Skip to content

Commit

Permalink
opensearch-project#2595 adding dummy validator to reach class
Browse files Browse the repository at this point in the history 
Signed-off-by: scosta <[email protected]>
  • Loading branch information
@samuelcostae
samuelcostae committed May 8, 2023
1 parent d507dfc commit d53251e
Show file tree
Hide file tree
Showing 4 changed files with 110 additions and 67 deletions.
21 changes: 8 additions & 13 deletions src/main/java/org/opensearch/security/dlic/rest/api/ExtensionRegistrationApiAction.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
import org.opensearch.security.configuration.AdminDNs;
import org.opensearch.security.configuration.ConfigurationRepository;
import org.opensearch.security.dlic.rest.validation.AbstractConfigurationValidator;
import org.opensearch.security.dlic.rest.validation.InternalUsersValidator;
import org.opensearch.security.dlic.rest.validation.ExtensionRegistrationValidator;
import org.opensearch.security.privileges.PrivilegesEvaluator;
import org.opensearch.security.securityconf.impl.CType;
import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration;
Expand All @@ -55,6 +55,8 @@ public class ExtensionRegistrationApiAction extends AbstractApiAction {
//Sample Request
// {
// "unique_id": "hello_world",
// "description": "Extension that greets the user",
// "developer": "messages",
// "indices": "messages",
// "protected_indices": {},
// "endpoints": "/hello, /goodbye",
Expand Down Expand Up @@ -98,9 +100,10 @@ protected void handleGet(final RestChannel channel, RestRequest request, Client

@Override
protected void handlePut(RestChannel channel, final RestRequest request, final Client client, final JsonNode content) throws IOException {
createdResponse(channel, " updated");

final String uniqueId = request.param("unique_id");
final String description = request.param("unique_id");
final String developer = request.param("unique_id");
final List<String> indices = Arrays.asList(request.param("indices"));
final List<String> protected_indices = Arrays.asList(request.param("protected_indices"));
final List<String> endpoints = Arrays.asList(request.param("endpoints"));
Expand All @@ -109,11 +112,6 @@ protected void handlePut(RestChannel channel, final RestRequest request, final C
final String username = request.param("name");


if(!validateRequest(request)){
badRequestResponse(channel, "No Extension Unique ID specified.");
return;
}

if(save(request)){
generateAuthToken();
createdResponse(channel, "'" + uniqueId + "' updated");
Expand All @@ -136,19 +134,15 @@ protected void handlePut(RestChannel channel, final RestRequest request, final C
// contentAsNode.remove("password");
// }

final boolean userExisted = internalUsersConfiguration.exists(username);

// checks complete, create or update the user
internalUsersConfiguration.putCObject(username, DefaultObjectMapper.readTree(contentAsNode, internalUsersConfiguration.getImplementingClass()));

}

private boolean save(RestRequest request) {
return true;
}

private boolean validateRequest(RestRequest request) {
return true;
return true;
}

@Override
Expand Down Expand Up @@ -176,6 +170,7 @@ protected CType getConfigName() {

@Override
protected AbstractConfigurationValidator getValidator(RestRequest request, BytesReference ref, Object... params) {
return new InternalUsersValidator(request, isSuperAdmin(), ref, this.settings, params);
return new ExtensionRegistrationValidator(request, isSuperAdmin(), ref, this.settings, params);
}
}

41 changes: 41 additions & 0 deletions ...ain/java/org/opensearch/security/dlic/rest/validation/ExtensionRegistrationValidator.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* SPDX-License-Identifier: Apache-2.0
*
* The OpenSearch Contributors require contributions made to
* this file be licensed under the Apache-2.0 license or a
* compatible open source license.
*
* Modifications Copyright OpenSearch Contributors. See
* GitHub history for details.
*/

package org.opensearch.security.dlic.rest.validation;

import org.opensearch.common.bytes.BytesReference;
import org.opensearch.common.settings.Settings;
import org.opensearch.rest.RestRequest;

/**
* Validator for Internal Users Api Action.
*/
public class ExtensionRegistrationValidator extends AbstractConfigurationValidator {

public ExtensionRegistrationValidator(final RestRequest request, boolean isSuperAdmin, BytesReference ref, final Settings opensearchSettings,
Object... param) {
super(request, ref, opensearchSettings, param);
allowedKeys.put("unique_id", DataType.STRING);
allowedKeys.put("description", DataType.STRING);
allowedKeys.put("indices", DataType.ARRAY);
allowedKeys.put("protected_indices", DataType.ARRAY);
allowedKeys.put("endpoints", DataType.ARRAY);
allowedKeys.put("protected_endpoints", DataType.ARRAY);
}

@Override
public boolean validate() {
//TODO
return true;


}
}
83 changes: 61 additions & 22 deletions src/test/java/org/opensearch/security/dlic/rest/api/ExtensionRegistrationApiActionTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,17 @@
import org.junit.Test;

import org.opensearch.common.settings.Settings;
import org.opensearch.rest.RestStatus;
import org.opensearch.security.support.ConfigConstants;
import org.opensearch.security.system_indices.SystemIndicesTests;
import org.opensearch.security.test.DynamicSecurityConfig;
import org.opensearch.security.test.helper.file.FileHelper;
import org.opensearch.security.test.helper.rest.RestHelper;

import static org.junit.Assert.assertEquals;
import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX;

public class ExtensionRegistrationApiActionTest extends AbstractRestApiUnitTest {
public class ExtensionRegistrationApiActionTest extends SystemIndicesTests {
private final String ENDPOINT = PLUGINS_PREFIX + "/api/extensions/register";

//Sample Request
Expand All @@ -36,30 +41,64 @@ public class ExtensionRegistrationApiActionTest extends AbstractRestApiUnitTest

private final String wrongExtRequest = " {\n" + " \"indices\": \"messages\",\n" + " \"protected_indices\": {},\n" + " \"endpoints\": \"/hello, /goodbye\",\n" + " \"protected_endpoints\": \"/update/{name}\"\n" + " }";

@Test
public void ShouldGetAuthTokenWhenRegistryGetsCreatedTest() throws Exception {

Settings settings = Settings.builder().put(ConfigConstants.SECURITY_UNSUPPORTED_RESTAPI_ALLOW_SECURITYCONFIG_MODIFICATION, true).build();
setup(settings);

rh.keystore = "restapi/kirk-keystore.jks";
rh.sendAdminCertificate = true;

RestHelper.HttpResponse response = rh.executePutRequest(ENDPOINT, correctExtRequest);
Assert.assertEquals(HttpStatus.SC_OK, response.getStatusCode());
private void setupSettingsWithSsl() throws Exception {

Settings systemIndexSettings = Settings.builder()
.put(ConfigConstants.SECURITY_SYSTEM_INDICES_ENABLED_KEY, false)
.put("plugins.security.ssl.http.enabled",true)
.put("plugins.security.ssl.http.keystore_filepath", FileHelper.getAbsoluteFilePathFromClassPath("node-0-keystore.jks"))
.put("plugins.security.ssl.http.truststore_filepath", FileHelper.getAbsoluteFilePathFromClassPath("truststore.jks"))
.put("path.repo", repositoryPath.getRoot().getAbsolutePath())
.build();
setup(Settings.EMPTY,
new DynamicSecurityConfig()
.setConfig("config_system_indices.yml")
.setSecurityRoles("roles_system_indices.yml")
.setSecurityInternalUsers("internal_users_system_indices.yml")
.setSecurityRolesMapping("roles_mapping_system_indices.yml"),
systemIndexSettings,
true);
}
private RestHelper keyStoreRestHelper() {
RestHelper restHelper = restHelper();
restHelper.keystore = "kirk-keystore.jks";
restHelper.enableHTTPClientSSL = true;
restHelper.trustHTTPServerCertificate = true;
restHelper.sendAdminCertificate = true;
return restHelper;
}

private RestHelper sslRestHelper() {
RestHelper restHelper = restHelper();
restHelper.enableHTTPClientSSL = true;
return restHelper;
}
@Test
public void RegisterExtShouldFailIfMissingFields() throws Exception {

Settings settings = Settings.builder().put(ConfigConstants.SECURITY_UNSUPPORTED_RESTAPI_ALLOW_SECURITYCONFIG_MODIFICATION, true).build();
setup(settings);

rh.keystore = "restapi/kirk-keystore.jks";
rh.sendAdminCertificate = true;

RestHelper.HttpResponse response = rh.executePutRequest(ENDPOINT, wrongExtRequest);
Assert.assertEquals(HttpStatus.SC_BAD_REQUEST, response.getStatusCode());
public void tempTestForExtensionRegistrationAPiActionRemoveAfter() throws Exception {
setupSettingsWithSsl();

RestHelper keyStoreRestHelper = keyStoreRestHelper();
RestHelper sslRestHelper = sslRestHelper();

String indexSettings = "{\n" +
" \"index\" : {\n" +
" \"refresh_interval\" : null\n" +
" }\n" +
"}";

//as Superadmin
RestHelper.HttpResponse responsea = keyStoreRestHelper.executeGetRequest( ENDPOINT, indexSettings);
assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());

responsea = keyStoreRestHelper.executePutRequest( ENDPOINT, indexSettings);
assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());

//as admin
// responsea = sslRestHelper.executeGetRequest( ENDPOINT, indexSettings, allAccessUserHeader);
// assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());
//
// responsea = sslRestHelper.executePutRequest( ENDPOINT, indexSettings, allAccessUserHeader);
// assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());
}

}
32 changes: 0 additions & 32 deletions src/test/java/org/opensearch/security/system_indices/SystemIndicesTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,38 +360,6 @@ public void testUpdateIndexSettings() throws Exception {
}
}

@Test
public void tempTestForExtensionRegistrationAPiActionRemoveAfter() throws Exception {
setupSystemIndicesDisabledWithSsl();
// createTestIndicesAndDocs();

RestHelper keyStoreRestHelper = keyStoreRestHelper();
RestHelper sslRestHelper = sslRestHelper();

String indexSettings = "{\n" +
" \"index\" : {\n" +
" \"refresh_interval\" : null\n" +
" }\n" +
"}";
String ENDPOINT = PLUGINS_PREFIX + "/api/extensions/register";


//as Superadmin
RestHelper.HttpResponse responsea = keyStoreRestHelper.executeGetRequest( ENDPOINT, indexSettings);
assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());

responsea = keyStoreRestHelper.executePutRequest( ENDPOINT, indexSettings);
assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());

//as admin
responsea = sslRestHelper.executeGetRequest( ENDPOINT, indexSettings, allAccessUserHeader);
assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());

responsea = sslRestHelper.executePutRequest( ENDPOINT, indexSettings, allAccessUserHeader);
assertEquals(RestStatus.CREATED.getStatus(), responsea.getStatusCode());
}


@Test
public void testUpdateIndexSettingsWithSystemIndices() throws Exception {
setupSystemIndicesEnabledWithSsl();
Expand Down

0 comments on commit d53251e

Please sign in to comment.