da15a66d1e
- The Permission class changed such that now there isn't a single `check` method that all permission types must implement. Instead, each permission type has its own (if at all) check method that is relevant to what the permssion is supposed to check. - Moved the indices resolving logic outside of the indices permission class to the authorization service. Also, the authroization service has all the logic on how to check each one of the indices against a compound/merged permission view over all the user's roles. This fixes a critical bug where if a user had more than one role, its permission wouldn't be checked appropriately (they were checked separately which introduced invalid results) - Cleaned up and got rid of unused code - System role is no longer implementing Permission (no need for that) - Additional tests were added with different users/roles configuration to try an capture such bugs Fixes elastic/elasticsearch#304 Original commit: elastic/x-pack-elasticsearch@5c9a581019 |
||
|---|---|---|
| .esvm-shield-config | ||
| dev-tools | ||
| src | ||
| .esvmrc | ||
| .esvmrc_active_dir | ||
| .esvmrc_open_ldap | ||
| LICENSE.txt | ||
| README.asciidoc | ||
| all-signatures.txt | ||
| core-signatures.txt | ||
| pom.xml | ||
| test-signatures.txt | ||
| tests.policy | ||
README.asciidoc
= Elasticsearch Security Plugin This plugins adds security features to elasticsearch You can build the plugin with `mvn package`. The documentation is put in the `docs/` directory.