From abc789c88747ed3d61b61dc0bbd9b8ed9d045ea4 Mon Sep 17 00:00:00 2001
From: jaymode <jay.modi@elasticsearch.com>
Date: Mon, 3 Oct 2016 11:27:15 -0400
Subject: [PATCH] test: handle case where security index only exists in one
 tribe

Original commit: elastic/x-pack-elasticsearch@94f011387fcf2113d4c4d991eab1ab84d4c0785d
---
 .../xpack/security/SecurityTribeIT.java       | 22 ++++++++++++++-----
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java
index f82b04a83f3..9a057d19111 100644
--- a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java
+++ b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java
@@ -235,12 +235,22 @@ public class SecurityTribeIT extends NativeRealmIntegTestCase {
             assertNoTimeout(response);
         }
 
-        for (String username : shouldFailUsers) {
-            ElasticsearchSecurityException e = expectThrows(ElasticsearchSecurityException.class, () ->
-                    tribeClient.filterWithHeader(Collections.singletonMap("Authorization",
-                            UsernamePasswordToken.basicAuthHeaderValue(username, new SecuredString("password".toCharArray()))))
-                            .admin().cluster().prepareHealth().get());
-            assertThat(e.getMessage(), containsString("authenticate"));
+        if (shouldBeSuccessfulUsers.isEmpty()) {
+            // there is no security index so these users can authenticate...
+            for (String username : shouldFailUsers) {
+                ClusterHealthResponse response = tribeClient.filterWithHeader(Collections.singletonMap("Authorization",
+                        UsernamePasswordToken.basicAuthHeaderValue(username, new SecuredString("password".toCharArray()))))
+                        .admin().cluster().prepareHealth().get();
+                assertNoTimeout(response);
+            }
+        } else {
+            for (String username : shouldFailUsers) {
+                ElasticsearchSecurityException e = expectThrows(ElasticsearchSecurityException.class, () ->
+                        tribeClient.filterWithHeader(Collections.singletonMap("Authorization",
+                                UsernamePasswordToken.basicAuthHeaderValue(username, new SecuredString("password".toCharArray()))))
+                                .admin().cluster().prepareHealth().get());
+                assertThat(e.getMessage(), containsString("authenticate"));
+            }
         }
     }