[Cleanup] - FileRolesStore no longer depends on AuthorizationService

It used to be required, but since elastic/x-pack@607fabbade it's no longer needed.

Original commit: elastic/x-pack-elasticsearch@3c60798c2e

src/main/java/org/elasticsearch/shield/authc/esusers/tool/ESUsersTool.java

@@ -14,19 +14,15 @@ import org.elasticsearch.common.cli.commons.CommandLine;
 import org.elasticsearch.common.collect.*;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.env.Environment;
-import org.elasticsearch.shield.User;
 import org.elasticsearch.shield.authc.Realms;
 import org.elasticsearch.shield.authc.esusers.ESUsersRealm;
 import org.elasticsearch.shield.authc.esusers.FileUserPasswdStore;
 import org.elasticsearch.shield.authc.esusers.FileUserRolesStore;
 import org.elasticsearch.shield.authc.support.Hasher;
 import org.elasticsearch.shield.authc.support.SecuredString;
-import org.elasticsearch.shield.authz.AuthorizationException;
-import org.elasticsearch.shield.authz.AuthorizationService;
 import org.elasticsearch.shield.authz.Permission;
 import org.elasticsearch.shield.authz.store.FileRolesStore;
 import org.elasticsearch.shield.support.Validation;
-import org.elasticsearch.transport.TransportRequest;
 
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -437,7 +433,7 @@ public class ESUsersTool extends CliTool {
     private static ImmutableMap<String, Permission.Global.Role> loadRoles(Terminal terminal, Settings settings, Environment env) {
         Path rolesFile = FileRolesStore.resolveFile(settings, env);
         try {
-            return FileRolesStore.parseFile(rolesFile, null, new DummyAuthzService());
+            return FileRolesStore.parseFile(rolesFile, null);
         } catch (Throwable t) {
             // if for some reason, parsing fails (malformatted perhaps) we just warn
             terminal.println("Warning:  Could not parse [%s] for roles verification. Please revise and fix it. Nonetheless, the user will still be associated with all specified roles", rolesFile.toAbsolutePath());
@@ -473,16 +469,4 @@ public class ESUsersTool extends CliTool {
                     Strings.collectionToCommaDelimitedString(unknownRoles), rolesFile.toAbsolutePath());
         }
     }
-
-    private static class DummyAuthzService implements AuthorizationService {
-        @Override
-        public ImmutableList<String> authorizedIndicesAndAliases(User user, String action) {
-            return ImmutableList.of();
-        }
-
-        @Override
-        public void authorize(User user, String action, TransportRequest request) throws AuthorizationException {
-
-        }
-    }
 }

src/main/java/org/elasticsearch/shield/authz/store/FileRolesStore.java

@@ -20,7 +20,6 @@ import org.elasticsearch.common.xcontent.yaml.YamlXContent;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.shield.ShieldException;
 import org.elasticsearch.shield.ShieldPlugin;
-import org.elasticsearch.shield.authz.AuthorizationService;
 import org.elasticsearch.shield.authz.Permission;
 import org.elasticsearch.shield.authz.Privilege;
 import org.elasticsearch.shield.support.Validation;
@@ -54,16 +53,16 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
     private volatile ImmutableMap<String, Permission.Global.Role> permissions;
 
     @Inject
-    public FileRolesStore(Settings settings, Environment env, ResourceWatcherService watcherService, AuthorizationService authzService) {
-        this(settings, env, watcherService, authzService, Listener.NOOP);
+    public FileRolesStore(Settings settings, Environment env, ResourceWatcherService watcherService) {
+        this(settings, env, watcherService, Listener.NOOP);
     }
 
-    public FileRolesStore(Settings settings, Environment env, ResourceWatcherService watcherService, AuthorizationService authzService, Listener listener) {
+    public FileRolesStore(Settings settings, Environment env, ResourceWatcherService watcherService, Listener listener) {
         super(settings);
         file = resolveFile(settings, env);
-        permissions = parseFile(file, logger, authzService);
+        permissions = parseFile(file, logger);
         FileWatcher watcher = new FileWatcher(file.getParent().toFile());
-        watcher.addListener(new FileListener(authzService));
+        watcher.addListener(new FileListener());
         watcherService.add(watcher, ResourceWatcherService.Frequency.HIGH);
         this.listener = listener;
     }
@@ -82,7 +81,7 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
         return Paths.get(location);
     }
 
-    public static ImmutableMap<String, Permission.Global.Role> parseFile(Path path, ESLogger logger, AuthorizationService authzService) {
+    public static ImmutableMap<String, Permission.Global.Role> parseFile(Path path, ESLogger logger) {
         if (logger != null) {
             logger.trace("Reading roles file located at [{}]", path);
         }
@@ -233,12 +232,6 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
 
     private class FileListener extends FileChangesListener {
 
-        private final AuthorizationService authzService;
-
-        private FileListener(AuthorizationService authzService) {
-            this.authzService = authzService;
-        }
-
         @Override
         public void onFileCreated(File file) {
             onFileChanged(file);
@@ -252,7 +245,7 @@ public class FileRolesStore extends AbstractComponent implements RolesStore {
         @Override
         public void onFileChanged(File file) {
             if (file.equals(FileRolesStore.this.file.toFile())) {
-                permissions = parseFile(file.toPath(), logger, authzService);
+                permissions = parseFile(file.toPath(), logger);
                 listener.onRefresh();
             }
         }

src/test/java/org/elasticsearch/shield/authz/store/FileRolesStoreTests.java

@@ -11,7 +11,6 @@ import org.elasticsearch.common.settings.ImmutableSettings;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.env.Environment;
 import org.elasticsearch.shield.ShieldException;
-import org.elasticsearch.shield.authz.AuthorizationService;
 import org.elasticsearch.shield.authz.Permission;
 import org.elasticsearch.shield.authz.Privilege;
 import org.elasticsearch.test.ElasticsearchTestCase;
@@ -30,7 +29,6 @@ import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.TimeUnit;
 
 import static org.hamcrest.Matchers.*;
-import static org.mockito.Mockito.mock;
 
 /**
  *
@@ -40,7 +38,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
     @Test
     public void testParseFile() throws Exception {
         Path path = Paths.get(getClass().getResource("roles.yml").toURI());
-        Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(path, logger, mock(AuthorizationService.class));
+        Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(path, logger);
         assertThat(roles, notNullValue());
         assertThat(roles.size(), is(4));
 
@@ -106,7 +104,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
     @Test
     public void testDefaultRolesFile() throws Exception {
         Path path = Paths.get(getClass().getResource("default_roles.yml").toURI());
-        Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(path, logger, mock(AuthorizationService.class));
+        Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(path, logger);
         assertThat(roles, notNullValue());
         assertThat(roles.size(), is(8));
 
@@ -126,7 +124,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
                 "  cluster: all";
         Path file = newTempFile().toPath();
         Files.write(file, roles.getBytes(UTF8));
-        FileRolesStore.parseFile(file, null, mock(AuthorizationService.class));
+        FileRolesStore.parseFile(file, null);
     }
 
     @Test
@@ -147,7 +145,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
             threadPool = new ThreadPool("test");
             watcherService = new ResourceWatcherService(settings, threadPool);
             final CountDownLatch latch = new CountDownLatch(1);
-            FileRolesStore store = new FileRolesStore(settings, env, watcherService, mock(AuthorizationService.class), new FileRolesStore.Listener() {
+            FileRolesStore store = new FileRolesStore(settings, env, watcherService, new FileRolesStore.Listener() {
                 @Override
                 public void onRefresh() {
                     latch.countDown();
@@ -193,7 +191,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
     public void testThatEmptyFileDoesNotResultInLoop() throws Exception {
         File file = newTempFile();
         com.google.common.io.Files.write("#".getBytes(Charsets.UTF_8), file);
-        Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(file.toPath(), logger, mock(AuthorizationService.class));
+        Map<String, Permission.Global.Role> roles = FileRolesStore.parseFile(file.toPath(), logger);
         assertThat(roles.keySet(), is(empty()));
     }
 
@@ -201,6 +199,6 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
     public void testThatInvalidYAMLThrowsElasticsearchException() throws Exception {
         File file = newTempFile();
         com.google.common.io.Files.write("user: cluster: ALL indices: '*': ALL".getBytes(Charsets.UTF_8), file);
-        FileRolesStore.parseFile(file.toPath(), logger, mock(AuthorizationService.class));
+        FileRolesStore.parseFile(file.toPath(), logger);
     }
 }