Commit Graph

2555 Commits

Author SHA1 Message Date
Joe Fleming 29fbaf233f Merge pull request elastic/elasticsearch#1437 from tsullivan/kibana-marvel-fix-version-check-and-scripts
kibana marvel - fix version check for x-pack context

Original commit: elastic/x-pack-elasticsearch@54f8242a9e
2016-02-02 18:36:30 -07:00
uboness 266917e1bc fix build
More places where String.format was missing a Locale

Original commit: elastic/x-pack-elasticsearch@6e3df91526
2016-02-03 00:16:24 +01:00
uboness db003cd2a4 fix build
Added Local to String.format

Original commit: elastic/x-pack-elasticsearch@2c7368c3de
2016-02-02 23:12:36 +01:00
Tim Sullivan 042f93b362 Merge pull request elastic/elasticsearch#1395 from w33ble/kibana-packager
Kibana X-Pack Packager

Original commit: elastic/x-pack-elasticsearch@c2c6f22fd4
2016-02-02 14:43:24 -07:00
Joe Fleming 4f1ddff974 Merge pull request elastic/elasticsearch#1427 from tsullivan/kibana-marvel-xpack-updates
Kibana Marvel: Updates for getting consistent other X-Pack UI code

Original commit: elastic/x-pack-elasticsearch@8f3e7f8217
2016-02-02 14:35:52 -07:00
uboness ffab6da42d fix build with latest core changes
`Terminal.println(..)` doesn't support varargs arguments anymore

Original commit: elastic/x-pack-elasticsearch@533a4f7919
2016-02-02 20:57:05 +01:00
uboness e039ef412f Shield refactoring for 5.0
- Consolidated `InternalMarvelUser`, `InternalWatcherUser` and `InternalShieldUser` into a single `XPackUser` - this is the single internal user for xpack that has all the permissions internally required by xpack (for marvel, watcher and shield)

 - Renamed `InternalSystemUser` to `SystemUser`

 - Removed the notion of "reserved roles". Now that we have a single internal user we know its role. The authz service now checks to see if the current user is the internal xpack user, and if so, it just uses its role (and not trying to resolve it from the role store). With this model, it's no longer possible for outside users to use the internal role (it's fully internal)

 - Consolidated the notion of an `InternalClient` (in Marvel it was knows as the `SecuredClient`). This is an ES client that xpack is using to manage itself. If shield is enabled, it will execute all request on behalf of the internal xpack user.

 - Removed the verification of the license plugin on plugin installation - no need to do it anymore as the license plugin is part of the distribution.

Original commit: elastic/x-pack-elasticsearch@c851410f93
2016-02-02 18:05:01 +01:00
Tanguy Leroux 766fc3273b Fix compilation errors
From elasticsearch core commit 10b5ffcda5

Original commit: elastic/x-pack-elasticsearch@d77909332f
2016-02-02 10:31:21 +01:00
Ryan Ernst 7519d035a7 Switch to UserError for cli tools
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#16359

Original commit: elastic/x-pack-elasticsearch@547b3f50e0
2016-02-01 17:38:42 -08:00
Joe Fleming 025a3713e7 Merge pull request elastic/elasticsearch#1386 from w33ble/ssh-dep
ES client - use ssh instead of https

Original commit: elastic/x-pack-elasticsearch@2fe24ab634
2016-02-01 14:18:06 -07:00
Tim Sullivan 9e38767fc8 Merge pull request elastic/elasticsearch#1407 from w33ble/fix/marvel-pack
Fixed to accommodate Packs

Original commit: elastic/x-pack-elasticsearch@e2f9271d61
2016-02-01 14:11:21 -07:00
Tim Sullivan 5f70696773 Merge pull request elastic/elasticsearch#1408 from w33ble/fix/shield-pack
Fix to accommodate Packs

Original commit: elastic/x-pack-elasticsearch@16c342d8be
2016-02-01 14:10:24 -07:00
jaymode c3b6146a72 shield: clean up hack to force switching to the system user for internal action
This commit cleans up the hack we had forcefully switching the request to execute under the system
user when a internal action gets triggered from a system request. The authorization service now tracks
the originating request in the context to allow us to validate if the request should be run as the system
user.

The system user should be used only when a user action causes an internal action, which needs to
be run by the system user.

Closes elastic/elasticsearch#1403

Original commit: elastic/x-pack-elasticsearch@4972df459f
2016-02-01 14:07:15 -05:00
uboness c9d54c0c83 Cleanup and refactoring
- removed `/_shield/roles` and `/_shield/users` endpoints (only keeping the singular forms)
 - fixed `ClearRealmsCacheTests` to use the correct endpoint for clearing the realms cache
 - used action name constants where possible in `InternalShieldUser`

Original commit: elastic/x-pack-elasticsearch@d1481de389
2016-02-01 19:51:43 +01:00
Ryan Ernst 3893ad9c5f Merge branch 'master' into remove_multicast
Original commit: elastic/x-pack-elasticsearch@7d107e88fc
2016-02-01 07:26:21 -08:00
uboness 96b2930ac7 Cleanup and refactoring
- Moved all role action classes to live under `o.e.s.action.role`
 - Moved all realm related action classes (for now just the clear cache) to live under `o.e.s.action.realm`
 - Moved all user action classes to live under `o.e.s.action.user`
 - Moved all the rest actions to live under `o.e.s.rest.action`
 - Changed the `clear role cache` endpoint to `/_shield/role/{id}/_clear_cache` (aligned with all other role endpoints)
 - Changed `InternalShieldUserHolder` to the `InternalShieldUser` singleton user... to be aligned with `InternalMarvelUser` and `InternalWatcherUser`.
 - Removed the dedicated audit log user. The new `InternalShieldUser` is now the user that manages and writes to the audit log indices
 - Extracted the `User.System` class to a top level `InternalSystemUser` class (to be aligned with the other internal user classes)
 - Removed the `SystemRole` class (the `InternalSystemUser` class now holds all the needed info/logic)

Original commit: elastic/x-pack-elasticsearch@cf82b257d1
2016-02-01 13:08:38 +01:00
Alexander Reelsen c226590e77 Watcher tests: Fix imports resulting in checkstyle exceptions
Original commit: elastic/x-pack-elasticsearch@1e55ca7bf1
2016-02-01 11:14:30 +01:00
Simon Willnauer 2698441770 Fix test compilation failures
Original commit: elastic/x-pack-elasticsearch@5d166a63fa
2016-02-01 10:54:18 +01:00
Simon Willnauer 9c0ae6411c Fix test compilation failures
Original commit: elastic/x-pack-elasticsearch@303df9b9dd
2016-02-01 10:51:49 +01:00
Boaz Leskes d27b9b4b41 Migrate the rest of NettyTransport settings to the new infra
Also does some consistency clean up, renaming trasnport.netty.* settings to transport.*

Closes elastic/elasticsearch#1397

Relates to https://github.com/elastic/elasticsearch/pull/16307

Original commit: elastic/x-pack-elasticsearch@4a128ff68c
2016-02-01 10:41:16 +01:00
Alexander Reelsen 0fe7716459 HttpClient: Prevent NPE when no path is specified
Original commit: elastic/x-pack-elasticsearch@47f26a5850
2016-02-01 10:37:51 +01:00
Simon Willnauer 6287a1300a Catch IOExcption after core change
Original commit: elastic/x-pack-elasticsearch@1fa5a3dc82
2016-02-01 10:27:33 +01:00
Alexander Reelsen 4a686f04cf Watcher: Do not encode URLs in HttpClient
When using a path like `"/<logstash-{now%2Fd}>/_search"` in the
http webhook. The already escaped slash (%2F) got escaped twice
and thus did not work any more.

The escaping happened when the code created an URI and was done
as part of that constructor. This is now switched to an URL (which
is used at the end anyway) which does not do the escaping, even though
this was required for the query string, which is now done when constructing.

Closes elastic/elasticsearch#1364

Original commit: elastic/x-pack-elasticsearch@861b6d2378
2016-02-01 09:19:07 +01:00
Ryan Ernst 131fd679b9 Remove multicast references
Xplugins side of elastic/elasticsearch#16326

Original commit: elastic/x-pack-elasticsearch@10d3ec2ebb
2016-01-31 17:44:18 -08:00
Jason Tedor e13a5e695a Uppercase ells ('L') in long literals
This commit removes all lowercase ells ('l') in long literals because
they are often hard to distinguish from the digit representing one
('1').

Closes elastic/elasticsearch#1414

Original commit: elastic/x-pack-elasticsearch@98b38705fb
2016-01-30 22:18:02 -05:00
Lukas Olson 9f886665fa Merge pull request elastic/elasticsearch#1371 from lukasolson/kibana-shield-users
Kibana/Shield: Implement Kibana server user APIs

Original commit: elastic/x-pack-elasticsearch@b71d615570
2016-01-29 14:31:09 -07:00
Tanguy Leroux 970c95b6a8 Marvel: various tests fixes
Two regressions have been introduced in elastic/x-pack@156d9e4d5b: marvel index templates should not be deleted between tests and checking for marvel indices existence should not fail with IndexNotFoundException when the indices are not yet created and Shield enabled.

closes elastic/elasticsearch#1396 elastic/elasticsearch#1394 elastic/elasticsearch#1382

In MultiNodesStatsTests.java, multiple nodes are started in async: the first node may collect marvel data multiple times when the last one just started. So we should not check for exact 1 doc per node but at least 1 doc per node.

closes elastic/elasticsearch#1370

In HttpExporterTemplateTests.java, we must compare a long count with a long value.

Original commit: elastic/x-pack-elasticsearch@732fef995a
2016-01-29 17:25:07 +01:00
Alexander Reelsen 4e1d44110b Marvel: Fix compilation issues in tests
Original commit: elastic/x-pack-elasticsearch@9ffc4c501b
2016-01-29 15:15:25 +01:00
Alexander Reelsen 7147354525 Marvel: Fix compilation problem
Original commit: elastic/x-pack-elasticsearch@4db33fc6ab
2016-01-29 15:12:18 +01:00
Alexander Reelsen 8635d264ae Shield: Give native stores possibility to exit poller loop
Similar to the lifecycle services, stopping the shield lifecycle should
also ensure that the poller threads are stopped, which is tricky, in case
they run through huge user/role lists.

Original commit: elastic/x-pack-elasticsearch@7a48f19853
2016-01-29 10:16:15 +01:00
Lee Hinman 7331f8b179 Merge remote-tracking branch 'dakrone/document-shield-apis'
Original commit: elastic/x-pack-elasticsearch@321b5bfc80
2016-01-28 15:59:12 -07:00
Ali Beyad e2feb61297 IndexStatsTests.testIndexStats awaits a fix on elastic/elasticsearch#1396
Original commit: elastic/x-pack-elasticsearch@0db738f324
2016-01-28 17:32:53 -05:00
jaymode 4b6ac7ceb8 shield: restore non-empty original contexts
Restoring empty contexts causes issues with searches, but failure to restore the
original context when executing index requests that auto-create results in a
the index operation being tried by the system user.

See elastic/elasticsearch#1380

Original commit: elastic/x-pack-elasticsearch@522f857de7
2016-01-28 14:07:59 -05:00
jaymode 1b4bac8203 shield: only restore the original if we forcefully replaced it
Original commit: elastic/x-pack-elasticsearch@347a4dba3f
2016-01-28 12:50:46 -05:00
Tanguy Leroux 19545596cf Marvel: Fix NodeStatsRendererTests and NodeStatsTests on Windows
Load average is not available anymore on Windows, the tests should not check the presence of the field. Also, "node_stats.json" file is hard to maintain and quite useless so this commit removes it.

Original commit: elastic/x-pack-elasticsearch@74d2e0dce6
2016-01-28 16:59:05 +01:00
jaymode 75894e6b38 shield: also restore original context to transport handlers
See elastic/elasticsearch#1380

Original commit: elastic/x-pack-elasticsearch@afbd964f18
2016-01-28 10:54:45 -05:00
jaymode 9c080681d8 shield: restore the original context when the listener is called
Also, restores running the watcher tests.

See elastic/elasticsearch#1380

Original commit: elastic/x-pack-elasticsearch@0e0c748c04
2016-01-28 09:48:26 -05:00
Boaz Leskes 0b73e3ef33 Update to incorporate changes made in Netty settings in elasticsearch elastic/elasticsearch#16200
Original commit: elastic/x-pack-elasticsearch@0e54a24519
2016-01-28 15:24:59 +01:00
Boaz Leskes dfb9068e33 Update Index usage to elasticsearchelastic/elasticsearch#16217
elasticsearchelastic/elasticsearch#16217 changed the Index class to also include index UUIDs . This commit adapts the code for it.

Closes elastic/elasticsearch#1377

Original commit: elastic/x-pack-elasticsearch@87c909c15a
2016-01-28 08:38:44 +01:00
jaymode 4012b4c7c6 test: mute watcher tests for now until. See elastic/elasticsearch#1380
Original commit: elastic/x-pack-elasticsearch@f8d9053ef6
2016-01-27 18:14:11 -05:00
jaymode 634b3edf4e only set the client instance once in the proxy
Original commit: elastic/x-pack-elasticsearch@55eb6288db
2016-01-27 14:24:41 -05:00
jaymode 7645698070 go back to setting the shield user header
Original commit: elastic/x-pack-elasticsearch@0921bd27a9
2016-01-27 13:48:51 -05:00
jaymode dcf9074c4f fix compile after change to Client settings in core
Original commit: elastic/x-pack-elasticsearch@ab069484a6
2016-01-27 12:33:35 -05:00
Jay Modi d587ace5f1 Merge pull request elastic/elasticsearch#1374 from jaymode/request_context
replace ContextAndHeaders with ThreadContext

Original commit: elastic/x-pack-elasticsearch@469ab3f5a1
2016-01-27 11:30:00 -05:00
jaymode ee7a109827 add comments about client wrapping and add ClientWithUser
Original commit: elastic/x-pack-elasticsearch@472c6dbd80
2016-01-27 10:16:14 -05:00
jaymode ed7c4273c3 test: remove check in ClearRolesCacheTests that is prone to failure
This removes a check in the ClearRolesCacheTests that is prone to failure due to the
possibility of the cache poller running while we modify documents and updating cached
values prior to the test issuing the get roles call.

See elastic/elasticsearch#1354

Original commit: elastic/x-pack-elasticsearch@ba0b803466
2016-01-27 09:25:59 -05:00
jaymode e82c969959 migrate from ContextAndHeaders to ThreadContext
This change migrates all of the xpack code to use the new ThreadContext when
dealing with headers and context data. For the most part this is a simple
cutover, but there are some things that required special casing. The internal
actions that executed by a user's requests need to forcefully drop the context
and set the system user. The workaround for this will be improved in a followup.
Additionally, the RequestContext still lives on due to the OptOutQueryCache,
which requires some core changes to fix this issue.

Original commit: elastic/x-pack-elasticsearch@87d2966d93
2016-01-27 08:02:01 -05:00
Jason Tedor d02ddece8f Merge pull request elastic/elasticsearch#1375 from jasontedor/script-settings
Script settings

Original commit: elastic/x-pack-elasticsearch@a2f4da6784
2016-01-27 06:54:24 -05:00
Simon Willnauer 6c290d22c1 Fix renamed constant
Original commit: elastic/x-pack-elasticsearch@709cd849b2
2016-01-27 11:55:15 +01:00
Adrien Grand 11125797bc Fix mapping definitions.
Original commit: elastic/x-pack-elasticsearch@609f12602e
2016-01-27 09:26:05 +01:00