Adapt to AbstractQueryBuilder upstream changes
AbstractQueryBuilder doesn't extend ToXContentToBytes anymore Original commit: elastic/x-pack-elasticsearch@6c1b948ccb
This commit is contained in:
Luca Cavanna
GitHub
parent
9c937449b4
commit
dac28fe4e0
|
|
@ -12,9 +12,12 @@ import org.elasticsearch.cluster.health.ClusterHealthStatus;
|
||||||
import org.elasticsearch.cluster.health.ClusterIndexHealth;
|
import org.elasticsearch.cluster.health.ClusterIndexHealth;
|
||||||
import org.elasticsearch.cluster.metadata.IndexMetaData;
|
import org.elasticsearch.cluster.metadata.IndexMetaData;
|
||||||
import org.elasticsearch.cluster.metadata.MetaData;
|
import org.elasticsearch.cluster.metadata.MetaData;
|
||||||
|
import org.elasticsearch.common.bytes.BytesReference;
|
||||||
import org.elasticsearch.common.settings.Settings;
|
import org.elasticsearch.common.settings.Settings;
|
||||||
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||||
import org.elasticsearch.common.util.set.Sets;
|
import org.elasticsearch.common.util.set.Sets;
|
||||||
|
import org.elasticsearch.common.xcontent.XContentHelper;
|
||||||
|
import org.elasticsearch.common.xcontent.XContentType;
|
||||||
import org.elasticsearch.index.query.QueryBuilders;
|
import org.elasticsearch.index.query.QueryBuilders;
|
||||||
import org.elasticsearch.license.License.OperationMode;
|
import org.elasticsearch.license.License.OperationMode;
|
||||||
import org.elasticsearch.license.TestUtils.UpdatableLicenseState;
|
import org.elasticsearch.license.TestUtils.UpdatableLicenseState;
|
||||||
|
|
@ -27,6 +30,7 @@ import org.elasticsearch.xpack.security.authz.RoleDescriptor;
|
||||||
import org.elasticsearch.xpack.security.authz.permission.FieldPermissionsCache;
|
import org.elasticsearch.xpack.security.authz.permission.FieldPermissionsCache;
|
||||||
import org.elasticsearch.xpack.security.authz.privilege.IndexPrivilege;
|
import org.elasticsearch.xpack.security.authz.privilege.IndexPrivilege;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
|
|
@ -54,7 +58,7 @@ import static org.mockito.Mockito.when;
|
||||||
|
|
||||||
public class CompositeRolesStoreTests extends ESTestCase {
|
public class CompositeRolesStoreTests extends ESTestCase {
|
||||||
|
|
||||||
public void testRolesWhenDlsFlsUnlicensed() {
|
public void testRolesWhenDlsFlsUnlicensed() throws IOException {
|
||||||
XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
||||||
when(licenseState.isDocumentAndFieldLevelSecurityAllowed()).thenReturn(false);
|
when(licenseState.isDocumentAndFieldLevelSecurityAllowed()).thenReturn(false);
|
||||||
RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] {
|
RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] {
|
||||||
|
|
@ -65,11 +69,12 @@ public class CompositeRolesStoreTests extends ESTestCase {
|
||||||
.privileges("read")
|
.privileges("read")
|
||||||
.build()
|
.build()
|
||||||
}, null);
|
}, null);
|
||||||
|
BytesReference matchAllBytes = XContentHelper.toXContent(QueryBuilders.matchAllQuery(), XContentType.JSON, false);
|
||||||
RoleDescriptor dlsRole = new RoleDescriptor("dls", null, new IndicesPrivileges[] {
|
RoleDescriptor dlsRole = new RoleDescriptor("dls", null, new IndicesPrivileges[] {
|
||||||
IndicesPrivileges.builder()
|
IndicesPrivileges.builder()
|
||||||
.indices("*")
|
.indices("*")
|
||||||
.privileges("read")
|
.privileges("read")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build()
|
.build()
|
||||||
}, null);
|
}, null);
|
||||||
RoleDescriptor flsDlsRole = new RoleDescriptor("fls_dls", null, new IndicesPrivileges[] {
|
RoleDescriptor flsDlsRole = new RoleDescriptor("fls_dls", null, new IndicesPrivileges[] {
|
||||||
|
|
@ -78,7 +83,7 @@ public class CompositeRolesStoreTests extends ESTestCase {
|
||||||
.privileges("read")
|
.privileges("read")
|
||||||
.grantedFields("*")
|
.grantedFields("*")
|
||||||
.deniedFields("foo")
|
.deniedFields("foo")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build()
|
.build()
|
||||||
}, null);
|
}, null);
|
||||||
RoleDescriptor noFlsDlsRole = new RoleDescriptor("no_fls_dls", null, new IndicesPrivileges[] {
|
RoleDescriptor noFlsDlsRole = new RoleDescriptor("no_fls_dls", null, new IndicesPrivileges[] {
|
||||||
|
|
@ -113,7 +118,7 @@ public class CompositeRolesStoreTests extends ESTestCase {
|
||||||
assertNotEquals(Role.EMPTY, roleFuture.actionGet());
|
assertNotEquals(Role.EMPTY, roleFuture.actionGet());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testRolesWhenDlsFlsLicensed() {
|
public void testRolesWhenDlsFlsLicensed() throws IOException {
|
||||||
XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
||||||
when(licenseState.isDocumentAndFieldLevelSecurityAllowed()).thenReturn(true);
|
when(licenseState.isDocumentAndFieldLevelSecurityAllowed()).thenReturn(true);
|
||||||
RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] {
|
RoleDescriptor flsRole = new RoleDescriptor("fls", null, new IndicesPrivileges[] {
|
||||||
|
|
@ -124,11 +129,12 @@ public class CompositeRolesStoreTests extends ESTestCase {
|
||||||
.privileges("read")
|
.privileges("read")
|
||||||
.build()
|
.build()
|
||||||
}, null);
|
}, null);
|
||||||
|
BytesReference matchAllBytes = XContentHelper.toXContent(QueryBuilders.matchAllQuery(), XContentType.JSON, false);
|
||||||
RoleDescriptor dlsRole = new RoleDescriptor("dls", null, new IndicesPrivileges[] {
|
RoleDescriptor dlsRole = new RoleDescriptor("dls", null, new IndicesPrivileges[] {
|
||||||
IndicesPrivileges.builder()
|
IndicesPrivileges.builder()
|
||||||
.indices("*")
|
.indices("*")
|
||||||
.privileges("read")
|
.privileges("read")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build()
|
.build()
|
||||||
}, null);
|
}, null);
|
||||||
RoleDescriptor flsDlsRole = new RoleDescriptor("fls_dls", null, new IndicesPrivileges[] {
|
RoleDescriptor flsDlsRole = new RoleDescriptor("fls_dls", null, new IndicesPrivileges[] {
|
||||||
|
|
@ -137,7 +143,7 @@ public class CompositeRolesStoreTests extends ESTestCase {
|
||||||
.privileges("read")
|
.privileges("read")
|
||||||
.grantedFields("*")
|
.grantedFields("*")
|
||||||
.deniedFields("foo")
|
.deniedFields("foo")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build()
|
.build()
|
||||||
}, null);
|
}, null);
|
||||||
RoleDescriptor noFlsDlsRole = new RoleDescriptor("no_fls_dls", null, new IndicesPrivileges[] {
|
RoleDescriptor noFlsDlsRole = new RoleDescriptor("no_fls_dls", null, new IndicesPrivileges[] {
|
||||||
|
|
|
||||||
|
|
@ -28,6 +28,7 @@ import org.elasticsearch.common.collect.ImmutableOpenMap;
|
||||||
import org.elasticsearch.common.settings.Settings;
|
import org.elasticsearch.common.settings.Settings;
|
||||||
import org.elasticsearch.common.xcontent.ToXContent;
|
import org.elasticsearch.common.xcontent.ToXContent;
|
||||||
import org.elasticsearch.common.xcontent.XContentBuilder;
|
import org.elasticsearch.common.xcontent.XContentBuilder;
|
||||||
|
import org.elasticsearch.common.xcontent.XContentHelper;
|
||||||
import org.elasticsearch.common.xcontent.XContentType;
|
import org.elasticsearch.common.xcontent.XContentType;
|
||||||
import org.elasticsearch.index.Index;
|
import org.elasticsearch.index.Index;
|
||||||
import org.elasticsearch.index.query.QueryBuilders;
|
import org.elasticsearch.index.query.QueryBuilders;
|
||||||
|
|
@ -103,9 +104,11 @@ public class NativeRolesStoreTests extends ESTestCase {
|
||||||
null);
|
null);
|
||||||
assertFalse(flsRole.getTransientMetadata().containsKey("unlicensed_features"));
|
assertFalse(flsRole.getTransientMetadata().containsKey("unlicensed_features"));
|
||||||
|
|
||||||
|
BytesReference matchAllBytes = XContentHelper.toXContent(QueryBuilders.matchAllQuery(), XContentType.JSON, false);
|
||||||
|
|
||||||
RoleDescriptor dlsRole = new RoleDescriptor("dls", null,
|
RoleDescriptor dlsRole = new RoleDescriptor("dls", null,
|
||||||
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build() },
|
.build() },
|
||||||
null);
|
null);
|
||||||
assertFalse(dlsRole.getTransientMetadata().containsKey("unlicensed_features"));
|
assertFalse(dlsRole.getTransientMetadata().containsKey("unlicensed_features"));
|
||||||
|
|
@ -114,7 +117,7 @@ public class NativeRolesStoreTests extends ESTestCase {
|
||||||
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
||||||
.grantedFields("*")
|
.grantedFields("*")
|
||||||
.deniedFields("foo")
|
.deniedFields("foo")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build() },
|
.build() },
|
||||||
null);
|
null);
|
||||||
assertFalse(flsDlsRole.getTransientMetadata().containsKey("unlicensed_features"));
|
assertFalse(flsDlsRole.getTransientMetadata().containsKey("unlicensed_features"));
|
||||||
|
|
@ -180,7 +183,7 @@ public class NativeRolesStoreTests extends ESTestCase {
|
||||||
assertFalse(role.getTransientMetadata().containsKey("unlicensed_features"));
|
assertFalse(role.getTransientMetadata().containsKey("unlicensed_features"));
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testPutOfRoleWithFlsDlsUnlicensed() {
|
public void testPutOfRoleWithFlsDlsUnlicensed() throws IOException {
|
||||||
final InternalClient internalClient = mock(InternalClient.class);
|
final InternalClient internalClient = mock(InternalClient.class);
|
||||||
final ClusterService clusterService = mock(ClusterService.class);
|
final ClusterService clusterService = mock(ClusterService.class);
|
||||||
final XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
final XPackLicenseState licenseState = mock(XPackLicenseState.class);
|
||||||
|
|
@ -213,10 +216,11 @@ public class NativeRolesStoreTests extends ESTestCase {
|
||||||
rolesStore.putRole(putRoleRequest, flsRole, future);
|
rolesStore.putRole(putRoleRequest, flsRole, future);
|
||||||
ElasticsearchSecurityException e = expectThrows(ElasticsearchSecurityException.class, future::actionGet);
|
ElasticsearchSecurityException e = expectThrows(ElasticsearchSecurityException.class, future::actionGet);
|
||||||
assertThat(e.getMessage(), containsString("field and document level security"));
|
assertThat(e.getMessage(), containsString("field and document level security"));
|
||||||
|
BytesReference matchAllBytes = XContentHelper.toXContent(QueryBuilders.matchAllQuery(), XContentType.JSON, false);
|
||||||
|
|
||||||
RoleDescriptor dlsRole = new RoleDescriptor("dls", null,
|
RoleDescriptor dlsRole = new RoleDescriptor("dls", null,
|
||||||
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build() },
|
.build() },
|
||||||
null);
|
null);
|
||||||
future = new PlainActionFuture<>();
|
future = new PlainActionFuture<>();
|
||||||
|
|
@ -228,7 +232,7 @@ public class NativeRolesStoreTests extends ESTestCase {
|
||||||
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
new IndicesPrivileges[] { IndicesPrivileges.builder().indices("*").privileges("READ")
|
||||||
.grantedFields("*")
|
.grantedFields("*")
|
||||||
.deniedFields("foo")
|
.deniedFields("foo")
|
||||||
.query(QueryBuilders.matchAllQuery().buildAsBytes())
|
.query(matchAllBytes)
|
||||||
.build() },
|
.build() },
|
||||||
null);
|
null);
|
||||||
future = new PlainActionFuture<>();
|
future = new PlainActionFuture<>();
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue