From 0a29fba32180afc658205fade9b05644550fac61 Mon Sep 17 00:00:00 2001 From: Navarone Feekery <13634519+navarone-feekery@users.noreply.github.com> Date: Thu, 25 Jan 2024 14:30:32 +0100 Subject: [PATCH] Revert "[Enterprise Search] Add `.connector-secrets` system index and GET/POST requests (#103683)" This reverts commit b4345d9d9118494d22fdf228be87bcc52902f547. --- .../security/get-builtin-privileges.asciidoc | 2 - .../api/connector_secret.get.json | 28 ----- .../api/connector_secret.post.json | 26 ----- .../privilege/ClusterPrivilegeResolver.java | 14 +-- .../src/main/resources/connector-secrets.json | 26 ----- x-pack/plugin/ent-search/build.gradle | 7 -- x-pack/plugin/ent-search/qa/rest/roles.yml | 2 - .../entsearch/500_connector_secret_post.yml | 55 --------- .../entsearch/510_connector_secret_get.yml | 60 ---------- .../ConnectorSecretsSystemIndexIT.java | 94 ---------------- .../ent-search/src/main/java/module-info.java | 2 - .../xpack/application/EnterpriseSearch.java | 31 +----- .../secrets/ConnectorSecretsFeature.java | 32 ------ .../secrets/ConnectorSecretsIndexService.java | 96 ---------------- .../action/GetConnectorSecretAction.java | 21 ---- .../action/GetConnectorSecretRequest.java | 67 ----------- .../action/GetConnectorSecretResponse.java | 70 ------------ .../action/PostConnectorSecretAction.java | 21 ---- .../action/PostConnectorSecretRequest.java | 99 ----------------- .../action/PostConnectorSecretResponse.java | 61 ---------- .../action/RestGetConnectorSecretAction.java | 42 ------- .../action/RestPostConnectorSecretAction.java | 45 -------- .../TransportGetConnectorSecretAction.java | 39 ------- .../TransportPostConnectorSecretAction.java | 39 ------- .../ConnectorSecretsIndexServiceTests.java | 104 ------------------ .../secrets/ConnectorSecretsTestUtils.java | 37 ------- .../action/GetConnectorSecretActionTests.java | 34 ------ ...ectorSecretRequestBWCSerializingTests.java | 37 ------- ...ctorSecretResponseBWCSerializingTests.java | 46 -------- .../PostConnectorSecretActionTests.java | 34 ------ ...ectorSecretRequestBWCSerializingTests.java | 38 ------- ...ctorSecretResponseBWCSerializingTests.java | 39 ------- ...ransportGetConnectorSecretActionTests.java | 72 ------------ ...ansportPostConnectorSecretActionTests.java | 72 ------------ .../xpack/security/operator/Constants.java | 2 - .../authc/service/ServiceAccountIT.java | 4 +- .../authc/service/ElasticServiceAccounts.java | 2 +- .../service/ElasticServiceAccountsTests.java | 4 - .../test/privileges/11_builtin.yml | 2 +- 39 files changed, 5 insertions(+), 1501 deletions(-) delete mode 100644 rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.get.json delete mode 100644 rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.post.json delete mode 100644 x-pack/plugin/core/template-resources/src/main/resources/connector-secrets.json delete mode 100644 x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/500_connector_secret_post.yml delete mode 100644 x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/510_connector_secret_get.yml delete mode 100644 x-pack/plugin/ent-search/src/javaRestTest/java/org/elasticsearch/xpack/entsearch/ConnectorSecretsSystemIndexIT.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsFeature.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexService.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretAction.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequest.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponse.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretAction.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequest.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponse.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestGetConnectorSecretAction.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestPostConnectorSecretAction.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretAction.java delete mode 100644 x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretAction.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexServiceTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsTestUtils.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretActionTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequestBWCSerializingTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponseBWCSerializingTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretActionTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequestBWCSerializingTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponseBWCSerializingTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretActionTests.java delete mode 100644 x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretActionTests.java diff --git a/docs/reference/rest-api/security/get-builtin-privileges.asciidoc b/docs/reference/rest-api/security/get-builtin-privileges.asciidoc index bd2d21317212b..8f75293e2c1a4 100644 --- a/docs/reference/rest-api/security/get-builtin-privileges.asciidoc +++ b/docs/reference/rest-api/security/get-builtin-privileges.asciidoc @@ -108,14 +108,12 @@ A successful call returns an object with "cluster" and "index" fields. "none", "post_behavioral_analytics_event", "read_ccr", - "read_connector_secrets", "read_fleet_secrets", "read_ilm", "read_pipeline", "read_security", "read_slm", "transport_client", - "write_connector_secrets", "write_fleet_secrets" ], "index" : [ diff --git a/rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.get.json b/rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.get.json deleted file mode 100644 index f1037bedddfc6..0000000000000 --- a/rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.get.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "connector_secret.get": { - "documentation": { - "url": null, - "description": "Retrieves a secret stored by Connectors." - }, - "stability": "experimental", - "visibility":"private", - "headers":{ - "accept": [ "application/json"] - }, - "url":{ - "paths":[ - { - "path":"/_connector/_secret/{id}", - "methods":[ "GET" ], - "parts":{ - "id":{ - "type":"string", - "description":"The ID of the secret" - } - } - } - ] - }, - "params":{} - } -} diff --git a/rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.post.json b/rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.post.json deleted file mode 100644 index 48657cf389446..0000000000000 --- a/rest-api-spec/src/main/resources/rest-api-spec/api/connector_secret.post.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "connector_secret.post": { - "documentation": { - "url": null, - "description": "Creates a secret for a Connector." - }, - "stability": "experimental", - "visibility":"private", - "headers":{ - "accept": [ "application/json" ] - }, - "url":{ - "paths":[ - { - "path":"/_connector/_secret", - "methods":[ "POST" ] - } - ] - }, - "params":{}, - "body": { - "description":"The secret value to store", - "required":true - } - } -} diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/privilege/ClusterPrivilegeResolver.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/privilege/ClusterPrivilegeResolver.java index 4637ca7edd8dd..ba6bca802070a 100644 --- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/privilege/ClusterPrivilegeResolver.java +++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/privilege/ClusterPrivilegeResolver.java @@ -326,16 +326,6 @@ public class ClusterPrivilegeResolver { CROSS_CLUSTER_REPLICATION_PATTERN ); - public static final NamedClusterPrivilege READ_CONNECTOR_SECRETS = new ActionClusterPrivilege( - "read_connector_secrets", - Set.of("cluster:admin/xpack/connector/secret/get") - ); - - public static final NamedClusterPrivilege WRITE_CONNECTOR_SECRETS = new ActionClusterPrivilege( - "write_connector_secrets", - Set.of("cluster:admin/xpack/connector/secret/post") - ); - private static final Map VALUES = sortByAccessLevel( Stream.of( NONE, @@ -390,9 +380,7 @@ public class ClusterPrivilegeResolver { POST_BEHAVIORAL_ANALYTICS_EVENT, MANAGE_SEARCH_QUERY_RULES, CROSS_CLUSTER_SEARCH, - CROSS_CLUSTER_REPLICATION, - READ_CONNECTOR_SECRETS, - WRITE_CONNECTOR_SECRETS + CROSS_CLUSTER_REPLICATION ).filter(Objects::nonNull).toList() ); diff --git a/x-pack/plugin/core/template-resources/src/main/resources/connector-secrets.json b/x-pack/plugin/core/template-resources/src/main/resources/connector-secrets.json deleted file mode 100644 index 96fa641726fa3..0000000000000 --- a/x-pack/plugin/core/template-resources/src/main/resources/connector-secrets.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "settings": { - "index": { - "auto_expand_replicas": "0-1", - "number_of_shards": 1, - "number_of_replicas": 0, - "priority": 100, - "refresh_interval": "1s" - } - }, - "mappings": { - "_doc" : { - "dynamic": false, - "_meta": { - "version": "${connector-secrets.version}", - "managed_index_mappings_version": ${connector-secrets.managed.index.version} - }, - "properties": { - "value": { - "type": "keyword", - "index": false - } - } - } - } -} diff --git a/x-pack/plugin/ent-search/build.gradle b/x-pack/plugin/ent-search/build.gradle index 4551011b03ca1..92a1c007f72bf 100644 --- a/x-pack/plugin/ent-search/build.gradle +++ b/x-pack/plugin/ent-search/build.gradle @@ -38,13 +38,6 @@ dependencies { module ':modules:search-business-rules' } -testClusters.configureEach { - testDistribution = 'DEFAULT' - setting 'xpack.security.enabled', 'true' - setting 'xpack.security.autoconfiguration.enabled', 'false' - user username: 'x_pack_rest_user', password: 'x-pack-test-password' -} - tasks.named("dependencyLicenses").configure { mapping from: /jackson.*/, to: 'jackson' } diff --git a/x-pack/plugin/ent-search/qa/rest/roles.yml b/x-pack/plugin/ent-search/qa/rest/roles.yml index 9dac14709db8d..4d868f41e78b3 100644 --- a/x-pack/plugin/ent-search/qa/rest/roles.yml +++ b/x-pack/plugin/ent-search/qa/rest/roles.yml @@ -16,8 +16,6 @@ user: cluster: - post_behavioral_analytics_event - manage_api_key - - read_connector_secrets - - write_connector_secrets indices: - names: [ "test-index1", diff --git a/x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/500_connector_secret_post.yml b/x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/500_connector_secret_post.yml deleted file mode 100644 index 6a4ee3ba7f6cb..0000000000000 --- a/x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/500_connector_secret_post.yml +++ /dev/null @@ -1,55 +0,0 @@ -setup: - - skip: - version: " - 8.12.99" - reason: Introduced in 8.13.0 - ---- -'Post connector secret - admin': - - do: - connector_secret.post: - body: - value: my-secret - - set: { id: id } - - match: { id: $id } - - do: - connector_secret.get: - id: $id - - match: { value: my-secret } - ---- -'Post connector secret - authorized user': - - skip: - features: headers - - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVzZXI6ZW50c2VhcmNoLXVzZXItcGFzc3dvcmQ=" } # user - connector_secret.post: - body: - value: my-secret - - set: { id: id } - - match: { id: $id } - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVzZXI6ZW50c2VhcmNoLXVzZXItcGFzc3dvcmQ=" } # user - connector_secret.get: - id: $id - - match: { value: my-secret } - ---- -'Post connector secret - unauthorized user': - - skip: - features: headers - - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVucHJpdmlsZWdlZDplbnRzZWFyY2gtdW5wcml2aWxlZ2VkLXVzZXI=" } # unprivileged - connector_secret.post: - body: - value: my-secret - catch: unauthorized - ---- -'Post connector secret when id is missing should fail': - - do: - connector_secret.post: - body: - value: null - catch: bad_request diff --git a/x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/510_connector_secret_get.yml b/x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/510_connector_secret_get.yml deleted file mode 100644 index 4b2d3777ffe9d..0000000000000 --- a/x-pack/plugin/ent-search/qa/rest/src/yamlRestTest/resources/rest-api-spec/test/entsearch/510_connector_secret_get.yml +++ /dev/null @@ -1,60 +0,0 @@ -setup: - - skip: - version: " - 8.12.99" - reason: Introduced in 8.13.0 - ---- -'Get connector secret - admin': - - do: - connector_secret.post: - body: - value: my-secret - - set: { id: id } - - match: { id: $id } - - do: - connector_secret.get: - id: $id - - match: { value: my-secret } - ---- -'Get connector secret - user with privileges': - - skip: - features: headers - - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVzZXI6ZW50c2VhcmNoLXVzZXItcGFzc3dvcmQ=" } # user - connector_secret.post: - body: - value: my-secret - - set: { id: id } - - match: { id: $id } - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVzZXI6ZW50c2VhcmNoLXVzZXItcGFzc3dvcmQ=" } # user - connector_secret.get: - id: $id - - match: { value: my-secret } - ---- -'Get connector secret - user without privileges': - - skip: - features: headers - - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVzZXI6ZW50c2VhcmNoLXVzZXItcGFzc3dvcmQ=" } # user - connector_secret.post: - body: - value: my-secret - - set: { id: id } - - match: { id: $id } - - do: - headers: { Authorization: "Basic ZW50c2VhcmNoLXVucHJpdmlsZWdlZDplbnRzZWFyY2gtdW5wcml2aWxlZ2VkLXVzZXI=" } # unprivileged - connector_secret.get: - id: $id - catch: unauthorized - ---- -'Get connector secret - Missing secret id': - - do: - connector_secret.get: - id: non-existing-secret-id - catch: missing diff --git a/x-pack/plugin/ent-search/src/javaRestTest/java/org/elasticsearch/xpack/entsearch/ConnectorSecretsSystemIndexIT.java b/x-pack/plugin/ent-search/src/javaRestTest/java/org/elasticsearch/xpack/entsearch/ConnectorSecretsSystemIndexIT.java deleted file mode 100644 index 730ad1d83a318..0000000000000 --- a/x-pack/plugin/ent-search/src/javaRestTest/java/org/elasticsearch/xpack/entsearch/ConnectorSecretsSystemIndexIT.java +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.entsearch; - -import org.apache.http.util.EntityUtils; -import org.elasticsearch.client.Request; -import org.elasticsearch.client.Response; -import org.elasticsearch.client.ResponseException; -import org.elasticsearch.common.bytes.BytesReference; -import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.common.util.concurrent.ThreadContext; -import org.elasticsearch.common.xcontent.XContentHelper; -import org.elasticsearch.test.SecuritySettingsSourceField; -import org.elasticsearch.test.rest.ESRestTestCase; -import org.elasticsearch.xcontent.XContentBuilder; -import org.elasticsearch.xcontent.XContentType; -import org.elasticsearch.xcontent.json.JsonXContent; - -import java.io.IOException; -import java.util.Map; - -import static org.hamcrest.Matchers.is; - -public class ConnectorSecretsSystemIndexIT extends ESRestTestCase { - - static final String BASIC_AUTH_VALUE = basicAuthHeaderValue( - "x_pack_rest_user", - SecuritySettingsSourceField.TEST_PASSWORD_SECURE_STRING - ); - - @Override - protected Settings restClientSettings() { - return Settings.builder().put(ThreadContext.PREFIX + ".Authorization", BASIC_AUTH_VALUE).build(); - } - - public void testConnectorSecretsCRUD() throws Exception { - // post secret - final String secretJson = getPostSecretJson(); - Request postRequest = new Request("POST", "/_connector/_secret/"); - postRequest.setJsonEntity(secretJson); - Response postResponse = client().performRequest(postRequest); - assertThat(postResponse.getStatusLine().getStatusCode(), is(200)); - Map responseMap = getResponseMap(postResponse); - assertThat(responseMap.size(), is(1)); - assertTrue(responseMap.containsKey("id")); - final String id = responseMap.get("id").toString(); - - // get secret - Request getRequest = new Request("GET", "/_connector/_secret/" + id); - Response getResponse = client().performRequest(getRequest); - assertThat(getResponse.getStatusLine().getStatusCode(), is(200)); - responseMap = getResponseMap(getResponse); - assertThat(responseMap.size(), is(2)); - assertTrue(responseMap.containsKey("id")); - assertTrue(responseMap.containsKey("value")); - assertThat(responseMap.get("value"), is("test secret")); - } - - public void testPostInvalidSecretBody() throws Exception { - Request postRequest = new Request("POST", "/_connector/_secret/"); - postRequest.setJsonEntity(""" - {"something":"else"}"""); - ResponseException re = expectThrows(ResponseException.class, () -> client().performRequest(postRequest)); - Response getResponse = re.getResponse(); - assertThat(getResponse.getStatusLine().getStatusCode(), is(400)); - } - - public void testGetNonExistingSecret() { - Request getRequest = new Request("GET", "/_connector/_secret/123"); - ResponseException re = expectThrows(ResponseException.class, () -> client().performRequest(getRequest)); - Response getResponse = re.getResponse(); - assertThat(getResponse.getStatusLine().getStatusCode(), is(404)); - } - - private String getPostSecretJson() throws IOException { - try (XContentBuilder builder = JsonXContent.contentBuilder()) { - builder.startObject(); - { - builder.field("value", "test secret"); - } - builder.endObject(); - return BytesReference.bytes(builder).utf8ToString(); - } - } - - private Map getResponseMap(Response response) throws IOException { - return XContentHelper.convertToMap(XContentType.JSON.xContent(), EntityUtils.toString(response.getEntity()), false); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/module-info.java b/x-pack/plugin/ent-search/src/main/java/module-info.java index 5850b279f8b09..d8cbceda4d8a3 100644 --- a/x-pack/plugin/ent-search/src/main/java/module-info.java +++ b/x-pack/plugin/ent-search/src/main/java/module-info.java @@ -39,6 +39,4 @@ exports org.elasticsearch.xpack.application.connector.syncjob.action; provides org.elasticsearch.features.FeatureSpecification with org.elasticsearch.xpack.application.EnterpriseSearchFeatures; - - exports org.elasticsearch.xpack.application.connector.secrets.action to org.elasticsearch.server; } diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/EnterpriseSearch.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/EnterpriseSearch.java index d344bd60a22bd..4b31778d469ac 100644 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/EnterpriseSearch.java +++ b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/EnterpriseSearch.java @@ -88,14 +88,6 @@ import org.elasticsearch.xpack.application.connector.action.UpdateConnectorPipelineAction; import org.elasticsearch.xpack.application.connector.action.UpdateConnectorSchedulingAction; import org.elasticsearch.xpack.application.connector.action.UpdateConnectorServiceTypeAction; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsFeature; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsIndexService; -import org.elasticsearch.xpack.application.connector.secrets.action.GetConnectorSecretAction; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretAction; -import org.elasticsearch.xpack.application.connector.secrets.action.RestGetConnectorSecretAction; -import org.elasticsearch.xpack.application.connector.secrets.action.RestPostConnectorSecretAction; -import org.elasticsearch.xpack.application.connector.secrets.action.TransportGetConnectorSecretAction; -import org.elasticsearch.xpack.application.connector.secrets.action.TransportPostConnectorSecretAction; import org.elasticsearch.xpack.application.connector.syncjob.action.CancelConnectorSyncJobAction; import org.elasticsearch.xpack.application.connector.syncjob.action.CheckInConnectorSyncJobAction; import org.elasticsearch.xpack.application.connector.syncjob.action.DeleteConnectorSyncJobAction; @@ -268,15 +260,6 @@ protected XPackLicenseState getLicenseState() { ); } - if (ConnectorSecretsFeature.isEnabled()) { - actionHandlers.addAll( - List.of( - new ActionHandler<>(GetConnectorSecretAction.INSTANCE, TransportGetConnectorSecretAction.class), - new ActionHandler<>(PostConnectorSecretAction.INSTANCE, TransportPostConnectorSecretAction.class) - ) - ); - } - return Collections.unmodifiableList(actionHandlers); } @@ -354,10 +337,6 @@ public List getRestHandlers( ); } - if (ConnectorSecretsFeature.isEnabled()) { - restHandlers.addAll(List.of(new RestGetConnectorSecretAction(), new RestPostConnectorSecretAction())); - } - return Collections.unmodifiableList(restHandlers); } @@ -392,15 +371,7 @@ public Collection createComponents(PluginServices services) { @Override public Collection getSystemIndexDescriptors(Settings settings) { - Collection systemIndices = new ArrayList<>( - List.of(SearchApplicationIndexService.getSystemIndexDescriptor(), QueryRulesIndexService.getSystemIndexDescriptor()) - ); - - if (ConnectorSecretsFeature.isEnabled()) { - systemIndices.add(ConnectorSecretsIndexService.getSystemIndexDescriptor()); - } - - return systemIndices; + return Arrays.asList(SearchApplicationIndexService.getSystemIndexDescriptor(), QueryRulesIndexService.getSystemIndexDescriptor()); } @Override diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsFeature.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsFeature.java deleted file mode 100644 index 7fd109db40470..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsFeature.java +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets; - -import org.elasticsearch.common.util.FeatureFlag; - -/** - * Connector Secrets feature flag. When the feature is complete, this flag will be removed. - */ -public class ConnectorSecretsFeature { - - private static final FeatureFlag SECRETS_FEATURE_FLAG = new FeatureFlag("connector_secrets"); - - /** - * Enables the Connectors Secrets feature by default for the tech preview phase. - * As documented, the Connectors Secrets is currently a tech preview feature, - * and customers should be aware that no SLAs or support are guaranteed during - * its pre-General Availability (GA) stage. - * - * Instead of removing the feature flag from the code, we enable it by default. - * This approach allows for the complete deactivation of the feature during the QA phase, - * should any critical bugs be discovered, with a single, trackable code change. - */ - public static boolean isEnabled() { - return true; - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexService.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexService.java deleted file mode 100644 index 633909ac2aa89..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexService.java +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets; - -import org.elasticsearch.ResourceNotFoundException; -import org.elasticsearch.Version; -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.action.admin.indices.template.put.PutIndexTemplateRequest; -import org.elasticsearch.client.internal.Client; -import org.elasticsearch.client.internal.OriginSettingClient; -import org.elasticsearch.indices.SystemIndexDescriptor; -import org.elasticsearch.xcontent.XContentType; -import org.elasticsearch.xpack.application.connector.secrets.action.GetConnectorSecretResponse; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretRequest; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretResponse; -import org.elasticsearch.xpack.core.template.TemplateUtils; - -import java.util.Map; - -import static org.elasticsearch.xcontent.XContentFactory.jsonBuilder; -import static org.elasticsearch.xpack.core.ClientHelper.CONNECTORS_ORIGIN; - -/** - * A service that manages persistent Connector Secrets. - */ -public class ConnectorSecretsIndexService { - - private final Client clientWithOrigin; - - public static final String CONNECTOR_SECRETS_INDEX_NAME = ".connector-secrets"; - private static final int CURRENT_INDEX_VERSION = 1; - private static final String MAPPING_VERSION_VARIABLE = "connector-secrets.version"; - private static final String MAPPING_MANAGED_VERSION_VARIABLE = "connector-secrets.managed.index.version"; - - public ConnectorSecretsIndexService(Client client) { - this.clientWithOrigin = new OriginSettingClient(client, CONNECTORS_ORIGIN); - } - - /** - * Returns the {@link SystemIndexDescriptor} for the Connector Secrets system index. - * - * @return The {@link SystemIndexDescriptor} for the Connector Secrets system index. - */ - public static SystemIndexDescriptor getSystemIndexDescriptor() { - PutIndexTemplateRequest request = new PutIndexTemplateRequest(); - - String templateSource = TemplateUtils.loadTemplate( - "/connector-secrets.json", - Version.CURRENT.toString(), - MAPPING_VERSION_VARIABLE, - Map.of(MAPPING_MANAGED_VERSION_VARIABLE, Integer.toString(CURRENT_INDEX_VERSION)) - ); - request.source(templateSource, XContentType.JSON); - - return SystemIndexDescriptor.builder() - .setIndexPattern(CONNECTOR_SECRETS_INDEX_NAME + "*") - .setPrimaryIndex(CONNECTOR_SECRETS_INDEX_NAME + "-" + CURRENT_INDEX_VERSION) - .setDescription("Secret values managed by Connectors") - .setMappings(request.mappings()) - .setSettings(request.settings()) - .setAliasName(CONNECTOR_SECRETS_INDEX_NAME) - .setVersionMetaKey("version") - .setOrigin(CONNECTORS_ORIGIN) - .setType(SystemIndexDescriptor.Type.INTERNAL_MANAGED) - .build(); - } - - public void getSecret(String id, ActionListener listener) { - clientWithOrigin.prepareGet(CONNECTOR_SECRETS_INDEX_NAME, id).execute(listener.delegateFailureAndWrap((delegate, getResponse) -> { - if (getResponse.isSourceEmpty()) { - delegate.onFailure(new ResourceNotFoundException("No secret with id [" + id + "]")); - return; - } - delegate.onResponse(new GetConnectorSecretResponse(getResponse.getId(), getResponse.getSource().get("value").toString())); - })); - } - - public void createSecret(PostConnectorSecretRequest request, ActionListener listener) { - try { - clientWithOrigin.prepareIndex(CONNECTOR_SECRETS_INDEX_NAME) - .setSource(request.toXContent(jsonBuilder())) - .execute( - listener.delegateFailureAndWrap( - (l, indexResponse) -> l.onResponse(new PostConnectorSecretResponse(indexResponse.getId())) - ) - ); - } catch (Exception e) { - listener.onFailure(e); - } - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretAction.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretAction.java deleted file mode 100644 index cc0601336242c..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretAction.java +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionType; - -public class GetConnectorSecretAction extends ActionType { - - public static final String NAME = "cluster:admin/xpack/connector/secret/get"; - - public static final GetConnectorSecretAction INSTANCE = new GetConnectorSecretAction(); - - private GetConnectorSecretAction() { - super(NAME, GetConnectorSecretResponse::new); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequest.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequest.java deleted file mode 100644 index cf1cc0f563eba..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequest.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionRequest; -import org.elasticsearch.action.ActionRequestValidationException; -import org.elasticsearch.common.Strings; -import org.elasticsearch.common.io.stream.StreamInput; -import org.elasticsearch.common.io.stream.StreamOutput; - -import java.io.IOException; -import java.util.Objects; - -import static org.elasticsearch.action.ValidateActions.addValidationError; - -public class GetConnectorSecretRequest extends ActionRequest { - - private final String id; - - public GetConnectorSecretRequest(String id) { - this.id = Objects.requireNonNull(id); - } - - public GetConnectorSecretRequest(StreamInput in) throws IOException { - super(in); - id = in.readString(); - } - - public String id() { - return id; - } - - @Override - public void writeTo(StreamOutput out) throws IOException { - super.writeTo(out); - out.writeString(id); - } - - @Override - public ActionRequestValidationException validate() { - ActionRequestValidationException validationException = null; - - if (Strings.isNullOrEmpty(id)) { - validationException = addValidationError("id missing", validationException); - } - - return validationException; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - GetConnectorSecretRequest that = (GetConnectorSecretRequest) o; - return Objects.equals(id, that.id); - } - - @Override - public int hashCode() { - return Objects.hash(id); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponse.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponse.java deleted file mode 100644 index 3bbcb8212d51c..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponse.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionResponse; -import org.elasticsearch.common.io.stream.StreamInput; -import org.elasticsearch.common.io.stream.StreamOutput; -import org.elasticsearch.xcontent.ToXContent; -import org.elasticsearch.xcontent.ToXContentObject; -import org.elasticsearch.xcontent.XContentBuilder; - -import java.io.IOException; -import java.util.Objects; - -public class GetConnectorSecretResponse extends ActionResponse implements ToXContentObject { - - private final String id; - private final String value; - - public GetConnectorSecretResponse(StreamInput in) throws IOException { - super(in); - id = in.readString(); - value = in.readString(); - } - - public GetConnectorSecretResponse(String id, String value) { - this.id = id; - this.value = value; - } - - public String id() { - return id; - } - - public String value() { - return value; - } - - @Override - public void writeTo(StreamOutput out) throws IOException { - out.writeString(id); - out.writeString(value); - } - - @Override - public XContentBuilder toXContent(XContentBuilder builder, ToXContent.Params params) throws IOException { - builder.startObject(); - builder.field("id", id); - builder.field("value", value); - return builder.endObject(); - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - GetConnectorSecretResponse that = (GetConnectorSecretResponse) o; - return Objects.equals(id, that.id) && Objects.equals(value, that.value); - } - - @Override - public int hashCode() { - return Objects.hash(id, value); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretAction.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretAction.java deleted file mode 100644 index 44bc3a03be5c8..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretAction.java +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionType; - -public class PostConnectorSecretAction extends ActionType { - - public static final String NAME = "cluster:admin/xpack/connector/secret/post"; - - public static final PostConnectorSecretAction INSTANCE = new PostConnectorSecretAction(); - - private PostConnectorSecretAction() { - super(NAME, PostConnectorSecretResponse::new); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequest.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequest.java deleted file mode 100644 index 2e565dece7eca..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequest.java +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionRequest; -import org.elasticsearch.action.ActionRequestValidationException; -import org.elasticsearch.common.Strings; -import org.elasticsearch.common.io.stream.StreamInput; -import org.elasticsearch.common.io.stream.StreamOutput; -import org.elasticsearch.xcontent.ConstructingObjectParser; -import org.elasticsearch.xcontent.ObjectParser; -import org.elasticsearch.xcontent.ParseField; -import org.elasticsearch.xcontent.XContentBuilder; -import org.elasticsearch.xcontent.XContentParser; - -import java.io.IOException; -import java.util.Objects; - -public class PostConnectorSecretRequest extends ActionRequest { - - public static final ParseField VALUE_FIELD = new ParseField("value"); - - public static final ConstructingObjectParser PARSER = new ConstructingObjectParser<>( - "post_secret_request", - args -> { - return new PostConnectorSecretRequest((String) args[0]); - } - ); - - static { - PARSER.declareField( - ConstructingObjectParser.optionalConstructorArg(), - (p, c) -> p.text(), - VALUE_FIELD, - ObjectParser.ValueType.STRING - ); - } - - public static PostConnectorSecretRequest fromXContent(XContentParser parser) throws IOException { - return PARSER.parse(parser, null); - } - - private final String value; - - public PostConnectorSecretRequest(String value) { - this.value = value; - } - - public PostConnectorSecretRequest(StreamInput in) throws IOException { - super(in); - this.value = in.readString(); - } - - public String value() { - return value; - } - - public XContentBuilder toXContent(XContentBuilder builder) throws IOException { - builder.startObject(); - builder.field(VALUE_FIELD.getPreferredName(), this.value); - builder.endObject(); - return builder; - } - - @Override - public void writeTo(StreamOutput out) throws IOException { - super.writeTo(out); - out.writeString(value); - } - - @Override - public ActionRequestValidationException validate() { - if (Strings.isNullOrEmpty(this.value)) { - ActionRequestValidationException exception = new ActionRequestValidationException(); - exception.addValidationError("value is missing"); - return exception; - } - - return null; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - PostConnectorSecretRequest that = (PostConnectorSecretRequest) o; - return Objects.equals(value, that.value); - } - - @Override - public int hashCode() { - return Objects.hash(value); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponse.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponse.java deleted file mode 100644 index 068b510c5fad5..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponse.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionResponse; -import org.elasticsearch.common.io.stream.StreamInput; -import org.elasticsearch.common.io.stream.StreamOutput; -import org.elasticsearch.xcontent.ToXContent; -import org.elasticsearch.xcontent.ToXContentObject; -import org.elasticsearch.xcontent.XContentBuilder; - -import java.io.IOException; -import java.util.Objects; - -public class PostConnectorSecretResponse extends ActionResponse implements ToXContentObject { - - private final String id; - - public PostConnectorSecretResponse(String id) { - this.id = id; - } - - public PostConnectorSecretResponse(StreamInput in) throws IOException { - super(in); - this.id = in.readString(); - } - - public String id() { - return id; - } - - @Override - public void writeTo(StreamOutput out) throws IOException { - out.writeString(id); - } - - @Override - public XContentBuilder toXContent(XContentBuilder builder, ToXContent.Params params) throws IOException { - builder.startObject(); - builder.field("id", id); - return builder.endObject(); - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - PostConnectorSecretResponse that = (PostConnectorSecretResponse) o; - return Objects.equals(id, that.id); - } - - @Override - public int hashCode() { - return Objects.hash(id); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestGetConnectorSecretAction.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestGetConnectorSecretAction.java deleted file mode 100644 index 6ab5c1055c3a4..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestGetConnectorSecretAction.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.client.internal.node.NodeClient; -import org.elasticsearch.rest.BaseRestHandler; -import org.elasticsearch.rest.RestRequest; -import org.elasticsearch.rest.Scope; -import org.elasticsearch.rest.ServerlessScope; -import org.elasticsearch.rest.action.RestToXContentListener; - -import java.io.IOException; -import java.util.List; - -@ServerlessScope(Scope.INTERNAL) -public class RestGetConnectorSecretAction extends BaseRestHandler { - - @Override - public String getName() { - return "connector_get_secret"; - } - - @Override - public List routes() { - return List.of(new Route(RestRequest.Method.GET, "/_connector/_secret/{id}")); - } - - @Override - protected RestChannelConsumer prepareRequest(RestRequest request, NodeClient client) throws IOException { - final String id = request.param("id"); - return restChannel -> client.execute( - GetConnectorSecretAction.INSTANCE, - new GetConnectorSecretRequest(id), - new RestToXContentListener<>(restChannel) - ); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestPostConnectorSecretAction.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestPostConnectorSecretAction.java deleted file mode 100644 index eeacde1bdb3c5..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/RestPostConnectorSecretAction.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.client.internal.node.NodeClient; -import org.elasticsearch.rest.BaseRestHandler; -import org.elasticsearch.rest.RestRequest; -import org.elasticsearch.rest.Scope; -import org.elasticsearch.rest.ServerlessScope; -import org.elasticsearch.rest.action.RestToXContentListener; -import org.elasticsearch.xcontent.XContentParser; - -import java.io.IOException; -import java.util.List; - -@ServerlessScope(Scope.INTERNAL) -public class RestPostConnectorSecretAction extends BaseRestHandler { - - @Override - public String getName() { - return "connector_post_secret"; - } - - @Override - public List routes() { - return List.of(new Route(RestRequest.Method.POST, "/_connector/_secret")); - } - - @Override - protected RestChannelConsumer prepareRequest(RestRequest request, NodeClient client) throws IOException { - try (XContentParser parser = request.contentParser()) { - PostConnectorSecretRequest postSecretRequest = PostConnectorSecretRequest.fromXContent(parser); - return restChannel -> client.execute( - PostConnectorSecretAction.INSTANCE, - postSecretRequest, - new RestToXContentListener<>(restChannel) - ); - } - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretAction.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretAction.java deleted file mode 100644 index aaa03fa13298f..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretAction.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.action.support.ActionFilters; -import org.elasticsearch.action.support.HandledTransportAction; -import org.elasticsearch.client.internal.Client; -import org.elasticsearch.common.inject.Inject; -import org.elasticsearch.common.util.concurrent.EsExecutors; -import org.elasticsearch.tasks.Task; -import org.elasticsearch.transport.TransportService; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsIndexService; - -public class TransportGetConnectorSecretAction extends HandledTransportAction { - - private final ConnectorSecretsIndexService connectorSecretsIndexService; - - @Inject - public TransportGetConnectorSecretAction(TransportService transportService, ActionFilters actionFilters, Client client) { - super( - GetConnectorSecretAction.NAME, - transportService, - actionFilters, - GetConnectorSecretRequest::new, - EsExecutors.DIRECT_EXECUTOR_SERVICE - ); - this.connectorSecretsIndexService = new ConnectorSecretsIndexService(client); - } - - protected void doExecute(Task task, GetConnectorSecretRequest request, ActionListener listener) { - connectorSecretsIndexService.getSecret(request.id(), listener); - } -} diff --git a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretAction.java b/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretAction.java deleted file mode 100644 index 7cc3195ccbbf2..0000000000000 --- a/x-pack/plugin/ent-search/src/main/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretAction.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.action.support.ActionFilters; -import org.elasticsearch.action.support.HandledTransportAction; -import org.elasticsearch.client.internal.Client; -import org.elasticsearch.common.inject.Inject; -import org.elasticsearch.common.util.concurrent.EsExecutors; -import org.elasticsearch.tasks.Task; -import org.elasticsearch.transport.TransportService; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsIndexService; - -public class TransportPostConnectorSecretAction extends HandledTransportAction { - - private final ConnectorSecretsIndexService connectorSecretsIndexService; - - @Inject - public TransportPostConnectorSecretAction(TransportService transportService, ActionFilters actionFilters, Client client) { - super( - PostConnectorSecretAction.NAME, - transportService, - actionFilters, - PostConnectorSecretRequest::new, - EsExecutors.DIRECT_EXECUTOR_SERVICE - ); - this.connectorSecretsIndexService = new ConnectorSecretsIndexService(client); - } - - protected void doExecute(Task task, PostConnectorSecretRequest request, ActionListener listener) { - connectorSecretsIndexService.createSecret(request, listener); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexServiceTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexServiceTests.java deleted file mode 100644 index f9a548a47feb3..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsIndexServiceTests.java +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets; - -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.test.ESSingleNodeTestCase; -import org.elasticsearch.xpack.application.connector.secrets.action.GetConnectorSecretResponse; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretRequest; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretResponse; -import org.junit.Before; - -import java.util.concurrent.CountDownLatch; -import java.util.concurrent.TimeUnit; -import java.util.concurrent.atomic.AtomicReference; - -import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.notNullValue; - -public class ConnectorSecretsIndexServiceTests extends ESSingleNodeTestCase { - - private static final int TIMEOUT_SECONDS = 10; - - private ConnectorSecretsIndexService connectorSecretsIndexService; - - @Before - public void setup() throws Exception { - this.connectorSecretsIndexService = new ConnectorSecretsIndexService(client()); - } - - public void testCreateAndGetConnectorSecret() throws Exception { - PostConnectorSecretRequest createSecretRequest = ConnectorSecretsTestUtils.getRandomPostConnectorSecretRequest(); - PostConnectorSecretResponse createdSecret = awaitPostConnectorSecret(createSecretRequest); - - GetConnectorSecretResponse gotSecret = awaitGetConnectorSecret(createdSecret.id()); - - assertThat(gotSecret.id(), equalTo(createdSecret.id())); - assertThat(gotSecret.value(), notNullValue()); - } - - private PostConnectorSecretResponse awaitPostConnectorSecret(PostConnectorSecretRequest secretRequest) throws Exception { - CountDownLatch latch = new CountDownLatch(1); - - final AtomicReference responseRef = new AtomicReference<>(null); - final AtomicReference exception = new AtomicReference<>(null); - - connectorSecretsIndexService.createSecret(secretRequest, new ActionListener<>() { - @Override - public void onResponse(PostConnectorSecretResponse postConnectorSecretResponse) { - responseRef.set(postConnectorSecretResponse); - latch.countDown(); - } - - @Override - public void onFailure(Exception e) { - exception.set(e); - latch.countDown(); - } - }); - - if (exception.get() != null) { - throw exception.get(); - } - - boolean requestTimedOut = latch.await(TIMEOUT_SECONDS, TimeUnit.SECONDS); - PostConnectorSecretResponse response = responseRef.get(); - - assertTrue("Timeout waiting for post request", requestTimedOut); - assertNotNull("Received null response from post request", response); - - return response; - } - - private GetConnectorSecretResponse awaitGetConnectorSecret(String connectorSecretId) throws Exception { - CountDownLatch latch = new CountDownLatch(1); - final AtomicReference resp = new AtomicReference<>(null); - final AtomicReference exc = new AtomicReference<>(null); - - connectorSecretsIndexService.getSecret(connectorSecretId, new ActionListener() { - @Override - public void onResponse(GetConnectorSecretResponse response) { - resp.set(response); - latch.countDown(); - } - - @Override - public void onFailure(Exception e) { - exc.set(e); - latch.countDown(); - } - }); - - assertTrue("Timeout waiting for get request", latch.await(TIMEOUT_SECONDS, TimeUnit.SECONDS)); - if (exc.get() != null) { - throw exc.get(); - } - assertNotNull("Received null response from get request", resp.get()); - return resp.get(); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsTestUtils.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsTestUtils.java deleted file mode 100644 index c7cec3a263af0..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/ConnectorSecretsTestUtils.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets; - -import org.elasticsearch.xpack.application.connector.secrets.action.GetConnectorSecretRequest; -import org.elasticsearch.xpack.application.connector.secrets.action.GetConnectorSecretResponse; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretRequest; -import org.elasticsearch.xpack.application.connector.secrets.action.PostConnectorSecretResponse; - -import static org.elasticsearch.test.ESTestCase.randomAlphaOfLength; -import static org.elasticsearch.test.ESTestCase.randomAlphaOfLengthBetween; - -public class ConnectorSecretsTestUtils { - - public static GetConnectorSecretRequest getRandomGetConnectorSecretRequest() { - return new GetConnectorSecretRequest(randomAlphaOfLength(10)); - } - - public static GetConnectorSecretResponse getRandomGetConnectorSecretResponse() { - final String id = randomAlphaOfLength(10); - final String value = randomAlphaOfLength(10); - return new GetConnectorSecretResponse(id, value); - } - - public static PostConnectorSecretRequest getRandomPostConnectorSecretRequest() { - return new PostConnectorSecretRequest(randomAlphaOfLengthBetween(0, 20)); - } - - public static PostConnectorSecretResponse getRandomPostConnectorSecretResponse() { - return new PostConnectorSecretResponse(randomAlphaOfLength(10)); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretActionTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretActionTests.java deleted file mode 100644 index 9fc01e56ee5a0..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretActionTests.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionRequestValidationException; -import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; - -import static org.hamcrest.Matchers.containsString; -import static org.hamcrest.Matchers.notNullValue; -import static org.hamcrest.Matchers.nullValue; - -public class GetConnectorSecretActionTests extends ESTestCase { - - public void testValidate_WhenConnectorSecretIdIsPresent_ExpectNoValidationError() { - GetConnectorSecretRequest request = ConnectorSecretsTestUtils.getRandomGetConnectorSecretRequest(); - ActionRequestValidationException exception = request.validate(); - - assertThat(exception, nullValue()); - } - - public void testValidate_WhenConnectorSecretIdIsEmpty_ExpectValidationError() { - GetConnectorSecretRequest requestWithMissingConnectorId = new GetConnectorSecretRequest(""); - ActionRequestValidationException exception = requestWithMissingConnectorId.validate(); - - assertThat(exception, notNullValue()); - assertThat(exception.getMessage(), containsString("id missing")); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequestBWCSerializingTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequestBWCSerializingTests.java deleted file mode 100644 index abac910aa1dac..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretRequestBWCSerializingTests.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.TransportVersion; -import org.elasticsearch.common.io.stream.Writeable; -import org.elasticsearch.xpack.core.ml.AbstractBWCWireSerializationTestCase; - -import java.io.IOException; - -public class GetConnectorSecretRequestBWCSerializingTests extends AbstractBWCWireSerializationTestCase { - - @Override - protected Writeable.Reader instanceReader() { - return GetConnectorSecretRequest::new; - } - - @Override - protected GetConnectorSecretRequest createTestInstance() { - return new GetConnectorSecretRequest(randomAlphaOfLengthBetween(1, 10)); - } - - @Override - protected GetConnectorSecretRequest mutateInstance(GetConnectorSecretRequest instance) throws IOException { - return randomValueOtherThan(instance, this::createTestInstance); - } - - @Override - protected GetConnectorSecretRequest mutateInstanceForVersion(GetConnectorSecretRequest instance, TransportVersion version) { - return new GetConnectorSecretRequest(instance.id()); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponseBWCSerializingTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponseBWCSerializingTests.java deleted file mode 100644 index 4448024814df3..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/GetConnectorSecretResponseBWCSerializingTests.java +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.TransportVersion; -import org.elasticsearch.common.io.stream.NamedWriteableRegistry; -import org.elasticsearch.common.io.stream.Writeable; -import org.elasticsearch.xpack.application.connector.Connector; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; -import org.elasticsearch.xpack.core.ml.AbstractBWCWireSerializationTestCase; - -import java.io.IOException; -import java.util.List; - -public class GetConnectorSecretResponseBWCSerializingTests extends AbstractBWCWireSerializationTestCase { - - @Override - public NamedWriteableRegistry getNamedWriteableRegistry() { - return new NamedWriteableRegistry(List.of(new NamedWriteableRegistry.Entry(Connector.class, Connector.NAME, Connector::new))); - } - - @Override - protected Writeable.Reader instanceReader() { - return GetConnectorSecretResponse::new; - } - - @Override - protected GetConnectorSecretResponse createTestInstance() { - return ConnectorSecretsTestUtils.getRandomGetConnectorSecretResponse(); - } - - @Override - protected GetConnectorSecretResponse mutateInstance(GetConnectorSecretResponse instance) throws IOException { - return randomValueOtherThan(instance, this::createTestInstance); - } - - @Override - protected GetConnectorSecretResponse mutateInstanceForVersion(GetConnectorSecretResponse instance, TransportVersion version) { - return instance; - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretActionTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretActionTests.java deleted file mode 100644 index f1e1a670b2748..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretActionTests.java +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionRequestValidationException; -import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; - -import static org.hamcrest.Matchers.containsString; -import static org.hamcrest.Matchers.notNullValue; -import static org.hamcrest.Matchers.nullValue; - -public class PostConnectorSecretActionTests extends ESTestCase { - - public void testValidate_WhenConnectorSecretIdIsPresent_ExpectNoValidationError() { - PostConnectorSecretRequest request = ConnectorSecretsTestUtils.getRandomPostConnectorSecretRequest(); - ActionRequestValidationException exception = request.validate(); - - assertThat(exception, nullValue()); - } - - public void testValidate_WhenConnectorSecretIdIsEmpty_ExpectValidationError() { - PostConnectorSecretRequest requestWithMissingValue = new PostConnectorSecretRequest(""); - ActionRequestValidationException exception = requestWithMissingValue.validate(); - - assertThat(exception, notNullValue()); - assertThat(exception.getMessage(), containsString("value is missing")); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequestBWCSerializingTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequestBWCSerializingTests.java deleted file mode 100644 index b7f8c501a91e8..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretRequestBWCSerializingTests.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.TransportVersion; -import org.elasticsearch.common.io.stream.Writeable; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; -import org.elasticsearch.xpack.core.ml.AbstractBWCWireSerializationTestCase; - -import java.io.IOException; - -public class PostConnectorSecretRequestBWCSerializingTests extends AbstractBWCWireSerializationTestCase { - - @Override - protected Writeable.Reader instanceReader() { - return PostConnectorSecretRequest::new; - } - - @Override - protected PostConnectorSecretRequest createTestInstance() { - return ConnectorSecretsTestUtils.getRandomPostConnectorSecretRequest(); - } - - @Override - protected PostConnectorSecretRequest mutateInstance(PostConnectorSecretRequest instance) throws IOException { - return randomValueOtherThan(instance, this::createTestInstance); - } - - @Override - protected PostConnectorSecretRequest mutateInstanceForVersion(PostConnectorSecretRequest instance, TransportVersion version) { - return instance; - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponseBWCSerializingTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponseBWCSerializingTests.java deleted file mode 100644 index e114181270e95..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/PostConnectorSecretResponseBWCSerializingTests.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.TransportVersion; -import org.elasticsearch.common.io.stream.Writeable; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; -import org.elasticsearch.xpack.core.ml.AbstractBWCWireSerializationTestCase; - -import java.io.IOException; - -public class PostConnectorSecretResponseBWCSerializingTests extends AbstractBWCWireSerializationTestCase { - - @Override - protected Writeable.Reader instanceReader() { - return PostConnectorSecretResponse::new; - } - - @Override - protected PostConnectorSecretResponse createTestInstance() { - return ConnectorSecretsTestUtils.getRandomPostConnectorSecretResponse(); - } - - @Override - protected PostConnectorSecretResponse mutateInstance(PostConnectorSecretResponse instance) throws IOException { - return randomValueOtherThan(instance, this::createTestInstance); - } - - @Override - protected PostConnectorSecretResponse mutateInstanceForVersion(PostConnectorSecretResponse instance, TransportVersion version) { - return instance; - } - -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretActionTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretActionTests.java deleted file mode 100644 index 6b046c7e44506..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportGetConnectorSecretActionTests.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.action.support.ActionFilters; -import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.tasks.Task; -import org.elasticsearch.test.ESSingleNodeTestCase; -import org.elasticsearch.threadpool.TestThreadPool; -import org.elasticsearch.threadpool.ThreadPool; -import org.elasticsearch.transport.Transport; -import org.elasticsearch.transport.TransportService; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; -import org.junit.Before; - -import java.util.Collections; -import java.util.concurrent.CountDownLatch; -import java.util.concurrent.TimeUnit; - -import static org.mockito.Mockito.mock; - -public class TransportGetConnectorSecretActionTests extends ESSingleNodeTestCase { - - private static final Long TIMEOUT_SECONDS = 10L; - - private final ThreadPool threadPool = new TestThreadPool(getClass().getName()); - private TransportGetConnectorSecretAction action; - - @Before - public void setup() { - TransportService transportService = new TransportService( - Settings.EMPTY, - mock(Transport.class), - threadPool, - TransportService.NOOP_TRANSPORT_INTERCEPTOR, - x -> null, - null, - Collections.emptySet() - ); - - action = new TransportGetConnectorSecretAction(transportService, mock(ActionFilters.class), client()); - } - - @Override - public void tearDown() throws Exception { - super.tearDown(); - ThreadPool.terminate(threadPool, TIMEOUT_SECONDS, TimeUnit.SECONDS); - } - - public void testGetConnectorSecret_ExpectNoWarnings() throws InterruptedException { - GetConnectorSecretRequest request = ConnectorSecretsTestUtils.getRandomGetConnectorSecretRequest(); - - executeRequest(request); - - ensureNoWarnings(); - } - - private void executeRequest(GetConnectorSecretRequest request) throws InterruptedException { - final CountDownLatch latch = new CountDownLatch(1); - action.doExecute(mock(Task.class), request, ActionListener.wrap(response -> latch.countDown(), exception -> latch.countDown())); - - boolean requestTimedOut = latch.await(TIMEOUT_SECONDS, TimeUnit.SECONDS); - - assertTrue("Timeout waiting for get request", requestTimedOut); - } -} diff --git a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretActionTests.java b/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretActionTests.java deleted file mode 100644 index 056d2786de1d7..0000000000000 --- a/x-pack/plugin/ent-search/src/test/java/org/elasticsearch/xpack/application/connector/secrets/action/TransportPostConnectorSecretActionTests.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -package org.elasticsearch.xpack.application.connector.secrets.action; - -import org.elasticsearch.action.ActionListener; -import org.elasticsearch.action.support.ActionFilters; -import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.tasks.Task; -import org.elasticsearch.test.ESSingleNodeTestCase; -import org.elasticsearch.threadpool.TestThreadPool; -import org.elasticsearch.threadpool.ThreadPool; -import org.elasticsearch.transport.Transport; -import org.elasticsearch.transport.TransportService; -import org.elasticsearch.xpack.application.connector.secrets.ConnectorSecretsTestUtils; -import org.junit.Before; - -import java.util.Collections; -import java.util.concurrent.CountDownLatch; -import java.util.concurrent.TimeUnit; - -import static org.mockito.Mockito.mock; - -public class TransportPostConnectorSecretActionTests extends ESSingleNodeTestCase { - - private static final Long TIMEOUT_SECONDS = 10L; - - private final ThreadPool threadPool = new TestThreadPool(getClass().getName()); - private TransportPostConnectorSecretAction action; - - @Before - public void setup() { - TransportService transportService = new TransportService( - Settings.EMPTY, - mock(Transport.class), - threadPool, - TransportService.NOOP_TRANSPORT_INTERCEPTOR, - x -> null, - null, - Collections.emptySet() - ); - - action = new TransportPostConnectorSecretAction(transportService, mock(ActionFilters.class), client()); - } - - @Override - public void tearDown() throws Exception { - super.tearDown(); - ThreadPool.terminate(threadPool, TIMEOUT_SECONDS, TimeUnit.SECONDS); - } - - public void testPostConnectorSecret_ExpectNoWarnings() throws InterruptedException { - PostConnectorSecretRequest request = ConnectorSecretsTestUtils.getRandomPostConnectorSecretRequest(); - - executeRequest(request); - - ensureNoWarnings(); - } - - private void executeRequest(PostConnectorSecretRequest request) throws InterruptedException { - final CountDownLatch latch = new CountDownLatch(1); - action.doExecute(mock(Task.class), request, ActionListener.wrap(response -> latch.countDown(), exception -> latch.countDown())); - - boolean requestTimedOut = latch.await(TIMEOUT_SECONDS, TimeUnit.SECONDS); - - assertTrue("Timeout waiting for post request", requestTimedOut); - } -} diff --git a/x-pack/plugin/security/qa/operator-privileges-tests/src/javaRestTest/java/org/elasticsearch/xpack/security/operator/Constants.java b/x-pack/plugin/security/qa/operator-privileges-tests/src/javaRestTest/java/org/elasticsearch/xpack/security/operator/Constants.java index ce9db5015a0da..d4d0bded045f6 100644 --- a/x-pack/plugin/security/qa/operator-privileges-tests/src/javaRestTest/java/org/elasticsearch/xpack/security/operator/Constants.java +++ b/x-pack/plugin/security/qa/operator-privileges-tests/src/javaRestTest/java/org/elasticsearch/xpack/security/operator/Constants.java @@ -138,8 +138,6 @@ public class Constants { "cluster:admin/xpack/connector/update_pipeline", "cluster:admin/xpack/connector/update_scheduling", "cluster:admin/xpack/connector/update_service_type", - "cluster:admin/xpack/connector/secret/get", - "cluster:admin/xpack/connector/secret/post", "cluster:admin/xpack/connector/sync_job/cancel", "cluster:admin/xpack/connector/sync_job/check_in", "cluster:admin/xpack/connector/sync_job/delete", diff --git a/x-pack/plugin/security/qa/service-account/src/javaRestTest/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountIT.java b/x-pack/plugin/security/qa/service-account/src/javaRestTest/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountIT.java index e790866cf3d77..f66631a57b4bb 100644 --- a/x-pack/plugin/security/qa/service-account/src/javaRestTest/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountIT.java +++ b/x-pack/plugin/security/qa/service-account/src/javaRestTest/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountIT.java @@ -280,9 +280,7 @@ public class ServiceAccountIT extends ESRestTestCase { { "cluster": [ "manage", - "manage_security", - "read_connector_secrets", - "write_connector_secrets" + "manage_security" ], "indices": [ { diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccounts.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccounts.java index abd586920f2d8..777fe5f71b0a0 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccounts.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccounts.java @@ -26,7 +26,7 @@ final class ElasticServiceAccounts { "enterprise-search-server", new RoleDescriptor( NAMESPACE + "/enterprise-search-server", - new String[] { "manage", "manage_security", "read_connector_secrets", "write_connector_secrets" }, + new String[] { "manage", "manage_security" }, new RoleDescriptor.IndicesPrivileges[] { RoleDescriptor.IndicesPrivileges.builder() .indices( diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccountsTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccountsTests.java index 46fde61690017..ecef71f1c4a68 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccountsTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccountsTests.java @@ -344,10 +344,6 @@ public void testElasticEnterpriseSearchServerAccount() { assertThat(role.cluster().check(GetLifecycleAction.NAME, request, authentication), is(true)); assertThat(role.cluster().check(ILMActions.PUT.name(), request, authentication), is(true)); - // Connector secrets. Enterprise Search has read and write access. - assertThat(role.cluster().check("cluster:admin/xpack/connector/secret/get", request, authentication), is(true)); - assertThat(role.cluster().check("cluster:admin/xpack/connector/secret/post", request, authentication), is(true)); - List.of( "search-" + randomAlphaOfLengthBetween(1, 20), ".search-acl-filter-" + randomAlphaOfLengthBetween(1, 20), diff --git a/x-pack/plugin/src/yamlRestTest/resources/rest-api-spec/test/privileges/11_builtin.yml b/x-pack/plugin/src/yamlRestTest/resources/rest-api-spec/test/privileges/11_builtin.yml index 319b84e855aaf..e2e220aa55456 100644 --- a/x-pack/plugin/src/yamlRestTest/resources/rest-api-spec/test/privileges/11_builtin.yml +++ b/x-pack/plugin/src/yamlRestTest/resources/rest-api-spec/test/privileges/11_builtin.yml @@ -15,5 +15,5 @@ setup: # This is fragile - it needs to be updated every time we add a new cluster/index privilege # I would much prefer we could just check that specific entries are in the array, but we don't have # an assertion for that - - length: { "cluster" : 55 } + - length: { "cluster" : 53 } - length: { "index" : 22 }