Commit Graph

145 Commits

Author SHA1 Message Date
jaymode 14c21786ee Test: add back the stop of the local audit trails
If also indexing locally, we need to stop the audit trail indexing otherwise the test cluster checks
will fail. See elastic/elasticsearch#598

Original commit: elastic/x-pack-elasticsearch@6767ab2edb
2015-09-09 08:39:51 -04:00
jaymode 0de73ec330 Test: don't check shard counters for RemoteIndexAuditTrailStartingTests
For the RemoteIndexAuditTrailStartingTests we start a remote cluster and index into the test cluster and after
the test we stop the remote cluster but indexing operations can still be ongoing in the test cluster and thus cause
locked shards causing lots of noise in CI. We simply skip this check for these tests.

Closes elastic/elasticsearch#598

Original commit: elastic/x-pack-elasticsearch@e678f82f29
2015-09-09 07:51:38 -04:00
jaymode 94dbf3f2a7 allow for the Environment to be optional in the ClientSSLService
This change makes the environment optional for the ClientSSLService, which is used for
Transport Clients and also used for LDAP client connections. Since we use the ClientSSLService
for LDAP connections, we still need the environment when running as a node under the
security manager to resolve paths from the configuration directory.

Closes elastic/elasticsearch#573

Original commit: elastic/x-pack-elasticsearch@862fafffe3
2015-09-09 06:43:34 -04:00
Ryan Ernst 5dd5f525b5 Remove some warnings caught by -Xlint
Original commit: elastic/x-pack-elasticsearch@50bea927cf
2015-09-09 00:16:13 -07:00
Ryan Ernst 2ab0db4373 Fix compile issues after removal of loadConfigSettings from transport
client

Original commit: elastic/x-pack-elasticsearch@2efe4f2980
2015-09-08 17:22:54 -07:00
Martijn van Groningen e7b338a077 test: added smoke test for the shield tribe node integration
Original commit: elastic/x-pack-elasticsearch@f7ab8b9044
2015-09-08 12:37:36 +02:00
Martijn van Groningen 547b6346f6 Changed the underlying DLS implementation
Instead of wrapping the IndexSearcher and applying the role query during the rewrite, the role query gets applied in a custom filtered reader that applies the query via the live docs.

The big advantage is that DLS is being applied in all document based APIs instead of just the _search and _percolate APIs.

In order to better deal with the cost of converting the role query to a bitset, the bitsets are cached in the bitset filter cache
and if the role query bitset is sparse the role query and main query will execute in a leapfrog manner to make executing queries faster.
 If the role query bitset isn't sparse, we fallback to livedocs.

Closes elastic/elasticsearch#537

Original commit: elastic/x-pack-elasticsearch@330b96e1f2
2015-09-08 11:04:10 +02:00
Adrien Grand 06ec935a08 Fix x-plugins following count/scan removal from elasticsearch-core.
Original commit: elastic/x-pack-elasticsearch@ee43991a0a
2015-09-07 17:44:01 +02:00
Jason Tedor 9a729638da Remove and forbid use of com.google.common.base.Strings
This commit removes and now forbids all uses of
com.google.common.base.Strings across the codebase.

For uses of com.google.common.base.Strings.isNullOrEmpty, use
org.elasticsearch.common.Strings.isNullOrEmpty.

For uses of com.google.common.base.Strings.padStart use
org.elasticsearch.common.Strings.padStart.

For uses of com.google.common.base.Strings.nullToEmpty use
org.elasticsearch.common.Strings.coalesceToEmpty.

Relates elastic/elasticsearchelastic/elasticsearch#13224

Original commit: elastic/x-pack-elasticsearch@d6e349e654
2015-09-07 09:37:30 -04:00
Jason Tedor 74cdc2f4ce Remove and forbid the use of com.google.common.base.Predicate(s)?
This commit removes and now forbids all uses of
com.google.common.base.Predicate and com.google.common.base.Predicates
across the codebase. This is one of the many steps in the eventual
removal of Guava as a dependency. This was enabled by
elastic/elasticsearchelastic/elasticsearch#13314.

Relates elastic/elasticsearchelastic/elasticsearch#13224, elastic/elasticsearchelastic/elasticsearch#13349

Original commit: elastic/x-pack-elasticsearch@968b81849f
2015-09-04 13:33:31 -04:00
uboness 533c14242f Bumped the version to 3.0.0-SNAPSHOT
Original commit: elastic/x-pack-elasticsearch@0771b3e589
2015-09-04 16:30:11 +02:00
jaymode 2f93428f22 test: poll for the index audit trail template
The template may not get recreated immediately due to other pending cluster state updates.

Original commit: elastic/x-pack-elasticsearch@810d77b397
2015-09-03 17:43:14 -04:00
jaymode 480406ebc7 Test: stop the IndexAuditTrail if running to prevent locked shards
The InternalTestCluster checks after the tests run if there are any locked shards, which is still
possible because the IndexAuditTrail is running and auditing events. This change makes the
test stop the IndexAuditTrail if they are running in the local cluster.

Original commit: elastic/x-pack-elasticsearch@f7fb564525
2015-09-03 13:00:42 -04:00
jaymode 1dbdf2ea1f add note on extended key usage
Closes elastic/elasticsearch#362

Original commit: elastic/x-pack-elasticsearch@0a2e0ab6d1
2015-09-03 11:53:39 -04:00
jaymode 892d9774f5 update limitations around more like this query
This updates the limitations section to indicate that the MLT query only works with Elasticsearch
1.6.2+ and 1.7.1+.

Closes elastic/elasticsearch#331

Original commit: elastic/x-pack-elasticsearch@70f2bb484e
2015-09-03 11:45:50 -04:00
jaymode afacb47828 make IndexAuditTrail recreate template and remove ShieldWrappingCluster
The ShieldWrappingCluster was added to prevent deletion of the IndexAuditTrail template when
running tests since the wipe() method will delete all templates. However, the cluster wrapping
is problematic with indexRandom() and causes noise in CI. This change removes the
ShieldWrappingCluster and changes the IndexAuditTrail to recreate the index template if it is
removed.

Closes elastic/elasticsearch#562

Original commit: elastic/x-pack-elasticsearch@0403ea7cef
2015-09-03 11:32:24 -04:00
Adrien Grand b4d5ef5904 Fix query rewriting for document-level security to be stable.
Original commit: elastic/x-pack-elasticsearch@3ad7eb4ded
2015-09-03 12:46:20 +02:00
Martijn van Groningen f270e585f4 dls: compare the rewritten query
Original commit: elastic/x-pack-elasticsearch@b84d661f33
2015-09-03 10:57:24 +02:00
Martijn van Groningen 99d91b7a9c Added wildcard support to the FLS `fields` option.
Closes elastic/elasticsearch#452

Original commit: elastic/x-pack-elasticsearch@4e82ce0472
2015-09-03 10:37:34 +02:00
Martijn van Groningen 1a84daab2a DLS: don't wrap twice
Original commit: elastic/x-pack-elasticsearch@86f6f7ac17
2015-09-03 10:31:23 +02:00
Areek Zillur dc471bc0a9 Fix naming for abstract test cases
Original commit: elastic/x-pack-elasticsearch@546ac98077
2015-09-02 16:58:06 -04:00
Britta Weber f90afd72d2 Update handler list for change in refresh and flush action
renamed actions back to admin/* and add suffix [s] instead

Original commit: elastic/x-pack-elasticsearch@32d3365941
2015-09-01 12:56:27 +02:00
Britta Weber 6cafd41d4f Update handler list for change in refresh and flush action
https://github.com/elastic/elasticsearch/pull/13068

Original commit: elastic/x-pack-elasticsearch@5e3e512481
2015-09-01 09:34:44 +02:00
debadair 75d8d12c37 Docs: Updated kibana.yml settings to match 4.2 changes. Closes elastic/elasticsearch#524.
Original commit: elastic/x-pack-elasticsearch@e305153fe5
2015-08-31 14:35:59 -07:00
Martijn van Groningen 39b7092185 test: removed the 'plugin.types' usages from the source code
Original commit: elastic/x-pack-elasticsearch@a94cdee31f
2015-08-31 22:45:56 +02:00
jaymode 2de31460c8 remove use of ImmutableList in shield
Original commit: elastic/x-pack-elasticsearch@83be549a11
2015-08-31 15:59:28 -04:00
Martijn van Groningen 5900a65085 fixed compile error due to upstream change
Original commit: elastic/x-pack-elasticsearch@70a16e125c
2015-08-31 21:28:35 +02:00
Martijn van Groningen 90d0cb22ac unmuted test
Original commit: elastic/x-pack-elasticsearch@8bd95e427e
2015-08-31 21:28:18 +02:00
Martijn van Groningen 896ee0447c test: properly delegate the ShieldIntegTestCase#transportClientPlugins() and ShieldIntegTestCase#nodePlugins() methods to the settings source.
Original commit: elastic/x-pack-elasticsearch@7d55833917
2015-08-31 17:54:48 +02:00
jaymode a63f4d3678 suppress the LocalTransport for all Shield tests
Original commit: elastic/x-pack-elasticsearch@6c0b840643
2015-08-31 09:50:22 -04:00
Martijn van Groningen bd6111e9a7 updated await fix url
Original commit: elastic/x-pack-elasticsearch@e1646af2cd
2015-08-31 15:40:38 +02:00
Jason Tedor 36b5eaf09b Add test to ensure that ShieldServerTransportService wraps all handlers
This commit adds a test to ensure that all request handlers are wrapped
by ProfileSecuredRequestHandler.

Original commit: elastic/x-pack-elasticsearch@26473d0ddc
2015-08-31 08:30:35 -04:00
jaymode fb11827f78 mute TribeTests and remove license plugin from transportClientPlugins
See elastic/elasticsearch#551

Original commit: elastic/x-pack-elasticsearch@1d2ba3fc0e
2015-08-31 08:24:05 -04:00
Martijn van Groningen 1786e8eb10 test: use mock node to supply the plugins
Original commit: elastic/x-pack-elasticsearch@3f1aa333e8
2015-08-31 13:37:37 +02:00
David Pilato 13d5619d4e Merge branch 'pr/typo'
Original commit: elastic/x-pack-elasticsearch@73d7f06605
2015-08-31 13:15:14 +02:00
Boaz Leskes d75a8b8d6c Update handler list for change in Upgrade action
See https://github.com/elastic/elasticsearch/pull/13205

Original commit: elastic/x-pack-elasticsearch@8759f59eb5
2015-08-31 13:05:05 +02:00
Martijn van Groningen fd84ea7e90 test: make sure plugins are loaded in transport client
Original commit: elastic/x-pack-elasticsearch@81dd18d8b8
2015-08-31 13:01:39 +02:00
Martijn van Groningen b79be0db42 muted test
Original commit: elastic/x-pack-elasticsearch@112546cad9
2015-08-31 12:58:10 +02:00
Martijn van Groningen 677cf7e573 delegate
Original commit: elastic/x-pack-elasticsearch@5999c5d17b
2015-08-31 12:58:03 +02:00
Martijn van Groningen c81af81cd3 test: more fixes due to upstream changes
Original commit: elastic/x-pack-elasticsearch@92119d102c
2015-08-31 12:30:05 +02:00
Martijn van Groningen 98f5f489d0 test: more fixes due to upstream test infrastructure changes
Original commit: elastic/x-pack-elasticsearch@ab2dcca86d
2015-08-31 11:45:33 +02:00
David Pilato 88e389dd2e [typo] LICESE_EXPIRATION_ACTION_MATCHER should be LICENSE_...
Original commit: elastic/x-pack-elasticsearch@1e91087de7
2015-08-31 11:19:11 +02:00
Martijn van Groningen af4af34e2b fix compile errors
Original commit: elastic/x-pack-elasticsearch@38feef1376
2015-08-31 10:47:49 +02:00
Jason Tedor c09c5611b8 Add override of handler registration method to wrap handler
Original commit: elastic/x-pack-elasticsearch@4dcfb637c2
2015-08-30 17:49:56 -04:00
Boaz Leskes add8dd4cc4 Update handler list for changes made in https://github.com/elastic/elasticsearch/pull/12944
Original commit: elastic/x-pack-elasticsearch@2dcbf8bc99
2015-08-30 09:16:34 +02:00
jaymode d6eb2c8261 do not copy the authorization header from rest requests
Currently we copy the authorization header from every rest request to the action request. This is not
necessary because the user associated with each request is copied into the context and then if the
request leaves the node, the user will be serialized into a string and attached as a header.

This commit removes the copying of the authorization header as it is not necessary and by not copying
it, we limit the amount of copies we make of this sensitive information.

Original commit: elastic/x-pack-elasticsearch@4e5ba4b4aa
2015-08-28 09:04:39 -04:00
Martijn van Groningen fc9aff30bc fixed forbidden api failures:
Arrays.newArrayList() -> new ArrayList<>()
ImmutableSet.of() -> Collections.emptyList()

Original commit: elastic/x-pack-elasticsearch@a36a4eaa16
2015-08-28 10:18:48 +02:00
Martijn van Groningen 5f01f793d5 Added document and field level security
This commit adds document and field level security to Shield.

Field level security can be enabled by adding the `fields` option to a role in the `role.yml` file.

For example:

```yaml
customer_care:
  indices:
    '*':
      privileges: read
      fields:
        - issue_id
        - description
        - customer_handle
        - customer_email
        - customer_address
        - customer_phone
```

The `fields` list is an inclusive list of fields that controls what fields should be accessible for that role. By default all meta fields (_uid, _type, _source, _ttl etc) are also included, otherwise ES or specific features stop working. The `_all` field if configured, isn't included by default, since that actually contains data from all the other fields. If the `_all` field is required then this needs to be added to the `fields` list in a role. In the case of the content of the `_source` field and `_field_names` there is special filtering in place so that only the content relevant for the role are being returned.

If no `fields` is specified then field level security is disabled for that role and all fields in an index are accessible.

Field level security can be setup per index group.

Field level security is implemented at the Lucene level by wrapping a directory index reader and hides fields away that aren't in the `field` list defined with the role of the current user. It as if the other fields never existed.

* Any `realtime` read operation from the translog is disabled. Instead this operations fall back to the Lucene index, which makes these operations compatible with field level security, but there aren't realtime.
*  If user with role A executes first and the result gets cached and then a user with role B executes the same query results from the query executed with role A would be returned. This is bad and therefore the query cache is disabled.
* For the same reason the request cache is also disabled.
* The update API is blocked. An update request needs to be executed via a role that doesn't have field level security enabled.

Document level security can be enabled by adding the `query` option to a role in the `role.yml` file:
```yaml
customer_care:
  indices:
    '*':
      privileges: read
      query:
        term:
         department_id: 12
```

Document level security is implemented as a filter that filters out documents there don't match with the query. This is like index aliases, but better, because the role query is embedded on the lowest level possible in ES (Engine level) and on all places the acquire an IndexSearcher the role query will always be included. While alias filters are applied at a higher level (after the searcher has been acquired)

Document level security can be setup per index group.

Right now like alias filters the document level security isn't applied on all APIs. Like for example the get api, term vector api, which ignore the alias filter. These apis do acquire an IndexSearcher, but don't use the IndexSearcher itself and directly use the index reader to access the inverted index and there for bypassing the role query. If it is required to these apis need document level security too the the implementation for document level security needs to change.

Closes elastic/elasticsearch#341

Original commit: elastic/x-pack-elasticsearch@fac085dca6
2015-08-27 17:54:50 +02:00
jaymode 693d16777c correct the shield offline download links
Closes elastic/elasticsearch#499

Original commit: elastic/x-pack-elasticsearch@86a8015132
2015-08-25 10:00:58 -04:00
Areek Zillur ef7d4e2579 stub out acknowledge callbacks for commercial plugins
Original commit: elastic/x-pack-elasticsearch@d16f9dc1df
2015-08-24 18:25:40 -04:00