } @@ -96,38 +84,44 @@ public class SecurityCachePermissionIT extends SecurityIntegTestCase { // Repeat with unauthorized user!!!! try { - response = client().filterWithHeader(Collections.singletonMap("Authorization", basicAuthHeaderValue(READ_ONE_IDX_USER, + response = client().filterWithHeader(singletonMap("Authorization", basicAuthHeaderValue(READ_ONE_IDX_USER, new SecuredString("changeme".toCharArray())))) .prepareSearch("data").setTypes("a").setQuery(QueryBuilders.constantScoreQuery( QueryBuilders.termsLookupQuery("token", new TermsLookup("tokens", "tokens", "1", "tokens")))) .execute().actionGet(); fail("search phase exception should have been thrown! response was:\n" + response.toString()); - } catch (SearchPhaseExecutionException e) { + } catch (ElasticsearchSecurityException e) { assertThat(e.toString(), containsString("ElasticsearchSecurityException[action")); assertThat(e.toString(), containsString("unauthorized")); } } public void testThatScriptServiceDoesntLeakData() { + String source = "{\n" + + "\"template\": {\n" + + " \"query\": {\n" + + " \"exists\": {\n" + + " \"field\": \"{{name}}\"\n" + + " }\n" + + " }\n" + + " }\n" + + "}"; + + //Template template = new Template(source, INLINE, MustacheScriptEngineService.NAME, null, singletonMap("name", "token")); SearchResponse response = client().prepareSearch("data").setTypes("a") - .setTemplate(new Template("testTemplate", ScriptService.ScriptType.STORED, MustacheScriptEngineService.NAME, null, - Collections.singletonMap("name", "token"))) + .setQuery(QueryBuilders.templateQuery(source, singletonMap("name", "token"))) .execute().actionGet(); assertThat(response.isTimedOut(), is(false)); assertThat(response.getHits().hits().length, is(1)); // Repeat with unauthorized user!!!! - try { - response = client().filterWithHeader(Collections.singletonMap("Authorization", basicAuthHeaderValue(READ_ONE_IDX_USER, - new SecuredString("changeme".toCharArray())))) + ElasticsearchSecurityException e = expectThrows(ElasticsearchSecurityException.class, () -> client() + .filterWithHeader(singletonMap("Authorization", basicAuthHeaderValue(READ_ONE_IDX_USER, + new SecuredString("changeme".toCharArray())))) .prepareSearch("data").setTypes("a") - .setTemplate(new Template("testTemplate", ScriptService.ScriptType.STORED, MustacheScriptEngineService.NAME, null, - Collections.singletonMap("name", "token"))) - .execute().actionGet(); - fail("search phase exception should have been thrown! response was:\n" + response.toString()); - } catch (SearchPhaseExecutionException e) { - assertThat(e.toString(), containsString("ElasticsearchSecurityException[action")); - assertThat(e.toString(), containsString("unauthorized")); - } + .setQuery(QueryBuilders.templateQuery(source, singletonMap("name", "token"))) + .execute().actionGet()); + assertThat(e.toString(), containsString("ElasticsearchSecurityException[action")); + assertThat(e.toString(), containsString("unauthorized")); } } diff --git a/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/actions b/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/actions index a96611f6b02..0f984306848 100644 --- a/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/actions +++ b/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/actions @@ -1,4 +1,3 @@ -cluster:admin/render/template/search cluster:admin/repository/delete cluster:admin/repository/get cluster:admin/repository/put diff --git a/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/handlers b/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/handlers index 7c9c51bfba0..0aa0be82698 100644 --- a/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/handlers +++ b/elasticsearch/x-pack/security/src/test/resources/org/elasticsearch/transport/handlers @@ -1,4 +1,3 @@ -cluster:admin/render/template/search cluster:admin/snapshot/status[nodes] cluster:admin/snapshot/status[nodes][n] cluster:admin/tasks/cancel[n] diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java index fc8623e42fb..960a63e039c 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/Watcher.java @@ -31,7 +31,6 @@ import org.elasticsearch.xpack.watcher.execution.InternalWatchExecutor; import org.elasticsearch.xpack.watcher.history.HistoryModule; import org.elasticsearch.xpack.watcher.history.HistoryStore; import org.elasticsearch.xpack.watcher.input.InputModule; -import org.elasticsearch.xpack.watcher.input.chain.ChainInputFactory; import org.elasticsearch.xpack.watcher.rest.action.RestAckWatchAction; import org.elasticsearch.xpack.watcher.rest.action.RestActivateWatchAction; import org.elasticsearch.xpack.watcher.rest.action.RestDeleteWatchAction; @@ -266,5 +265,5 @@ public class Watcher { "[.watcher-history-YYYY.MM.dd] are allowed to be created", value); } - + } diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/InputBuilders.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/InputBuilders.java index d99fd153b4f..bd7183046d2 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/InputBuilders.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/InputBuilders.java @@ -6,14 +6,14 @@ package org.elasticsearch.xpack.watcher.input; import org.elasticsearch.action.search.SearchRequest; -import org.elasticsearch.action.search.SearchRequestBuilder; import org.elasticsearch.common.collect.MapBuilder; +import org.elasticsearch.xpack.common.http.HttpRequestTemplate; import org.elasticsearch.xpack.watcher.input.chain.ChainInput; import org.elasticsearch.xpack.watcher.input.http.HttpInput; import org.elasticsearch.xpack.watcher.input.none.NoneInput; import org.elasticsearch.xpack.watcher.input.search.SearchInput; import org.elasticsearch.xpack.watcher.input.simple.SimpleInput; -import org.elasticsearch.xpack.common.http.HttpRequestTemplate; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; import org.elasticsearch.xpack.watcher.watch.Payload; import java.util.HashMap; @@ -31,12 +31,12 @@ public final class InputBuilders { return NoneInput.builder(); } - public static SearchInput.Builder searchInput(SearchRequest request) { + public static SearchInput.Builder searchInput(WatcherSearchTemplateRequest request) { return SearchInput.builder(request); } - public static SearchInput.Builder searchInput(SearchRequestBuilder builder) { - return searchInput(builder.request()); + public static SearchInput.Builder searchInput(SearchRequest request) { + return searchInput(new WatcherSearchTemplateRequest(request)); } public static SimpleInput.Builder simpleInput() { diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/ExecutableSearchInput.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/ExecutableSearchInput.java index b4983110b95..64335419329 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/ExecutableSearchInput.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/ExecutableSearchInput.java @@ -11,16 +11,15 @@ import org.elasticsearch.action.search.SearchType; import org.elasticsearch.common.Nullable; import org.elasticsearch.common.logging.ESLogger; import org.elasticsearch.common.unit.TimeValue; -import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentHelper; import org.elasticsearch.common.xcontent.XContentParser; import org.elasticsearch.search.SearchHit; import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; import org.elasticsearch.xpack.watcher.input.ExecutableInput; -import org.elasticsearch.xpack.watcher.support.WatcherUtils; import org.elasticsearch.xpack.watcher.support.XContentFilterKeysUtils; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; import org.elasticsearch.xpack.watcher.watch.Payload; import java.util.Map; @@ -35,11 +34,14 @@ public class ExecutableSearchInput extends ExecutableInput extractKeys; private final @Nullable TimeValue timeout; private final @Nullable DateTimeZone dynamicNameTimeZone; - public SearchInput(SearchRequest searchRequest, @Nullable Set extractKeys, + public SearchInput(WatcherSearchTemplateRequest request, @Nullable Set extractKeys, @Nullable TimeValue timeout, @Nullable DateTimeZone dynamicNameTimeZone) { - this.searchRequest = searchRequest; + this.request = request; this.extractKeys = extractKeys; this.timeout = timeout; this.dynamicNameTimeZone = dynamicNameTimeZone; @@ -63,7 +62,7 @@ public class SearchInput implements Input { SearchInput that = (SearchInput) o; - if (!SearchRequestEquivalence.INSTANCE.equivalent(searchRequest, this.searchRequest)) return false; + if (request != null ? !request.equals(that.request) : that.request != null) return false; if (extractKeys != null ? !extractKeys.equals(that.extractKeys) : that.extractKeys != null) return false; if (timeout != null ? !timeout.equals(that.timeout) : that.timeout != null) return false; return !(dynamicNameTimeZone != null ? !dynamicNameTimeZone.equals(that.dynamicNameTimeZone) : that.dynamicNameTimeZone != null); @@ -71,15 +70,15 @@ public class SearchInput implements Input { @Override public int hashCode() { - int result = searchRequest.hashCode(); + int result = request != null ? request.hashCode() : 0; result = 31 * result + (extractKeys != null ? extractKeys.hashCode() : 0); result = 31 * result + (timeout != null ? timeout.hashCode() : 0); result = 31 * result + (dynamicNameTimeZone != null ? dynamicNameTimeZone.hashCode() : 0); return result; } - public SearchRequest getSearchRequest() { - return searchRequest; + public WatcherSearchTemplateRequest getRequest() { + return request; } public Set getExtractKeys() { @@ -97,8 +96,9 @@ public class SearchInput implements Input { @Override public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { builder.startObject(); - builder.field(Field.REQUEST.getPreferredName()); - builder = WatcherUtils.writeSearchRequest(searchRequest, builder, params); + if (request != null) { + builder.field(Field.REQUEST.getPreferredName(), request); + } if (extractKeys != null) { builder.field(Field.EXTRACT.getPreferredName(), extractKeys); } @@ -115,7 +115,7 @@ public class SearchInput implements Input { public static SearchInput parse(String watchId, XContentParser parser, QueryParseContext context, AggregatorParsers aggParsers, Suggesters suggesters) throws IOException { - SearchRequest request = null; + WatcherSearchTemplateRequest request = null; Set extract = null; TimeValue timeout = null; DateTimeZone dynamicNameTimeZone = null; @@ -127,7 +127,7 @@ public class SearchInput implements Input { currentFieldName = parser.currentName(); } else if (ParseFieldMatcher.STRICT.match(currentFieldName, Field.REQUEST)) { try { - request = WatcherUtils.readSearchRequest(parser, ExecutableSearchInput.DEFAULT_SEARCH_TYPE, context, + request = WatcherSearchTemplateRequest.fromXContent(parser, ExecutableSearchInput.DEFAULT_SEARCH_TYPE, context, aggParsers, suggesters); } catch (ElasticsearchParseException srpe) { throw new ElasticsearchParseException("could not parse [{}] input for watch [{}]. failed to parse [{}]", srpe, TYPE, @@ -170,7 +170,7 @@ public class SearchInput implements Input { return new SearchInput(request, extract, timeout, dynamicNameTimeZone); } - public static Builder builder(SearchRequest request) { + public static Builder builder(WatcherSearchTemplateRequest request) { return new Builder(request); } @@ -198,20 +198,19 @@ public class SearchInput implements Input { return builder; } builder.startObject(type); - builder.field(Field.REQUEST.getPreferredName()); - WatcherUtils.writeSearchRequest(request, builder, params); + builder.field(Field.REQUEST.getPreferredName(), new WatcherSearchTemplateRequest(request)); return builder.endObject(); } } public static class Builder implements Input.Builder { - private final SearchRequest request; + private final WatcherSearchTemplateRequest request; private final Set extractKeys = new HashSet<>(); private TimeValue timeout; private DateTimeZone dynamicNameTimeZone; - private Builder(SearchRequest request) { + private Builder(WatcherSearchTemplateRequest request) { this.request = request; } diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/SearchInputFactory.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/SearchInputFactory.java index bf327158a7a..db111eb4f23 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/SearchInputFactory.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/input/search/SearchInputFactory.java @@ -5,8 +5,6 @@ */ package org.elasticsearch.xpack.watcher.input.search; -import java.io.IOException; - import org.elasticsearch.common.ParseFieldMatcher; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.logging.Loggers; @@ -17,10 +15,14 @@ import org.elasticsearch.index.query.QueryParseContext; import org.elasticsearch.indices.query.IndicesQueriesRegistry; import org.elasticsearch.search.aggregations.AggregatorParsers; import org.elasticsearch.search.suggest.Suggesters; +import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.security.InternalClient; import org.elasticsearch.xpack.watcher.input.InputFactory; import org.elasticsearch.xpack.watcher.input.simple.ExecutableSimpleInput; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; + +import java.io.IOException; /** * @@ -33,15 +35,16 @@ public class SearchInputFactory extends InputFactory watcherContextParams = Variables.createCtxModel(ctx, payload); - if (requestPrototype.source() != null) { - // Here we convert a watch search request body into an inline search template, - // this way if any Watcher related context variables are used, they will get resolved, - // by ES search template support - XContentBuilder builder = jsonBuilder(); - requestPrototype.source().toXContent(builder, ToXContent.EMPTY_PARAMS); - Template template = new Template(builder.string(), ScriptType.INLINE, null, builder.contentType(), watcherContextParams); - request.template(template); - } else if (requestPrototype.template() != null) { - // Here we convert watcher template into a ES core templates. Due to the different format we use, we - // convert to the template format used in ES core - Template template = requestPrototype.template(); - if (template.getParams() != null) { - watcherContextParams.putAll(template.getParams()); - } - template = new Template(template.getScript(), template.getType(), template.getLang(), template.getContentType(), - watcherContextParams); - request.template(template); - // } - } - // falling back to an empty body - return request; - } - - - /** - * Reads a new search request instance for the specified parser. - */ - public static SearchRequest readSearchRequest(XContentParser parser, SearchType searchType, QueryParseContext context, - AggregatorParsers aggParsers, Suggesters suggesters) - throws IOException { - IndicesOptions indicesOptions = DEFAULT_INDICES_OPTIONS; - SearchRequest searchRequest = new SearchRequest(); - - XContentParser.Token token; - String currentFieldName = null; - while ((token = parser.nextToken()) != XContentParser.Token.END_OBJECT) { - if (token == XContentParser.Token.FIELD_NAME) { - currentFieldName = parser.currentName(); - if (ParseFieldMatcher.STRICT.match(currentFieldName, BODY_FIELD)) { - searchRequest.source(SearchSourceBuilder.fromXContent(context, aggParsers, suggesters)); - } - } else if (token == XContentParser.Token.START_ARRAY) { - if (ParseFieldMatcher.STRICT.match(currentFieldName, INDICES_FIELD)) { - List indices = new ArrayList<>(); - while ((token = parser.nextToken()) != XContentParser.Token.END_ARRAY) { - if (token == XContentParser.Token.VALUE_STRING) { - indices.add(parser.textOrNull()); - } else { - throw new ElasticsearchParseException("could not read search request. expected string values in [" + - currentFieldName + "] field, but instead found [" + token + "]"); - } - } - searchRequest.indices(indices.toArray(new String[indices.size()])); - } else if (ParseFieldMatcher.STRICT.match(currentFieldName, TYPES_FIELD)) { - List types = new ArrayList<>(); - while ((token = parser.nextToken()) != XContentParser.Token.END_ARRAY) { - if (token == XContentParser.Token.VALUE_STRING) { - types.add(parser.textOrNull()); - } else { - throw new ElasticsearchParseException("could not read search request. expected string values in [" + - currentFieldName + "] field, but instead found [" + token + "]"); - } - } - searchRequest.types(types.toArray(new String[types.size()])); - } else { - throw new ElasticsearchParseException("could not read search request. unexpected array field [" + - currentFieldName + "]"); - } - } else if (token == XContentParser.Token.START_OBJECT) { - if (ParseFieldMatcher.STRICT.match(currentFieldName, INDICES_OPTIONS_FIELD)) { - boolean expandOpen = DEFAULT_INDICES_OPTIONS.expandWildcardsOpen(); - boolean expandClosed = DEFAULT_INDICES_OPTIONS.expandWildcardsClosed(); - boolean allowNoIndices = DEFAULT_INDICES_OPTIONS.allowNoIndices(); - boolean ignoreUnavailable = DEFAULT_INDICES_OPTIONS.ignoreUnavailable(); - while ((token = parser.nextToken()) != XContentParser.Token.END_OBJECT) { - if (token == XContentParser.Token.FIELD_NAME) { - currentFieldName = parser.currentName(); - } else if (token.isValue()) { - if (ParseFieldMatcher.STRICT.match(currentFieldName, EXPAND_WILDCARDS_FIELD)) { - switch (parser.text()) { - case "all": - expandOpen = true; - expandClosed = true; - break; - case "open": - expandOpen = true; - expandClosed = false; - break; - case "closed": - expandOpen = false; - expandClosed = true; - break; - case "none": - expandOpen = false; - expandClosed = false; - break; - default: - throw new ElasticsearchParseException("could not read search request. unknown value [" + - parser.text() + "] for [" + currentFieldName + "] field "); - } - } else if (ParseFieldMatcher.STRICT.match(currentFieldName, IGNORE_UNAVAILABLE_FIELD)) { - ignoreUnavailable = parser.booleanValue(); - } else if (ParseFieldMatcher.STRICT.match(currentFieldName, ALLOW_NO_INDICES_FIELD)) { - allowNoIndices = parser.booleanValue(); - } else { - throw new ElasticsearchParseException("could not read search request. unexpected index option [" + - currentFieldName + "]"); - } - } else { - throw new ElasticsearchParseException("could not read search request. unexpected object field [" + - currentFieldName + "]"); - } - } - indicesOptions = IndicesOptions.fromOptions(ignoreUnavailable, allowNoIndices, expandOpen, expandClosed, - DEFAULT_INDICES_OPTIONS); - } else if (ParseFieldMatcher.STRICT.match(currentFieldName, TEMPLATE_FIELD)) { - Template template = Template.parse(parser, ParseFieldMatcher.STRICT); - searchRequest.template(template); - } else { - throw new ElasticsearchParseException("could not read search request. unexpected object field [" + - currentFieldName + "]"); - } - } else if (token == XContentParser.Token.VALUE_STRING) { - if (ParseFieldMatcher.STRICT.match(currentFieldName, INDICES_FIELD)) { - String indicesStr = parser.text(); - searchRequest.indices(Strings.delimitedListToStringArray(indicesStr, ",", " \t")); - } else if (ParseFieldMatcher.STRICT.match(currentFieldName, TYPES_FIELD)) { - String typesStr = parser.text(); - searchRequest.types(Strings.delimitedListToStringArray(typesStr, ",", " \t")); - } else if (ParseFieldMatcher.STRICT.match(currentFieldName, SEARCH_TYPE_FIELD)) { - searchType = SearchType.fromString(parser.text().toLowerCase(Locale.ROOT), ParseFieldMatcher.EMPTY); - } else { - throw new ElasticsearchParseException("could not read search request. unexpected string field [" + - currentFieldName + "]"); - } - } else { - throw new ElasticsearchParseException("could not read search request. unexpected token [" + token + "]"); - } - } - - if (searchRequest.indices() == null) { - searchRequest.indices(Strings.EMPTY_ARRAY); - } - searchRequest.searchType(searchType); - searchRequest.indicesOptions(indicesOptions); - return searchRequest; - } - - /** - * Writes the searchRequest to the specified builder. - */ - public static XContentBuilder writeSearchRequest(SearchRequest searchRequest, XContentBuilder builder, - ToXContent.Params params) throws IOException { - if (searchRequest == null) { - builder.nullValue(); - return builder; - } - - builder.startObject(); - if (searchRequest.searchType() != null) { - builder.field(SEARCH_TYPE_FIELD.getPreferredName(), searchRequest.searchType().toString().toLowerCase(Locale.ENGLISH)); - } - if (searchRequest.indices() != null) { - builder.array(INDICES_FIELD.getPreferredName(), searchRequest.indices()); - } - if (searchRequest.types() != null) { - builder.array(TYPES_FIELD.getPreferredName(), searchRequest.types()); - } - if (searchRequest.source() != null) { - builder.field(BODY_FIELD.getPreferredName(), searchRequest.source()); - } - if (searchRequest.template() != null) { - builder.field(TEMPLATE_FIELD.getPreferredName(), searchRequest.template()); - } - - if (searchRequest.indicesOptions() != DEFAULT_INDICES_OPTIONS) { - IndicesOptions options = searchRequest.indicesOptions(); - builder.startObject(INDICES_OPTIONS_FIELD.getPreferredName()); - String value; - if (options.expandWildcardsClosed() && options.expandWildcardsOpen()) { - value = "all"; - } else if (options.expandWildcardsOpen()) { - value = "open"; - } else if (options.expandWildcardsClosed()) { - value = "closed"; - } else { - value = "none"; - } - builder.field(EXPAND_WILDCARDS_FIELD.getPreferredName(), value); - builder.field(IGNORE_UNAVAILABLE_FIELD.getPreferredName(), options.ignoreUnavailable()); - builder.field(ALLOW_NO_INDICES_FIELD.getPreferredName(), options.allowNoIndices()); - builder.endObject(); - } - return builder.endObject(); - } - public static Map flattenModel(Map map) { Map result = new HashMap<>(); flattenModel("", map, result); diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateRequest.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateRequest.java new file mode 100644 index 00000000000..adc101d94e3 --- /dev/null +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateRequest.java @@ -0,0 +1,254 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +package org.elasticsearch.xpack.watcher.support.search; + +import org.elasticsearch.ElasticsearchParseException; +import org.elasticsearch.action.search.SearchRequest; +import org.elasticsearch.action.search.SearchType; +import org.elasticsearch.action.support.IndicesOptions; +import org.elasticsearch.common.Nullable; +import org.elasticsearch.common.ParseField; +import org.elasticsearch.common.ParseFieldMatcher; +import org.elasticsearch.common.Strings; +import org.elasticsearch.common.xcontent.ToXContent; +import org.elasticsearch.common.xcontent.XContentBuilder; +import org.elasticsearch.common.xcontent.XContentParser; +import org.elasticsearch.index.query.QueryParseContext; +import org.elasticsearch.search.aggregations.AggregatorParsers; +import org.elasticsearch.search.builder.SearchSourceBuilder; +import org.elasticsearch.search.suggest.Suggesters; +import org.elasticsearch.xpack.watcher.support.Script; +import org.elasticsearch.xpack.watcher.support.SearchRequestEquivalence; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Locale; +import java.util.Objects; + +/** + * A {@link WatcherSearchTemplateRequest} contains the search request and the eventual template that will + * be rendered as a script by {@link WatcherSearchTemplateService} before being executed. + */ +public class WatcherSearchTemplateRequest implements ToXContent { + + private final SearchRequest request; + private final @Nullable Script template; + + public WatcherSearchTemplateRequest(SearchRequest searchRequest, @Nullable Script template) { + this.request = Objects.requireNonNull(searchRequest); + this.template = template; + } + + public WatcherSearchTemplateRequest(SearchRequest request) { + this(request, null); + } + + public SearchRequest getRequest() { + return request; + } + + public Script getTemplate() { + return template; + } + + @Override + public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { + builder.startObject(); + if (request != null) { + if (request.searchType() != null) { + builder.field(SEARCH_TYPE_FIELD.getPreferredName(), request.searchType().toString().toLowerCase(Locale.ENGLISH)); + } + if (request.indices() != null) { + builder.array(INDICES_FIELD.getPreferredName(), request.indices()); + } + if (request.types() != null) { + builder.array(TYPES_FIELD.getPreferredName(), request.types()); + } + if (request.source() != null) { + builder.field(BODY_FIELD.getPreferredName(), request.source()); + } + if (request.indicesOptions() != DEFAULT_INDICES_OPTIONS) { + IndicesOptions options = request.indicesOptions(); + builder.startObject(INDICES_OPTIONS_FIELD.getPreferredName()); + String value; + if (options.expandWildcardsClosed() && options.expandWildcardsOpen()) { + value = "all"; + } else if (options.expandWildcardsOpen()) { + value = "open"; + } else if (options.expandWildcardsClosed()) { + value = "closed"; + } else { + value = "none"; + } + builder.field(EXPAND_WILDCARDS_FIELD.getPreferredName(), value); + builder.field(IGNORE_UNAVAILABLE_FIELD.getPreferredName(), options.ignoreUnavailable()); + builder.field(ALLOW_NO_INDICES_FIELD.getPreferredName(), options.allowNoIndices()); + builder.endObject(); + } + } + if (template != null) { + builder.field(TEMPLATE_FIELD.getPreferredName(), template); + } + return builder.endObject(); + } + + + /** + * Reads a new watcher search request instance for the specified parser. + */ + public static WatcherSearchTemplateRequest fromXContent(XContentParser parser, SearchType searchType, QueryParseContext context, + AggregatorParsers aggParsers, Suggesters suggesters) + throws IOException { + IndicesOptions indicesOptions = DEFAULT_INDICES_OPTIONS; + SearchRequest searchRequest = new SearchRequest(); + Script template = null; + + XContentParser.Token token; + String currentFieldName = null; + while ((token = parser.nextToken()) != XContentParser.Token.END_OBJECT) { + if (token == XContentParser.Token.FIELD_NAME) { + currentFieldName = parser.currentName(); + if (ParseFieldMatcher.STRICT.match(currentFieldName, BODY_FIELD)) { + searchRequest.source(SearchSourceBuilder.fromXContent(context, aggParsers, suggesters)); + } + } else if (token == XContentParser.Token.START_ARRAY) { + if (ParseFieldMatcher.STRICT.match(currentFieldName, INDICES_FIELD)) { + List indices = new ArrayList<>(); + while ((token = parser.nextToken()) != XContentParser.Token.END_ARRAY) { + if (token == XContentParser.Token.VALUE_STRING) { + indices.add(parser.textOrNull()); + } else { + throw new ElasticsearchParseException("could not read search request. expected string values in [" + + currentFieldName + "] field, but instead found [" + token + "]"); + } + } + searchRequest.indices(indices.toArray(new String[indices.size()])); + } else if (ParseFieldMatcher.STRICT.match(currentFieldName, TYPES_FIELD)) { + List types = new ArrayList<>(); + while ((token = parser.nextToken()) != XContentParser.Token.END_ARRAY) { + if (token == XContentParser.Token.VALUE_STRING) { + types.add(parser.textOrNull()); + } else { + throw new ElasticsearchParseException("could not read search request. expected string values in [" + + currentFieldName + "] field, but instead found [" + token + "]"); + } + } + searchRequest.types(types.toArray(new String[types.size()])); + } else { + throw new ElasticsearchParseException("could not read search request. unexpected array field [" + + currentFieldName + "]"); + } + } else if (token == XContentParser.Token.START_OBJECT) { + if (ParseFieldMatcher.STRICT.match(currentFieldName, INDICES_OPTIONS_FIELD)) { + boolean expandOpen = DEFAULT_INDICES_OPTIONS.expandWildcardsOpen(); + boolean expandClosed = DEFAULT_INDICES_OPTIONS.expandWildcardsClosed(); + boolean allowNoIndices = DEFAULT_INDICES_OPTIONS.allowNoIndices(); + boolean ignoreUnavailable = DEFAULT_INDICES_OPTIONS.ignoreUnavailable(); + while ((token = parser.nextToken()) != XContentParser.Token.END_OBJECT) { + if (token == XContentParser.Token.FIELD_NAME) { + currentFieldName = parser.currentName(); + } else if (token.isValue()) { + if (ParseFieldMatcher.STRICT.match(currentFieldName, EXPAND_WILDCARDS_FIELD)) { + switch (parser.text()) { + case "all": + expandOpen = true; + expandClosed = true; + break; + case "open": + expandOpen = true; + expandClosed = false; + break; + case "closed": + expandOpen = false; + expandClosed = true; + break; + case "none": + expandOpen = false; + expandClosed = false; + break; + default: + throw new ElasticsearchParseException("could not read search request. unknown value [" + + parser.text() + "] for [" + currentFieldName + "] field "); + } + } else if (ParseFieldMatcher.STRICT.match(currentFieldName, IGNORE_UNAVAILABLE_FIELD)) { + ignoreUnavailable = parser.booleanValue(); + } else if (ParseFieldMatcher.STRICT.match(currentFieldName, ALLOW_NO_INDICES_FIELD)) { + allowNoIndices = parser.booleanValue(); + } else { + throw new ElasticsearchParseException("could not read search request. unexpected index option [" + + currentFieldName + "]"); + } + } else { + throw new ElasticsearchParseException("could not read search request. unexpected object field [" + + currentFieldName + "]"); + } + } + indicesOptions = IndicesOptions.fromOptions(ignoreUnavailable, allowNoIndices, expandOpen, expandClosed, + DEFAULT_INDICES_OPTIONS); + } else if (ParseFieldMatcher.STRICT.match(currentFieldName, TEMPLATE_FIELD)) { + template = Script.parse(parser); + } else { + throw new ElasticsearchParseException("could not read search request. unexpected object field [" + + currentFieldName + "]"); + } + } else if (token == XContentParser.Token.VALUE_STRING) { + if (ParseFieldMatcher.STRICT.match(currentFieldName, INDICES_FIELD)) { + String indicesStr = parser.text(); + searchRequest.indices(Strings.delimitedListToStringArray(indicesStr, ",", " \t")); + } else if (ParseFieldMatcher.STRICT.match(currentFieldName, TYPES_FIELD)) { + String typesStr = parser.text(); + searchRequest.types(Strings.delimitedListToStringArray(typesStr, ",", " \t")); + } else if (ParseFieldMatcher.STRICT.match(currentFieldName, SEARCH_TYPE_FIELD)) { + searchType = SearchType.fromString(parser.text().toLowerCase(Locale.ROOT), ParseFieldMatcher.EMPTY); + } else { + throw new ElasticsearchParseException("could not read search request. unexpected string field [" + + currentFieldName + "]"); + } + } else { + throw new ElasticsearchParseException("could not read search request. unexpected token [" + token + "]"); + } + } + + if (searchRequest.indices() == null) { + searchRequest.indices(Strings.EMPTY_ARRAY); + } + searchRequest.searchType(searchType); + searchRequest.indicesOptions(indicesOptions); + return new WatcherSearchTemplateRequest(searchRequest, template); + } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + WatcherSearchTemplateRequest that = (WatcherSearchTemplateRequest) o; + + if (!SearchRequestEquivalence.INSTANCE.equivalent(request, that.request)) return false; + return template != null ? template.equals(that.template) : that.template == null; + + } + + @Override + public int hashCode() { + int result = request != null ? request.hashCode() : 0; + result = 31 * result + (template != null ? template.hashCode() : 0); + return result; + } + + static final ParseField INDICES_FIELD = new ParseField("indices"); + static final ParseField TYPES_FIELD = new ParseField("types"); + static final ParseField BODY_FIELD = new ParseField("body"); + static final ParseField SEARCH_TYPE_FIELD = new ParseField("search_type"); + static final ParseField INDICES_OPTIONS_FIELD = new ParseField("indices_options"); + static final ParseField EXPAND_WILDCARDS_FIELD = new ParseField("expand_wildcards"); + static final ParseField IGNORE_UNAVAILABLE_FIELD = new ParseField("ignore_unavailable"); + static final ParseField ALLOW_NO_INDICES_FIELD = new ParseField("allow_no_indices"); + static final ParseField TEMPLATE_FIELD = new ParseField("template"); + + public final static IndicesOptions DEFAULT_INDICES_OPTIONS = IndicesOptions.lenientExpandOpen(); +} diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateService.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateService.java new file mode 100644 index 00000000000..ed00ea90dbd --- /dev/null +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/search/WatcherSearchTemplateService.java @@ -0,0 +1,125 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +package org.elasticsearch.xpack.watcher.support.search; + +import org.elasticsearch.action.search.SearchRequest; +import org.elasticsearch.common.ParseFieldMatcher; +import org.elasticsearch.common.bytes.BytesReference; +import org.elasticsearch.common.component.AbstractComponent; +import org.elasticsearch.common.inject.Inject; +import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.common.xcontent.ToXContent; +import org.elasticsearch.common.xcontent.XContentBuilder; +import org.elasticsearch.common.xcontent.XContentFactory; +import org.elasticsearch.common.xcontent.XContentParser; +import org.elasticsearch.index.query.QueryParseContext; +import org.elasticsearch.indices.query.IndicesQueriesRegistry; +import org.elasticsearch.script.ScriptService; +import org.elasticsearch.search.aggregations.AggregatorParsers; +import org.elasticsearch.search.builder.SearchSourceBuilder; +import org.elasticsearch.search.suggest.Suggesters; +import org.elasticsearch.xpack.common.ScriptServiceProxy; +import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; +import org.elasticsearch.xpack.watcher.support.Script; +import org.elasticsearch.xpack.watcher.support.Variables; +import org.elasticsearch.xpack.watcher.watch.Payload; + +import java.io.IOException; +import java.util.Map; + +import static org.elasticsearch.common.xcontent.XContentFactory.jsonBuilder; + +/** + * {@link WatcherSearchTemplateService} renders {@link WatcherSearchTemplateRequest} before their execution. + */ +public class WatcherSearchTemplateService extends AbstractComponent { + + private static final String DEFAULT_LANG = "mustache"; + + private final ScriptServiceProxy scriptService; + private final ParseFieldMatcher parseFieldMatcher; + private final IndicesQueriesRegistry queryRegistry; + private final AggregatorParsers aggsParsers; + private final Suggesters suggesters; + + @Inject + public WatcherSearchTemplateService(Settings settings, ScriptServiceProxy scriptServiceProxy, + IndicesQueriesRegistry queryRegistry, AggregatorParsers aggregatorParsers, Suggesters suggesters) { + super(settings); + this.scriptService = scriptServiceProxy; + this.queryRegistry = queryRegistry; + this.aggsParsers = aggregatorParsers; + this.suggesters = suggesters; + this.parseFieldMatcher = new ParseFieldMatcher(settings); + } + + public SearchRequest createSearchRequestFromPrototype(WatcherSearchTemplateRequest prototype, WatchExecutionContext ctx, + Payload payload) throws IOException { + + SearchRequest request = new SearchRequest() + .indicesOptions(prototype.getRequest().indicesOptions()) + .searchType(prototype.getRequest().searchType()) + .indices(prototype.getRequest().indices()) + .types(prototype.getRequest().types()); + + Script template = null; + + // Due the inconsistency with templates in ES 1.x, we maintain our own template format. + // This template format we use now, will become the template structure in ES 2.0 + Map watcherContextParams = Variables.createCtxModel(ctx, payload); + + // Here we convert a watch search request body into an inline search template, + // this way if any Watcher related context variables are used, they will get resolved. + if (prototype.getRequest().source() != null) { + try (XContentBuilder builder = jsonBuilder()) { + prototype.getRequest().source().toXContent(builder, ToXContent.EMPTY_PARAMS); + template = Script.inline(builder.string()).lang(DEFAULT_LANG).params(watcherContextParams).build(); + } + + } else if (prototype.getTemplate() != null) { + // Here we convert watcher template into a ES core templates. Due to the different format we use, we + // convert to the template format used in ES core + Script templatePrototype = prototype.getTemplate(); + if (templatePrototype.params() != null) { + watcherContextParams.putAll(templatePrototype.params()); + } + + Script.Builder builder; + if (templatePrototype.type() == ScriptService.ScriptType.INLINE) { + builder = Script.inline(templatePrototype.script()); + } else if (templatePrototype.type() == ScriptService.ScriptType.FILE) { + builder = Script.file(templatePrototype.script()); + } else if (templatePrototype.type() == ScriptService.ScriptType.STORED) { + builder = Script.indexed(templatePrototype.script()); + } else { + builder = Script.defaultType(templatePrototype.script()); + } + template = builder.lang(templatePrototype.lang()).params(watcherContextParams).build(); + } + + request.source(convert(template)); + return request; + } + + /** + * Converts a {@link Script} to a {@link org.elasticsearch.search.builder.SearchSourceBuilder} + */ + private SearchSourceBuilder convert(Script template) throws IOException { + SearchSourceBuilder sourceBuilder = SearchSourceBuilder.searchSource(); + if (template == null) { + // falling back to an empty body + return sourceBuilder; + } + + BytesReference source = (BytesReference) scriptService.executable(scriptService.compile(template), template.params()).run(); + if (source != null && source.length() > 0) { + try (XContentParser parser = XContentFactory.xContent(source).createParser(source)) { + sourceBuilder.parseXContent(new QueryParseContext(queryRegistry, parser, parseFieldMatcher), aggsParsers, suggesters); + } + } + return sourceBuilder; + } +} diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/TransformBuilders.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/TransformBuilders.java index 2892516919b..b39e3b9655d 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/TransformBuilders.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/TransformBuilders.java @@ -6,8 +6,8 @@ package org.elasticsearch.xpack.watcher.transform; import org.elasticsearch.action.search.SearchRequest; -import org.elasticsearch.action.search.SearchRequestBuilder; import org.elasticsearch.xpack.watcher.support.Script; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; import org.elasticsearch.xpack.watcher.transform.chain.ChainTransform; import org.elasticsearch.xpack.watcher.transform.script.ScriptTransform; import org.elasticsearch.xpack.watcher.transform.search.SearchTransform; @@ -20,12 +20,12 @@ public final class TransformBuilders { private TransformBuilders() { } - public static SearchTransform.Builder searchTransform(SearchRequest request) { + public static SearchTransform.Builder searchTransform(WatcherSearchTemplateRequest request) { return SearchTransform.builder(request); } - public static SearchTransform.Builder searchTransform(SearchRequestBuilder request) { - return searchTransform(request.request()); + public static SearchTransform.Builder searchTransform(SearchRequest request) { + return searchTransform(new WatcherSearchTemplateRequest(request)); } public static ScriptTransform.Builder scriptTransform(String script) { diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/ExecutableSearchTransform.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/ExecutableSearchTransform.java index 3e658ad3bfb..31b8d650ab3 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/ExecutableSearchTransform.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/ExecutableSearchTransform.java @@ -12,8 +12,8 @@ import org.elasticsearch.common.Nullable; import org.elasticsearch.common.logging.ESLogger; import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; -import org.elasticsearch.xpack.watcher.support.WatcherUtils; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; import org.elasticsearch.xpack.watcher.transform.ExecutableTransform; import org.elasticsearch.xpack.watcher.watch.Payload; @@ -25,12 +25,14 @@ public class ExecutableSearchTransform extends ExecutableTransform { - private final SearchRequest request; + private final WatcherSearchTemplateRequest request; private TimeValue timeout; private DateTimeZone dynamicNameTimeZone; - public Builder(SearchRequest request) { + public Builder(WatcherSearchTemplateRequest request) { this.request = request; } diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/SearchTransformFactory.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/SearchTransformFactory.java index 8f7cf903af2..28d9e0aa599 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/SearchTransformFactory.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/transform/search/SearchTransformFactory.java @@ -18,7 +18,9 @@ import org.elasticsearch.indices.query.IndicesQueriesRegistry; import org.elasticsearch.search.aggregations.AggregatorParsers; import org.elasticsearch.search.suggest.Suggesters; import org.elasticsearch.xpack.security.InternalClient; +import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; import org.elasticsearch.xpack.watcher.transform.TransformFactory; /** @@ -32,14 +34,15 @@ public class SearchTransformFactory extends TransformFactory queryParser = MatchAllQueryBuilder::fromXContent; registry.register(queryParser, MatchAllQueryBuilder.QUERY_NAME_FIELD); QueryParseContext context = new QueryParseContext(registry, parser, ParseFieldMatcher.STRICT); - SearchRequest result = WatcherUtils.readSearchRequest(parser, ExecutableSearchInput.DEFAULT_SEARCH_TYPE, context, null, null); + WatcherSearchTemplateRequest result = WatcherSearchTemplateRequest.fromXContent(parser, DEFAULT_SEARCH_TYPE, context, null, null); - assertThat(result.indices(), arrayContainingInAnyOrder(expectedRequest.indices())); - assertThat(result.types(), arrayContainingInAnyOrder(expectedRequest.types())); - assertThat(result.indicesOptions(), equalTo(expectedRequest.indicesOptions())); - assertThat(result.searchType(), equalTo(expectedRequest.searchType())); - assertThat(result.source(), equalTo(searchSourceBuilder)); - assertThat(result.template(), equalTo(expectedRequest.template())); + assertThat(result.getRequest(), is(notNullValue())); + assertThat(result.getRequest().indices(), arrayContainingInAnyOrder(expectedRequest.indices())); + assertThat(result.getRequest().types(), arrayContainingInAnyOrder(expectedRequest.types())); + assertThat(result.getRequest().indicesOptions(), equalTo(expectedRequest.indicesOptions())); + assertThat(result.getRequest().searchType(), equalTo(expectedRequest.searchType())); + assertThat(result.getRequest().source(), equalTo(searchSourceBuilder)); + + assertThat(result.getTemplate(), equalTo(expectedTemplate)); } public void testDeserializeSearchRequest() throws Exception { @@ -172,10 +170,10 @@ public class WatcherUtilsTests extends ESTestCase { } } - IndicesOptions indicesOptions = DEFAULT_INDICES_OPTIONS; + IndicesOptions indicesOptions = WatcherSearchTemplateRequest.DEFAULT_INDICES_OPTIONS; if (randomBoolean()) { indicesOptions = IndicesOptions.fromOptions(randomBoolean(), randomBoolean(), randomBoolean(), - randomBoolean(), WatcherUtils.DEFAULT_INDICES_OPTIONS); + randomBoolean(), WatcherSearchTemplateRequest.DEFAULT_INDICES_OPTIONS); builder.startObject("indices_options") .field("allow_no_indices", indicesOptions.allowNoIndices()) .field("expand_wildcards", indicesOptions.expandWildcardsClosed() && indicesOptions.expandWildcardsOpen() ? "all" : @@ -201,7 +199,7 @@ public class WatcherUtilsTests extends ESTestCase { source = searchSourceBuilder.buildAsBytes(XContentType.JSON); builder.rawField("body", source); } - Template templateSource = null; + Script template = null; if (randomBoolean()) { Map params = new HashMap<>(); if (randomBoolean()) { @@ -211,14 +209,8 @@ public class WatcherUtilsTests extends ESTestCase { } } String text = randomAsciiOfLengthBetween(1, 5); - TextTemplate template = randomFrom( - TextTemplate.inline(text).params(params).build(), - TextTemplate.file(text).params(params).build(), - TextTemplate.indexed(text).params(params).build() - ); + template = randomFrom(Script.inline(text), Script.file(text), Script.indexed(text)) .params(params).build(); builder.field("template", template); - templateSource = new Template(template.getTemplate(), template.getType(), null, template.getContentType(), - template.getParams()); } builder.endObject(); @@ -228,14 +220,15 @@ public class WatcherUtilsTests extends ESTestCase { QueryParser queryParser = MatchAllQueryBuilder::fromXContent; registry.register(queryParser, MatchAllQueryBuilder.QUERY_NAME_FIELD); QueryParseContext context = new QueryParseContext(registry, parser, ParseFieldMatcher.STRICT); - SearchRequest result = WatcherUtils.readSearchRequest(parser, ExecutableSearchInput.DEFAULT_SEARCH_TYPE, context, null, null); + WatcherSearchTemplateRequest result = WatcherSearchTemplateRequest.fromXContent(parser, DEFAULT_SEARCH_TYPE, context, null, null); - assertThat(result.indices(), arrayContainingInAnyOrder(indices)); - assertThat(result.types(), arrayContainingInAnyOrder(types)); - assertThat(result.indicesOptions(), equalTo(indicesOptions)); - assertThat(result.searchType(), equalTo(searchType)); - assertThat(result.source(), equalTo(searchSourceBuilder)); - assertThat(result.template(), equalTo(templateSource)); + assertThat(result.getRequest(), is(notNullValue())); + assertThat(result.getRequest().indices(), arrayContainingInAnyOrder(indices)); + assertThat(result.getRequest().types(), arrayContainingInAnyOrder(types)); + assertThat(result.getRequest().indicesOptions(), equalTo(indicesOptions)); + assertThat(result.getRequest().searchType(), equalTo(searchType)); + assertThat(result.getRequest().source(), equalTo(searchSourceBuilder)); + assertThat(result.getTemplate(), equalTo(template)); } } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/WatcherTestUtils.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/WatcherTestUtils.java index f11d07a3f4a..3cff684748e 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/WatcherTestUtils.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/WatcherTestUtils.java @@ -31,6 +31,13 @@ import org.elasticsearch.search.builder.SearchSourceBuilder; import org.elasticsearch.test.ESIntegTestCase; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.watcher.ResourceWatcherService; +import org.elasticsearch.xpack.common.ScriptServiceProxy; +import org.elasticsearch.xpack.common.http.HttpClient; +import org.elasticsearch.xpack.common.http.HttpMethod; +import org.elasticsearch.xpack.common.http.HttpRequestTemplate; +import org.elasticsearch.xpack.common.secret.Secret; +import org.elasticsearch.xpack.common.text.TextTemplate; +import org.elasticsearch.xpack.common.text.TextTemplateEngine; import org.elasticsearch.xpack.notification.email.Authentication; import org.elasticsearch.xpack.notification.email.EmailService; import org.elasticsearch.xpack.notification.email.EmailTemplate; @@ -49,15 +56,9 @@ import org.elasticsearch.xpack.watcher.execution.Wid; import org.elasticsearch.xpack.watcher.input.search.ExecutableSearchInput; import org.elasticsearch.xpack.watcher.input.simple.ExecutableSimpleInput; import org.elasticsearch.xpack.watcher.input.simple.SimpleInput; -import org.elasticsearch.xpack.common.ScriptServiceProxy; -import org.elasticsearch.xpack.watcher.support.WatcherUtils; -import org.elasticsearch.xpack.common.http.HttpClient; -import org.elasticsearch.xpack.common.http.HttpMethod; -import org.elasticsearch.xpack.common.http.HttpRequestTemplate; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; -import org.elasticsearch.xpack.common.secret.Secret; -import org.elasticsearch.xpack.common.text.TextTemplate; -import org.elasticsearch.xpack.common.text.TextTemplateEngine; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; import org.elasticsearch.xpack.watcher.support.xcontent.ObjectPath; import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource; import org.elasticsearch.xpack.watcher.transform.search.ExecutableSearchTransform; @@ -76,7 +77,6 @@ import javax.mail.internet.AddressException; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.LinkedHashMap; @@ -122,7 +122,7 @@ public final class WatcherTestUtils { public static SearchRequest newInputSearchRequest(String... indices) { SearchRequest request = new SearchRequest(); request.indices(indices); - request.indicesOptions(WatcherUtils.DEFAULT_INDICES_OPTIONS); + request.indicesOptions(WatcherSearchTemplateRequest.DEFAULT_INDICES_OPTIONS); request.searchType(ExecutableSearchInput.DEFAULT_SEARCH_TYPE); return request; } @@ -175,13 +175,14 @@ public final class WatcherTestUtils { public static Watch createTestWatch(String watchName, HttpClient httpClient, EmailService emailService, - ESLogger logger) throws AddressException { - return createTestWatch(watchName, WatcherClientProxy.of(ESIntegTestCase.client()), httpClient, emailService, logger); + WatcherSearchTemplateService searchTemplateService, ESLogger logger) throws AddressException { + WatcherClientProxy client = WatcherClientProxy.of(ESIntegTestCase.client()); + return createTestWatch(watchName, client, httpClient, emailService, searchTemplateService, logger); } public static Watch createTestWatch(String watchName, WatcherClientProxy client, HttpClient httpClient, EmailService emailService, - ESLogger logger) throws AddressException { + WatcherSearchTemplateService searchTemplateService, ESLogger logger) throws AddressException { SearchRequest conditionRequest = newInputSearchRequest("my-condition-index").source(searchSource().query(matchAllQuery())); SearchRequest transformRequest = newInputSearchRequest("my-payload-index").source(searchSource().query(matchAllQuery())); @@ -229,12 +230,15 @@ public final class WatcherTestUtils { Map statuses = new HashMap<>(); statuses.put("_webhook", new ActionStatus(now)); statuses.put("_email", new ActionStatus(now)); + + SearchTransform searchTransform = new SearchTransform(new WatcherSearchTemplateRequest(transformRequest), null, null); + return new Watch( watchName, new ScheduleTrigger(new CronSchedule("0/5 * * * * ? *")), new ExecutableSimpleInput(new SimpleInput(new Payload.Simple(inputData)), logger), new ExecutableAlwaysCondition(logger), - new ExecutableSearchTransform(new SearchTransform(transformRequest, null, null), logger, client, null), + new ExecutableSearchTransform(searchTransform, logger, client, searchTemplateService, null), new TimeValue(0), new ExecutableActions(actions), metadata, @@ -247,7 +251,7 @@ public final class WatcherTestUtils { .put("script.indexed", "true") .put("path.home", createTempDir()) .build(); - ScriptContextRegistry scriptContextRegistry = new ScriptContextRegistry(Arrays.asList(ScriptServiceProxy.INSTANCE)); + ScriptContextRegistry scriptContextRegistry = new ScriptContextRegistry(Collections.singletonList(ScriptServiceProxy.INSTANCE)); ScriptEngineRegistry scriptEngineRegistry = new ScriptEngineRegistry(Collections.emptyList()); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java index 8c42d426bd4..5a1cb2d465f 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/BasicWatcherTests.java @@ -7,20 +7,16 @@ package org.elasticsearch.xpack.watcher.test.integration; import org.elasticsearch.ElasticsearchParseException; import org.elasticsearch.action.search.SearchRequest; -import org.elasticsearch.action.search.SearchRequestBuilder; import org.elasticsearch.action.search.SearchResponse; import org.elasticsearch.common.unit.TimeValue; -import org.elasticsearch.common.util.Callback; -import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.common.xcontent.XContentBuilder; -import org.elasticsearch.script.ScriptService.ScriptType; -import org.elasticsearch.script.Template; import org.elasticsearch.search.builder.SearchSourceBuilder; +import org.elasticsearch.xpack.support.clock.SystemClock; import org.elasticsearch.xpack.watcher.client.WatchSourceBuilder; import org.elasticsearch.xpack.watcher.client.WatcherClient; import org.elasticsearch.xpack.watcher.condition.compare.CompareCondition; -import org.elasticsearch.xpack.watcher.support.WatcherUtils; -import org.elasticsearch.xpack.support.clock.SystemClock; +import org.elasticsearch.xpack.watcher.support.Script; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource; import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase; import org.elasticsearch.xpack.watcher.transport.actions.delete.DeleteWatchResponse; @@ -151,8 +147,8 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase { watchSource.field("unknown_field", "x"); watchSource.startObject("schedule").field("cron", "0/5 * * * * ? *").endObject(); - watchSource.startObject("condition").startObject("script").field("script", "return true").field("request"); - WatcherUtils.writeSearchRequest(newInputSearchRequest(), watchSource, ToXContent.EMPTY_PARAMS); + watchSource.startObject("condition").startObject("script").field("script", "return true"); + watchSource.field("request", new WatcherSearchTemplateRequest(newInputSearchRequest())); watchSource.endObject().endObject(); watchSource.endObject(); @@ -252,22 +248,20 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase { public void testConditionSearchWithSource() throws Exception { SearchSourceBuilder searchSourceBuilder = searchSource().query(matchQuery("level", "a")); - testConditionSearch(newInputSearchRequest("events").source(searchSourceBuilder)); + testConditionSearch(newInputSearchRequest("events").source(searchSourceBuilder), null); } public void testConditionSearchWithIndexedTemplate() throws Exception { SearchSourceBuilder searchSourceBuilder = searchSource().query(matchQuery("level", "a")); - client().admin().cluster().preparePutStoredScript() + assertAcked(client().admin().cluster().preparePutStoredScript() .setScriptLang("mustache") .setId("my-template") .setSource(jsonBuilder().startObject().field("template").value(searchSourceBuilder).endObject().bytes()) - .get(); + .get()); - Template template = new Template("my-template", ScriptType.STORED, null, null, null); + Script template = Script.indexed("my-template").lang("mustache").build(); SearchRequest searchRequest = newInputSearchRequest("events"); - // TODO (2.0 upgrade): move back to BytesReference instead of coverting to a string - searchRequest.template(template); - testConditionSearch(searchRequest); + testConditionSearch(searchRequest, template); } public void testInputFiltering() throws Exception { @@ -298,12 +292,7 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase { // Check that the input result payload has been filtered refresh(); - SearchResponse searchResponse = searchWatchRecords(new Callback() { - @Override - public void handle(SearchRequestBuilder builder) { - builder.setQuery(matchQuery("watch_id", "_name1")); - } - }); + SearchResponse searchResponse = searchWatchRecords(builder -> builder.setQuery(matchQuery("watch_id", "_name1"))); assertHitCount(searchResponse, 1); XContentSource source = xContentSource(searchResponse.getHits().getAt(0).getSourceRef()); assertThat(source.getValue("result.input.payload.hits.total"), equalTo((Object) 1)); @@ -379,7 +368,7 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase { } } - private void testConditionSearch(SearchRequest request) throws Exception { + private void testConditionSearch(SearchRequest request, Script template) throws Exception { // reset, so we don't miss event docs when we filter over the _timestamp field. timeWarp().clock().setTime(SystemClock.INSTANCE.nowUTC()); @@ -389,7 +378,7 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase { watcherClient().preparePutWatch(watchName) .setSource(watchBuilder() .trigger(schedule(interval("5s"))) - .input(searchInput(request)) + .input(searchInput(new WatcherSearchTemplateRequest(request, template))) .condition(compareCondition("ctx.payload.hits.total", CompareCondition.Op.GTE, 3L))) .get(); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/watch/WatchTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/watch/WatchTests.java index fa34ad8c6d6..ea4a09715d2 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/watch/WatchTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/watch/WatchTests.java @@ -5,14 +5,6 @@ */ package org.elasticsearch.xpack.watcher.watch; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collection; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - import org.elasticsearch.ElasticsearchParseException; import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.logging.ESLogger; @@ -25,12 +17,31 @@ import org.elasticsearch.index.query.MatchAllQueryBuilder; import org.elasticsearch.index.query.QueryParser; import org.elasticsearch.indices.query.IndicesQueriesRegistry; import org.elasticsearch.test.ESTestCase; +import org.elasticsearch.xpack.common.ScriptServiceProxy; +import org.elasticsearch.xpack.common.http.HttpClient; +import org.elasticsearch.xpack.common.http.HttpMethod; +import org.elasticsearch.xpack.common.http.HttpRequestTemplate; +import org.elasticsearch.xpack.common.http.auth.HttpAuthRegistry; +import org.elasticsearch.xpack.common.http.auth.basic.BasicAuthFactory; +import org.elasticsearch.xpack.common.secret.SecretService; +import org.elasticsearch.xpack.common.text.TextTemplate; +import org.elasticsearch.xpack.common.text.TextTemplateEngine; +import org.elasticsearch.xpack.notification.email.DataAttachment; +import org.elasticsearch.xpack.notification.email.EmailService; +import org.elasticsearch.xpack.notification.email.EmailTemplate; +import org.elasticsearch.xpack.notification.email.HtmlSanitizer; +import org.elasticsearch.xpack.notification.email.Profile; +import org.elasticsearch.xpack.notification.email.attachment.EmailAttachments; +import org.elasticsearch.xpack.notification.email.attachment.EmailAttachmentsParser; +import org.elasticsearch.xpack.support.clock.Clock; +import org.elasticsearch.xpack.support.clock.ClockMock; +import org.elasticsearch.xpack.support.clock.SystemClock; +import org.elasticsearch.xpack.watcher.WatcherLicensee; import org.elasticsearch.xpack.watcher.actions.ActionFactory; import org.elasticsearch.xpack.watcher.actions.ActionRegistry; import org.elasticsearch.xpack.watcher.actions.ActionStatus; import org.elasticsearch.xpack.watcher.actions.ActionWrapper; import org.elasticsearch.xpack.watcher.actions.ExecutableActions; -import org.elasticsearch.xpack.notification.email.DataAttachment; import org.elasticsearch.xpack.watcher.actions.email.EmailAction; import org.elasticsearch.xpack.watcher.actions.email.EmailActionFactory; import org.elasticsearch.xpack.watcher.actions.email.ExecutableEmailAction; @@ -68,28 +79,15 @@ import org.elasticsearch.xpack.watcher.input.search.SearchInputFactory; import org.elasticsearch.xpack.watcher.input.simple.ExecutableSimpleInput; import org.elasticsearch.xpack.watcher.input.simple.SimpleInput; import org.elasticsearch.xpack.watcher.input.simple.SimpleInputFactory; -import org.elasticsearch.xpack.watcher.WatcherLicensee; import org.elasticsearch.xpack.watcher.support.Script; -import org.elasticsearch.xpack.watcher.support.WatcherUtils; -import org.elasticsearch.xpack.support.clock.Clock; -import org.elasticsearch.xpack.support.clock.ClockMock; -import org.elasticsearch.xpack.support.clock.SystemClock; -import org.elasticsearch.xpack.common.http.HttpClient; -import org.elasticsearch.xpack.common.http.HttpMethod; -import org.elasticsearch.xpack.common.http.HttpRequestTemplate; -import org.elasticsearch.xpack.common.http.auth.HttpAuthRegistry; -import org.elasticsearch.xpack.common.http.auth.basic.BasicAuthFactory; -import org.elasticsearch.xpack.common.ScriptServiceProxy; import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; -import org.elasticsearch.xpack.common.secret.SecretService; -import org.elasticsearch.xpack.common.text.TextTemplate; -import org.elasticsearch.xpack.common.text.TextTemplateEngine; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest; +import org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateService; import org.elasticsearch.xpack.watcher.test.WatcherTestUtils; import org.elasticsearch.xpack.watcher.transform.ExecutableTransform; import org.elasticsearch.xpack.watcher.transform.TransformFactory; import org.elasticsearch.xpack.watcher.transform.TransformRegistry; import org.elasticsearch.xpack.watcher.transform.chain.ChainTransform; -import org.elasticsearch.xpack.watcher.transform.chain.ChainTransformFactory; import org.elasticsearch.xpack.watcher.transform.chain.ExecutableChainTransform; import org.elasticsearch.xpack.watcher.transform.script.ExecutableScriptTransform; import org.elasticsearch.xpack.watcher.transform.script.ScriptTransform; @@ -116,21 +114,23 @@ import org.elasticsearch.xpack.watcher.trigger.schedule.support.Month; import org.elasticsearch.xpack.watcher.trigger.schedule.support.MonthTimes; import org.elasticsearch.xpack.watcher.trigger.schedule.support.WeekTimes; import org.elasticsearch.xpack.watcher.trigger.schedule.support.YearTimes; -import org.elasticsearch.xpack.notification.email.EmailService; -import org.elasticsearch.xpack.notification.email.EmailTemplate; -import org.elasticsearch.xpack.notification.email.HtmlSanitizer; -import org.elasticsearch.xpack.notification.email.Profile; -import org.elasticsearch.xpack.notification.email.attachment.EmailAttachments; -import org.elasticsearch.xpack.notification.email.attachment.EmailAttachmentsParser; import org.joda.time.DateTime; import org.joda.time.DateTimeZone; import org.junit.Before; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + import static java.util.Collections.singleton; import static java.util.Collections.singletonMap; import static java.util.Collections.unmodifiableMap; - import static org.elasticsearch.xpack.watcher.input.InputBuilders.searchInput; +import static org.elasticsearch.xpack.watcher.support.search.WatcherSearchTemplateRequest.DEFAULT_INDICES_OPTIONS; import static org.elasticsearch.xpack.watcher.test.WatcherTestUtils.matchAllRequest; import static org.elasticsearch.xpack.watcher.trigger.TriggerBuilders.schedule; import static org.hamcrest.Matchers.equalTo; @@ -153,6 +153,7 @@ public class WatchTests extends ESTestCase { private WatcherLicensee watcherLicensee; private ESLogger logger; private Settings settings = Settings.EMPTY; + private WatcherSearchTemplateService searchTemplateService; @Before public void init() throws Exception { @@ -166,6 +167,7 @@ public class WatchTests extends ESTestCase { watcherLicensee = mock(WatcherLicensee.class); authRegistry = new HttpAuthRegistry(singletonMap("basic", new BasicAuthFactory(secretService))); logger = Loggers.getLogger(WatchTests.class); + searchTemplateService = mock(WatcherSearchTemplateService.class); } public void testParserSelfGenerated() throws Exception { @@ -341,7 +343,7 @@ public class WatchTests extends ESTestCase { switch (type) { case SearchInput.TYPE: SearchInput searchInput = searchInput(WatcherTestUtils.newInputSearchRequest("idx")).build(); - return new ExecutableSearchInput(searchInput, logger, client, null); + return new ExecutableSearchInput(searchInput, logger, client, searchTemplateService, null); default: SimpleInput simpleInput = InputBuilders.simpleInput(singletonMap("_key", "_val")).build(); return new ExecutableSimpleInput(simpleInput, logger); @@ -355,7 +357,7 @@ public class WatchTests extends ESTestCase { IndicesQueriesRegistry queryRegistry = new IndicesQueriesRegistry(); QueryParser queryParser = MatchAllQueryBuilder::fromXContent; queryRegistry.register(queryParser, MatchAllQueryBuilder.QUERY_NAME_FIELD); - parsers.put(SearchInput.TYPE, new SearchInputFactory(settings, client, queryRegistry, null, null)); + parsers.put(SearchInput.TYPE, new SearchInputFactory(settings, client, queryRegistry, null, null, scriptService)); return new InputRegistry(Settings.EMPTY, parsers); default: parsers.put(SimpleInput.TYPE, new SimpleInputFactory(settings)); @@ -406,15 +408,19 @@ public class WatchTests extends ESTestCase { case ScriptTransform.TYPE: return new ExecutableScriptTransform(new ScriptTransform(Script.inline("_script").build()), logger, scriptService); case SearchTransform.TYPE: - return new ExecutableSearchTransform(new SearchTransform( - matchAllRequest(WatcherUtils.DEFAULT_INDICES_OPTIONS), timeout, timeZone), logger, client, null); + SearchTransform transform = new SearchTransform( + new WatcherSearchTemplateRequest(matchAllRequest(DEFAULT_INDICES_OPTIONS), null), timeout, timeZone); + return new ExecutableSearchTransform(transform, logger, client, searchTemplateService, null); default: // chain - ChainTransform chainTransform = new ChainTransform(Arrays.asList( - new SearchTransform(matchAllRequest(WatcherUtils.DEFAULT_INDICES_OPTIONS), timeout, timeZone), - new ScriptTransform(Script.inline("_script").build()))); + SearchTransform searchTransform = new SearchTransform( + new WatcherSearchTemplateRequest(matchAllRequest(DEFAULT_INDICES_OPTIONS), null), timeout, timeZone); + ScriptTransform scriptTransform = new ScriptTransform(Script.inline("_script").build()); + + ChainTransform chainTransform = new ChainTransform(Arrays.asList(searchTransform, scriptTransform)); return new ExecutableChainTransform(chainTransform, logger, Arrays.asList( new ExecutableSearchTransform(new SearchTransform( - matchAllRequest(WatcherUtils.DEFAULT_INDICES_OPTIONS), timeout, timeZone), logger, client, null), + new WatcherSearchTemplateRequest(matchAllRequest(DEFAULT_INDICES_OPTIONS), null), timeout, timeZone), + logger, client, searchTemplateService, null), new ExecutableScriptTransform(new ScriptTransform(Script.inline("_script").build()), logger, scriptService))); } } @@ -425,7 +431,7 @@ public class WatchTests extends ESTestCase { queryRegistry.register(queryParser, MatchAllQueryBuilder.QUERY_NAME_FIELD); Map factories = new HashMap<>(); factories.put(ScriptTransform.TYPE, new ScriptTransformFactory(settings, scriptService)); - factories.put(SearchTransform.TYPE, new SearchTransformFactory(settings, client, queryRegistry, null, null)); + factories.put(SearchTransform.TYPE, new SearchTransformFactory(settings, client, queryRegistry, null, null, scriptService)); TransformRegistry registry = new TransformRegistry(Settings.EMPTY, unmodifiableMap(factories)); return registry; } From b3ba1be659c7268e52b965ba7806e86aaa318633 Mon Sep 17 00:00:00 2001 From: Yannick Welsch Date: Thu, 23 Jun 2016 10:01:02 +0200 Subject: [PATCH 18/29] Fix checkstyle line length limit Original commit: elastic/x-pack-elasticsearch@717ab001d192be73af23b733299179567061b913 --- .../test/java/org/elasticsearch/messy/tests/SearchInputIT.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java index 2e8cb6c1bd1..f7404aeebf2 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java @@ -313,7 +313,8 @@ public class SearchInputIT extends ESIntegTestCase { .from("{{ctx.trigger.scheduled_time}}||-30s").to("{{ctx.trigger.triggered_time}}")))); TimeValue timeout = randomBoolean() ? TimeValue.timeValueSeconds(randomInt(10)) : null; - XContentBuilder builder = jsonBuilder().value(new SearchInput(new WatcherSearchTemplateRequest(searchRequest), null, timeout, null)); + XContentBuilder builder = jsonBuilder().value( + new SearchInput(new WatcherSearchTemplateRequest(searchRequest), null, timeout, null)); XContentParser parser = JsonXContent.jsonXContent.createParser(builder.bytes()); parser.nextToken(); From 77a641b0fc6e70b0d176c7064c37f10eb971dc65 Mon Sep 17 00:00:00 2001 From: Tanguy Leroux Date: Thu, 23 Jun 2016 10:26:45 +0200 Subject: [PATCH 19/29] Mute SecurityCachePermissionIT as it was before Original commit: elastic/x-pack-elasticsearch@89c40f7bc0eb06ad0c361607cbaec976397038b1 --- .../elasticsearch/messy/tests/SecurityCachePermissionIT.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java index d679370840b..99903025602 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SecurityCachePermissionIT.java @@ -30,7 +30,7 @@ import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordTok import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.is; -//@SecurityIntegTestCase.AwaitsFix(bugUrl = "clean up test to not use mustache templates, otherwise needs many resources here") +@SecurityIntegTestCase.AwaitsFix(bugUrl = "clean up test to not use mustache templates, otherwise needs many resources here") public class SecurityCachePermissionIT extends SecurityIntegTestCase { static final String READ_ONE_IDX_USER = "read_user"; From a20fb42b70eace53852093fde97973c1ad3a9bec Mon Sep 17 00:00:00 2001 From: Tanguy Leroux Date: Thu, 23 Jun 2016 12:33:49 +0200 Subject: [PATCH 20/29] Fix SearchInputIT.testSearchIndexedTemplate Original commit: elastic/x-pack-elasticsearch@4011a7bc9b271970f285ef9ead75b594f2f226dc --- .../java/org/elasticsearch/messy/tests/SearchInputIT.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java index f7404aeebf2..635c40756dd 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java @@ -232,7 +232,9 @@ public class SearchInputIT extends ESIntegTestCase { assertNotNull(executedResult.executedRequest()); assertThat(executedResult.status(), is(Input.Result.Status.SUCCESS)); - assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + if (getNumShards("test-search-index").numPrimaries > 1) { + assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + } assertArrayEquals(executedResult.executedRequest().indices(), request.indices()); assertEquals(executedResult.executedRequest().indicesOptions(), request.indicesOptions()); From 74efdd4a948922d92015605b51648c8124d0781e Mon Sep 17 00:00:00 2001 From: Yannick Welsch Date: Thu, 23 Jun 2016 13:35:28 +0200 Subject: [PATCH 21/29] Disable failing test NodeStatsTests.testNodeStats Original commit: elastic/x-pack-elasticsearch@954badc4a4891be4cff6dccca750f2fda941ec2c --- .../elasticsearch/marvel/agent/resolver/node/NodeStatsTests.java | 1 + 1 file changed, 1 insertion(+) diff --git a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/node/NodeStatsTests.java b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/node/NodeStatsTests.java index 863e81fc0e6..3758a09d0c6 100644 --- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/node/NodeStatsTests.java +++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/agent/resolver/node/NodeStatsTests.java @@ -43,6 +43,7 @@ public class NodeStatsTests extends MarvelIntegTestCase { wipeMarvelIndices(); } + @AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/2588") public void testNodeStats() throws Exception { logger.debug("--> creating some indices for future node stats"); final int numDocs = between(50, 150); From 6ed9f50457282c8a7702799a7db612d8c0f5b393 Mon Sep 17 00:00:00 2001 From: Tanguy Leroux Date: Fri, 24 Jun 2016 09:19:59 +0200 Subject: [PATCH 22/29] Fix SearchInputIT.testSearchInlineTemplate The search type is overridden from default to query_and_fetch by the search action if the number of shards to request is equal to 1 Original commit: elastic/x-pack-elasticsearch@a9552c697cd76ad67fbc6c315112b3fc82e948b1 --- .../java/org/elasticsearch/messy/tests/SearchInputIT.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java index 635c40756dd..bb5a50d38d3 100644 --- a/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java +++ b/elasticsearch/qa/messy-test-xpack-with-mustache/src/test/java/org/elasticsearch/messy/tests/SearchInputIT.java @@ -200,7 +200,9 @@ public class SearchInputIT extends ESIntegTestCase { assertNotNull(executedResult.executedRequest()); assertThat(executedResult.status(), is(Input.Result.Status.SUCCESS)); - assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + if (getNumShards("test-search-index").numPrimaries > 1) { + assertEquals(executedResult.executedRequest().searchType(), request.searchType()); + } assertArrayEquals(executedResult.executedRequest().indices(), request.indices()); assertEquals(executedResult.executedRequest().indicesOptions(), request.indicesOptions()); From f78f848681361cc3f94aaf322db257ba759e8e49 Mon Sep 17 00:00:00 2001 From: Alexander Reelsen Date: Fri, 24 Jun 2016 16:50:35 +0200 Subject: [PATCH 23/29] Watcher: Fix acknowledgement REST API endpoints Add new REST API endpoint to acknoweldging actions. The old endpoints have not been removed as part of this PR, but can be in the next major version. Update the documentation to remove the parameter based example, and mention that the old endpoints are going to be removed in the future. Closes elastic/elasticsearch#2517 Original commit: elastic/x-pack-elasticsearch@e2558e9e1fc1bff622d50610b6c8f6faf3b67558 --- .../xpack/watcher/rest/action/RestAckWatchAction.java | 3 +++ .../resources/rest-api-spec/api/xpack.watcher.ack_watch.json | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/rest/action/RestAckWatchAction.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/rest/action/RestAckWatchAction.java index 3b617c3f32e..14793d636c3 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/rest/action/RestAckWatchAction.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/rest/action/RestAckWatchAction.java @@ -33,6 +33,9 @@ public class RestAckWatchAction extends WatcherRestHandler { super(settings, client); controller.registerHandler(RestRequest.Method.PUT, URI_BASE + "/watch/{id}/_ack", this); controller.registerHandler(RestRequest.Method.POST, URI_BASE + "/watch/{id}/_ack", this); + controller.registerHandler(RestRequest.Method.POST, URI_BASE + "/watch/{id}/_ack/{actions}", this); + controller.registerHandler(RestRequest.Method.PUT, URI_BASE + "/watch/{id}/_ack/{actions}", this); + // these are going to be removed in 6.0 controller.registerHandler(RestRequest.Method.PUT, URI_BASE + "/watch/{id}/{actions}/_ack", this); controller.registerHandler(RestRequest.Method.POST, URI_BASE + "/watch/{id}/{actions}/_ack", this); } diff --git a/elasticsearch/x-pack/watcher/src/test/resources/rest-api-spec/api/xpack.watcher.ack_watch.json b/elasticsearch/x-pack/watcher/src/test/resources/rest-api-spec/api/xpack.watcher.ack_watch.json index 0193a94325d..23bc912a569 100644 --- a/elasticsearch/x-pack/watcher/src/test/resources/rest-api-spec/api/xpack.watcher.ack_watch.json +++ b/elasticsearch/x-pack/watcher/src/test/resources/rest-api-spec/api/xpack.watcher.ack_watch.json @@ -4,7 +4,7 @@ "methods": [ "PUT", "POST" ], "url": { "path": "/_xpack/watcher/watch/{watch_id}/_ack", - "paths": [ "/_xpack/watcher/watch/{watch_id}/_ack", "/_xpack/watcher/watch/{watch_id}/{action_id}/_ack"], + "paths": [ "/_xpack/watcher/watch/{watch_id}/_ack", "/_xpack/watcher/watch/{watch_id}/_ack/{action_id}"], "parts": { "watch_id": { "type" : "string", From 4990296a5c68197020b1b67cec8dc26f85b8f525 Mon Sep 17 00:00:00 2001 From: Lee Hinman Date: Fri, 24 Jun 2016 12:00:24 -0600 Subject: [PATCH 24/29] Remove too-strict validation of role names When parsing the privileges, we now no longer throw an exception if there haven't been any names parsed out. This is not an issue though, because we validate that the `names` array is not empty when we parse it, and that it's not `null` before returning from the function. Adds a rest test that sends things out of order to test this still works. Resolves elastic/elasticsearch#2606 Original commit: elastic/x-pack-elasticsearch@62a38bea8f38f9d012adb8469e5fcca7fa8fc046 --- .../xpack/security/authz/RoleDescriptor.java | 4 ---- .../rest-api-spec/test/roles/10_basic.yaml | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/RoleDescriptor.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/RoleDescriptor.java index 9ab3dd6f329..46cfa97c6aa 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/RoleDescriptor.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/RoleDescriptor.java @@ -235,10 +235,6 @@ public class RoleDescriptor implements ToXContent { } } else if (ParseFieldMatcher.STRICT.match(currentFieldName, Fields.PRIVILEGES)) { privileges = readStringArray(roleName, parser, true); - if (names.length == 0) { - throw new ElasticsearchParseException("failed to parse indices privileges for role [{}]. [{}] cannot be an empty " + - "array", roleName, currentFieldName); - } } else if (ParseFieldMatcher.STRICT.match(currentFieldName, Fields.FIELDS)) { fields = readStringArray(roleName, parser, true); } else { diff --git a/elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/10_basic.yaml b/elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/10_basic.yaml index 6f4695a8c18..9e5898103c6 100644 --- a/elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/10_basic.yaml +++ b/elasticsearch/x-pack/security/src/test/resources/rest-api-spec/test/roles/10_basic.yaml @@ -22,6 +22,21 @@ } - match: { role: { created: true } } + - do: + xpack.security.put_role: + name: "backwards_role" + body: > + { + "cluster": ["all"], + "indices": [ + { + "privileges": ["all"], + "names": "*" + } + ] + } + - match: { role: { created: true } } + - do: xpack.security.put_user: username: "joe" From 32c9f8612433ca6c661ea5c5847fd6e913b1f687 Mon Sep 17 00:00:00 2001 From: Alexander Reelsen Date: Mon, 27 Jun 2016 10:45:10 +0200 Subject: [PATCH 25/29] Watcher: Support for inline attachments (elastic/elasticsearch#2601) If an attachment is configured of disposition type INLINE, and is referred to in HTML body parts, then some email clients can display images inside of an HTML email and refer to those attachments. Watcher already had support for inlined attachments, however this could not be configured from a watch, but just via the Java API. Also it was not tested. This commit changes the attachment to decide on creation if it should be inline or a regular attachment and adds a test. Relates elastic/elasticsearch#2381 Relates elastic/elasticsearch#2464 Closes elastic/elasticsearch#2557 Original commit: elastic/x-pack-elasticsearch@84935ffb1884048a9b936eda718fe49cba6ca1cc --- .../xpack/notification/email/Attachment.java | 110 ++++++++-- .../xpack/notification/email/Email.java | 21 +- .../xpack/notification/email/Inline.java | 189 ------------------ .../xpack/notification/email/Profile.java | 12 +- .../email/attachment/DataAttachment.java | 6 + .../attachment/EmailAttachmentParser.java | 8 + .../HttpEmailAttachementParser.java | 14 +- .../attachment/HttpRequestAttachment.java | 24 ++- .../xpack/notification/email/EmailTests.java | 3 +- .../email/ManualPublicSmtpServersTester.java | 3 +- .../notification/email/ProfileTests.java | 62 ++++++ .../EmailAttachmentParsersTests.java | 13 +- .../HttpEmailAttachementParserTests.java | 14 +- .../actions/email/EmailActionTests.java | 3 +- .../actions/email/EmailAttachmentTests.java | 3 - 15 files changed, 228 insertions(+), 257 deletions(-) delete mode 100644 elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Inline.java create mode 100644 elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ProfileTests.java diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Attachment.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Attachment.java index f05a995f995..34b848bc55d 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Attachment.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Attachment.java @@ -7,6 +7,7 @@ package org.elasticsearch.xpack.notification.email; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.common.SuppressForbidden; +import org.elasticsearch.common.inject.Provider; import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentType; @@ -16,19 +17,26 @@ import javax.activation.DataHandler; import javax.activation.DataSource; import javax.activation.FileDataSource; import javax.mail.MessagingException; -import javax.mail.Part; import javax.mail.internet.MimeBodyPart; import javax.mail.util.ByteArrayDataSource; import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; import java.nio.file.Path; +import static javax.mail.Part.ATTACHMENT; +import static javax.mail.Part.INLINE; + /** * */ public abstract class Attachment extends BodyPartSource { - protected Attachment(String id, String name, String contentType) { + private final boolean inline; + + protected Attachment(String id, String name, String contentType, boolean inline) { super(id, name, contentType); + this.inline = inline; } @Override @@ -36,13 +44,17 @@ public abstract class Attachment extends BodyPartSource { MimeBodyPart part = new MimeBodyPart(); part.setContentID(id); part.setFileName(name); - part.setDisposition(Part.ATTACHMENT); + part.setDisposition(inline ? INLINE : ATTACHMENT); writeTo(part); return part; } public abstract String type(); + public boolean isInline() { + return inline; + } + /** * intentionally not emitting path as it may come as an information leak */ @@ -65,22 +77,22 @@ public abstract class Attachment extends BodyPartSource { private final Path path; private final DataSource dataSource; - public File(String id, Path path) { - this(id, path.getFileName().toString(), path); + public File(String id, Path path, boolean inline) { + this(id, path.getFileName().toString(), path, inline); } - public File(String id, Path path, String contentType) { - this(id, path.getFileName().toString(), path, contentType); + public File(String id, Path path, String contentType, boolean inline) { + this(id, path.getFileName().toString(), path, contentType, inline); } @SuppressForbidden(reason = "uses toFile") - public File(String id, String name, Path path) { - this(id, name, path, fileTypeMap.getContentType(path.toFile())); + public File(String id, String name, Path path, boolean inline) { + this(id, name, path, fileTypeMap.getContentType(path.toFile()), inline); } @SuppressForbidden(reason = "uses toFile") - public File(String id, String name, Path path, String contentType) { - super(id, name, contentType); + public File(String id, String name, Path path, String contentType, boolean inline) { + super(id, name, contentType, inline); this.path = path; this.dataSource = new FileDataSource(path.toFile()); } @@ -105,16 +117,16 @@ public abstract class Attachment extends BodyPartSource { private final byte[] bytes; - public Bytes(String id, byte[] bytes, String contentType) { - this(id, id, bytes, contentType); + public Bytes(String id, byte[] bytes, String contentType, boolean inline) { + this(id, id, bytes, contentType, inline); } - public Bytes(String id, String name, byte[] bytes) { - this(id, name, bytes, fileTypeMap.getContentType(name)); + public Bytes(String id, String name, byte[] bytes, boolean inline) { + this(id, name, bytes, fileTypeMap.getContentType(name), inline); } - public Bytes(String id, String name, byte[] bytes, String contentType) { - super(id, name, contentType); + public Bytes(String id, String name, byte[] bytes, String contentType, boolean inline) { + super(id, name, contentType, inline); this.bytes = bytes; } @@ -134,6 +146,68 @@ public abstract class Attachment extends BodyPartSource { } } + public static class Stream extends Attachment { + + static final String TYPE = "stream"; + + private final Provider source; + + public Stream(String id, String name, boolean inline, Provider source) { + this(id, name, fileTypeMap.getContentType(name), inline, source); + } + + public Stream(String id, String name, String contentType, boolean inline, Provider source) { + super(id, name, contentType, inline); + this.source = source; + } + + @Override + public String type() { + return TYPE; + } + + @Override + protected void writeTo(MimeBodyPart part) throws MessagingException { + DataSource ds = new StreamDataSource(name, contentType, source); + DataHandler dh = new DataHandler(ds); + part.setDataHandler(dh); + } + + static class StreamDataSource implements DataSource { + + private final String name; + private final String contentType; + private final Provider source; + + public StreamDataSource(String name, String contentType, Provider source) { + this.name = name; + this.contentType = contentType; + this.source = source; + } + + @Override + public InputStream getInputStream() throws IOException { + return source.get(); + } + + @Override + public OutputStream getOutputStream() throws IOException { + throw new UnsupportedOperationException(); + } + + @Override + public String getContentType() { + return contentType; + } + + @Override + public String getName() { + return name; + } + } + + } + public static class XContent extends Bytes { protected XContent(String id, ToXContent content, XContentType type) { @@ -141,7 +215,7 @@ public abstract class Attachment extends BodyPartSource { } protected XContent(String id, String name, ToXContent content, XContentType type) { - super(id, name, bytes(name, content, type), mimeType(type)); + super(id, name, bytes(name, content, type), mimeType(type), false); } static String mimeType(XContentType type) { diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Email.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Email.java index 99e8f33cd7d..c44f0f979dd 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Email.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Email.java @@ -49,11 +49,10 @@ public class Email implements ToXContent { final String textBody; final String htmlBody; final Map attachments; - final Map inlines; public Email(String id, Address from, AddressList replyTo, Priority priority, DateTime sentDate, AddressList to, AddressList cc, AddressList bcc, String subject, String textBody, String htmlBody, - Map attachments, Map inlines) { + Map attachments) { this.id = id; this.from = from; @@ -67,7 +66,6 @@ public class Email implements ToXContent { this.textBody = textBody; this.htmlBody = htmlBody; this.attachments = attachments; - this.inlines = inlines; } public String id() { @@ -118,10 +116,6 @@ public class Email implements ToXContent { return attachments; } - public Map inlines() { - return inlines; - } - @Override public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { builder.startObject(); @@ -249,7 +243,6 @@ public class Email implements ToXContent { private String textBody; private String htmlBody; private Map attachments = new HashMap<>(); - private Map inlines = new HashMap<>(); private Builder() { } @@ -267,7 +260,6 @@ public class Email implements ToXContent { textBody = email.textBody; htmlBody = email.htmlBody; attachments.putAll(email.attachments); - inlines.putAll(email.inlines); return this; } @@ -358,14 +350,6 @@ public class Email implements ToXContent { return this; } - public Builder inline(Inline inline) { - if (inlines == null) { - throw new IllegalStateException("Email has already been built!"); - } - inlines.put(inline.id(), inline); - return this; - } - /** * Build the email. Note that adding items to attachments or inlines * after this is called is incorrect. @@ -373,9 +357,8 @@ public class Email implements ToXContent { public Email build() { assert id != null : "email id should not be null (should be set to the watch id"; Email email = new Email(id, from, replyTo, priority, sentDate, to, cc, bcc, subject, textBody, htmlBody, - unmodifiableMap(attachments), unmodifiableMap(inlines)); + unmodifiableMap(attachments)); attachments = null; - inlines = null; return email; } diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Inline.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Inline.java deleted file mode 100644 index d8043da494a..00000000000 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Inline.java +++ /dev/null @@ -1,189 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -package org.elasticsearch.xpack.notification.email; - -import org.elasticsearch.common.SuppressForbidden; -import org.elasticsearch.common.bytes.BytesArray; -import org.elasticsearch.common.bytes.BytesReference; -import org.elasticsearch.common.inject.Provider; -import org.elasticsearch.common.xcontent.XContentBuilder; -import org.elasticsearch.xpack.notification.email.support.BodyPartSource; - -import javax.activation.DataHandler; -import javax.activation.DataSource; -import javax.activation.FileDataSource; -import javax.mail.MessagingException; -import javax.mail.Part; -import javax.mail.internet.MimeBodyPart; -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.nio.file.Path; - -/** - * - */ -public abstract class Inline extends BodyPartSource { - - protected Inline(String id, String name, String contentType) { - super(id, name, contentType); - } - - public abstract String type(); - - @Override - public final MimeBodyPart bodyPart() throws MessagingException { - MimeBodyPart part = new MimeBodyPart(); - part.setDisposition(Part.INLINE); - part.setContentID(id); - part.setFileName(name); - writeTo(part); - return part; - } - - /** - * intentionally not emitting path as it may come as an information leak - */ - @Override - public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { - return builder.startObject() - .field("type", type()) - .field("id", id) - .field("name", name) - .field("content_type", contentType) - .endObject(); - } - - protected abstract void writeTo(MimeBodyPart part) throws MessagingException; - - public static class File extends Inline { - - static final String TYPE = "file"; - - private final Path path; - private DataSource dataSource; - - public File(String id, Path path) { - this(id, path.getFileName().toString(), path); - } - - @SuppressForbidden(reason = "uses toFile") - public File(String id, String name, Path path) { - this(id, name, path, fileTypeMap.getContentType(path.toFile())); - } - - @SuppressForbidden(reason = "uses toFile") - public File(String id, String name, Path path, String contentType) { - super(id, name, contentType); - this.path = path; - this.dataSource = new FileDataSource(path.toFile()); - } - - public Path path() { - return path; - } - - public String type() { - return TYPE; - } - - @Override - public void writeTo(MimeBodyPart part) throws MessagingException { - part.setDataHandler(new DataHandler(dataSource, contentType)); - } - } - - public static class Stream extends Inline { - - static final String TYPE = "stream"; - - private final Provider source; - - public Stream(String id, String name, Provider source) { - this(id, name, fileTypeMap.getContentType(name), source); - } - - public Stream(String id, String name, String contentType, Provider source) { - super(id, name, contentType); - this.source = source; - } - - @Override - public String type() { - return TYPE; - } - - @Override - protected void writeTo(MimeBodyPart part) throws MessagingException { - DataSource ds = new StreamDataSource(name, contentType, source); - DataHandler dh = new DataHandler(ds); - part.setDataHandler(dh); - } - - static class StreamDataSource implements DataSource { - - private final String name; - private final String contentType; - private final Provider source; - - public StreamDataSource(String name, String contentType, Provider source) { - this.name = name; - this.contentType = contentType; - this.source = source; - } - - @Override - public InputStream getInputStream() throws IOException { - return source.get(); - } - - @Override - public OutputStream getOutputStream() throws IOException { - throw new UnsupportedOperationException(); - } - - @Override - public String getContentType() { - return contentType; - } - - @Override - public String getName() { - return name; - } - } - } - - public static class Bytes extends Stream { - - public Bytes(String id, String name, String contentType, byte[] bytes) { - super(id, name, contentType, new BytesStreamProvider(bytes)); - } - - public Bytes(String id, String name, String contentType, BytesReference bytes) { - super(id, name, contentType, new BytesStreamProvider(bytes)); - } - - static class BytesStreamProvider implements Provider { - - private final BytesReference bytes; - - public BytesStreamProvider(byte[] bytes) { - this(new BytesArray(bytes)); - } - - public BytesStreamProvider(BytesReference bytes) { - this.bytes = bytes; - } - - @Override - public InputStream get() { - return new ByteArrayInputStream(bytes.array(), bytes.arrayOffset(), bytes.length()); - } - } - } -} diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Profile.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Profile.java index b39ee8cb1a7..9c31063bded 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Profile.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/Profile.java @@ -92,15 +92,13 @@ public enum Profile implements ToXContent { alternative.addBodyPart(html); } - if (!email.inlines.isEmpty()) { - for (Inline inline : email.inlines.values()) { - related.addBodyPart(inline.bodyPart()); - } - } - if (!email.attachments.isEmpty()) { for (Attachment attachment : email.attachments.values()) { - mixed.addBodyPart(attachment.bodyPart()); + if (attachment.isInline()) { + related.addBodyPart(attachment.bodyPart()); + } else { + mixed.addBodyPart(attachment.bodyPart()); + } } } diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/DataAttachment.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/DataAttachment.java index 8678daae382..3327380b7c2 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/DataAttachment.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/DataAttachment.java @@ -54,10 +54,16 @@ public class DataAttachment implements EmailAttachmentParser.EmailAttachment { return Objects.hash(id, dataAttachment); } + @Override public String id() { return id; } + @Override + public boolean inline() { + return false; + } + public static Builder builder(String id) { return new Builder(id); } diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParser.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParser.java index a8ab0b1be38..b60cf89e5e3 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParser.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParser.java @@ -30,6 +30,14 @@ public interface EmailAttachmentParser { public interface Fields { + ParseField INLINE = new ParseField("inline"); ParseField REQUEST = new ParseField("request"); ParseField CONTENT_TYPE = new ParseField("content_type"); } @@ -56,6 +57,7 @@ public class HttpEmailAttachementParser implements EmailAttachmentParserBODY

", "", null); Map attachments = null; - Map inlines = null; - Email email = new Email(id, from, replyTo, priority, sentDate, to, cc, bcc, subject, textBody, htmlBody, attachments, inlines); + Email email = new Email(id, from, replyTo, priority, sentDate, to, cc, bcc, subject, textBody, htmlBody, attachments); XContentBuilder builder = XContentFactory.jsonBuilder(); email.toXContent(builder, ToXContent.EMPTY_PARAMS); diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java index 69b18898c94..997329ff106 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java @@ -109,7 +109,8 @@ public class ManualPublicSmtpServersTester { .textBody("_text_body") .htmlBody("html body

") .attach(new Attachment.XContent.Yaml("test.yml", content)) - .inline(new Inline.Stream("logo.png", "logo.png", () -> InternalEmailServiceTests.class.getResourceAsStream(path))) + .attach(new Attachment.Stream("logo.png", "logo.png", true, + () -> InternalEmailServiceTests.class.getResourceAsStream(path))) .build(); EmailService.EmailSent sent = service.send(email, null, profile); diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ProfileTests.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ProfileTests.java new file mode 100644 index 00000000000..bda4490a98a --- /dev/null +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ProfileTests.java @@ -0,0 +1,62 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +package org.elasticsearch.xpack.notification.email; + +import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.test.ESTestCase; +import org.elasticsearch.xpack.common.secret.SecretService; + +import javax.mail.BodyPart; +import javax.mail.Part; +import javax.mail.Session; +import javax.mail.internet.MimeMessage; +import javax.mail.internet.MimeMultipart; + +import static org.hamcrest.Matchers.instanceOf; +import static org.hamcrest.Matchers.is; + +public class ProfileTests extends ESTestCase { + + public void testThatInlineAttachmentsAreCreated() throws Exception { + String path = "/org/elasticsearch/xpack/watcher/actions/email/service/logo.png"; + Attachment attachment = new Attachment.Stream("inline.png", "inline.png", true, + () -> InternalEmailServiceTests.class.getResourceAsStream(path)); + + Email email = Email.builder() + .id("foo") + .from("foo@example.org") + .to("bar@example.org") + .subject(randomAsciiOfLength(10)) + .attach(attachment) + .build(); + + Settings settings = Settings.builder() + .put("default_account", "foo") + .put("account.foo.smtp.host", "_host") + .build(); + + Accounts accounts = new Accounts(settings, SecretService.Insecure.INSTANCE, logger); + Session session = accounts.account("foo").getConfig().createSession(); + MimeMessage mimeMessage = Profile.STANDARD.toMimeMessage(email, session); + + Object content = ((MimeMultipart) mimeMessage.getContent()).getBodyPart(0).getContent(); + assertThat(content, instanceOf(MimeMultipart.class)); + MimeMultipart multipart = (MimeMultipart) content; + + assertThat(multipart.getCount(), is(2)); + boolean foundInlineAttachment = false; + BodyPart bodyPart = null; + for (int i = 0; i < multipart.getCount(); i++) { + bodyPart = multipart.getBodyPart(i); + if (Part.INLINE.equalsIgnoreCase(bodyPart.getDisposition())) { + foundInlineAttachment = true; + break; + } + } + + assertThat("Expected to find an inline attachment in mime message, but didnt", foundInlineAttachment, is(true)); + } +} \ No newline at end of file diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java index a165c876bea..afe3c7639e5 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java @@ -93,7 +93,8 @@ public class EmailAttachmentParsersTests extends ESTestCase { attachments.add(new DataAttachment("my-name.json", org.elasticsearch.xpack.notification.email.DataAttachment.JSON)); HttpRequestTemplate requestTemplate = HttpRequestTemplate.builder("localhost", 80).scheme(Scheme.HTTP).path("/").build(); - HttpRequestAttachment httpRequestAttachment = new HttpRequestAttachment("other-id", requestTemplate, null); + boolean inline = randomBoolean(); + HttpRequestAttachment httpRequestAttachment = new HttpRequestAttachment("other-id", requestTemplate, inline, null); attachments.add(httpRequestAttachment); EmailAttachments emailAttachments = new EmailAttachments(attachments); @@ -105,6 +106,9 @@ public class EmailAttachmentParsersTests extends ESTestCase { assertThat(builder.string(), containsString("other-id")); assertThat(builder.string(), containsString("localhost")); assertThat(builder.string(), containsString("/")); + if (inline) { + assertThat(builder.string(), containsString("inline")); + } } public void testThatTwoAttachmentsWithTheSameIdThrowError() throws Exception { @@ -161,7 +165,7 @@ public class EmailAttachmentParsersTests extends ESTestCase { @Override public Attachment toAttachment(WatchExecutionContext ctx, Payload payload, TestEmailAttachment attachment) { - return new Attachment.Bytes(attachment.id(), attachment.getValue().getBytes(Charsets.UTF_8), "personalContentType"); + return new Attachment.Bytes(attachment.id(), attachment.getValue().getBytes(Charsets.UTF_8), "personalContentType", false); } } @@ -193,6 +197,11 @@ public class EmailAttachmentParsersTests extends ESTestCase { return id; } + @Override + public boolean inline() { + return false; + } + @Override public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException { return builder.startObject(id) diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/HttpEmailAttachementParserTests.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/HttpEmailAttachementParserTests.java index 7c643ac9f15..f9c9e4d285c 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/HttpEmailAttachementParserTests.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/HttpEmailAttachementParserTests.java @@ -37,15 +37,13 @@ import static org.mockito.Mockito.when; public class HttpEmailAttachementParserTests extends ESTestCase { - private SecretService.Insecure secretService; - private HttpAuthRegistry authRegistry; private HttpRequestTemplate.Parser httpRequestTemplateParser; private HttpClient httpClient; @Before public void init() throws Exception { - secretService = SecretService.Insecure.INSTANCE; - authRegistry = new HttpAuthRegistry(singletonMap(BasicAuth.TYPE, new BasicAuthFactory(secretService))); + SecretService.Insecure secretService = SecretService.Insecure.INSTANCE; + HttpAuthRegistry authRegistry = new HttpAuthRegistry(singletonMap(BasicAuth.TYPE, new BasicAuthFactory(secretService))); httpRequestTemplateParser = new HttpRequestTemplate.Parser(authRegistry); httpClient = mock(HttpClient.class); @@ -77,9 +75,12 @@ public class HttpEmailAttachementParserTests extends ESTestCase { if (configureContentType) { builder.field("content_type", "application/foo"); } + boolean isInline = randomBoolean(); + if (isInline) { + builder.field("inline", true); + } builder.endObject().endObject().endObject(); XContentParser parser = JsonXContent.jsonXContent.createParser(builder.bytes()); - logger.info("JSON: {}", builder.string()); EmailAttachments emailAttachments = emailAttachmentsParser.parse(parser); assertThat(emailAttachments.getAttachments(), hasSize(1)); @@ -89,6 +90,7 @@ public class HttpEmailAttachementParserTests extends ESTestCase { attachments.get(0).toXContent(toXcontentBuilder, ToXContent.EMPTY_PARAMS); toXcontentBuilder.endObject(); assertThat(toXcontentBuilder.string(), is(builder.string())); - } + assertThat(attachments.get(0).inline(), is(isInline)); + } } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java index 8198b6f5802..7abde616b45 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java @@ -610,7 +610,8 @@ public class EmailActionTests extends ESTestCase { when(httpClient.execute(any(HttpRequest.class))).thenReturn(mockResponse); HttpRequestTemplate template = HttpRequestTemplate.builder("localhost", 1234).build(); - attachments.add(new HttpRequestAttachment(randomAsciiOfLength(10), template, randomFrom("my/custom-type", null))); + attachments.add(new HttpRequestAttachment(randomAsciiOfLength(10), template, + randomBoolean(), randomFrom("my/custom-type", null))); } else if ("data".equals(attachmentType)) { attachments.add(new org.elasticsearch.xpack.notification.email.attachment.DataAttachment(randomAsciiOfLength(10), randomFrom(DataAttachment.JSON, DataAttachment.YAML))); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailAttachmentTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailAttachmentTests.java index 242675561d5..107c71b1842 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailAttachmentTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailAttachmentTests.java @@ -207,7 +207,4 @@ public class EmailAttachmentTests extends AbstractWatcherIntegrationTestCase { fail("waited too long for email to be received"); } } - - - } From ebf00cc9e548baec9e79e91a59c3f6137acc72df Mon Sep 17 00:00:00 2001 From: Alexander Reelsen Date: Mon, 27 Jun 2016 11:07:15 +0200 Subject: [PATCH 26/29] Dependencies: Upgrade jimfs to 1.1 removed unneeded guava calls (elastic/elasticsearch#2614) Guava should only be used by the HTML sanitizer and no other code Original commit: elastic/x-pack-elasticsearch@6a20674768a8eb19bf6626bea8d64aeff32d1e43 --- elasticsearch/x-pack/build.gradle | 2 +- .../elasticsearch/xpack/common/http/HttpResponse.java | 5 ++--- .../xpack/common/http/HttpResponseTests.java | 9 ++++----- .../email/ManualPublicSmtpServersTester.java | 8 ++++---- .../email/attachment/EmailAttachmentParsersTests.java | 9 +++++---- .../watcher/support/WatcherIndexTemplateRegistry.java | 6 +++--- .../xpack/watcher/actions/email/EmailActionTests.java | 4 ++-- .../watcher/rest/action/RestExecuteWatchActionTests.java | 9 +++++---- 8 files changed, 26 insertions(+), 26 deletions(-) diff --git a/elasticsearch/x-pack/build.gradle b/elasticsearch/x-pack/build.gradle index e1f75abd90a..391172ce60b 100644 --- a/elasticsearch/x-pack/build.gradle +++ b/elasticsearch/x-pack/build.gradle @@ -29,7 +29,7 @@ dependencies { compile 'com.unboundid:unboundid-ldapsdk:2.3.8' compile 'org.bouncycastle:bcprov-jdk15on:1.54' compile 'org.bouncycastle:bcpkix-jdk15on:1.54' - testCompile 'com.google.jimfs:jimfs:1.0' + testCompile 'com.google.jimfs:jimfs:1.1' // watcher deps compile 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:r239' diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/common/http/HttpResponse.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/common/http/HttpResponse.java index 1c66dc2f1a5..ca469cba782 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/common/http/HttpResponse.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/common/http/HttpResponse.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.common.http; -import com.google.common.collect.ImmutableMap; import org.elasticsearch.ElasticsearchParseException; import org.elasticsearch.common.Nullable; import org.elasticsearch.common.ParseField; @@ -87,11 +86,11 @@ public class HttpResponse implements ToXContent { * in the payload */ public Map> headers() { - ImmutableMap.Builder> builder = ImmutableMap.builder(); + MapBuilder> builder = MapBuilder.newMapBuilder(); for (Map.Entry entry : headers.entrySet()) { builder.put(entry.getKey().toLowerCase(Locale.ROOT), Arrays.asList(entry.getValue())); } - return builder.build(); + return builder.immutableMap(); } public String[] header(String header) { diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/common/http/HttpResponseTests.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/common/http/HttpResponseTests.java index 7b03f3f3cc9..62056df9dff 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/common/http/HttpResponseTests.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/common/http/HttpResponseTests.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.common.http; -import com.google.common.collect.Lists; import org.elasticsearch.common.bytes.BytesArray; import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.xcontent.ToXContent; @@ -13,9 +12,9 @@ import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentFactory; import org.elasticsearch.common.xcontent.XContentParser; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.xpack.common.http.HttpResponse; import java.nio.charset.StandardCharsets; +import java.util.Collections; import java.util.HashMap; import java.util.Map; @@ -29,8 +28,8 @@ import static org.hamcrest.Matchers.hasEntry; import static org.hamcrest.Matchers.hasKey; import static org.hamcrest.Matchers.instanceOf; import static org.hamcrest.Matchers.is; -import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.not; +import static org.hamcrest.Matchers.notNullValue; /** * @@ -122,9 +121,9 @@ public class HttpResponseTests extends ESTestCase { Map responseHeaders = (Map) responseMap.get("headers"); assertThat(responseHeaders, not(hasKey("es.index"))); - assertThat(responseHeaders, hasEntry("es_index", Lists.newArrayList("value"))); + assertThat(responseHeaders, hasEntry("es_index", Collections.singletonList("value"))); assertThat(responseHeaders, not(hasKey("es.index.2"))); - assertThat(responseHeaders, hasEntry("es_index_2", Lists.newArrayList("value"))); + assertThat(responseHeaders, hasEntry("es_index_2", Collections.singletonList("value"))); } } diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java index 997329ff106..b648136513e 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/ManualPublicSmtpServersTester.java @@ -6,18 +6,16 @@ package org.elasticsearch.xpack.notification.email; import org.apache.lucene.util.LuceneTestCase.AwaitsFix; +import org.elasticsearch.ElasticsearchException; import org.elasticsearch.cli.Terminal; import org.elasticsearch.common.settings.ClusterSettings; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.xpack.common.secret.SecretService; -import java.io.InputStream; import java.util.Collections; import java.util.Locale; -import static com.google.common.base.Preconditions.checkNotNull; - @AwaitsFix(bugUrl = "https://github.com/elastic/x-plugins/issues/379") public class ManualPublicSmtpServersTester { @@ -92,7 +90,9 @@ public class ManualPublicSmtpServersTester { static void test(Profile profile, Settings.Builder settingsBuilder) throws Exception { String path = "/org/elasticsearch/xpack/watcher/actions/email/service/logo.png"; - checkNotNull(InternalEmailServiceTests.class.getResourceAsStream(path)); + if (InternalEmailServiceTests.class.getResourceAsStream(path) == null) { + throw new ElasticsearchException("Could not find logo at path {}", path); + } InternalEmailService service = startEmailService(settingsBuilder); try { diff --git a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java index afe3c7639e5..8a7c1b90593 100644 --- a/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java +++ b/elasticsearch/x-pack/src/test/java/org/elasticsearch/xpack/notification/email/attachment/EmailAttachmentParsersTests.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.notification.email.attachment; -import com.google.common.base.Charsets; import org.elasticsearch.ElasticsearchParseException; import org.elasticsearch.common.ParseField; import org.elasticsearch.common.xcontent.ToXContent; @@ -13,13 +12,14 @@ import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentParser; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; import org.elasticsearch.xpack.common.http.HttpRequestTemplate; import org.elasticsearch.xpack.common.http.Scheme; -import org.elasticsearch.xpack.watcher.watch.Payload; import org.elasticsearch.xpack.notification.email.Attachment; +import org.elasticsearch.xpack.watcher.execution.WatchExecutionContext; +import org.elasticsearch.xpack.watcher.watch.Payload; import java.io.IOException; +import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; @@ -165,7 +165,8 @@ public class EmailAttachmentParsersTests extends ESTestCase { @Override public Attachment toAttachment(WatchExecutionContext ctx, Payload payload, TestEmailAttachment attachment) { - return new Attachment.Bytes(attachment.id(), attachment.getValue().getBytes(Charsets.UTF_8), "personalContentType", false); + return new Attachment.Bytes(attachment.id(), attachment.getValue().getBytes(StandardCharsets.UTF_8), + "personalContentType", false); } } diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/WatcherIndexTemplateRegistry.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/WatcherIndexTemplateRegistry.java index 759acab3fd0..eb5c563abd1 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/WatcherIndexTemplateRegistry.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/xpack/watcher/support/WatcherIndexTemplateRegistry.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.watcher.support; -import com.google.common.base.Charsets; import org.elasticsearch.action.admin.indices.template.put.PutIndexTemplateRequest; import org.elasticsearch.action.admin.indices.template.put.PutIndexTemplateResponse; import org.elasticsearch.cluster.ClusterChangedEvent; @@ -21,9 +20,10 @@ import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.gateway.GatewayService; import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.xpack.security.InternalClient; -import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; import org.elasticsearch.xpack.template.TemplateUtils; +import org.elasticsearch.xpack.watcher.support.init.proxy.WatcherClientProxy; +import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.Map; import java.util.concurrent.Executor; @@ -168,7 +168,7 @@ public class WatcherIndexTemplateRegistry extends AbstractComponent implements C } executor.execute(() -> { final byte[] template = TemplateUtils.loadTemplate("/" + config.getFileName()+ ".json", INDEX_TEMPLATE_VERSION, - Pattern.quote("${xpack.watcher.template.version}")).getBytes(Charsets.UTF_8); + Pattern.quote("${xpack.watcher.template.version}")).getBytes(StandardCharsets.UTF_8); PutIndexTemplateRequest request = new PutIndexTemplateRequest(config.getTemplateName()).source(template); request.masterNodeTimeout(TimeValue.timeValueMinutes(1)); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java index 7abde616b45..538fdfb00f0 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/actions/email/EmailActionTests.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.watcher.actions.email; -import com.google.common.base.Charsets; import org.elasticsearch.ElasticsearchParseException; import org.elasticsearch.common.bytes.BytesReference; import org.elasticsearch.common.collect.MapBuilder; @@ -55,6 +54,7 @@ import org.junit.Before; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; +import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -478,7 +478,7 @@ public class EmailActionTests extends ESTestCase { Attachment externalAttachment = attachments.get(attachmentId); assertThat(externalAttachment.bodyPart(), is(notNullValue())); InputStream is = externalAttachment.bodyPart().getInputStream(); - String data = Streams.copyToString(new InputStreamReader(is, Charsets.UTF_8)); + String data = Streams.copyToString(new InputStreamReader(is, StandardCharsets.UTF_8)); assertThat(data, is(content)); } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/rest/action/RestExecuteWatchActionTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/rest/action/RestExecuteWatchActionTests.java index 97bf5762fc6..67dfd582455 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/rest/action/RestExecuteWatchActionTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/rest/action/RestExecuteWatchActionTests.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.watcher.rest.action; -import com.google.common.collect.Lists; import org.elasticsearch.client.Client; import org.elasticsearch.common.bytes.BytesArray; import org.elasticsearch.common.bytes.BytesReference; @@ -18,6 +17,8 @@ import org.elasticsearch.xpack.watcher.client.WatcherClient; import org.elasticsearch.xpack.watcher.transport.actions.execute.ExecuteWatchRequestBuilder; import org.elasticsearch.xpack.watcher.trigger.TriggerService; +import java.util.Arrays; + import static org.hamcrest.core.Is.is; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; @@ -32,9 +33,9 @@ public class RestExecuteWatchActionTests extends ESTestCase { public void testThatFlagsCanBeSpecifiedViaParameters() throws Exception { String randomId = randomAsciiOfLength(10); - for (String recordExecution : Lists.newArrayList("true", "false", null)) { - for (String ignoreCondition : Lists.newArrayList("true", "false", null)) { - for (String debugCondition : Lists.newArrayList("true", "false", null)) { + for (String recordExecution : Arrays.asList("true", "false", null)) { + for (String ignoreCondition : Arrays.asList("true", "false", null)) { + for (String debugCondition : Arrays.asList("true", "false", null)) { ExecuteWatchRequestBuilder builder = new ExecuteWatchRequestBuilder(client); when(watcherClient.prepareExecuteWatch()).thenReturn(builder); From 62a46a2e8d1c40583c20fc0777e710a9f1ac6131 Mon Sep 17 00:00:00 2001 From: Boaz Leskes Date: Mon, 27 Jun 2016 20:19:20 +0200 Subject: [PATCH 27/29] revert elastic/x-pack@0513ff416872cc3ec8f5482b5151d1a1dca22396 as https://github.com/elastic/elasticsearch/pull/18992 was reverted as well Original commit: elastic/x-pack-elasticsearch@febaaff8403f22a345b6ac2d11d6926b766e47fc --- .../integration/FieldLevelSecurityTests.java | 48 +++++++++---------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java index 4c4ec18f2e4..20569ae8b68 100644 --- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java @@ -709,9 +709,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { SearchResponse response = client() .filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user1", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(1)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -719,9 +719,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user2 is granted access to field2 only: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user2", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(1)); assertThat(response.getHits().getAt(0).fields().get("field2").getValue(), equalTo("value2")); @@ -729,9 +729,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user3 is granted access to field1 and field2: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user3", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(2)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -740,18 +740,18 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user4 is granted access to no fields: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user4", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(0)); // user5 has no field level security configured: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user5", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(3)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -761,9 +761,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user6 has field level security configured with access to field*: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user6", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(3)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -773,9 +773,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user7 has access to all fields due to a mix of roles without field level security and with: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user7", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(3)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); @@ -785,9 +785,9 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { // user8 has field level security configured with access to field1 and field2: response = client().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuthHeaderValue("user8", USERS_PASSWD))) .prepareSearch("test") - .addStoredField("field1") - .addStoredField("field2") - .addStoredField("field3") + .addField("field1") + .addField("field2") + .addField("field3") .get(); assertThat(response.getHits().getAt(0).fields().size(), equalTo(2)); assertThat(response.getHits().getAt(0).fields().get("field1").getValue(), equalTo("value1")); From a673c4403654e3c2336a30b258b315446d9639ca Mon Sep 17 00:00:00 2001 From: Nik Everett Date: Mon, 27 Jun 2016 15:04:17 -0400 Subject: [PATCH 28/29] Support IndicesModule list constructor Original commit: elastic/x-pack-elasticsearch@c88e2b82b70a49e21bcca66f2712ac88efeb0e9b --- .../accesscontrol/SecurityIndexSearcherWrapperUnitTests.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authz/accesscontrol/SecurityIndexSearcherWrapperUnitTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authz/accesscontrol/SecurityIndexSearcherWrapperUnitTests.java index 705dcbe9d5f..af998349d5a 100644 --- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authz/accesscontrol/SecurityIndexSearcherWrapperUnitTests.java +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authz/accesscontrol/SecurityIndexSearcherWrapperUnitTests.java @@ -64,6 +64,7 @@ import java.util.Collections; import java.util.IdentityHashMap; import java.util.Set; +import static java.util.Collections.emptyList; import static java.util.Collections.emptySet; import static java.util.Collections.singleton; import static java.util.Collections.singletonMap; @@ -94,7 +95,7 @@ public class SecurityIndexSearcherWrapperUnitTests extends ESTestCase { Collections.emptyMap(), Collections.emptyMap()); SimilarityService similarityService = new SimilarityService(indexSettings, Collections.emptyMap()); mapperService = new MapperService(indexSettings, analysisService, similarityService, - new IndicesModule(new NamedWriteableRegistry()).getMapperRegistry(), () -> null); + new IndicesModule(new NamedWriteableRegistry(), emptyList()).getMapperRegistry(), () -> null); ShardId shardId = new ShardId(index, 0); licenseState = mock(SecurityLicenseState.class); From b378ff780bd4e518c6df51af240731b6ac914e1c Mon Sep 17 00:00:00 2001 From: Jason Tedor Date: Mon, 27 Jun 2016 12:36:18 -0400 Subject: [PATCH 29/29] Modify poll interval setting in native realm test This commit modifies the construction of the poll interval setting in the native realm tests in response to upstream change elastic/elasticsearchelastic/elasticsearch#2f638b5a23597967a98b1ced1deac91d64af5a44. Original commit: elastic/x-pack-elasticsearch@c6f60f51f46faba2eb6442f8d58cd9643c51fa59 --- .../org/elasticsearch/integration/ClearRolesCacheTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java index d11065952ae..a9eca134b68 100644 --- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java +++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java @@ -83,7 +83,7 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase { logger.debug("using poller interval [{}]", pollerInterval); return Settings.builder() .put(super.nodeSettings(nodeOrdinal)) - .put(NativeRolesStore.POLL_INTERVAL_SETTING.getKey(), pollerInterval) + .put(NativeRolesStore.POLL_INTERVAL_SETTING.getKey(), pollerInterval.getStringRep()) .put(NetworkModule.HTTP_ENABLED.getKey(), true) .build(); }