Fix forbidden API usage from upstream

Original commit: elastic/x-pack-elasticsearch@2bfcc83477
2015-09-15 15:51:22 +02:00 · 2015-09-15 15:51:22 +02:00 · d1c2698595
parent 920b92ffd3
commit d1c2698595
6 changed files with 28 additions and 22 deletions
--- a/marvel/src/main/java/org/elasticsearch/marvel/agent/exporter/HttpESExporter.java
+++ b/marvel/src/main/java/org/elasticsearch/marvel/agent/exporter/HttpESExporter.java
@ -5,7 +5,6 @@
 */
 package org.elasticsearch.marvel.agent.exporter;
 import com.google.common.io.ByteStreams;
 import org.elasticsearch.ExceptionsHelper;
 import org.elasticsearch.cluster.ClusterName;
 import org.elasticsearch.cluster.ClusterService;
@ -36,10 +35,7 @@ import org.joda.time.format.DateTimeFormat;
 import org.joda.time.format.DateTimeFormatter;
 import javax.net.ssl.*;
-import java.io.FileNotFoundException;
+import java.io.*;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.HttpURLConnection;
 import java.net.MalformedURLException;
 import java.net.URISyntaxException;
@ -467,7 +463,9 @@ public class HttpESExporter extends AbstractExporter<HttpESExporter> implements
    private boolean checkAndUploadIndexTemplate(final String host) {
        byte[] template;
        try (InputStream is = getClass().getResourceAsStream("/marvel_index_template.json")) {
-            template = ByteStreams.toByteArray(is);
+            ByteArrayOutputStream out = new ByteArrayOutputStream();
            Streams.copy(is, out);
            template = out.toByteArray();
        } catch (IOException e) {
            // throwing an exception to stop exporting process - we don't want to send data unless
            // we put in the template for it.
@ -493,7 +491,9 @@ public class HttpESExporter extends AbstractExporter<HttpESExporter> implements
            if (conn.getResponseCode() == 200) {
                // verify content.
                InputStream is = conn.getInputStream();
-                byte[] existingTemplate = ByteStreams.toByteArray(is);
+                ByteArrayOutputStream out = new ByteArrayOutputStream();
                Streams.copy(is, out);
                byte[] existingTemplate = out.toByteArray();
                is.close();
                int foundVersion = AgentUtils.parseIndexVersionFromTemplate(existingTemplate);
                if (foundVersion < 0) {
--- a/shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java
+++ b/shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java
@ -7,7 +7,6 @@ package org.elasticsearch.shield.audit.index;
 import com.google.common.base.Splitter;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.io.ByteStreams;
 import org.elasticsearch.ElasticsearchException;
 import org.elasticsearch.action.admin.cluster.state.ClusterStateResponse;
 import org.elasticsearch.action.admin.indices.exists.indices.IndicesExistsRequest;
@ -32,6 +31,7 @@ import org.elasticsearch.common.collect.Tuple;
 import org.elasticsearch.common.component.AbstractComponent;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.inject.Provider;
 import org.elasticsearch.common.io.Streams;
 import org.elasticsearch.common.network.NetworkAddress;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.InetSocketTransportAddress;
@ -60,6 +60,7 @@ import org.elasticsearch.transport.TransportRequest;
 import org.joda.time.DateTime;
 import org.joda.time.DateTimeZone;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.InetAddress;
@ -725,7 +726,9 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
    void putTemplate(Settings customSettings) {
        try (InputStream is = getClass().getResourceAsStream("/" + INDEX_TEMPLATE_NAME + ".json")) {
-            final byte[] template = ByteStreams.toByteArray(is);
+            ByteArrayOutputStream out = new ByteArrayOutputStream();
            Streams.copy(is, out);
            final byte[] template = out.toByteArray();
            PutIndexTemplateRequest request = new PutIndexTemplateRequest(INDEX_TEMPLATE_NAME).source(template);
            if (customSettings != null && customSettings.names().size() > 0) {
                Settings updatedSettings = Settings.builder()
--- a/shield/src/main/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersTool.java
+++ b/shield/src/main/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersTool.java
@ -7,7 +7,6 @@ package org.elasticsearch.shield.authc.esusers.tool;
 import com.google.common.base.Joiner;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.ObjectArrays;
 import org.apache.commons.cli.CommandLine;
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.cli.CheckFileCommand;
@ -15,6 +14,7 @@ import org.elasticsearch.common.cli.CliTool;
 import org.elasticsearch.common.cli.CliToolConfig;
 import org.elasticsearch.common.cli.Terminal;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.util.ArrayUtils;
 import org.elasticsearch.common.util.set.Sets;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.shield.authc.Realms;
@ -363,7 +363,7 @@ public class ESUsersTool extends CliTool {
            }
            // check for roles if they match
-            String[] allRoles = ObjectArrays.concat(addRoles, removeRoles, String.class);
+            String[] allRoles = ArrayUtils.concat(addRoles, removeRoles, String.class);
            for (String role : allRoles) {
                if (!ROLE_PATTERN.matcher(role).matches()) {
                    terminal.println("Role name [%s] is not valid. Please use lowercase and numbers only", role);
--- a/shield/src/main/java/org/elasticsearch/shield/authz/Permission.java
+++ b/shield/src/main/java/org/elasticsearch/shield/authz/Permission.java
@ -7,8 +7,6 @@ package org.elasticsearch.shield.authz;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Iterators;
 import com.google.common.collect.UnmodifiableIterator;
 import org.elasticsearch.cluster.metadata.AliasOrIndex;
 import org.elasticsearch.cluster.metadata.IndexMetaData;
 import org.elasticsearch.cluster.metadata.MetaData;
@ -55,7 +53,7 @@ public interface Permission {
    boolean isEmpty();
-    static class Global implements Permission {
+    class Global implements Permission {
        public static final Global NONE = new Global(Cluster.Core.NONE, Indices.Core.NONE, RunAs.Core.NONE);
@ -323,7 +321,7 @@ public interface Permission {
            @Override
            public Iterator<Group> iterator() {
-                return Iterators.forArray(groups);
+                return Arrays.asList(groups).iterator();
            }
            public Group[] groups() {
@ -478,7 +476,7 @@ public interface Permission {
                }
            }
-            static class Iter extends UnmodifiableIterator<Group> {
+            static class Iter implements Iterator<Group> {
                private final Iterator<Global> globals;
                private Iterator<Group> current;
@ -500,6 +498,11 @@ public interface Permission {
                    return group;
                }
                @Override
                public void remove() {
                    throw new UnsupportedOperationException();
                }
                private void advance() {
                    if (current != null && current.hasNext()) {
                        return;
--- a/shield/src/main/java/org/elasticsearch/shield/authz/accesscontrol/IndicesAccessControl.java
+++ b/shield/src/main/java/org/elasticsearch/shield/authz/accesscontrol/IndicesAccessControl.java
@ -71,7 +71,7 @@ public class IndicesAccessControl {
         *         this means that there are no field level restrictions
         */
        @Nullable
-        public ImmutableSet<String> getFields() {
+        public Set<String> getFields() {
            return fields;
        }
@ -80,7 +80,7 @@ public class IndicesAccessControl {
         *         then this means that there are no document level restrictions
         */
        @Nullable
-        public ImmutableSet<BytesReference> getQueries() {
+        public Set<BytesReference> getQueries() {
            return queries;
        }
--- a/shield/src/main/java/org/elasticsearch/shield/transport/filter/IPFilter.java
+++ b/shield/src/main/java/org/elasticsearch/shield/transport/filter/IPFilter.java
@ -7,7 +7,6 @@ package org.elasticsearch.shield.transport.filter;
 import com.carrotsearch.hppc.ObjectObjectHashMap;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ObjectArrays;
 import org.elasticsearch.ElasticsearchException;
 import org.elasticsearch.common.collect.HppcMaps;
 import org.elasticsearch.common.component.AbstractLifecycleComponent;
@ -17,6 +16,7 @@ import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.inject.internal.Nullable;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.transport.InetSocketTransportAddress;
 import org.elasticsearch.common.util.ArrayUtils;
 import org.elasticsearch.http.HttpServerTransport;
 import org.elasticsearch.node.settings.NodeSettingsService;
 import org.elasticsearch.shield.audit.AuditTrail;
@ -147,7 +147,7 @@ public class IPFilter extends AbstractLifecycleComponent<IPFilter> {
            InetAddress localAddress = ((InetSocketTransportAddress) this.httpServerTransport.boundAddress().boundAddress()).address().getAddress();
            String[] httpAllowed = settings.getAsArray("shield.http.filter.allow", settings.getAsArray("transport.profiles.default.shield.filter.allow", settings.getAsArray("shield.transport.filter.allow")));
            String[] httpDdenied = settings.getAsArray("shield.http.filter.deny", settings.getAsArray("transport.profiles.default.shield.filter.deny", settings.getAsArray("shield.transport.filter.deny")));
-            profileRules.put(HTTP_PROFILE_NAME, ObjectArrays.concat(parseValue(httpAllowed, true, localAddress), parseValue(httpDdenied, false, localAddress), ShieldIpFilterRule.class));
+            profileRules.put(HTTP_PROFILE_NAME, ArrayUtils.concat(parseValue(httpAllowed, true, localAddress), parseValue(httpDdenied, false, localAddress), ShieldIpFilterRule.class));
        }
        if (isIpFilterEnabled && this.transport.lifecycleState() == Lifecycle.State.STARTED) {
@ -155,13 +155,13 @@ public class IPFilter extends AbstractLifecycleComponent<IPFilter> {
            String[] allowed = settings.getAsArray("shield.transport.filter.allow");
            String[] denied = settings.getAsArray("shield.transport.filter.deny");
-            profileRules.put("default", ObjectArrays.concat(parseValue(allowed, true, localAddress), parseValue(denied, false, localAddress), ShieldIpFilterRule.class));
+            profileRules.put("default", ArrayUtils.concat(parseValue(allowed, true, localAddress), parseValue(denied, false, localAddress), ShieldIpFilterRule.class));
            Map<String, Settings> groupedSettings = settings.getGroups("transport.profiles.");
            for (Map.Entry<String, Settings> entry : groupedSettings.entrySet()) {
                String profile = entry.getKey();
                Settings profileSettings = entry.getValue().getByPrefix("shield.filter.");
-                profileRules.put(profile, ObjectArrays.concat(
+                profileRules.put(profile, ArrayUtils.concat(
                        parseValue(profileSettings.getAsArray("allow"), true, localAddress),
                        parseValue(profileSettings.getAsArray("deny"), false, localAddress),
                        ShieldIpFilterRule.class));