use of org.opensearch.action.admin.indices.exists.indices.IndicesExistsRequest in project OpenSearch by opensearch-project.
the class IndicesExistsIT method testIndicesExists.
// Indices exists never throws IndexMissingException, the indices options control its behaviour (return true or false)
public void testIndicesExists() throws Exception {
assertFalse(client().admin().indices().prepareExists("foo").get().isExists());
assertFalse(client().admin().indices().prepareExists("foo*").get().isExists());
assertFalse(client().admin().indices().prepareExists("_all").get().isExists());
createIndex("foo", "foobar", "bar", "barbaz");
IndicesExistsRequestBuilder indicesExistsRequestBuilder = client().admin().indices().prepareExists("foo*").setExpandWildcardsOpen(false);
IndicesExistsRequest request = indicesExistsRequestBuilder.request();
// check that ignore unavailable and allow no indices are set to false. That is their only valid value as it can't be overridden
assertFalse(request.indicesOptions().ignoreUnavailable());
assertFalse(request.indicesOptions().allowNoIndices());
assertThat(indicesExistsRequestBuilder.get().isExists(), equalTo(false));
assertAcked(client().admin().indices().prepareClose("foobar").get());
assertThat(client().admin().indices().prepareExists("foo*").get().isExists(), equalTo(true));
assertThat(client().admin().indices().prepareExists("foo*").setExpandWildcardsOpen(false).setExpandWildcardsClosed(false).get().isExists(), equalTo(false));
assertThat(client().admin().indices().prepareExists("foobar").get().isExists(), equalTo(true));
assertThat(client().admin().indices().prepareExists("foob*").setExpandWildcardsClosed(false).get().isExists(), equalTo(false));
assertThat(client().admin().indices().prepareExists("bar*").get().isExists(), equalTo(true));
assertThat(client().admin().indices().prepareExists("bar").get().isExists(), equalTo(true));
assertThat(client().admin().indices().prepareExists("_all").get().isExists(), equalTo(true));
}
use of org.opensearch.action.admin.indices.exists.indices.IndicesExistsRequest in project security by opensearch-project.
the class RolesInjectorIntegTest method testRolesInject.
@Test
public void testRolesInject() throws Exception {
setup(Settings.EMPTY, new DynamicSecurityConfig().setSecurityRoles("roles.yml"), Settings.EMPTY);
Assert.assertEquals(clusterInfo.numNodes, clusterHelper.nodeClient().admin().cluster().health(new ClusterHealthRequest().waitForGreenStatus()).actionGet().getNumberOfNodes());
Assert.assertEquals(ClusterHealthStatus.GREEN, clusterHelper.nodeClient().admin().cluster().health(new ClusterHealthRequest().waitForGreenStatus()).actionGet().getStatus());
final Settings tcSettings = Settings.builder().put(minimumSecuritySettings(Settings.EMPTY).get(0)).put("cluster.name", clusterInfo.clustername).put("node.data", false).put("node.master", false).put("node.ingest", false).put("path.data", "./target/data/" + clusterInfo.clustername + "/cert/data").put("path.logs", "./target/data/" + clusterInfo.clustername + "/cert/logs").put("path.home", "./target").put("node.name", "testclient").put("discovery.initial_state_timeout", "8s").put("plugins.security.allow_default_init_securityindex", "true").putList("discovery.zen.ping.unicast.hosts", clusterInfo.nodeHost + ":" + clusterInfo.nodePort).build();
// 1. Without roles injection.
try (Node node = new PluginAwareNode(false, tcSettings, Netty4Plugin.class, OpenSearchSecurityPlugin.class, RolesInjectorPlugin.class).start()) {
waitForInit(node.client());
CreateIndexResponse cir = node.client().admin().indices().create(new CreateIndexRequest("captain-logs-1")).actionGet();
Assert.assertTrue(cir.isAcknowledged());
IndicesExistsResponse ier = node.client().admin().indices().exists(new IndicesExistsRequest("captain-logs-1")).actionGet();
Assert.assertTrue(ier.isExists());
}
// 2. With invalid roles, must throw security exception.
RolesInjectorPlugin.injectedRoles = "invalid_user|invalid_role";
Exception exception = null;
try (Node node = new PluginAwareNode(false, tcSettings, Netty4Plugin.class, OpenSearchSecurityPlugin.class, RolesInjectorPlugin.class).start()) {
waitForInit(node.client());
CreateIndexResponse cir = node.client().admin().indices().create(new CreateIndexRequest("captain-logs-2")).actionGet();
Assert.assertTrue(cir.isAcknowledged());
} catch (OpenSearchSecurityException ex) {
exception = ex;
log.warn(ex.toString());
}
Assert.assertNotNull(exception);
Assert.assertTrue(exception.getMessage().contains("indices:admin/create"));
// 3. With valid roles - which has permission to create index.
RolesInjectorPlugin.injectedRoles = "valid_user|opendistro_security_all_access";
try (Node node = new PluginAwareNode(false, tcSettings, Netty4Plugin.class, OpenSearchSecurityPlugin.class, RolesInjectorPlugin.class).start()) {
waitForInit(node.client());
CreateIndexResponse cir = node.client().admin().indices().create(new CreateIndexRequest("captain-logs-3")).actionGet();
Assert.assertTrue(cir.isAcknowledged());
IndicesExistsResponse ier = node.client().admin().indices().exists(new IndicesExistsRequest("captain-logs-3")).actionGet();
Assert.assertTrue(ier.isExists());
}
}
use of org.opensearch.action.admin.indices.exists.indices.IndicesExistsRequest in project security by opensearch-project.
the class RolesValidationIntegTest method testRolesValidation.
@Test
public void testRolesValidation() throws Exception {
setup(Settings.EMPTY, new DynamicSecurityConfig().setSecurityRoles("roles.yml"), Settings.EMPTY);
final Settings tcSettings = Settings.builder().put(minimumSecuritySettings(Settings.EMPTY).get(0)).put("cluster.name", clusterInfo.clustername).put("node.data", false).put("node.master", false).put("node.ingest", false).put("path.data", "./target/data/" + clusterInfo.clustername + "/cert/data").put("path.logs", "./target/data/" + clusterInfo.clustername + "/cert/logs").put("path.home", "./target").put("node.name", "testclient").put("discovery.initial_state_timeout", "8s").put("plugins.security.allow_default_init_securityindex", "true").putList("discovery.zen.ping.unicast.hosts", clusterInfo.nodeHost + ":" + clusterInfo.nodePort).build();
// 1. Without roles validation
try (Node node = new PluginAwareNode(false, tcSettings, Netty4Plugin.class, OpenSearchSecurityPlugin.class, RolesValidationPlugin.class).start()) {
waitForInit(node.client());
CreateIndexResponse cir = node.client().admin().indices().create(new CreateIndexRequest("captain-logs-1")).actionGet();
Assert.assertTrue(cir.isAcknowledged());
IndicesExistsResponse ier = node.client().admin().indices().exists(new IndicesExistsRequest("captain-logs-1")).actionGet();
Assert.assertTrue(ier.isExists());
}
OpenSearchSecurityException exception = null;
// 2. with roles invalid to the user
RolesValidationPlugin.rolesValidation = "invalid_role";
try (Node node = new PluginAwareNode(false, tcSettings, Netty4Plugin.class, OpenSearchSecurityPlugin.class, RolesValidationPlugin.class).start()) {
waitForInit(node.client());
CreateIndexResponse cir = node.client().admin().indices().create(new CreateIndexRequest("captain-logs-2")).actionGet();
} catch (OpenSearchSecurityException ex) {
exception = ex;
}
Assert.assertNotNull(exception);
Assert.assertTrue(exception.getMessage().contains("No mapping for"));
// 3. with roles valid to the user
RolesValidationPlugin.rolesValidation = "opendistro_security_all_access";
try (Node node = new PluginAwareNode(false, tcSettings, Netty4Plugin.class, OpenSearchSecurityPlugin.class, RolesValidationPlugin.class).start()) {
waitForInit(node.client());
CreateIndexResponse cir = node.client().admin().indices().create(new CreateIndexRequest("captain-logs-3")).actionGet();
Assert.assertTrue(cir.isAcknowledged());
}
}
Aggregations