From 6f5101bc185a116699fc675c0ae4bf3609c0f237 Mon Sep 17 00:00:00 2001 From: Darshit Chanpura Date: Wed, 16 Aug 2023 13:24:55 -0400 Subject: [PATCH] Adds assertExactly checks Signed-off-by: Darshit Chanpura --- .../org/opensearch/security/rest/WhoAmITests.java | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java b/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java index 0f25bcd19a..d7de1835fb 100644 --- a/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java +++ b/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java @@ -43,6 +43,7 @@ import static org.opensearch.security.auditlog.impl.AuditCategory.MISSING_PRIVILEGES; import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; import static org.opensearch.test.framework.audit.AuditMessagePredicate.auditPredicate; +import static org.opensearch.test.framework.audit.AuditMessagePredicate.grantedPrivilege; import static org.opensearch.test.framework.audit.AuditMessagePredicate.userAuthenticated; @RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class) @@ -187,8 +188,18 @@ public void testAuditLogSimilarityWithTransportLayer() { try (TestRestClient client = cluster.getRestClient(AUDIT_LOG_VERIFIER)) { assertThat(client.get(WHOAMI_PROTECTED_ENDPOINT).getStatusCode(), equalTo(HttpStatus.SC_OK)); + auditLogsRule.assertExactly( + 1, + auditPredicate(GRANTED_PRIVILEGES).withLayer(AuditLog.Origin.REST) + .withRestMethod(RestRequest.Method.GET) + .withRequestPath("/" + WHOAMI_PROTECTED_ENDPOINT) + .withEffectiveUser(AUDIT_LOG_VERIFIER) + ); + assertThat(client.get("_cat/indices").getStatusCode(), equalTo(HttpStatus.SC_OK)); + auditLogsRule.assertExactly(2, grantedPrivilege(AUDIT_LOG_VERIFIER, "GetSettingsRequest")); + List grantedPrivilegesMessages = auditLogsRule.getCurrentTestAuditMessages() .stream() .filter(msg -> msg.getCategory().equals(GRANTED_PRIVILEGES))