Commit Graph

490 Commits

Author SHA1 Message Date
jaymode 659439841e test: adapt to removal of setting
Original commit: elastic/x-pack-elasticsearch@5f195001b9
2016-04-19 14:31:06 -04:00
Nik Everett 28bb39955c Replace (read|write)Query with (read|write)NamedWriteable
(read|write)Query is going away.

Original commit: elastic/x-pack-elasticsearch@5ac3ded68e
2016-04-19 11:06:39 -04:00
Martijn van Groningen e24d09b54e test: allow percolate api to fail when the percolator field can't be found
Original commit: elastic/x-pack-elasticsearch@3343c9dc3a
2016-04-19 14:11:53 +02:00
Alexander Reelsen 98feb695ff Tests: Fixing failing history transform tests after mapping changes
Original commit: elastic/x-pack-elasticsearch@b1b13c52b0
2016-04-19 13:56:50 +02:00
Martijn van Groningen 0c7dff4fa7 security: Deal with upstream percolator changes.
From now on, if field level security and percolator is used then the percolator field needs to be included in the allowed fields.

Original commit: elastic/x-pack-elasticsearch@7d39b5caf6
2016-04-19 11:23:04 +02:00
Daniel Mitterdorfer fb825d7fd3 Use underscore notation for field names
Relates elastic/elasticsearchelastic/elasticsearch#17800

Original commit: elastic/x-pack-elasticsearch@1f6022116c
2016-04-19 08:41:47 +02:00
Ryan Ernst 14df2663ae Replace more occurences of new String(CONSTANT) with CONSTANT
Original commit: elastic/x-pack-elasticsearch@339de6350f
2016-04-18 14:54:14 -07:00
Ryan Ernst 7275d48bbd Remove XContentBuilderString
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#17833

Original commit: elastic/x-pack-elasticsearch@2400192775
2016-04-18 14:37:17 -07:00
Ryan Ernst 74c9358bdf Merge pull request elastic/elasticsearch#2029 from rjernst/camelcase1
Simplify xcontentstring usages

Original commit: elastic/x-pack-elasticsearch@13fd6d0e6a
2016-04-18 14:36:13 -07:00
Christoph Büscher e6bce6b36e Adapt to changes in core ES (elastic/elasticsearch#17417)
Original commit: elastic/x-pack-elasticsearch@2df6d5b27e
2016-04-18 15:33:25 +02:00
jaymode e66a6871c0 security: fix initialization of server sets in ldap session factories
The SessionFactory construction was calling the `ldapServers` method in the constructor,
which was fine for all of the session factories except for the ActiveDirectorySessionFactory.
The ActiveDirectorySessionFactory overrides the ldapServers method and use class variables
that are initialized in its constructor so the value was always null.

This change moves setup to an init method for objects that depend on variables set during
construction.

Closes elastic/elasticsearch#2011

Original commit: elastic/x-pack-elasticsearch@07c15ce171
2016-04-18 07:22:21 -04:00
Alexander Reelsen aa77646e3d Tests: Fixing xpack info tests
Even though HEAD is a possible method, this implies that no data is returned
and thus the tests fail randomly.

If HEAD should be added to the api it needs it's own API definition IMO.

Original commit: elastic/x-pack-elasticsearch@a216393f6b
2016-04-18 12:19:16 +02:00
Alexander Reelsen 99cff6f3b9 Watcher: Create module to test with painless scripting language
Also changed some documentation to use painless instead of groovy
to get people used to it.

Original commit: elastic/x-pack-elasticsearch@92a007cc0d
2016-04-18 09:14:31 +02:00
uboness 8aa48ffaff Introduced the X-Pack Info API
- Removed Shield's Info API
- Removed Watcher's Info API

Closes elastic/elasticsearch#2014

Original commit: elastic/x-pack-elasticsearch@6910cb1d6e
2016-04-17 13:38:19 +02:00
jaymode 0cce436641 build: fix x-pack pom and allow installation
* The found-license project is removed since it is no longer needed
* The plugin-api classes have moved into the license-plugin since there is only one plugin
* The license/base project publishes the proper artifactId in the pom file
* The x-pack jar file is added as an artifact so that it can be installed
* The x-pack pom no longer declares the packaging as `zip`
* The x-pack pom uses the right artifactId for license-core
* Removed disabling of installing the x-plugins artifacts
* Cleaned up a use of guava in watcher (found when trying to remove guava as a compile
dependency but is needed by the HTML sanitizer)
* Removed the dependency on the mustache compiler since it is no longer necessary

Closes elastic/elasticsearch#1987

Original commit: elastic/x-pack-elasticsearch@9d3b50b054
2016-04-15 11:31:09 -04:00
Robert Muir 350ccaad43 Merge pull request elastic/elasticsearch#2025 from elastic/fieldsecurity-points
field-level security should filter points

Original commit: elastic/x-pack-elasticsearch@5422fe610d
2016-04-15 11:19:24 -04:00
jaymode e4cb1f1b24 test: add missing date math to blacklist
Original commit: elastic/x-pack-elasticsearch@85fae58d74
2016-04-15 10:10:01 -04:00
Christoph Büscher dfe5bf5366 Adapt to removal of parseFieldMatcher getters and setters in core
Original commit: elastic/x-pack-elasticsearch@4fd754d0ae
2016-04-15 15:22:13 +02:00
jaymode 98a308352a security: resolve date match expressions for authorization
Elasticsearch supports the concept of date match expressions for index names and
the authorization service was trying to authorize the names without resolving them
to their concrete index names. This change now resolves these names

Closes elastic/elasticsearch#1983

Original commit: elastic/x-pack-elasticsearch@3c6baa8e83
2016-04-15 08:49:20 -04:00
Alexander Reelsen 2b00967b01 Watcher: Fix license check for STANDARD license
The license check in Watcher was issued in the wrong way,
so that new licenses were not affected by the check. This
commit explicitely lists the license types that are allowed
to execute watcher actions as well as fixing the tests.

Relates elastic/elasticsearch#1263

Original commit: elastic/x-pack-elasticsearch@afd55965b0
2016-04-15 09:16:37 +02:00
Ryan Ernst cb6a5b4e85 Simplify xcontentstring usages
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#17774.

Original commit: elastic/x-pack-elasticsearch@5c05609840
2016-04-14 23:15:41 -07:00
Robert Muir 8bcc280539 field-level security should filter points
Original commit: elastic/x-pack-elasticsearch@5a8739a2bd
2016-04-14 18:28:49 -04:00
Areek Zillur e5c2a44d5d Return 404 status code when no license is installed
closes elastic/elasticsearch#2000

Original commit: elastic/x-pack-elasticsearch@3bd4193cf8
2016-04-14 16:51:39 -04:00
jaymode fc1c13d8a4 Fix compile error due to change in DateFieldMapper
Original commit: elastic/x-pack-elasticsearch@995dde2a36
2016-04-14 13:32:04 -04:00
Christoph Büscher 5eb8a603c9 Adapt to api change in es core
Original commit: elastic/x-pack-elasticsearch@4d6f6abf02
2016-04-14 16:23:51 +02:00
Colin Goodheart-Smithe 2dc8a720c2 Fix Eclipse Compile error in ReservedRealmTests
The eclipse compiler errors on this class because "the method containsInAnyOrder(T...) of type Matchers is not applicable as the formal varargs element type T is not accessible here". This is because the first common superclass of `XPackUser` and `KibanaUser` is `ReservedUser` which is package protected and not available to this test class. This change casts to `User` so the error does not occur in Eclipse.

Original commit: elastic/x-pack-elasticsearch@be8fa82720
2016-04-14 14:30:06 +01:00
Martijn van Groningen 5f7220dea4 Fix compile errors due to upstream changes in HasChild- and HasParentQueryBuilder
Original commit: elastic/x-pack-elasticsearch@9945e89b6e
2016-04-14 14:46:08 +02:00
Alexander Reelsen 1ef246adab Watcher: Fall back on default format color in hipchat action
Our documentation states that we have default attributes for
message.format and message.color, which in fact we do not have
as an NPE was triggered in that case.

This commit falls back to unset defaults and allows for hipchat messages
to be sent without having to configure color/format in the action
or the account.

Closes elastic/elasticsearch#1666

Original commit: elastic/x-pack-elasticsearch@bfb7e35112
2016-04-14 09:03:55 +02:00
Alexander Reelsen 6d0a2f642a Watcher: HttpResponse serialization may not contain dots in field names
The HTTP response toXContent() method contains the http response headers, which
are used as field names in Elasticsearch in the watch history.
These can contain dots, like `es.index` being returned when Elasticsearch
encounters an exception - which results in an index error.

This patch changes the dots to an underscore when calling toXContent()

Closes elastic/elasticsearch#1803

Original commit: elastic/x-pack-elasticsearch@e4070f8b70
2016-04-13 15:07:22 +02:00
Alexander Reelsen 847287278b Tests: Adapting to Version changes in core
Original commit: elastic/x-pack-elasticsearch@89e9cf427d
2016-04-13 11:43:54 +02:00
Daniel Mitterdorfer 3fd3adef4c Limit request size on HTTP level
With this commit we limit the size of all in-flight requests on
HTTP level. The size is guarded by the same circuit breaker that
is also used on transport level. Similarly, the size that is used
is HTTP content length.

Relates elastic/elasticsearchelastic/elasticsearch#16011

Original commit: elastic/x-pack-elasticsearch@318b7a4a8a
2016-04-13 10:39:49 +02:00
Daniel Mitterdorfer 0d0e2b432c Limit request size on transport level
With this commit we limit the size of all in-flight requests on
transport level. The size is guarded by a circuit breaker and is
based on the content size of each request.

By default we use 100% of available heap meaning that the parent
circuit breaker will limit the maximum available size. This value
can be changed by adjusting the setting

network.breaker.inflight_requests.limit

Relates elastic/elasticsearchelastic/elasticsearch#16011

Original commit: elastic/x-pack-elasticsearch@d1c43fe8d9
2016-04-13 10:39:04 +02:00
Nik Everett 120e13148b Handle core search refactoring
Original commit: elastic/x-pack-elasticsearch@fb512063ca
2016-04-12 15:24:19 -04:00
Alexander Reelsen 61fdd0ac3c Fix compilation error from core change
Relates 2c487110b2

Original commit: elastic/x-pack-elasticsearch@b3661a5c3e
2016-04-12 18:42:28 +02:00
Alexander Reelsen a1f7fff901 Watcher: Cut settings over to xpack.watcher (elastic/elasticsearch#1909)
This cuts over all settings from `watcher.` to `xpack.watcher` as
part of the settings cleanup for 5.0.

Relates elastic/elasticsearch#1441

Original commit: elastic/x-pack-elasticsearch@c82483bf25
2016-04-12 10:34:23 +02:00
Adrien Grand 26e1535eee Fix compilation as a result of elastic/elasticsearchelastic/elasticsearch#16268.
Original commit: elastic/x-pack-elasticsearch@4a334d7f7d
2016-04-11 18:06:48 +02:00
Adrien Grand 5b57727b34 Replace usage of settingsBuilder with just builder.
Original commit: elastic/x-pack-elasticsearch@fe038bbc49
2016-04-08 18:09:02 +02:00
Tanguy Leroux 703a88f95f Monitoring: Fix MarvelTemplateUtilsTests.java on Windows (attempt elastic/elasticsearch#2)
Original commit: elastic/x-pack-elasticsearch@10df1b26b9
2016-04-08 15:56:39 +02:00
Tanguy Leroux bc744e27c3 Monitoring: Fix MarvelTemplateUtilsTests.java on Windows
This is due to line ending differences.

Original commit: elastic/x-pack-elasticsearch@a5327cd3e6
2016-04-08 14:24:02 +02:00
Tanguy Leroux 98fc26c614 Monitoring: Manage multiple index templates
Original commit: elastic/x-pack-elasticsearch@fef9dcc5d1
2016-04-08 11:44:03 +02:00
Nik Everett 29263637c0 React to registration changes in core
Original commit: elastic/x-pack-elasticsearch@f5961dc410
2016-04-07 18:48:00 -04:00
Chris Earle daa875db11 Remove hostname from NetworkAddress.format (x-plugins side)
This removes the old usage of NetworkAddress.formatAddress in favor of the updated version, which is just
the method renamed to NetworkAddress.format (replacing the old version of that method).

There is no impact to x-plugins beyond making the build work because all places were currently using that
method variant already.

Original commit: elastic/x-pack-elasticsearch@05f0dcfa90
2016-04-07 17:29:14 -04:00
jaymode 52b6fc54b8 test: explicitly initialize anonymous user in ReservedRealmTests
Original commit: elastic/x-pack-elasticsearch@46ce5c03a1
2016-04-07 10:54:47 -04:00
jaymode 8049a82953 security: add support for main action
This commit adds support for the change in elasticsearch where the `/` rest
endpoint now delegates to an action and can be authorized.

Original commit: elastic/x-pack-elasticsearch@8ef38ce50f
2016-04-07 09:25:21 -04:00
jaymode b56e2f3bca test: reset anonymous after test to avoid messing with other tests
Closes elastic/elasticsearch#1956

Original commit: elastic/x-pack-elasticsearch@9b57d295c8
2016-04-07 06:12:02 -04:00
jaymode 931c67b49c security: add type argument to fix compile
Original commit: elastic/x-pack-elasticsearch@81acbd2e29
2016-04-06 19:09:29 -04:00
jaymode d08446e221 security: add reserved roles and users
This commit adds reserved or built-in user and role support to x-pack. The reserved roles
cannot be modified by users. The reserved users also cannot be modified with the exception
of changing the password for a user.

In order to change the password for a user, a new API has been added. This API only supports
changing passwords for native and reserved users.

To support allowing a user to change their own password, a default role has been added to grant
access. This default role only grants access to user operations that pertain to the user that is
being authorized. In other words, the default role grants `joe` the ability to change their own password
but does not allow them to change the password of a different user.

Additionally, the authenticate API was made a transport action and is granted by the default role.

Closes elastic/elasticsearch#1727
Closes elastic/elasticsearch#1185
Closes elastic/elasticsearch#1158

Original commit: elastic/x-pack-elasticsearch@1a6689d90f
2016-04-06 18:23:18 -04:00
jaymode f888082ce6 security: remove the use of shield in settings
This commit migrates all of the `shield.` settings to `xpack.security.` and makes changes to
use the new Settings infrastructure in core.

As a cleanup, this commit also renames Shield to Security since this class is only in master
and will not affect 2.x.

See elastic/elasticsearch#1441

Original commit: elastic/x-pack-elasticsearch@a5a9798b1b
2016-04-06 14:00:46 -04:00
jaymode 9031cee432 security: allow indices monitor actions to access the security index
This commit allows authorized users to monitor the security index. This fixes an issue
with the _cat/indices api, which resolves the concrete indices using the cluster state
and then makes a indices stats request. Without this change, the api fails with an
authorization exception because it is specifically requesting the security index and the
user is not the internal user.

Closes elastic/elasticsearch#1895

Original commit: elastic/x-pack-elasticsearch@070a389833
2016-04-06 12:59:15 -04:00
Tanguy Leroux 3c65f38fbe Monitoring: Update exporter & bulk in ExportersTests
Since elastic/elasticsearch#1832 exporters are created once, but the inner exporting bulks must be instanciated for each export. The CountingExporter and CountingBulk have not been updated to reflect this change.

Original commit: elastic/x-pack-elasticsearch@bbbde22363
2016-04-06 11:35:39 +02:00