[Backport 2.x] Command cat/indices will filter results per the do not fail on forbidden setting
#3258
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Returns the error message instead of the validation message because validation message should already have been shown in above case statements. Fix: opensearch-project#3055 Is this a backport? If so, please add backport PR # and/or commits # [Please provide details of testing done: unit testing, integration testing and manual testing] - [ ] New functionality includes testing - [ ] New functionality has been documented - [ ] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Craig Perkins <cwperx@amazon.com> Signed-off-by: Derek Ho <dxho@amazon.com> Co-authored-by: Craig Perkins <cwperx@amazon.com> (cherry picked from commit 847f911)
Fix merge conflicts Signed-off-by: Derek Ho <dxho@amazon.com>
Fix merge conflicts Signed-off-by: Derek Ho <dxho@amazon.com>
Fix final merge conflict Signed-off-by: Derek Ho <dxho@amazon.com>
…idden setting (opensearch-project#3236) This change allows for DNFOF behavior on the _cat/_indices API. It adds the required index permissions into the DNFOF regex to be picked up in the DNFOF code path. Previously it was being skipped/returning 403, since the index permissions were not in the regex. Fix: opensearch-project#1815 Is this a backport? If so, please add backport PR # and/or commits # [Please provide details of testing done: unit testing, integration testing and manual testing] - [ ] New functionality includes testing - [ ] New functionality has been documented - [ ] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Derek Ho <dxho@amazon.com> (cherry picked from commit 4c095d2) Signed-off-by: Derek Ho <dxho@amazon.com>
willyborankin
previously approved these changes
Aug 29, 2023
…kport/backport-3236-to-2.x Signed-off-by: Derek Ho <dxho@amazon.com>
Signed-off-by: Derek Ho <dxho@amazon.com>
Signed-off-by: Derek Ho <dxho@amazon.com>
derek-ho
requested review from
cliu123,
cwperks,
DarshitChanpura,
davidlago,
peternied,
RyanL1997,
stephen-crawford and
reta
as code owners
Codecov Report
@@ Coverage Diff @@
## 2.x #3258 +/- ##
============================================
+ Coverage 62.35% 62.37% +0.02%
- Complexity 3292 3294 +2
============================================
Files 252 252
Lines 19456 19457 +1
Branches 3308 3308
============================================
+ Hits 12132 12137 +5
Misses 5704 5704
+ Partials 1620 1616 -4
|
Signed-off-by: Derek Ho <dxho@amazon.com>
peternied
changed the title
cat/indices will filter results per the do not fail on forbidden settingcat/indices will filter results per the do not fail on forbidden setting
cwperks
reviewed
Aug 29, 2023
| import static org.junit.Assert.assertFalse; | ||
| import static org.junit.Assert.assertTrue; | ||
| import static org.opensearch.security.privileges.PrivilegesEvaluator.isClusterPerm; | ||
| import static org.opensearch.security.privileges.PrivilegesEvaluator.*; |
There was a problem hiding this comment.
Can star import be removed here?
There was a problem hiding this comment.
Its in the original PR on main, checkstyle missed it? What do you think about handling this out of band - want to create an issue?
There was a problem hiding this comment.
OpenSearch refuses wildcard imports: https://github.com/opensearch-project/OpenSearch/blob/main/gradle/formatting.gradle#L89-L94
We should update the spotless formatting guidelines in this repo to also refuse wildcard imports
There was a problem hiding this comment.
Raised an issue in the repo for this: #3260
Will create a follow up PR in main to fix the original violation and add the checkstyle. For now I just fixed it in this manual backport as well.
Signed-off-by: Derek Ho <dxho@amazon.com>
Signed-off-by: Derek Ho <dxho@amazon.com>
peternied
approved these changes
Aug 29, 2023
cwperks
approved these changes
Aug 29, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Backport 4c095d2 of #3236
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.