This commit removes and now forbids all uses of the type-unsafe empty
Collections fields Collections#EMPTY_LIST, Collections#EMPTY_MAP, and
Collections#EMPTY_SET. The type-safe methods Collections#emptyList,
Collections#emptyMap, and Collections#emptySet should be used instead.
Relates elastic/elasticsearchelastic/elasticsearch#15187
Original commit: elastic/x-pack-elasticsearch@99f6fdd3a6
Now that mappers are registered at the index level, Shield is the last user
of Plugin.onIndexService. Yet this can be implemented on the IndexModule by
registering a listener on index creation.
Once this change is merged, we can remove Plugin.onIndexService entirely.
Original commit: elastic/x-pack-elasticsearch@fba6809949
Kibana 4.3 now uses the field_stats api to pre-flight all search
requests to any configured index patterns, so shield needs to allow it.
Original commit: elastic/x-pack-elasticsearch@793ad01424
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#14986, making use of
the simplification in configuration.
Original commit: elastic/x-pack-elasticsearch@a24ad7b08a
This adds back the shield qa rest tests module with gradle. There is
also a small fix in ShieldPlugin for a bug that was discovered around
checking for a custom query cache (which was using the node settings
instead of index settings).
Original commit: elastic/x-pack-elasticsearch@28c6d58f37
Although the build passes on the command line the Eclipse compiler complains that the client.execute() call on line 216 does not have correct arguments because of the lack of generics. This changes adds the generics to the action variable to solve the error in Eclipse. The change is very low risk and should not adversely affect the build on the command line nor in intelliJ IDEA
Original commit: elastic/x-pack-elasticsearch@08f3548556
A number of unused files still exist for maven assemblies and ant
integration test overrides. This change removes them. There are still
some files left which need to be examined more, for instance, the shield
overrides ant file.
Original commit: elastic/x-pack-elasticsearch@1d9b277ff0
Followup to https://github.com/elastic/elasticsearch/pull/14914
Shield has to request read-write access to all system properties
due to silliness in UnboundID sdk (556a203094/src/com/unboundid/util/Debug.java (L166))
We should followup with a pull request to them, to not use System.getProperties() here which
returns a mutable map (hence: read-write to "*").
Furthermore, the hack has to be wrapped in another hack because gradle doesn't add
shield's plugin metadata to the classpath. Of course, if we weren't testing with two
plugins in the classpath (which is not very realistic) this would be a non-issue.
Original commit: elastic/x-pack-elasticsearch@612cacde6a
This change removes the project attachment support, and instead relies
on x-plugins being checked out under extra-plugins/x-plugins within an
elasticsearch checkout. The only real change, other than removing
unnecessary code, was to rename the license/core project because gradle
project substitution has a bug which causes it to try and use ES core as
the substitution. (Unfortunately this is not reproduceable with a simple
example, so I have not yet filed an issue with gradle).
Original commit: elastic/x-pack-elasticsearch@fa315ffcb5
This change disables document and field level security by default so that we are able to maintain
bulk update functionality. Users that enable DLS/FLS will not have this functionality. Additionally,
if a user tries to configure DLS/FLS in a role without enabling it, the role will be skipped during
parsing and a log message will be logged at the error level.
See elastic/elasticsearch#938
Original commit: elastic/x-pack-elasticsearch@60c7519092
This commit reverts a previous change where searcher were not wrapped when the RequestContext
could not be found. If DLS/FLS is enabled, which is the default, any bulk request that contains an
update request will not be permitted. This change also exposes the ability to completely disable DLS
and FLS so that users who are not using these features can still use bulk updates.
See elastic/elasticsearch#938
Original commit: elastic/x-pack-elasticsearch@513782db1c
Previously, when the RequestContext could not be located a FieldSubsetReader was returned that only
allowed meta fields to be read. This was done for safety in case there was an API missed so we did not
leak data. However, this causes issues because some requests in elasticsearch execute on a different
thread than the one with the RequestContext so we effectively lose this context and prevent access to
the fields in the document. This is especially problematic with update requests, because that means that
fields that aren't included in the updated document will be lost.
This commit removes the wrapping of the readers in this case and adds tests for bulk updates.
Closeselastic/elasticsearch#938
Original commit: elastic/x-pack-elasticsearch@74c8059da0
In elastic/elasticsearchelastic/elasticsearch#14668, transitive dependencies were removed
from elasticsearch, and plugins now no longer get transitive deps
either. This commit fixes xplugins to remove transitive deps.
Original commit: elastic/x-pack-elasticsearch@5c41657b6e
Currently, running any task while attached to elasticsearch will also
try to run that task in all elasticsearch projects. This change causes
x-plugins to be moved into a subproject when attached. It does this by
dynamically creating a fake root project, and making this root project
think it is attached to the existing attachments, along with x-plugins
itself.
This also fixes buildSrc so attachment to elasticsearch's buildSrc
actually works.
Original commit: elastic/x-pack-elasticsearch@da0adf1da5
This commit adds SuppressForbidden annotations to command line tools to
still allow to call System#exit() (see also issue 12596 in ES core).
Original commit: elastic/x-pack-elasticsearch@1dd3f1dcb1