Skip to content

Commit

Permalink
Fix message content in users tool (#30293)
Browse files Browse the repository at this point in the history
The elasticsearch-users utility had various messages that were
outdated or incorrect. This commit updates the output from this
command to reflect current terminology and configuration.
  • Loading branch information
tvernum committed May 3, 2018
1 parent 706f3ad commit a4d9335
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 28 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,14 @@
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.set.Sets;
import org.elasticsearch.env.Environment;
import org.elasticsearch.xpack.core.XPackField;
import org.elasticsearch.xpack.core.XPackSettings;
import org.elasticsearch.xpack.core.security.authc.support.Hasher;
import org.elasticsearch.xpack.security.authz.store.FileRolesStore;
import org.elasticsearch.xpack.core.security.authz.store.ReservedRolesStore;
import org.elasticsearch.xpack.core.security.support.Validation;
import org.elasticsearch.xpack.core.security.support.Validation.Users;
import org.elasticsearch.xpack.security.authc.file.FileUserPasswdStore;
import org.elasticsearch.xpack.security.authc.file.FileUserRolesStore;
import org.elasticsearch.xpack.security.authz.store.FileRolesStore;
import org.elasticsearch.xpack.security.support.FileAttributesChecker;

import java.nio.file.Files;
Expand All @@ -47,7 +46,7 @@ public static void main(String[] args) throws Exception {
}

UsersTool() {
super("Manages elasticsearch native users");
super("Manages elasticsearch file users");
subcommands.put("useradd", newAddUserCommand());
subcommands.put("userdel", newDeleteUserCommand());
subcommands.put("passwd", newPasswordCommand());
Expand Down Expand Up @@ -82,7 +81,7 @@ static class AddUserCommand extends EnvironmentAwareCommand {
private final OptionSpec<String> arguments;

AddUserCommand() {
super("Adds a native user");
super("Adds a file user");

this.passwordOption = parser.acceptsAll(Arrays.asList("p", "password"),
"The user password")
Expand All @@ -96,11 +95,8 @@ static class AddUserCommand extends EnvironmentAwareCommand {
@Override
protected void printAdditionalHelp(Terminal terminal) {
terminal.println("Adds a file based user to elasticsearch (via internal realm). The user will");
terminal.println("be added to the users file and its roles will be added to the");
terminal.println("users_roles file. If non-default files are used (different file");
terminal.println("locations are configured in elasticsearch.yml) the appropriate files");
terminal.println("will be resolved from the settings and the user and its roles will be");
terminal.println("added to them.");
terminal.println("be added to the \"users\" file and its roles will be added to the");
terminal.println("\"users_roles\" file in the elasticsearch config directory.");
terminal.println("");
}

Expand All @@ -123,7 +119,7 @@ protected void execute(Terminal terminal, OptionSet options, Environment env) th

Map<String, char[]> users = FileUserPasswdStore.parseFile(passwordFile, null, env.settings());
if (users == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [users] is missing");
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + passwordFile + "] is missing");
}
if (users.containsKey(username)) {
throw new UserException(ExitCodes.CODE_ERROR, "User [" + username + "] already exists");
Expand Down Expand Up @@ -155,11 +151,8 @@ static class DeleteUserCommand extends EnvironmentAwareCommand {
@Override
protected void printAdditionalHelp(Terminal terminal) {
terminal.println("Removes an existing file based user from elasticsearch. The user will be");
terminal.println("removed from the users file and its roles will be removed from the");
terminal.println("users_roles file. If non-default files are used (different file");
terminal.println("locations are configured in elasticsearch.yml) the appropriate files");
terminal.println("will be resolved from the settings and the user and its roles will be");
terminal.println("removed from them.");
terminal.println("removed from the \"users\" file and its roles will be removed from the");
terminal.println("\"users_roles\" file in the elasticsearch config directory.");
terminal.println("");
}

Expand All @@ -173,7 +166,7 @@ protected void execute(Terminal terminal, OptionSet options, Environment env) th

Map<String, char[]> users = FileUserPasswdStore.parseFile(passwordFile, null, env.settings());
if (users == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [users] is missing");
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + passwordFile + "] is missing");
}
if (users.containsKey(username) == false) {
throw new UserException(ExitCodes.NO_USER, "User [" + username + "] doesn't exist");
Expand Down Expand Up @@ -213,12 +206,10 @@ static class PasswordCommand extends EnvironmentAwareCommand {

@Override
protected void printAdditionalHelp(Terminal terminal) {
terminal.println("The passwd command changes passwords for files based users. The tool");
terminal.println("The passwd command changes passwords for file based users. The tool");
terminal.println("prompts twice for a replacement password. The second entry is compared");
terminal.println("against the first and both are required to match in order for the");
terminal.println("password to be changed. If non-default users file is used (a different");
terminal.println("file location is configured in elasticsearch.yml) the appropriate file");
terminal.println("will be resolved from the settings.");
terminal.println("password to be changed.");
terminal.println("");
}

Expand All @@ -232,7 +223,7 @@ protected void execute(Terminal terminal, OptionSet options, Environment env) th
FileAttributesChecker attributesChecker = new FileAttributesChecker(file);
Map<String, char[]> users = new HashMap<>(FileUserPasswdStore.parseFile(file, null, env.settings()));
if (users == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [users] is missing");
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + file + "] is missing");
}
if (users.containsKey(username) == false) {
throw new UserException(ExitCodes.NO_USER, "User [" + username + "] doesn't exist");
Expand Down Expand Up @@ -345,19 +336,19 @@ static void listUsersAndRoles(Terminal terminal, Environment env, String usernam
Path userRolesFilePath = FileUserRolesStore.resolveFile(env);
Map<String, String[]> userRoles = FileUserRolesStore.parseFile(userRolesFilePath, null);
if (userRoles == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [users_roles] is missing");
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + userRolesFilePath + "] is missing");
}

Path userFilePath = FileUserPasswdStore.resolveFile(env);
Map<String, char[]> users = FileUserPasswdStore.parseFile(userFilePath, null, env.settings());
if (users == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [users] is missing");
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + userFilePath + "] is missing");
}

Path rolesFilePath = FileRolesStore.resolveFile(env);
Set<String> knownRoles = Sets.union(FileRolesStore.parseFileForRoleNames(rolesFilePath, null), ReservedRolesStore.names());
if (knownRoles == null) {
throw new UserException(ExitCodes.CONFIG, "Configuration file [roles.xml] is missing");
throw new UserException(ExitCodes.CONFIG, "Configuration file [" + rolesFilePath + "] is missing");
}

if (username != null) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -500,7 +500,7 @@ public void testUserAddNoConfig() throws Exception {
execute("useradd", pathHomeParameter, fileTypeParameter, "username", "-p", SecuritySettingsSourceField.TEST_PASSWORD);
});
assertEquals(ExitCodes.CONFIG, e.exitCode);
assertThat(e.getMessage(), containsString("Configuration file [users] is missing"));
assertThat(e.getMessage(), containsString("Configuration file [eshome/config/users] is missing"));
}

public void testUserListNoConfig() throws Exception {
Expand All @@ -512,7 +512,7 @@ public void testUserListNoConfig() throws Exception {
execute("list", pathHomeParameter, fileTypeParameter);
});
assertEquals(ExitCodes.CONFIG, e.exitCode);
assertThat(e.getMessage(), containsString("Configuration file [users] is missing"));
assertThat(e.getMessage(), containsString("Configuration file [eshome/config/users] is missing"));
}

public void testUserDelNoConfig() throws Exception {
Expand All @@ -524,7 +524,7 @@ public void testUserDelNoConfig() throws Exception {
execute("userdel", pathHomeParameter, fileTypeParameter, "username");
});
assertEquals(ExitCodes.CONFIG, e.exitCode);
assertThat(e.getMessage(), containsString("Configuration file [users] is missing"));
assertThat(e.getMessage(), containsString("Configuration file [eshome/config/users] is missing"));
}

public void testListUserRolesNoConfig() throws Exception {
Expand All @@ -536,6 +536,6 @@ public void testListUserRolesNoConfig() throws Exception {
execute("roles", pathHomeParameter, fileTypeParameter, "username");
});
assertEquals(ExitCodes.CONFIG, e.exitCode);
assertThat(e.getMessage(), containsString("Configuration file [users_roles] is missing"));
assertThat(e.getMessage(), containsString("Configuration file [eshome/config/users_roles] is missing"));
}
}

0 comments on commit a4d9335

Please sign in to comment.