From bfe416a4d173d402966fed10c14991a5b2256d01 Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Tue, 11 May 2021 19:32:24 -0400 Subject: [PATCH] remove CCS patterns and update test --- .../security/authz/store/ReservedRolesStore.java | 12 +----------- .../authz/store/ReservedRolesStoreTests.java | 6 ++---- 2 files changed, 3 insertions(+), 15 deletions(-) diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java index e2f355954f4ba..5edfe51afd5ef 100644 --- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java +++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java @@ -38,9 +38,7 @@ public class ReservedRolesStore implements BiConsumer, ActionListener> { public static final String LEGACY_ALERTS_INDEX = ".siem-signals*"; - public static final String LEGACY_ALERTS_INDEX_CCS = "*:.siem-signals*"; public static final String ALERTS_INDEX = ".alerts*"; - public static final String ALERTS_INDEX_CCS = "*:.alerts*"; public static final RoleDescriptor SUPERUSER_ROLE_DESCRIPTOR = new RoleDescriptor("superuser", new String[] { "all" }, @@ -185,15 +183,7 @@ private static Map initializeReservedRoles() { // Kibana user will read / write to these indices RoleDescriptor.IndicesPrivileges.builder() .indices(ReservedRolesStore.ALERTS_INDEX) - .privileges("all").build(), - // Legacy "Alerts as data" CCS - RoleDescriptor.IndicesPrivileges.builder() - .indices(ReservedRolesStore.LEGACY_ALERTS_INDEX_CCS) - .privileges("all").build(), - // Legacy "Alerts as data" CCS - RoleDescriptor.IndicesPrivileges.builder() - .indices(ReservedRolesStore.ALERTS_INDEX_CCS) - .privileges("all").build(), + .privileges("all").build() }, null, new ConfigurableClusterPrivilege[] { new ManageApplicationPrivileges(Collections.singleton("kibana-*")) }, diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java index 2eebe5ec93615..e830bec9ab4b7 100644 --- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java +++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java @@ -401,10 +401,8 @@ public void testKibanaSystemRole() { ".reporting-" + randomAlphaOfLength(randomIntBetween(0, 13)), ".apm-agent-configuration", ".apm-custom-link", - ReservedRolesStore.LEGACY_ALERTS_INDEX, - ReservedRolesStore.ALERTS_INDEX, - ReservedRolesStore.LEGACY_ALERTS_INDEX_CCS, - ReservedRolesStore.ALERTS_INDEX_CCS + ReservedRolesStore.LEGACY_ALERTS_INDEX + randomAlphaOfLength(randomIntBetween(0, 13)), + ReservedRolesStore.ALERTS_INDEX + randomAlphaOfLength(randomIntBetween(0, 13)) ).forEach((index) -> { logger.info("index name [{}]", index); assertThat(kibanaRole.indices().allowedIndicesMatcher("indices:foo").test(mockIndexAbstraction(index)), is(true));