From 57995b620c90b684d9c3732145feb238df25e855 Mon Sep 17 00:00:00 2001 From: Sriram <59816283+skkosuri-amzn@users.noreply.github.com> Date: Tue, 1 Dec 2020 14:46:07 -0800 Subject: [PATCH] Run /_execute in User context (#312) --- .../transport/TransportExecuteMonitorAction.kt | 13 ++++++++++++- .../alerting/core/schedule/JobSchedulerMetrics.kt | 3 ++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportExecuteMonitorAction.kt b/alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportExecuteMonitorAction.kt index eecdad52..330c1a30 100644 --- a/alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportExecuteMonitorAction.kt +++ b/alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/transport/TransportExecuteMonitorAction.kt @@ -7,6 +7,8 @@ import com.amazon.opendistroforelasticsearch.alerting.action.ExecuteMonitorRespo import com.amazon.opendistroforelasticsearch.alerting.core.model.ScheduledJob import com.amazon.opendistroforelasticsearch.alerting.model.Monitor import com.amazon.opendistroforelasticsearch.alerting.util.AlertingException +import com.amazon.opendistroforelasticsearch.commons.ConfigConstants +import com.amazon.opendistroforelasticsearch.commons.authuser.User import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.launch import kotlinx.coroutines.withContext @@ -39,8 +41,14 @@ class TransportExecuteMonitorAction @Inject constructor( ) : HandledTransportAction ( ExecuteMonitorAction.NAME, transportService, actionFilters, ::ExecuteMonitorRequest) { + private var user: User? = null + override fun doExecute(task: Task, execMonitorRequest: ExecuteMonitorRequest, actionListener: ActionListener) { + val userStr = client.threadPool().threadContext.getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER_AND_ROLES) + log.debug("User and roles string from thread context: $userStr") + user = User.parse(userStr) + client.threadPool().threadContext.stashContext().use { val executeMonitor = fun(monitor: Monitor) { // Launch the coroutine with the clients threadContext. This is needed to preserve authentication information @@ -87,7 +95,10 @@ class TransportExecuteMonitorAction @Inject constructor( } }) } else { - val monitor = execMonitorRequest.monitor as Monitor + val monitor = when (user == null || user?.name.isNullOrEmpty()) { + true -> execMonitorRequest.monitor as Monitor + false -> (execMonitorRequest.monitor as Monitor).copy(user = user) + } executeMonitor(monitor) } } diff --git a/core/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/core/schedule/JobSchedulerMetrics.kt b/core/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/core/schedule/JobSchedulerMetrics.kt index ce13312d..2d0c0083 100644 --- a/core/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/core/schedule/JobSchedulerMetrics.kt +++ b/core/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/core/schedule/JobSchedulerMetrics.kt @@ -48,7 +48,8 @@ class JobSchedulerMetrics : ToXContentFragment, Writeable { override fun toXContent(builder: XContentBuilder, params: ToXContent.Params): XContentBuilder { if (lastExecutionTime != null) - builder.timeField("last_execution_time", "last_execution_time_in_millis", Instant.ofEpochMilli(lastExecutionTime).toEpochMilli()) + builder.timeField("last_execution_time", "last_execution_time_in_millis", + Instant.ofEpochMilli(lastExecutionTime).toEpochMilli()) builder.field("running_on_time", runningOnTime) return builder }