Skip to content

Commit

Permalink
Remove Version.V_6_x_x constants use in security
Browse files Browse the repository at this point in the history 
This removes some use of the v6 constants in various parts of
security.
Mostly this is BWC testing code, which is no longer needed as ES8 will
not need to maintain compatibility with ES6.

Relates: elastic#41164
  • Loading branch information
@tvernum
tvernum committed Apr 15, 2019
1 parent f0fac9f commit 3686202
Show file tree
Hide file tree
Showing 14 changed files with 33 additions and 208 deletions.
13 changes: 4 additions & 9 deletions .../core/src/main/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
*/
package org.elasticsearch.xpack.core.security.action.role;

import org.elasticsearch.Version;
import org.elasticsearch.action.ActionRequest;
import org.elasticsearch.action.ActionRequestValidationException;
import org.elasticsearch.action.support.WriteRequest;
Expand Down Expand Up @@ -168,10 +167,8 @@ public void readFrom(StreamInput in) throws IOException {
for (int i = 0; i < indicesSize; i++) {
indicesPrivileges.add(new RoleDescriptor.IndicesPrivileges(in));
}
if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
applicationPrivileges = in.readList(RoleDescriptor.ApplicationResourcePrivileges::new);
conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
}
applicationPrivileges = in.readList(RoleDescriptor.ApplicationResourcePrivileges::new);
conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
runAs = in.readStringArray();
refreshPolicy = RefreshPolicy.readFrom(in);
metadata = in.readMap();
Expand All @@ -186,10 +183,8 @@ public void writeTo(StreamOutput out) throws IOException {
for (RoleDescriptor.IndicesPrivileges index : indicesPrivileges) {
index.writeTo(out);
}
if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
out.writeList(applicationPrivileges);
ConditionalClusterPrivileges.writeArray(out, this.conditionalClusterPrivileges);
}
out.writeList(applicationPrivileges);
ConditionalClusterPrivileges.writeArray(out, this.conditionalClusterPrivileges);
out.writeStringArray(runAs);
refreshPolicy.writeTo(out);
out.writeMap(metadata);
Expand Down
16 changes: 2 additions & 14 deletions ...src/main/java/org/elasticsearch/xpack/core/security/action/user/AuthenticateResponse.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,10 @@
*/
package org.elasticsearch.xpack.core.security.action.user;

import org.elasticsearch.Version;
import org.elasticsearch.action.ActionResponse;
import org.elasticsearch.common.io.stream.StreamInput;
import org.elasticsearch.common.io.stream.StreamOutput;
import org.elasticsearch.xpack.core.security.authc.Authentication;
import org.elasticsearch.xpack.core.security.user.User;

import java.io.IOException;

Expand All @@ -31,23 +29,13 @@ public Authentication authentication() {
@Override
public void writeTo(StreamOutput out) throws IOException {
super.writeTo(out);
if (out.getVersion().before(Version.V_6_6_0)) {
User.writeTo(authentication.getUser(), out);
} else {
authentication.writeTo(out);
}
authentication.writeTo(out);
}

@Override
public void readFrom(StreamInput in) throws IOException {
super.readFrom(in);
if (in.getVersion().before(Version.V_6_6_0)) {
final User user = User.readFrom(in);
final Authentication.RealmRef unknownRealm = new Authentication.RealmRef("__unknown", "__unknown", "__unknown");
authentication = new Authentication(user, unknownRealm, unknownRealm);
} else {
authentication = new Authentication(in);
}
authentication = new Authentication(in);
}

}
11 changes: 2 additions & 9 deletions ...ain/java/org/elasticsearch/xpack/core/security/action/user/GetUserPrivilegesResponse.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
*/
package org.elasticsearch.xpack.core.security.action.user;

import org.elasticsearch.Version;
import org.elasticsearch.action.ActionResponse;
import org.elasticsearch.common.Strings;
import org.elasticsearch.common.bytes.BytesReference;
Expand Down Expand Up @@ -145,11 +144,7 @@ public Indices(StreamInput in) throws IOException {
return new FieldPermissionsDefinition.FieldGrantExcludeGroup(grant, exclude);
}));
queries = Collections.unmodifiableSet(in.readSet(StreamInput::readBytesReference));
if (in.getVersion().onOrAfter(Version.V_6_7_0)) {
this.allowRestrictedIndices = in.readBoolean();
} else {
this.allowRestrictedIndices = false;
}
this.allowRestrictedIndices = in.readBoolean();
}

public Set<String> getIndices() {
Expand Down Expand Up @@ -254,9 +249,7 @@ public void writeTo(StreamOutput out) throws IOException {
output.writeOptionalStringArray(fields.getExcludedFields());
});
out.writeCollection(queries, StreamOutput::writeBytesReference);
if (out.getVersion().onOrAfter(Version.V_6_7_0)) {
out.writeBoolean(allowRestrictedIndices);
}
out.writeBoolean(allowRestrictedIndices);
}
}
}
9 changes: 2 additions & 7 deletions ...src/main/java/org/elasticsearch/xpack/core/security/action/user/HasPrivilegesRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
*/
package org.elasticsearch.xpack.core.security.action.user;

import org.elasticsearch.Version;
import org.elasticsearch.action.ActionRequest;
import org.elasticsearch.action.ActionRequestValidationException;
import org.elasticsearch.common.io.stream.StreamInput;
Expand Down Expand Up @@ -109,9 +108,7 @@ public void readFrom(StreamInput in) throws IOException {
for (int i = 0; i < indexSize; i++) {
indexPrivileges[i] = new RoleDescriptor.IndicesPrivileges(in);
}
if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
}
applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
}

@Override
Expand All @@ -123,9 +120,7 @@ public void writeTo(StreamOutput out) throws IOException {
for (RoleDescriptor.IndicesPrivileges priv : indexPrivileges) {
priv.writeTo(out);
}
if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
}
out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
}

}
25 changes: 6 additions & 19 deletions ...rc/main/java/org/elasticsearch/xpack/core/security/action/user/HasPrivilegesResponse.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
*/
package org.elasticsearch.xpack.core.security.action.user;

import org.elasticsearch.Version;
import org.elasticsearch.action.ActionResponse;
import org.elasticsearch.common.io.stream.StreamInput;
import org.elasticsearch.common.io.stream.StreamOutput;
Expand Down Expand Up @@ -103,16 +102,10 @@ public int hashCode() {
public void readFrom(StreamInput in) throws IOException {
super.readFrom(in);
completeMatch = in.readBoolean();
if (in.getVersion().onOrAfter(Version.V_6_6_0 )) {
cluster = in.readMap(StreamInput::readString, StreamInput::readBoolean);
}
cluster = in.readMap(StreamInput::readString, StreamInput::readBoolean);
index = readResourcePrivileges(in);
if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
application = in.readMap(StreamInput::readString, HasPrivilegesResponse::readResourcePrivileges);
}
if (in.getVersion().onOrAfter(Version.V_6_6_0)) {
username = in.readString();
}
application = in.readMap(StreamInput::readString, HasPrivilegesResponse::readResourcePrivileges);
username = in.readString();
}

private static Set<ResourcePrivileges> readResourcePrivileges(StreamInput in) throws IOException {
Expand All @@ -130,16 +123,10 @@ private static Set<ResourcePrivileges> readResourcePrivileges(StreamInput in) th
public void writeTo(StreamOutput out) throws IOException {
super.writeTo(out);
out.writeBoolean(completeMatch);
if (out.getVersion().onOrAfter(Version.V_6_6_0)) {
out.writeMap(cluster, StreamOutput::writeString, StreamOutput::writeBoolean);
}
out.writeMap(cluster, StreamOutput::writeString, StreamOutput::writeBoolean);
writeResourcePrivileges(out, index);
if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
out.writeMap(application, StreamOutput::writeString, HasPrivilegesResponse::writeResourcePrivileges);
}
if (out.getVersion().onOrAfter(Version.V_6_6_0)) {
out.writeString(username);
}
out.writeMap(application, StreamOutput::writeString, HasPrivilegesResponse::writeResourcePrivileges);
out.writeString(username);
}

private static void writeResourcePrivileges(StreamOutput out, Set<ResourcePrivileges> privileges) throws IOException {
Expand Down
15 changes: 4 additions & 11 deletions ...plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authc/Authentication.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,13 +60,8 @@ public Authentication(StreamInput in) throws IOException {
this.lookedUpBy = null;
}
this.version = in.getVersion();
if (in.getVersion().onOrAfter(Version.V_6_7_0)) {
type = AuthenticationType.values()[in.readVInt()];
metadata = in.readMap();
} else {
type = AuthenticationType.REALM;
metadata = Collections.emptyMap();
}
type = AuthenticationType.values()[in.readVInt()];
metadata = in.readMap();
}

public User getUser() {
Expand Down Expand Up @@ -165,10 +160,8 @@ public void writeTo(StreamOutput out) throws IOException {
} else {
out.writeBoolean(false);
}
if (out.getVersion().onOrAfter(Version.V_6_7_0)) {
out.writeVInt(type.ordinal());
out.writeMap(metadata);
}
out.writeVInt(type.ordinal());
out.writeMap(metadata);
}

@Override
Expand Down
26 changes: 6 additions & 20 deletions ...plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/RoleDescriptor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
package org.elasticsearch.xpack.core.security.authz;

import org.elasticsearch.ElasticsearchParseException;
import org.elasticsearch.Version;
import org.elasticsearch.common.Nullable;
import org.elasticsearch.common.ParseField;
import org.elasticsearch.common.Strings;
Expand Down Expand Up @@ -122,13 +121,8 @@ public RoleDescriptor(StreamInput in) throws IOException {
this.metadata = in.readMap();
this.transientMetadata = in.readMap();

if (in.getVersion().onOrAfter(Version.V_6_4_0)) {
this.applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
this.conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
} else {
this.applicationPrivileges = ApplicationResourcePrivileges.NONE;
this.conditionalClusterPrivileges = ConditionalClusterPrivileges.EMPTY_ARRAY;
}
this.applicationPrivileges = in.readArray(ApplicationResourcePrivileges::new, ApplicationResourcePrivileges[]::new);
this.conditionalClusterPrivileges = ConditionalClusterPrivileges.readArray(in);
}

public String getName() {
Expand Down Expand Up @@ -264,10 +258,8 @@ public void writeTo(StreamOutput out) throws IOException {
out.writeStringArray(runAs);
out.writeMap(metadata);
out.writeMap(transientMetadata);
if (out.getVersion().onOrAfter(Version.V_6_4_0)) {
out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
ConditionalClusterPrivileges.writeArray(out, getConditionalClusterPrivileges());
}
out.writeArray(ApplicationResourcePrivileges::write, applicationPrivileges);
ConditionalClusterPrivileges.writeArray(out, getConditionalClusterPrivileges());
}

public static RoleDescriptor parse(String name, BytesReference source, boolean allow2xFormat, XContentType xContentType)
Expand Down Expand Up @@ -608,11 +600,7 @@ public IndicesPrivileges(StreamInput in) throws IOException {
this.deniedFields = in.readOptionalStringArray();
this.privileges = in.readStringArray();
this.query = in.readOptionalBytesReference();
if (in.getVersion().onOrAfter(Version.V_6_7_0)) {
allowRestrictedIndices = in.readBoolean();
} else {
allowRestrictedIndices = false;
}
this.allowRestrictedIndices = in.readBoolean();
}

@Override
Expand All @@ -622,9 +610,7 @@ public void writeTo(StreamOutput out) throws IOException {
out.writeOptionalStringArray(deniedFields);
out.writeStringArray(privileges);
out.writeOptionalBytesReference(query);
if (out.getVersion().onOrAfter(Version.V_6_7_0)) {
out.writeBoolean(allowRestrictedIndices);
}
out.writeBoolean(allowRestrictedIndices);
}

public static Builder builder() {
Expand Down
66 changes: 1 addition & 65 deletions .../src/test/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequestTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.test.VersionUtils;
import org.elasticsearch.xpack.core.XPackClientPlugin;
import org.elasticsearch.xpack.core.security.authz.RoleDescriptor;
import org.elasticsearch.xpack.core.security.authz.RoleDescriptor.ApplicationResourcePrivileges;
import org.elasticsearch.xpack.core.security.authz.privilege.ConditionalClusterPrivileges;

Expand All @@ -31,11 +30,9 @@
import java.util.Map;
import java.util.function.Supplier;

import static org.hamcrest.Matchers.arrayWithSize;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.hasItem;
import static org.hamcrest.Matchers.iterableWithSize;
import static org.hamcrest.Matchers.notNullValue;
import static org.hamcrest.Matchers.nullValue;

Expand All @@ -60,7 +57,7 @@ public void testSerialization() throws IOException {

final BytesStreamOutput out = new BytesStreamOutput();
if (randomBoolean()) {
final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_7_0, Version.CURRENT);
final Version version = VersionUtils.randomCompatibleVersion(random(), Version.CURRENT);
logger.info("Serializing with version {}", version);
out.setVersion(version);
}
Expand All @@ -75,67 +72,6 @@ public void testSerialization() throws IOException {
assertThat(copy.roleDescriptor(), equalTo(original.roleDescriptor()));
}

public void testSerializationBetweenV64AndV66() throws IOException {
final PutRoleRequest original = buildRandomRequest();

final BytesStreamOutput out = new BytesStreamOutput();
final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_4_0, Version.V_6_6_0);
out.setVersion(version);
original.writeTo(out);

final PutRoleRequest copy = new PutRoleRequest();
final NamedWriteableRegistry registry = new NamedWriteableRegistry(new XPackClientPlugin(Settings.EMPTY).getNamedWriteables());
StreamInput in = new NamedWriteableAwareStreamInput(ByteBufferStreamInput.wrap(BytesReference.toBytes(out.bytes())), registry);
in.setVersion(version);
copy.readFrom(in);

assertThat(copy.name(), equalTo(original.name()));
assertThat(copy.cluster(), equalTo(original.cluster()));
assertIndicesSerializedRestricted(copy.indices(), original.indices());
assertThat(copy.runAs(), equalTo(original.runAs()));
assertThat(copy.metadata(), equalTo(original.metadata()));
assertThat(copy.getRefreshPolicy(), equalTo(original.getRefreshPolicy()));

assertThat(copy.applicationPrivileges(), equalTo(original.applicationPrivileges()));
assertThat(copy.conditionalClusterPrivileges(), equalTo(original.conditionalClusterPrivileges()));
}

public void testSerializationV60AndV32() throws IOException {
final PutRoleRequest original = buildRandomRequest();

final BytesStreamOutput out = new BytesStreamOutput();
final Version version = VersionUtils.randomVersionBetween(random(), Version.V_6_0_0, Version.V_6_3_2);
out.setVersion(version);
original.writeTo(out);

final PutRoleRequest copy = new PutRoleRequest();
final StreamInput in = out.bytes().streamInput();
in.setVersion(version);
copy.readFrom(in);

assertThat(copy.name(), equalTo(original.name()));
assertThat(copy.cluster(), equalTo(original.cluster()));
assertIndicesSerializedRestricted(copy.indices(), original.indices());
assertThat(copy.runAs(), equalTo(original.runAs()));
assertThat(copy.metadata(), equalTo(original.metadata()));
assertThat(copy.getRefreshPolicy(), equalTo(original.getRefreshPolicy()));

assertThat(copy.applicationPrivileges(), iterableWithSize(0));
assertThat(copy.conditionalClusterPrivileges(), arrayWithSize(0));
}

private void assertIndicesSerializedRestricted(RoleDescriptor.IndicesPrivileges[] copy, RoleDescriptor.IndicesPrivileges[] original) {
assertThat(copy.length, equalTo(original.length));
for (int i = 0; i < copy.length; i++) {
assertThat(copy[i].allowRestrictedIndices(), equalTo(false));
assertThat(copy[i].getIndices(), equalTo(original[i].getIndices()));
assertThat(copy[i].getPrivileges(), equalTo(original[i].getPrivileges()));
assertThat(copy[i].getDeniedFields(), equalTo(original[i].getDeniedFields()));
assertThat(copy[i].getGrantedFields(), equalTo(original[i].getGrantedFields()));
assertThat(copy[i].getQuery(), equalTo(original[i].getQuery()));
}
}

private void assertSuccessfulValidation(PutRoleRequest request) {
final ActionRequestValidationException exception = request.validate();
assertThat(exception, nullValue());
Expand Down
Loading

0 comments on commit 3686202

Please sign in to comment.