Commit Graph

85 Commits

Author SHA1 Message Date
javanna 4bb6e856f3 Authorize composite actions based on their action name only, subrequests and their indices will be later authorized individually
Eagerly authorizing CompositeIndicesRequests allowed the security plugin to fail fast up until now, but it makes it very hard to reason about each specific item in a multi items request. Either all items fail, or none do. We would rather want to adopt a similar behaviour to es core, where individual items fail without affecting other items that are part of the same request. We can rely on the fact that es core always authorizes both main action and every subaction too, and skip authorization for the main action. By subaction we mean either all sub search requests in msearch, as well as each shard level get in mget or shard level bulk request for bulk.

 BulkRequestInterceptor was converted to intercept BulkShardRequests rather than BulkRequest as that is where bulk is authorized after this change.

 Split IndicesAndAliasesResolverIntegrationTests into ReadActionsTests and WriteActionsTests as they require different set of permissions, lots of tests added.

Explicitly listing the composite actions makes sure that the actions that can bypass security are known, somebody adding a similar action must to add it to the list, so we know it doesn't happen by mistake. At this point the CompositeIndicesRequest can be used as a marker interface only (it is not really needed but can be used to verify that composite actions use a request that implements such interface).

Given that we don't authorize composite actions based on their indices anymore, but only their sub-requests which implement IndicesRequest, printing out the indices names in the audit log for requests like bulk and msearch is confusing. Removed support for that.

Authorize composite indices actions based on their name only, their indices will be authorized at the sub-request/shard level

Rather than simply granting bulk, mget, msearch etc. and relying on authorization at the sub-request/shard level, we check that the current user can at least execute the action. This justifies the grant line that gets written in the audit log, the action is potentially possible without looking at the indices. Each specific item will fail or succeed later and will yield its own specific audit log entry.

Original commit: elastic/x-pack-elasticsearch@4570caf019
2016-10-13 16:05:02 +02:00
javanna d27c4bee82 Support allowNoIndices option in security plugin
Supporting allowNoIndices means that the security plugin has a behaviour much more similar to vanilla es when dealing with wildcard expressions that match no indices, or empty clusters. The default for most request is to allow no indices, but security plugin could only disallow no indices all the time up until now.

The technical problem was that when anything gets resolved to an empty set of indices, we couldn't let that go through to es core, as that would become resolved to all indices by es core, which would be a security hole. We have now found a way though to replace an empty set of indices with something that es core will for sure resolve to no indices, so we can let the request through. We simply replace empty indices with '-*'.

Multi apis requests (e.g. _msearch) have yet to be fixed, as all their indices end up in the same bucket while they should each be authorized separately, so that every specific item can fail or be let through.

Original commit: elastic/x-pack-elasticsearch@0f67a0bfea
2016-10-13 16:05:02 +02:00
javanna 9b46b34bed Honour ignore_unavailable option when resolving indices
For all the requests that support multiple indices and wildcards, hence implementing IndicesRequest.Replaceable, we replace the wildcard expressions with the explicit names of the authorized indices they match. _all or empty indices is treated as a wildcard expression. We can also honour the ignore_unavailable option by going over all the explicit names and filter out the non authorized ones when ignore_unavailable is set to true. If ignore_unavailable is set to false, we leave everything as-is, which will cause an authorization exception to be thrown if only one of those explicit indices is not authorized for the current user.

This is the first step towards resolving elastic/elasticsearch#1250. The remaining issue is that in case we are left with no indices after stripping out the ones that the user is not authorized for, we throw an authorization exception rather than returning an empty response. That will require honouring the allow_no_indices option, which will also change the behaviour when a cluster is empty.

Relates to elastic/elasticsearch#1250

Original commit: elastic/x-pack-elasticsearch@e4ca940d05
2016-10-13 16:05:02 +02:00
Alexander Reelsen 8b83cf067c Watcher: Ensure awesome painless exceptions are propagated to the user (elastic/elasticsearch#3707)
When adding a watch which has a painless component, the scriptexception
was wrapped into a deprecated exception which means, that the awesome
painless descriptions were lost. This wrapping has been removed.

Closes elastic/elasticsearch#3161

Original commit: elastic/x-pack-elasticsearch@1703fe4eb6
2016-10-12 08:14:06 +02:00
Nik Everett 6e31ab8d99 Skip a new template rest test
It isn't compatible with security.

Relates to elastic/elasticsearch#20658

Original commit: elastic/x-pack-elasticsearch@33df690341
2016-10-11 12:30:45 -04:00
Tanguy Leroux 2e7b7be25c Watcher: Re enable array compare test (elastic/elasticsearch#3708)
This test has been blacklisted and deactivated months ago. This commit reenables this test and moves it at the right place. It also change the test to use the Execute Watch API instead of being sleep based.

Original commit: elastic/x-pack-elasticsearch@e7a9689375
2016-10-11 10:25:40 +02:00
Simon Willnauer 2f70ae92b6 Cut over to MockTcpTransport since LocalTransport is remove in core (elastic/elasticsearch#3684)
This is a followup commit to elastic/elasticsearchelastic/elasticsearch#20695

Original commit: elastic/x-pack-elasticsearch@27cd454ba6
2016-10-07 11:28:05 +02:00
Ryan Ernst 1fa0f835fe Build: Reorganize src roots
This change flattens the directory structure, both for the elasticsearch
specific directories, as well as within the elasticsearch x-pack plugin.

closes elastic/elasticsearch#2957

Original commit: elastic/x-pack-elasticsearch@45891a4632
2016-10-01 09:46:43 +02:00
Ryan Ernst 905237a56f Moved directories around
Original commit: elastic/x-pack-elasticsearch@2018bb5f9f
2016-09-29 12:03:14 +02:00
jaymode e5b0e7f5cb reorganize directory layout
See elastic/elasticsearch#1022

Original commit: elastic/x-pack-elasticsearch@3ee8761312
2015-12-03 16:22:37 +01:00
Robert Muir 9df905ff19 Simplify SSL test to not use openssl.
I think the intent here is to just test that our SSL layers work,
not invoke a long chain of keytool + openssl commands.

This simplifies the build and will work on windows.

Original commit: elastic/x-pack-elasticsearch@af07d0d4f7
2015-11-30 09:28:16 -05:00
Robert Muir 8a22ba0a08 smoke-test-plugins-ssl shoudl check if openssl is available
Today some jenkins servers dont have it (e.g. windows), and it constantly fails...

Original commit: elastic/x-pack-elasticsearch@6b561c73e0
2015-11-30 08:42:25 -05:00
javanna 171179d91f [TEST] non stored fields are not returned anymore via fields
Relates to https://github.com/elastic/elasticsearch/issues/14489

Original commit: elastic/x-pack-elasticsearch@2897dc5df7
2015-11-30 12:12:31 +01:00
Ryan Ernst a67aebc9fc Build: Remove hack to touch keystore before it is created
This will be fixed in ES with elastic/elasticsearchelastic/elasticsearch#15089

Original commit: elastic/x-pack-elasticsearch@55b42a7ad4
2015-11-28 18:07:37 -08:00
Daniel Mitterdorfer ad697c077e Reenable SSL smoke tests
Original commit: elastic/x-pack-elasticsearch@1969c6d020
2015-11-27 17:25:51 +01:00
Daniel Mitterdorfer b9b39efac8 Disable SSL integration tests temporarily
We disable SSL integration tests as  a workaround for
https://github.com/elastic/infra/issues/628 to ensure
other problems can still be caught.

Original commit: elastic/x-pack-elasticsearch@47bf56faec
2015-11-27 10:23:03 +01:00
Ryan Ernst 660ac633a6 Merge pull request elastic/elasticsearch#1043 from rjernst/remove_ant_contrib
Build: Simplify ssl test to not use ant

Original commit: elastic/x-pack-elasticsearch@14d41f6fc1
2015-11-25 11:28:46 -08:00
Ryan Ernst 59a10e6309 Build: Simplify ssl test to not use ant
This change ports the tasks from the ssl ant build file into gradle tasks.

Original commit: elastic/x-pack-elasticsearch@af88196050
2015-11-25 11:23:26 -08:00
Robert Muir ae24881484 Move disabled watcher+groovy "unit" tests to qa/messy-test-watcher-with-groovy
This is all the tests disabled from https://github.com/elastic/x-plugins/issues/724

At least, they will be running in the build in some way. If we can fix gradle to
add plugin metadata from lang-groovy to the test classpath, security manager
can be re-enabled for these as well.

But its also only 8 tests, maybe its easier to fix them?

Original commit: elastic/x-pack-elasticsearch@a5c407b80f
2015-11-25 13:29:00 -05:00
Robert Muir 7ed4ea56b2 re-enable smoke-test-plugins with ssl
Note, its a bit crazy/hackish, but it works.

Original commit: elastic/x-pack-elasticsearch@377113c1c2
2015-11-24 23:19:04 -05:00
Robert Muir 140a399dfb Merge pull request elastic/elasticsearch#1033 from rmuir/enable_shield_example_realm_qa
re-enable shield example realm QA test

Original commit: elastic/x-pack-elasticsearch@73177eacc8
2015-11-24 20:12:47 -05:00
Robert Muir ac898ef4f3 re-enable shield example realm QA test
Original commit: elastic/x-pack-elasticsearch@98fd46f3aa
2015-11-24 20:10:46 -05:00
Ryan Ernst 66f3d18af0 Build: Add back smoke test plugins for xplugins
This checks that all ES plugins and xplugins are installed. I also
changed the rest check to be a simple plugin count, so it does not fail
when new plugins are added.

Original commit: elastic/x-pack-elasticsearch@eaab182e43
2015-11-24 17:09:56 -08:00
Robert Muir f0c0f75dbd Merge pull request elastic/elasticsearch#1031 from rmuir/shield_audit_qa
add back shield audit qa tests

Original commit: elastic/x-pack-elasticsearch@ce1e637b5f
2015-11-24 19:44:05 -05:00
Robert Muir 71d50ec058 add back shield audit qa tests
Original commit: elastic/x-pack-elasticsearch@f34b2c99e9
2015-11-24 19:41:50 -05:00
Ryan Ernst 19b7cad39c Build: Add back shield client qa tests
Original commit: elastic/x-pack-elasticsearch@6cecea3992
2015-11-24 16:40:05 -08:00
Ryan Ernst f96a6700c4 Build: Remove hack in shield+watcher rest test for copying config file
Original commit: elastic/x-pack-elasticsearch@e31ef685d0
2015-11-24 16:13:22 -08:00
Robert Muir 4b35407510 re-enable smoke-test-watcher-with-shield qa test
Original commit: elastic/x-pack-elasticsearch@2710eb67ef
2015-11-24 18:49:15 -05:00
Robert Muir a4f596b204 get watcher+groovy QA test working again (without hack)
Original commit: elastic/x-pack-elasticsearch@843a5ea6e4
2015-11-24 17:41:21 -05:00
Ryan Ernst 4f44ccedb5 Build: Simplify plugin installs for integTests
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#14986, making use of
the simplification in configuration.

Original commit: elastic/x-pack-elasticsearch@a24ad7b08a
2015-11-24 12:54:11 -08:00
Ryan Ernst b011490320 Add more retries for wait condition, in case jenkins is slow
Original commit: elastic/x-pack-elasticsearch@04e5648cd9
2015-11-24 08:24:57 -08:00
Ryan Ernst 9da4b6160c Build: Get shield qa test with core rest tests working
This adds back the shield qa rest tests module with gradle. There is
also a small fix in ShieldPlugin for a bug that was discovered around
checking for a custom query cache (which was using the node settings
instead of index settings).

Original commit: elastic/x-pack-elasticsearch@28c6d58f37
2015-11-24 01:05:21 -08:00
Robert Muir cfb77bf572 Remove confusing pom.xml files
Original commit: elastic/x-pack-elasticsearch@772a1eb5d3
2015-11-05 10:39:28 -05:00
jaymode bb6fe2abcd test: re-sync the smoke test plugins lists with core
Original commit: elastic/x-pack-elasticsearch@ba45f84d97
2015-10-27 09:48:31 -04:00
jaymode 203e6f4c6e add ensureYellow
Original commit: elastic/x-pack-elasticsearch@698c00dd6b
2015-10-26 16:25:50 -04:00
jaymode f4991d862a remove the ensure green
The random index template can set a number of replicas that will prevent the index
from ever being green in a single node cluster...

Original commit: elastic/x-pack-elasticsearch@81ecfe0818
2015-10-26 16:22:08 -04:00
jaymode 6a46660d40 remove unnecessary wildcards
Original commit: elastic/x-pack-elasticsearch@65bad879f6
2015-10-26 15:36:33 -04:00
jaymode 09990dbeee add a basic cluster info IT to the found qa module
Original commit: elastic/x-pack-elasticsearch@8f6334ef2b
2015-10-26 15:01:19 -04:00
jaymode dd27d9afe0 add a LicensesManagerService for found and add marvel-agent to smoke test
Original commit: elastic/x-pack-elasticsearch@8793058058
2015-10-26 14:29:52 -04:00
uboness a4c505ceb1 Changed the Marvel module name to Marvel Agent
- this results in a `marvel-agent-2.0.0.zip` artifact, to better differentiate it from the kibana marvel plugin
- post 2.0 when we move the marvel kibana codebase to x-plugins we'll need to differentiate between these two modules anyway.

Closes elastic/elasticsearch#846

Original commit: elastic/x-pack-elasticsearch@6b6a76f7dd
2015-10-21 14:03:23 +02:00
Nik Everett 8231e856c2 Remove and ban @Test
Original commit: elastic/x-pack-elasticsearch@02425ca13d
2015-10-20 18:20:46 -04:00
Alexander Reelsen f523a476e1 Tests: Change queries to reflect latest master changes (removed filter query)
Original commit: elastic/x-pack-elasticsearch@6c57eb0d1f
2015-10-16 17:03:42 +02:00
Konrad Beiske 4a780637e9 Change found-license-plugin to use standard value for install name and initial smoke test for found-license-plugin
Original commit: elastic/x-pack-elasticsearch@526c0c6da4
2015-10-13 14:00:27 -04:00
Jason Tedor b468c74401 Remove Guava as a dependency
This commit removes Guava as a dependency. Note that Guava will remain
as a test-only dependency (transitively through Elasticsearch through
Jimfs).

Relates elastic/elasticsearchelastic/elasticsearch#13224

Original commit: elastic/x-pack-elasticsearch@fe23d5f25f
2015-10-09 14:56:03 -04:00
jaymode 7b0f2628cb updates to handle renamed RenderSearchTemplateAction
Original commit: elastic/x-pack-elasticsearch@03cb49ce52
2015-10-08 09:09:00 -04:00
Robert Muir 9e9b835213 Move watcher REST tests that require groovy to smoke-test-watcher-with-groovy
See https://github.com/elastic/x-plugins/issues/724

Original commit: elastic/x-pack-elasticsearch@ab95aef8e3
2015-09-29 07:49:44 -04:00
Robert Muir 15bb2581a0 Fix compile and unit test phase by disabling unit tests with direct groovy dependencies (temporary!)
See https://github.com/elastic/x-plugins/issues/724

Original commit: elastic/x-pack-elasticsearch@27862a76cb
2015-09-29 07:06:51 -04:00
jaymode b219e9c496 remove lucene expressions from qa pom
Original commit: elastic/x-pack-elasticsearch@389cf7b564
2015-09-23 10:13:51 -04:00
Martijn van Groningen 0a807f0b1d test: fix the rest spec test resource directory location
Original commit: elastic/x-pack-elasticsearch@59b2b6923f
2015-09-17 11:52:54 +02:00
jaymode a0557e23a6 sync smoke test plugins list with core lists
Closes elastic/elasticsearch#636

Original commit: elastic/x-pack-elasticsearch@418bceef64
2015-09-16 06:47:16 -04:00