Move user instantiation to doExecute

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportDeleteDestinationAction.kt

@@ -63,7 +63,6 @@ class TransportDeleteDestinationAction @Inject constructor(
     ) {
 
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.FILTER_BY_BACKEND_ROLES) { filterByEnabled = it }
@@ -72,7 +71,7 @@ class TransportDeleteDestinationAction @Inject constructor(
     override fun doExecute(task: Task, request: DeleteDestinationRequest, actionListener: ActionListener<DeleteResponse>) {
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
         val deleteRequest = DeleteRequest(ScheduledJob.SCHEDULED_JOBS_INDEX, request.destinationId)
                 .setRefreshPolicy(request.refreshPolicy)
 

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportDeleteMonitorAction.kt

@@ -61,7 +61,6 @@ class TransportDeleteMonitorAction @Inject constructor(
 ) {
 
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.FILTER_BY_BACKEND_ROLES) { filterByEnabled = it }
@@ -70,7 +69,7 @@ class TransportDeleteMonitorAction @Inject constructor(
     override fun doExecute(task: Task, request: DeleteMonitorRequest, actionListener: ActionListener<DeleteResponse>) {
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
         val deleteRequest = DeleteRequest(ScheduledJob.SCHEDULED_JOBS_INDEX, request.monitorId)
                 .setRefreshPolicy(request.refreshPolicy)
 

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportExecuteMonitorAction.kt

@@ -41,13 +41,11 @@ class TransportExecuteMonitorAction @Inject constructor(
 ) : HandledTransportAction<ExecuteMonitorRequest, ExecuteMonitorResponse> (
         ExecuteMonitorAction.NAME, transportService, actionFilters, ::ExecuteMonitorRequest) {
 
-    private var user: User? = null
-
     override fun doExecute(task: Task, execMonitorRequest: ExecuteMonitorRequest, actionListener: ActionListener<ExecuteMonitorResponse>) {
 
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
 
         client.threadPool().threadContext.stashContext().use {
             val executeMonitor = fun(monitor: Monitor) {

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportGetAlertsAction.kt

@@ -64,7 +64,6 @@ class TransportGetAlertsAction @Inject constructor(
 ) {
 
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.FILTER_BY_BACKEND_ROLES) { filterByEnabled = it }
@@ -79,7 +78,7 @@ class TransportGetAlertsAction @Inject constructor(
                     ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT
             )
             log.debug("User and roles string from thread context: $userStr")
-            user = User.parse(userStr)
+            val user: User? = User.parse(userStr)
 
             val tableProp = getAlertsRequest.table
             val sortBuilder = SortBuilders
@@ -118,13 +117,14 @@ class TransportGetAlertsAction @Inject constructor(
                     .from(tableProp.startIndex)
 
             client.threadPool().threadContext.stashContext().use {
-                resolve(searchSourceBuilder, actionListener)
+                resolve(searchSourceBuilder, actionListener, user)
             }
         }
 
         fun resolve(
             searchSourceBuilder: SearchSourceBuilder,
-            actionListener: ActionListener<GetAlertsResponse>
+            actionListener: ActionListener<GetAlertsResponse>,
+            user: User?
         ) {
             // user is null when: 1/ security is disabled. 2/when user is super-admin.
             if (user == null) {

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportGetDestinationsAction.kt

@@ -67,7 +67,6 @@ class TransportGetDestinationsAction @Inject constructor(
 ) {
 
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.FILTER_BY_BACKEND_ROLES) { filterByEnabled = it }
@@ -82,7 +81,7 @@ class TransportGetDestinationsAction @Inject constructor(
                     ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT
             )
             log.debug("User and roles string from thread context: $userStr")
-            user = User.parse(userStr)
+            val user: User? = User.parse(userStr)
 
             val tableProp = getDestinationsRequest.table
 
@@ -120,13 +119,14 @@ class TransportGetDestinationsAction @Inject constructor(
             searchSourceBuilder.query(queryBuilder)
 
             client.threadPool().threadContext.stashContext().use {
-                resolve(searchSourceBuilder, actionListener)
+                resolve(searchSourceBuilder, actionListener, user)
             }
     }
 
     fun resolve(
         searchSourceBuilder: SearchSourceBuilder,
-        actionListener: ActionListener<GetDestinationsResponse>
+        actionListener: ActionListener<GetDestinationsResponse>,
+        user: User?
     ) {
         if (user == null) {
             // user is null when: 1/ security is disabled. 2/when user is super-admin.

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportGetMonitorAction.kt

@@ -59,7 +59,6 @@ class TransportGetMonitorAction @Inject constructor(
 ) {
 
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.FILTER_BY_BACKEND_ROLES) { filterByEnabled = it }
@@ -68,7 +67,7 @@ class TransportGetMonitorAction @Inject constructor(
     override fun doExecute(task: Task, getMonitorRequest: GetMonitorRequest, actionListener: ActionListener<GetMonitorResponse>) {
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
 
         val getRequest = GetRequest(ScheduledJob.SCHEDULED_JOBS_INDEX, getMonitorRequest.monitorId)
                 .version(getMonitorRequest.version)

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportIndexDestinationAction.kt

@@ -60,7 +60,6 @@ class TransportIndexDestinationAction @Inject constructor(
     @Volatile private var indexTimeout = AlertingSettings.INDEX_TIMEOUT.get(settings)
     @Volatile private var allowList = DestinationSettings.ALLOW_LIST.get(settings)
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.INDEX_TIMEOUT) { indexTimeout = it }
@@ -71,7 +70,7 @@ class TransportIndexDestinationAction @Inject constructor(
     override fun doExecute(task: Task, request: IndexDestinationRequest, actionListener: ActionListener<IndexDestinationResponse>) {
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
 
         if (!checkFilterByUserBackendRoles(filterByEnabled, user, actionListener)) {
             return

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportIndexMonitorAction.kt

@@ -93,7 +93,6 @@ class TransportIndexMonitorAction @Inject constructor(
     @Volatile private var maxActionThrottle = MAX_ACTION_THROTTLE_VALUE.get(settings)
     @Volatile private var allowList = ALLOW_LIST.get(settings)
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(ALERTING_MAX_MONITORS) { maxMonitors = it }
@@ -108,7 +107,7 @@ class TransportIndexMonitorAction @Inject constructor(
 
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
 
         if (!checkFilterByUserBackendRoles(filterByEnabled, user, actionListener)) {
             return

alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportSearchMonitorAction.kt

@@ -47,7 +47,6 @@ class TransportSearchMonitorAction @Inject constructor(
         SearchMonitorAction.NAME, transportService, actionFilters, ::SearchMonitorRequest
 ) {
     @Volatile private var filterByEnabled = AlertingSettings.FILTER_BY_BACKEND_ROLES.get(settings)
-    private var user: User? = null
 
     init {
         clusterService.clusterSettings.addSettingsUpdateConsumer(AlertingSettings.FILTER_BY_BACKEND_ROLES) { filterByEnabled = it }
@@ -56,14 +55,14 @@ class TransportSearchMonitorAction @Inject constructor(
     override fun doExecute(task: Task, searchMonitorRequest: SearchMonitorRequest, actionListener: ActionListener<SearchResponse>) {
         val userStr = client.threadPool().threadContext.getTransient<String>(ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT)
         log.debug("User and roles string from thread context: $userStr")
-        user = User.parse(userStr)
+        val user: User? = User.parse(userStr)
 
         client.threadPool().threadContext.stashContext().use {
-            resolve(searchMonitorRequest, actionListener)
+            resolve(searchMonitorRequest, actionListener, user)
         }
     }
 
-    fun resolve(searchMonitorRequest: SearchMonitorRequest, actionListener: ActionListener<SearchResponse>) {
+    fun resolve(searchMonitorRequest: SearchMonitorRequest, actionListener: ActionListener<SearchResponse>, user: User?) {
         if (user == null) {
             // user header is null when: 1/ security is disabled. 2/when user is super-admin.
             search(searchMonitorRequest.searchRequest, actionListener)