From c23613e05aba6d041bcfa9e79f021e06d132f34f Mon Sep 17 00:00:00 2001 From: Ryan Ernst Date: Wed, 1 Jul 2020 07:11:05 -0700 Subject: [PATCH] Split license allowed checks into two types (#58704) (#58797) The checks on the license state have a singular method, isAllowed, that returns whether the given feature is allowed by the current license. However, there are two classes of usages, one which intends to actually use a feature, and another that intends to return in telemetry whether the feature is allowed. When feature usage tracking is added, the latter case should not count as a "usage", so this commit reworks the calls to isAllowed into 2 methods, checkFeature, which will (eventually) both check whether a feature is allowed, and keep track of the last usage time, and isAllowed, which simply determines whether the feature is allowed. Note that I considered having a boolean flag on the current method, but wanted the additional clarity that a different method name provides, versus a boolean flag which is more easily copied without realizing what the flag means since it is nameless in call sites. --- .../xpack/analytics/AnalyticsPlugin.java | 2 +- .../xpack/ccr/CcrLicenseChecker.java | 2 +- .../collector/ccr/StatsCollectorTests.java | 28 +- .../license/XPackLicenseState.java | 17 +- .../SecurityIndexReaderWrapper.java | 2 +- .../actions/throttler/ActionThrottler.java | 2 +- .../license/LicenseRegistrationTests.java | 8 +- .../license/LicensesAcknowledgementTests.java | 8 +- .../org/elasticsearch/license/TestUtils.java | 4 + .../license/XPackLicenseStateTests.java | 388 +++++++++--------- ...ityIndexReaderWrapperIntegrationTests.java | 4 +- .../SecurityIndexReaderWrapperUnitTests.java | 4 +- .../throttler/WatchThrottlerTests.java | 12 +- .../TransportDeprecationInfoAction.java | 2 +- .../enrich/EnrichStatsCollectorTests.java | 22 +- .../action/TransportGraphExploreAction.java | 2 +- .../license/MachineLearningLicensingIT.java | 2 +- .../xpack/ml/InvalidLicenseEnforcer.java | 2 +- ...nsportExplainDataFrameAnalyticsAction.java | 2 +- .../TransportInternalInferModelAction.java | 2 +- .../ml/action/TransportOpenJobAction.java | 2 +- .../TransportPutDataFrameAnalyticsAction.java | 2 +- .../ml/action/TransportPutDatafeedAction.java | 2 +- .../ml/action/TransportPutJobAction.java | 2 +- .../TransportPutTrainedModelAction.java | 2 +- ...ransportStartDataFrameAnalyticsAction.java | 2 +- .../action/TransportStartDatafeedAction.java | 2 +- ...ansportUpdateDataFrameAnalyticsAction.java | 2 +- .../ml/MachineLearningFeatureSetTests.java | 2 +- ...sportGetTrainedModelsStatsActionTests.java | 2 +- .../InferenceProcessorFactoryTests.java | 2 +- .../exporter/http/HttpExporterIT.java | 4 +- .../monitoring/cleaner/CleanerService.java | 6 +- .../xpack/monitoring/collector/Collector.java | 2 +- .../collector/ccr/StatsCollector.java | 2 +- .../enrich/EnrichStatsCollector.java | 2 +- .../collector/ml/JobStatsCollector.java | 2 +- .../http/ClusterAlertHttpResource.java | 2 +- .../exporter/http/HttpExporter.java | 2 +- .../exporter/local/LocalExporter.java | 2 +- .../cleaner/CleanerServiceTests.java | 22 +- .../indices/IndexRecoveryCollectorTests.java | 10 +- .../indices/IndexStatsCollectorTests.java | 10 +- .../collector/ml/JobStatsCollectorTests.java | 28 +- .../node/NodeStatsCollectorTests.java | 12 +- .../shards/ShardsCollectorTests.java | 10 +- .../http/ClusterAlertHttpResourceTests.java | 14 +- .../http/HttpExporterResourceTests.java | 2 +- .../local/LocalExporterIntegTestCase.java | 3 +- .../action/TransportPutRollupJobAction.java | 2 +- .../xpack/security/Security.java | 2 +- .../action/filter/SecurityActionFilter.java | 2 +- .../security/audit/AuditTrailService.java | 2 +- .../xpack/security/authc/ApiKeyService.java | 4 +- .../xpack/security/authc/Realms.java | 10 +- .../xpack/security/authc/TokenService.java | 4 +- .../DelegatedAuthorizationSupport.java | 2 +- .../security/authz/AuthorizationService.java | 2 +- .../BulkShardRequestInterceptor.java | 2 +- ...cumentLevelSecurityRequestInterceptor.java | 2 +- .../IndicesAliasesRequestInterceptor.java | 2 +- .../interceptor/ResizeRequestInterceptor.java | 2 +- .../authz/store/CompositeRolesStore.java | 4 +- .../security/authz/store/FileRolesStore.java | 2 +- .../authz/store/NativeRolesStore.java | 4 +- .../RestDelegatePkiAuthenticationAction.java | 2 +- .../rest/action/SecurityBaseRestHandler.java | 2 +- .../action/apikey/ApiKeyBaseRestHandler.java | 2 +- .../action/oauth2/TokenBaseRestHandler.java | 2 +- .../support/SecurityStatusChangeListener.java | 2 +- .../security/transport/filter/IPFilter.java | 2 +- .../filter/SecurityActionFilterTests.java | 2 +- ...ansportOpenIdConnectLogoutActionTests.java | 2 +- ...sportSamlInvalidateSessionActionTests.java | 2 +- .../saml/TransportSamlLogoutActionTests.java | 2 +- .../TransportCreateTokenActionTests.java | 2 +- .../TransportInvalidateTokenActionTests.java | 2 +- .../audit/AuditTrailServiceTests.java | 28 +- .../security/authc/ApiKeyServiceTests.java | 4 +- .../authc/AuthenticationServiceTests.java | 8 +- .../xpack/security/authc/RealmsTests.java | 12 +- .../security/authc/TokenServiceTests.java | 6 +- .../authc/kerberos/KerberosRealmTestCase.java | 2 +- .../security/authc/ldap/LdapRealmTests.java | 2 +- .../authc/oidc/OpenIdConnectRealmTests.java | 2 +- .../security/authc/pki/PkiRealmTests.java | 2 +- .../security/authc/saml/SamlRealmTests.java | 2 +- .../DelegatedAuthorizationSupportTests.java | 2 +- .../authz/AuthorizationServiceTests.java | 26 +- .../SecuritySearchOperationListenerTests.java | 4 +- ...IndicesAliasesRequestInterceptorTests.java | 8 +- .../ResizeRequestInterceptorTests.java | 8 +- .../authz/store/CompositeRolesStoreTests.java | 4 +- .../authz/store/FileRolesStoreTests.java | 23 +- .../authz/store/NativeRolesStoreTests.java | 7 +- .../action/SecurityBaseRestHandlerTests.java | 4 +- .../apikey/RestCreateApiKeyActionTests.java | 4 +- .../apikey/RestGetApiKeyActionTests.java | 4 +- .../RestInvalidateApiKeyActionTests.java | 4 +- .../RestGetUserPrivilegesActionTests.java | 2 +- .../user/RestHasPrivilegesActionTests.java | 2 +- .../SecurityStatusChangeListenerTests.java | 2 +- .../xpack/security/test/SecurityMocks.java | 2 +- .../transport/filter/IPFilterTests.java | 8 +- .../IpFilterRemoteAddressFilterTests.java | 2 +- .../transport/nio/NioIPFilterTests.java | 2 +- .../xpack/spatial/SpatialPlugin.java | 6 +- .../xpack/sql/plugin/SqlPlugin.java | 6 +- .../TransportPreviewTransformAction.java | 2 +- .../action/TransportPutTransformAction.java | 2 +- .../action/TransportStartTransformAction.java | 2 +- .../TransportUpdateTransformAction.java | 2 +- .../actions/WatcherTransportAction.java | 2 +- .../AbstractWatcherIntegrationTestCase.java | 2 +- .../ack/TransportAckWatchActionTests.java | 4 +- .../put/TransportPutWatchActionTests.java | 4 +- 116 files changed, 494 insertions(+), 468 deletions(-) diff --git a/x-pack/plugin/analytics/src/main/java/org/elasticsearch/xpack/analytics/AnalyticsPlugin.java b/x-pack/plugin/analytics/src/main/java/org/elasticsearch/xpack/analytics/AnalyticsPlugin.java index 144ae54347d..51629c0f53a 100644 --- a/x-pack/plugin/analytics/src/main/java/org/elasticsearch/xpack/analytics/AnalyticsPlugin.java +++ b/x-pack/plugin/analytics/src/main/java/org/elasticsearch/xpack/analytics/AnalyticsPlugin.java @@ -179,7 +179,7 @@ public class AnalyticsPlugin extends Plugin implements SearchPlugin, ActionPlugi private static ContextParser checkLicense(ContextParser realParser) { return (parser, name) -> { - if (getLicenseState().isAllowed(XPackLicenseState.Feature.ANALYTICS) == false) { + if (getLicenseState().checkFeature(XPackLicenseState.Feature.ANALYTICS) == false) { throw LicenseUtils.newComplianceException(XPackField.ANALYTICS); } return realParser.parse(parser, name); diff --git a/x-pack/plugin/ccr/src/main/java/org/elasticsearch/xpack/ccr/CcrLicenseChecker.java b/x-pack/plugin/ccr/src/main/java/org/elasticsearch/xpack/ccr/CcrLicenseChecker.java index 9c1c596d28a..6073a618ea6 100644 --- a/x-pack/plugin/ccr/src/main/java/org/elasticsearch/xpack/ccr/CcrLicenseChecker.java +++ b/x-pack/plugin/ccr/src/main/java/org/elasticsearch/xpack/ccr/CcrLicenseChecker.java @@ -72,7 +72,7 @@ public class CcrLicenseChecker { * Constructs a CCR license checker with the default rule based on the license state for checking if CCR is allowed. */ CcrLicenseChecker() { - this(() -> XPackPlugin.getSharedLicenseState().isAllowed(XPackLicenseState.Feature.CCR), + this(() -> XPackPlugin.getSharedLicenseState().checkFeature(XPackLicenseState.Feature.CCR), XPackPlugin.getSharedLicenseState()::isSecurityEnabled); } diff --git a/x-pack/plugin/ccr/src/test/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollectorTests.java b/x-pack/plugin/ccr/src/test/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollectorTests.java index 9c7f640f499..694e2fb79f6 100644 --- a/x-pack/plugin/ccr/src/test/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollectorTests.java +++ b/x-pack/plugin/ccr/src/test/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollectorTests.java @@ -46,14 +46,14 @@ public class StatsCollectorTests extends BaseCollectorTestCase { whenLocalNodeElectedMaster(isElectedMaster); // this controls the blockage - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(false); - when(licenseState.isAllowed(XPackLicenseState.Feature.CCR)).thenReturn(ccrAllowed); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.CCR)).thenReturn(ccrAllowed); final StatsCollector collector = createCollector(settings, clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } } @@ -61,8 +61,8 @@ public class StatsCollectorTests extends BaseCollectorTestCase { // regardless of CCR being enabled final Settings settings = randomFrom(ccrEnabledSettings(), ccrDisabledSettings()); - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); - when(licenseState.isAllowed(XPackLicenseState.Feature.CCR)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.CCR)).thenReturn(randomBoolean()); // this controls the blockage final boolean isElectedMaster = false; @@ -75,8 +75,8 @@ public class StatsCollectorTests extends BaseCollectorTestCase { // this is controls the blockage final Settings settings = ccrDisabledSettings(); - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); - when(licenseState.isAllowed(XPackLicenseState.Feature.CCR)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.CCR)).thenReturn(randomBoolean()); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -86,16 +86,16 @@ public class StatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } } public void testShouldCollectReturnsFalseIfCCRIsNotAllowed() { final Settings settings = randomFrom(ccrEnabledSettings(), ccrDisabledSettings()); - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); // this is controls the blockage - when(licenseState.isAllowed(XPackLicenseState.Feature.CCR)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.CCR)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -104,22 +104,22 @@ public class StatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } } public void testShouldCollectReturnsTrue() { final Settings settings = ccrEnabledSettings(); - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(true); - when(licenseState.isAllowed(XPackLicenseState.Feature.CCR)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.CCR)).thenReturn(true); final boolean isElectedMaster = true; final StatsCollector collector = createCollector(settings, clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(true)); - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } public void testDoCollect() throws Exception { diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java index aac77973326..6a6e59133ca 100644 --- a/x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java +++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java @@ -411,7 +411,6 @@ public class XPackLicenseState { private XPackLicenseState(List listeners, boolean isSecurityEnabled, boolean isSecurityExplicitlyEnabled, Status status) { - this.listeners = listeners; this.isSecurityEnabled = isSecurityEnabled; this.isSecurityExplicitlyEnabled = isSecurityExplicitlyEnabled; @@ -475,6 +474,19 @@ public class XPackLicenseState { return checkAgainstStatus(status -> status.active); } + /** + * Checks whether the given feature is allowed, tracking the last usage time. + */ + public boolean checkFeature(Feature feature) { + // TODO: usage tracking is not yet implemented + return isAllowed(feature); + } + + /** + * Checks whether the given feature is allowed by the current license. + *

+ * This method should only be used when serializing whether a feature is allowed for telemetry. + */ public boolean isAllowed(Feature feature) { return isAllowedByLicense(feature.minimumOperationMode, feature.needsActive); } @@ -551,7 +563,8 @@ public class XPackLicenseState { * is needed for multiple interactions with the license state. */ public XPackLicenseState copyCurrentLicenseState() { - return executeAgainstStatus(status -> new XPackLicenseState(listeners, isSecurityEnabled, isSecurityExplicitlyEnabled, status)); + return executeAgainstStatus(status -> + new XPackLicenseState(listeners, isSecurityEnabled, isSecurityExplicitlyEnabled, status)); } /** diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapper.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapper.java index dbb60483aa5..8614ac5225f 100644 --- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapper.java +++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapper.java @@ -63,7 +63,7 @@ public class SecurityIndexReaderWrapper implements CheckedFunction predicate, boolean expected) { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(mode, active, null); assertEquals(expected, predicate.test(licenseState)); } @@ -76,41 +76,41 @@ public class XPackLicenseStateTests extends ESTestCase { } public void testSecurityDefaults() { - XPackLicenseState licenseState = - new XPackLicenseState(Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + Settings settings = Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build(); + XPackLicenseState licenseState = new XPackLicenseState(settings); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(true)); - licenseState = new XPackLicenseState(Settings.EMPTY); + licenseState = TestUtils.newTestLicenseState(); assertSecurityNotAllowed(licenseState); } public void testTransportSslDoesNotAutomaticallyEnableSecurityOnTrialLicense() { + Settings settings = Settings.builder().put(XPackSettings.TRANSPORT_SSL_ENABLED.getKey(), true).build(); final XPackLicenseState licenseState; - licenseState = - new XPackLicenseState(Settings.builder().put(XPackSettings.TRANSPORT_SSL_ENABLED.getKey(), true).build()); + licenseState = new XPackLicenseState(settings); assertSecurityNotAllowed(licenseState); } public void testSecurityBasicWithoutExplicitSecurityEnabled() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(BASIC, true, null); assertThat(licenseState.isSecurityEnabled(), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SECURITY), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SECURITY), is(true)); assertThat(licenseState.isSecurityEnabled(), is(false)); } @@ -120,139 +120,145 @@ public class XPackLicenseStateTests extends ESTestCase { licenseState.update(BASIC, true, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SECURITY), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SECURITY), is(true)); assertThat(licenseState.isSecurityEnabled(), is(true)); } public void testSecurityDefaultBasicExpired() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(BASIC, false, null); assertThat(licenseState.isSecurityEnabled(), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); } public void testSecurityEnabledBasicExpired() { - XPackLicenseState licenseState = new XPackLicenseState( - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + Settings settings = Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build(); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(BASIC, false, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); } public void testSecurityStandard() { - XPackLicenseState licenseState = new XPackLicenseState(randomFrom(Settings.EMPTY, - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build())); + Settings settings = randomFrom(Settings.EMPTY, + Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(STANDARD, true, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); } public void testSecurityStandardExpired() { - XPackLicenseState licenseState = new XPackLicenseState(randomFrom(Settings.EMPTY, - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build())); + Settings settings = randomFrom(Settings.EMPTY, + Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(STANDARD, false, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); } public void testSecurityGold() { - XPackLicenseState licenseState = new XPackLicenseState(randomFrom(Settings.EMPTY, - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build())); + Settings settings = randomFrom(Settings.EMPTY, + Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(GOLD, true, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); } public void testSecurityGoldExpired() { - XPackLicenseState licenseState = new XPackLicenseState(randomFrom(Settings.EMPTY, - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build())); + Settings settings = randomFrom(Settings.EMPTY, + Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(GOLD, false, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); } public void testSecurityPlatinum() { - XPackLicenseState licenseState = new XPackLicenseState(randomFrom(Settings.EMPTY, - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build())); + Settings settings = randomFrom(Settings.EMPTY, + Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(PLATINUM, true, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); } public void testSecurityPlatinumExpired() { - XPackLicenseState licenseState = new XPackLicenseState(randomFrom(Settings.EMPTY, - Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build())); + Settings settings = randomFrom(Settings.EMPTY, + Settings.builder().put(XPackSettings.SECURITY_ENABLED.getKey(), true).build()); + XPackLicenseState licenseState = new XPackLicenseState(settings); licenseState.update(PLATINUM, false, null); assertThat(licenseState.isSecurityEnabled(), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_AUDITING), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_DLS_FLS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); - assertThat(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE), is(true)); - assertThat(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_AUDITING), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_DLS_FLS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS), is(false)); + assertThat(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE), is(true)); + assertThat(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE), is(true)); } public void testNewTrialDefaultsSecurityOff() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(TRIAL, true, VersionUtils.randomVersionBetween(random(), Version.V_6_3_0, Version.CURRENT)); assertThat(licenseState.isSecurityEnabled(), is(false)); @@ -304,172 +310,172 @@ public class XPackLicenseStateTests extends ESTestCase { } public void testMonitoringAllowed() { - assertAllowed(randomMode(), true, s -> s.isAllowed(Feature.MONITORING), true); - assertAllowed(randomMode(), false, s -> s.isAllowed(Feature.MONITORING), false); + assertAllowed(randomMode(), true, s -> s.checkFeature(Feature.MONITORING), true); + assertAllowed(randomMode(), false, s -> s.checkFeature(Feature.MONITORING), false); } public void testMonitoringUpdateRetention() { - assertAllowed(STANDARD, true, s -> s.isAllowed(Feature.MONITORING_UPDATE_RETENTION), true); - assertAllowed(GOLD, true, s -> s.isAllowed(Feature.MONITORING_UPDATE_RETENTION), true); - assertAllowed(PLATINUM, true, s -> s.isAllowed(Feature.MONITORING_UPDATE_RETENTION), true); - assertAllowed(TRIAL, true, s -> s.isAllowed(Feature.MONITORING_UPDATE_RETENTION), true); - assertAllowed(BASIC, true, s -> s.isAllowed(Feature.MONITORING_UPDATE_RETENTION), false); - assertAllowed(MISSING, false, s -> s.isAllowed(Feature.MONITORING_UPDATE_RETENTION), false); + assertAllowed(STANDARD, true, s -> s.checkFeature(Feature.MONITORING_UPDATE_RETENTION), true); + assertAllowed(GOLD, true, s -> s.checkFeature(Feature.MONITORING_UPDATE_RETENTION), true); + assertAllowed(PLATINUM, true, s -> s.checkFeature(Feature.MONITORING_UPDATE_RETENTION), true); + assertAllowed(TRIAL, true, s -> s.checkFeature(Feature.MONITORING_UPDATE_RETENTION), true); + assertAllowed(BASIC, true, s -> s.checkFeature(Feature.MONITORING_UPDATE_RETENTION), false); + assertAllowed(MISSING, false, s -> s.checkFeature(Feature.MONITORING_UPDATE_RETENTION), false); } public void testWatcherPlatinumGoldTrialStandard() throws Exception { - assertAllowed(TRIAL, true, s -> s.isAllowed(Feature.WATCHER), true); - assertAllowed(GOLD, true, s -> s.isAllowed(Feature.WATCHER), true); - assertAllowed(PLATINUM, true, s -> s.isAllowed(Feature.WATCHER), true); - assertAllowed(STANDARD, true, s -> s.isAllowed(Feature.WATCHER), true); + assertAllowed(TRIAL, true, s -> s.checkFeature(Feature.WATCHER), true); + assertAllowed(GOLD, true, s -> s.checkFeature(Feature.WATCHER), true); + assertAllowed(PLATINUM, true, s -> s.checkFeature(Feature.WATCHER), true); + assertAllowed(STANDARD, true, s -> s.checkFeature(Feature.WATCHER), true); } public void testWatcherBasicLicense() throws Exception { - assertAllowed(BASIC, true, s -> s.isAllowed(Feature.WATCHER), false); + assertAllowed(BASIC, true, s -> s.checkFeature(Feature.WATCHER), false); } public void testWatcherInactive() { - assertAllowed(BASIC, false, s -> s.isAllowed(Feature.WATCHER), false); + assertAllowed(BASIC, false, s -> s.checkFeature(Feature.WATCHER), false); } public void testWatcherInactivePlatinumGoldTrial() throws Exception { - assertAllowed(TRIAL, false, s -> s.isAllowed(Feature.WATCHER), false); - assertAllowed(GOLD, false, s -> s.isAllowed(Feature.WATCHER), false); - assertAllowed(PLATINUM, false, s -> s.isAllowed(Feature.WATCHER), false); - assertAllowed(STANDARD, false, s -> s.isAllowed(Feature.WATCHER), false); + assertAllowed(TRIAL, false, s -> s.checkFeature(Feature.WATCHER), false); + assertAllowed(GOLD, false, s -> s.checkFeature(Feature.WATCHER), false); + assertAllowed(PLATINUM, false, s -> s.checkFeature(Feature.WATCHER), false); + assertAllowed(STANDARD, false, s -> s.checkFeature(Feature.WATCHER), false); } public void testGraphPlatinumTrial() throws Exception { - assertAllowed(TRIAL, true, s -> s.isAllowed(Feature.GRAPH), true); - assertAllowed(PLATINUM, true, s -> s.isAllowed(Feature.GRAPH), true); + assertAllowed(TRIAL, true, s -> s.checkFeature(Feature.GRAPH), true); + assertAllowed(PLATINUM, true, s -> s.checkFeature(Feature.GRAPH), true); } public void testGraphBasic() throws Exception { - assertAllowed(BASIC, true, s -> s.isAllowed(Feature.GRAPH), false); + assertAllowed(BASIC, true, s -> s.checkFeature(Feature.GRAPH), false); } public void testGraphStandard() throws Exception { - assertAllowed(STANDARD, true, s -> s.isAllowed(Feature.GRAPH), false); + assertAllowed(STANDARD, true, s -> s.checkFeature(Feature.GRAPH), false); } public void testGraphInactiveBasic() { - assertAllowed(BASIC, false, s -> s.isAllowed(Feature.GRAPH), false); + assertAllowed(BASIC, false, s -> s.checkFeature(Feature.GRAPH), false); } public void testGraphInactivePlatinumTrial() throws Exception { - assertAllowed(TRIAL, false, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); - assertAllowed(PLATINUM, false, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); + assertAllowed(TRIAL, false, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); + assertAllowed(PLATINUM, false, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); } public void testMachineLearningPlatinumTrial() throws Exception { - assertAllowed(TRIAL, true, s -> s.isAllowed(Feature.MACHINE_LEARNING), true); - assertAllowed(PLATINUM, true, s -> s.isAllowed(Feature.MACHINE_LEARNING), true); + assertAllowed(TRIAL, true, s -> s.checkFeature(Feature.MACHINE_LEARNING), true); + assertAllowed(PLATINUM, true, s -> s.checkFeature(Feature.MACHINE_LEARNING), true); } public void testMachineLearningBasic() throws Exception { - assertAllowed(BASIC, true, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); + assertAllowed(BASIC, true, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); } public void testMachineLearningStandard() throws Exception { - assertAllowed(STANDARD, true, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); + assertAllowed(STANDARD, true, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); } public void testMachineLearningInactiveBasic() { - assertAllowed(BASIC, false, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); + assertAllowed(BASIC, false, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); } public void testMachineLearningInactivePlatinumTrial() throws Exception { - assertAllowed(TRIAL, false, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); - assertAllowed(PLATINUM, false, s -> s.isAllowed(Feature.MACHINE_LEARNING), false); + assertAllowed(TRIAL, false, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); + assertAllowed(PLATINUM, false, s -> s.checkFeature(Feature.MACHINE_LEARNING), false); } public void testLogstashPlatinumGoldTrialStandard() throws Exception { - assertAllowed(TRIAL, true, s -> s.isAllowed(Feature.LOGSTASH), true); - assertAllowed(GOLD, true, s -> s.isAllowed(Feature.LOGSTASH), true); - assertAllowed(PLATINUM, true, s -> s.isAllowed(Feature.LOGSTASH), true); - assertAllowed(STANDARD, true, s -> s.isAllowed(Feature.LOGSTASH), true); + assertAllowed(TRIAL, true, s -> s.checkFeature(Feature.LOGSTASH), true); + assertAllowed(GOLD, true, s -> s.checkFeature(Feature.LOGSTASH), true); + assertAllowed(PLATINUM, true, s -> s.checkFeature(Feature.LOGSTASH), true); + assertAllowed(STANDARD, true, s -> s.checkFeature(Feature.LOGSTASH), true); } public void testLogstashBasicLicense() throws Exception { - assertAllowed(BASIC, true, s -> s.isAllowed(Feature.LOGSTASH), false); + assertAllowed(BASIC, true, s -> s.checkFeature(Feature.LOGSTASH), false); } public void testLogstashInactive() { - assertAllowed(BASIC, false, s -> s.isAllowed(Feature.LOGSTASH), false); - assertAllowed(TRIAL, false, s -> s.isAllowed(Feature.LOGSTASH), false); - assertAllowed(GOLD, false, s -> s.isAllowed(Feature.LOGSTASH), false); - assertAllowed(PLATINUM, false, s -> s.isAllowed(Feature.LOGSTASH), false); - assertAllowed(STANDARD, false, s -> s.isAllowed(Feature.LOGSTASH), false); + assertAllowed(BASIC, false, s -> s.checkFeature(Feature.LOGSTASH), false); + assertAllowed(TRIAL, false, s -> s.checkFeature(Feature.LOGSTASH), false); + assertAllowed(GOLD, false, s -> s.checkFeature(Feature.LOGSTASH), false); + assertAllowed(PLATINUM, false, s -> s.checkFeature(Feature.LOGSTASH), false); + assertAllowed(STANDARD, false, s -> s.checkFeature(Feature.LOGSTASH), false); } public void testSqlDefaults() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(true)); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(true)); } public void testSqlBasic() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(BASIC, true, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlBasicExpired() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(BASIC, false, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(false)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlStandard() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(STANDARD, true, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlStandardExpired() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(STANDARD, false, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(false)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlGold() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(GOLD, true, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlGoldExpired() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(GOLD, false, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(false)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlPlatinum() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(PLATINUM, true, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(true)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(true)); } public void testSqlPlatinumExpired() { - XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + XPackLicenseState licenseState = TestUtils.newTestLicenseState(); licenseState.update(PLATINUM, false, null); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.SQL), is(false)); - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.JDBC), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.SQL), is(false)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.JDBC), is(false)); } public void testSqlAckAnyToTrialOrPlatinum() { @@ -481,64 +487,64 @@ public class XPackLicenseStateTests extends ESTestCase { } public void testCcrDefaults() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); - assertTrue(state.isAllowed(XPackLicenseState.Feature.CCR)); + final XPackLicenseState state = TestUtils.newTestLicenseState(); + assertTrue(state.checkFeature(XPackLicenseState.Feature.CCR)); } public void testCcrBasic() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(BASIC, true, null); - assertThat(state.isAllowed(XPackLicenseState.Feature.CCR), is(false)); + assertThat(state.checkFeature(XPackLicenseState.Feature.CCR), is(false)); } public void testCcrBasicExpired() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(BASIC, false, null); - assertThat(state.isAllowed(XPackLicenseState.Feature.CCR), is(false)); + assertThat(state.checkFeature(XPackLicenseState.Feature.CCR), is(false)); } public void testCcrStandard() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(STANDARD, true, null); - assertThat(state.isAllowed(XPackLicenseState.Feature.CCR), is(false)); + assertThat(state.checkFeature(XPackLicenseState.Feature.CCR), is(false)); } public void testCcrStandardExpired() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(STANDARD, false, null); - assertThat(state.isAllowed(XPackLicenseState.Feature.CCR), is(false)); + assertThat(state.checkFeature(XPackLicenseState.Feature.CCR), is(false)); } public void testCcrGold() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(GOLD, true, null); - assertThat(state.isAllowed(XPackLicenseState.Feature.CCR), is(false)); + assertThat(state.checkFeature(XPackLicenseState.Feature.CCR), is(false)); } public void testCcrGoldExpired() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(GOLD, false, null); - assertThat(state.isAllowed(XPackLicenseState.Feature.CCR), is(false)); + assertThat(state.checkFeature(XPackLicenseState.Feature.CCR), is(false)); } public void testCcrPlatinum() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(PLATINUM, true, null); - assertTrue(state.isAllowed(XPackLicenseState.Feature.CCR)); + assertTrue(state.checkFeature(XPackLicenseState.Feature.CCR)); } public void testCcrPlatinumExpired() { - final XPackLicenseState state = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState state = TestUtils.newTestLicenseState(); state.update(PLATINUM, false, null); - assertFalse(state.isAllowed(XPackLicenseState.Feature.CCR)); + assertFalse(state.checkFeature(XPackLicenseState.Feature.CCR)); } public void testCcrAckAnyToTrialOrPlatinum() { @@ -550,14 +556,14 @@ public class XPackLicenseStateTests extends ESTestCase { } public void testTransformBasic() throws Exception { - assertAllowed(BASIC, true, s -> s.isAllowed(Feature.TRANSFORM), true); + assertAllowed(BASIC, true, s -> s.checkFeature(Feature.TRANSFORM), true); } public void testTransformStandard() throws Exception { - assertAllowed(STANDARD, true, s -> s.isAllowed(Feature.TRANSFORM), true); + assertAllowed(STANDARD, true, s -> s.checkFeature(Feature.TRANSFORM), true); } public void testTransformInactiveBasic() { - assertAllowed(BASIC, false, s -> s.isAllowed(Feature.TRANSFORM), false); + assertAllowed(BASIC, false, s -> s.checkFeature(Feature.TRANSFORM), false); } } diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperIntegrationTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperIntegrationTests.java index 6fd54cd4853..6a1ba5dcc3e 100644 --- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperIntegrationTests.java +++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperIntegrationTests.java @@ -96,7 +96,7 @@ public class SecurityIndexReaderWrapperIntegrationTests extends AbstractBuilderT DocumentSubsetBitsetCache bitsetCache = new DocumentSubsetBitsetCache(Settings.EMPTY, Executors.newSingleThreadExecutor()); XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); Directory directory = newDirectory(); IndexWriter iw = new IndexWriter( @@ -229,7 +229,7 @@ public class SecurityIndexReaderWrapperIntegrationTests extends AbstractBuilderT XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); SecurityIndexReaderWrapper wrapper = new SecurityIndexReaderWrapper(s -> queryShardContext, bitsetCache, securityContext, licenseState, scriptService) { diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperUnitTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperUnitTests.java index e6b6ec01221..db8aa7ff21e 100644 --- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperUnitTests.java +++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/SecurityIndexReaderWrapperUnitTests.java @@ -66,7 +66,7 @@ public class SecurityIndexReaderWrapperUnitTests extends ESTestCase { ShardId shardId = new ShardId(index, 0); licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); securityContext = new SecurityContext(Settings.EMPTY, new ThreadContext(Settings.EMPTY)); IndexShard indexShard = mock(IndexShard.class); when(indexShard.shardId()).thenReturn(shardId); @@ -115,7 +115,7 @@ public class SecurityIndexReaderWrapperUnitTests extends ESTestCase { } public void testWrapReaderWhenFeatureDisabled() throws Exception { - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(false); securityIndexReaderWrapper = new SecurityIndexReaderWrapper(null, null, securityContext, licenseState, scriptService); DirectoryReader reader = securityIndexReaderWrapper.apply(esIn); diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/watcher/actions/throttler/WatchThrottlerTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/watcher/actions/throttler/WatchThrottlerTests.java index 5504a62350b..13a9591f59c 100644 --- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/watcher/actions/throttler/WatchThrottlerTests.java +++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/watcher/actions/throttler/WatchThrottlerTests.java @@ -25,7 +25,7 @@ public class WatchThrottlerTests extends ESTestCase { Throttler.Result expectedResult = Throttler.Result.throttle(Throttler.Type.ACK, "_reason"); when(ackThrottler.throttle("_action", ctx)).thenReturn(expectedResult); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.WATCHER)).thenReturn(true); + when(licenseState.checkFeature(Feature.WATCHER)).thenReturn(true); ActionThrottler throttler = new ActionThrottler(periodThrottler, ackThrottler, licenseState); Throttler.Result result = throttler.throttle("_action", ctx); assertThat(result, notNullValue()); @@ -40,7 +40,7 @@ public class WatchThrottlerTests extends ESTestCase { when(periodThrottler.throttle("_action", ctx)).thenReturn(expectedResult); when(ackThrottler.throttle("_action", ctx)).thenReturn(Throttler.Result.NO); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.WATCHER)).thenReturn(true); + when(licenseState.checkFeature(Feature.WATCHER)).thenReturn(true); ActionThrottler throttler = new ActionThrottler(periodThrottler, ackThrottler, licenseState); Throttler.Result result = throttler.throttle("_action", ctx); assertThat(result, notNullValue()); @@ -56,7 +56,7 @@ public class WatchThrottlerTests extends ESTestCase { Throttler.Result ackResult = Throttler.Result.throttle(Throttler.Type.ACK, "_reason_ack"); when(ackThrottler.throttle("_action", ctx)).thenReturn(ackResult); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.WATCHER)).thenReturn(true); + when(licenseState.checkFeature(Feature.WATCHER)).thenReturn(true); ActionThrottler throttler = new ActionThrottler(periodThrottler, ackThrottler, licenseState); Throttler.Result result = throttler.throttle("_action", ctx); assertThat(result, notNullValue()); @@ -71,7 +71,7 @@ public class WatchThrottlerTests extends ESTestCase { when(periodThrottler.throttle("_action", ctx)).thenReturn(Throttler.Result.NO); when(ackThrottler.throttle("_action", ctx)).thenReturn(Throttler.Result.NO); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.WATCHER)).thenReturn(true); + when(licenseState.checkFeature(Feature.WATCHER)).thenReturn(true); ActionThrottler throttler = new ActionThrottler(periodThrottler, ackThrottler, licenseState); Throttler.Result result = throttler.throttle("_action", ctx); assertThat(result, notNullValue()); @@ -84,7 +84,7 @@ public class WatchThrottlerTests extends ESTestCase { Throttler.Result ackResult = mock(Throttler.Result.class); when(ackThrottler.throttle("_action", ctx)).thenReturn(ackResult); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.WATCHER)).thenReturn(true); + when(licenseState.checkFeature(Feature.WATCHER)).thenReturn(true); ActionThrottler throttler = new ActionThrottler(null, ackThrottler, licenseState); Throttler.Result result = throttler.throttle("_action", ctx); assertThat(result, notNullValue()); @@ -97,7 +97,7 @@ public class WatchThrottlerTests extends ESTestCase { Throttler.Result ackResult = mock(Throttler.Result.class); when(ackThrottler.throttle("_action", ctx)).thenReturn(ackResult); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.WATCHER)).thenReturn(false); + when(licenseState.checkFeature(Feature.WATCHER)).thenReturn(false); ActionThrottler throttler = new ActionThrottler(null, ackThrottler, licenseState); Throttler.Result result = throttler.throttle("_action", ctx); assertThat(result, notNullValue()); diff --git a/x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/TransportDeprecationInfoAction.java b/x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/TransportDeprecationInfoAction.java index 8062cb4768d..7e75d6db53d 100644 --- a/x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/TransportDeprecationInfoAction.java +++ b/x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/TransportDeprecationInfoAction.java @@ -86,7 +86,7 @@ public class TransportDeprecationInfoAction extends TransportMasterNodeReadActio @Override protected final void masterOperation(final DeprecationInfoAction.Request request, ClusterState state, final ActionListener listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.DEPRECATION)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.DEPRECATION)) { NodesDeprecationCheckRequest nodeDepReq = new NodesDeprecationCheckRequest("_all"); ClientHelper.executeAsyncWithOrigin(client, ClientHelper.DEPRECATION_ORIGIN, diff --git a/x-pack/plugin/enrich/src/test/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollectorTests.java b/x-pack/plugin/enrich/src/test/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollectorTests.java index 56284371679..80e3d9125fd 100644 --- a/x-pack/plugin/enrich/src/test/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollectorTests.java +++ b/x-pack/plugin/enrich/src/test/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollectorTests.java @@ -43,20 +43,20 @@ public class EnrichStatsCollectorTests extends BaseCollectorTestCase { whenLocalNodeElectedMaster(isElectedMaster); // this controls the blockage - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(false); - when(licenseState.isAllowed(XPackLicenseState.Feature.ENRICH)).thenReturn(enrichAllowed); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.ENRICH)).thenReturn(enrichAllowed); final EnrichStatsCollector collector = createCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } } public void testShouldCollectReturnsFalseIfNotMaster() { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); - when(licenseState.isAllowed(XPackLicenseState.Feature.ENRICH)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.ENRICH)).thenReturn(randomBoolean()); // this controls the blockage final boolean isElectedMaster = false; @@ -67,9 +67,9 @@ public class EnrichStatsCollectorTests extends BaseCollectorTestCase { public void testShouldCollectReturnsFalseIfEnrichIsNotAllowed() { boolean isMonitoringAllowed = randomBoolean(); - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(isMonitoringAllowed); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(isMonitoringAllowed); // this is controls the blockage - when(licenseState.isAllowed(XPackLicenseState.Feature.ENRICH)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.ENRICH)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -78,20 +78,20 @@ public class EnrichStatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } } public void testShouldCollectReturnsTrue() { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING)).thenReturn(true); - when(licenseState.isAllowed(XPackLicenseState.Feature.ENRICH)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.ENRICH)).thenReturn(true); final boolean isElectedMaster = true; final EnrichStatsCollector collector = createCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(true)); - verify(licenseState).isAllowed(XPackLicenseState.Feature.MONITORING); + verify(licenseState).checkFeature(XPackLicenseState.Feature.MONITORING); } public void testDoCollect() throws Exception { diff --git a/x-pack/plugin/graph/src/main/java/org/elasticsearch/xpack/graph/action/TransportGraphExploreAction.java b/x-pack/plugin/graph/src/main/java/org/elasticsearch/xpack/graph/action/TransportGraphExploreAction.java index 68765731797..6e39fdbaa0d 100644 --- a/x-pack/plugin/graph/src/main/java/org/elasticsearch/xpack/graph/action/TransportGraphExploreAction.java +++ b/x-pack/plugin/graph/src/main/java/org/elasticsearch/xpack/graph/action/TransportGraphExploreAction.java @@ -92,7 +92,7 @@ public class TransportGraphExploreAction extends HandledTransportAction listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.GRAPH)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.GRAPH)) { new AsyncGraphAction(request, listener).start(); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.GRAPH)); diff --git a/x-pack/plugin/ml/src/internalClusterTest/java/org/elasticsearch/license/MachineLearningLicensingIT.java b/x-pack/plugin/ml/src/internalClusterTest/java/org/elasticsearch/license/MachineLearningLicensingIT.java index 2cdb562f211..457b5222394 100644 --- a/x-pack/plugin/ml/src/internalClusterTest/java/org/elasticsearch/license/MachineLearningLicensingIT.java +++ b/x-pack/plugin/ml/src/internalClusterTest/java/org/elasticsearch/license/MachineLearningLicensingIT.java @@ -781,7 +781,7 @@ public class MachineLearningLicensingIT extends BaseMlIntegTestCase { private static void assertMLAllowed(boolean expected) { for (XPackLicenseState licenseState : internalCluster().getInstances(XPackLicenseState.class)) { - assertEquals(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING), expected); + assertEquals(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING), expected); } } diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/InvalidLicenseEnforcer.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/InvalidLicenseEnforcer.java index 5be9a3c91dd..d89e3c75660 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/InvalidLicenseEnforcer.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/InvalidLicenseEnforcer.java @@ -48,7 +48,7 @@ public class InvalidLicenseEnforcer implements LicenseStateListener { @Override public void licenseStateChanged() { assert licenseStateListenerRegistered; - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { // if the license has expired, close jobs and datafeeds threadPool.generic().execute(new AbstractRunnable() { @Override diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportExplainDataFrameAnalyticsAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportExplainDataFrameAnalyticsAction.java index 7621866c7d9..44cad0119b8 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportExplainDataFrameAnalyticsAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportExplainDataFrameAnalyticsAction.java @@ -69,7 +69,7 @@ public class TransportExplainDataFrameAnalyticsAction protected void doExecute(Task task, PutDataFrameAnalyticsAction.Request request, ActionListener listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); return; } diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportInternalInferModelAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportInternalInferModelAction.java index 67d0b302536..66593f222e1 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportInternalInferModelAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportInternalInferModelAction.java @@ -73,7 +73,7 @@ public class TransportInternalInferModelAction extends HandledTransportAction clearJobFinishTime = ActionListener.wrap( diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDataFrameAnalyticsAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDataFrameAnalyticsAction.java index 4d42356191f..8dabe08bf1c 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDataFrameAnalyticsAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDataFrameAnalyticsAction.java @@ -229,7 +229,7 @@ public class TransportPutDataFrameAnalyticsAction @Override protected void doExecute(Task task, PutDataFrameAnalyticsAction.Request request, ActionListener listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)) { super.doExecute(task, request, listener); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDatafeedAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDatafeedAction.java index 671af38208f..091d207d3fd 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDatafeedAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutDatafeedAction.java @@ -265,7 +265,7 @@ public class TransportPutDatafeedAction extends TransportMasterNodeAction listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)) { super.doExecute(task, request, listener); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutJobAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutJobAction.java index 936d9e2a19c..672f1a86eea 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutJobAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutJobAction.java @@ -68,7 +68,7 @@ public class TransportPutJobAction extends TransportMasterNodeAction listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)) { super.doExecute(task, request, listener); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutTrainedModelAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutTrainedModelAction.java index e8ac651da64..af5e663cc50 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutTrainedModelAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportPutTrainedModelAction.java @@ -220,7 +220,7 @@ public class TransportPutTrainedModelAction extends TransportMasterNodeAction listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)) { super.doExecute(task, request, listener); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDataFrameAnalyticsAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDataFrameAnalyticsAction.java index e54c68f2f56..19ad386d09f 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDataFrameAnalyticsAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDataFrameAnalyticsAction.java @@ -157,7 +157,7 @@ public class TransportStartDataFrameAnalyticsAction @Override protected void masterOperation(StartDataFrameAnalyticsAction.Request request, ClusterState state, ActionListener listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); return; } diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDatafeedAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDatafeedAction.java index ca309fb873c..cde9f98c084 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDatafeedAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportStartDatafeedAction.java @@ -155,7 +155,7 @@ public class TransportStartDatafeedAction extends TransportMasterNodeAction listener) { StartDatafeedAction.DatafeedParams params = request.getParams(); - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING) == false) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); return; } diff --git a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportUpdateDataFrameAnalyticsAction.java b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportUpdateDataFrameAnalyticsAction.java index af58243fcd3..f310b46051f 100644 --- a/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportUpdateDataFrameAnalyticsAction.java +++ b/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/action/TransportUpdateDataFrameAnalyticsAction.java @@ -89,7 +89,7 @@ public class TransportUpdateDataFrameAnalyticsAction @Override protected void doExecute(Task task, UpdateDataFrameAnalyticsAction.Request request, ActionListener listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)) { super.doExecute(task, request, listener); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.MACHINE_LEARNING)); diff --git a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/MachineLearningFeatureSetTests.java b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/MachineLearningFeatureSetTests.java index ef99e1cabe9..a0ea1222d12 100644 --- a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/MachineLearningFeatureSetTests.java +++ b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/MachineLearningFeatureSetTests.java @@ -338,7 +338,7 @@ public class MachineLearningFeatureSetTests extends ESTestCase { } public void testUsageWithOrphanedTask() throws Exception { - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); Settings.Builder settings = Settings.builder().put(commonSettings); settings.put("xpack.ml.enabled", true); diff --git a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/action/TransportGetTrainedModelsStatsActionTests.java b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/action/TransportGetTrainedModelsStatsActionTests.java index d16231e16d9..33630ec4634 100644 --- a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/action/TransportGetTrainedModelsStatsActionTests.java +++ b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/action/TransportGetTrainedModelsStatsActionTests.java @@ -94,7 +94,7 @@ public class TransportGetTrainedModelsStatsActionTests extends ESTestCase { public Map getProcessors(Processor.Parameters parameters) { Map factoryMap = new HashMap<>(); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); factoryMap.put(InferenceProcessor.TYPE, new InferenceProcessor.Factory(parameters.client, parameters.ingestService.getClusterService(), diff --git a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/inference/ingest/InferenceProcessorFactoryTests.java b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/inference/ingest/InferenceProcessorFactoryTests.java index b9282cd1bdb..17bc2492545 100644 --- a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/inference/ingest/InferenceProcessorFactoryTests.java +++ b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/inference/ingest/InferenceProcessorFactoryTests.java @@ -71,7 +71,7 @@ public class InferenceProcessorFactoryTests extends ESTestCase { ClusterApplierService.CLUSTER_SERVICE_SLOW_TASK_LOGGING_THRESHOLD_SETTING))); clusterService = new ClusterService(settings, clusterSettings, tp); licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); } public void testNumInferenceProcessors() throws Exception { diff --git a/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterIT.java b/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterIT.java index eb7e950db8e..9ed1e90e3c6 100644 --- a/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterIT.java +++ b/x-pack/plugin/monitoring/src/internalClusterTest/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterIT.java @@ -34,7 +34,7 @@ import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.elasticsearch.env.Environment; import org.elasticsearch.env.TestEnvironment; -import org.elasticsearch.license.XPackLicenseState; +import org.elasticsearch.license.TestUtils; import org.elasticsearch.plugins.PluginsService; import org.elasticsearch.rest.RestUtils; import org.elasticsearch.test.ESIntegTestCase; @@ -649,7 +649,7 @@ public class HttpExporterIT extends MonitoringIntegTestCase { private HttpExporter createHttpExporter(final Settings settings) { final Exporter.Config config = - new Exporter.Config("_http", "http", settings, clusterService(), new XPackLicenseState(Settings.EMPTY)); + new Exporter.Config("_http", "http", settings, clusterService(), TestUtils.newTestLicenseState()); return new HttpExporter(config, new SSLService(settings, environment), new ThreadContext(settings)); } diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerService.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerService.java index 2fd3d8f8ad3..6ae22787e08 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerService.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerService.java @@ -91,7 +91,7 @@ public class CleanerService extends AbstractLifecycleComponent { */ public TimeValue getRetention() { // we only care about their value if they are allowed to set it - if (licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION) && globalRetention != null) { + if (licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION) && globalRetention != null) { return globalRetention; } else { @@ -109,7 +109,7 @@ public class CleanerService extends AbstractLifecycleComponent { */ public void setGlobalRetention(TimeValue globalRetention) { // notify the user that their setting will be ignored until they get the right license - if (licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION) == false) { + if (licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION) == false) { logger.warn("[{}] setting will be ignored until an appropriate license is applied", MonitoringField.HISTORY_DURATION.getKey()); } @@ -166,7 +166,7 @@ public class CleanerService extends AbstractLifecycleComponent { @Override protected void doRunInLifecycle() throws Exception { - if (licenseState.isAllowed(Feature.MONITORING) == false) { + if (licenseState.checkFeature(Feature.MONITORING) == false) { logger.debug("cleaning service is disabled due to invalid license"); return; } diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/Collector.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/Collector.java index acb306d33d2..3362c435c44 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/Collector.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/Collector.java @@ -73,7 +73,7 @@ public abstract class Collector { * @param isElectedMaster true if the current local node is the elected master node */ protected boolean shouldCollect(final boolean isElectedMaster) { - if (licenseState.isAllowed(XPackLicenseState.Feature.MONITORING) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.MONITORING) == false) { logger.trace("collector [{}] can not collect data due to invalid license", name()); return false; } diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollector.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollector.java index 219253b4296..e932b52518a 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollector.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ccr/StatsCollector.java @@ -65,7 +65,7 @@ public final class StatsCollector extends Collector { return isElectedMaster && super.shouldCollect(isElectedMaster) && XPackSettings.CCR_ENABLED_SETTING.get(settings) - && licenseState.isAllowed(XPackLicenseState.Feature.CCR); + && licenseState.checkFeature(XPackLicenseState.Feature.CCR); } diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollector.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollector.java index 43baf6eac31..62c9246c4b8 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollector.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/enrich/EnrichStatsCollector.java @@ -48,7 +48,7 @@ public final class EnrichStatsCollector extends Collector { protected boolean shouldCollect(final boolean isElectedMaster) { return isElectedMaster && super.shouldCollect(isElectedMaster) - && licenseState.isAllowed(XPackLicenseState.Feature.ENRICH); + && licenseState.checkFeature(XPackLicenseState.Feature.ENRICH); } @Override diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollector.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollector.java index 5db3cc9c15d..05eab16f592 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollector.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollector.java @@ -64,7 +64,7 @@ public class JobStatsCollector extends Collector { return isElectedMaster && super.shouldCollect(isElectedMaster) && XPackSettings.MACHINE_LEARNING_ENABLED.get(settings) - && licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING); + && licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING); } @Override diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResource.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResource.java index d1201665424..b4d28bbc099 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResource.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResource.java @@ -82,7 +82,7 @@ public class ClusterAlertHttpResource extends PublishableHttpResource { @Override protected void doCheck(final RestClient client, final ActionListener listener) { // if we should be adding, then we need to check for existence - if (isWatchDefined() && licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)) { + if (isWatchDefined() && licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)) { final CheckedFunction watchChecker = (response) -> shouldReplaceClusterAlert(response, XContentType.JSON.xContent(), LAST_UPDATED_VERSION); diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporter.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporter.java index cdcd4cc10bf..8699aad3fa5 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporter.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporter.java @@ -924,7 +924,7 @@ public class HttpExporter extends Exporter { @Override public void openBulk(final ActionListener listener) { - final boolean canUseClusterAlerts = config.licenseState().isAllowed(Feature.MONITORING_CLUSTER_ALERTS); + final boolean canUseClusterAlerts = config.licenseState().checkFeature(Feature.MONITORING_CLUSTER_ALERTS); // if this changes between updates, then we need to add OR remove the watches if (clusterAlertsAllowed.compareAndSet(!canUseClusterAlerts, canUseClusterAlerts)) { diff --git a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporter.java b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporter.java index c896611fa84..fe96e44cda5 100644 --- a/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporter.java +++ b/x-pack/plugin/monitoring/src/main/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporter.java @@ -460,7 +460,7 @@ public class LocalExporter extends Exporter implements ClusterStateListener, Cle final AtomicInteger pendingResponses) { final XPackClient xpackClient = new XPackClient(client); final WatcherClient watcher = xpackClient.watcher(); - final boolean canAddWatches = licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS); + final boolean canAddWatches = licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS); for (final String watchId : ClusterAlertsUtil.WATCH_IDS) { final String uniqueWatchId = ClusterAlertsUtil.createUniqueWatchId(clusterService, watchId); diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerServiceTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerServiceTests.java index f738308b50b..32595c9c28b 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerServiceTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/cleaner/CleanerServiceTests.java @@ -66,32 +66,32 @@ public class CleanerServiceTests extends ESTestCase { TimeValue expected = TimeValue.timeValueHours(25); Settings settings = Settings.builder().put(MonitoringField.HISTORY_DURATION.getKey(), expected.getStringRep()).build(); - when(licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(true); assertEquals(expected, new CleanerService(settings, clusterSettings, threadPool, licenseState).getRetention()); - verify(licenseState).isAllowed(Feature.MONITORING_UPDATE_RETENTION); + verify(licenseState).checkFeature(Feature.MONITORING_UPDATE_RETENTION); } public void testGetRetentionDefaultValueWithNoSettings() { - when(licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(true); assertEquals(MonitoringField.HISTORY_DURATION.get(Settings.EMPTY), new CleanerService(Settings.EMPTY, clusterSettings, threadPool, licenseState).getRetention()); - verify(licenseState).isAllowed(Feature.MONITORING_UPDATE_RETENTION); + verify(licenseState).checkFeature(Feature.MONITORING_UPDATE_RETENTION); } public void testGetRetentionDefaultValueWithSettingsButUpdatesNotAllowed() { TimeValue notExpected = TimeValue.timeValueHours(25); Settings settings = Settings.builder().put(MonitoringField.HISTORY_DURATION.getKey(), notExpected.getStringRep()).build(); - when(licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(false); + when(licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(false); assertEquals(MonitoringField.HISTORY_DURATION.get(Settings.EMPTY), new CleanerService(settings, clusterSettings, threadPool, licenseState).getRetention()); - verify(licenseState).isAllowed(Feature.MONITORING_UPDATE_RETENTION); + verify(licenseState).checkFeature(Feature.MONITORING_UPDATE_RETENTION); } public void testSetGlobalRetention() { @@ -99,7 +99,7 @@ public class CleanerServiceTests extends ESTestCase { // only thing calling this method and it will use the settings object to validate the time value TimeValue expected = TimeValue.timeValueHours(2); - when(licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(true); CleanerService service = new CleanerService(Settings.EMPTY, clusterSettings, threadPool, licenseState); @@ -107,7 +107,7 @@ public class CleanerServiceTests extends ESTestCase { assertEquals(expected, service.getRetention()); - verify(licenseState, times(2)).isAllowed(Feature.MONITORING_UPDATE_RETENTION); // once by set, once by get + verify(licenseState, times(2)).checkFeature(Feature.MONITORING_UPDATE_RETENTION); // once by set, once by get } public void testSetGlobalRetentionAppliesEvenIfLicenseDisallows() { @@ -116,7 +116,7 @@ public class CleanerServiceTests extends ESTestCase { TimeValue expected = TimeValue.timeValueHours(2); // required to be true on the second call for it to see it take effect - when(licenseState.isAllowed(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(false).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING_UPDATE_RETENTION)).thenReturn(false).thenReturn(true); CleanerService service = new CleanerService(Settings.EMPTY, clusterSettings, threadPool, licenseState); @@ -126,7 +126,7 @@ public class CleanerServiceTests extends ESTestCase { // uses allow=true assertEquals(expected, service.getRetention()); - verify(licenseState, times(2)).isAllowed(Feature.MONITORING_UPDATE_RETENTION); + verify(licenseState, times(2)).checkFeature(Feature.MONITORING_UPDATE_RETENTION); } public void testNextExecutionDelay() { @@ -158,7 +158,7 @@ public class CleanerServiceTests extends ESTestCase { logger.debug("--> creates a cleaner service that cleans every second"); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); CleanerService service = new CleanerService(Settings.EMPTY, clusterSettings, licenseState, threadPool, new TestExecutionScheduler(1_000)); diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexRecoveryCollectorTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexRecoveryCollectorTests.java index be02a8d346f..cea21db75ac 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexRecoveryCollectorTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexRecoveryCollectorTests.java @@ -51,7 +51,7 @@ public class IndexRecoveryCollectorTests extends BaseCollectorTestCase { public void testShouldCollectReturnsFalseIfMonitoringNotAllowed() { // this controls the blockage - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -59,23 +59,23 @@ public class IndexRecoveryCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } public void testShouldCollectReturnsFalseIfNotMaster() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final IndexRecoveryCollector collector = new IndexRecoveryCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(false), is(false)); } public void testShouldCollectReturnsTrue() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final IndexRecoveryCollector collector = new IndexRecoveryCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(true), is(true)); - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } public void testDoCollect() throws Exception { diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexStatsCollectorTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexStatsCollectorTests.java index 40946f56d56..49d1722f46c 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexStatsCollectorTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/indices/IndexStatsCollectorTests.java @@ -46,7 +46,7 @@ public class IndexStatsCollectorTests extends BaseCollectorTestCase { public void testShouldCollectReturnsFalseIfMonitoringNotAllowed() { // this controls the blockage - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -54,23 +54,23 @@ public class IndexStatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } public void testShouldCollectReturnsFalseIfNotMaster() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final IndexStatsCollector collector = new IndexStatsCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(false), is(false)); } public void testShouldCollectReturnsTrue() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final IndexStatsCollector collector = new IndexStatsCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(true), is(true)); - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } public void testDoCollect() throws Exception { diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollectorTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollectorTests.java index 495fb9e68f9..54776f203e0 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollectorTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/ml/JobStatsCollectorTests.java @@ -49,14 +49,14 @@ public class JobStatsCollectorTests extends BaseCollectorTestCase { whenLocalNodeElectedMaster(isElectedMaster); // this controls the blockage - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(false); - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(mlAllowed); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(mlAllowed); final JobStatsCollector collector = new JobStatsCollector(settings, clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } @@ -64,8 +64,8 @@ public class JobStatsCollectorTests extends BaseCollectorTestCase { // regardless of ML being enabled final Settings settings = randomFrom(mlEnabledSettings(), mlDisabledSettings()); - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(randomBoolean()); - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(randomBoolean()); // this controls the blockage final boolean isElectedMaster = false; @@ -78,8 +78,8 @@ public class JobStatsCollectorTests extends BaseCollectorTestCase { // this is controls the blockage final Settings settings = mlDisabledSettings(); - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(randomBoolean()); - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(randomBoolean()); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -89,16 +89,16 @@ public class JobStatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } public void testShouldCollectReturnsFalseIfMLIsNotAllowed() { final Settings settings = randomFrom(mlEnabledSettings(), mlDisabledSettings()); - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(randomBoolean()); // this is controls the blockage - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -107,22 +107,22 @@ public class JobStatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } public void testShouldCollectReturnsTrue() { final Settings settings = mlEnabledSettings(); - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); - when(licenseState.isAllowed(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MACHINE_LEARNING)).thenReturn(true); final boolean isElectedMaster = true; final JobStatsCollector collector = new JobStatsCollector(settings, clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(true)); - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } public void testDoCollect() throws Exception { diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/node/NodeStatsCollectorTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/node/NodeStatsCollectorTests.java index f87409dd84a..b3759e4d1d1 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/node/NodeStatsCollectorTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/node/NodeStatsCollectorTests.java @@ -39,7 +39,7 @@ public class NodeStatsCollectorTests extends BaseCollectorTestCase { public void testShouldCollectReturnsFalseIfMonitoringNotAllowed() { // this controls the blockage - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -47,22 +47,22 @@ public class NodeStatsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } public void testShouldCollectReturnsTrue() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final boolean isElectedMaster = true; final NodeStatsCollector collector = new NodeStatsCollector(clusterService, licenseState, client); assertThat(collector.shouldCollect(isElectedMaster), is(true)); - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } public void testDoCollectWithFailures() throws Exception { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final TimeValue timeout = TimeValue.parseTimeValue(randomPositiveTimeValue(), NodeStatsCollectorTests.class.getName()); withCollectionTimeout(NodeStatsCollector.NODE_STATS_TIMEOUT, timeout); @@ -85,7 +85,7 @@ public class NodeStatsCollectorTests extends BaseCollectorTestCase { } public void testDoCollect() throws Exception { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); final TimeValue timeout = TimeValue.timeValueSeconds(randomIntBetween(1, 120)); withCollectionTimeout(NodeStatsCollector.NODE_STATS_TIMEOUT, timeout); diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/shards/ShardsCollectorTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/shards/ShardsCollectorTests.java index f831fa3dcdc..817e34fbffd 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/shards/ShardsCollectorTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/collector/shards/ShardsCollectorTests.java @@ -44,7 +44,7 @@ public class ShardsCollectorTests extends BaseCollectorTestCase { public void testShouldCollectReturnsFalseIfMonitoringNotAllowed() { // this controls the blockage - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(false); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(false); final boolean isElectedMaster = randomBoolean(); whenLocalNodeElectedMaster(isElectedMaster); @@ -52,12 +52,12 @@ public class ShardsCollectorTests extends BaseCollectorTestCase { assertThat(collector.shouldCollect(isElectedMaster), is(false)); if (isElectedMaster) { - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } } public void testShouldCollectReturnsFalseIfNotMaster() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); // this controls the blockage whenLocalNodeElectedMaster(false); @@ -67,13 +67,13 @@ public class ShardsCollectorTests extends BaseCollectorTestCase { } public void testShouldCollectReturnsTrue() { - when(licenseState.isAllowed(Feature.MONITORING)).thenReturn(true); + when(licenseState.checkFeature(Feature.MONITORING)).thenReturn(true); whenLocalNodeElectedMaster(true); final ShardsCollector collector = new ShardsCollector(clusterService, licenseState); assertThat(collector.shouldCollect(true), is(true)); - verify(licenseState).isAllowed(Feature.MONITORING); + verify(licenseState).checkFeature(Feature.MONITORING); } public void testDoCollectWhenNoClusterState() throws Exception { diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResourceTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResourceTests.java index f788356cfad..1b602d0e086 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResourceTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/ClusterAlertHttpResourceTests.java @@ -60,7 +60,7 @@ public class ClusterAlertHttpResourceTests extends AbstractPublishableHttpResour } public void testDoCheckGetWatchExists() throws IOException { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(true); final HttpEntity entity = entityForClusterAlert(true, minimumVersion); @@ -68,7 +68,7 @@ public class ClusterAlertHttpResourceTests extends AbstractPublishableHttpResour } public void testDoCheckGetWatchDoesNotExist() throws IOException { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(true); if (randomBoolean()) { // it does not exist because it's literally not there @@ -82,7 +82,7 @@ public class ClusterAlertHttpResourceTests extends AbstractPublishableHttpResour } public void testDoCheckWithExceptionGetWatchError() throws IOException { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(true); if (randomBoolean()) { // error because of a server error @@ -100,7 +100,7 @@ public class ClusterAlertHttpResourceTests extends AbstractPublishableHttpResour final boolean clusterAlertsAllowed = randomBoolean(); // should not matter - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(clusterAlertsAllowed); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(clusterAlertsAllowed); assertCheckAsDeleteExists(noWatchResource, "/_watcher/watch", watchId); } @@ -110,19 +110,19 @@ public class ClusterAlertHttpResourceTests extends AbstractPublishableHttpResour final boolean clusterAlertsAllowed = randomBoolean(); // should not matter - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(clusterAlertsAllowed); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(clusterAlertsAllowed); assertCheckAsDeleteWithException(noWatchResource, "/_watcher/watch", watchId); } public void testDoCheckAsDeleteWatchExists() throws IOException { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(false); assertCheckAsDeleteExists(resource, "/_watcher/watch", watchId); } public void testDoCheckWithExceptionAsDeleteWatchError() throws IOException { - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(false); assertCheckAsDeleteWithException(resource, "/_watcher/watch", watchId); } diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterResourceTests.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterResourceTests.java index 101ced08413..1b1947f76c6 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterResourceTests.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/http/HttpExporterResourceTests.java @@ -735,7 +735,7 @@ public class HttpExporterResourceTests extends AbstractPublishableHttpResourceTe when(state.metadata()).thenReturn(metadata); when(metadata.clusterUUID()).thenReturn("the_clusters_uuid"); - when(licenseState.isAllowed(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(validLicense); + when(licenseState.checkFeature(XPackLicenseState.Feature.MONITORING_CLUSTER_ALERTS)).thenReturn(validLicense); final HttpEntity entity = new StringEntity("{\"features\":{\"watcher\":{\"enabled\":true,\"available\":true}}}", ContentType.APPLICATION_JSON); diff --git a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporterIntegTestCase.java b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporterIntegTestCase.java index 4658ff3d717..acc730f0e3d 100644 --- a/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporterIntegTestCase.java +++ b/x-pack/plugin/monitoring/src/test/java/org/elasticsearch/xpack/monitoring/exporter/local/LocalExporterIntegTestCase.java @@ -6,6 +6,7 @@ package org.elasticsearch.xpack.monitoring.exporter.local; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.license.TestUtils; import org.elasticsearch.license.XPackLicenseState; import org.elasticsearch.threadpool.TestThreadPool; import org.elasticsearch.threadpool.ThreadPool; @@ -69,7 +70,7 @@ public abstract class LocalExporterIntegTestCase extends MonitoringIntegTestCase */ protected LocalExporter createLocalExporter() { final Settings settings = localExporterSettings(); - final XPackLicenseState licenseState = new XPackLicenseState(Settings.EMPTY); + final XPackLicenseState licenseState = TestUtils.newTestLicenseState(); final Exporter.Config config = new Exporter.Config(exporterName, "local", settings, clusterService(), licenseState); final CleanerService cleanerService = new CleanerService(settings, clusterService().getClusterSettings(), THREADPOOL, licenseState); diff --git a/x-pack/plugin/rollup/src/main/java/org/elasticsearch/xpack/rollup/action/TransportPutRollupJobAction.java b/x-pack/plugin/rollup/src/main/java/org/elasticsearch/xpack/rollup/action/TransportPutRollupJobAction.java index 68c1be3af98..f993bd59696 100644 --- a/x-pack/plugin/rollup/src/main/java/org/elasticsearch/xpack/rollup/action/TransportPutRollupJobAction.java +++ b/x-pack/plugin/rollup/src/main/java/org/elasticsearch/xpack/rollup/action/TransportPutRollupJobAction.java @@ -96,7 +96,7 @@ public class TransportPutRollupJobAction extends TransportMasterNodeAction listener) { - if (!licenseState.isAllowed(XPackLicenseState.Feature.ROLLUP)) { + if (!licenseState.checkFeature(XPackLicenseState.Feature.ROLLUP)) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.ROLLUP)); return; } diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java index 804f3bc59c3..75ba53c154b 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java @@ -1040,7 +1040,7 @@ public class Security extends Plugin implements SystemIndexPlugin, IngestPlugin, if (enabled) { return index -> { XPackLicenseState licenseState = getLicenseState(); - if (licenseState.isSecurityEnabled() == false || licenseState.isAllowed(Feature.SECURITY_DLS_FLS) == false) { + if (licenseState.isSecurityEnabled() == false || licenseState.checkFeature(Feature.SECURITY_DLS_FLS) == false) { return MapperPlugin.NOOP_FIELD_PREDICATE; } IndicesAccessControl indicesAccessControl = threadContext.get().getTransient( diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilter.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilter.java index d19d2a3ae57..3d255b7690e 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilter.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilter.java @@ -73,7 +73,7 @@ public class SecurityActionFilter implements ActionFilter { A functional requirement - when the license of security is disabled (invalid/expires), security will continue to operate normally, except all read operations will be blocked. */ - if (licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH) == false && LICENSE_EXPIRATION_ACTION_MATCHER.test(action)) { + if (licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH) == false && LICENSE_EXPIRATION_ACTION_MATCHER.test(action)) { logger.error("blocking [{}] operation due to expired license. Cluster health, cluster stats and indices stats \n" + "operations are blocked on license expiration. All data operations (read and write) continue to work. \n" + "If you have a new license, please update it. Otherwise, please reach out to your support contact.", action); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java index b181e9bbc69..018f88cfdf3 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/audit/AuditTrailService.java @@ -33,7 +33,7 @@ public class AuditTrailService { public AuditTrail get() { if (compositeAuditTrail.isEmpty() == false && - licenseState.isSecurityEnabled() && licenseState.isAllowed(Feature.SECURITY_AUDITING)) { + licenseState.isSecurityEnabled() && licenseState.checkFeature(Feature.SECURITY_AUDITING)) { return compositeAuditTrail; } else { return NOOP_AUDIT_TRAIL; diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java index ff3030a2f37..8a4922aa4bc 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java @@ -580,12 +580,12 @@ public class ApiKeyService { private boolean isEnabled() { return enabled && licenseState.isSecurityEnabled() && - licenseState.isAllowed(XPackLicenseState.Feature.SECURITY_API_KEY_SERVICE); + licenseState.checkFeature(XPackLicenseState.Feature.SECURITY_API_KEY_SERVICE); } public void ensureEnabled() { if (licenseState.isSecurityEnabled() == false || - licenseState.isAllowed(XPackLicenseState.Feature.SECURITY_API_KEY_SERVICE) == false) { + licenseState.checkFeature(XPackLicenseState.Feature.SECURITY_API_KEY_SERVICE) == false) { throw LicenseUtils.newComplianceException("api keys"); } if (enabled == false) { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/Realms.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/Realms.java index c43c788591b..890975b5f79 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/Realms.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/Realms.java @@ -119,7 +119,7 @@ public class Realms implements Iterable { } // If all realms are allowed, then nothing is unlicensed - if (licenseStateSnapshot.isAllowed(Feature.SECURITY_ALL_REALMS)) { + if (licenseStateSnapshot.checkFeature(Feature.SECURITY_ALL_REALMS)) { return Collections.emptyList(); } @@ -143,9 +143,9 @@ public class Realms implements Iterable { if (licenseStateSnapshot.isSecurityEnabled() == false) { return Collections.emptyList(); } - if (licenseStateSnapshot.isAllowed(Feature.SECURITY_ALL_REALMS)) { + if (licenseStateSnapshot.checkFeature(Feature.SECURITY_ALL_REALMS)) { return realms; - } else if (licenseStateSnapshot.isAllowed(Feature.SECURITY_STANDARD_REALMS)) { + } else if (licenseStateSnapshot.checkFeature(Feature.SECURITY_STANDARD_REALMS)) { return standardRealmsOnly; } else { // native realms are basic licensed, and always allowed, even for an expired license @@ -337,9 +337,9 @@ public class Realms implements Iterable { } public static boolean isRealmTypeAvailable(XPackLicenseState licenseState, String type) { - if (licenseState.isAllowed(Feature.SECURITY_ALL_REALMS)) { + if (licenseState.checkFeature(Feature.SECURITY_ALL_REALMS)) { return true; - } else if (licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS)) { + } else if (licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS)) { return InternalRealms.isStandardRealm(type) || ReservedRealm.TYPE.equals(type); } else { return FileRealmSettings.TYPE.equals(type) || NativeRealmSettings.TYPE.equals(type); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/TokenService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/TokenService.java index 5304abe48fa..eb2e25ed849 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/TokenService.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/TokenService.java @@ -1568,12 +1568,12 @@ public final class TokenService { private boolean isEnabled() { return enabled && licenseState.isSecurityEnabled() && - licenseState.isAllowed(XPackLicenseState.Feature.SECURITY_TOKEN_SERVICE); + licenseState.checkFeature(XPackLicenseState.Feature.SECURITY_TOKEN_SERVICE); } private void ensureEnabled() { if (licenseState.isSecurityEnabled() == false || - licenseState.isAllowed(XPackLicenseState.Feature.SECURITY_TOKEN_SERVICE) == false) { + licenseState.checkFeature(XPackLicenseState.Feature.SECURITY_TOKEN_SERVICE) == false) { throw LicenseUtils.newComplianceException("security tokens"); } if (enabled == false) { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupport.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupport.java index f7442918ba1..9e8788d87ad 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupport.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupport.java @@ -81,7 +81,7 @@ public class DelegatedAuthorizationSupport { * with a meaningful diagnostic message. */ public void resolve(String username, ActionListener resultListener) { - boolean authzOk = licenseState.isSecurityEnabled() && licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM); + boolean authzOk = licenseState.isSecurityEnabled() && licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM); if (authzOk == false) { resultListener.onResponse(AuthenticationResult.unsuccessful( DelegatedAuthorizationSettings.AUTHZ_REALMS_SUFFIX + " are not permitted", diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java index e2a335614ee..569ecaa7f04 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java @@ -367,7 +367,7 @@ public class AuthorizationService { private AuthorizationEngine getAuthorizationEngineForUser(final User user) { if (rbacEngine != authorizationEngine && licenseState.isSecurityEnabled() && - licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)) { + licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)) { if (ClientReservedRealm.isReserved(user.principal(), settings) || isInternalUser(user)) { return rbacEngine; } else { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/BulkShardRequestInterceptor.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/BulkShardRequestInterceptor.java index 4bda40e4be6..c8c4f0c7516 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/BulkShardRequestInterceptor.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/BulkShardRequestInterceptor.java @@ -41,7 +41,7 @@ public class BulkShardRequestInterceptor implements RequestInterceptor { @Override public void intercept(RequestInfo requestInfo, AuthorizationEngine authzEngine, AuthorizationInfo authorizationInfo, ActionListener listener) { - boolean shouldIntercept = licenseState.isSecurityEnabled() && licenseState.isAllowed(Feature.SECURITY_DLS_FLS); + boolean shouldIntercept = licenseState.isSecurityEnabled() && licenseState.checkFeature(Feature.SECURITY_DLS_FLS); if (requestInfo.getRequest() instanceof BulkShardRequest && shouldIntercept) { IndicesAccessControl indicesAccessControl = threadContext.getTransient(AuthorizationServiceField.INDICES_PERMISSIONS_KEY); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/FieldAndDocumentLevelSecurityRequestInterceptor.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/FieldAndDocumentLevelSecurityRequestInterceptor.java index b849af94b2c..600b11532dd 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/FieldAndDocumentLevelSecurityRequestInterceptor.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/FieldAndDocumentLevelSecurityRequestInterceptor.java @@ -39,7 +39,7 @@ abstract class FieldAndDocumentLevelSecurityRequestInterceptor implements Reques ActionListener listener) { if (requestInfo.getRequest() instanceof IndicesRequest) { IndicesRequest indicesRequest = (IndicesRequest) requestInfo.getRequest(); - boolean shouldIntercept = licenseState.isSecurityEnabled() && licenseState.isAllowed(Feature.SECURITY_DLS_FLS); + boolean shouldIntercept = licenseState.isSecurityEnabled() && licenseState.checkFeature(Feature.SECURITY_DLS_FLS); if (supports(indicesRequest) && shouldIntercept) { final IndicesAccessControl indicesAccessControl = threadContext.getTransient(AuthorizationServiceField.INDICES_PERMISSIONS_KEY); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptor.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptor.java index 6648df0dc7b..b95e8410f81 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptor.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptor.java @@ -52,7 +52,7 @@ public final class IndicesAliasesRequestInterceptor implements RequestIntercepto final XPackLicenseState frozenLicenseState = licenseState.copyCurrentLicenseState(); final AuditTrail auditTrail = auditTrailService.get(); if (frozenLicenseState.isSecurityEnabled()) { - if (frozenLicenseState.isAllowed(Feature.SECURITY_DLS_FLS)) { + if (frozenLicenseState.checkFeature(Feature.SECURITY_DLS_FLS)) { IndicesAccessControl indicesAccessControl = threadContext.getTransient(AuthorizationServiceField.INDICES_PERMISSIONS_KEY); for (IndicesAliasesRequest.AliasActions aliasAction : request.getAliasActions()) { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptor.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptor.java index 8cafeecf125..976acae3a29 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptor.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptor.java @@ -48,7 +48,7 @@ public final class ResizeRequestInterceptor implements RequestInterceptor { final XPackLicenseState frozenLicenseState = licenseState.copyCurrentLicenseState(); final AuditTrail auditTrail = auditTrailService.get(); if (frozenLicenseState.isSecurityEnabled()) { - if (frozenLicenseState.isAllowed(Feature.SECURITY_DLS_FLS)) { + if (frozenLicenseState.checkFeature(Feature.SECURITY_DLS_FLS)) { IndicesAccessControl indicesAccessControl = threadContext.getTransient(AuthorizationServiceField.INDICES_PERMISSIONS_KEY); IndicesAccessControl.IndexAccessControl indexAccessControl = diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStore.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStore.java index 49548d443d4..73517972fbb 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStore.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStore.java @@ -166,7 +166,7 @@ public class CompositeRolesStore { rolesRetrievalResult.getMissingRoles())); } final Set effectiveDescriptors; - if (licenseState.isAllowed(Feature.SECURITY_DLS_FLS)) { + if (licenseState.checkFeature(Feature.SECURITY_DLS_FLS)) { effectiveDescriptors = rolesRetrievalResult.getRoleDescriptors(); } else { effectiveDescriptors = rolesRetrievalResult.getRoleDescriptors().stream() @@ -321,7 +321,7 @@ public class CompositeRolesStore { private void loadRoleDescriptorsAsync(Set roleNames, ActionListener listener) { final RolesRetrievalResult rolesResult = new RolesRetrievalResult(); final List, ActionListener>> asyncRoleProviders = - licenseState.isAllowed(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS) ? allRoleProviders : builtInRoleProviders; + licenseState.checkFeature(Feature.SECURITY_CUSTOM_ROLE_PROVIDERS) ? allRoleProviders : builtInRoleProviders; final ActionListener descriptorsListener = ContextPreservingActionListener.wrapPreservingContext(ActionListener.wrap(ignore -> { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/FileRolesStore.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/FileRolesStore.java index 39378c18283..7473a0a2781 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/FileRolesStore.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/FileRolesStore.java @@ -176,7 +176,7 @@ public class FileRolesStore implements BiConsumer, ActionListener roleSegments = roleSegments(path); - final boolean flsDlsLicensed = licenseState.isAllowed(Feature.SECURITY_DLS_FLS); + final boolean flsDlsLicensed = licenseState.checkFeature(Feature.SECURITY_DLS_FLS); for (String segment : roleSegments) { RoleDescriptor descriptor = parseRoleDescriptor(segment, path, logger, resolvePermission, settings, xContentRegistry); if (descriptor != null) { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStore.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStore.java index b062eaff8d4..b471b66cfaa 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStore.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStore.java @@ -201,7 +201,7 @@ public class NativeRolesStore implements BiConsumer, ActionListener< } public void putRole(final PutRoleRequest request, final RoleDescriptor role, final ActionListener listener) { - if (licenseState.isAllowed(Feature.SECURITY_DLS_FLS)) { + if (licenseState.checkFeature(Feature.SECURITY_DLS_FLS)) { innerPutRole(request, role, listener); } else if (role.isUsingDocumentOrFieldLevelSecurity()) { listener.onFailure(LicenseUtils.newComplianceException("field and document level security")); @@ -382,7 +382,7 @@ public class NativeRolesStore implements BiConsumer, ActionListener< // we pass true as last parameter because we do not want to reject permissions if the field permissions // are given in 2.x syntax RoleDescriptor roleDescriptor = RoleDescriptor.parse(name, sourceBytes, true, XContentType.JSON); - if (licenseState.isAllowed(Feature.SECURITY_DLS_FLS)) { + if (licenseState.checkFeature(Feature.SECURITY_DLS_FLS)) { return roleDescriptor; } else { final boolean dlsEnabled = diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestDelegatePkiAuthenticationAction.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestDelegatePkiAuthenticationAction.java index 7e39999f2a8..304721f5060 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestDelegatePkiAuthenticationAction.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestDelegatePkiAuthenticationAction.java @@ -55,7 +55,7 @@ public final class RestDelegatePkiAuthenticationAction extends SecurityBaseRestH Exception failedFeature = super.checkFeatureAvailable(request); if (failedFeature != null) { return failedFeature; - } else if (licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS)) { + } else if (licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS)) { return null; } else { logger.info("The '{}' realm is not available under the current license", PkiRealmSettings.TYPE); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandler.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandler.java index fb025012c0b..e8e5d524fcb 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandler.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandler.java @@ -68,7 +68,7 @@ public abstract class SecurityBaseRestHandler extends BaseRestHandler { protected Exception checkFeatureAvailable(RestRequest request) { if (XPackSettings.SECURITY_ENABLED.get(settings) == false) { return new IllegalStateException("Security is not enabled but a security rest handler is registered"); - } else if (licenseState.isAllowed(XPackLicenseState.Feature.SECURITY) == false) { + } else if (licenseState.checkFeature(XPackLicenseState.Feature.SECURITY) == false) { return LicenseUtils.newComplianceException(XPackField.SECURITY); } else if (licenseState.isSecurityEnabled() == false) { return new ElasticsearchException("Security must be explicitly enabled when using a [" + diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/apikey/ApiKeyBaseRestHandler.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/apikey/ApiKeyBaseRestHandler.java index e8bb98057f8..8ec5f57d8e3 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/apikey/ApiKeyBaseRestHandler.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/apikey/ApiKeyBaseRestHandler.java @@ -30,7 +30,7 @@ abstract class ApiKeyBaseRestHandler extends SecurityBaseRestHandler { Exception failedFeature = super.checkFeatureAvailable(request); if (failedFeature != null) { return failedFeature; - } else if (licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)) { + } else if (licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)) { return null; } else { logger.info("API Keys are not available under the current [{}] license", licenseState.getOperationMode().description()); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/oauth2/TokenBaseRestHandler.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/oauth2/TokenBaseRestHandler.java index 3d2b1114000..16747fe41ac 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/oauth2/TokenBaseRestHandler.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/oauth2/TokenBaseRestHandler.java @@ -31,7 +31,7 @@ abstract class TokenBaseRestHandler extends SecurityBaseRestHandler { Exception failedFeature = super.checkFeatureAvailable(request); if (failedFeature != null) { return failedFeature; - } else if (licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)) { + } else if (licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)) { return null; } else { logger.info("Security tokens are not available under the current [{}] license", licenseState.getOperationMode().description()); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListener.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListener.java index 6b61e71165c..1a9013a9930 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListener.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListener.java @@ -35,7 +35,7 @@ public class SecurityStatusChangeListener implements LicenseStateListener { */ @Override public synchronized void licenseStateChanged() { - final boolean newState = licenseState.isAllowed(XPackLicenseState.Feature.SECURITY) && licenseState.isSecurityEnabled(); + final boolean newState = licenseState.checkFeature(XPackLicenseState.Feature.SECURITY) && licenseState.isSecurityEnabled(); // old state might be null (undefined) so do Object comparison if (Objects.equals(newState, securityEnabled) == false) { logger.info("Active license is now [{}]; Security is {}", licenseState.getOperationMode(), newState ? "enabled" : "disabled"); diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/transport/filter/IPFilter.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/transport/filter/IPFilter.java index 72528e0b466..aef8e7b4edb 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/transport/filter/IPFilter.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/transport/filter/IPFilter.java @@ -201,7 +201,7 @@ public class IPFilter { public boolean accept(String profile, InetSocketAddress peerAddress) { if (licenseState.isSecurityEnabled() == false || - licenseState.isAllowed(Feature.SECURITY_IP_FILTERING) == false) { + licenseState.checkFeature(Feature.SECURITY_IP_FILTERING) == false) { return true; } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilterTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilterTests.java index d2d2d4deaba..71611a624c9 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilterTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/filter/SecurityActionFilterTests.java @@ -67,7 +67,7 @@ public class SecurityActionFilterTests extends ESTestCase { authzService = mock(AuthorizationService.class); licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_STATS_AND_HEALTH)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_STATS_AND_HEALTH)).thenReturn(true); ThreadPool threadPool = mock(ThreadPool.class); threadContext = new ThreadContext(Settings.EMPTY); when(threadPool.getThreadContext()).thenReturn(threadContext); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/oidc/TransportOpenIdConnectLogoutActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/oidc/TransportOpenIdConnectLogoutActionTests.java index 767a9a2ad1c..a738e3efb4b 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/oidc/TransportOpenIdConnectLogoutActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/oidc/TransportOpenIdConnectLogoutActionTests.java @@ -179,7 +179,7 @@ public class TransportOpenIdConnectLogoutActionTests extends OpenIdConnectTestCa final XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); tokenService = new TokenService(settings, Clock.systemUTC(), client, licenseState, new SecurityContext(settings, threadContext), securityIndex, securityIndex, clusterService); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlInvalidateSessionActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlInvalidateSessionActionTests.java index 9caec93d9a3..87794946dd2 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlInvalidateSessionActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlInvalidateSessionActionTests.java @@ -206,7 +206,7 @@ public class TransportSamlInvalidateSessionActionTests extends SamlTestCase { final XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); final ClusterService clusterService = ClusterServiceUtils.createClusterService(threadPool); final SecurityContext securityContext = new SecurityContext(settings, threadContext); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlLogoutActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlLogoutActionTests.java index 2dbd8e9548b..4e125d8a7a0 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlLogoutActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/saml/TransportSamlLogoutActionTests.java @@ -209,7 +209,7 @@ public class TransportSamlLogoutActionTests extends SamlTestCase { final XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); final ClusterService clusterService = ClusterServiceUtils.createClusterService(threadPool); final SecurityContext securityContext = new SecurityContext(settings, threadContext); tokenService = new TokenService(settings, Clock.systemUTC(), client, licenseState, securityContext, securityIndex, securityIndex, diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportCreateTokenActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportCreateTokenActionTests.java index 1b8ec20db15..8fe4db7e793 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportCreateTokenActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportCreateTokenActionTests.java @@ -170,7 +170,7 @@ public class TransportCreateTokenActionTests extends ESTestCase { this.license = mock(XPackLicenseState.class); when(license.isSecurityEnabled()).thenReturn(true); - when(license.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(license.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); } @After diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportInvalidateTokenActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportInvalidateTokenActionTests.java index 8b612a6914d..f1c2c3e4b42 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportInvalidateTokenActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/action/token/TransportInvalidateTokenActionTests.java @@ -75,7 +75,7 @@ public class TransportInvalidateTokenActionTests extends ESTestCase { this.clusterService = ClusterServiceUtils.createClusterService(threadPool); this.license = mock(XPackLicenseState.class); when(license.isSecurityEnabled()).thenReturn(true); - when(license.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(license.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); } public void testInvalidateTokensWhenIndexUnavailable() throws Exception { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java index cb444d12179..58f43a11d3a 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/audit/AuditTrailServiceTests.java @@ -52,7 +52,7 @@ public class AuditTrailServiceTests extends ESTestCase { service = new AuditTrailService(auditTrails, licenseState); isAuditingAllowed = randomBoolean(); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(isAuditingAllowed); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(isAuditingAllowed); token = mock(AuthenticationToken.class); request = mock(TransportRequest.class); restRequest = mock(RestRequest.class); @@ -61,7 +61,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAuthenticationFailed() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationFailed(requestId, token, "_action", request); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationFailed(requestId, token, "_action", request); @@ -74,7 +74,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAuthenticationFailedNoToken() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationFailed(requestId, "_action", request); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationFailed(requestId, "_action", request); @@ -87,7 +87,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAuthenticationFailedRestNoToken() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationFailed(requestId, restRequest); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationFailed(requestId, restRequest); @@ -100,7 +100,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAuthenticationFailedRest() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationFailed(requestId, token, restRequest); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationFailed(requestId, token, restRequest); @@ -113,7 +113,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAuthenticationFailedRealm() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationFailed(requestId, "_realm", token, "_action", request); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationFailed(requestId, "_realm", token, "_action", request); @@ -126,7 +126,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAuthenticationFailedRestRealm() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationFailed(requestId, "_realm", token, restRequest); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationFailed(requestId, "_realm", token, restRequest); @@ -139,7 +139,7 @@ public class AuditTrailServiceTests extends ESTestCase { public void testAnonymousAccess() throws Exception { final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().anonymousAccessDenied(requestId, "_action", request); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).anonymousAccessDenied(requestId, "_action", request); @@ -156,7 +156,7 @@ public class AuditTrailServiceTests extends ESTestCase { () -> Collections.singletonMap(PRINCIPAL_ROLES_FIELD_NAME, new String[] { randomAlphaOfLengthBetween(1, 6) }); final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().accessGranted(requestId, authentication, "_action", request, authzInfo); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).accessGranted(requestId, authentication, "_action", request, authzInfo); @@ -173,7 +173,7 @@ public class AuditTrailServiceTests extends ESTestCase { () -> Collections.singletonMap(PRINCIPAL_ROLES_FIELD_NAME, new String[] { randomAlphaOfLengthBetween(1, 6) }); final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().accessDenied(requestId, authentication, "_action", request, authzInfo); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).accessDenied(requestId, authentication, "_action", request, authzInfo); @@ -187,7 +187,7 @@ public class AuditTrailServiceTests extends ESTestCase { InetAddress inetAddress = InetAddress.getLoopbackAddress(); SecurityIpFilterRule rule = randomBoolean() ? SecurityIpFilterRule.ACCEPT_ALL : IPFilter.DEFAULT_PROFILE_ACCEPT_ALL; service.get().connectionGranted(inetAddress, "client", rule); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).connectionGranted(inetAddress, "client", rule); @@ -201,7 +201,7 @@ public class AuditTrailServiceTests extends ESTestCase { InetAddress inetAddress = InetAddress.getLoopbackAddress(); SecurityIpFilterRule rule = new SecurityIpFilterRule(false, "_all"); service.get().connectionDenied(inetAddress, "client", rule); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).connectionDenied(inetAddress, "client", rule); @@ -216,7 +216,7 @@ public class AuditTrailServiceTests extends ESTestCase { String realm = "_realm"; final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationSuccess(requestId, realm, user, restRequest); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationSuccess(requestId, realm, user, restRequest); @@ -231,7 +231,7 @@ public class AuditTrailServiceTests extends ESTestCase { String realm = "_realm"; final String requestId = randomAlphaOfLengthBetween(6, 12); service.get().authenticationSuccess(requestId, realm, user, "_action", request); - verify(licenseState).isAllowed(Feature.SECURITY_AUDITING); + verify(licenseState).checkFeature(Feature.SECURITY_AUDITING); if (isAuditingAllowed) { for (AuditTrail auditTrail : auditTrails) { verify(auditTrail).authenticationSuccess(requestId, realm, user, "_action", request); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ApiKeyServiceTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ApiKeyServiceTests.java index 9e71def6d12..0f0fa24d538 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ApiKeyServiceTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ApiKeyServiceTests.java @@ -100,7 +100,7 @@ public class ApiKeyServiceTests extends ESTestCase { public void setupMocks() { this.licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); this.client = mock(Client.class); this.securityIndex = SecurityMocks.mockSecurityIndexManager(); @@ -169,7 +169,7 @@ public class ApiKeyServiceTests extends ESTestCase { mockKeyDocument(service, id, key, new User(randomAlphaOfLength(6), randomAlphaOfLength(12))); - when(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(false); final AuthenticationResult auth = tryAuthenticate(service, id, key); assertThat(auth.getStatus(), is(AuthenticationResult.Status.CONTINUE)); assertThat(auth.getUser(), nullValue()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/AuthenticationServiceTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/AuthenticationServiceTests.java index 1436a67c44d..dd680af8bae 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/AuthenticationServiceTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/AuthenticationServiceTests.java @@ -189,12 +189,12 @@ public class AuthenticationServiceTests extends ESTestCase { .put(XPackSettings.API_KEY_SERVICE_ENABLED_SETTING.getKey(), true) .build(); XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS)).thenReturn(true); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); when(licenseState.copyCurrentLicenseState()).thenReturn(licenseState); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); ReservedRealm reservedRealm = mock(ReservedRealm.class); when(reservedRealm.type()).thenReturn("reserved"); when(reservedRealm.name()).thenReturn("reserved_realm"); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/RealmsTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/RealmsTests.java index 776803e27b8..d9ba5e8b290 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/RealmsTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/RealmsTests.java @@ -82,18 +82,18 @@ public class RealmsTests extends ESTestCase { } private void allowAllRealms() { - when(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS)).thenReturn(true); } private void allowOnlyStandardRealms() { - when(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS)).thenReturn(false); - when(licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS)).thenReturn(true); } private void allowOnlyNativeRealms() { - when(licenseState.isAllowed(Feature.SECURITY_ALL_REALMS)).thenReturn(false); - when(licenseState.isAllowed(Feature.SECURITY_STANDARD_REALMS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_ALL_REALMS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_STANDARD_REALMS)).thenReturn(false); } public void testWithSettings() throws Exception { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/TokenServiceTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/TokenServiceTests.java index f802ae854f3..041a858b7a4 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/TokenServiceTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/TokenServiceTests.java @@ -144,7 +144,7 @@ public class TokenServiceTests extends ESTestCase { // License state (enabled by default) licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); // version 7.2 was an "inflection" point in the Token Service development (access_tokens as UUIDS, multiple concurrent refreshes, // tokens docs on a separate index), let's test the TokenService works in a mixed cluster with nodes with versions prior to these @@ -755,7 +755,7 @@ public class TokenServiceTests extends ESTestCase { } public void testCannotValidateTokenIfLicenseDoesNotAllowTokens() throws Exception { - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); TokenService tokenService = createTokenService(tokenServiceEnabledSettings, Clock.systemUTC()); Authentication authentication = new Authentication(new User("joe", "admin"), new RealmRef("native_realm", "native", "node1"), null); final String userTokenId = UUIDs.randomBase64UUID(); @@ -768,7 +768,7 @@ public class TokenServiceTests extends ESTestCase { storeTokenHeader(threadContext, tokenService.prependVersionAndEncodeAccessToken(token.getVersion(), accessToken)); PlainActionFuture authFuture = new PlainActionFuture<>(); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(false); tokenService.getAndValidateToken(threadContext, authFuture); UserToken authToken = authFuture.actionGet(); assertThat(authToken, Matchers.nullValue()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/KerberosRealmTestCase.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/KerberosRealmTestCase.java index 2775fd55715..c9a4e7a391a 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/KerberosRealmTestCase.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/kerberos/KerberosRealmTestCase.java @@ -85,7 +85,7 @@ public abstract class KerberosRealmTestCase extends ESTestCase { writeKeyTab(dir.resolve("key.keytab"), "asa").toString(), 100, "10m", true, randomBoolean()); licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); } @After diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java index 3f99571c7e7..a57a22e83f0 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapRealmTests.java @@ -108,7 +108,7 @@ public class LdapRealmTests extends LdapTestCase { sslService = new SSLService(defaultGlobalSettings, TestEnvironment.newEnvironment(defaultGlobalSettings)); licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); } @After diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/oidc/OpenIdConnectRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/oidc/OpenIdConnectRealmTests.java index 5072d3b041e..fb04dfacc8a 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/oidc/OpenIdConnectRealmTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/oidc/OpenIdConnectRealmTests.java @@ -382,7 +382,7 @@ public class OpenIdConnectRealmTests extends OpenIdConnectTestCase { private void initializeRealms(Realm... realms) { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); final List realmList = Arrays.asList(realms); for (Realm realm : realms) { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiRealmTests.java index 03565691b4b..8fc691a51df 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiRealmTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/pki/PkiRealmTests.java @@ -76,7 +76,7 @@ public class PkiRealmTests extends ESTestCase { .build(); licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); } public void testTokenSupport() throws Exception { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java index e5fa620264e..7d4c4d64e2f 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlRealmTests.java @@ -298,7 +298,7 @@ public class SamlRealmTests extends SamlTestCase { private void initializeRealms(Realm... realms) { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(true); final List realmList = Arrays.asList(realms); for (Realm realm : realms) { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupportTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupportTests.java index d04316f7516..83ac6b86974 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupportTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/support/DelegatedAuthorizationSupportTests.java @@ -190,7 +190,7 @@ public class DelegatedAuthorizationSupportTests extends ESTestCase { private XPackLicenseState getLicenseState(boolean authzRealmsAllowed) { final XPackLicenseState license = mock(XPackLicenseState.class); when(license.isSecurityEnabled()).thenReturn(true); - when(license.isAllowed(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(authzRealmsAllowed); + when(license.checkFeature(Feature.SECURITY_AUTHORIZATION_REALM)).thenReturn(authzRealmsAllowed); return license; } } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java index 28d272f65e7..e6eb2e511c8 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java @@ -205,7 +205,7 @@ public class AuthorizationServiceTests extends ESTestCase { auditTrail = mock(AuditTrail.class); XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); auditTrailService = new AuditTrailService(Collections.singletonList(auditTrail), licenseState); threadContext = new ThreadContext(settings); threadPool = mock(ThreadPool.class); @@ -1457,7 +1457,7 @@ public class AuthorizationServiceTests extends ESTestCase { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); authorizationService = new AuthorizationService(Settings.EMPTY, rolesStore, clusterService, auditTrailService, new DefaultAuthenticationFailureHandler(Collections.emptyMap()), threadPool, new AnonymousUser(Settings.EMPTY), engine, Collections.emptySet(), licenseState, new IndexNameExpressionResolver()); @@ -1465,61 +1465,61 @@ public class AuthorizationServiceTests extends ESTestCase { try (ThreadContext.StoredContext ignore = threadContext.stashContext()) { authentication = createAuthentication(new User("test user", "a_all")); assertEquals(engine, authorizationService.getAuthorizationEngine(authentication)); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); } - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); try (ThreadContext.StoredContext ignore = threadContext.stashContext()) { authentication = createAuthentication(new User("runas", new String[]{"runas_role"}, new User("runner", "runner_role"))); assertEquals(engine, authorizationService.getAuthorizationEngine(authentication)); assertEquals(engine, authorizationService.getRunAsAuthorizationEngine(authentication)); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); } - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); try (ThreadContext.StoredContext ignore = threadContext.stashContext()) { authentication = createAuthentication(new User("runas", new String[]{"runas_role"}, new ElasticUser(true))); assertEquals(engine, authorizationService.getAuthorizationEngine(authentication)); assertNotEquals(engine, authorizationService.getRunAsAuthorizationEngine(authentication)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); } - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); try (ThreadContext.StoredContext ignore = threadContext.stashContext()) { authentication = createAuthentication(new User("elastic", new String[]{"superuser"}, new User("runner", "runner_role"))); assertNotEquals(engine, authorizationService.getAuthorizationEngine(authentication)); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertEquals(engine, authorizationService.getRunAsAuthorizationEngine(authentication)); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); } - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); try (ThreadContext.StoredContext ignore = threadContext.stashContext()) { authentication = createAuthentication(new User("kibana", new String[]{"kibana_system"}, new ElasticUser(true))); assertNotEquals(engine, authorizationService.getAuthorizationEngine(authentication)); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertNotEquals(engine, authorizationService.getRunAsAuthorizationEngine(authentication)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); } - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(true); try (ThreadContext.StoredContext ignore = threadContext.stashContext()) { authentication = createAuthentication(randomFrom(XPackUser.INSTANCE, XPackSecurityUser.INSTANCE, new ElasticUser(true), new KibanaUser(true))); assertNotEquals(engine, authorizationService.getRunAsAuthorizationEngine(authentication)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); - when(licenseState.isAllowed(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_AUTHORIZATION_ENGINE)).thenReturn(false); assertThat(authorizationService.getAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); assertThat(authorizationService.getRunAsAuthorizationEngine(authentication), instanceOf(RBACEngine.class)); } diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/SecuritySearchOperationListenerTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/SecuritySearchOperationListenerTests.java index f53937187f4..0620defb285 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/SecuritySearchOperationListenerTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/SecuritySearchOperationListenerTests.java @@ -97,7 +97,7 @@ public class SecuritySearchOperationListenerTests extends ESTestCase { testSearchContext.scrollContext().scroll = new Scroll(TimeValue.timeValueSeconds(2L)); XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); ThreadContext threadContext = new ThreadContext(Settings.EMPTY); final SecurityContext securityContext = new SecurityContext(Settings.EMPTY, threadContext); AuditTrail auditTrail = mock(AuditTrail.class); @@ -186,7 +186,7 @@ public class SecuritySearchOperationListenerTests extends ESTestCase { TransportRequest request = Empty.INSTANCE; XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); AuditTrail auditTrail = mock(AuditTrail.class); AuditTrailService auditTrailService = new AuditTrailService(Collections.singletonList(auditTrail), licenseState); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptorTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptorTests.java index fdd2553bd6f..1d796e021a2 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptorTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/IndicesAliasesRequestInterceptorTests.java @@ -47,8 +47,8 @@ public class IndicesAliasesRequestInterceptorTests extends ESTestCase { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.copyCurrentLicenseState()).thenReturn(licenseState); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); ThreadContext threadContext = new ThreadContext(Settings.EMPTY); AuditTrailService auditTrailService = new AuditTrailService(Collections.emptyList(), licenseState); Authentication authentication = new Authentication(new User("john", "role"), new RealmRef(null, null, null), @@ -106,8 +106,8 @@ public class IndicesAliasesRequestInterceptorTests extends ESTestCase { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.copyCurrentLicenseState()).thenReturn(licenseState); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(randomBoolean()); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(randomBoolean()); ThreadContext threadContext = new ThreadContext(Settings.EMPTY); AuditTrailService auditTrailService = new AuditTrailService(Collections.emptyList(), licenseState); Authentication authentication = new Authentication(new User("john", "role"), new RealmRef(null, null, null), diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptorTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptorTests.java index f4d6e3b6071..9c7954b6f92 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptorTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/interceptor/ResizeRequestInterceptorTests.java @@ -51,8 +51,8 @@ public class ResizeRequestInterceptorTests extends ESTestCase { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.copyCurrentLicenseState()).thenReturn(licenseState); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); ThreadPool threadPool = mock(ThreadPool.class); ThreadContext threadContext = new ThreadContext(Settings.EMPTY); when(threadPool.getThreadContext()).thenReturn(threadContext); @@ -103,8 +103,8 @@ public class ResizeRequestInterceptorTests extends ESTestCase { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.copyCurrentLicenseState()).thenReturn(licenseState); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); ThreadPool threadPool = mock(ThreadPool.class); ThreadContext threadContext = new ThreadContext(Settings.EMPTY); when(threadPool.getThreadContext()).thenReturn(threadContext); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStoreTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStoreTests.java index 0e9c4dfc669..e7cc96df0ad 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStoreTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/CompositeRolesStoreTests.java @@ -119,7 +119,7 @@ public class CompositeRolesStoreTests extends ESTestCase { public void testRolesWhenDlsFlsUnlicensed() throws IOException { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(false); RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] { IndicesPrivileges.builder() .grantedFields("*") @@ -190,7 +190,7 @@ public class CompositeRolesStoreTests extends ESTestCase { public void testRolesWhenDlsFlsLicensed() throws IOException { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] { IndicesPrivileges.builder() .grantedFields("*") diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java index e59bb667e36..5fb35d60d25 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java @@ -16,6 +16,7 @@ import org.elasticsearch.env.Environment; import org.elasticsearch.env.TestEnvironment; import org.elasticsearch.index.query.MatchAllQueryBuilder; import org.elasticsearch.index.query.QueryBuilder; +import org.elasticsearch.license.TestUtils; import org.elasticsearch.license.XPackLicenseState; import org.elasticsearch.license.XPackLicenseState.Feature; import org.elasticsearch.test.ESTestCase; @@ -77,7 +78,7 @@ public class FileRolesStoreTests extends ESTestCase { Path path = getDataPath("roles.yml"); Map roles = FileRolesStore.parseFile(path, logger, Settings.builder() .put(XPackSettings.DLS_FLS_ENABLED.getKey(), true) - .build(), new XPackLicenseState(Settings.EMPTY), xContentRegistry()); + .build(), TestUtils.newTestLicenseState(), xContentRegistry()); assertThat(roles, notNullValue()); assertThat(roles.size(), is(9)); @@ -258,7 +259,7 @@ public class FileRolesStoreTests extends ESTestCase { events.clear(); Map roles = FileRolesStore.parseFile(path, logger, Settings.builder() .put(XPackSettings.DLS_FLS_ENABLED.getKey(), false) - .build(), new XPackLicenseState(Settings.EMPTY), xContentRegistry()); + .build(), TestUtils.newTestLicenseState(), xContentRegistry()); assertThat(roles, notNullValue()); assertThat(roles.size(), is(6)); assertThat(roles.get("role_fields"), nullValue()); @@ -289,7 +290,7 @@ public class FileRolesStoreTests extends ESTestCase { events.clear(); XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(false); Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, licenseState, xContentRegistry()); assertThat(roles, notNullValue()); assertThat(roles.size(), is(9)); @@ -314,7 +315,7 @@ public class FileRolesStoreTests extends ESTestCase { public void testDefaultRolesFile() throws Exception { // TODO we should add the config dir to the resources so we don't copy this stuff around... Path path = getDataPath("default_roles.yml"); - Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, new XPackLicenseState(Settings.EMPTY), + Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, TestUtils.newTestLicenseState(), xContentRegistry()); assertThat(roles, notNullValue()); assertThat(roles.size(), is(0)); @@ -345,7 +346,7 @@ public class FileRolesStoreTests extends ESTestCase { FileRolesStore store = new FileRolesStore(settings, env, watcherService, roleSet -> { modifiedRoles.addAll(roleSet); latch.countDown(); - }, new XPackLicenseState(Settings.EMPTY), xContentRegistry()); + }, TestUtils.newTestLicenseState(), xContentRegistry()); Set descriptors = store.roleDescriptors(Collections.singleton("role1")); assertThat(descriptors, notNullValue()); @@ -401,7 +402,7 @@ public class FileRolesStoreTests extends ESTestCase { if (roleSet.contains("dummy1")) { truncateLatch.countDown(); } - }, new XPackLicenseState(Settings.EMPTY), xContentRegistry()); + }, TestUtils.newTestLicenseState(), xContentRegistry()); final Set allRolesPreTruncate = store.getAllRoleNames(); assertTrue(allRolesPreTruncate.contains("role5")); @@ -430,7 +431,7 @@ public class FileRolesStoreTests extends ESTestCase { if (roleSet.contains("dummy2")) { modifyLatch.countDown(); } - }, new XPackLicenseState(Settings.EMPTY), xContentRegistry()); + }, TestUtils.newTestLicenseState(), xContentRegistry()); try (BufferedWriter writer = Files.newBufferedWriter(tmp, StandardCharsets.UTF_8, StandardOpenOption.TRUNCATE_EXISTING)) { writer.append("role5:").append(System.lineSeparator()); @@ -458,7 +459,7 @@ public class FileRolesStoreTests extends ESTestCase { public void testThatEmptyFileDoesNotResultInLoop() throws Exception { Path file = createTempFile(); Files.write(file, Collections.singletonList("#"), StandardCharsets.UTF_8); - Map roles = FileRolesStore.parseFile(file, logger, Settings.EMPTY, new XPackLicenseState(Settings.EMPTY), + Map roles = FileRolesStore.parseFile(file, logger, Settings.EMPTY, TestUtils.newTestLicenseState(), xContentRegistry()); assertThat(roles.keySet(), is(empty())); } @@ -468,7 +469,7 @@ public class FileRolesStoreTests extends ESTestCase { Logger logger = CapturingLogger.newCapturingLogger(Level.ERROR, null); List entries = CapturingLogger.output(logger.getName(), Level.ERROR); entries.clear(); - Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, new XPackLicenseState(Settings.EMPTY), + Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, TestUtils.newTestLicenseState(), xContentRegistry()); assertThat(roles.size(), is(1)); assertThat(roles, hasKey("valid_role")); @@ -511,7 +512,7 @@ public class FileRolesStoreTests extends ESTestCase { List events = CapturingLogger.output(logger.getName(), Level.ERROR); events.clear(); Path path = getDataPath("reserved_roles.yml"); - Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, new XPackLicenseState(Settings.EMPTY), + Map roles = FileRolesStore.parseFile(path, logger, Settings.EMPTY, TestUtils.newTestLicenseState(), xContentRegistry()); assertThat(roles, notNullValue()); assertThat(roles.size(), is(1)); @@ -543,7 +544,7 @@ public class FileRolesStoreTests extends ESTestCase { .put(XPackSettings.DLS_FLS_ENABLED.getKey(), flsDlsEnabled) .build(); Environment env = TestEnvironment.newEnvironment(settings); - FileRolesStore store = new FileRolesStore(settings, env, mock(ResourceWatcherService.class), new XPackLicenseState(Settings.EMPTY), + FileRolesStore store = new FileRolesStore(settings, env, mock(ResourceWatcherService.class), TestUtils.newTestLicenseState(), xContentRegistry()); Map usageStats = store.usageStats(); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java index 4c93cf4ec9b..4c282f23f18 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java @@ -35,6 +35,7 @@ import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.index.Index; import org.elasticsearch.index.query.QueryBuilders; import org.elasticsearch.index.shard.ShardId; +import org.elasticsearch.license.TestUtils; import org.elasticsearch.license.XPackLicenseState; import org.elasticsearch.license.XPackLicenseState.Feature; import org.elasticsearch.test.ESTestCase; @@ -85,7 +86,7 @@ public class NativeRolesStoreTests extends ESTestCase { byte[] bytes = Files.readAllBytes(path); String roleString = new String(bytes, Charset.defaultCharset()); RoleDescriptor role = NativeRolesStore.transformRole(RoleDescriptor.ROLE_TYPE + "role1", - new BytesArray(roleString), logger, new XPackLicenseState(Settings.EMPTY)); + new BytesArray(roleString), logger, TestUtils.newTestLicenseState()); assertNotNull(role); assertNotNull(role.getIndicesPrivileges()); RoleDescriptor.IndicesPrivileges indicesPrivileges = role.getIndicesPrivileges()[0]; @@ -96,7 +97,7 @@ public class NativeRolesStoreTests extends ESTestCase { public void testRoleDescriptorWithFlsDlsLicensing() throws IOException { XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(false); RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] { IndicesPrivileges.builder().privileges("READ").indices("*") .grantedFields("*") @@ -158,7 +159,7 @@ public class NativeRolesStoreTests extends ESTestCase { assertNotNull(role); assertFalse(role.getTransientMetadata().containsKey("unlicensed_features")); - when(licenseState.isAllowed(Feature.SECURITY_DLS_FLS)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_DLS_FLS)).thenReturn(true); builder = flsRole.toXContent(XContentBuilder.builder(XContentType.JSON.xContent()), ToXContent.EMPTY_PARAMS); bytes = BytesReference.bytes(builder); role = NativeRolesStore.transformRole(RoleDescriptor.ROLE_TYPE + "fls", bytes, logger, licenseState); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandlerTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandlerTests.java index 1ee44219a43..b64e619f96b 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandlerTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/SecurityBaseRestHandlerTests.java @@ -30,7 +30,7 @@ public class SecurityBaseRestHandlerTests extends ESTestCase { final boolean securityDefaultEnabled = randomBoolean(); final AtomicBoolean consumerCalled = new AtomicBoolean(false); final XPackLicenseState licenseState = mock(XPackLicenseState.class); - when(licenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(true); when(licenseState.isSecurityEnabled()).thenReturn(securityDefaultEnabled); when(licenseState.getOperationMode()).thenReturn( randomFrom(License.OperationMode.BASIC, License.OperationMode.STANDARD, License.OperationMode.GOLD)); @@ -63,7 +63,7 @@ public class SecurityBaseRestHandlerTests extends ESTestCase { verifyZeroInteractions(licenseState); handler.handleRequest(fakeRestRequest, fakeRestChannel, client); - verify(licenseState).isAllowed(XPackLicenseState.Feature.SECURITY); + verify(licenseState).checkFeature(XPackLicenseState.Feature.SECURITY); if (securityDefaultEnabled) { assertTrue(consumerCalled.get()); assertEquals(0, fakeRestChannel.responses().get()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestCreateApiKeyActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestCreateApiKeyActionTests.java index 691fab10462..845172c4962 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestCreateApiKeyActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestCreateApiKeyActionTests.java @@ -54,9 +54,9 @@ public class RestCreateApiKeyActionTests extends ESTestCase { .put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()) .build(); threadPool = new ThreadPool(settings); - when(mockLicenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(true); + when(mockLicenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(true); when(mockLicenseState.isSecurityEnabled()).thenReturn(true); - when(mockLicenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); + when(mockLicenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); } @Override diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestGetApiKeyActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestGetApiKeyActionTests.java index 0fc6e592617..e28b1113e35 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestGetApiKeyActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestGetApiKeyActionTests.java @@ -54,9 +54,9 @@ public class RestGetApiKeyActionTests extends ESTestCase { settings = Settings.builder().put("path.home", createTempDir().toString()).put("node.name", "test-" + getTestName()) .put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()).build(); threadPool = new ThreadPool(settings); - when(mockLicenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(true); + when(mockLicenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(true); when(mockLicenseState.isSecurityEnabled()).thenReturn(true); - when(mockLicenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); + when(mockLicenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); } @Override diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestInvalidateApiKeyActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestInvalidateApiKeyActionTests.java index e2a2dd4411b..35754375a01 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestInvalidateApiKeyActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/apikey/RestInvalidateApiKeyActionTests.java @@ -54,9 +54,9 @@ public class RestInvalidateApiKeyActionTests extends ESTestCase { .put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toString()) .build(); threadPool = new ThreadPool(settings); - when(mockLicenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(true); + when(mockLicenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(true); when(mockLicenseState.isSecurityEnabled()).thenReturn(true); - when(mockLicenseState.isAllowed(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); + when(mockLicenseState.checkFeature(Feature.SECURITY_API_KEY_SERVICE)).thenReturn(true); } @Override diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUserPrivilegesActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUserPrivilegesActionTests.java index b2823bc8637..0b3d9ed355e 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUserPrivilegesActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUserPrivilegesActionTests.java @@ -42,7 +42,7 @@ public class RestGetUserPrivilegesActionTests extends ESTestCase { final XPackLicenseState licenseState = mock(XPackLicenseState.class); final RestGetUserPrivilegesAction action = new RestGetUserPrivilegesAction(Settings.EMPTY, mock(SecurityContext.class), licenseState); - when(licenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(false); final FakeRestRequest request = new FakeRestRequest(); final FakeRestChannel channel = new FakeRestChannel(request, true, 1); action.handleRequest(request, channel, mock(NodeClient.class)); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestHasPrivilegesActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestHasPrivilegesActionTests.java index 3ae635a20da..835d44ba28f 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestHasPrivilegesActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/user/RestHasPrivilegesActionTests.java @@ -53,7 +53,7 @@ public class RestHasPrivilegesActionTests extends ESTestCase { final XPackLicenseState licenseState = mock(XPackLicenseState.class); final RestHasPrivilegesAction action = new RestHasPrivilegesAction(Settings.EMPTY, mock(SecurityContext.class), licenseState); - when(licenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(false); + when(licenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(false); try (XContentBuilder bodyBuilder = JsonXContent.contentBuilder().startObject().endObject()) { final RestRequest request = new FakeRestRequest.Builder(xContentRegistry()) .withPath("/_security/user/_has_privileges/") diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListenerTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListenerTests.java index 3e09b20a7cf..6dff0ac0686 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListenerTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListenerTests.java @@ -30,7 +30,7 @@ public class SecurityStatusChangeListenerTests extends ESTestCase { @Before public void setup() throws IllegalAccessException { licenseState = Mockito.mock(XPackLicenseState.class); - when(licenseState.isAllowed(XPackLicenseState.Feature.SECURITY)).thenReturn(true); + when(licenseState.checkFeature(XPackLicenseState.Feature.SECURITY)).thenReturn(true); listener = new SecurityStatusChangeListener(licenseState); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/test/SecurityMocks.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/test/SecurityMocks.java index 4367f3ad8f9..6aedbcbc6ef 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/test/SecurityMocks.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/test/SecurityMocks.java @@ -174,7 +174,7 @@ public final class SecurityMocks { when(client.threadPool()).thenReturn(threadPool); final XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_TOKEN_SERVICE)).thenReturn(true); final ClusterService clusterService = mock(ClusterService.class); final SecurityContext securityContext = new SecurityContext(settings, threadPool.getThreadContext()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/filter/IPFilterTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/filter/IPFilterTests.java index 5ac9a024c00..31329b3b278 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/filter/IPFilterTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/filter/IPFilterTests.java @@ -62,8 +62,8 @@ public class IPFilterTests extends ESTestCase { public void init() { licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING)).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_AUDITING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_AUDITING)).thenReturn(true); auditTrail = mock(AuditTrail.class); auditTrailService = new AuditTrailService(Collections.singletonList(auditTrail), licenseState); clusterSettings = new ClusterSettings(Settings.EMPTY, new HashSet<>(Arrays.asList( @@ -253,7 +253,7 @@ public class IPFilterTests extends ESTestCase { Settings settings = Settings.builder() .put("xpack.security.transport.filter.deny", "_all") .build(); - when(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING)).thenReturn(false); + when(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING)).thenReturn(false); ipFilter = new IPFilter(settings, auditTrailService, clusterSettings, licenseState); ipFilter.setBoundTransportAddress(transport.boundAddress(), transport.profileBoundAddresses()); @@ -264,7 +264,7 @@ public class IPFilterTests extends ESTestCase { verifyZeroInteractions(auditTrail); // for sanity enable license and check that it is denied - when(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING)).thenReturn(true); ipFilter = new IPFilter(settings, auditTrailService, clusterSettings, licenseState); ipFilter.setBoundTransportAddress(transport.boundAddress(), transport.profileBoundAddresses()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IpFilterRemoteAddressFilterTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IpFilterRemoteAddressFilterTests.java index 4cc03e446a2..f9bb4c2afd1 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IpFilterRemoteAddressFilterTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IpFilterRemoteAddressFilterTests.java @@ -58,7 +58,7 @@ public class IpFilterRemoteAddressFilterTests extends ESTestCase { IPFilter.PROFILE_FILTER_DENY_SETTING))); XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING)).thenReturn(true); AuditTrailService auditTrailService = new AuditTrailService(Collections.emptyList(), licenseState); IPFilter ipFilter = new IPFilter(settings, auditTrailService, clusterSettings, licenseState); ipFilter.setBoundTransportAddress(transport.boundAddress(), transport.profileBoundAddresses()); diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/NioIPFilterTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/NioIPFilterTests.java index acbe6dbb9fd..f9ecf1849fe 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/NioIPFilterTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/transport/nio/NioIPFilterTests.java @@ -61,7 +61,7 @@ public class NioIPFilterTests extends ESTestCase { IPFilter.PROFILE_FILTER_DENY_SETTING))); XPackLicenseState licenseState = mock(XPackLicenseState.class); when(licenseState.isSecurityEnabled()).thenReturn(true); - when(licenseState.isAllowed(Feature.SECURITY_IP_FILTERING)).thenReturn(true); + when(licenseState.checkFeature(Feature.SECURITY_IP_FILTERING)).thenReturn(true); AuditTrailService auditTrailService = new AuditTrailService(Collections.emptyList(), licenseState); ipFilter = new IPFilter(settings, auditTrailService, clusterSettings, licenseState); ipFilter.setBoundTransportAddress(transport.boundAddress(), transport.profileBoundAddresses()); diff --git a/x-pack/plugin/spatial/src/main/java/org/elasticsearch/xpack/spatial/SpatialPlugin.java b/x-pack/plugin/spatial/src/main/java/org/elasticsearch/xpack/spatial/SpatialPlugin.java index 20982a0f38e..a1c70dce977 100644 --- a/x-pack/plugin/spatial/src/main/java/org/elasticsearch/xpack/spatial/SpatialPlugin.java +++ b/x-pack/plugin/spatial/src/main/java/org/elasticsearch/xpack/spatial/SpatialPlugin.java @@ -107,7 +107,7 @@ public class SpatialPlugin extends GeoPlugin implements MapperPlugin, SearchPlug builder.register(GeoCentroidAggregationBuilder.NAME, GeoShapeValuesSourceType.instance(), (MetricAggregatorSupplier) (name, valuesSourceConfig, aggregationContext, parent, metadata) -> { - if (getLicenseState().isAllowed(XPackLicenseState.Feature.SPATIAL_GEO_CENTROID)) { + if (getLicenseState().checkFeature(XPackLicenseState.Feature.SPATIAL_GEO_CENTROID)) { return new GeoShapeCentroidAggregator(name, aggregationContext, parent, valuesSourceConfig, metadata); } throw LicenseUtils.newComplianceException("geo_centroid aggregation on geo_shape fields"); @@ -118,7 +118,7 @@ public class SpatialPlugin extends GeoPlugin implements MapperPlugin, SearchPlug builder.register(GeoHashGridAggregationBuilder.NAME, GeoShapeValuesSourceType.instance(), (GeoGridAggregatorSupplier) (name, factories, valuesSource, precision, geoBoundingBox, requiredSize, shardSize, aggregationContext, parent, collectsFromSingleBucket, metadata) -> { - if (getLicenseState().isAllowed(XPackLicenseState.Feature.SPATIAL_GEO_GRID)) { + if (getLicenseState().checkFeature(XPackLicenseState.Feature.SPATIAL_GEO_GRID)) { final GeoGridTiler tiler; if (geoBoundingBox.isUnbounded()) { tiler = new GeoHashGridTiler(); @@ -138,7 +138,7 @@ public class SpatialPlugin extends GeoPlugin implements MapperPlugin, SearchPlug builder.register(GeoTileGridAggregationBuilder.NAME, GeoShapeValuesSourceType.instance(), (GeoGridAggregatorSupplier) (name, factories, valuesSource, precision, geoBoundingBox, requiredSize, shardSize, aggregationContext, parent, collectsFromSingleBucket, metadata) -> { - if (getLicenseState().isAllowed(XPackLicenseState.Feature.SPATIAL_GEO_GRID)) { + if (getLicenseState().checkFeature(XPackLicenseState.Feature.SPATIAL_GEO_GRID)) { final GeoGridTiler tiler; if (geoBoundingBox.isUnbounded()) { tiler = new GeoTileGridTiler(); diff --git a/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/plugin/SqlPlugin.java b/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/plugin/SqlPlugin.java index 37f01d2827e..a1a7e2a7572 100644 --- a/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/plugin/SqlPlugin.java +++ b/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/plugin/SqlPlugin.java @@ -53,18 +53,18 @@ public class SqlPlugin extends Plugin implements ActionPlugin { XPackLicenseState licenseState = getLicenseState(); switch (mode) { case JDBC: - if (licenseState.isAllowed(XPackLicenseState.Feature.JDBC) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.JDBC) == false) { throw LicenseUtils.newComplianceException("jdbc"); } break; case ODBC: - if (licenseState.isAllowed(XPackLicenseState.Feature.ODBC) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.ODBC) == false) { throw LicenseUtils.newComplianceException("odbc"); } break; case PLAIN: case CLI: - if (licenseState.isAllowed(XPackLicenseState.Feature.SQL) == false) { + if (licenseState.checkFeature(XPackLicenseState.Feature.SQL) == false) { throw LicenseUtils.newComplianceException(XPackField.SQL); } break; diff --git a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPreviewTransformAction.java b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPreviewTransformAction.java index a7bb5c3defb..b0285ea110b 100644 --- a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPreviewTransformAction.java +++ b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPreviewTransformAction.java @@ -132,7 +132,7 @@ public class TransportPreviewTransformAction extends HandledTransportAction< @Override protected void doExecute(Task task, PreviewTransformAction.Request request, ActionListener listener) { - if (!licenseState.isAllowed(XPackLicenseState.Feature.TRANSFORM)) { + if (!licenseState.checkFeature(XPackLicenseState.Feature.TRANSFORM)) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.TRANSFORM)); return; } diff --git a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPutTransformAction.java b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPutTransformAction.java index 1869dcb7252..f895364ce20 100644 --- a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPutTransformAction.java +++ b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportPutTransformAction.java @@ -203,7 +203,7 @@ public class TransportPutTransformAction extends TransportMasterNodeAction listener) throws Exception { - if (!licenseState.isAllowed(XPackLicenseState.Feature.TRANSFORM)) { + if (!licenseState.checkFeature(XPackLicenseState.Feature.TRANSFORM)) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.TRANSFORM)); return; } diff --git a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportStartTransformAction.java b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportStartTransformAction.java index 58526d33553..01b2a953283 100644 --- a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportStartTransformAction.java +++ b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportStartTransformAction.java @@ -161,7 +161,7 @@ public class TransportStartTransformAction extends TransportMasterNodeAction listener ) throws Exception { - if (!licenseState.isAllowed(XPackLicenseState.Feature.TRANSFORM)) { + if (!licenseState.checkFeature(XPackLicenseState.Feature.TRANSFORM)) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.TRANSFORM)); return; } diff --git a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportUpdateTransformAction.java b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportUpdateTransformAction.java index 12916e74dac..9935076a100 100644 --- a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportUpdateTransformAction.java +++ b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/action/TransportUpdateTransformAction.java @@ -156,7 +156,7 @@ public class TransportUpdateTransformAction extends TransportTasksAction listener) { - if (!licenseState.isAllowed(XPackLicenseState.Feature.TRANSFORM)) { + if (!licenseState.checkFeature(XPackLicenseState.Feature.TRANSFORM)) { listener.onFailure(LicenseUtils.newComplianceException(XPackField.TRANSFORM)); return; } diff --git a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/transport/actions/WatcherTransportAction.java b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/transport/actions/WatcherTransportAction.java index 88f43931898..afcd044a37f 100644 --- a/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/transport/actions/WatcherTransportAction.java +++ b/x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/transport/actions/WatcherTransportAction.java @@ -35,7 +35,7 @@ public abstract class WatcherTransportAction listener) { - if (licenseState.isAllowed(XPackLicenseState.Feature.WATCHER)) { + if (licenseState.checkFeature(XPackLicenseState.Feature.WATCHER)) { doExecute(request, listener); } else { listener.onFailure(LicenseUtils.newComplianceException(XPackField.WATCHER)); diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/AbstractWatcherIntegrationTestCase.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/AbstractWatcherIntegrationTestCase.java index 322de281059..a8e30b9d3aa 100644 --- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/AbstractWatcherIntegrationTestCase.java +++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/AbstractWatcherIntegrationTestCase.java @@ -536,7 +536,7 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase protected void ensureLicenseEnabled() throws Exception { assertBusy(() -> { for (XPackLicenseState licenseState : internalCluster().getInstances(XPackLicenseState.class)) { - assertThat(licenseState.isAllowed(XPackLicenseState.Feature.WATCHER), is(true)); + assertThat(licenseState.checkFeature(XPackLicenseState.Feature.WATCHER), is(true)); } }); } diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/ack/TransportAckWatchActionTests.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/ack/TransportAckWatchActionTests.java index e27eaee391e..ff781bed489 100644 --- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/ack/TransportAckWatchActionTests.java +++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/ack/TransportAckWatchActionTests.java @@ -20,7 +20,7 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.index.get.GetResult; import org.elasticsearch.index.mapper.MapperService; -import org.elasticsearch.license.XPackLicenseState; +import org.elasticsearch.license.TestUtils; import org.elasticsearch.rest.RestStatus; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.threadpool.ThreadPool; @@ -63,7 +63,7 @@ public class TransportAckWatchActionTests extends ESTestCase { client = mock(Client.class); when(client.threadPool()).thenReturn(threadPool); action = new TransportAckWatchAction(transportService, new ActionFilters(Collections.emptySet()), - Clock.systemUTC(), new XPackLicenseState(Settings.EMPTY), watchParser, client, createClusterService(threadPool)); + Clock.systemUTC(), TestUtils.newTestLicenseState(), watchParser, client, createClusterService(threadPool)); } public void testWatchNotFound() { diff --git a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/put/TransportPutWatchActionTests.java b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/put/TransportPutWatchActionTests.java index 411bee5e2f9..1fe17487bc2 100644 --- a/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/put/TransportPutWatchActionTests.java +++ b/x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/transport/actions/put/TransportPutWatchActionTests.java @@ -14,7 +14,7 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.index.Index; import org.elasticsearch.index.shard.ShardId; -import org.elasticsearch.license.XPackLicenseState; +import org.elasticsearch.license.TestUtils; import org.elasticsearch.protocol.xpack.watcher.PutWatchRequest; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.threadpool.ThreadPool; @@ -75,7 +75,7 @@ public class TransportPutWatchActionTests extends ESTestCase { }).when(client).execute(any(), any(), any()); action = new TransportPutWatchAction(transportService, threadPool, new ActionFilters(Collections.emptySet()), - new ClockMock(), new XPackLicenseState(Settings.EMPTY), parser, client); + new ClockMock(), TestUtils.newTestLicenseState(), parser, client); } public void testHeadersAreFilteredWhenPuttingWatches() throws Exception {