honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor license checking (#52118) (#52859) 

Improve code resuse and readility. Add convenience checking method which
covers most use cases without having to pass many boolean arguments.
This commit is contained in:
Yang Wang 2020-02-27 13:04:19 +11:00 committed by GitHub
parent bc9c3f0135
commit f5c4e92558
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 145 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
x-pack/plugin/core/src/main/java/org/elasticsearch/license/LicenseService.java
View File

@ -255,9 +255,7 @@ public class LicenseService extends AbstractLifecycleComponent implements Cluste
throw new IllegalStateException("Cannot install a [" + newLicense.operationMode() + throw new IllegalStateException("Cannot install a [" + newLicense.operationMode() +
"] license unless TLS is configured or security is disabled"); "] license unless TLS is configured or security is disabled");
} else if (XPackSettings.FIPS_MODE_ENABLED.get(settings) } else if (XPackSettings.FIPS_MODE_ENABLED.get(settings)
&& newLicense.operationMode() != License.OperationMode.PLATINUM && false == XPackLicenseState.isFipsAllowedForOperationMode(newLicense.operationMode())) {
&& newLicense.operationMode() != License.OperationMode.ENTERPRISE
&& newLicense.operationMode() != License.OperationMode.TRIAL) {
throw new IllegalStateException("Cannot install a [" + newLicense.operationMode() + throw new IllegalStateException("Cannot install a [" + newLicense.operationMode() +
"] license unless FIPS mode is disabled"); "] license unless FIPS mode is disabled");
} }

288
x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java
View File

@ -387,8 +387,17 @@ public class XPackLicenseState {
return executeAgainstStatus(status -> status.mode); return executeAgainstStatus(status -> status.mode);
} }
/**
* Checks that the cluster has a valid licence of any level.
* @see #isActive()
*/
public boolean allowForAllLicenses() {
return checkAgainstStatus(status -> status.active);
}
// Package private for tests
/** Return true if the license is currently within its time boundaries, false otherwise. */ /** Return true if the license is currently within its time boundaries, false otherwise. */
public boolean isActive() { boolean isActive() {
return checkAgainstStatus(status -> status.active); return checkAgainstStatus(status -> status.active);
} }
@ -397,31 +406,19 @@ public class XPackLicenseState {
* @see #allowedRealmType() for the enabled realms * @see #allowedRealmType() for the enabled realms
*/ */
public boolean isAuthAllowed() { public boolean isAuthAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.BASIC, true, false, true); return isAllowedBySecurityAndLicense(OperationMode.BASIC, false, true);
} }
/**
* @return true if IP filtering should be enabled
*/
public boolean isIpFilteringAllowed() { public boolean isIpFilteringAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.GOLD, true, false, true); return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
} }
/**
* @return true if auditing should be enabled
*/
public boolean isAuditingAllowed() { public boolean isAuditingAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.GOLD, true, false, true); return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
} }
/**
* Indicates whether the stats and health API calls should be allowed. If a license is expired and past the grace
* period then we deny these calls.
*
* @return true if the license allows for the stats and health APIs to be used.
*/
public boolean isStatsAndHealthAllowed() { public boolean isStatsAndHealthAllowed() {
return isActive(); return allowForAllLicenses();
} }
/** /**
@ -429,15 +426,16 @@ public class XPackLicenseState {
* <p> * <p>
* DLS and FLS are only disabled when the mode is not: * DLS and FLS are only disabled when the mode is not:
* <ul> * <ul>
* <li>{@link OperationMode#PLATINUM}</li> * <li>{@link OperationMode#PLATINUM} or higher</li>
* <li>{@link OperationMode#TRIAL}</li> * <li>{@link OperationMode#TRIAL}</li>
* </ul> * </ul>
* Note: This does not consider the <em>state</em> of the license so that Security does not suddenly leak information! * Note: This does not consider the <em>state</em> of the license so that Security does not suddenly leak information!
* i.e. the same DLS guarantee keeps working for existing configuration even after license expires.
* *
* @return {@code true} to enable DLS and FLS. Otherwise {@code false}. * @return {@code true} to enable DLS and FLS. Otherwise {@code false}.
*/ */
public boolean isDocumentAndFieldLevelSecurityAllowed() { public boolean isDocumentAndFieldLevelSecurityAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, true, false, true); return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false, true);
} }
/** Classes of realms that may be available based on the license type. */ /** Classes of realms that may be available based on the license type. */
@ -474,67 +472,46 @@ public class XPackLicenseState {
}); });
} }
/**
* @return whether custom role providers are allowed based on the license {@link OperationMode}
*/
public boolean isCustomRoleProvidersAllowed() { public boolean isCustomRoleProvidersAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, true, true, true); return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
} }
/** /**
* @return whether the Elasticsearch {@code TokenService} is allowed based on the license {@link OperationMode} * Whether the Elasticsearch {@code TokenService} is allowed
*/ */
public boolean isTokenServiceAllowed() { public boolean isTokenServiceAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.GOLD, true, false, true); return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
} }
/** /**
* @return whether the Elasticsearch {@code ApiKeyService} is allowed based on the current node/cluster state * Whether the Elasticsearch {@code ApiKeyService} is allowed
*/ */
public boolean isApiKeyServiceAllowed() { public boolean isApiKeyServiceAllowed() {
return isAllowedBySecurity(); return isAllowedBySecurityAndLicense(OperationMode.MISSING, false, true);
} }
/** /**
* @return whether "authorization_realms" are allowed based on the license {@link OperationMode} * Whether "authorization_realms" is allowed
* @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings * @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings
*/ */
public boolean isAuthorizationRealmAllowed() { public boolean isAuthorizationRealmAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, true, true, true); return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
} }
/** /**
* @return whether a custom authorization engine is allowed based on the license {@link OperationMode} * Whether a custom authorization engine is allowed
* @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings * @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings
*/ */
public boolean isAuthorizationEngineAllowed() { public boolean isAuthorizationEngineAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, true, true, true); return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
} }
/**
* Determine if Watcher is available based on the current license.
* <p>
* Watcher is available if the license is active (hasn't expired) and of one of the following types:
* <ul>
* <li>{@link OperationMode#STANDARD}</li>
* <li>{@link OperationMode#PLATINUM}</li>
* <li>{@link OperationMode#GOLD}</li>
* <li>{@link OperationMode#TRIAL}</li>
* </ul>
*
* @return {@code true} as long as the license is valid. Otherwise {@code false}.
*/
public boolean isWatcherAllowed() { public boolean isWatcherAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.STANDARD, false, true, true); return isAllowedByLicense(OperationMode.STANDARD);
} }
/**
* Monitoring is always available as long as there is a valid license
*
* @return true if the license is active
*/
public boolean isMonitoringAllowed() { public boolean isMonitoringAllowed() {
return isActive(); return allowForAllLicenses();
} }
/** /**
@ -557,52 +534,23 @@ public class XPackLicenseState {
* @return {@code true} if the user is allowed to modify the retention. Otherwise {@code false}. * @return {@code true} if the user is allowed to modify the retention. Otherwise {@code false}.
*/ */
public boolean isUpdateRetentionAllowed() { public boolean isUpdateRetentionAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.STANDARD, false, false, true); return isAllowedByLicense(OperationMode.STANDARD, false, true);
} }
/**
* Determine if Graph Exploration should be enabled.
* <p>
* Exploration is only disabled when the license has expired or if the mode is not:
* <ul>
* <li>{@link OperationMode#PLATINUM}</li>
* <li>{@link OperationMode#TRIAL}</li>
* </ul>
*
* @return {@code true} as long as the license is valid. Otherwise {@code false}.
*/
public boolean isGraphAllowed() { public boolean isGraphAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, false, true, true); return isAllowedByLicense(OperationMode.PLATINUM);
} }
/**
* Determine if Machine Learning should be enabled.
* <p>
* Machine Learning is only disabled when the license has expired or if the
* mode is not:
* <ul>
* <li>{@link OperationMode#PLATINUM}</li>
* <li>{@link OperationMode#TRIAL}</li>
* </ul>
*
* @return {@code true} as long as the license is valid. Otherwise
* {@code false}.
*/
public boolean isMachineLearningAllowed() { public boolean isMachineLearningAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, false, true, true); return isAllowedByLicense(OperationMode.PLATINUM);
} }
public static boolean isMachineLearningAllowedForOperationMode(final OperationMode operationMode) { public static boolean isMachineLearningAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true); return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
} }
/**
* Transform is always available as long as there is a valid license
*
* @return true if the license is active
*/
public boolean isTransformAllowed() { public boolean isTransformAllowed() {
return isActive(); return allowForAllLicenses();
} }
public static boolean isTransformAllowedForOperationMode(final OperationMode operationMode) { public static boolean isTransformAllowedForOperationMode(final OperationMode operationMode) {
@ -614,154 +562,75 @@ public class XPackLicenseState {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true); return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
} }
/**
* Rollup is always available as long as there is a valid license
*
* @return true if the license is active
*/
public boolean isRollupAllowed() { public boolean isRollupAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Voting only node functionality is always available as long as there is a valid license
*
* @return true if the license is active
*/
public boolean isVotingOnlyAllowed() { public boolean isVotingOnlyAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Logstash is allowed as long as there is an active license of type TRIAL, STANDARD, GOLD or PLATINUM
* @return {@code true} as long as there is a valid license
*/
public boolean isLogstashAllowed() { public boolean isLogstashAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.STANDARD, false, true, true); return isAllowedByLicense(OperationMode.STANDARD);
} }
/**
* Beats is allowed as long as there is an active license of type TRIAL, STANDARD, GOLD or PLATINUM
* @return {@code true} as long as there is a valid license
*/
public boolean isBeatsAllowed() { public boolean isBeatsAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.STANDARD, false, true, true); return isAllowedByLicense(OperationMode.STANDARD);
} }
/**
* Deprecation APIs are always allowed as long as there is an active license
* @return {@code true} as long as there is a valid license
*/
public boolean isDeprecationAllowed() { public boolean isDeprecationAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if Upgrade API should be enabled.
*
* @return {@code true} as long as the license is valid. Otherwise
* {@code false}.
*/
public boolean isUpgradeAllowed() { public boolean isUpgradeAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if Index Lifecycle API should be enabled.
*
* @return {@code true} as long as the license is valid. Otherwise
* {@code false}.
*/
public boolean isIndexLifecycleAllowed() { public boolean isIndexLifecycleAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if the enrich processor and related APIs are allowed to be used.
*
* @return {@code true} as long as the license is valid. Otherwise
* {@code false}.
*/
public boolean isEnrichAllowed() { public boolean isEnrichAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if EQL support should be enabled.
* <p>
* EQL is available for all license types except {@link OperationMode#MISSING}
*/
public boolean isEqlAllowed() { public boolean isEqlAllowed() {
return checkAgainstStatus(status -> status.active); return allowForAllLicenses();
} }
/**
* Determine if SQL support should be enabled.
*/
public boolean isSqlAllowed() { public boolean isSqlAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if JDBC support should be enabled.
* <p>
* JDBC is available only in for {@link OperationMode#PLATINUM} and {@link OperationMode#TRIAL} licences
*/
public boolean isJdbcAllowed() { public boolean isJdbcAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, false, true, true); return isAllowedByLicense(OperationMode.PLATINUM);
} }
/**
* Determine if support for flattened object fields should be enabled.
*/
public boolean isFlattenedAllowed() { public boolean isFlattenedAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if Vectors support should be enabled.
*/
public boolean isVectorsAllowed() { public boolean isVectorsAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Determine if ODBC support should be enabled.
* <p>
* ODBC is available only in for {@link OperationMode#PLATINUM} and {@link OperationMode#TRIAL} licences
*/
public boolean isOdbcAllowed() { public boolean isOdbcAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, false, true, true); return isAllowedByLicense(OperationMode.PLATINUM);
} }
/**
* Determine if Spatial features should be enabled.
*
* @return {@code true} as long as the license is valid. Otherwise
* {@code false}.
*/
public boolean isSpatialAllowed() { public boolean isSpatialAllowed() {
return isActive(); return allowForAllLicenses();
} }
/**
* Analytics is always available as long as there is a valid license
*
* @return true if the license is active
*/
public boolean isAnalyticsAllowed() { public boolean isAnalyticsAllowed() {
return isActive(); return allowForAllLicenses();
} }
/** /**
* @return true if security is available to be used with the current license type * @return true if security is available to be used with the current license type
*/ */
public boolean isSecurityAvailable() { public boolean isSecurityAvailable() {
return checkAgainstStatus(status -> { return checkAgainstStatus(status -> status.mode != OperationMode.MISSING);
OperationMode mode = status.mode;
return mode == OperationMode.GOLD || mode == OperationMode.PLATINUM || mode == OperationMode.STANDARD ||
mode == OperationMode.TRIAL || mode == OperationMode.BASIC || mode == OperationMode.ENTERPRISE;
});
} }
/** /**
@ -815,18 +684,10 @@ public class XPackLicenseState {
} }
/** /**
* Determine if cross-cluster replication should be enabled. * Determine if cross-cluster replication is allowed
* <p>
* Cross-cluster replication is only disabled when the license has expired or if the mode is not:
* <ul>
* <li>{@link OperationMode#PLATINUM}</li>
* <li>{@link OperationMode#TRIAL}</li>
* </ul>
*
* @return true is the license is compatible, otherwise false
*/ */
public boolean isCcrAllowed() { public boolean isCcrAllowed() {
return isAllowedByLicenseAndSecurity(OperationMode.PLATINUM, false, true, true); return isAllowedByLicense(OperationMode.PLATINUM);
} }
public static boolean isCcrAllowedForOperationMode(final OperationMode operationMode) { public static boolean isCcrAllowedForOperationMode(final OperationMode operationMode) {
@ -852,26 +713,23 @@ public class XPackLicenseState {
return executeAgainstStatus(status -> new XPackLicenseState(listeners, isSecurityEnabled, isSecurityExplicitlyEnabled, status)); return executeAgainstStatus(status -> new XPackLicenseState(listeners, isSecurityEnabled, isSecurityExplicitlyEnabled, status));
} }
private boolean isAllowedBySecurity() {
return checkAgainstStatus(status -> isSecurityEnabled(status.mode, isSecurityExplicitlyEnabled, isSecurityEnabled));
}
/** /**
* Test whether a feature is allowed by the status of current license and security configuration. * Test whether a feature is allowed by the status of license and security configuration.
* Note the difference to {@link #isAllowedByLicense(OperationMode, boolean, boolean)}
* is this method requires security to be enabled.
* *
* @param minimumMode The minimum license to meet or exceed * @param minimumMode The minimum license to meet or exceed
* @param needSecurity Whether security is required for feature to be allowed * @param needActive Whether current license needs to be active.
* @param needActive Whether current license needs to be active
* @param allowTrial Whether the feature is allowed for trial license * @param allowTrial Whether the feature is allowed for trial license
* *
* @return true if feature is allowed, otherwise false * @return true if feature is allowed, otherwise false
*/ */
private boolean isAllowedByLicenseAndSecurity( private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean needActive, boolean allowTrial) {
OperationMode minimumMode, boolean needSecurity, boolean needActive, boolean allowTrial) {
return checkAgainstStatus(status -> { return checkAgainstStatus(status -> {
if (needSecurity && false == isSecurityEnabled(status.mode, isSecurityExplicitlyEnabled, isSecurityEnabled)) { if (false == isSecurityEnabled(status.mode, isSecurityExplicitlyEnabled, isSecurityEnabled)) {
return false; return false;
} }
// Do not delegate to isAllowedByLicense as it also captures "status" which may be different from here
if (needActive && false == status.active) { if (needActive && false == status.active) {
return false; return false;
} }
@ -879,4 +737,34 @@ public class XPackLicenseState {
}); });
} }
/**
* Test whether a feature is allowed by the status of license. Note difference to
* {@link #isAllowedBySecurityAndLicense} is this method does <b>Not</b> require security
* to be enabled.
*
* @param minimumMode The minimum license to meet or exceed
* @param needActive Whether current license needs to be active
* @param allowTrial Whether the feature is allowed for trial license
*
* @return true if feature is allowed, otherwise false
*/
public boolean isAllowedByLicense(OperationMode minimumMode, boolean needActive, boolean allowTrial) {
return checkAgainstStatus(status -> {
if (needActive && false == status.active) {
return false;
}
return isAllowedByOperationMode(status.mode, minimumMode, allowTrial);
});
}
/**
* A convenient method to test whether a feature is by license status.
* @see #isAllowedByLicense(OperationMode, boolean, boolean)
*
* @param minimumMode The minimum license to meet or exceed
*/
public boolean isAllowedByLicense(OperationMode minimumMode) {
return isAllowedByLicense(minimumMode, true, true);
}
} }

7
x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/ml/inference/TrainedModelConfig.java
View File

@ -242,14 +242,13 @@ public class TrainedModelConfig implements ToXContentObject, Writeable {
return true; return true;
} }
// The model license does not matter, this is the highest licensed level // The model license does not matter, Platinum license gets the same functions as the highest license
if (licenseState.isActive() && XPackLicenseState.isAllowedByOperationMode( if (licenseState.isAllowedByLicense(License.OperationMode.PLATINUM)) {
licenseState.getOperationMode(), License.OperationMode.PLATINUM, true)) {
return true; return true;
} }
// catch the rest, if the license is active and is at least the required model license // catch the rest, if the license is active and is at least the required model license
return licenseState.isActive() && License.OperationMode.compare(licenseState.getOperationMode(), licenseLevel) >= 0; return licenseState.isAllowedByLicense(licenseLevel, true, false);
} }
@Override @Override

94
x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/ml/inference/TrainedModelConfigTests.java
View File

@ -44,6 +44,8 @@ import static org.elasticsearch.xpack.core.ml.utils.ToXContentParams.FOR_INTERNA
import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.not; import static org.hamcrest.Matchers.not;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anyBoolean;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
@ -307,53 +309,63 @@ public class TrainedModelConfigTests extends AbstractSerializingTestCase<Trained
public void testIsAvailableWithLicense() { public void testIsAvailableWithLicense() {
TrainedModelConfig.Builder builder = createTestInstance(randomAlphaOfLength(10)); TrainedModelConfig.Builder builder = createTestInstance(randomAlphaOfLength(10));
XPackLicenseState licenseState = mock(XPackLicenseState.class); XPackLicenseState licenseState = mock(XPackLicenseState.class);
when(licenseState.isActive()).thenReturn(false);
when(licenseState.getOperationMode()).thenReturn(License.OperationMode.BASIC);
// Reject everything
when(licenseState.isAllowedByLicense(any(License.OperationMode.class), anyBoolean(), anyBoolean())).thenAnswer(
invocationOnMock -> {
final Object[] arguments = invocationOnMock.getArguments();
assertTrue((boolean) arguments[1]); // ensure the call is made to require active license
return false;
}
);
assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState)); assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState)); assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
when(licenseState.isActive()).thenReturn(true);
when(licenseState.getOperationMode()).thenReturn(License.OperationMode.ENTERPRISE);
assertTrue(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
when(licenseState.isActive()).thenReturn(false);
assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState)); assertFalse(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
// Basic license always works not matter what
when(licenseState.isActive()).thenReturn(true);
when(licenseState.getOperationMode()).thenReturn(License.OperationMode.PLATINUM);
assertTrue(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState)); assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
when(licenseState.isActive()).thenReturn(false);
assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
when(licenseState.isActive()).thenReturn(true);
when(licenseState.getOperationMode()).thenReturn(License.OperationMode.GOLD);
assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
when(licenseState.isActive()).thenReturn(false);
assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
} }
public void testActivePlatinumLicenseAlwaysWorks() {
TrainedModelConfig.Builder builder = createTestInstance(randomAlphaOfLength(10));
XPackLicenseState licenseState = mock(XPackLicenseState.class);
when(licenseState.isAllowedByLicense(License.OperationMode.PLATINUM)).thenReturn(true);
// Active Platinum license functions the same as Enterprise license (highest) and should always work
when(licenseState.isAllowedByLicense(any(License.OperationMode.class), anyBoolean(), anyBoolean())).thenAnswer(
invocationOnMock -> {
final Object[] arguments = invocationOnMock.getArguments();
assertEquals(License.OperationMode.PLATINUM, arguments[0]);
assertTrue((boolean) arguments[1]); // ensure the call is made to require active license
assertTrue((boolean) arguments[2]);
return true;
}
);
assertTrue(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
}
public void testActiveGoldLicenseWillWorkWhenRequiredLevelIsGold() {
TrainedModelConfig.Builder builder = createTestInstance(randomAlphaOfLength(10));
XPackLicenseState licenseState = mock(XPackLicenseState.class);
// Active Gold license should work when required level is gold
when(licenseState.isAllowedByLicense(any(License.OperationMode.class), anyBoolean(), anyBoolean())).thenAnswer(
invocationOnMock -> {
final Object[] arguments = invocationOnMock.getArguments();
assertTrue((boolean) arguments[1]); // ensure the call is made to require active license
if (License.OperationMode.PLATINUM == arguments[0] && Boolean.TRUE.equals(arguments[2])) {
return false;
} else
return License.OperationMode.GOLD == arguments[0] && Boolean.FALSE.equals(arguments[2]);
}
);
assertFalse(builder.setLicenseLevel(License.OperationMode.ENTERPRISE.description()).build().isAvailableWithLicense(licenseState));
assertFalse(builder.setLicenseLevel(License.OperationMode.PLATINUM.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.BASIC.description()).build().isAvailableWithLicense(licenseState));
assertTrue(builder.setLicenseLevel(License.OperationMode.GOLD.description()).build().isAvailableWithLicense(licenseState));
}
} }