Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TenantInfo API should also check backend roles apart from just users … #770

Closed
wants to merge 1 commit into from
Closed

TenantInfo API should also check backend roles apart from just users … #770

wants to merge 1 commit into from

Conversation

palashhedau
Copy link
Contributor

TenantInfo API should also check backend roles apart from just users in rolesmapping

Unit test added

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@palashhedau palashhedau requested a review from a team as a code owner October 14, 2020 19:59
@codecov
Copy link

codecov bot commented Oct 14, 2020
edited
Loading

Codecov Report

Merging #770 (5d42f9a) into master (3f6efe9) will decrease coverage by 0.00%.
The diff coverage is 44.44%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #770      +/-   ##
============================================
- Coverage     64.47%   64.46%   -0.01%     
  Complexity     3224     3224              
============================================
  Files           244      244              
  Lines         17160    17168       +8     
  Branches       3040     3044       +4     
============================================
+ Hits          11064    11068       +4     
- Misses         4555     4556       +1     
- Partials       1541     1544       +3
Impacted Files Coverage Δ Complexity Δ
...relasticsearch/security/rest/TenantInfoAction.java 74.66% <44.44%> (-2.95%) 16.00 <0.00> (+1.00) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3f6efe9...5d42f9a. Read the comment docs.

cliu123
cliu123 reviewed Oct 16, 2020
View reviewed changes
.../java/com/amazon/opendistroforelasticsearch/security/dlic/rest/api/TenantInfoActionTest.java
response = rh.executeGetRequest("_opendistro/_security/tenantinfo");
Assert.assertEquals(HttpStatus.SC_OK, response.getStatusCode());

rh.sendAdminCertificate = true;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why use admin certificate for users but not for backend role?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It depend upon the test we are performing.
If we want to send credentials with request, we use it, else no

debjanibnrj
debjanibnrj reviewed Oct 19, 2020
View reviewed changes
src/main/java/com/amazon/opendistroforelasticsearch/security/rest/TenantInfoAction.java
} else if (roleMapping instanceof RoleMappingsV7) {
backendRoles = ((RoleMappingsV7) roleMapping).getBackend_roles();
}
return backendRoles != null && backendRoles.contains(user.getName());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Won't this be backendRoles.contains(kibanaOpendistroRole) ?

@cliu123 cliu123 linked an issue Jan 12, 2021 that may be closed by this pull request
Role definitions are not respected #82
Closed
gaobinlong pushed a commit to gaobinlong/security that referenced this pull request Aug 30, 2023
@hsiang9431-amzn
Point OpenSearch Dashboards to to new back end APIs (opensearch-proje…
b366325 
…ct#770)
gaobinlong pushed a commit to gaobinlong/security that referenced this pull request Aug 30, 2023
@cliu123
Create release notes for rc-1 and Bump version to 1.0.0.0-rc1 (opense…
27e2a30 
…arch-project#771)

* Create release notes for rc-1

* Bump plugin version to 1.0.0.0-rc1

* Add PR#763, opensearch-project#771 and opensearch-project#770 to release notes rc1

* Build security backend rc1

* change the version in release notes

* Change plugin version to rc1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@debjanibnrj debjanibnrj debjanibnrj left review comments

@cliu123 cliu123 cliu123 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Role definitions are not respected
3 participants
@palashhedau @cliu123 @debjanibnrj