OpenSearch

Commit Graph

Author	SHA1	Message	Date
Albert Zaharovits	69fc715bc3	Fix security origin for TokenService#findActiveTokensFor... (#47418 ) (#48280 ) All internal searches (triggered by APIs) across the .security index must be performed while "under the security origin". Otherwise, the search is performed in the context of the caller which most likely does not have privileges to search .security (hopefully). This commit fixes this in the case of two methods in the TokenService and corrects an overly done such context switch in the ApiKeyService. In addition, this makes all tests from the client/rest-high-level module execute as an all mighty administrator, but not a literal superuser. Closes #47151	2019-10-21 13:15:05 +03:00

Author

SHA1

Message

Date

Albert Zaharovits

69fc715bc3

Fix security origin for TokenService#findActiveTokensFor... (#47418 ) (#48280 )

All internal searches (triggered by APIs) across the .security index
must be performed while "under the security origin". Otherwise,
the search is performed in the context of the caller which most
likely does not have privileges to search .security (hopefully).
This commit fixes this in the case of two methods in the
TokenService and corrects an overly done such context switch
in the ApiKeyService.

In addition, this makes all tests from the client/rest-high-level
module execute as an all mighty administrator,
but not a literal superuser.

Closes #47151

2019-10-21 13:15:05 +03:00

1 Commits