Example 41 with AnomalyDetector
use of org.opensearch.ad.model.AnomalyDetector in project anomaly-detection by opensearch-project.
the class SecureADRestIT method testPreviewAnomalyDetectorWithNoReadPermissionOfIndex.
public void testPreviewAnomalyDetectorWithNoReadPermissionOfIndex() throws IOException {
// User Alice has AD full access, should be able to create a detector
AnomalyDetector aliceDetector = createRandomAnomalyDetector(false, false, aliceClient);
AnomalyDetectorExecutionInput input = new AnomalyDetectorExecutionInput(aliceDetector.getDetectorId(), Instant.now().minusSeconds(60 * 10), Instant.now(), aliceDetector);
enableFilterBy();
// User elk has no read permission of index
Exception exception = expectThrows(Exception.class, () -> {
previewAnomalyDetector(aliceDetector.getDetectorId(), elkClient, input);
});
Assert.assertTrue(exception.getMessage().contains("no permissions for [indices:data/read/search]"));
}
Also used :
AnomalyDetectorExecutionInput(org.opensearch.ad.model.AnomalyDetectorExecutionInput)
AnomalyDetector(org.opensearch.ad.model.AnomalyDetector)
IOException(java.io.IOException)
Example 42 with AnomalyDetector
use of org.opensearch.ad.model.AnomalyDetector in project anomaly-detection by opensearch-project.
the class SecureADRestIT method testCreateAnomalyDetectorWithCustomResultIndex.
public void testCreateAnomalyDetectorWithCustomResultIndex() throws IOException {
// User alice has AD full access and index permission, so can create detector
AnomalyDetector anomalyDetector = createRandomAnomalyDetector(false, false, aliceClient);
// User elk has AD full access, but has no read permission of index
String resultIndex = CommonName.CUSTOM_RESULT_INDEX_PREFIX + "test";
AnomalyDetector detector = cloneDetector(anomalyDetector, resultIndex);
// User goat has no permission to create index
Exception exception = expectThrows(IOException.class, () -> {
createAnomalyDetector(detector, true, goatClient);
});
Assert.assertTrue(exception.getMessage().contains("no permissions for [indices:admin/create]"));
// User cat has permission to create index
resultIndex = CommonName.CUSTOM_RESULT_INDEX_PREFIX + "test2";
TestHelpers.createIndexWithTimeField(client(), anomalyDetector.getIndices().get(0), anomalyDetector.getTimeField());
AnomalyDetector detectorOfCat = createAnomalyDetector(cloneDetector(anomalyDetector, resultIndex), true, catClient);
assertEquals(resultIndex, detectorOfCat.getResultIndex());
}
Also used :
AnomalyDetector(org.opensearch.ad.model.AnomalyDetector)
IOException(java.io.IOException)
Example 43 with AnomalyDetector
use of org.opensearch.ad.model.AnomalyDetector in project anomaly-detection by opensearch-project.
the class SecureADRestIT method testFilterByDisabled.
public void testFilterByDisabled() throws IOException {
// User Alice has AD full access, should be able to create a detector
AnomalyDetector aliceDetector = createRandomAnomalyDetector(false, false, aliceClient);
// User Cat has AD full access, should be able to get a detector
AnomalyDetector detector = getAnomalyDetector(aliceDetector.getDetectorId(), catClient);
Assert.assertEquals(aliceDetector.getDetectorId(), detector.getDetectorId());
}
Also used :
AnomalyDetector(org.opensearch.ad.model.AnomalyDetector)
Example 44 with AnomalyDetector
use of org.opensearch.ad.model.AnomalyDetector in project anomaly-detection by opensearch-project.
the class SecureADRestIT method testCreateAnomalyDetectorWithNoReadPermissionOfIndex.
public void testCreateAnomalyDetectorWithNoReadPermissionOfIndex() throws IOException {
enableFilterBy();
// User alice has AD full access and index permission, so can create detector
AnomalyDetector anomalyDetector = createRandomAnomalyDetector(false, false, aliceClient);
// User elk has AD full access, but has no read permission of index
String indexName = anomalyDetector.getIndices().get(0);
Exception exception = expectThrows(IOException.class, () -> {
createRandomAnomalyDetector(false, false, indexName, elkClient);
});
Assert.assertTrue(exception.getMessage().contains("no permissions for [indices:data/read/search]"));
}
Also used :
AnomalyDetector(org.opensearch.ad.model.AnomalyDetector)
IOException(java.io.IOException)
Example 45 with AnomalyDetector
use of org.opensearch.ad.model.AnomalyDetector in project anomaly-detection by opensearch-project.
the class SecureADRestIT method testValidateAnomalyDetectorWithNoReadPermissionOfIndex.
public void testValidateAnomalyDetectorWithNoReadPermissionOfIndex() throws IOException {
AnomalyDetector detector = TestHelpers.randomAnomalyDetector(null, Instant.now());
enableFilterBy();
// User elk has no read permission of index, can't validate detector
Exception exception = expectThrows(Exception.class, () -> {
validateAnomalyDetector(detector, elkClient);
});
Assert.assertTrue(exception.getMessage().contains("no permissions for [indices:data/read/search]"));
}
Also used :
AnomalyDetector(org.opensearch.ad.model.AnomalyDetector)
IOException(java.io.IOException)
Aggregations
AnomalyDetector (org.opensearch.ad.model.AnomalyDetector)226
IOException (java.io.IOException)71
ActionListener (org.opensearch.action.ActionListener)54
Response (org.opensearch.client.Response)45
Map (java.util.Map)43
List (java.util.List)41
Client (org.opensearch.client.Client)38
SearchRequest (org.opensearch.action.search.SearchRequest)37
LogManager (org.apache.logging.log4j.LogManager)35
Logger (org.apache.logging.log4j.Logger)35
ArrayList (java.util.ArrayList)33
Optional (java.util.Optional)33
Test (org.junit.Test)32
SearchResponse (org.opensearch.action.search.SearchResponse)32
Instant (java.time.Instant)30
TimeValue (org.opensearch.common.unit.TimeValue)30
HashMap (java.util.HashMap)29
Entity (org.opensearch.ad.model.Entity)29
NamedXContentRegistry (org.opensearch.common.xcontent.NamedXContentRegistry)29
SearchSourceBuilder (org.opensearch.search.builder.SearchSourceBuilder)29
