Commit Graph

796 Commits

Author SHA1 Message Date
Robert Muir e06cae84f3 only allow code to bind to the user's configured port numbers/ranges
Random code shouldn't be listening on sockets elsewhere.

Today its the wild west, but we only need to grant access to what the user configured.

This means e.g. multicast plugin has to declare its intentions in its security.policy

Closes #14549
2015-11-07 12:22:12 -05:00
Christoph Büscher 40f82de4a1 Tests: make sure to load timezones in parent classloader
When GroovySecurityTests are run before any other test using
time zones, joda ZoneInfoProvider fails to load the time zones
correctly and never tries again later. This makes sure we load it
correctly on startup.

Relates to #14524
2015-11-06 11:11:28 +01:00
Simon Willnauer 94bed42213 Simplify plugin API and fix IndexService internal allocation 2015-11-05 13:16:35 +01:00
Simon Willnauer a311491c8e decouple IndexingMemoryController from IndexShard 2015-11-05 11:18:11 +01:00
Simon Willnauer 487af301ea Remove guice from the index level
This commit removes guice from the index level and adds a simple extension point
to add class instances with an index-lifecycle scope.
2015-11-05 11:18:11 +01:00
Robert Muir 79467a138a Add property permissions so groovy scripts can serialize json
Allowing read to these properties is not really dangerous, even if
the code surrounding them is.

Closes #14488
2015-11-03 15:21:55 -05:00
Robert Muir 7e6008f0b9 refactor GroovySecurityTests into a unit test.
This was basically a resurrected form of the tests for the old sandbox.
We use it to check that groovy scripts some degree of additional containment.

The other scripting plugins (javascript, python) already have this as a unit test,
its much easier to debug any problems that way.

closes #14484
2015-11-03 13:39:17 -05:00
Robert Muir b6a2318563 upgrade rhino for plugins/lang-javascript
the current jar is over 3 years old, we should upgrade it for bugfixes.
the current integration could be more secure: set a global policy and enforce additional (compile-time) checks

closes #14466
2015-11-03 09:53:07 -05:00
David Pilato 7bbd2a1513 Fix test for ec2 discovery
See #14155
2015-11-02 15:33:36 +01:00
David Pilato 77521560ed Merge branch 'ec2-improve-disco-nodes' of https://github.com/chaudum/elasticsearch into chaudum-ec2-improve-disco-nodes 2015-11-02 14:52:08 +01:00
David Pilato 1b98e1b1ad Adding US-Gov-West for S3
Follow up for #14358
2015-11-02 14:38:03 +01:00
David Pilato bcc372a29e Merge branch 'aws-gov-west' of https://github.com/amos6224/elasticsearch-1 into amos6224-aws-gov-west 2015-11-02 14:32:23 +01:00
Robert Muir 3961c9b58b fix eclipse (again) 2015-10-31 02:39:35 -04:00
Ryan Ernst b6dee6bd43 Merge pull request #14375 from rjernst/sweep_up_maven
Remove maven pom files and supporting ant files
2015-10-30 18:59:11 -07:00
Areek Zillur 13b60e1b92 update to lucene-5.4.x-snapshot-1711508 2015-10-30 15:42:02 -04:00
Nik Everett 28633fae21 [mapping] Remove transform
Removes the mapping transform feature which when used made debugging very
difficult. Users should transform their documents on the way into
Elasticsearch rather than having Elasticsearch do it.

Closes #12674
2015-10-30 11:46:54 -04:00
Simon Willnauer aa38d053d7 Simplify Analysis registration and configuration
This change moves all the analysis component registration to the node level
and removes the significant API overhead to register tokenfilter, tokenizer,
charfilter and analyzer. All registration is done without guice interaction such
that real factories via functional interfaces are passed instead of class objects
that are instantiated at runtime.

This change also hides the internal analyzer caching that was done previously in the
IndicesAnalysisService entirely and decouples all analysis registration and creation
from dependency injection.
2015-10-30 11:40:18 +01:00
Ryan Ernst 542522531a Build: Remove maven pom files and supporting ant files
This change removes the leftover pom files. A couple files were left for
reference, namely in qa tests that have not yet been migrated (vagrant
and multinode). The deb and rpm assemblies also still exist for
reference when finishing their setup in gradle.

See #13930
2015-10-29 23:53:49 -07:00
xuzha b3090d654a Add AWS Canned ACL support
User could set cannedACL, S3 repository would use this cannedACL to
create s3 object and bucket.
2015-10-29 11:48:02 -07:00
Ryan Ernst c86100f636 Switch build system to Gradle
See #13930
2015-10-29 11:40:19 -07:00
Robert Muir 1194cd0bdc Add threadgroup isolation.
Closes #14353

Squashed commit of the following:

commit edae0729f71ea3d3f9fa9c0d27c9effc042eb5a9
Author: Robert Muir <rmuir@apache.org>
Date:   Thu Oct 29 14:13:42 2015 -0400

    update sha1 and simplify test

commit 635c4f245d66ad353a16267c810e02b725553fad
Author: Robert Muir <rmuir@apache.org>
Date:   Thu Oct 29 07:01:26 2015 -0400

    Add threadgroup isolation.

    Code with `modifyThread` and `modifyThreadGroup` may only modify
    its own threadgroup (or an ancestor of that). This enforces
    what is intended by the ThreadGroup class.

    This has two immediate implications:
    1. Code without these permissions (scripts) may not create or mess with threads
    2. ES application threads cannot mess with Java system threads

    ES puts all application threads in one single group today, but in the future
    this can be organized better, and we will have more isolation in the system.
2015-10-29 14:14:27 -04:00
Jeff Destine a8268ba37d Adding US-Gov-West 2015-10-29 13:09:11 -04:00
Christian Haudum 3334160003 improved building of disco nodes
* improved retry policy of ec2 client
* cache results for 10s
2015-10-29 18:07:52 +01:00
Nicholas Knize 8c535e0f6e Refactor Geo utilities to Lucene 5.4
Remove local lucene/XGeo* classes and refactor to Lucene 5.4 Geo Utility classes.
2015-10-28 11:41:56 -05:00
Adrien Grand 2ed02f9eb3 Merge pull request #14320 from jpountz/upgrade/lucene-5.4-snapshot-1710880
Upgrade to lucene-5.4-snapshot-1710880.
2015-10-28 14:45:45 +01:00
javanna ea750de39f Explain api: move query parsing to the coordinating node
Similarly to what we did with the search api, we can now also move query parsing on the coordinating node for the explain api. Given that the explain api is a single shard operation (compared to search which is instead a broadcast operation), this doesn't change a lot in how the api works internally. The main benefit is that we can simplify the java api by requiring a structured query object to be provided rather than a bytes array that will get parsed on the data node. Previously if you specified a QueryBuilder it would be serialized in json format and would get reparsed on the data node, while now it doesn't go through parsing anymore (as expected), given that after the query-refactoring we are able to properly stream queries natively.

Closes #14270
2015-10-28 10:42:03 +01:00
Adrien Grand 43958db10b Upgrade to lucene-5.4-snapshot-1710880. 2015-10-28 09:34:54 +01:00
Simon Willnauer 935a8fc3d4 Merge pull request #14306 from s1monw/no_lenient_on_module
Don't be lenient in PluginService#processModule(Module)
2015-10-27 16:52:21 +01:00
Simon Willnauer 6fbfdb0e12 remove broken Stream registration API 2015-10-27 16:25:58 +01:00
javanna dc900a08a6 Remove "query" query and fix related parsing bugs
We have two types of parse methods for queries: one for the inner query, to be used once the parser is positioned within the query element, and one for the whole query source, including the query element that wraps the actual query.

With the search refactoring we ended up using the former in count, cat count and delete by query, whereas we should have used the former.  It ends up working properly given that we have a registered (deprecated) query called "query", which used to allow to wrap a filter into a query, but this has the following downsides:
1) prevents us from removing the deprecated "query" query
2) we end up supporting a top level query that is not wrapped within a query element (pre 1.0 syntax iirc that shouldn't be supported anymore)

This commit finally removes the "query" query and fixes the related parsing bugs. We also had some tests that were providing queries in the wrong format, those have been fixed too.

Closes #13326
Closes #14304
2015-10-27 14:54:30 +01:00
Simon Willnauer a5e5a5025b Fold IndexCacheModule into IndexModule
This commit brings all the registration etc. from IndexCacheModule into
IndexModule. As a side-effect to remove a circular dependency between
IndicesService and IndicesWarmer this commit also cleans up IndicesWarmer and
separates the Engine from the warmer.
2015-10-27 11:21:30 +01:00
Simon Willnauer cc3532f593 Remove circular dependency between IndicesService and IndicesStore
This commit introduces a new IndexStoreConfig that is passed to
IndexStore instances instead it's pretty messy parent service.
2015-10-26 20:56:01 +01:00
Simon Willnauer cdcc5da756 Remove unused import 2015-10-26 14:23:28 +01:00
Simon Willnauer 5ffdf15f02 Remove guice injection from IndexStore and friends
This commit replaces dependency injection from IndexStore and subclasses
and replaces it with dedicated set of dependencies.
2015-10-26 12:32:34 +01:00
Simon Willnauer beac4b17be Merge pull request #14251 from s1monw/trash_index_settings
Replace IndexSettings annotation with a full-fledged class
2015-10-24 15:38:46 +02:00
Robert Muir 6c8e290322 Allow binding to multiple addresses
* Allow for multiple host specifications (e.g. _en0_,192.168.1.2,_site_).
* Add _site_ and _global_ scopes as counterparts to _local_.
* Warn on heuristic selection of publish address.
* Remove the arbitrary _non_loopback_ setting.

Closes #13954
2015-10-23 23:43:37 -04:00
Simon Willnauer 8a9dd871d3 Make IndexSettings also own the IndexMetaData and separate node settings 2015-10-23 10:53:39 +02:00
Simon Willnauer 66d5d0c4f2 Replace IndexSettings annotation with a full-fledged class
The @IndexSettings annoationat has been used to differentiate between node-level
and index level settings. It was also decoupled from realtime-updates such that
the settings object that a class got injected when it was created was static and
not subject to change when an update was applied. This change removes the annoation
and replaces it with a full-fledged class that adds type-safety and encapsulates additional
functionality as well as checks on the settings.
2015-10-22 20:43:41 +02:00
javanna 75cedca0da Remove search exists api
Closes #13682
Closes #13911
2015-10-21 17:39:32 +02:00
Adrien Grand 76231c89da Remove "uninverted" and "binary" fielddata support for numeric and boolean fields.
Numeric and boolean fields have doc values enabled by default as of
elasticsearch 2.0. This commit removes support for uninverted/in-memory
fielddata, as well as numeric fields encoded in binary doc values which was
the way that elasticsearch stored doc values in a Lucene index before the
1.4 release.

As a consequence, you will only be able to sort and aggregate on numeric and
boolean fields in Elasticsearch 3.0 if doc values have not been switched off.
2015-10-21 12:15:40 +02:00
Lee Hinman b3646f9bfc Merge remote-tracking branch 'dakrone/use-the-force-luke' 2015-10-20 21:13:18 -06:00
Nik Everett 2cc97a0d3e Remove and ban @Test
There are three ways `@Test` was used. Way one:

```java
@Test
public void flubTheBlort() {
```

This way was always replaced with:

```java
public void testFlubTheBlort() {
```

Or, maybe with a better method name if I was feeling generous.

Way two:

```java
@Test(throws=IllegalArgumentException.class)
public void testFoo() {
    methodThatThrows();
}
```

This way of using `@Test` is actually pretty OK, but to get the tools to ban
`@Test` entirely it can't be used. Instead:

```java
public void testFoo() {
    try {
        methodThatThrows();
        fail("Expected IllegalArgumentException");
    } catch (IllegalArgumentException e ) {
        assertThat(e.getMessage(), containsString("something"));
    }
}
```

This is longer but tests more than the old ways and is much more precise.
Compare:

```java
@Test(throws=IllegalArgumentException.class)
public void testFoo() {
    some();
    copy();
    and();
    pasted();
    methodThatThrows();
    code();  // <---- This was left here by mistake and is never called
}
```

to:

```java
@Test(throws=IllegalArgumentException.class)
public void testFoo() {
    some();
    copy();
    and();
    pasted();
    try {
        methodThatThrows();
        fail("Expected IllegalArgumentException");
    } catch (IllegalArgumentException e ) {
        assertThat(e.getMessage(), containsString("something"));
    }
}
```

The final use of test is:

```java
@Test(timeout=1000)
public void testFoo() {
    methodThatWasSlow();
}
```

This is the most insidious use of `@Test` because its tempting but tragically
flawed. Its flaws are:
1. Hard and fast timeouts can look like they are asserting that something is
faster and even do an ok job of it when you compare the timings on the same
machine but as soon as you take them to another machine they start to be
invalid. On a slow VM both the new and old methods fail. On a super-fast
machine the slower and faster ways succeed.
2. Tests often contain slow `assert` calls so the performance of tests isn't
sure to predict the performance of non-test code.
3. These timeouts are rude to debuggers because the test just drops out from
under it after the timeout.

Confusingly, timeouts are useful in tests because it'd be rude for a broken
test to cause CI to abort the whole build after it hits a global timeout. But
those timeouts should be very very long "backstop" timeouts and aren't useful
assertions about speed.

For all its flaws `@Test(timeout=1000)` doesn't have a good replacement __in__
__tests__. Nightly benchmarks like http://benchmarks.elasticsearch.org/ are
useful here because they run on the same machine but they aren't quick to check
and it takes lots of time to figure out the regressions. Sometimes its useful
to compare dueling implementations but that requires keeping both
implementations around. All and all we don't have a satisfactory answer to the
question "what do you replace `@Test(timeout=1000)`" with. So we handle each
occurrence on a case by case basis.

For files with `@Test` this also:
1. Removes excess blank lines. They don't help anything.
2. Removes underscores from method names. Those would fail any code style
checks we ever care to run and don't add to readability. Since I did this manually
I didn't do it consistently.
3. Make sure all test method names start with `test`. Some used to end in `Test` or start
with `verify` or `check` and they were picked up using the annotation. Without the
annotation they always need to start with `test`.
4. Organizes imports using the rules we generate for Eclipse. For the most part
this just removes `*` imports which is a win all on its own. It was "required"
to quickly remove `@Test`.
5. Removes unneeded casts. This is just a setting I have enabled in Eclipse and
forgot to turn off before I did this work. It probably isn't hurting anything.
6. Removes trailing whitespace. Again, another Eclipse setting I forgot to turn
off that doesn't hurt anything. Hopefully.
7. Swaps some tests override superclass tests to make them empty with
`assumeTrue` so that the reasoning for the skips is logged in the test run and
it doesn't "look like" that thing is being tested when it isn't.
8. Adds an oxford comma to an error message.

The total test count doesn't change. I know. I counted.
```bash
git checkout master && mvn clean && mvn install | tee with_test
git no_test_annotation master && mvn clean && mvn install | tee not_test
grep 'Tests summary' with_test > with_test_summary
grep 'Tests summary' not_test > not_test_summary
diff with_test_summary not_test_summary
```

These differ somewhat because some tests are skipped based on the random seed.
The total shouldn't differ. But it does!
```
1c1
< [INFO] Tests summary: 564 suites (1 ignored), 3171 tests, 31 ignored (31 assumptions)
---
> [INFO] Tests summary: 564 suites (1 ignored), 3167 tests, 17 ignored (17 assumptions)
```

These are the core unit tests. So we dig further:
```bash
cat with_test | perl -pe 's/\n// if /^Suite/;s/.*\n// if /IGNOR/;s/.*\n// if /Assumption #/;s/.*\n// if /HEARTBEAT/;s/Completed .+?,//' | grep Suite > with_test_suites
cat not_test | perl -pe 's/\n// if /^Suite/;s/.*\n// if /IGNOR/;s/.*\n// if /Assumption #/;s/.*\n// if /HEARTBEAT/;s/Completed .+?,//' | grep Suite > not_test_suites
diff <(sort with_test_suites) <(sort not_test_suites)
```

The four tests with lower test numbers are all extend `AbstractQueryTestCase`
and all have a method that looks like this:

```java
@Override
public void testToQuery() throws IOException {
    assumeTrue("test runs only when at least a type is registered", getCurrentTypes().length > 0);
    super.testToQuery();
}
```

It looks like this method was being double counted on master and isn't anymore.

Closes #14028
2015-10-20 17:37:36 -04:00
Nik Everett 2eff063341 Merge pull request #14215 from nik9000/retry_gce_test_to_estestcase
Convert GCE test to ESTestCase
2015-10-20 17:21:25 -04:00
Nik Everett 6074f631d0 [test] Convert GCE test to ESTestCase
And work around GCE's annoying security issues that that exposed.

Required for #14069
2015-10-20 14:55:34 -04:00
Christoph Büscher 5d25bc30cd Query DSL: Remove NotQueryBuilder
The NotQueryBuilder has been deprecated on the 2.x branches
and can be removed with the next major version. It can be
replaced by boolean query with added mustNot() clause.

Closes #13761
2015-10-20 19:43:16 +02:00
Lee Hinman 9ea4909035 Add Force Merge API, deprecate Optimize API
This adds an API for force merging lucene segments. The `/_optimize` API is now
deprecated and replaced by the `/_forcemerge` API, which has all the same flags
and action, just a different name.
2015-10-20 09:00:24 -06:00
Jason Tedor 1b461a7f9d Remove mistakenly committed build output files
This commit removes some build output files from the
burn_maven_with_fire_branch that appear to have been mistakenly
committed to master in bfb9054a11.
2015-10-20 08:34:51 -04:00
xuzha 1ae524bace Fix test bug to match windows /r 2015-10-19 12:41:52 -07:00
xuzha 1069ad9fad fix a test bug 2015-10-19 12:06:20 -07:00
xuzha 6a6e168b8b Adding backoff from retries on GCE errors
In case of any error while trying to get GCE instances list from GCE
API, elasticsearch will slow down its API calls.
2015-10-19 10:28:08 -07:00
javanna a6e7a5f307 Java api: remove the count api
Closes #14166
Closes #13928
2015-10-19 14:40:52 +02:00
Adrien Grand 5ae810991c Upgrade to lucene-5.4-snapshot-1708254. 2015-10-16 09:41:36 +02:00
Colin Goodheart-Smithe 63c51b78b2 review comment fixes 2015-10-15 11:34:31 +01:00
Colin Goodheart-Smithe c618f75b76 Merge branch 'master' into feature/search-request-refactoring
# Conflicts:
#	core/src/main/java/org/elasticsearch/search/SearchService.java
2015-10-15 11:02:34 +01:00
Robert Muir 5d001d1578 Decentralize plugin security
* Add ability for plugins to declare additional permissions with a custom plugin-security.policy file and corresponding AccessController logic. See the plugin author's guide for more information.
* Add warning messages to users for extra plugin permissions in bin/plugin.
* When bin/plugin is run interactively (stdin is a controlling terminal and -b/--batch not supplied), require user confirmation.
* Improve unit test and IDE support for plugins with additional permissions by exposing plugin's metadata as a maven test resource.

Closes #14108

Squashed commit of the following:

commit cf8ace65a7397aaccd356bf55f95d6fbb8bb571c
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Oct 14 13:36:05 2015 -0400

    fix new unit test from master merge

commit 9be3c5aa38f2d9ae50f3d54924a30ad9cddeeb65
Merge: 2f168b8 7368231
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Oct 14 12:58:31 2015 -0400

    Merge branch 'master' into off_my_back

commit 2f168b8038e32672f01ad0279fb5db77ba902ae8
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Oct 14 12:56:04 2015 -0400

    improve plugin author documentation

commit 6e6c2bfda68a418d92733ac22a58eec35508b2d0
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Oct 14 12:52:14 2015 -0400

    move security confirmation after 'plugin already installed' check, to prevent user from answering unnecessary questions.

commit 08233a2972554afef2a6a7521990283102e20d92
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Oct 14 05:36:42 2015 -0400

    Add documentation and pluginmanager support

commit 05dad86c51488ba43ccbd749f0164f3fbd3aee62
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Oct 14 02:22:24 2015 -0400

    Decentralize plugin permissions (modulo docs and pluginmanager work)
2015-10-14 14:46:45 -04:00
Colin Goodheart-Smithe 6819224d2c Merge branch 'master' into feature/search-request-refactoring
# Conflicts:
#	core/src/main/java/org/elasticsearch/search/SearchService.java
#	core/src/test/java/org/elasticsearch/cluster/ClusterStateDiffIT.java
#	core/src/test/java/org/elasticsearch/search/fetch/FetchSubPhasePluginIT.java
2015-10-12 12:54:14 +01:00
Jason Tedor 9a9a6a4b3b Remove Guava as a dependency
This commit removes Guava as a dependency. Note that Guava will remain
as a test-only dependency (transitively through Jimfs).

Closes #13224
2015-10-09 14:19:22 -04:00
Nik Everett d9e11e4b39 Merge branch 'master' into immutable_map_be_gone 2015-10-09 12:04:03 -04:00
Nik Everett bfb9054a11 Remove addAll(Collection, Iterable<ObjectCursor>)
It was used just one time and didn't add any value.
2015-10-09 10:12:54 -04:00
Adrien Grand 7400cbe5fd Remove UpdateTests' dependency on groovy.
This test had to be moved to lang-groovy when groovy has been made a plugin.
I refactored it a bit to use mock plugins instead so that groovy is not
necessary anymore and it can come back to core.
2015-10-08 16:19:00 +02:00
Colin Goodheart-Smithe 4557d1b560 Merge branch 'master' into feature/search-request-refactoring
# Conflicts:
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/FunctionScoreTests.java
2015-10-08 11:39:34 +01:00
David Pilato c73ab50df1 Rename cloud-gce plugin to discovery-gce plugin
Follow up azure and aws splits, we need to be consistent and rename `cloud-gce` to `discovery-gce`.
2015-10-08 06:53:37 +02:00
David Pilato 289cd5dcf4 [discovery-gce] add _gce_ network host setting
When running in GCE platform, an instance has access to:

http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip

Which gives back the private IP address, for example `10.240.0.2`.

http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/externalIp

Gives back the public Ip address, for example `130.211.108.21`.

As we have for `ec2`, we can support new network host settings:

* `_gce:privateIp:X_`: The private IP address of the machine for a given network interface.
* `_gce:hostname_`: The hostname of the machine.
* `_gce_`: Same as `_gce:privateIp:0_` (recommended).

Closes #13605.
Closes #13590.

BTW resolveIfPossible now throws IOException so code is also updated for ec2 discovery and
some basic tests have been added.
2015-10-07 22:04:34 +02:00
Colin Goodheart-Smithe ee5d2847b5 more clean up 2015-10-07 15:34:21 +01:00
Colin Goodheart-Smithe 5b23d9abdc more test clean ups 2015-10-07 15:29:13 +01:00
Britta Weber 871df97e18 Merge pull request #13961 from brwe/function-score-unit-tests
Convert some messy function score tests to unit tests
2015-10-07 14:51:22 +02:00
Boaz Leskes bcb3fab6ac Engine: Remove Engine.Create
The `_create` API is handy way to specify an index operation should only be done if the document doesn't exist. This is currently implemented in explicit code paths all the way down to the engine. However, conceptually this is no different than any other versioned operation - instead of requiring a document is on a specific version, we require it to be deleted (or non-existent). This PR removes Engine.Create in favor of a slight extension in the VersionType logic.

There are however a couple of side effects:
- DocumentAlreadyExistsException is removed and VersionConflictException is used instead (with an improved error message)
- Update will reject version parameters if the upsert option is used (it doesn't compute anyway).
- Translog.Create is also removed infavor of Translog.Index (that's OK because their binary format was the same, so we can just read Translog.Index of the translog file)

Closes #13955
2015-10-07 12:37:34 +02:00
javanna 1915c74e93 Merge branch 'master' into feature/search-request-refactoring 2015-10-06 16:21:58 +02:00
Robert Muir a798f4f711 prevent test failures from jython localization bugs.
see #13967
2015-10-06 10:17:19 -04:00
javanna 86be9db7b9 Fix some RequestBuilder#toString that produced broken json
Also restored a couple of old tests around search and count request builder that used to get wiped when calling toString.
2015-10-06 15:46:11 +02:00
Colin Goodheart-Smithe 669a5893bb fixed some NORELEASE comments in tests 2015-10-06 14:36:50 +01:00
Nik Everett bb2611d2f5 Merge branch 'master' into immutable_map_be_gone 2015-10-06 09:13:58 -04:00
javanna f89de33548 Merge branch 'master' into feature/search-request-refactoring 2015-10-06 14:28:31 +02:00
Adrien Grand 56c2c24f5a Remove ScriptEngineService.execute.
This methods was only used in tests and can be replaced by calling
`ScriptEngineService.executable(compiledScript, vars).run()` instead.
2015-10-06 13:27:27 +02:00
Britta Weber 473d25beed convert weight functions tests to unit tests 2015-10-06 12:08:59 +02:00
Britta Weber 0915adaa71 convert explain function score tests to unit tests 2015-10-06 11:20:35 +02:00
Adrien Grand bc98895d18 Remove ScriptEngineService.unwrap.
The ability to unwrap script values is already exposed via ExecutableScript.unwrap.
2015-10-06 10:30:15 +02:00
javanna d618a602ab [TEST] Simplify SearchQueryIT#testMinScore
This test used indexRandom to index 4 documents. indexRandom introduces also bogus documents which were getting on the way now that we use fieldValueFactor instead of a script to determine the script of the documents. Taken out indexRandom to simplify things and make the tests more predictable.
2015-10-06 10:17:59 +02:00
javanna 2fd1cde35e [TEST] move back some test from groovy plugin to core
Relates to #13837

Closes #13945
2015-10-06 09:19:54 +02:00
Nik Everett 380dbbfb23 Ban ImmutableMap$Builder in core's main
Almost there!
2015-10-05 15:42:17 -04:00
Nik Everett ba68a8df63 Merge branch 'master' into immutable_map_be_gone 2015-10-05 14:00:53 -04:00
Robert Muir 4ad1bf0716 Merge pull request #13924 from rmuir/ireallyhatescripts
lock down javascript and python script engines better
2015-10-05 11:29:26 -04:00
Colin Goodheart-Smithe a3a2432ebd Merge branch 'master' into feature/search-request-refactoring 2015-10-05 14:43:04 +01:00
Colin Goodheart-Smithe d59e959c80 rename RestActions.parseQuerySource() to RestActions.urlParamsToQueryBuilder() 2015-10-05 14:11:59 +01:00
javanna e8653f5156 Java api: IdsQueryBuilder to accept only non null ids and types
Types are still optional, but if you do provide them, they can't be null. Split the existing constructor that accepted nnull into two, one that accepts no arguments, and another one that accepts the types argument, which must be not null.

Also trimmed down different ways of setting ids, some were misleading as they would always add the ids to the existing ones and not set them, the add prefix makes that clear. Left `addIds` method that accepts a varargs argument. Added check for ids not be null.
2015-10-05 15:10:30 +02:00
Nik Everett dd8edd4015 Remove one usage of MapBuilder#immutableMap
It was causing the build to fail.
2015-10-05 08:52:09 -04:00
Colin Goodheart-Smithe ec51e8e31d Merge branch 'master' into feature/search-request-refactoring 2015-10-05 13:31:52 +01:00
Simon Willnauer d2e3e8cc7b more cleanups 2015-10-05 14:07:17 +02:00
Robert Muir 8ff42834e9 lock down javascript and python permissions 2015-10-04 17:13:47 -04:00
Jason Tedor 67d1c70c2d Remove and forbid use of com.google.common.hash.*
This commit removes and now forbids all uses of
com.google.common.hash.HashCode, com.google.common.hash.HashFunction,
and com.google.common.hash.Hashing across the codebase. This is one of
the few remaining steps in the eventual removal of Guava as a
dependency.

Relates #13224
2015-10-04 16:01:24 -04:00
David Pilato 216dcd9dd5 Merge branch 'pr/ec2-start-if-discovery-type' 2015-10-02 16:29:13 +02:00
Nik Everett ab7fa7fe9e Remove multi-arg ImmutableMap#of variants 2015-10-02 04:01:40 +02:00
Martijn van Groningen dc858d2008 test: fixed some messy tests 2015-09-30 21:48:17 +02:00
David Pilato 314f0749ae discovery-ec2 plugin should check `discovery.type`
As done in #13809 and in Azure, we should check that `discovery.type` is set to `ec2` before starting services.

Closes #13581.
2015-09-30 12:50:46 +02:00
javanna a3abfab865 Query refactoring: set has_parent & has_child types context properly
While refactoring has_child and has_parent query we lost an important detail around types. The types that the inner query gets executed against shouldn't be the main types of the search request but the parent or child type set to the parent query. We used to use QueryParseContext#setTypesWithPrevious as part of XContentStructure class which has been deleted, without taking care though of setting the types and restoring them as part of the innerQuery#toQuery call.

Meanwhile also we make sure that the original context types are restored in PercolatorQueriesRegistry

Closes #13863
2015-09-30 12:07:26 +02:00
Robert Muir 6d8c035f70 Add SpecialPermission to guard exceptions to security policy.
Closes #13854

Squashed commit of the following:

commit 42c1166efc55adda0d13fed77de583c0973e44b3
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 29 11:59:43 2015 -0400

    Add paranoia

    Groovy holds on to a classloader, so check it before compilation too.
    I have not reviewed yet what Rhino is doing, but just be safe.

commit b58668a81428e964dd5ffa712872c0a34897fc91
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 29 11:46:06 2015 -0400

    Add SpecialPermission to guard exceptions to security policy.

    In some cases (e.g. buggy cloud libraries, scripting engines), we must
    grant dangerous permissions to contained cases. Those AccessController blocks
    are dangerous, since they truncate the stack, and can allow privilege escalation.

    This PR adds a simple permission to check before each one, so that unprivileged code
    like groovy scripts, can't do anything they shouldn't be allowed to do otherwise.
2015-09-29 17:32:56 -04:00
xuzha 625d06cd76 cloud-gce plugin should check `discovery.type`
GCE plugin tries to start immediately gce discovery even if we don't
set discovery.type. This commmit adds check `discovery.type` and
other required parameters before loading gce plugin.

closes #13614
2015-09-29 10:26:12 -07:00
Colin Goodheart-Smithe 117d8d2606 Merge branch 'master' into feature/search-request-refactoring 2015-09-29 18:50:52 +02:00
Robert Muir eeeb42abef Clean up scripting permissions.
Now that groovy is factored out, we contain this dangerous stuff there.

TODO: look into those test hacks inspecting class protection domains, maybe we can
clean that one up too.

TODO: generalize the GroovyCodeSourcePermission to something all script engines check,
before entering accesscontrollerblocks. this way e.g. groovy script cannot coerce
python engine into creating something with more privs if it gets ahold of it... we
should probably protect the aws/gce hacks in the same way.
2015-09-29 09:54:12 -04:00
Colin Goodheart-Smithe 8426c14a6d fixed compile errors 2015-09-29 15:32:06 +02:00
Colin Goodheart-Smithe a21238beda Merge branch 'master' into feature/search-request-refactoring
# Conflicts:
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/ChildQuerySearchTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/IndexedScriptTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/SearchFieldsTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/SearchStatsTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/SearchTimeoutTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/messy/tests/SimpleSortTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/script/groovy/GroovyScriptTests.java
#	plugins/lang-groovy/src/test/java/org/elasticsearch/script/groovy/GroovySecurityTests.java
2015-09-29 14:40:27 +02:00
Lee Hinman 1811286a60 Fix compilation error due to empty <p> tag 2015-09-29 04:17:36 -06:00
Robert Muir e0d42739dd Factor groovy out of core into lang-groovy 2015-09-28 20:17:45 -04:00
Colin Goodheart-Smithe f1cf592020 Test Fixes 2015-09-25 10:28:15 +01:00
Colin Goodheart-Smithe 9f08d48d34 Merge branch 'feature/query-refactoring' into feature/search-request-refactoring
# Conflicts:
#	core/src/main/java/org/elasticsearch/index/query/IndexQueryParserService.java
#	core/src/test/java/org/elasticsearch/script/IndexedScriptIT.java
#	core/src/test/java/org/elasticsearch/script/OnDiskScriptIT.java
2015-09-25 10:14:53 +01:00
javanna 34de79370f Merge branch 'master' into feature/query-refactoring
Conflicts:
	core/src/main/java/org/elasticsearch/ElasticsearchException.java
2015-09-25 09:38:24 +02:00
Colin Goodheart-Smithe f54155195a fix lang js rest test (hopefully) 2015-09-23 23:34:42 +01:00
Colin Goodheart-Smithe a163a0fc89 fixed script language plugins rest tests to use correct script syntax 2015-09-23 22:47:37 +01:00
Colin Goodheart-Smithe 3c9e69e15f Parse query from deleteByQuery request body 2015-09-23 22:06:35 +01:00
Colin Goodheart-Smithe 6d307a3cfd delete by query rest test fix (maybe) 2015-09-23 21:42:09 +01:00
Jason Tedor 4fe243a5ca Merge pull request #13701 from jasontedor/fix-ping-timeout-settings-inconsistency
Fix ping timeout settings inconsistencies
2015-09-23 13:17:46 -04:00
Jason Tedor d8b29f7beb Fix ping timeout settings inconsistencies
This commit fixes ping timeout settings inconsistencies in
ZenDiscovery. In particular, the documentation refers to the ping
timeout setting as discovery.zen.ping_timeout but the code was
ultimately using discovery.zen.ping.timeout if this was set.

This commit also changes all instances of the raw string
“discovery.zen.ping_timeout” to the constant
o.e.d.z.ZenDiscovery.SETTING_PING_TIMEOUT.

Finally, this commit removes the legacy setting
"discovery.zen.initial_ping_timeout".

Closes #6579, #9581, #9908
2015-09-23 12:58:23 -04:00
Colin Goodheart-Smithe 3cb3514474 clean up for methods in SearchRequestBuilder so it works with SearchSourceBuilder 2015-09-23 10:44:23 +01:00
Colin Goodheart-Smithe e1759b1a60 cleanup codebase to work with SearchSourceBuilder 2015-09-23 10:44:22 +01:00
Robert Muir 6ab39c2e25 Remove -Xlint:-serial, the crazy exceptions are now gone 2015-09-22 20:51:11 -04:00
Robert Muir 689af1a6d6 Factor expressions scripts out to lang-expression plugin 2015-09-22 20:33:47 -04:00
Christoph Büscher 1aae68d2e8 Merge branch 'master' into feature/query-refactoring
Conflicts:
	core/src/main/java/org/elasticsearch/index/query/CommonTermsQueryBuilder.java
	core/src/main/java/org/elasticsearch/index/query/GeoPolygonQueryBuilder.java
	core/src/main/java/org/elasticsearch/index/query/MatchQueryBuilder.java
	core/src/main/java/org/elasticsearch/index/query/QueryParseContext.java
	core/src/main/java/org/elasticsearch/index/query/QueryParser.java
2015-09-22 12:43:55 +02:00
Robert Muir b582de79ae Merge pull request #13702 from rmuir/broke_javadocs
Fix all javadocs issues, re-enable compiler warnings (but disable on java 9 where maven is broken)
2015-09-22 00:46:31 -04:00
Robert Muir 2f67cacaa3 Fix all javadocs issues, re-enable compiler warnings (but disable on java9 where maven is broken) 2015-09-21 23:35:32 -04:00
Ryan Ernst 8aa6aec344 Merge pull request #13663 from rjernst/license_cleanup
Remove unnecessary copies of license and notice files
2015-09-21 18:04:57 -07:00
Robert Muir 7bcdae28ca Merge pull request #13695 from rmuir/factor_out_scripts
Get lang-javascript, lang-python, securemock ready for script refactoring
2015-09-21 15:44:08 -04:00
Robert Muir f0733bd829 Get lang-javascript, lang-python, securemock ready for script refactoring.
I want to refactor scripting engines so we can contain dangerous "God-like" permissions
like createClassloader/sun.reflect. These are used for dynamic class generation (scripts, mocks).
This will mean some refactoring to ES core.

But first lets get the plugins in order first. I removed those permissions globally, and
fixed grants for lang-javascript, lang-python, securemock so that everything works.

lang-javascript needs no code changes, because rhino is properly written :)
lang-python needs accesscontroller blocks. securemock was already working as of 1.1

This is just a baby step, to try to do some of this incrementally! It doesn't yet provide
us anything.
2015-09-21 15:13:17 -04:00
David Pilato f230eabc15 [cloud-azure] Split azure plugin in 3 plugins
Until now we had a cloud-azure plugin which is providing 3 distinct features:

* discovery on Azure
* snapshot/restore on Aure
* SMB store

This commit splits the plugin by feature so people can use either one or the other or both features.

Doc is updated accordingly.
2015-09-21 17:55:23 +02:00
David Pilato 859f63be6e Fix plugins/cloud-azure/licenses/azure-LICENSE.txt
Closes #13679.
2015-09-21 17:53:09 +02:00
Christoph Büscher cc69de5c5f Merge branch 'master' into feature/query-refactoring 2015-09-21 15:38:43 +02:00
Simon Willnauer 66cb36e9b3 update repository-s3 licenses 2015-09-19 07:41:30 +02:00
Ryan Ernst 18c519145d Remove unnecessary copies of license and notice files
We moved a lot of repositories into elasticsearch, but in their new
location they retained their LICENSE.txt and NOTICE.txt files. These are
all the same, and having the license and notice and the root of the
repository should be sufficient.
2015-09-18 17:48:30 -07:00
Simon Willnauer ed443a3752 update aws-java-sdk-ec2 sha1 hashes 2015-09-18 22:17:49 +02:00
Simon Willnauer 2da1baf546 Merge branch 'master' into feature/query-refactoring 2015-09-18 20:38:15 +02:00
David Pilato 8662b52be8 Merge branch 'update-aws-sdk' of https://github.com/schonfeld/elasticsearch into schonfeld-update-aws-sdk 2015-09-18 20:00:06 +02:00
David Pilato 8289ce827d Merge branch 'patch-1' of https://github.com/pandujar/elasticsearch into pandujar-patch-1 2015-09-18 16:22:28 +02:00
Michael Schonfeld cd33ff6fd8 move the aws sdk version parameter to plugins/pom.xml 2015-09-18 10:10:51 -04:00
Michael Schonfeld b94f32116c update s3 sdk version 2015-09-18 09:43:35 -04:00
Christoph Büscher bab9523c56 Merge branch 'master' into feature/query-refactoring
Conflicts:
	core/src/main/java/org/elasticsearch/ElasticsearchException.java
2015-09-18 12:05:03 +02:00
David Pilato 42237ed982 [discovery-ec2] Move integration tests to unit tests
Follow up for #12844 but in master branch where cloud-aws has been split in 2 projects. So we need to backport manually changes...
2015-09-17 23:09:07 +02:00
David Pilato 97ae657231 Merge remote-tracking branch 'origin/master' 2015-09-17 21:44:25 +02:00
David Pilato 422cfa27c0 Merge branch 'maven/elasticsearch-already-excluded' 2015-09-17 18:10:04 +02:00
Robert Muir d7a07d7a27 Fix missing AccessControllerBlock in GCE code
This fix imported from #13612
2015-09-17 11:03:50 -04:00
Tanguy Leroux 5b0ad2272e [test] Fix search context check in DeleteByQueryTests
Closes #13580
2015-09-17 12:17:40 +02:00
Robert Muir 6cfbf9cf54 Revert "quiet flakey gce tests"
This reverts commit 7eef7e42d4.
2015-09-17 02:32:51 -04:00
Robert Muir 5e15ba90bb Revert "disable unit tests until they work"
This reverts commit 606cc456d2.
2015-09-17 02:32:33 -04:00
Ryan Ernst b14326d494 Merge pull request #13611 from rjernst/spec_in_resources
Move rest-api-spec for plugins into test resources
2015-09-16 11:15:35 -07:00
Ryan Ernst 606cc456d2 disable unit tests until they work 2015-09-16 10:26:01 -07:00
Ryan Ernst 7eef7e42d4 quiet flakey gce tests 2015-09-16 09:59:38 -07:00
Christoph Büscher ff74e94260 Merge branch 'master' into feature/query-refactoring
Conflicts:
    core/src/main/java/org/elasticsearch/common/unit/Fuzziness.java
    core/src/main/java/org/elasticsearch/index/mapper/internal/IdFieldMapper.java
    core/src/main/java/org/elasticsearch/index/query/IdsQueryParser.java
    core/src/main/java/org/elasticsearch/index/query/functionscore/random/RandomScoreFunctionParser.java
    core/src/test/java/org/elasticsearch/search/highlight/HighlighterSearchIT.java
2015-09-16 13:04:18 +02:00
Ryan Ernst 45f757de6d Test: Move rest-api-spec for plugins into test resources
Plugin tests require having rest-api tests, and currently copy that spec
from a directory in the root of the plugin source into the test
resources. This change moves the rest-api-spec dir into test resources
so it is like any other test resources. It also removes unnecessary
configuration for resources from the shared plugin pom.
2015-09-16 03:04:53 -07:00
Robert Muir 01e6d8e3dc Remove java.lang.reflect.ReflectPermission "suppressAccessChecks"
Closes #13603

Squashed commit of the following:

commit 8799fb42d80297a79285beaf407b1bbecdb5854d
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Sep 16 03:32:29 2015 -0400

    Add randomizedtesting snapshot note

commit 0d874d9f0f5fddaeab8f48f9816a052dcaa691be
Author: Robert Muir <rmuir@apache.org>
Date:   Wed Sep 16 03:11:01 2015 -0400

    Add a mechanism for insecure plugins and get all tests passing

commit 80540aeb9a264f6f299aaa3bc89df7f9b7923a60
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 15 22:59:29 2015 -0400

    Really remove, we are killing this

commit 884818c1ad44ca2e7572a6998c086580be919657
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 15 22:57:22 2015 -0400

    fill in TODOs

commit 34f4cb81f249edfec4d8d211da892f8c987e5948
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 15 22:31:43 2015 -0400

    Publish snapshots of RR and lucene and cutover

commit d68eb9d66ce059761805c64d67e41a29098c9afa
Merge: f27e208 f62da59
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 15 12:32:41 2015 -0400

    Merge branch 'master' into kill-setaccessible

commit f27e20855216dab6a6ad035d41018d8c67f3144c
Author: Robert Muir <rmuir@apache.org>
Date:   Tue Sep 15 12:32:21 2015 -0400

    make a real lucene snapshot
2015-09-16 04:08:31 -04:00
Simon Willnauer bfa984e1c2 Prevent losing stacktraces when exceptions occur
This commit removes unnecesssary use of ExceptionHelpers where we actually
should serialize / deserialize the actual exception. This commit also
fixes one of the oddest problems where the actual exception was never
rendered / printed if `all shards failed` due to a missing cause.

This commit unfortunately doesn't fix Snapshot/Restore which is almost
unfixable since it has to serialize XContent and read from it which can't
transport exceptions.
2015-09-15 23:20:54 +02:00
Pedro Andujar 3961de3e56 Enable SSL for blob storage
In order to increase Security.

The Microsoft Azure storage services support both HTTP and HTTPS; however, using HTTPS is highly recommended.
2015-09-15 14:25:56 +01:00
David Pilato a38bcc5d62 [test] plugins simple RestIT tests don't work from IDE
When running a RestIT test from the IDE, you actually start an internal node which does not automatically load the plugin you would like to test.

We need to add:

```java
    @Override
    protected Collection<Class<? extends Plugin>> nodePlugins() {
        return pluginList(PLUGIN_HERE.class);
    }
```

Everything works fine when running from maven because each test basically:

* installs elasticsearch
* installs one plugin
* starts elasticsearch with this plugin loaded
* runs the test

Note that this PR only fixes the fact we run an internal cluster with the expected plugin.

Cloud tests will still fail when run from the IDE because is such a case you actually start an internal node with many mock plugins.
And REST test suite for cloud plugins basically checks if the plugin is running by checking the output of NodesInfo API.

And we check:

```yml
- match:  { nodes.$master.plugins.0.name: cloud-azure  }
- match:  { nodes.$master.plugins.0.jvm: true  }
```

But in that case, this condition is certainly false as we started also `mock-transport-service`, `mock-index-store`, `mock-engine-factory`, `node-mocks`, `asserting-local-transport`, `mock-search-service`.

Closes #13479
2015-09-15 10:10:05 +02:00