500b4ac6b9
The changes made for elastic/x-pack-elasticsearch#2369 showed that the ML security tests were seriously weakened by the decision to grant many "minimal" privileges to all users involved in the tests. A better solution is to override the auth header such that a superuser runs setup actions and assertions that work by querying raw documents in ways that an end user wouldn't. Then the ML endpoints can be called with the privileges provided by the ML roles and nothing else. Original commit: elastic/x-pack-elasticsearch@4de42d9e54 |
||
|---|---|---|
| .. | ||
| MlWithSecurityIT.java | ||
| MlWithSecurityInsufficientRoleIT.java | ||
| MlWithSecurityUserRoleIT.java | ||