-
Notifications
You must be signed in to change notification settings - Fork 141
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Improved error codes in case of security exception
Signed-off-by: Vamsi Manohar <reddyvam@amazon.com>
- Loading branch information
Showing
4 changed files
with
111 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
102 changes: 102 additions & 0 deletions
102
...rces/src/test/java/org/opensearch/sql/datasources/rest/RestDataSourceQueryActionTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,102 @@ | ||
| /* | ||
| * Copyright OpenSearch Contributors | ||
| * SPDX-License-Identifier: Apache-2.0 | ||
| */ | ||
|
|
||
| package org.opensearch.sql.datasources.rest; | ||
|
|
||
| import static org.mockito.ArgumentMatchers.any; | ||
| import static org.mockito.Mockito.doAnswer; | ||
| import static org.mockito.Mockito.spy; | ||
| import static org.mockito.Mockito.timeout; | ||
| import static org.mockito.Mockito.verify; | ||
| import static org.opensearch.sql.datasources.utils.Scheduler.SQL_WORKER_THREAD_POOL_NAME; | ||
|
|
||
| import org.junit.jupiter.api.Assertions; | ||
| import org.junit.jupiter.api.BeforeEach; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.junit.jupiter.api.extension.ExtendWith; | ||
| import org.mockito.ArgumentCaptor; | ||
| import org.mockito.Mock; | ||
| import org.mockito.junit.jupiter.MockitoExtension; | ||
| import org.opensearch.OpenSearchSecurityException; | ||
| import org.opensearch.action.ActionListener; | ||
| import org.opensearch.client.node.NodeClient; | ||
| import org.opensearch.common.settings.Settings; | ||
| import org.opensearch.core.xcontent.NamedXContentRegistry; | ||
| import org.opensearch.rest.RestChannel; | ||
| import org.opensearch.rest.RestRequest; | ||
| import org.opensearch.rest.RestResponse; | ||
| import org.opensearch.rest.RestStatus; | ||
| import org.opensearch.sql.datasources.model.transport.CreateDataSourceActionResponse; | ||
| import org.opensearch.test.OpenSearchTestCase; | ||
| import org.opensearch.test.rest.FakeRestRequest; | ||
| import org.opensearch.threadpool.FixedExecutorBuilder; | ||
| import org.opensearch.threadpool.TestThreadPool; | ||
| import org.opensearch.threadpool.ThreadPool; | ||
|
|
||
| @ExtendWith(MockitoExtension.class) | ||
| public class RestDataSourceQueryActionTest extends OpenSearchTestCase { | ||
| @Mock | ||
| private RestChannel channel; | ||
| private ThreadPool threadPool; | ||
| NodeClient client; | ||
|
|
||
| private RestDataSourceQueryAction restDataSourceQueryAction; | ||
|
|
||
| /** | ||
| * SetUp threadPool and NodeClient for all unit tests. | ||
| */ | ||
| @BeforeEach | ||
| public void setup() { | ||
| restDataSourceQueryAction = new RestDataSourceQueryAction(); | ||
| threadPool = new TestThreadPool(this.getClass().getName(), | ||
| new FixedExecutorBuilder( | ||
| Settings.EMPTY, | ||
| SQL_WORKER_THREAD_POOL_NAME, | ||
| 1, | ||
| 1000, | ||
| null)); | ||
| client = spy(new NodeClient(Settings.EMPTY, threadPool)); | ||
| } | ||
|
|
||
| @Override | ||
| public void tearDown() throws Exception { | ||
| super.tearDown(); | ||
| threadPool.shutdown(); | ||
| client.close(); | ||
| } | ||
|
|
||
|
|
||
| @Test | ||
| public void testSecurityExceptionWithCreateDataSource() throws Exception { | ||
| doAnswer(invocation -> { | ||
| ActionListener<CreateDataSourceActionResponse> actionListener = invocation.getArgument(2); | ||
| actionListener.onFailure( | ||
| new OpenSearchSecurityException("No Permissions for datasource Creation", | ||
| RestStatus.FORBIDDEN)); | ||
| return null; | ||
| }).when(client).execute(any(), any(), any()); | ||
|
|
||
| RestRequest restRequest = new FakeRestRequest.Builder(NamedXContentRegistry.EMPTY).withMethod( | ||
| RestRequest.Method.GET).build(); | ||
| restDataSourceQueryAction.handleRequest(restRequest, channel, client); | ||
| ArgumentCaptor<RestResponse> responseArgumentCaptor | ||
| = ArgumentCaptor.forClass(RestResponse.class); | ||
|
|
||
| verify(channel, timeout(1000).times(1)) | ||
| .sendResponse(responseArgumentCaptor.capture()); | ||
| RestResponse response = responseArgumentCaptor.getValue(); | ||
| Assertions.assertEquals(RestStatus.FORBIDDEN, response.status()); | ||
| Assertions.assertEquals("{\n" | ||
| + " \"status\": 403,\n" | ||
| + " \"error\": {\n" | ||
| + " \"type\": \"OpenSearchSecurityException\",\n" | ||
| + " \"reason\": \"There was internal problem at backend\",\n" | ||
| + " \"details\": \"No Permissions for datasource Creation\"\n" | ||
| + " }\n" | ||
| + "}", response.content().utf8ToString()); | ||
| } | ||
|
|
||
|
|
||
| } |