From 35fa44ca1e578a07156e35af5e791499cdbd4053 Mon Sep 17 00:00:00 2001 From: Ryan Liang Date: Thu, 26 Oct 2023 22:05:02 -0700 Subject: [PATCH] Minor fix of some formatting Signed-off-by: Ryan Liang --- .../security/privileges/PrivilegesEvaluator.java | 2 +- .../org/opensearch/security/IntegrationTests.java | 12 ++++++++++++ src/test/resources/internal_users.yml | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java index 36bfad4456..71d8e0e102 100644 --- a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java +++ b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java @@ -358,7 +358,7 @@ public PrivilegesEvaluatorResponse evaluate( if (serviceAccountUser) { presponse.missingPrivileges.add(action0); presponse.allowed = false; - log.info("{} is a service account which as no access to cluster level permission of {}.", user, action0); + log.info("{} is a service account which has no access to cluster level permission of {}.", user, action0); return presponse; } diff --git a/src/test/java/org/opensearch/security/IntegrationTests.java b/src/test/java/org/opensearch/security/IntegrationTests.java index 9a4bf7bba8..e0792de503 100644 --- a/src/test/java/org/opensearch/security/IntegrationTests.java +++ b/src/test/java/org/opensearch/security/IntegrationTests.java @@ -1074,4 +1074,16 @@ public void testMonitorHealth() throws Exception { RestHelper rh = nonSslRestHelper(); Assert.assertEquals(HttpStatus.SC_OK, rh.executeGetRequest("_cat/health", encodeBasicHeader("picard", "picard")).getStatusCode()); } + + // TODO: SOMETHING LIKE THIS + @Test + public void testServiceAccountClusterPermissions() throws Exception { + + setup(); + + RestHelper rh = nonSslRestHelper(); + HttpResponse response = rh.executeGetRequest("_cat/health", encodeBasicHeader("bug.99", "nagilum")); + System.out.println("The service account cluster perm response is: " + response.toString()); + Assert.assertEquals(HttpStatus.SC_FORBIDDEN, response.getStatusCode()); + } } diff --git a/src/test/resources/internal_users.yml b/src/test/resources/internal_users.yml index 3447e7f583..a5eeb6fddb 100644 --- a/src/test/resources/internal_users.yml +++ b/src/test/resources/internal_users.yml @@ -6,7 +6,7 @@ bug.88: hash: "$2a$12$n5nubfWATfQjSYHiWtUyeOxMIxFInUHOAx8VMmGmxFNPGpaBmeB.m" reserved: false hidden: false - backend_roles: [ ] + backend_roles: [] attributes: {} description: "Migrated from v6" bug.99: