Deep down buried there is an option to not only allow global
script execution, but also allow a single scripting language for
watcher only. It is time to document it as well.
Renamed this option to `script.engine.groovy.inline.xpack_watch`
to align with xpack renaming.
Closeselastic/elasticsearch#1422
Original commit: elastic/x-pack-elasticsearch@845eb5a0c0
Fix to ensure that the email attachment has a correctly set filename, which is
also now explained in the documentation.
In addition there is a check now for email attachments, that a filename can only
be specified once, otherwise an exception is thrown.
Closeselastic/elasticsearch#1503
Original commit: elastic/x-pack-elasticsearch@2a399058b3
The shield settings need to be copied down to the tribe nodes so that they are
aware of the shield configuration. Otherwise there will be issues such as SSL
not carrying over or authentication realms not being available.
Closeselastic/elasticsearch#702
Original commit: elastic/x-pack-elasticsearch@7bd7674f3e
This test assumes no modules are installed but the shield rest tests run with the modules
installed.
Original commit: elastic/x-pack-elasticsearch@2ba47fcd0f
This commit adds the logic to protect the user and roles index that we store locally
by restricting access to the internal XPack user. We need to do this in two places;
the first is when resolving wildcards and the other is when authorizing requests
made against specific indices.
Original commit: elastic/x-pack-elasticsearch@8ee0ce02db
We would previosly check if a node was a client node, we can now check it by just verifying that it is not a transport client through client_type setting.
Original commit: elastic/x-pack-elasticsearch@bddd44866e
This commit removes various constructors in monitoring documents and add a single constructeur that accepts a monitoring id and version. It also renames *Renderer classes to *Resolver and centralizes the logic of resolving the index name, type name and id in 1 place. It changes Exporter so that they use these resolvers to know in which index a given document must be indexed.
Original commit: elastic/x-pack-elasticsearch@c2349a95a6
When thinking about applications and the need to update a user, we should not need to
update the password of the user when making changes to things like roles, email, full
name, or metadata. This commit changes how we handle operations where the password
field is missing.
When the password field is missing, we try to execute an update. If the user exists, all
values for the user are updated except for the password field. If the user does not exist
and the password field is missing then a ValidationException is returned.
When the password field is present, we always issue an index request.
Closeselastic/elasticsearch#1492
Original commit: elastic/x-pack-elasticsearch@3d8a5f2db6
This commit introduces the default refresh on user and role update and delete
operations. The behavior can be controlled via the `refresh` parameter on the
REST API and the refresh option in the Java API.
Closeselastic/elasticsearch#1494
Original commit: elastic/x-pack-elasticsearch@aff4d13886
Only current timestamped indices, like .marvel-es-1-* indices should be deleted. Other indices like the ones created by pre v2.3.0 plugin versions should be kept (like .marvel-es-YYYY.MM.dd)
Original commit: elastic/x-pack-elasticsearch@b2aff31875
This commit bumps the Elasticsearch version to 5.0.0-SNAPSHOT in line
with the alignment of versions across the stack.
Relates elastic/elasticsearchelastic/elasticsearch#16862
Original commit: elastic/x-pack-elasticsearch@155641c5e4
This commit changes the behavior of combining multiple document level security queries
from an AND operation to an OR operation.
Additionally, the behavior is also changed when evaluating the combination of roles that
have document level security and roles that do not have document level security. Previously
when the permissions for these roles were combined, the queries from the roles with document
level security were still being applied, even though the user had access to all the documents.
This change now grants the user access to all documents in this scenario and the same applies
for field level security.
Closeselastic/elasticsearch#1074
Original commit: elastic/x-pack-elasticsearch@291107ec27
- Renamed `AddRoleAction/Request/Response` to `PutRoleAction/Request/Response`
- also renamed the user/roles rest actions
- Changed the returned format for `RestGetRoleAction`. Previously this endpoint returned an array of role descriptor. Now it returns an object where the role names serve as the keys for the role objects. This is aligned with other APIs in ES (e.g. index templates).
- When `RestGetRoleAction` cannot find all the requested roles, it'll return an empty object and a 404 response status
- Also cleaned up `RoleDescriptor`
Original commit: elastic/x-pack-elasticsearch@742f6e0020
DiscoveryService was a bridge into the discovery universe. This is unneeded and we can just access discovery directly or do things in a different way.
This is a complement to elastic/elasticsearchelastic/elasticsearch#16821
Closeselastic/elasticsearch#1571
Original commit: elastic/x-pack-elasticsearch@496f0c4081
- Now it's more aligned with other APIs in ES (e.g. index template API)
- the "get user" API now returns an object as a response. The users are keyed by their username. If none of the requested users is found, an empty object will be returned with a 404 response status.
- the body of "put user" request doesn't require "username" anymore (as it's defined as part of the URL)
Original commit: elastic/x-pack-elasticsearch@f7c12648b1
In case that a single email attachment cannot be downloaded, this ensures
that the whole action fails with a correct Action.Failure.
This also fixes an NPE that would occur otherwise.
Original commit: elastic/x-pack-elasticsearch@7bb042a719
This is a small fix to use specified id when sending data attachments.
The current solution always used "data".
Also a minor refactoring was made to include get the different parser impls
from the EmailAttachmentsParser instead of specifying them twice in the
EmailAction.
Closeselastic/elasticsearch#1503
Original commit: elastic/x-pack-elasticsearch@9354e83c8b
The roles parsing does not currently handle null tokens since the YAML parser
was not emitting them. With the upgrade to Jackson 2.7.1, the parser is now
emitting the null token value.
Original commit: elastic/x-pack-elasticsearch@abcad633ad
Alexander Reelsen
Tim Sullivan
Ryan Ernst
jaymode
Robert Muir
javanna
Tanguy Leroux
Lukas Olson
Adrien Grand
Martijn van Groningen
Jason Tedor
Nik Everett
uboness
Boaz Leskes