honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove allowTrial flag in license checking (#54293) 

The allowTrial flag is always true, since trial licenses act as though
everything is licensed. This commit removes the allowTrial flag in
license checking helper methods.
This commit is contained in:
Ryan Ernst 2020-03-30 11:42:19 -07:00 committed by Ryan Ernst
parent 529622d4f4
commit c9421594bf
No known key found for this signature in database
GPG Key ID: 5F7EA39E15F54DCE
4 changed files with 37 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
x-pack/plugin/core/src/main/java/org/elasticsearch/license/RemoteClusterLicenseChecker.java
View File

@ -140,7 +140,7 @@ public final class RemoteClusterLicenseChecker {
public static boolean isAllowedByLicense(final XPackInfoResponse.LicenseInfo licenseInfo) {
final License.OperationMode mode = License.OperationMode.parse(licenseInfo.getMode());
return XPackLicenseState.isAllowedByOperationMode(mode, License.OperationMode.PLATINUM, true);
return XPackLicenseState.isAllowedByOperationMode(mode, License.OperationMode.PLATINUM);
}
/**

50
x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java
View File

@ -405,15 +405,15 @@ public class XPackLicenseState {
* @return true if authentication and authorization should be enabled.
*/
public boolean isAuthAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.BASIC, false, true);
return isAllowedBySecurityAndLicense(OperationMode.BASIC, false);
}
public boolean isIpFilteringAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}
public boolean isAuditingAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}
public boolean isStatsAndHealthAllowed() {
@ -434,33 +434,33 @@ public class XPackLicenseState {
* @return {@code true} to enable DLS and FLS. Otherwise {@code false}.
*/
public boolean isDocumentAndFieldLevelSecurityAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false);
}
public boolean areAllRealmsAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false);
}
public boolean areStandardRealmsAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}
public boolean isCustomRoleProvidersAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true);
}
/**
* Whether the Elasticsearch {@code TokenService} is allowed
*/
public boolean isTokenServiceAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}
/**
* Whether the Elasticsearch {@code ApiKeyService} is allowed
*/
public boolean isApiKeyServiceAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.MISSING, false, true);
return isAllowedBySecurityAndLicense(OperationMode.MISSING, false);
}
/**
@ -468,7 +468,7 @@ public class XPackLicenseState {
* @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings
*/
public boolean isAuthorizationRealmAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true);
}
/**
@ -476,7 +476,7 @@ public class XPackLicenseState {
* @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings
*/
public boolean isAuthorizationEngineAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true);
}
public boolean isWatcherAllowed() {
@ -507,7 +507,7 @@ public class XPackLicenseState {
* @return {@code true} if the user is allowed to modify the retention. Otherwise {@code false}.
*/
public boolean isUpdateRetentionAllowed() {
return isAllowedByLicense(OperationMode.STANDARD, false, true);
return isAllowedByLicense(OperationMode.STANDARD, false);
}
public boolean isGraphAllowed() {
@ -519,7 +519,7 @@ public class XPackLicenseState {
}
public static boolean isMachineLearningAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM);
}
public boolean isTransformAllowed() {
@ -532,7 +532,7 @@ public class XPackLicenseState {
}
public static boolean isFipsAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM);
}
public boolean isRollupAllowed() {
@ -667,12 +667,12 @@ public class XPackLicenseState {
}
public static boolean isCcrAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM);
}
public static boolean isAllowedByOperationMode(
final OperationMode operationMode, final OperationMode minimumMode, final boolean allowTrial) {
if (allowTrial && OperationMode.TRIAL == operationMode) {
final OperationMode operationMode, final OperationMode minimumMode) {
if (OperationMode.TRIAL == operationMode) {
return true;
}
return operationMode.compareTo(minimumMode) >= 0;
@ -691,16 +691,15 @@ public class XPackLicenseState {
/**
* Test whether a feature is allowed by the status of license and security configuration.
* Note the difference to {@link #isAllowedByLicense(OperationMode, boolean, boolean)}
* Note the difference to {@link #isAllowedByLicense(OperationMode, boolean)}
* is this method requires security to be enabled.
*
* @param minimumMode The minimum license to meet or exceed
* @param needActive Whether current license needs to be active.
* @param allowTrial Whether the feature is allowed for trial license
*
* @return true if feature is allowed, otherwise false
*/
private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean needActive, boolean allowTrial) {
private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean needActive) {
return checkAgainstStatus(status -> {
if (false == isSecurityEnabled(status.mode, isSecurityExplicitlyEnabled, isSecurityEnabled)) {
return false;
@ -709,7 +708,7 @@ public class XPackLicenseState {
if (needActive && false == status.active) {
return false;
}
return isAllowedByOperationMode(status.mode, minimumMode, allowTrial);
return isAllowedByOperationMode(status.mode, minimumMode);
});
}
@ -720,27 +719,26 @@ public class XPackLicenseState {
*
* @param minimumMode The minimum license to meet or exceed
* @param needActive Whether current license needs to be active
* @param allowTrial Whether the feature is allowed for trial license
*
* @return true if feature is allowed, otherwise false
*/
public boolean isAllowedByLicense(OperationMode minimumMode, boolean needActive, boolean allowTrial) {
public boolean isAllowedByLicense(OperationMode minimumMode, boolean needActive) {
return checkAgainstStatus(status -> {
if (needActive && false == status.active) {
return false;
}
return isAllowedByOperationMode(status.mode, minimumMode, allowTrial);
return isAllowedByOperationMode(status.mode, minimumMode);
});
}
/**
* A convenient method to test whether a feature is by license status.
* @see #isAllowedByLicense(OperationMode, boolean, boolean)
* @see #isAllowedByLicense(OperationMode, boolean)
*
* @param minimumMode The minimum license to meet or exceed
*/
public boolean isAllowedByLicense(OperationMode minimumMode) {
return isAllowedByLicense(minimumMode, true, true);
return isAllowedByLicense(minimumMode, true);
}
}

12
x-pack/plugin/core/src/test/java/org/elasticsearch/license/RemoteClusterLicenseCheckerTests.java
View File

@ -147,7 +147,7 @@ public final class RemoteClusterLicenseCheckerTests extends ESTestCase {
final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<RemoteClusterLicenseChecker.LicenseCheck> licenseCheck = new AtomicReference<>();
licenseChecker.checkRemoteClusterLicenses(
@ -190,7 +190,7 @@ public final class RemoteClusterLicenseCheckerTests extends ESTestCase {
final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<RemoteClusterLicenseChecker.LicenseCheck> licenseCheck = new AtomicReference<>();
licenseChecker.checkRemoteClusterLicenses(
@ -237,7 +237,7 @@ public final class RemoteClusterLicenseCheckerTests extends ESTestCase {
final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<Exception> exception = new AtomicReference<>();
licenseChecker.checkRemoteClusterLicenses(
@ -278,7 +278,7 @@ public final class RemoteClusterLicenseCheckerTests extends ESTestCase {
final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final List<String> remoteClusterAliases = Collections.singletonList("valid");
licenseChecker.checkRemoteClusterLicenses(
@ -318,7 +318,7 @@ public final class RemoteClusterLicenseCheckerTests extends ESTestCase {
final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicBoolean listenerInvoked = new AtomicBoolean();
threadPool.getThreadContext().putHeader("key", "value");
@ -394,7 +394,7 @@ public final class RemoteClusterLicenseCheckerTests extends ESTestCase {
final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<Exception> exception = new AtomicReference<>();
licenseChecker.checkRemoteClusterLicenses(

12
x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/common/validation/SourceDestValidatorTests.java
View File

@ -598,7 +598,7 @@ public class SourceDestValidatorTests extends ESTestCase {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithBasicLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_BASIC + ":" + "SOURCE_1" },
"dest",
"node_id",
@ -628,7 +628,7 @@ public class SourceDestValidatorTests extends ESTestCase {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithPlatinumLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_PLATINUM + ":" + "SOURCE_1" },
"dest",
"node_id",
@ -649,7 +649,7 @@ public class SourceDestValidatorTests extends ESTestCase {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithPlatinumLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_PLATINUM + ":" + "SOURCE_1" },
"dest",
"node_id",
@ -671,7 +671,7 @@ public class SourceDestValidatorTests extends ESTestCase {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithTrialLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_PLATINUM + ":" + "SOURCE_1" },
"dest",
"node_id",
@ -695,7 +695,7 @@ public class SourceDestValidatorTests extends ESTestCase {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithExpiredBasicLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_BASIC + ":" + "SOURCE_1" },
"dest",
"node_id",
@ -722,7 +722,7 @@ public class SourceDestValidatorTests extends ESTestCase {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithExpiredBasicLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { "non_existing_remote:" + "SOURCE_1" },
"dest",
"node_id",