Commit Graph

422 Commits

Author SHA1 Message Date
jaymode 101ff22546 fix compile after removal of versions < 2.0.0
Original commit: elastic/x-pack-elasticsearch@61e2814aac
2016-03-07 10:53:07 -05:00
jaymode 98e904deef fix compile due to core change in NodeInfo
Original commit: elastic/x-pack-elasticsearch@3ff3fa63e6
2016-03-07 09:34:53 -05:00
Robert Muir 2a9ba9e934 lucene 6 api changes (tests only)
Original commit: elastic/x-pack-elasticsearch@8120c29cd8
2016-03-07 04:14:09 -05:00
Ryan Ernst b54e6a7ae6 Merge branch 'master' into cli-parsing
Original commit: elastic/x-pack-elasticsearch@ff525e0e00
2016-03-06 13:33:08 -08:00
Ryan Ernst 59ec9302c8 Switch cli tests to unified MockTerminal
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#16966

Original commit: elastic/x-pack-elasticsearch@a2e2faf20a
2016-03-06 13:18:40 -08:00
jaymode 46cae1b2b1 test: remove check for bound addresses that fails on mac
Original commit: elastic/x-pack-elasticsearch@85c7f158ff
2016-03-04 17:47:38 -05:00
jaymode 186dbf547a security: protect the user and roles index
This commit adds the logic to protect the user and roles index that we store locally
by restricting access to the internal XPack user. We need to do this in two places;
the first is when resolving wildcards and the other is when authorizing requests
made against specific indices.

Original commit: elastic/x-pack-elasticsearch@8ee0ce02db
2016-03-04 17:16:03 -05:00
Ryan Ernst 6fa9c1631d Merge branch 'master' into cli-parsing
Original commit: elastic/x-pack-elasticsearch@83f7f8139d
2016-03-04 12:15:11 -08:00
Ryan Ernst 706216844b Changed esusers tool to use jopt-simple
Original commit: elastic/x-pack-elasticsearch@1f8763fcd6
2016-03-04 12:14:34 -08:00
javanna 30a7ff1daa Adapt to node.client setting removal
We would previosly check if a node was a client node, we can now check it by just verifying that it is not a transport client through client_type setting.

Original commit: elastic/x-pack-elasticsearch@bddd44866e
2016-03-04 20:41:13 +01:00
Tanguy Leroux 452e729a02 Monitoring: Fix NodeStatsResolverTests on Windows platforms
Because load_average is not available on Windows, it must be excluded from test assertions.

Original commit: elastic/x-pack-elasticsearch@f67f9bb5e7
2016-03-04 17:28:49 +01:00
Tanguy Leroux 66e49a0546 Marvel: Add integration test for Marvel+Shield with SSL
closes elastic/elasticsearch#1467

Original commit: elastic/x-pack-elasticsearch@9dd6bf9629
2016-03-04 16:55:35 +01:00
Tanguy Leroux a8e52eb520 Monitoring: Clean up and refactoring
This commit removes various constructors in monitoring documents and add a single constructeur that accepts a monitoring id and version. It also renames *Renderer classes to *Resolver and centralizes the logic of resolving the index name, type name and id in 1 place. It changes Exporter so that they use these resolvers to know in which index a given document must be indexed.

Original commit: elastic/x-pack-elasticsearch@c2349a95a6
2016-03-04 16:31:14 +01:00
Ryan Ernst fe377cfda2 Converted cron eval tool to use jopt-simple
Original commit: elastic/x-pack-elasticsearch@fde96657d5
2016-03-03 00:35:39 -08:00
Adrien Grand c16ca2c779 string has been split into text and keyword.
Original commit: elastic/x-pack-elasticsearch@b98100f8b5
2016-03-03 09:17:47 +01:00
Ryan Ernst ee2749365f Add tests for FileAttributesChecker
Original commit: elastic/x-pack-elasticsearch@eb78087e64
2016-03-03 00:03:30 -08:00
Ryan Ernst 9864ae05a2 Switch system key tool to use jopt-simple
Original commit: elastic/x-pack-elasticsearch@c5c459c77a
2016-03-02 23:16:50 -08:00
jaymode d8617556cf shield: do not require password for user update operations
When thinking about applications and the need to update a user, we should not need to
update the password of the user when making changes to things like roles, email, full
name, or metadata. This commit changes how we handle operations where the password
field is missing.

When the password field is missing, we try to execute an update. If the user exists, all
values for the user are updated except for the password field. If the user does not exist
and the password field is missing then a ValidationException is returned.

When the password field is present, we always issue an index request.

Closes elastic/elasticsearch#1492

Original commit: elastic/x-pack-elasticsearch@3d8a5f2db6
2016-03-02 10:26:55 -05:00
jaymode d46f465ddb shield: refresh on user and role modifications by default
This commit introduces the default refresh on user and role update and delete
operations. The behavior can be controlled via the `refresh` parameter on the
REST API and the refresh option in the Java API.

Closes elastic/elasticsearch#1494

Original commit: elastic/x-pack-elasticsearch@aff4d13886
2016-03-02 09:04:41 -05:00
Tanguy Leroux ab3ee46104 Fix checkstyle violation
Original commit: elastic/x-pack-elasticsearch@7730c96d7c
2016-03-02 11:14:13 +01:00
Martijn van Groningen ceaed02f38 Added `manage_pipeline` privilege and `ingest_admin` default role for the ingest feature.
Closes elastic/elasticsearch#1367

Original commit: elastic/x-pack-elasticsearch@a4c9e22203
2016-03-02 10:53:10 +01:00
Tanguy Leroux edd993077b Marvel: Only clean timestamped indices with the current template version
Only current timestamped indices, like .marvel-es-1-* indices should be deleted. Other indices like the ones created by pre v2.3.0 plugin versions should be kept (like .marvel-es-YYYY.MM.dd)

Original commit: elastic/x-pack-elasticsearch@b2aff31875
2016-03-02 10:47:30 +01:00
Tanguy Leroux b39f4dcc37 Monitoring: Index node attributes and remove default mappings in data index
Original commit: elastic/x-pack-elasticsearch@c1581ecc1b
2016-03-02 10:06:27 +01:00
Ryan Ernst 626bdbe7bf Convert license verifier tool to jopt-simple
Original commit: elastic/x-pack-elasticsearch@56ecc6333c
2016-03-01 17:13:17 -08:00
Jason Tedor 4c089cf33d Bump Elasticsearch version to 5.0.0-SNAPSHOT
This commit bumps the Elasticsearch version to 5.0.0-SNAPSHOT in line
with the alignment of versions across the stack.

Relates elastic/elasticsearchelastic/elasticsearch#16862

Original commit: elastic/x-pack-elasticsearch@155641c5e4
2016-03-01 17:18:13 -05:00
Ryan Ernst bd64bd6ff3 Switched licence gen and keypair gen tools to use jopt simple
Original commit: elastic/x-pack-elasticsearch@310229b4a5
2016-03-01 12:21:05 -08:00
jaymode c8ee64d0cb test: sort by _uid to get consistent ordering
Original commit: elastic/x-pack-elasticsearch@73b5c49ea5
2016-03-01 09:30:12 -05:00
Nik Everett 507e9ede59 Rename unit test so it looks like a unit test
Original commit: elastic/x-pack-elasticsearch@d2d39ad50b
2016-03-01 08:09:25 -05:00
jaymode de72f4aeee security: change DLS behavior to OR queries together
This commit changes the behavior of combining multiple document level security queries
from an AND operation to an OR operation.

Additionally, the behavior is also changed when evaluating the combination of roles that
have document level security and roles that do not have document level security. Previously
when the permissions for these roles were combined, the queries from the roles with document
level security were still being applied, even though the user had access to all the documents.
This change now grants the user access to all documents in this scenario and the same applies
for field level security.

Closes elastic/elasticsearch#1074

Original commit: elastic/x-pack-elasticsearch@291107ec27
2016-03-01 07:03:38 -05:00
javanna 0be2b6cbbc Adapt to SearchServiceTransportAction rename
Original commit: elastic/x-pack-elasticsearch@b154325787
2016-03-01 12:58:53 +01:00
uboness 2a1b3250db Cleanup Security Roles
- Renamed `AddRoleAction/Request/Response` to `PutRoleAction/Request/Response`
- also renamed the user/roles rest actions
- Changed the returned format for `RestGetRoleAction`. Previously this endpoint returned an array of role descriptor. Now it returns an object where the role names serve as the keys for the role objects. This is aligned with other APIs in ES (e.g. index templates).
- When `RestGetRoleAction` cannot find all the requested roles, it'll return an empty object and a 404 response status
- Also cleaned up `RoleDescriptor`

Original commit: elastic/x-pack-elasticsearch@742f6e0020
2016-03-01 05:47:22 -05:00
Boaz Leskes 3ddbd77090 Remove DiscoveryService and reduce guice to just Discovery elastic/elasticsearch#1571
DiscoveryService was a bridge into the discovery universe. This is unneeded and we can just access discovery directly or do things in a different way.

This is a complement to elastic/elasticsearchelastic/elasticsearch#16821

Closes elastic/elasticsearch#1571

Original commit: elastic/x-pack-elasticsearch@496f0c4081
2016-02-29 20:26:38 +01:00
jaymode 03be6e3a62 change shield in log messages to security
Original commit: elastic/x-pack-elasticsearch@9c5acc488a
2016-02-29 10:26:48 -05:00
uboness 759d99de9c changed the User API
- Now it's more aligned with other APIs in ES (e.g. index template API)
- the "get user" API now returns an object as a response. The users are keyed by their username. If none of the requested users is found, an empty object will be returned with a 404 response status.
- the body of "put user" request doesn't require "username" anymore (as it's defined as part of the URL)

Original commit: elastic/x-pack-elasticsearch@f7c12648b1
2016-02-29 09:47:39 -05:00
Alexander Reelsen 1f113e07f4 Watcher: Fail email action on attachment download issues
In case that a single email attachment cannot be downloaded, this ensures
that the whole action fails with a correct Action.Failure.

This also fixes an NPE that would occur otherwise.

Original commit: elastic/x-pack-elasticsearch@7bb042a719
2016-02-28 21:07:23 -08:00
Alexander Reelsen cc8109bc87 Watcher: Fix naming of data attachments to use id in email attachments
This is a small fix to use specified id when sending data attachments.
The current solution always used "data".

Also a minor refactoring was made to include get the different parser impls
from the EmailAttachmentsParser instead of specifying them twice in the
EmailAction.

Closes elastic/elasticsearch#1503

Original commit: elastic/x-pack-elasticsearch@9354e83c8b
2016-02-28 20:22:45 -08:00
Nik Everett d7170197f6 Handle core's log refactoring
Original commit: elastic/x-pack-elasticsearch@9e2e41db90
2016-02-26 16:06:31 -05:00
jaymode 06fc60c2f6 shield: handle null tokens when parsing roles
The roles parsing does not currently handle null tokens since the YAML parser
was not emitting them. With the upgrade to Jackson 2.7.1, the parser is now
emitting the null token value.

Original commit: elastic/x-pack-elasticsearch@abcad633ad
2016-02-26 15:03:56 -05:00
Alexander Reelsen 47f1c2daa5 Watcher: Throw exception when empty URL is handed in http requests
This ensures that invalid watches are not even added and rejected on
index time.

Closes elastic/elasticsearch#1510

Original commit: elastic/x-pack-elasticsearch@d18e0c8ef6
2016-02-25 17:31:11 -08:00
Alexander Reelsen b97fea44d7 Watcher: Fix SSL default port when using request.fromUrl
If no port was specified, port 80 was assumed, even if https was specified
was the protocol. This lead to weird failures in the logs and trying to use
SSL on port 80.

Relates elastic/elasticsearch#1567

Original commit: elastic/x-pack-elasticsearch@0ea11d612e
2016-02-25 16:26:53 -08:00
Alexander Reelsen 47ef39037b Watcher: Fix latch await in timeout tests
The awaiting latch was not waiting as long as the sleep in the code
causing the latch to fail and the test to fail.

This code aligns the time to wait for the latch and the sleep code
in the mock http server.

Original commit: elastic/x-pack-elasticsearch@8a2cc61204
2016-02-25 15:56:30 -08:00
uboness eb8dbfb998 Renamed `.shield` index to `.security`
Going forward (from 5.0 on) we'll remove all occurrences of the "shield" name/word from the code base. For this reason we want to already start using `.security` index in 2.3 such that we won't need to migrate it to a `.security` index later on.

Original commit: elastic/x-pack-elasticsearch@74a1cbfcf2
2016-02-25 15:10:22 -08:00
Alexander Reelsen 4eef709d2e Watcher: Fix timeout tests by increasing wait timeout
The request timeout and the real time the webserver slept was 5000ms.
In case of loaded systems, there might be cases, where the request was
still received in time.

This commit increases the server side sleep time to 10 seconds, to ensure
that the client aborts the request early

Original commit: elastic/x-pack-elasticsearch@718c05519f
2016-02-25 14:23:34 -08:00
Alexander Reelsen 2daef601d4 Watcher: Fix timeout tests
The current HTTP timeout tests had two problems.

* Binding to port 9200-9300
* The first request to hit was having a delay, the other ones had not,
  so if any other component hit the test inbetween (likely in a CI env),
  the HTTP request from the test itself will not be delayed.

Both cases are fixed in this commit.

Original commit: elastic/x-pack-elasticsearch@d696e020cc
2016-02-25 12:23:46 -08:00
Nik Everett c7796d5cb7 Rename more tests to match naming conventions
Original commit: elastic/x-pack-elasticsearch@d76c217bd9
2016-02-25 15:20:41 -05:00
jaymode 0522127924 Test: remove use of network.host in smoke test ssl plugins
This removes the use of a specific address in smoke test ssl plugins and instead generates
the certificate with all of the IP addresses and DNS names of the system as subject
alternative names. This required duplication and modification of some code from core's
NetworkUtils.

Original commit: elastic/x-pack-elasticsearch@576824376f
2016-02-25 13:56:46 -05:00
Alexander Reelsen 2f088a60bc Watcher: Always get HTTP response body independent from error code
When an HTTP input returns an error body, right now we check if the
error code is below 400 and only then we include the body.

However using another method from URLConnection, the body can be
access always.

Closes elastic/elasticsearch#1550

Original commit: elastic/x-pack-elasticsearch@1743fd0a77
2016-02-25 10:25:34 -08:00
Nik Everett 08e0717f6b Make tests follow naming conventions
One test wasn't running because it didn't match!

Original commit: elastic/x-pack-elasticsearch@081c6b09e2
2016-02-25 13:14:01 -05:00
uboness 7fbf5645e2 fixed checkstyle error
Original commit: elastic/x-pack-elasticsearch@7676e988a8
2016-02-25 01:50:19 -08:00
uboness 266bf09437 Fixed build failure related to security roles APIs
- roles are now reliably parsed
- in `Put Role` API, added a double check to verify that the role name in the URL matches the role name if the body. Also, if the body doesn't have a role name, the role name in the URL will be used.

Original commit: elastic/x-pack-elasticsearch@5054ce8567
2016-02-25 01:38:04 -08:00
uboness 8ff6b93a3c Cleanup Security Roles
- Renamed `AddRoleAction/Request/Response` to `PutRoleAction/Request/Response`
- also renamed the user/roles rest actions

Original commit: elastic/x-pack-elasticsearch@ae0ccd61e5
2016-02-24 13:46:32 -08:00
Chris Earle 7e334a5e4b Renaming interval variable to include units and reordering constructor field values to ensure listener is added last
Original commit: elastic/x-pack-elasticsearch@60983f4190
2016-02-23 13:17:42 -05:00
Chris Earle ef81157c47 Add Javadocs
Also a minor fix to the phrasing in `MarvelLicensee#expirationMessages()`.

Original commit: elastic/x-pack-elasticsearch@9366c07930
2016-02-22 15:56:19 -05:00
Chris Earle 0b0ca8f2a6 Removing unused imports
Original commit: elastic/x-pack-elasticsearch@40c094af91
2016-02-22 15:56:19 -05:00
Chris Earle df99174122 Removing duplicated import
Original commit: elastic/x-pack-elasticsearch@1618ec79d4
2016-02-22 15:56:19 -05:00
uboness 18b08c82ca Introducing user full name, email and metadata.
- `full_name` and `email` are optional user fields
- `metadata` is an optional arbitrary meta data that can be associated with the user
- cleaned up the user actions - consistent naming (e.g. `PutUserAction` vs. `AddUserAction`)
- moved source parsing from the `PutUserRequest` to the `PutUserRequestBuilder`
- renamed`WatcherXContentUtils` to `XContentUtils` and moved it to sit under `o.e.xpack.commons.xcontent`

Closes elastic/elasticsearch#412

Original commit: elastic/x-pack-elasticsearch@5460e3caf7
2016-02-22 10:22:36 -08:00
Alexander Reelsen 6d0d09468b Watcher/Shield: Ensure only one .in.bat file exists
This was a leftover from watcher/shield being different plugins.

Closes elastic/elasticsearch#1530

Original commit: elastic/x-pack-elasticsearch@521b4bad14
2016-02-21 15:20:24 -08:00
Tanguy Leroux a27d2bcc50 Fix line length
Original commit: elastic/x-pack-elasticsearch@bbf883437f
2016-02-21 15:19:52 -08:00
Tanguy Leroux b5f40adb12 Marvel: Add stats for primary shards
closes elastic/elasticsearch#1198

Original commit: elastic/x-pack-elasticsearch@e823d01397
2016-02-21 14:39:52 -08:00
jaymode e3f53be3ef test: disable marvel for watcher disabled tests
We shouldn't have marvel enabled for these tests because we get false test failures
due to marvel indices existing and failing to lock the shard.

Original commit: elastic/x-pack-elasticsearch@11123bb660
2016-02-21 14:11:43 -08:00
jaymode d9ca4e0ce3 fix shield settings to not rely on iteration order
This removes the use of group setting for `shield.` and introduces some individual settings
and some group settings that should not overlap and cause issues when iteration order
changes.

See elastic/elasticsearch#1520

Original commit: elastic/x-pack-elasticsearch@193e937193
2016-02-21 10:10:52 -08:00
Simon Willnauer 64e4ccf9a0 Update x-pack to elastic/elasticsearchelastic/elasticsearch#16740
Original commit: elastic/x-pack-elasticsearch@63a3f49730
2016-02-20 17:21:47 -08:00
Adrien Grand 7b2fae3982 Unmute DynamicIndexNameIntegrationTests.
Closes elastic/elasticsearch#1527

Original commit: elastic/x-pack-elasticsearch@4ba9fe5f08
2016-02-15 16:12:57 +01:00
Colin Goodheart-Smithe 77ffdbcbb4 Merge pull request elastic/elasticsearch#1519 from colings86/refactor/aggRefactoringChanges
X-Plugin changes due to the changes in the Aggregations Java API

Original commit: elastic/x-pack-elasticsearch@524be093de
2016-02-15 11:33:42 +00:00
Adrien Grand 026c26db54 Mute DynamicIndexNameIntegrationTests.
Original commit: elastic/x-pack-elasticsearch@1795d24800
2016-02-15 12:07:40 +01:00
javanna 4482cd4f6c Adapt to removal of unused generics type from TransportMessage
followup of elastic/elasticsearch#15776, the type is not needed anymore.

Original commit: elastic/x-pack-elasticsearch@3f96dc552d
2016-02-12 17:21:28 +01:00
jaymode 8337832405 test: skip discovery ec2 in smoke-test-plugins*
Until we can fix the shield settings, we have bugs where we depend on the iteration
order of a map and discovery ec2 settings provoke this (most likely through a map
resize).

See elastic/elasticsearch#1520

Original commit: elastic/x-pack-elasticsearch@fbc32cf069
2016-02-12 10:40:27 -05:00
Colin Goodheart-Smithe 197b8fe56f X-Plugin changes due to the changes in the Aggregations Java API
Original commit: elastic/x-pack-elasticsearch@b983d0a00f
2016-02-12 12:06:06 +00:00
Simon Willnauer ec76d3bce0 Fix imports
Original commit: elastic/x-pack-elasticsearch@79e4535040
2016-02-12 10:52:48 +01:00
uboness ffe339ae31 Refactoring for 5.0 - phase 5
- Moved all settings in Marvel from `marvel.*` to `xpack.monitoring.*`
- Cleaned up marvel settings in general - they're all now under `MarvelSettings` class
- fixed some integration tests along the way (they were configured wrong and never actually tested anything)
- Updated the docs accordingly
- Added `migration-5_0.asciidoc` under the Marvel docs to explain how to migrate from Marvel 2.x to XPack 5.0.
- Replaced all `marvel` mentions in the logs to `monitoring`
- Removed the `xpack.monitoring.template.version` setting from the templates
- renamed the templates to `monitoring-es-data.json` and `monitoring-es.json`
- monitoring indices are now `.monitoring-es-<version>-data` and `.monitoring-es-<version>-<timestamp>`

Original commit: elastic/x-pack-elasticsearch@17f2abe17d
2016-02-11 21:34:38 +01:00
jaymode 95a8f77146 shield: do not throw exception if authorization header is not a basic token
Custom realms may enable the use of other authorization schemes than just basic authentication
and these schemes should work in addition to our built in realms. However, our built in realms use
the UsernamePasswordToken class to parse the Authorization header, which had a check to ensure
the token was for basic authentication and if not, an exception was thrown. The throwing of the
exception stops the authentication process and prevents custom realms from evaluating the header
if they come later in the ordering of realms.

This change removes the throwing of the exception unless the header starts with 'Basic ' and is invalid.

Original commit: elastic/x-pack-elasticsearch@fd438ded95
2016-02-11 09:59:35 -05:00
uboness 42c9eead60 Refactoring for 5.0 - phase 4
- renaming `ShieldPlugin` to `Shield` (it's no longer a plugin)
 - renaming `WatcherPlugin` to `Watcher` (it's no longer a plugin)
 - renaming `MarvelPlugin` to `Marvel` (it's no longer a plugin)
 - renaming `LicensePlugin` to `Licensing` (it's no longer a plugin)
 - renamed setting:`watcher.enabled` -> `xpack.watcher.enabled`
 - renamed setting:`marvel.enabled` -> `xpack.marvel.enabled`

Original commit: elastic/x-pack-elasticsearch@35a6540b11
2016-02-10 11:15:35 +01:00
Igor Motov dbff0e1144 Add task cancellation mechanism
See elastic/elasticsearchelastic/elasticsearch#16320 for more information

Original commit: elastic/x-pack-elasticsearch@4f8a9b1258
2016-02-09 22:31:08 -05:00
Nik Everett 97e8cdc5f0 Remove suppression and implement hashCode
Original commit: elastic/x-pack-elasticsearch@0505f28e78
2016-02-09 21:49:13 -05:00
Nik Everett 390bbecf4b Suppress EqualsHashCode check where it fails
Original commit: elastic/x-pack-elasticsearch@eb5243a652
2016-02-09 21:32:23 -05:00
Jason Tedor 602f67d7c6 Use MessageDigests abstraction in core
This commit removes the message digest providers in x-plugins by using
the MessageDigests abstraction in core. In particular, this permits the
removal of the use of MessageDigest#clone in x-plugins.

Closes elastic/elasticsearch#1489

Original commit: elastic/x-pack-elasticsearch@6868e6e8ed
2016-02-09 10:18:00 -05:00
uboness 3a6a1d5dc2 Shield refactoring for 5.0 - phase 3
- Consolidated the `bin` and `config` directories of watcher, shield and marvel under a single `config/xpack` and `bin/xpack` directories.

 - updated docs accordingly

Original commit: elastic/x-pack-elasticsearch@c2aa6132fa
2016-02-09 16:06:49 +01:00
uboness 92f027159a Shield refactoring for 5.0 - phase 2
- Started to move configuration under the `xpack` name
 - Cleaned up `ShieldPlugin`
 - renamed `ShieldClient` to `SecurityClient`
 - Introduced `XPackClient` that wraps security and watcher clients

Original commit: elastic/x-pack-elasticsearch@f05be0c180
2016-02-09 14:32:33 +01:00
jaymode 50452e403f test: filter out unsupported ciphers when checking default socket factory
Closes elastic/elasticsearch#2

Original commit: elastic/x-pack-elasticsearch@6510f65dc4
2016-02-09 08:14:05 -05:00
Alexander Reelsen e8ad8cbb36 Watcher: Load versioned index template for watch history
This loads an index template for the watch history to make sure,
that field changes are taken into account.

Also, the dynamic mapping for the watch history template has been
changed from strict to false.

This means that new fields can be included in a document, but they
will not indexed and are not searchable.

In addition the index names have been changed from .watch_history-$date to
.watcher-history-$template-$date - using dashes to be more consistent.

Closes elastic/elasticsearch#1299

Original commit: elastic/x-pack-elasticsearch@794f982234
2016-02-09 09:39:07 +01:00
Simon Willnauer 25c3a66502 Fix compile error after core change
Original commit: elastic/x-pack-elasticsearch@ba170bbc63
2016-02-08 21:57:12 +01:00
jaymode aa2eb15f31 fixes to allow bad apple tests to pass
This commit fixes the bad apple tests that failed when running them. The
IndexAuditTrailEnabledTest was removed and the test was folded into the
IndexAuditIT. Some watcher tests that relied on mustache were moved
into the QA tests with the mustache plugin.

Additionally, fixing these tests uncovered a issue with the privileges needed
for writing data into an index. If the mappings need to be updated because
of a write, then the update mapping action gets executed. In 2.x this was
handled by the system user, but now is executed under the user's context,
which is the correct thing to do. The update mapping action is now added to
the read, index, crud, and write privileges for an index.

Original commit: elastic/x-pack-elasticsearch@30711f9625
2016-02-08 09:48:10 -05:00
Jason Tedor 7f5349db57 Avoid cloning Mac instances
This commit modifies the HmacSHA1Provider to return a thread local
instance of Mac instead of using clone since some providers do not
support clone.

Closes elastic/elasticsearch#1468

Original commit: elastic/x-pack-elasticsearch@cb38f5f9e8
2016-02-06 09:12:39 -05:00
Alexander Reelsen e6784d5c7d Checkstyle: Adhere to checkstyle in all xpack .java files
In elastic/elasticsearch#1442 checkstyle checks were added, but also some files were freed from this.
If we have support for checkstyle, we should check this for all files and not allow
exceptions. This commit removes the file list to ignore any files and fixes all the
java files.

Original commit: elastic/x-pack-elasticsearch@99e6cbc5be
2016-02-05 16:57:41 +01:00
Simon Willnauer 878d244a96 Fix compilation failures
Original commit: elastic/x-pack-elasticsearch@4afbf84c20
2016-02-05 16:07:46 +01:00
Tanguy Leroux 4488cacdd8 Marvel: Add permission for HTTPExporter + SSL support
See elastic/elasticsearch#1451

Original commit: elastic/x-pack-elasticsearch@5e3d87149e
2016-02-05 15:21:27 +01:00
Alexander Reelsen 93a3d3f570 Watcher: Ensure that HTTP headers are case insensitive in response
According to RFC 2616 HTTP headers are case insensitive.
But `HttpResponse#contentType()` only looks up for Content-Type.

This stores all header responses lower cased in the HTTP response.

Closes elastic/elasticsearch#1357

Original commit: elastic/x-pack-elasticsearch@c009be8365
2016-02-05 14:59:27 +01:00
Jason Tedor 166e8786ea Fix compilation from upstream XContentType changes
This commit fixes a compilation issue that arose from upstream changes
in core where some method names on XContentType were changed.

Closes elastic/elasticsearch#1463

Original commit: elastic/x-pack-elasticsearch@0a3763dbb5
2016-02-05 07:28:47 -05:00
Jim Ferenczi cc8ae273c9 Merge pull request elastic/elasticsearch#1462 from jimferenczi/rename_plugin_cmd
bin/plugin is now bin/elasticsearch-plugin

Original commit: elastic/x-pack-elasticsearch@8ecf75af66
2016-02-05 12:52:54 +01:00
Yannick Welsch 3dfb38b99e Change path separator for Checkstyle suppressions to be Windows compatible
Original commit: elastic/x-pack-elasticsearch@8850f753c7
2016-02-05 12:15:47 +01:00
Tanguy Leroux d70b49f42d Marvel: Add source_node information to marvel documents
This commit adds a new `source_node` field to all marvel documents that holds various information (node's name/ip/host/id/transport address) about the node that emitted the document.

(cherry picked from commit elastic/x-pack@29a411a931)

Original commit: elastic/x-pack-elasticsearch@66e057d334
2016-02-05 11:50:07 +01:00
Jim Ferenczi e18e537bef bin/plugin is now bin/elasticsearch-plugin
Original commit: elastic/x-pack-elasticsearch@077f2a6357
2016-02-05 10:31:58 +01:00
Nik Everett 3fce245768 More line length suppressions
These snuck in overnight

Original commit: elastic/x-pack-elasticsearch@f25341fc8a
2016-02-04 15:37:54 -05:00
Nik Everett 3d7374054c Opt some files out of 140 character line length
If elasticsearch merges https://github.com/elastic/elasticsearch/pull/16413
then the build will fail catastrophically without this. The goal here is to
opt these files out of the line length checks while they don't pass and we
can get them passing as time permits and opt them back in. In the mean time
all files that pass the line length check will have the check enforced.

This also gives you a spot to add x-plugins opt outs for core's checkstyle
rules in case you have generated files or something like that.

Original commit: elastic/x-pack-elasticsearch@63a1ad2f79
2016-02-04 15:02:53 -05:00
jaymode 8996a3710a shield: remove deleted transport handlers
Original commit: elastic/x-pack-elasticsearch@a9803509d8
2016-02-04 13:31:11 -05:00
jaymode 8d70501f25 fix compilation due to TestShardRouting changes in core
Original commit: elastic/x-pack-elasticsearch@51f17b5b67
2016-02-04 13:21:40 -05:00
Ryan Ernst ab95b33df5 Terminal cleanup
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#16443

Original commit: elastic/x-pack-elasticsearch@1ab1b4b941
2016-02-04 02:06:37 -08:00
Simon Willnauer 09c8374cfe Merge branch 'master' into fix_settings_filtering
Original commit: elastic/x-pack-elasticsearch@ba664a5b79
2016-02-04 09:29:07 +01:00
Simon Willnauer d430a2ab5e Apply feedback from @uboness
Original commit: elastic/x-pack-elasticsearch@cb7c347657
2016-02-04 09:27:53 +01:00
Nik Everett 3ebe266d13 Merge pull request elastic/elasticsearch#1428 from nik9000/trask_status
Support task status

Original commit: elastic/x-pack-elasticsearch@9e2ca22b4a
2016-02-03 18:30:22 -05:00
Simon Willnauer 1c5d04c99b Cleanup settings filtering after elastic/elasticsearchelastic/elasticsearch#16425
This change registers all filtered settings up-front and removes all
the unnecessary wrappers around SettingsFilter. This is a pretty big
change and needs some review but after all things are generally simplified and
settings are always filtered even if shield is not enabled which is the right thing
todo.

Relates to elastic/elasticsearchelastic/elasticsearch#16425

Original commit: elastic/x-pack-elasticsearch@c7df85492b
2016-02-03 21:53:08 +01:00
Simon Willnauer 11d4e69267 Add missing setting
Original commit: elastic/x-pack-elasticsearch@59db7b52fd
2016-02-03 14:09:42 +01:00
Simon Willnauer 610bd8c820 Merge branch 'master' into migrate_to_strict_settings
Original commit: elastic/x-pack-elasticsearch@608c37fa4c
2016-02-03 13:22:27 +01:00
Martijn van Groningen 3bf5dc14f9 revert change: 'test: fix tests to not use mustache' and instead moved these test to qa module
Original commit: elastic/x-pack-elasticsearch@502d877c24
2016-02-03 12:56:54 +01:00
Simon Willnauer 422163445e Converte to strict settings infrastructure elastic/elasticsearchelastic/elasticsearch#16365
Original commit: elastic/x-pack-elasticsearch@c877a21e2d
2016-02-03 11:28:17 +01:00
Martijn van Groningen 4d30dadba9 test: fix tests to not use mustache
Original commit: elastic/x-pack-elasticsearch@4a88d0d458
2016-02-03 10:47:35 +01:00
Martijn van Groningen e617d8365f watcher: Removed custom xmustache script and use mustache script engine in lang-mustache module
The lang-mustache module has been extended to meet Watcher's needs:
* The ability to refer the specific slots in arrays.
* An `content_type` option controls whether json string escaping is used. Otherwise there is no escaping.

Closes elastic/elasticsearch#1116

Other changes:
* I changed tests that were just using mustache just because it was around to not use mustache
* I moved tests to `test-xpack-with-mustache` module that were testing mustache with Watcher
* added smoke test for watcher and mustache
* moved some tests around
* instead of using DefaultTextTemplateEngine in watcher tests use MockTextTemplateEngine
* added a mock mustache script engine
* Cleanup some messy tests to not rely on mustache and move them back into xpack module
* moved array access test to smoke test watcher with mustache module
* test: simplified the condition search test to take the time component out of it, while still simulation a condition
* removed the mustache dependency in the messy-test-watcher-with-groovy module

Original commit: elastic/x-pack-elasticsearch@6a2a4e885f
2016-02-03 09:18:50 +01:00
uboness 266917e1bc fix build
More places where String.format was missing a Locale

Original commit: elastic/x-pack-elasticsearch@6e3df91526
2016-02-03 00:16:24 +01:00
uboness db003cd2a4 fix build
Added Local to String.format

Original commit: elastic/x-pack-elasticsearch@2c7368c3de
2016-02-02 23:12:36 +01:00
uboness ffab6da42d fix build with latest core changes
`Terminal.println(..)` doesn't support varargs arguments anymore

Original commit: elastic/x-pack-elasticsearch@533a4f7919
2016-02-02 20:57:05 +01:00
uboness e039ef412f Shield refactoring for 5.0
- Consolidated `InternalMarvelUser`, `InternalWatcherUser` and `InternalShieldUser` into a single `XPackUser` - this is the single internal user for xpack that has all the permissions internally required by xpack (for marvel, watcher and shield)

 - Renamed `InternalSystemUser` to `SystemUser`

 - Removed the notion of "reserved roles". Now that we have a single internal user we know its role. The authz service now checks to see if the current user is the internal xpack user, and if so, it just uses its role (and not trying to resolve it from the role store). With this model, it's no longer possible for outside users to use the internal role (it's fully internal)

 - Consolidated the notion of an `InternalClient` (in Marvel it was knows as the `SecuredClient`). This is an ES client that xpack is using to manage itself. If shield is enabled, it will execute all request on behalf of the internal xpack user.

 - Removed the verification of the license plugin on plugin installation - no need to do it anymore as the license plugin is part of the distribution.

Original commit: elastic/x-pack-elasticsearch@c851410f93
2016-02-02 18:05:01 +01:00
Tanguy Leroux 766fc3273b Fix compilation errors
From elasticsearch core commit 10b5ffcda5

Original commit: elastic/x-pack-elasticsearch@d77909332f
2016-02-02 10:31:21 +01:00
Ryan Ernst 7519d035a7 Switch to UserError for cli tools
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#16359

Original commit: elastic/x-pack-elasticsearch@547b3f50e0
2016-02-01 17:38:42 -08:00
Nik Everett 8fe5afd8a7 Support task status
This is the x-content buddy of https://github.com/elastic/elasticsearch/issues/16344

Original commit: elastic/x-pack-elasticsearch@db216f7b46
2016-02-01 18:18:45 -05:00
jaymode c3b6146a72 shield: clean up hack to force switching to the system user for internal action
This commit cleans up the hack we had forcefully switching the request to execute under the system
user when a internal action gets triggered from a system request. The authorization service now tracks
the originating request in the context to allow us to validate if the request should be run as the system
user.

The system user should be used only when a user action causes an internal action, which needs to
be run by the system user.

Closes elastic/elasticsearch#1403

Original commit: elastic/x-pack-elasticsearch@4972df459f
2016-02-01 14:07:15 -05:00
uboness c9d54c0c83 Cleanup and refactoring
- removed `/_shield/roles` and `/_shield/users` endpoints (only keeping the singular forms)
 - fixed `ClearRealmsCacheTests` to use the correct endpoint for clearing the realms cache
 - used action name constants where possible in `InternalShieldUser`

Original commit: elastic/x-pack-elasticsearch@d1481de389
2016-02-01 19:51:43 +01:00
Ryan Ernst 3893ad9c5f Merge branch 'master' into remove_multicast
Original commit: elastic/x-pack-elasticsearch@7d107e88fc
2016-02-01 07:26:21 -08:00
uboness 96b2930ac7 Cleanup and refactoring
- Moved all role action classes to live under `o.e.s.action.role`
 - Moved all realm related action classes (for now just the clear cache) to live under `o.e.s.action.realm`
 - Moved all user action classes to live under `o.e.s.action.user`
 - Moved all the rest actions to live under `o.e.s.rest.action`
 - Changed the `clear role cache` endpoint to `/_shield/role/{id}/_clear_cache` (aligned with all other role endpoints)
 - Changed `InternalShieldUserHolder` to the `InternalShieldUser` singleton user... to be aligned with `InternalMarvelUser` and `InternalWatcherUser`.
 - Removed the dedicated audit log user. The new `InternalShieldUser` is now the user that manages and writes to the audit log indices
 - Extracted the `User.System` class to a top level `InternalSystemUser` class (to be aligned with the other internal user classes)
 - Removed the `SystemRole` class (the `InternalSystemUser` class now holds all the needed info/logic)

Original commit: elastic/x-pack-elasticsearch@cf82b257d1
2016-02-01 13:08:38 +01:00
Alexander Reelsen c226590e77 Watcher tests: Fix imports resulting in checkstyle exceptions
Original commit: elastic/x-pack-elasticsearch@1e55ca7bf1
2016-02-01 11:14:30 +01:00
Simon Willnauer 2698441770 Fix test compilation failures
Original commit: elastic/x-pack-elasticsearch@5d166a63fa
2016-02-01 10:54:18 +01:00
Simon Willnauer 9c0ae6411c Fix test compilation failures
Original commit: elastic/x-pack-elasticsearch@303df9b9dd
2016-02-01 10:51:49 +01:00
Boaz Leskes d27b9b4b41 Migrate the rest of NettyTransport settings to the new infra
Also does some consistency clean up, renaming trasnport.netty.* settings to transport.*

Closes elastic/elasticsearch#1397

Relates to https://github.com/elastic/elasticsearch/pull/16307

Original commit: elastic/x-pack-elasticsearch@4a128ff68c
2016-02-01 10:41:16 +01:00
Alexander Reelsen 0fe7716459 HttpClient: Prevent NPE when no path is specified
Original commit: elastic/x-pack-elasticsearch@47f26a5850
2016-02-01 10:37:51 +01:00
Simon Willnauer 6287a1300a Catch IOExcption after core change
Original commit: elastic/x-pack-elasticsearch@1fa5a3dc82
2016-02-01 10:27:33 +01:00
Alexander Reelsen 4a686f04cf Watcher: Do not encode URLs in HttpClient
When using a path like `"/<logstash-{now%2Fd}>/_search"` in the
http webhook. The already escaped slash (%2F) got escaped twice
and thus did not work any more.

The escaping happened when the code created an URI and was done
as part of that constructor. This is now switched to an URL (which
is used at the end anyway) which does not do the escaping, even though
this was required for the query string, which is now done when constructing.

Closes elastic/elasticsearch#1364

Original commit: elastic/x-pack-elasticsearch@861b6d2378
2016-02-01 09:19:07 +01:00
Ryan Ernst 131fd679b9 Remove multicast references
Xplugins side of elastic/elasticsearch#16326

Original commit: elastic/x-pack-elasticsearch@10d3ec2ebb
2016-01-31 17:44:18 -08:00
Jason Tedor e13a5e695a Uppercase ells ('L') in long literals
This commit removes all lowercase ells ('l') in long literals because
they are often hard to distinguish from the digit representing one
('1').

Closes elastic/elasticsearch#1414

Original commit: elastic/x-pack-elasticsearch@98b38705fb
2016-01-30 22:18:02 -05:00
Tanguy Leroux 970c95b6a8 Marvel: various tests fixes
Two regressions have been introduced in elastic/x-pack@156d9e4d5b: marvel index templates should not be deleted between tests and checking for marvel indices existence should not fail with IndexNotFoundException when the indices are not yet created and Shield enabled.

closes elastic/elasticsearch#1396 elastic/elasticsearch#1394 elastic/elasticsearch#1382

In MultiNodesStatsTests.java, multiple nodes are started in async: the first node may collect marvel data multiple times when the last one just started. So we should not check for exact 1 doc per node but at least 1 doc per node.

closes elastic/elasticsearch#1370

In HttpExporterTemplateTests.java, we must compare a long count with a long value.

Original commit: elastic/x-pack-elasticsearch@732fef995a
2016-01-29 17:25:07 +01:00
Alexander Reelsen 4e1d44110b Marvel: Fix compilation issues in tests
Original commit: elastic/x-pack-elasticsearch@9ffc4c501b
2016-01-29 15:15:25 +01:00
Alexander Reelsen 7147354525 Marvel: Fix compilation problem
Original commit: elastic/x-pack-elasticsearch@4db33fc6ab
2016-01-29 15:12:18 +01:00
Alexander Reelsen 8635d264ae Shield: Give native stores possibility to exit poller loop
Similar to the lifecycle services, stopping the shield lifecycle should
also ensure that the poller threads are stopped, which is tricky, in case
they run through huge user/role lists.

Original commit: elastic/x-pack-elasticsearch@7a48f19853
2016-01-29 10:16:15 +01:00
Ali Beyad e2feb61297 IndexStatsTests.testIndexStats awaits a fix on elastic/elasticsearch#1396
Original commit: elastic/x-pack-elasticsearch@0db738f324
2016-01-28 17:32:53 -05:00
jaymode 4b6ac7ceb8 shield: restore non-empty original contexts
Restoring empty contexts causes issues with searches, but failure to restore the
original context when executing index requests that auto-create results in a
the index operation being tried by the system user.

See elastic/elasticsearch#1380

Original commit: elastic/x-pack-elasticsearch@522f857de7
2016-01-28 14:07:59 -05:00
jaymode 1b4bac8203 shield: only restore the original if we forcefully replaced it
Original commit: elastic/x-pack-elasticsearch@347a4dba3f
2016-01-28 12:50:46 -05:00
Tanguy Leroux 19545596cf Marvel: Fix NodeStatsRendererTests and NodeStatsTests on Windows
Load average is not available anymore on Windows, the tests should not check the presence of the field. Also, "node_stats.json" file is hard to maintain and quite useless so this commit removes it.

Original commit: elastic/x-pack-elasticsearch@74d2e0dce6
2016-01-28 16:59:05 +01:00
jaymode 75894e6b38 shield: also restore original context to transport handlers
See elastic/elasticsearch#1380

Original commit: elastic/x-pack-elasticsearch@afbd964f18
2016-01-28 10:54:45 -05:00
jaymode 9c080681d8 shield: restore the original context when the listener is called
Also, restores running the watcher tests.

See elastic/elasticsearch#1380

Original commit: elastic/x-pack-elasticsearch@0e0c748c04
2016-01-28 09:48:26 -05:00
Boaz Leskes 0b73e3ef33 Update to incorporate changes made in Netty settings in elasticsearch elastic/elasticsearch#16200
Original commit: elastic/x-pack-elasticsearch@0e54a24519
2016-01-28 15:24:59 +01:00
Boaz Leskes dfb9068e33 Update Index usage to elasticsearchelastic/elasticsearch#16217
elasticsearchelastic/elasticsearch#16217 changed the Index class to also include index UUIDs . This commit adapts the code for it.

Closes elastic/elasticsearch#1377

Original commit: elastic/x-pack-elasticsearch@87c909c15a
2016-01-28 08:38:44 +01:00
jaymode 4012b4c7c6 test: mute watcher tests for now until. See elastic/elasticsearch#1380
Original commit: elastic/x-pack-elasticsearch@f8d9053ef6
2016-01-27 18:14:11 -05:00
jaymode 634b3edf4e only set the client instance once in the proxy
Original commit: elastic/x-pack-elasticsearch@55eb6288db
2016-01-27 14:24:41 -05:00
jaymode 7645698070 go back to setting the shield user header
Original commit: elastic/x-pack-elasticsearch@0921bd27a9
2016-01-27 13:48:51 -05:00
jaymode dcf9074c4f fix compile after change to Client settings in core
Original commit: elastic/x-pack-elasticsearch@ab069484a6
2016-01-27 12:33:35 -05:00
Jay Modi d587ace5f1 Merge pull request elastic/elasticsearch#1374 from jaymode/request_context
replace ContextAndHeaders with ThreadContext

Original commit: elastic/x-pack-elasticsearch@469ab3f5a1
2016-01-27 11:30:00 -05:00
jaymode ee7a109827 add comments about client wrapping and add ClientWithUser
Original commit: elastic/x-pack-elasticsearch@472c6dbd80
2016-01-27 10:16:14 -05:00
jaymode ed7c4273c3 test: remove check in ClearRolesCacheTests that is prone to failure
This removes a check in the ClearRolesCacheTests that is prone to failure due to the
possibility of the cache poller running while we modify documents and updating cached
values prior to the test issuing the get roles call.

See elastic/elasticsearch#1354

Original commit: elastic/x-pack-elasticsearch@ba0b803466
2016-01-27 09:25:59 -05:00
jaymode e82c969959 migrate from ContextAndHeaders to ThreadContext
This change migrates all of the xpack code to use the new ThreadContext when
dealing with headers and context data. For the most part this is a simple
cutover, but there are some things that required special casing. The internal
actions that executed by a user's requests need to forcefully drop the context
and set the system user. The workaround for this will be improved in a followup.
Additionally, the RequestContext still lives on due to the OptOutQueryCache,
which requires some core changes to fix this issue.

Original commit: elastic/x-pack-elasticsearch@87d2966d93
2016-01-27 08:02:01 -05:00
Jason Tedor d02ddece8f Merge pull request elastic/elasticsearch#1375 from jasontedor/script-settings
Script settings

Original commit: elastic/x-pack-elasticsearch@a2f4da6784
2016-01-27 06:54:24 -05:00
Simon Willnauer 6c290d22c1 Fix renamed constant
Original commit: elastic/x-pack-elasticsearch@709cd849b2
2016-01-27 11:55:15 +01:00
Adrien Grand 11125797bc Fix mapping definitions.
Original commit: elastic/x-pack-elasticsearch@609f12602e
2016-01-27 09:26:05 +01:00
Jason Tedor 8eb97c5509 Script settings
This commit is the x-plugins side of the refactoring of script settings.

Relates elastic/elasticsearchelastic/elasticsearch#16197

Original commit: elastic/x-pack-elasticsearch@4c429933b9
2016-01-26 21:13:29 -05:00
Areek Zillur 4586ca2e06 [TEST] ensure later license issue date
Original commit: elastic/x-pack-elasticsearch@fcedb7ae18
2016-01-26 15:49:01 -05:00
Jason Tedor 19c87bd143 Add Groovy closure Watcher test
This commit adds an integration test for Watcher that tests Groovy
closures.

Closes elastic/elasticsearch#1362, relates elastic/elasticsearchelastic/elasticsearch#16196

Original commit: elastic/x-pack-elasticsearch@1a6b1a3e07
2016-01-26 13:04:36 -05:00
jaymode 3fdf9ad390 test: use the correct stop watcher url
Original commit: elastic/x-pack-elasticsearch@6fa81079bb
2016-01-26 10:22:33 -05:00
Martijn van Groningen 39a56202cf test: added ingest actions
Original commit: elastic/x-pack-elasticsearch@102751aa5f
2016-01-26 14:20:29 +01:00
jaymode 8d67195ffc test: add additional logging to debug ClearRolesCacheTests CI failures
See elastic/elasticsearch#1354

Original commit: elastic/x-pack-elasticsearch@a7cbf5e08c
2016-01-25 14:38:17 -05:00
uboness 978996e088 cleanup shield's `Privilege` and `Permission` constructs
- broke down these classes to multiple top level classes
- also `Role` is not a top level class

Original commit: elastic/x-pack-elasticsearch@8900f869e1
2016-01-25 12:54:04 +01:00
uboness 8781990ca8 fix build - compilation
Original commit: elastic/x-pack-elasticsearch@7508ed0c38
2016-01-22 18:36:53 +01:00
markharwood 03944c9a95 Settings - change over to o.e.common.settings.Setting for http.enabled setting
Original commit: elastic/x-pack-elasticsearch@3b551a6fb6
2016-01-22 14:56:38 +00:00
javanna 80aa3e29dd [TEST] the jvm flag is not returned anymore as site plugins support has been removed
Original commit: elastic/x-pack-elasticsearch@f02a42aed6
2016-01-22 14:33:55 +01:00
uboness 617c51cc86 fix build (settings cannot be prefixed with `.`)
Original commit: elastic/x-pack-elasticsearch@62178e1e82
2016-01-21 11:50:53 +01:00
Tanguy Leroux e6832e5881 Marvel: Fix MultiNodesStatsTests
Closes elastic/elasticsearch#960

Original commit: elastic/x-pack-elasticsearch@969f22fcf7
2016-01-21 10:31:47 +01:00
Tanguy Leroux d4afcf4e4e Marvel: Fix CleanerServiceTests when setting is equal to 0
closes elastic/elasticsearch#1319

Original commit: elastic/x-pack-elasticsearch@2dd8d61376
2016-01-21 09:36:28 +01:00
Simon Willnauer 01bc1f4124 Pass identity function as a client wrapper #Relates to elastic/elasticsearchelastic/elasticsearch#16101
Original commit: elastic/x-pack-elasticsearch@5eff4b440b
2016-01-20 09:39:37 +01:00
Simon Willnauer a30c6c2780 Add generic type and suppress warnings to test
Original commit: elastic/x-pack-elasticsearch@b454af89bd
2016-01-20 09:21:05 +01:00
jaymode 471ee7d867 shield: add rest API spec for authenticate api
Original commit: elastic/x-pack-elasticsearch@3dcfd5549b
2016-01-19 12:51:42 -05:00
Simon Willnauer 8831a880b1 Upgrade to new index settings infrastructure
As of elastic/elasticsearchelastic/elasticsearch#16054 all index level settings
must be registered and use the new settings infrastructure. This commit
prepares for the merge to provide a smooth transition.

Original commit: elastic/x-pack-elasticsearch@bc0a4fec07
2016-01-19 12:03:11 +01:00
Adrien Grand fedfdde216 Fix compilation after elastic/elasticsearchelastic/elasticsearch#16059.
Original commit: elastic/x-pack-elasticsearch@60e083a739
2016-01-19 09:32:52 +01:00
Robert Muir e24dfe2c3e don't depend on localhost
Original commit: elastic/x-pack-elasticsearch@e3c03fcb27
2016-01-18 19:51:00 -08:00
Ryan Ernst 80617ab39e Test: Make rest tests extend ESTestCase
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#16070.

Original commit: elastic/x-pack-elasticsearch@57d1a9108b
2016-01-18 16:44:56 -08:00
Lee Hinman da3d7177be Add Shield HTTP APIs for users and roles
Relates to elastic/elasticsearch#33

Original commit: elastic/x-pack-elasticsearch@a0942c9334
2016-01-18 16:21:22 -07:00
Nik Everett 1feea91734 Merge pull request elastic/elasticsearch#1235 from nik9000/more_remove_inject
Stop building query parsers with guice

Original commit: elastic/x-pack-elasticsearch@c621cfc94d
2016-01-18 17:40:04 -05:00
Jason Tedor 69ee9d77ad Reflect upstream load average change
This commit addresses the handling of load averages in Marvel due to
upstream changes in core Elasticsearch where the load average field was
changed from an array to an object.

Original commit: elastic/x-pack-elasticsearch@9ea57968bb
2016-01-18 15:50:17 -05:00
Nik Everett d713f203ad Fix compilation error after core shifted
Core is slowly removing raw types. Slowly. And one such removal broke shield.

Original commit: elastic/x-pack-elasticsearch@aa1b668c63
2016-01-18 10:37:39 -05:00
Tanguy Leroux 9e4686536a Marvel: Map renderers by object class rather than by name
Original commit: elastic/x-pack-elasticsearch@8f6dd0c530
2016-01-18 15:12:42 +01:00
Tanguy Leroux a30b894166 Marvel: Check that document count is the same on all data nodes
closes elastic/elasticsearch#1214

Original commit: elastic/x-pack-elasticsearch@1cf352fa3b
2016-01-15 10:51:16 +01:00
javanna 389b2be08a [TEST] blacklist get aliases test against closed indices
Shield expands wildcards to concrete names (aliases or indices) before each request gets executed in es core. It never resolves aliases to concrete indices though, as permissions may be set against aliases rather than indices. During this resolution, it also looks at the state of the indices and the current indices options (expand_wildcards) to expand only to indices with the relevant state. When it comes to aliases though, they may point to multiple indices each one having a different state, so it always expands ignoring expand_wildcards. At that point the request will contain the explicit name of the alias, no wildcards, thus the expand_wildcards option will have no effect in core. ignore_unavailable could be used instead when interacting with shield, which would affect how aliases are resolved to multiple indices. In this case we can only blacklist the test in shield, as it will return both the closed index and the open one.

Original commit: elastic/x-pack-elasticsearch@54c11dfc31
2016-01-14 17:20:23 +01:00
javanna af60f45c4a fix failing DefaultIndicesResolverTests due to upstream change
get aliases api returns now closed indices too by default

Original commit: elastic/x-pack-elasticsearch@d97e18cd71
2016-01-14 15:04:58 +01:00
Alexander Reelsen 9aa5c0ba62 Tests: Disabling Watcher in LdapUserSearchSessionFactoryTests
Due to lingering threads when shutting down when running this in CI
this disables watcher in this tests. It is really hard to reproduce
to get the correct order of start/stop. The reason here is, that watcher
is still starting and not finished, when stop is called on the plugin.

Original commit: elastic/x-pack-elasticsearch@2de85bcba6
2016-01-13 18:29:30 +01:00
Daniel Mitterdorfer 5a9289d777 Correct load average structure for NodeStatsRendererTests
In elastic/elasticsearchelastic/elasticsearch#15907, we changed the load average
structure to also include 5 and 15 minute load averages. This
commit adjusts the expected JSON structure for
NodeStatsRendererTests.

Original commit: elastic/x-pack-elasticsearch@59f6a1e9d9
2016-01-12 08:29:51 +01:00
Nik Everett b94670acc0 Remove serialVersionUID
It doesn't do anything and Elasticsearch will likely ban using it.

Original commit: elastic/x-pack-elasticsearch@c243c913c4
2016-01-11 13:34:05 -05:00
Simon Willnauer 07a4146068 Fix import after IndexingOperationListeners infrastructure cleanup in elasticsearch/15875
Original commit: elastic/x-pack-elasticsearch@aa1bc847eb
2016-01-10 20:23:33 +01:00
jaymode 94ce98ad9f always debug the user dn role mapping
When debugging role mapping it is useful to know the actual user DN, which is only logged
when something is actually mapped to the DN. Since this is logged at debug level, we should
always log it.

Original commit: elastic/x-pack-elasticsearch@b690c757d3
2016-01-08 14:32:22 -05:00
Jason Tedor 2b5c28242d Remove use of j.u.c.ThreadLocalRandom
This commit removes all uses of java.util.concurrent.ThreadLocalRandom
across the codebase.

Original commit: elastic/x-pack-elasticsearch@eca3701357
2016-01-08 12:21:30 -05:00
Nik Everett 2d50c77717 Merge pull request elastic/elasticsearch#1258 from nik9000/unneeded_suppress
Remove unneeded SuppressWarnings

Original commit: elastic/x-pack-elasticsearch@1c20a8c3fc
2016-01-08 11:21:28 -05:00
jaymode c5592ee3be add the ability to utilize load balancing and failover for ldap
Previously we only exposed the use of a single URL for LDAP realms, while the code supported
multiple URLs. Internally we always used a failover server set, which would have provided failover
to another LDAP server if multiple existed. This change introduces a new setting `load_balance.type`
on the realm that indicates the type of load balancing. Valid options are:

* `failover` - the first server in the list will be used until it fails and then additional servers will be tried until
one succeeds. The first successful server will be used from now on. This is the default.
* `round_robin` - continuously iterates through the list of servers for each new connection. If a server is down,
the iteration will continue until a successful connection is made. The downfall here is that the list does not
get reordered on a down server, so there is overhead for always trying the servers in order.
* `dns_failover` - This server set takes a single URL that uses a DNS that will resolve to multiple IP addresses.
Connections will be consistently attempted to servers in the order they are retrieved from the name service; there
is no re-ordering and the first successful connection will be used.
* `dns_round_robin` - This server set takes a single URL that uses a DNS that will resolve to multiple IP addresses.
The addresses retrieved from the name service will connected to in the same order as `round_robin`.

Closes elastic/elasticsearch#31

Original commit: elastic/x-pack-elasticsearch@9ce9a1bf23
2016-01-07 09:14:41 -05:00
Alexander Reelsen f68f9aa268 Watcher: Fix test failure by ensuring non-null argument for equality check
Original commit: elastic/x-pack-elasticsearch@b811dcdf7e
2016-01-07 15:09:38 +01:00
Alexander Reelsen 39403028db Watcher: Added missing equals/hashcode methods to EmailAttachments
In order to correctly check for equality in an EmailAction, all the email
attachments have to implement equals/hashCode methods.

This has already been added to the 2.x branch in elastic/x-pack@ebde22507f

Original commit: elastic/x-pack-elasticsearch@bb980ea934
2016-01-07 14:25:51 +01:00
Tanguy Leroux cdb3869b1b Marvel: Do not collect data in SecuredClientTests
closes elastic/elasticsearch#1242

Original commit: elastic/x-pack-elasticsearch@cd8f8ce2fa
2016-01-07 11:58:36 +01:00
Alexander Reelsen 75ab4f9470 Watcher: Allow for external email attachments
This feature is mainly done for the integration with the commercial reporting, but can be used
for anything else as well.

This adds a `attachments` to the email configuration, which can be used like this

```
"attachments" : {
  "some_id" : {
    "http" : {
      "request" : {
        "url" : "http://example.org/foo.pdf"
      }
    }
  },
  "other_id" : {
    "data" : {
      "format" : "json"
    }
  }
}
```

The main reason to pick this format is extensibility. If we would like to support another
attachment type, like an file reader, we could do so easily from an API point of view.

Closes elastic/elasticsearch#870

Original commit: elastic/x-pack-elasticsearch@66d14be965
2016-01-07 10:49:13 +01:00
Adrien Grand 2bab66dcb5 Remove warmers from the known actions.
Original commit: elastic/x-pack-elasticsearch@325f77518f
2016-01-07 10:30:35 +01:00
Tanguy Leroux 54215200ba Marvel: HttpExporter should not clean indices
This commit removes the current implementation in HttpExporter so that it does not automatically clean indices anymore.

Original commit: elastic/x-pack-elasticsearch@7d30338355
2016-01-07 10:05:02 +01:00
Tanguy Leroux 57b7c7eb85 Marvel: Automatic deletion of expired timestamped indices
closes elastic/elasticsearch#1057

Original commit: elastic/x-pack-elasticsearch@6cf24a0a0d
2016-01-07 10:05:02 +01:00
Alexander Reelsen 080c2afc55 Watcher: Allow execute Watch API fields in request params
In order to have a shortcut for the execution of a watch and
specifying the record_execution and ignore_condition booleans,
so are now supported in the HTTP request parameters as well.

Closes elastic/elasticsearch#918

Original commit: elastic/x-pack-elasticsearch@bed5da40b7
2016-01-07 10:00:11 +01:00
Nik Everett 38dcbc50b6 Remove unneeded SuppressWarnings
Original commit: elastic/x-pack-elasticsearch@46d86d555e
2016-01-06 20:07:27 -05:00
Alexander Reelsen 9108001c73 Watcher: Remove pre 2.0 compatibility code
This code is not needed anymore in any 2.x version.

Original commit: elastic/x-pack-elasticsearch@8346b0120e
2016-01-06 17:25:13 +01:00
Martijn van Groningen 996a9a9891 shield: add percolator query terms fields to the allowed fields if FLS is enabled
Fixes issue that came from upstream change elastic/elasticsearch#13646

Original commit: elastic/x-pack-elasticsearch@53f796c9c3
2016-01-06 17:04:59 +01:00
Martijn van Groningen 6f2208cc86 test: upstream changes for elastic/elasticsearch#13646
Original commit: elastic/x-pack-elasticsearch@0b2bff1b06
2016-01-06 16:09:25 +01:00
Alexander Reelsen 9709036024 Watcher: Adding PagerDuty Action
* This action enables sending notifications to pager duty services.
* Utilizes pager duty's REST API
* Similar to the `email`, `hipchat` and `slack` actions, multiple `pagerduty` accounts can be configured, each with its own Service API key
* A `pagerduty` account is roughly mapped to a service in your pagerduty service.
* `pagerduty` actions are associated with an account, or if not, their events will be sent via the default account.
* An incident can be acknowledged, resolved or triggered

Closes elastic/elasticsearch#492

Original commit: elastic/x-pack-elasticsearch@72cc21d119
2016-01-06 08:58:46 +01:00
Nik Everett de12d4b58d Stop building query parsers with guice
This is the fallout from
https://github.com/elastic/elasticsearch/pull/15761

Original commit: elastic/x-pack-elasticsearch@9509feb310
2016-01-05 13:53:40 -05:00