From db911526e22525c8906a86a4bbf52247dda63848 Mon Sep 17 00:00:00 2001 From: Nikolaj Volgushev Date: Sun, 11 Feb 2024 20:00:15 +0100 Subject: [PATCH] Pass flag --- .../action/role/PutRoleRequestBuilderFactory.java | 5 ++--- .../java/org/elasticsearch/xpack/security/Security.java | 8 +------- .../security/rest/action/role/RestPutRoleAction.java | 7 ++----- .../security/rest/action/role/RestPutRoleActionTests.java | 2 +- 4 files changed, 6 insertions(+), 16 deletions(-) diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequestBuilderFactory.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequestBuilderFactory.java index 75efef212f18c..1f3a8b5b5cdc9 100644 --- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequestBuilderFactory.java +++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/role/PutRoleRequestBuilderFactory.java @@ -8,16 +8,15 @@ package org.elasticsearch.xpack.core.security.action.role; import org.elasticsearch.client.internal.Client; -import org.elasticsearch.xpack.core.security.SecurityContext; import java.util.function.Predicate; public interface PutRoleRequestBuilderFactory { - PutRoleRequestBuilder create(Client client, SecurityContext securityContext, Predicate fileRolesStoreNameChecker); + PutRoleRequestBuilder create(Client client, boolean restrictRequest, Predicate fileRolesStoreNameChecker); class Default implements PutRoleRequestBuilderFactory { @Override - public PutRoleRequestBuilder create(Client client, SecurityContext securityContext, Predicate fileRolesStoreNameChecker) { + public PutRoleRequestBuilder create(Client client, boolean restrictRequest, Predicate fileRolesStoreNameChecker) { return new PutRoleRequestBuilder(client); } } diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java index 853ba204f3d12..763eb2616175c 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java @@ -1425,13 +1425,7 @@ public List getRestHandlers( new RestPutUserAction(settings, getLicenseState()), new RestDeleteUserAction(settings, getLicenseState()), new RestGetRolesAction(settings, getLicenseState()), - new RestPutRoleAction( - settings, - getLicenseState(), - securityContext.get(), - putRoleRequestBuilderFactory.get(), - fileRolesStore.get() - ), + new RestPutRoleAction(settings, getLicenseState(), putRoleRequestBuilderFactory.get(), fileRolesStore.get()), new RestDeleteRoleAction(settings, getLicenseState()), new RestChangePasswordAction(settings, securityContext.get(), getLicenseState()), new RestSetEnabledAction(settings, getLicenseState()), diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java index 7c1f3619f2ab9..51b2359b2fa0d 100644 --- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java +++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleAction.java @@ -17,7 +17,6 @@ import org.elasticsearch.rest.ServerlessScope; import org.elasticsearch.rest.action.RestBuilderListener; import org.elasticsearch.xcontent.XContentBuilder; -import org.elasticsearch.xpack.core.security.SecurityContext; import org.elasticsearch.xpack.core.security.action.role.PutRoleRequestBuilder; import org.elasticsearch.xpack.core.security.action.role.PutRoleRequestBuilderFactory; import org.elasticsearch.xpack.core.security.action.role.PutRoleResponse; @@ -35,19 +34,16 @@ @ServerlessScope(Scope.PUBLIC) public class RestPutRoleAction extends NativeRoleBaseRestHandler { - private final SecurityContext securityContext; private final PutRoleRequestBuilderFactory builderFactory; private final FileRolesStore fileRolesStore; public RestPutRoleAction( Settings settings, XPackLicenseState licenseState, - SecurityContext securityContext, PutRoleRequestBuilderFactory builderFactory, FileRolesStore fileRolesStore ) { super(settings, licenseState); - this.securityContext = securityContext; this.builderFactory = builderFactory; this.fileRolesStore = fileRolesStore; } @@ -67,7 +63,8 @@ public String getName() { @Override public RestChannelConsumer innerPrepareRequest(RestRequest request, NodeClient client) throws IOException { - final PutRoleRequestBuilder requestBuilder = builderFactory.create(client, securityContext, fileRolesStore::exists) + final boolean restrictRequest = request.hasParam(RestRequest.RESPONSE_RESTRICTED); + final PutRoleRequestBuilder requestBuilder = builderFactory.create(client, restrictRequest, fileRolesStore::exists) .source(request.param("name"), request.requiredContent(), request.getXContentType()) .setRefreshPolicy(request.param("refresh")); return channel -> requestBuilder.execute(new RestBuilderListener<>(channel) { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleActionTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleActionTests.java index 4c5421d6bf87c..5f3931acb1b22 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleActionTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/rest/action/role/RestPutRoleActionTests.java @@ -42,7 +42,7 @@ public void testFailureWhenNativeRolesDisabled() throws Exception { try (var threadPool = createThreadPool()) { final var nodeClient = new NoOpNodeClient(threadPool); - final RestPutRoleAction action = new RestPutRoleAction(securityDisabledSettings, licenseState, mock(), mock(), mock()); + final RestPutRoleAction action = new RestPutRoleAction(securityDisabledSettings, licenseState, mock(), mock()); action.handleRequest(request, channel, nodeClient); }