opensearch-project · peternied · Mar 28, 2024 · Mar 28, 2024
@@ -17,7 +17,6 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.ClusterManager;
 import org.opensearch.test.framework.cluster.LocalCluster;
@@ -45,9 +44,9 @@ public class AnonymousAuthenticationTest {
     /**
     * Maps {@link #ANONYMOUS_USER_CUSTOM_ROLE} to {@link #DEFAULT_ANONYMOUS_USER_BACKEND_ROLE_NAME}
     */
-    private static final RolesMapping ANONYMOUS_USER_CUSTOM_ROLE_MAPPING = new RolesMapping(ANONYMOUS_USER_CUSTOM_ROLE).backendRoles(
-        DEFAULT_ANONYMOUS_USER_BACKEND_ROLE_NAME
-    );
+    private static final TestSecurityConfig.RoleMapping ANONYMOUS_USER_CUSTOM_ROLE_MAPPING = new TestSecurityConfig.RoleMapping(
+        ANONYMOUS_USER_CUSTOM_ROLE.getName()
+    ).backendRoles(DEFAULT_ANONYMOUS_USER_BACKEND_ROLE_NAME);
 
     /**
     * User who is stored in the internal user database and can authenticate

@@ -26,7 +26,6 @@
 import org.opensearch.security.IndexOperationsHelper;
 import org.opensearch.security.support.ConfigConstants;
 import org.opensearch.test.framework.AsyncActions;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.LocalCluster;
 import org.opensearch.test.framework.cluster.TestRestClient;
@@ -44,7 +43,7 @@ public class AsyncTests {
     public static LocalCluster cluster = new LocalCluster.Builder().singleNode()
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .users(ADMIN_USER)
-        .rolesMapping(new RolesMapping(ALL_ACCESS).backendRoles("admin"))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ALL_ACCESS.getName()).backendRoles("admin"))
         .anonymousAuth(false)
         .nodeSettings(Map.of(ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED, List.of(ALL_ACCESS.getName())))
         .build();

@@ -17,7 +17,7 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import org.opensearch.test.framework.RolesMapping;
+import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.HttpAuthenticator;
 import org.opensearch.test.framework.TestSecurityConfig.Role;
@@ -69,7 +69,7 @@ public class CertificateAuthenticationTest {
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .roles(ROLE_ALL_INDEX_SEARCH)
         .users(USER_ADMIN)
-        .rolesMapping(new RolesMapping(ROLE_ALL_INDEX_SEARCH).backendRoles(BACKEND_ROLE_BRIDGE))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ROLE_ALL_INDEX_SEARCH.getName()).backendRoles(BACKEND_ROLE_BRIDGE))
         .build();
 
     private static final TestCertificates TEST_CERTIFICATES = cluster.getTestCertificates();

@@ -13,7 +13,6 @@
 import java.net.InetAddress;
 import java.util.List;
 
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.LocalCluster;
 import org.opensearch.test.framework.cluster.TestRestClient;
@@ -84,13 +83,13 @@ abstract class CommonProxyAuthenticationTests {
         .indexPermissions("indices:data/read/search")
         .on(PERSONAL_INDEX_NAME_PATTERN);
 
-    protected static final RolesMapping ROLES_MAPPING_CAPTAIN = new RolesMapping(ROLE_PERSONAL_INDEX_SEARCH).backendRoles(
-        BACKEND_ROLE_CAPTAIN
-    );
+    protected static final TestSecurityConfig.RoleMapping ROLES_MAPPING_CAPTAIN = new TestSecurityConfig.RoleMapping(
+        ROLE_PERSONAL_INDEX_SEARCH.getName()
+    ).backendRoles(BACKEND_ROLE_CAPTAIN);
 
-    protected static final RolesMapping ROLES_MAPPING_FIRST_MATE = new RolesMapping(ROLE_ALL_INDEX_SEARCH).backendRoles(
-        BACKEND_ROLE_FIRST_MATE
-    );
+    protected static final TestSecurityConfig.RoleMapping ROLES_MAPPING_FIRST_MATE = new TestSecurityConfig.RoleMapping(
+        ROLE_ALL_INDEX_SEARCH.getName()
+    ).backendRoles(BACKEND_ROLE_FIRST_MATE);
 
     protected abstract LocalCluster getCluster();
 

@@ -27,7 +27,6 @@
 import org.opensearch.test.framework.AuthzDomain;
 import org.opensearch.test.framework.LdapAuthenticationConfigBuilder;
 import org.opensearch.test.framework.LdapAuthorizationConfigBuilder;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AuthenticationBackend;
@@ -118,7 +117,7 @@ public class LdapAuthenticationTest {
         )
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .users(ADMIN_USER)
-        .rolesMapping(new RolesMapping(ALL_ACCESS).backendRoles(CN_GROUP_ADMIN))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ALL_ACCESS.getName()).backendRoles(CN_GROUP_ADMIN))
         .authz(
             new AuthzDomain("ldap_roles").httpEnabled(true)
                 .authorizationBackend(

@@ -30,7 +30,7 @@
 import org.opensearch.test.framework.AuthzDomain;
 import org.opensearch.test.framework.LdapAuthenticationConfigBuilder;
 import org.opensearch.test.framework.LdapAuthorizationConfigBuilder;
-import org.opensearch.test.framework.RolesMapping;
+import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AuthenticationBackend;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.HttpAuthenticator;
@@ -151,8 +151,8 @@ public class LdapTlsAuthenticationTest {
         .users(ADMIN_USER)
         .roles(ROLE_INDEX_ADMINISTRATOR, ROLE_PERSONAL_INDEX_ACCESS)
         .rolesMapping(
-            new RolesMapping(ROLE_INDEX_ADMINISTRATOR).backendRoles(CN_GROUP_ADMIN),
-            new RolesMapping(ROLE_PERSONAL_INDEX_ACCESS).backendRoles(CN_GROUP_CREW)
+            new TestSecurityConfig.RoleMapping(ROLE_INDEX_ADMINISTRATOR.getName()).backendRoles(CN_GROUP_ADMIN),
+            new TestSecurityConfig.RoleMapping(ROLE_PERSONAL_INDEX_ACCESS.getName()).backendRoles(CN_GROUP_CREW)
         )
         .authz(
             new AuthzDomain("ldap_roles").httpEnabled(true)

@@ -32,7 +32,6 @@
 import org.opensearch.core.xcontent.XContentBuilder;
 import org.opensearch.security.authtoken.jwt.EncryptionDecryptionUtil;
 import org.opensearch.test.framework.OnBehalfOfConfig;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.ClusterManager;
 import org.opensearch.test.framework.cluster.LocalCluster;
@@ -137,7 +136,7 @@ private static OnBehalfOfConfig defaultOnBehalfOfConfig() {
             )
         )
         .authc(AUTHC_HTTPBASIC_INTERNAL)
-        .rolesMapping(new RolesMapping(HOST_MAPPING_ROLE).hostIPs(HOST_MAPPING_IP))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(HOST_MAPPING_ROLE.getName()).hosts(HOST_MAPPING_IP))
         .onBehalfOf(defaultOnBehalfOfConfig())
         .build();
 

@@ -16,7 +16,6 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.ClusterManager;
 import org.opensearch.test.framework.cluster.LocalCluster;
@@ -48,7 +47,10 @@ public class RolesMappingTests {
         .anonymousAuth(false)
         .authc(AUTHC_DOMAIN)
         .roles(ROLE_A, ROLE_B)
-        .rolesMapping(new RolesMapping(ROLE_A).backendRoles("mapsToRoleA"), new RolesMapping(ROLE_B).backendRoles("mapsToRoleB"))
+        .rolesMapping(
+            new TestSecurityConfig.RoleMapping(ROLE_A.getName()).backendRoles("mapsToRoleA"),
+            new TestSecurityConfig.RoleMapping(ROLE_B.getName()).backendRoles("mapsToRoleB")
+        )
         .users(USER_A, USER_B)
         .build();