From d1e08c5dd400ffd09dfcb65e8b6ddf9b941c9eee Mon Sep 17 00:00:00 2001 From: Chris Earle Date: Thu, 7 Jul 2016 02:06:16 -0400 Subject: [PATCH] [Security] Log Deprecation Warnings for old API usage This makes use of the registerAsDeprecatedHandler method to automatically warn users when they're using deprecated functionality. This will also automatically provide a Warning header for anyone using HTTP clients (though they have to be looking for it...). Security portion only Original commit: elastic/x-pack-elasticsearch@ab1a50fe0687caae9dc9a1752bfc603ebb9378de --- .../rest/action/RestAuthenticateAction.java | 6 ++++++ .../action/realm/RestClearRealmCacheAction.java | 11 ++++++++++- .../action/role/RestClearRolesCacheAction.java | 7 ++++++- .../rest/action/role/RestDeleteRoleAction.java | 10 +++++++++- .../rest/action/role/RestGetRolesAction.java | 16 ++++++++++++++-- .../rest/action/role/RestPutRoleAction.java | 17 +++++++++++++++-- .../action/user/RestChangePasswordAction.java | 11 +++++++---- .../rest/action/user/RestDeleteUserAction.java | 11 +++++++++-- .../rest/action/user/RestGetUsersAction.java | 17 ++++++++++++++--- .../rest/action/user/RestPutUserAction.java | 17 +++++++++++++++-- 10 files changed, 105 insertions(+), 18 deletions(-) diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestAuthenticateAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestAuthenticateAction.java index 6b9797b8913..d592d59832a 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestAuthenticateAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/RestAuthenticateAction.java @@ -35,6 +35,12 @@ public class RestAuthenticateAction extends BaseRestHandler { super(settings); this.securityContext = securityContext; controller.registerHandler(GET, "/_xpack/security/_authenticate", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(GET, "/_shield/authenticate", this, + "[GET /_shield/authenticate] is deprecated! Use " + + "[GET /_xpack/security/_authenticate] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/realm/RestClearRealmCacheAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/realm/RestClearRealmCacheAction.java index 8f5dabef254..77d1f274288 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/realm/RestClearRealmCacheAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/realm/RestClearRealmCacheAction.java @@ -23,8 +23,17 @@ public class RestClearRealmCacheAction extends BaseRestHandler { @Inject public RestClearRealmCacheAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(POST, "/_xpack/security/realm/{realms}/_cache/clear", this); // deprecated controller.registerHandler(POST, "/_xpack/security/realm/{realms}/_clear_cache", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(POST, "/_shield/realm/{realms}/_cache/clear", this, + "[POST /_shield/realm/{realms}/_cache/clear] is deprecated! Use " + + "[POST /_xpack/security/realm/{realms}/_clear_cache] instead.", + deprecationLogger); + controller.registerAsDeprecatedHandler(POST, "/_shield/realm/{realms}/_clear_cache", this, + "[POST /_shield/realm/{realms}/_clear_cache] is deprecated! Use " + + "[POST /_xpack/security/realm/{realms}/_clear_cache] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestClearRolesCacheAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestClearRolesCacheAction.java index f591ea9fc14..c71401eca77 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestClearRolesCacheAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestClearRolesCacheAction.java @@ -5,7 +5,6 @@ */ package org.elasticsearch.xpack.security.rest.action.role; -import org.elasticsearch.client.node.NodeClient; import org.elasticsearch.client.node.NodeClient; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; @@ -28,6 +27,12 @@ public class RestClearRolesCacheAction extends BaseRestHandler { public RestClearRolesCacheAction(Settings settings, RestController controller) { super(settings); controller.registerHandler(POST, "/_xpack/security/role/{name}/_clear_cache", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(POST, "/_shield/role/{name}/_clear_cache", this, + "[POST /_shield/role/{name}/_clear_cache] is deprecated! Use " + + "[POST /_xpack/security/role/{name}/_clear_cache] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestDeleteRoleAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestDeleteRoleAction.java index a39f35465a3..36328cf427e 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestDeleteRoleAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestDeleteRoleAction.java @@ -21,6 +21,8 @@ import org.elasticsearch.xpack.security.action.role.DeleteRoleRequestBuilder; import org.elasticsearch.xpack.security.action.role.DeleteRoleResponse; import org.elasticsearch.xpack.security.client.SecurityClient; +import static org.elasticsearch.rest.RestRequest.Method.DELETE; + /** * Rest endpoint to delete a Role from the security index */ @@ -29,7 +31,13 @@ public class RestDeleteRoleAction extends BaseRestHandler { @Inject public RestDeleteRoleAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(RestRequest.Method.DELETE, "/_xpack/security/role/{name}", this); + controller.registerHandler(DELETE, "/_xpack/security/role/{name}", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(DELETE, "/_shield/role/{name}", this, + "[DELETE /_shield/role/{name}] is deprecated! Use " + + "[DELETE /_xpack/security/role/{name}] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestGetRolesAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestGetRolesAction.java index c8852bc954c..d9f4966d0a0 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestGetRolesAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestGetRolesAction.java @@ -22,6 +22,8 @@ import org.elasticsearch.xpack.security.action.role.GetRolesResponse; import org.elasticsearch.xpack.security.client.SecurityClient; import org.elasticsearch.xpack.security.authz.RoleDescriptor; +import static org.elasticsearch.rest.RestRequest.Method.GET; + /** * Rest endpoint to retrieve a Role from the security index */ @@ -30,8 +32,18 @@ public class RestGetRolesAction extends BaseRestHandler { @Inject public RestGetRolesAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(RestRequest.Method.GET, "/_xpack/security/role/", this); - controller.registerHandler(RestRequest.Method.GET, "/_xpack/security/role/{name}", this); + controller.registerHandler(GET, "/_xpack/security/role/", this); + controller.registerHandler(GET, "/_xpack/security/role/{name}", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(GET, "/_shield/role", this, + "[GET /_shield/role] is deprecated! Use " + + "[GET /_xpack/security/role] instead.", + deprecationLogger); + controller.registerAsDeprecatedHandler(GET, "/_shield/role/{name}", this, + "[GET /_shield/role/{name}] is deprecated! Use " + + "[GET /_xpack/security/role/{name}] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java index c52e03d4908..8d7f3672837 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java @@ -21,6 +21,9 @@ import org.elasticsearch.xpack.security.action.role.PutRoleRequestBuilder; import org.elasticsearch.xpack.security.action.role.PutRoleResponse; import org.elasticsearch.xpack.security.client.SecurityClient; +import static org.elasticsearch.rest.RestRequest.Method.POST; +import static org.elasticsearch.rest.RestRequest.Method.PUT; + /** * Rest endpoint to add a Role to the security index */ @@ -29,8 +32,18 @@ public class RestPutRoleAction extends BaseRestHandler { @Inject public RestPutRoleAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(RestRequest.Method.POST, "/_xpack/security/role/{name}", this); - controller.registerHandler(RestRequest.Method.PUT, "/_xpack/security/role/{name}", this); + controller.registerHandler(POST, "/_xpack/security/role/{name}", this); + controller.registerHandler(PUT, "/_xpack/security/role/{name}", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(POST, "/_shield/role/{name}", this, + "[POST /_shield/role/{name}] is deprecated! Use " + + "[POST /_xpack/security/role/{name}] instead.", + deprecationLogger); + controller.registerAsDeprecatedHandler(PUT, "/_shield/role/{name}", this, + "[PUT /_shield/role/{name}] is deprecated! Use " + + "[PUT /_xpack/security/role/{name}] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestChangePasswordAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestChangePasswordAction.java index aaa67ff3521..a564a85d3bd 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestChangePasswordAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestChangePasswordAction.java @@ -22,6 +22,9 @@ import org.elasticsearch.xpack.security.user.User; import org.elasticsearch.xpack.security.action.user.ChangePasswordResponse; import org.elasticsearch.xpack.security.client.SecurityClient; +import static org.elasticsearch.rest.RestRequest.Method.POST; +import static org.elasticsearch.rest.RestRequest.Method.PUT; + /** */ public class RestChangePasswordAction extends BaseRestHandler { @@ -32,10 +35,10 @@ public class RestChangePasswordAction extends BaseRestHandler { public RestChangePasswordAction(Settings settings, RestController controller, SecurityContext securityContext) { super(settings); this.securityContext = securityContext; - controller.registerHandler(RestRequest.Method.POST, "/_xpack/security/user/{username}/_password", this); - controller.registerHandler(RestRequest.Method.PUT, "/_xpack/security/user/{username}/_password", this); - controller.registerHandler(RestRequest.Method.POST, "/_xpack/security/user/_password", this); - controller.registerHandler(RestRequest.Method.PUT, "/_xpack/security/user/_password", this); + controller.registerHandler(POST, "/_xpack/security/user/{username}/_password", this); + controller.registerHandler(PUT, "/_xpack/security/user/{username}/_password", this); + controller.registerHandler(POST, "/_xpack/security/user/_password", this); + controller.registerHandler(PUT, "/_xpack/security/user/_password", this); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestDeleteUserAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestDeleteUserAction.java index 9f56479ca2c..197a70cffaa 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestDeleteUserAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestDeleteUserAction.java @@ -17,11 +17,12 @@ import org.elasticsearch.rest.RestRequest; import org.elasticsearch.rest.RestResponse; import org.elasticsearch.rest.RestStatus; import org.elasticsearch.rest.action.support.RestBuilderListener; -import org.elasticsearch.xpack.security.action.user.DeleteUserRequest; import org.elasticsearch.xpack.security.action.user.DeleteUserRequestBuilder; import org.elasticsearch.xpack.security.action.user.DeleteUserResponse; import org.elasticsearch.xpack.security.client.SecurityClient; +import static org.elasticsearch.rest.RestRequest.Method.DELETE; + /** * Rest action to delete a user from the security index */ @@ -30,7 +31,13 @@ public class RestDeleteUserAction extends BaseRestHandler { @Inject public RestDeleteUserAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(RestRequest.Method.DELETE, "/_xpack/security/user/{username}", this); + controller.registerHandler(DELETE, "/_xpack/security/user/{username}", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(DELETE, "/_shield/user/{username}", this, + "[DELETE /_shield/user/{username}] is deprecated! Use " + + "[DELETE /_xpack/security/user/{username}] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUsersAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUsersAction.java index 61a78692485..12576fc0258 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUsersAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestGetUsersAction.java @@ -9,7 +9,6 @@ import org.elasticsearch.client.node.NodeClient; import org.elasticsearch.common.Strings; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.common.xcontent.ToXContent; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.rest.BaseRestHandler; import org.elasticsearch.rest.BytesRestResponse; @@ -23,6 +22,8 @@ import org.elasticsearch.xpack.security.user.User; import org.elasticsearch.xpack.security.action.user.GetUsersResponse; import org.elasticsearch.xpack.security.client.SecurityClient; +import static org.elasticsearch.rest.RestRequest.Method.GET; + /** * Rest action to retrieve a user from the security index */ @@ -31,8 +32,18 @@ public class RestGetUsersAction extends BaseRestHandler { @Inject public RestGetUsersAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(RestRequest.Method.GET, "/_xpack/security/user/", this); - controller.registerHandler(RestRequest.Method.GET, "/_xpack/security/user/{username}", this); + controller.registerHandler(GET, "/_xpack/security/user/", this); + controller.registerHandler(GET, "/_xpack/security/user/{username}", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(GET, "/_shield/user", this, + "[GET /_shield/user] is deprecated! Use " + + "[GET /_xpack/security/user] instead.", + deprecationLogger); + controller.registerAsDeprecatedHandler(GET, "/_shield/user/{username}", this, + "[GET /_shield/user/{username}] is deprecated! Use " + + "[GET /_xpack/security/user/{username}] instead.", + deprecationLogger); } @Override diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestPutUserAction.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestPutUserAction.java index 1660017dd73..4b9c7e8c9f9 100644 --- a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestPutUserAction.java +++ b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/rest/action/user/RestPutUserAction.java @@ -21,6 +21,9 @@ import org.elasticsearch.xpack.security.action.user.PutUserRequestBuilder; import org.elasticsearch.xpack.security.action.user.PutUserResponse; import org.elasticsearch.xpack.security.client.SecurityClient; +import static org.elasticsearch.rest.RestRequest.Method.POST; +import static org.elasticsearch.rest.RestRequest.Method.PUT; + /** * Rest endpoint to add a User to the security index */ @@ -29,8 +32,18 @@ public class RestPutUserAction extends BaseRestHandler { @Inject public RestPutUserAction(Settings settings, RestController controller) { super(settings); - controller.registerHandler(RestRequest.Method.POST, "/_xpack/security/user/{username}", this); - controller.registerHandler(RestRequest.Method.PUT, "/_xpack/security/user/{username}", this); + controller.registerHandler(POST, "/_xpack/security/user/{username}", this); + controller.registerHandler(PUT, "/_xpack/security/user/{username}", this); + + // @deprecated: Remove in 6.0 + controller.registerAsDeprecatedHandler(POST, "/_shield/user/{username}", this, + "[POST /_shield/user/{username}] is deprecated! Use " + + "[POST /_xpack/security/user/{username}] instead.", + deprecationLogger); + controller.registerAsDeprecatedHandler(PUT, "/_shield/user/{username}", this, + "[PUT /_shield/user/{username}] is deprecated! Use " + + "[PUT /_xpack/security/user/{username}] instead.", + deprecationLogger); } @Override