From e7b5702f502cdd55e1ab4c38f7a9d632644b3a9a Mon Sep 17 00:00:00 2001 From: Simon Willnauer Date: Mon, 25 Sep 2017 12:27:07 +0200 Subject: [PATCH] Adopt settings cleanups from core (elastic/x-pack-elasticsearch#2605) Relates to elastic/elasticsearch#26739 Original commit: elastic/x-pack-elasticsearch@dd13d099de82d2d1025394894035c1f5cf1d5c65 --- .../xpack/notification/jira/JiraAccount.java | 15 +++++++++++++- .../security/authc/support/DnRoleMapper.java | 7 ++++--- .../xpack/ssl/RestrictedTrustConfig.java | 8 +++----- .../DocumentLevelSecurityTests.java | 4 ++-- .../integration/FieldLevelSecurityTests.java | 2 +- .../test/SecurityIntegTestCase.java | 2 +- .../xpack/graph/test/GraphTests.java | 2 +- .../MonitoringSettingsIntegTests.java | 10 +++------- .../notification/jira/JiraAccountTests.java | 2 +- .../xpack/security/SecurityTribeIT.java | 20 ++++++++++--------- ...ServerTransportFilterIntegrationTests.java | 1 - .../DNSOnlyHostnameVerificationTests.java | 2 +- .../netty4/IPHostnameVerificationTests.java | 2 +- .../example/realm/CustomRealmIT.java | 6 +++--- .../example/role/CustomRolesProviderIT.java | 2 +- 15 files changed, 47 insertions(+), 38 deletions(-) diff --git a/plugin/src/main/java/org/elasticsearch/xpack/notification/jira/JiraAccount.java b/plugin/src/main/java/org/elasticsearch/xpack/notification/jira/JiraAccount.java index ff29ba7ff92..e6eab2a87ec 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/notification/jira/JiraAccount.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/notification/jira/JiraAccount.java @@ -9,6 +9,10 @@ import org.elasticsearch.common.Booleans; import org.elasticsearch.common.Strings; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.SettingsException; +import org.elasticsearch.common.xcontent.NamedXContentRegistry; +import org.elasticsearch.common.xcontent.ToXContent; +import org.elasticsearch.common.xcontent.XContentBuilder; +import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.xpack.common.http.HttpClient; import org.elasticsearch.xpack.common.http.HttpMethod; import org.elasticsearch.xpack.common.http.HttpProxy; @@ -18,6 +22,7 @@ import org.elasticsearch.xpack.common.http.Scheme; import org.elasticsearch.xpack.common.http.auth.basic.BasicAuth; import java.io.IOException; +import java.io.UncheckedIOException; import java.net.URI; import java.net.URISyntaxException; import java.util.Collections; @@ -68,7 +73,15 @@ public class JiraAccount { if (Strings.isEmpty(this.password)) { throw requiredSettingException(name, PASSWORD_SETTING); } - this.issueDefaults = Collections.unmodifiableMap(settings.getAsSettings(ISSUE_DEFAULTS_SETTING).getAsStructuredMap()); + try (XContentBuilder builder = XContentBuilder.builder(XContentType.JSON.xContent())) { + builder.startObject(); + settings.getAsSettings(ISSUE_DEFAULTS_SETTING).toXContent(builder, ToXContent.EMPTY_PARAMS); + builder.endObject(); + this.issueDefaults = Collections.unmodifiableMap(XContentType.JSON.xContent() + .createParser(new NamedXContentRegistry(Collections.emptyList()), builder.bytes()).map()); + } catch (IOException ex) { + throw new UncheckedIOException(ex); + } } public String getName() { diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapper.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapper.java index 24f1edc1325..04c5eaff6f4 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapper.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/support/DnRoleMapper.java @@ -32,6 +32,7 @@ import org.elasticsearch.action.ActionListener; import org.elasticsearch.bootstrap.BootstrapCheck; import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.common.settings.SettingsException; import org.elasticsearch.env.Environment; import org.elasticsearch.watcher.FileChangesListener; import org.elasticsearch.watcher.FileWatcher; @@ -127,8 +128,8 @@ public class DnRoleMapper implements UserRoleMapper { } } - try (InputStream in = Files.newInputStream(path)) { - Settings settings = Settings.builder().loadFromStream(path.toString(), in).build(); + try { + Settings settings = Settings.builder().loadFromPath(path).build(); Map> dnToRoles = new HashMap<>(); Set roles = settings.names(); @@ -163,7 +164,7 @@ public class DnRoleMapper implements UserRoleMapper { logger.debug("[{}] role mappings found in file [{}] for realm [{}/{}]", dnToRoles.size(), path.toAbsolutePath(), realmType, realmName); return unmodifiableMap(dnToRoles); - } catch (IOException | YAMLException e) { + } catch (IOException | SettingsException e) { throw new ElasticsearchException("could not read realm [" + realmType + "/" + realmName + "] role mappings file [" + path.toAbsolutePath() + "]", e); } diff --git a/plugin/src/main/java/org/elasticsearch/xpack/ssl/RestrictedTrustConfig.java b/plugin/src/main/java/org/elasticsearch/xpack/ssl/RestrictedTrustConfig.java index 3ffee9a5219..6d67aa3c1f9 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/ssl/RestrictedTrustConfig.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/ssl/RestrictedTrustConfig.java @@ -83,10 +83,8 @@ public final class RestrictedTrustConfig extends TrustConfig { } private CertificateTrustRestrictions readTrustGroup(Path path) throws IOException { - try (InputStream in = Files.newInputStream(path)) { - Settings settings = Settings.builder().loadFromStream(path.toString(), in).build(); - final String[] trustNodeNames = settings.getAsArray(RESTRICTIONS_KEY_SUBJECT_NAME); - return new CertificateTrustRestrictions(Arrays.asList(trustNodeNames)); - } + Settings settings = Settings.builder().loadFromPath(path).build(); + final String[] trustNodeNames = settings.getAsArray(RESTRICTIONS_KEY_SUBJECT_NAME); + return new CertificateTrustRestrictions(Arrays.asList(trustNodeNames)); } } diff --git a/plugin/src/test/java/org/elasticsearch/integration/DocumentLevelSecurityTests.java b/plugin/src/test/java/org/elasticsearch/integration/DocumentLevelSecurityTests.java index 5715f5b574b..96cd8e250a1 100644 --- a/plugin/src/test/java/org/elasticsearch/integration/DocumentLevelSecurityTests.java +++ b/plugin/src/test/java/org/elasticsearch/integration/DocumentLevelSecurityTests.java @@ -586,7 +586,7 @@ public class DocumentLevelSecurityTests extends SecurityIntegTestCase { public void testChildrenAggregation() throws Exception { assertAcked(client().admin().indices().prepareCreate("test") - .setSettings("index.version.created", Version.V_5_6_0.id) + .setSettings(Settings.builder().put("index.version.created", Version.V_5_6_0.id)) .addMapping("type1", "field1", "type=text", "field2", "type=text") .addMapping("type2", "_parent", "type=type1", "field3", "type=text,fielddata=true") ); @@ -643,7 +643,7 @@ public class DocumentLevelSecurityTests extends SecurityIntegTestCase { public void testParentChild_parentField() { assertAcked(prepareCreate("test") - .setSettings("index.version.created", Version.V_5_6_0.id) + .setSettings(Settings.builder().put("index.version.created", Version.V_5_6_0.id)) .addMapping("parent") .addMapping("child", "_parent", "type=parent", "field1", "type=text", "field2", "type=text", "field3", "type=text")); ensureGreen(); diff --git a/plugin/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java b/plugin/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java index d0727a1e90d..3ac523a5860 100644 --- a/plugin/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java +++ b/plugin/src/test/java/org/elasticsearch/integration/FieldLevelSecurityTests.java @@ -1221,7 +1221,7 @@ public class FieldLevelSecurityTests extends SecurityIntegTestCase { public void testParentChild_parentField() { assertAcked(prepareCreate("test") - .setSettings("index.version.created", Version.V_5_6_0.id) + .setSettings(Settings.builder().put("index.version.created", Version.V_5_6_0.id)) .addMapping("parent") .addMapping("child", "_parent", "type=parent")); ensureGreen(); diff --git a/plugin/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java b/plugin/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java index bc7370ece0a..f267f40f228 100644 --- a/plugin/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java +++ b/plugin/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java @@ -214,7 +214,7 @@ public abstract class SecurityIntegTestCase extends ESIntegTestCase { // Disable native ML autodetect_process as the c++ controller won't be available .put(MachineLearning.AUTODETECT_PROCESS.getKey(), false); Settings customSettings = customSecuritySettingsSource.nodeSettings(nodeOrdinal); - builder.put(customSettings.getAsMap()); // handle secure settings separately + builder.put(customSettings, false); // handle secure settings separately Settings.Builder customBuilder = Settings.builder().put(customSettings); if (customBuilder.getSecureSettings() != null) { SecuritySettingsSource.addSecureSettings(builder, secureSettings -> diff --git a/plugin/src/test/java/org/elasticsearch/xpack/graph/test/GraphTests.java b/plugin/src/test/java/org/elasticsearch/xpack/graph/test/GraphTests.java index b903a7bc518..9ad13c83e3d 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/graph/test/GraphTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/graph/test/GraphTests.java @@ -79,7 +79,7 @@ public class GraphTests extends XPackSingleNodeTestCase { public void setUp() throws Exception { super.setUp(); assertAcked(client().admin().indices().prepareCreate("test") - .setSettings(SETTING_NUMBER_OF_SHARDS, 2, SETTING_NUMBER_OF_REPLICAS, 0) + .setSettings(Settings.builder().put(SETTING_NUMBER_OF_SHARDS, 2).put(SETTING_NUMBER_OF_REPLICAS, 0)) .addMapping("type", "decade", "type=keyword", "people", "type=keyword", diff --git a/plugin/src/test/java/org/elasticsearch/xpack/monitoring/MonitoringSettingsIntegTests.java b/plugin/src/test/java/org/elasticsearch/xpack/monitoring/MonitoringSettingsIntegTests.java index 8fbe69c7377..7a05a291e06 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/monitoring/MonitoringSettingsIntegTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/monitoring/MonitoringSettingsIntegTests.java @@ -92,16 +92,12 @@ public class MonitoringSettingsIntegTests extends MonitoringIntegTestCase { MonitoringSettings.JOB_STATS_TIMEOUT}; for (Setting setting : monitoringSettings) { if (setting.isDynamic()) { - Object updated = null; if (setting.get(Settings.EMPTY) instanceof TimeValue) { - updated = newRandomTimeValue(); - transientSettings.put(setting.getKey(), updated); + transientSettings.put(setting.getKey(), newRandomTimeValue().toString()); } else if (setting.get(Settings.EMPTY) instanceof Boolean) { - updated = randomBoolean(); - transientSettings.put(setting.getKey(), updated); + transientSettings.put(setting.getKey(), randomBoolean()); } else if (setting.get(Settings.EMPTY) instanceof List) { - updated = randomStringArray(); - transientSettings.putArray(setting.getKey(), (String[]) updated); + transientSettings.putArray(setting.getKey(), randomStringArray()); } else { fail("unknown dynamic setting [" + setting + "]"); } diff --git a/plugin/src/test/java/org/elasticsearch/xpack/notification/jira/JiraAccountTests.java b/plugin/src/test/java/org/elasticsearch/xpack/notification/jira/JiraAccountTests.java index c5448d4b76e..3c98660037f 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/notification/jira/JiraAccountTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/notification/jira/JiraAccountTests.java @@ -216,7 +216,7 @@ public class JiraAccountTests extends ESTestCase { for (Map.Entry setting : defaults.entrySet()) { String key = "xpack.notification.jira.account." + name + "." + JiraAccount.ISSUE_DEFAULTS_SETTING + "." + setting.getKey(); if (setting.getValue() instanceof String) { - builder.put(key, setting.getValue()); + builder.put(key, setting.getValue().toString()); } else if (setting.getValue() instanceof Map) { builder.putProperties((Map) setting.getValue(), s -> key + "." + s); } diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java b/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java index 36ca4f95b57..d8099b5d3d1 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityTribeIT.java @@ -226,17 +226,19 @@ public class SecurityTribeIT extends NativeRealmIntegTestCase { } }; final Settings settingsTemplate = cluster2SettingsSource.nodeSettings(0); - - Map asMap = new HashMap<>(settingsTemplate.getAsMap()); - asMap.remove(NodeEnvironment.MAX_LOCAL_STORAGE_NODES_SETTING.getKey()); Settings.Builder tribe1Defaults = Settings.builder(); Settings.Builder tribe2Defaults = Settings.builder(); - for (Map.Entry entry : asMap.entrySet()) { - if (entry.getKey().startsWith("path.")) { - continue; - } else if (entry.getKey().equals("transport.tcp.port")) { - continue; + Settings tribeSettings = settingsTemplate.filter(k -> { + if (k.equals(NodeEnvironment.MAX_LOCAL_STORAGE_NODES_SETTING.getKey())) { + return false; + } if (k.startsWith("path.")) { + return false; + } else if (k.equals("transport.tcp.port")) { + return false; } + return true; + }); + for (Map.Entry entry : tribeSettings.getAsMap().entrySet()) { tribe1Defaults.put("tribe.t1." + entry.getKey(), entry.getValue()); tribe2Defaults.put("tribe.t2." + entry.getKey(), entry.getValue()); } @@ -255,7 +257,7 @@ public class SecurityTribeIT extends NativeRealmIntegTestCase { Settings merged = Settings.builder() .put(internalCluster().getDefaultSettings()) - .put(asMap) + .put(tribeSettings, false) .put("tribe.t1.cluster.name", internalCluster().getClusterName()) .put("tribe.t2.cluster.name", cluster2.getClusterName()) .put("tribe.blocks.write", false) diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/transport/ServerTransportFilterIntegrationTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/transport/ServerTransportFilterIntegrationTests.java index cf885973adf..f8dde4c7806 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/transport/ServerTransportFilterIntegrationTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/transport/ServerTransportFilterIntegrationTests.java @@ -102,7 +102,6 @@ public class ServerTransportFilterIntegrationTests extends SecurityIntegTestCase // test that starting up a node works Settings.Builder nodeSettings = Settings.builder() - .put() .put("node.name", "my-test-node") .put("network.host", "localhost") .put("cluster.name", internalCluster().getClusterName()) diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/DNSOnlyHostnameVerificationTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/DNSOnlyHostnameVerificationTests.java index 288d23d43fc..d97e6df367c 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/DNSOnlyHostnameVerificationTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/DNSOnlyHostnameVerificationTests.java @@ -95,7 +95,7 @@ public class DNSOnlyHostnameVerificationTests extends SecurityIntegTestCase { public Settings nodeSettings(int nodeOrdinal) { Settings defaultSettings = super.nodeSettings(nodeOrdinal); Settings.Builder builder = Settings.builder() - .put(defaultSettings.filter((s) -> s.startsWith("xpack.ssl.") == false).getAsMap()) + .put(defaultSettings.filter((s) -> s.startsWith("xpack.ssl.") == false), false) .put("transport.host", hostName); Path keystorePath = nodeConfigPath(nodeOrdinal).resolve("keystore.jks"); try (OutputStream os = Files.newOutputStream(keystorePath)) { diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IPHostnameVerificationTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IPHostnameVerificationTests.java index 3b3139d121c..8b859d12a91 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IPHostnameVerificationTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/transport/netty4/IPHostnameVerificationTests.java @@ -31,7 +31,7 @@ public class IPHostnameVerificationTests extends SecurityIntegTestCase { protected Settings nodeSettings(int nodeOrdinal) { Settings settings = super.nodeSettings(nodeOrdinal); Settings.Builder builder = Settings.builder() - .put(settings.filter((s) -> s.startsWith("xpack.ssl.") == false).getAsMap()); + .put(settings.filter((s) -> s.startsWith("xpack.ssl.") == false), false); settings = builder.build(); // The default Unicast test behavior is to use 'localhost' with the port number. For this test we need to use IP diff --git a/qa/security-example-extension/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java b/qa/security-example-extension/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java index 04360ec535d..3924ee332ff 100644 --- a/qa/security-example-extension/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java +++ b/qa/security-example-extension/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java @@ -38,7 +38,7 @@ public class CustomRealmIT extends ESIntegTestCase { protected Settings externalClusterClientSettings() { return Settings.builder() .put(ThreadContext.PREFIX + "." + CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER) - .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW) + .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString()) .put(NetworkModule.TRANSPORT_TYPE_KEY, "security4") .build(); } @@ -78,7 +78,7 @@ public class CustomRealmIT extends ESIntegTestCase { .put("cluster.name", clusterName) .put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toAbsolutePath().toString()) .put(ThreadContext.PREFIX + "." + CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER) - .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW) + .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString()) .build(); try (TransportClient client = new PreBuiltXPackTransportClient(settings)) { client.addTransportAddress(publishAddress); @@ -98,7 +98,7 @@ public class CustomRealmIT extends ESIntegTestCase { .put("cluster.name", clusterName) .put(Environment.PATH_HOME_SETTING.getKey(), createTempDir().toAbsolutePath().toString()) .put(ThreadContext.PREFIX + "." + CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER + randomAlphaOfLength(1)) - .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW) + .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString()) .build(); try (TransportClient client = new PreBuiltXPackTransportClient(settings)) { client.addTransportAddress(publishAddress); diff --git a/qa/security-example-extension/src/test/java/org/elasticsearch/example/role/CustomRolesProviderIT.java b/qa/security-example-extension/src/test/java/org/elasticsearch/example/role/CustomRolesProviderIT.java index eef08e140a3..4fcda0527d6 100644 --- a/qa/security-example-extension/src/test/java/org/elasticsearch/example/role/CustomRolesProviderIT.java +++ b/qa/security-example-extension/src/test/java/org/elasticsearch/example/role/CustomRolesProviderIT.java @@ -40,7 +40,7 @@ public class CustomRolesProviderIT extends ESIntegTestCase { protected Settings externalClusterClientSettings() { return Settings.builder() .put(ThreadContext.PREFIX + "." + CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER) - .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW) + .put(ThreadContext.PREFIX + "." + CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString()) .put(NetworkModule.TRANSPORT_TYPE_KEY, "security4") .build(); }