Rename

n1v0lg · Feb 12, 2024 · a22f82d · a22f82d
1 parent 4aa2381
commit a22f82d
Show file tree

Hide file tree

Showing 8 changed files with 24 additions and 25 deletions.
diff --git a/server/src/main/java/org/elasticsearch/rest/RestRequest.java b/server/src/main/java/org/elasticsearch/rest/RestRequest.java
@@ -48,7 +48,7 @@
 
 public class RestRequest implements ToXContent.Params, Traceable {
 
-    public static final String RESPONSE_RESTRICTED = "responseRestricted";
+    public static final String PATH_RESTRICTED = "pathRestricted";
     // tchar pattern as defined by RFC7230 section 3.2.6
     private static final Pattern TCHAR_PATTERN = Pattern.compile("[a-zA-Z0-9!#$%&'*+\\-.\\^_`|~]+");
 
@@ -616,13 +616,13 @@ public boolean hasExplicitRestApiVersion() {
         return restApiVersion.isPresent();
     }
 
-    public void markResponseRestricted(String restriction) {
-        if (params.containsKey(RESPONSE_RESTRICTED)) {
-            throw new IllegalArgumentException("The parameter [" + RESPONSE_RESTRICTED + "] is already defined.");
+    public void markPathRestricted(String restriction) {
+        if (params.containsKey(PATH_RESTRICTED)) {
+            throw new IllegalArgumentException("The parameter [" + PATH_RESTRICTED + "] is already defined.");
         }
-        params.put(RESPONSE_RESTRICTED, restriction);
+        params.put(PATH_RESTRICTED, restriction);
         // this parameter is intended be consumed via ToXContent.Params.param(..), not this.params(..) so don't require it is consumed here
-        consumedParams.add(RESPONSE_RESTRICTED);
+        consumedParams.add(PATH_RESTRICTED);
     }
 
     @Override

diff --git a/server/src/main/java/org/elasticsearch/rest/RestUtils.java b/server/src/main/java/org/elasticsearch/rest/RestUtils.java
@@ -19,7 +19,7 @@
 import java.util.Optional;
 import java.util.regex.Pattern;
 
-import static org.elasticsearch.rest.RestRequest.RESPONSE_RESTRICTED;
+import static org.elasticsearch.rest.RestRequest.PATH_RESTRICTED;
 
 public class RestUtils {
 
@@ -81,8 +81,8 @@ private static String decodeQueryStringParam(final String s) {
     }
 
     private static void addParam(Map<String, String> params, String name, String value) {
-        if (RESPONSE_RESTRICTED.equalsIgnoreCase(name)) {
-            throw new IllegalArgumentException("parameter [" + RESPONSE_RESTRICTED + "] is reserved and may not set");
+        if (PATH_RESTRICTED.equalsIgnoreCase(name)) {
+            throw new IllegalArgumentException("parameter [" + PATH_RESTRICTED + "] is reserved and may not set");
         }
         params.put(name, value);
     }

diff --git a/server/src/test/java/org/elasticsearch/rest/RestRequestTests.java b/server/src/test/java/org/elasticsearch/rest/RestRequestTests.java
@@ -31,7 +31,7 @@
 
 import static java.util.Collections.emptyMap;
 import static java.util.Collections.singletonMap;
-import static org.elasticsearch.rest.RestRequest.RESPONSE_RESTRICTED;
+import static org.elasticsearch.rest.RestRequest.PATH_RESTRICTED;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.is;
@@ -249,20 +249,20 @@ public void testRequiredContent() {
         assertEquals("unknown content type", e.getMessage());
     }
 
-    public void testMarkResponseRestricted() {
+    public void testMarkPathRestricted() {
         RestRequest request1 = contentRestRequest("content", new HashMap<>());
-        request1.markResponseRestricted("foo");
-        assertEquals(request1.param(RESPONSE_RESTRICTED), "foo");
-        IllegalArgumentException exception = expectThrows(IllegalArgumentException.class, () -> request1.markResponseRestricted("foo"));
-        assertThat(exception.getMessage(), is("The parameter [" + RESPONSE_RESTRICTED + "] is already defined."));
+        request1.markPathRestricted("foo");
+        assertEquals(request1.param(PATH_RESTRICTED), "foo");
+        IllegalArgumentException exception = expectThrows(IllegalArgumentException.class, () -> request1.markPathRestricted("foo"));
+        assertThat(exception.getMessage(), is("The parameter [" + PATH_RESTRICTED + "] is already defined."));
 
         RestRequest request2 = contentRestRequest("content", new HashMap<>() {
             {
-                put(RESPONSE_RESTRICTED, "foo");
+                put(PATH_RESTRICTED, "foo");
             }
         });
-        exception = expectThrows(IllegalArgumentException.class, () -> request2.markResponseRestricted("bar"));
-        assertThat(exception.getMessage(), is("The parameter [" + RESPONSE_RESTRICTED + "] is already defined."));
+        exception = expectThrows(IllegalArgumentException.class, () -> request2.markPathRestricted("bar"));
+        assertThat(exception.getMessage(), is("The parameter [" + PATH_RESTRICTED + "] is already defined."));
     }
 
     public static RestRequest contentRestRequest(String content, Map<String, String> params) {

diff --git a/server/src/test/java/org/elasticsearch/rest/RestUtilsTests.java b/server/src/test/java/org/elasticsearch/rest/RestUtilsTests.java
@@ -16,7 +16,7 @@
 import java.util.Map;
 import java.util.regex.Pattern;
 
-import static org.elasticsearch.rest.RestRequest.RESPONSE_RESTRICTED;
+import static org.elasticsearch.rest.RestRequest.PATH_RESTRICTED;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.nullValue;
@@ -159,12 +159,12 @@ public void testCrazyURL() {
 
     public void testReservedParameters() {
         Map<String, String> params = new HashMap<>();
-        String uri = "something?" + RESPONSE_RESTRICTED + "=value";
+        String uri = "something?" + PATH_RESTRICTED + "=value";
         IllegalArgumentException exception = expectThrows(
             IllegalArgumentException.class,
             () -> RestUtils.decodeQueryString(uri, uri.indexOf('?') + 1, params)
         );
-        assertEquals(exception.getMessage(), "parameter [" + RESPONSE_RESTRICTED + "] is reserved and may not set");
+        assertEquals(exception.getMessage(), "parameter [" + PATH_RESTRICTED + "] is reserved and may not set");
     }
 
     private void assertCorsSettingRegexIsNull(String settingsValue) {

diff --git a/.../java/org/elasticsearch/xpack/core/security/authz/privilege/ClusterPrivilegeResolver.java b/.../java/org/elasticsearch/xpack/core/security/authz/privilege/ClusterPrivilegeResolver.java
@@ -467,7 +467,6 @@ public static Collection<String> findPrivilegesThatGrant(String action, Transpor
      * Sorts the collection of privileges from least-privilege to most-privilege (to the extent possible),
      * returning them in a sorted map keyed by name.
      */
-    // TODO maybe avoid public visibility
     public static SortedMap<String, NamedClusterPrivilege> sortByAccessLevel(Collection<NamedClusterPrivilege> privileges) {
         // How many other privileges does this privilege imply. Those with a higher count are considered to be a higher privilege
         final Map<String, Long> impliesCount = Maps.newMapWithExpectedSize(privileges.size());

diff --git a/...n/core/src/main/java/org/elasticsearch/xpack/core/security/authz/privilege/Privilege.java b/...n/core/src/main/java/org/elasticsearch/xpack/core/security/authz/privilege/Privilege.java
@@ -84,7 +84,7 @@ public Automaton getAutomaton() {
     /**
      * Sorts the map of privileges from least-privilege to most-privilege
      */
-    static <T extends Privilege> SortedMap<String, T> sortByAccessLevel(Map<String, T> privileges) {
+    public static <T extends Privilege> SortedMap<String, T> sortByAccessLevel(Map<String, T> privileges) {
         // How many other privileges is this privilege a subset of. Those with a higher count are considered to be a lower privilege
         final Map<String, Long> subsetCount = Maps.newMapWithExpectedSize(privileges.size());
         privileges.forEach(

diff --git a/...ecurity/src/main/java/org/elasticsearch/xpack/security/operator/OperatorOnlyRegistry.java b/...ecurity/src/main/java/org/elasticsearch/xpack/security/operator/OperatorOnlyRegistry.java
@@ -26,7 +26,7 @@ public interface OperatorOnlyRegistry {
      * fully or partially restricted. A fully restricted REST API mandates that the implementation call restChannel.sendResponse(...) and
      * return a {@link OperatorPrivilegesViolation}. A partially restricted REST API mandates that the {@link RestRequest} is marked as
      * restricted so that the downstream handler can behave appropriately. For example, to restrict the REST response the implementation
-     * should call {@link RestRequest#markResponseRestricted(String)} so that the downstream handler can properly restrict the response
+     * should call {@link RestRequest#markPathRestricted(String)} so that the downstream handler can properly restrict the response
      * before returning to the client. Note - a partial restriction should return null.
      * @param restHandler The {@link RestHandler} to check for any restrictions
      * @param restRequest The {@link RestRequest} to check for any restrictions and mark any partially restricted REST API's

diff --git a/...ty/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java b/...ty/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java
@@ -63,7 +63,7 @@ public String getName() {
 
     @Override
     public RestChannelConsumer innerPrepareRequest(RestRequest request, NodeClient client) throws IOException {
-        final boolean restrictRequest = request.hasParam(RestRequest.RESPONSE_RESTRICTED);
+        final boolean restrictRequest = request.hasParam(RestRequest.PATH_RESTRICTED);
         final PutRoleRequestBuilder requestBuilder = builderFactory.create(client, restrictRequest, fileRolesStore::exists)
             .source(request.param("name"), request.requiredContent(), request.getXContentType())
             .setRefreshPolicy(request.param("refresh"));