Skip to content

Commit

Permalink
Merge branch 'main' into format-feature-extensions-apply
Browse files Browse the repository at this point in the history
  • Loading branch information
cwperks committed Jun 13, 2023
2 parents efcadd4 + 2e263b8 commit 1691ca7
Show file tree
Hide file tree
Showing 136 changed files with 7,210 additions and 6,886 deletions.
2 changes: 1 addition & 1 deletion .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1 +1 @@
* @cliu123 @cwperks @DarshitChanpura @davidlago @peternied @RyanL1997 @scrawfor99 @reta
* @cliu123 @cwperks @DarshitChanpura @davidlago @peternied @RyanL1997 @scrawfor99 @reta @willyborankin
1 change: 1 addition & 0 deletions MAINTAINERS.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ This document contains a list of maintainers in this repo. See [opensearch-proje
| Ryan Liang | [RyanL1997](https://github.com/RyanL1997) | Amazon |
| Stephen Crawford | [scrawfor99](https://github.com/scrawfor99) | Amazon |
| Andriy Redko | [reta](https://github.com/reta) | Aiven |
| Andrey Pleskach | [willyborankin](https://github.com/willyborankin) | Aiven |

## Practices

Expand Down
10 changes: 2 additions & 8 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ spotless {
// non-standard places
target '**/com/amazon/dlic/**/*.java'
target '**/com/amazon/security/**/*.java'
target '**/test/java/org/opensearch/security/**/*.java'
target '**/test/**/*.java'

removeUnusedImports()
eclipse().configFile rootProject.file('formatter/formatterConfig.xml')
Expand Down Expand Up @@ -112,17 +112,11 @@ spotless {
target '**/*.java'
targetExclude '**/com/amazon/dlic/**/*.java'
targetExclude '**/com/amazon/security/**/*.java'
targetExclude '**/test/java/org/opensearch/security/**/*.java'
targetExclude 'src/integrationTest/**'
targetExclude '**/test/**/*.java'

trimTrailingWhitespace()
endWithNewline();
}
format("integrationTest", JavaExtension) {
target('src/integrationTest/java/**/*.java')
importOrder('java', 'javax', '', 'com.amazon', 'org.opensearch', '\\#')
indentWithTabs(4)
}
}

licenseFile = rootProject.file('LICENSE.txt')
Expand Down
19 changes: 7 additions & 12 deletions bwc-test/src/test/java/SecurityBackwardsCompatibilityIT.java
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,11 @@
import java.util.Set;
import java.util.stream.Collectors;

import com.google.common.collect.ImmutableMap;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;

import org.opensearch.Version;
import org.opensearch.client.Response;
import org.opensearch.common.settings.Settings;
import org.opensearch.rest.RestStatus;
import org.opensearch.test.rest.OpenSearchRestTestCase;

import static org.hamcrest.MatcherAssert.assertThat;
Expand Down Expand Up @@ -56,14 +52,13 @@ protected boolean preserveTemplatesUponCompletion() {

@Override
protected final Settings restClientSettings() {
return Settings
.builder()
.put(super.restClientSettings())
// increase the timeout here to 90 seconds to handle long waits for a green
// cluster health. the waits for green need to be longer than a minute to
// account for delayed shards
.put(OpenSearchRestTestCase.CLIENT_SOCKET_TIMEOUT, "90s")
.build();
return Settings.builder()
.put(super.restClientSettings())
// increase the timeout here to 90 seconds to handle long waits for a green
// cluster health. the waits for green need to be longer than a minute to
// account for delayed shards
.put(OpenSearchRestTestCase.CLIENT_SOCKET_TIMEOUT, "90s")
.build();
}

public void testBasicBackwardsCompatibility() throws Exception {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,15 @@
import org.opensearch.plugins.Plugin;

public class PluginAwareNode extends Node {

private final boolean clusterManagerEligible;

@SafeVarargs
public PluginAwareNode(boolean clusterManagerEligible, final Settings preparedSettings, final Class<? extends Plugin>... plugins) {
super(InternalSettingsPreparer.prepareEnvironment(preparedSettings, Collections.emptyMap(), null, () -> System.getenv("HOSTNAME")), Arrays.asList(plugins), true);
this.clusterManagerEligible = clusterManagerEligible;
}


public boolean isClusterManagerEligible() {
return clusterManagerEligible;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,9 @@ public void testSecurityRoles() throws Exception {
HttpResponse response = client.getAuthInfo();
response.assertStatusCode(HttpStatus.SC_OK);

// Check username
// Check username
assertThat(response.getTextFromJsonBody("/user_name"), equalTo("sr_user"));

// Check security roles
assertThat(response.getTextFromJsonBody("/roles/0"), equalTo("user_sr_user__abc_ber"));
assertThat(response.getTextFromJsonBody("/roles/1"), equalTo("user_sr_user__def_efg"));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ abstract class CommonProxyAuthenticationTests {

protected static final String ATTRIBUTE_DEPARTMENT = "department";
protected static final String ATTRIBUTE_SKILLS = "skills";

protected static final String USER_ATTRIBUTE_DEPARTMENT_NAME = "attr.proxy." + ATTRIBUTE_DEPARTMENT;
protected static final String USER_ATTRIBUTE_SKILLS_NAME = "attr.proxy." + ATTRIBUTE_SKILLS;
protected static final String USER_ATTRIBUTE_USERNAME_NAME = "attr.proxy.username";
Expand Down Expand Up @@ -82,7 +82,7 @@ abstract class CommonProxyAuthenticationTests {

protected static final RolesMapping ROLES_MAPPING_FIRST_MATE = new RolesMapping(ROLE_ALL_INDEX_SEARCH)
.backendRoles(BACKEND_ROLE_FIRST_MATE);

protected abstract LocalCluster getCluster();

protected void shouldAuthenticateWithBasicAuthWhenProxyAuthenticationIsConfigured() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ public void shouldAuthenticateWithJwtToken_positive() {

response.assertStatusCode(200);
String username = response.getTextFromJsonBody(POINTER_USERNAME);
assertThat(username, equalTo(username));
assertThat(username, equalTo(USER_SUPERHERO));
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,89 +18,90 @@

public class AuditCompliance implements ToXContentObject {

private boolean enabled = false;

private Boolean writeLogDiffs;

private List<String> readIgnoreUsers;

private List<String> writeWatchedIndices;

private List<String> writeIgnoreUsers;

private Boolean readMetadataOnly;

private Boolean writeMetadataOnly;

private Boolean externalConfig;

private Boolean internalConfig;

public AuditCompliance enabled(boolean enabled) {
this.enabled = enabled;
this.writeLogDiffs = false;
this.readIgnoreUsers = Collections.emptyList();
this.writeWatchedIndices = Collections.emptyList();
this.writeIgnoreUsers = Collections.emptyList();
this.readMetadataOnly = false;
this.writeMetadataOnly = false;
this.externalConfig = false;
this.internalConfig = false;
return this;
}

public AuditCompliance writeLogDiffs(boolean writeLogDiffs) {
this.writeLogDiffs = writeLogDiffs;
return this;
}

public AuditCompliance readIgnoreUsers(List<String> list) {
this.readIgnoreUsers = list;
return this;
}

public AuditCompliance writeWatchedIndices(List<String> list) {
this.writeWatchedIndices = list;
return this;
}

public AuditCompliance writeIgnoreUsers(List<String> list) {
this.writeIgnoreUsers = list;
return this;
}

public AuditCompliance readMetadataOnly(boolean readMetadataOnly) {
this.readMetadataOnly = readMetadataOnly;
return this;
}

public AuditCompliance writeMetadataOnly(boolean writeMetadataOnly) {
this.writeMetadataOnly = writeMetadataOnly;
return this;
}

public AuditCompliance externalConfig(boolean externalConfig) {
this.externalConfig = externalConfig;
return this;
}

public AuditCompliance internalConfig(boolean internalConfig) {
this.internalConfig = internalConfig;
return this;
}

@Override public XContentBuilder toXContent(XContentBuilder xContentBuilder, Params params) throws IOException {
xContentBuilder.startObject();
xContentBuilder.field("enabled", enabled);
xContentBuilder.field("write_log_diffs", writeLogDiffs);
xContentBuilder.field("read_ignore_users", readIgnoreUsers);
xContentBuilder.field("write_watched_indices", writeWatchedIndices);
xContentBuilder.field("write_ignore_users", writeIgnoreUsers);
xContentBuilder.field("read_metadata_only", readMetadataOnly);
xContentBuilder.field("write_metadata_only", writeMetadataOnly);
xContentBuilder.field("external_config", externalConfig);
xContentBuilder.field("internal_config", internalConfig);
xContentBuilder.endObject();
return xContentBuilder;
}
private boolean enabled = false;

private Boolean writeLogDiffs;

private List<String> readIgnoreUsers;

private List<String> writeWatchedIndices;

private List<String> writeIgnoreUsers;

private Boolean readMetadataOnly;

private Boolean writeMetadataOnly;

private Boolean externalConfig;

private Boolean internalConfig;

public AuditCompliance enabled(boolean enabled) {
this.enabled = enabled;
this.writeLogDiffs = false;
this.readIgnoreUsers = Collections.emptyList();
this.writeWatchedIndices = Collections.emptyList();
this.writeIgnoreUsers = Collections.emptyList();
this.readMetadataOnly = false;
this.writeMetadataOnly = false;
this.externalConfig = false;
this.internalConfig = false;
return this;
}

public AuditCompliance writeLogDiffs(boolean writeLogDiffs) {
this.writeLogDiffs = writeLogDiffs;
return this;
}

public AuditCompliance readIgnoreUsers(List<String> list) {
this.readIgnoreUsers = list;
return this;
}

public AuditCompliance writeWatchedIndices(List<String> list) {
this.writeWatchedIndices = list;
return this;
}

public AuditCompliance writeIgnoreUsers(List<String> list) {
this.writeIgnoreUsers = list;
return this;
}

public AuditCompliance readMetadataOnly(boolean readMetadataOnly) {
this.readMetadataOnly = readMetadataOnly;
return this;
}

public AuditCompliance writeMetadataOnly(boolean writeMetadataOnly) {
this.writeMetadataOnly = writeMetadataOnly;
return this;
}

public AuditCompliance externalConfig(boolean externalConfig) {
this.externalConfig = externalConfig;
return this;
}

public AuditCompliance internalConfig(boolean internalConfig) {
this.internalConfig = internalConfig;
return this;
}

@Override
public XContentBuilder toXContent(XContentBuilder xContentBuilder, Params params) throws IOException {
xContentBuilder.startObject();
xContentBuilder.field("enabled", enabled);
xContentBuilder.field("write_log_diffs", writeLogDiffs);
xContentBuilder.field("read_ignore_users", readIgnoreUsers);
xContentBuilder.field("write_watched_indices", writeWatchedIndices);
xContentBuilder.field("write_ignore_users", writeIgnoreUsers);
xContentBuilder.field("read_metadata_only", readMetadataOnly);
xContentBuilder.field("write_metadata_only", writeMetadataOnly);
xContentBuilder.field("external_config", externalConfig);
xContentBuilder.field("internal_config", internalConfig);
xContentBuilder.endObject();
return xContentBuilder;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -15,41 +15,42 @@
import org.opensearch.core.xcontent.XContentBuilder;

public class AuditConfiguration implements ToXContentObject {
private final boolean enabled;
private final boolean enabled;

private AuditFilters filters;
private AuditFilters filters;

private AuditCompliance compliance;
private AuditCompliance compliance;

public AuditConfiguration(boolean enabled) {
this.filters = new AuditFilters();
this.compliance = new AuditCompliance();
this.enabled = enabled;
}
public AuditConfiguration(boolean enabled) {
this.filters = new AuditFilters();
this.compliance = new AuditCompliance();
this.enabled = enabled;
}

public boolean isEnabled() {
return enabled;
}
public boolean isEnabled() {
return enabled;
}

public AuditConfiguration filters(AuditFilters filters) {
this.filters = filters;
return this;
}
public AuditConfiguration filters(AuditFilters filters) {
this.filters = filters;
return this;
}

public AuditConfiguration compliance(AuditCompliance auditCompliance) {
this.compliance = auditCompliance;
return this;
}
public AuditConfiguration compliance(AuditCompliance auditCompliance) {
this.compliance = auditCompliance;
return this;
}

@Override public XContentBuilder toXContent(XContentBuilder xContentBuilder, Params params) throws IOException {
// json built here must be deserialized to org.opensearch.security.auditlog.config.AuditConfig
xContentBuilder.startObject();
xContentBuilder.field("enabled", enabled);
@Override
public XContentBuilder toXContent(XContentBuilder xContentBuilder, Params params) throws IOException {
// json built here must be deserialized to org.opensearch.security.auditlog.config.AuditConfig
xContentBuilder.startObject();
xContentBuilder.field("enabled", enabled);

xContentBuilder.field("audit", filters);
xContentBuilder.field("compliance", compliance);
xContentBuilder.field("audit", filters);
xContentBuilder.field("compliance", compliance);

xContentBuilder.endObject();
return xContentBuilder;
}
xContentBuilder.endObject();
return xContentBuilder;
}
}
Loading

0 comments on commit 1691ca7

Please sign in to comment.