Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security implementation #78

Merged
merged 1 commit into from
Nov 7, 2022
Merged

security implementation #78

merged 1 commit into from
Nov 7, 2022

Conversation

raj-chak
Copy link
Contributor

Signed-off-by: Raj Chakravarthi raj@icedome.ca

Description

backend security implementation for GetDetector, Create/Update Detector and Search Detector

Issues Resolved

[List any issues this PR will resolve]

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@raj-chak raj-chak requested a review from a team October 25, 2022 17:34
@codecov-commenter
Copy link

codecov-commenter commented Oct 25, 2022
edited
Loading

Codecov Report

Merging #78 (f2543f1) into main (9440bae) will decrease coverage by 0.73%.
The diff coverage is 3.10%.

@@             Coverage Diff              @@
##               main      #78      +/-   ##
============================================
- Coverage     40.71%   39.97%   -0.74%     
  Complexity      882      882              
============================================
  Files           174      175       +1     
  Lines          6317     6436     +119     
  Branches        772      786      +14     
============================================
+ Hits           2572     2573       +1     
- Misses         3508     3626     +118     
  Partials        237      237
Impacted Files Coverage Δ
...rch/securityanalytics/SecurityAnalyticsPlugin.java 0.00% <ø> (ø)
...arch/securityanalytics/action/AckAlertsAction.java 0.00% <ø> (ø)
...ityanalytics/action/CreateIndexMappingsAction.java 0.00% <ø> (ø)
...securityanalytics/action/DeleteDetectorAction.java 0.00% <ø> (ø)
...rch/securityanalytics/action/DeleteRuleAction.java 0.00% <ø> (ø)
...arch/securityanalytics/action/GetAlertsAction.java 0.00% <ø> (ø)
...ch/securityanalytics/action/GetDetectorAction.java 100.00% <ø> (ø)
...ch/securityanalytics/action/GetFindingsAction.java 0.00% <ø> (ø)
...curityanalytics/action/GetIndexMappingsAction.java 0.00% <ø> (ø)
...ecurityanalytics/action/GetMappingsViewAction.java 0.00% <ø> (ø)
... and 21 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

getsaurabh02
getsaurabh02 reviewed Nov 4, 2022
View reviewed changes
src/main/java/org/opensearch/securityanalytics/settings/SecurityAnalyticsSettings.java Outdated
@@ -12,4 +12,7 @@ public class SecurityAnalyticsSettings {
public static Setting<TimeValue> INDEX_TIMEOUT = Setting.positiveTimeSetting("plugins.security_analytics.index_timeout",
TimeValue.timeValueSeconds(60),
Setting.Property.NodeScope, Setting.Property.Dynamic);

public static Setting<Boolean> FILTER_BY_BACKEND_ROLES = Setting.boolSetting("plugins.security_analytics.filter_by_backend_roles", false, Setting.Property.NodeScope, Setting.Property.Dynamic);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need to register this setting in main Plugin file, to supply to the core.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is already part of SecurityAnalyticsPlugin.java, security tests will not pass otherwise

src/main/java/org/opensearch/securityanalytics/transport/SecureTransportAction.java Outdated
Comment on lines 89 to 92
if (
resourceBackendRoles == null ||requesterBackendRoles == null ||
isIntersectListsEmpty(resourceBackendRoles, requesterBackendRoles)
) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Indentation

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

src/main/java/org/opensearch/securityanalytics/transport/SecureTransportAction.java
import java.util.List;
import java.util.stream.Collectors;

public interface SecureTransportAction {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we please add java doc here, to document the behavior

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@getsaurabh02
Copy link
Member

@raj-chak Are we still working on the multi-node build failure?

@sbcd90
security implementation for security-analytics
f2543f1 
Signed-off-by: Raj Chakravarthi <raj@icedome.ca>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
@sbcd90 sbcd90 merged commit db97ea9 into opensearch-project:main Nov 7, 2022
opensearch-trigger-bot bot pushed a commit that referenced this pull request Nov 7, 2022
@raj-chak @github-actions
security implementation for security-analytics (#78)
219ea44 
Signed-off-by: Raj Chakravarthi <raj@icedome.ca>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
(cherry picked from commit db97ea9)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Nov 7, 2022
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Nov 7, 2022
@raj-chak @github-actions
security implementation for security-analytics (#78)
a2b9a17 
Signed-off-by: Raj Chakravarthi <raj@icedome.ca>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
(cherry picked from commit db97ea9)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Nov 7, 2022
Merged
sbcd90 pushed a commit that referenced this pull request Nov 7, 2022
@opensearch-trigger-bot
security implementation for security-analytics (#78) (#121)
269d91c 
Signed-off-by: Raj Chakravarthi <raj@icedome.ca>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
sbcd90 pushed a commit that referenced this pull request Nov 7, 2022
@opensearch-trigger-bot
security implementation for security-analytics (#78) (#120)
ee4ab74 
Signed-off-by: Raj Chakravarthi <raj@icedome.ca>
Signed-off-by: Subhobrata Dey <sbcd90@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@getsaurabh02 getsaurabh02 getsaurabh02 approved these changes

@sbcd90 sbcd90 sbcd90 approved these changes

Assignees
No one assigned
Labels
backport 2.x backport 2.4
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@raj-chak @codecov-commenter @getsaurabh02 @sbcd90