Skip to content

Commit

Permalink
Spotless
Browse files Browse the repository at this point in the history 
Signed-off-by: Stephen Crawford <[email protected]>
  • Loading branch information
@stephen-crawford
stephen-crawford committed Jan 12, 2024
1 parent 1ff11fa commit 84ce6ab
Showing 1 changed file with 78 additions and 74 deletions.
152 changes: 78 additions & 74 deletions src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@
import org.opensearch.transport.Transport.Connection;
import org.opensearch.transport.TransportInterceptor.AsyncSender;
import org.opensearch.transport.TransportRequest;
import org.opensearch.transport.TransportRequestHandler;
import org.opensearch.transport.TransportRequestOptions;
import org.opensearch.transport.TransportResponseHandler;
import org.opensearch.transport.TransportService;
Expand All @@ -53,7 +52,6 @@
import static java.util.Collections.emptySet;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;

Expand Down Expand Up @@ -118,22 +116,22 @@ private void testSendRequestDecorate(Version remoteNodeVersion) {

MockTransport transport = new MockTransport();
TransportService transportService = transport.createTransportService(
Settings.EMPTY,
threadPool,
TransportService.NOOP_TRANSPORT_INTERCEPTOR,
boundTransportAddress -> clusterService.state().nodes().get(SecurityInterceptor.class.getSimpleName()),
null,
emptySet(),
NoopTracer.INSTANCE
Settings.EMPTY,
threadPool,
TransportService.NOOP_TRANSPORT_INTERCEPTOR,
boundTransportAddress -> clusterService.state().nodes().get(SecurityInterceptor.class.getSimpleName()),
null,
emptySet(),
NoopTracer.INSTANCE
);

// CS-SUPPRESS-SINGLE: RegexpSingleline Extensions manager used for creating a mock
OpenSearchSecurityPlugin.GuiceHolder guiceHolder = new OpenSearchSecurityPlugin.GuiceHolder(
mock(RepositoriesService.class),
transportService,
mock(IndicesService.class),
mock(PitService.class),
mock(ExtensionsManager.class)
mock(RepositoriesService.class),
transportService,
mock(IndicesService.class),
mock(PitService.class),
mock(ExtensionsManager.class)
);
// CS-ENFORCE-SINGLE

Expand Down Expand Up @@ -171,11 +169,11 @@ private void testSendRequestDecorate(Version remoteNodeVersion) {
AsyncSender sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
User transientUser = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
assertEquals(transientUser, user);
Expand All @@ -194,11 +192,11 @@ public <T extends TransportResponse> void sendRequest(
sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
User transientUser = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
assertEquals(transientUser, user);
Expand All @@ -217,11 +215,11 @@ public <T extends TransportResponse> void sendRequest(
sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
String serializedUserHeader = threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER);
assertEquals(serializedUserHeader, Base64Helper.serializeObject(user, useJDKSerialization));
Expand All @@ -240,11 +238,11 @@ public <T extends TransportResponse> void sendRequest(
sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
String serializedUserHeader = threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER);
assertEquals(serializedUserHeader, Base64Helper.serializeObject(user, useJDKSerialization));
Expand All @@ -263,11 +261,11 @@ public <T extends TransportResponse> void sendRequest(
sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
String serializedUserHeader = threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER);
assertEquals(serializedUserHeader, Base64Helper.serializeObject(user, useJDKSerialization));
Expand All @@ -284,16 +282,15 @@ public <T extends TransportResponse> void sendRequest(

// test sending various missing decorates with missing request info


// checking thread context inside sendRequestDecorate
sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
User transientUser = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
assertEquals(transientUser, user);
Expand All @@ -302,12 +299,14 @@ public <T extends TransportResponse> void sendRequest(

// Having null connection will cause useJDKSerialization to throw npe
AsyncSender finalSender = sender; // Have to do this because of being a runnable
assertThrows(java.lang.NullPointerException.class, () -> securityInterceptor.sendRequestDecorate(finalSender, null, action, request, options, handler, localNode));
assertThrows(
java.lang.NullPointerException.class,
() -> securityInterceptor.sendRequestDecorate(finalSender, null, action, request, options, handler, localNode)
);

// Make the origin null should cause the ensureCorrectHeaders method to populate with Origin.LOCAL.toString()
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_ORIGIN, null);


}

private void testSendRequestDecorateWithEmptyUserHeader(Version remoteNodeVersion) {
Expand All @@ -316,13 +315,13 @@ private void testSendRequestDecorateWithEmptyUserHeader(Version remoteNodeVersio

MockTransport transport = new MockTransport();
TransportService transportService = transport.createTransportService(
Settings.EMPTY,
threadPool,
TransportService.NOOP_TRANSPORT_INTERCEPTOR,
boundTransportAddress -> clusterService.state().nodes().get(SecurityInterceptor.class.getSimpleName()),
null,
emptySet(),
NoopTracer.INSTANCE
Settings.EMPTY,
threadPool,
TransportService.NOOP_TRANSPORT_INTERCEPTOR,
boundTransportAddress -> clusterService.state().nodes().get(SecurityInterceptor.class.getSimpleName()),
null,
emptySet(),
NoopTracer.INSTANCE
);

// Add a fake header to show it does not get misinterpreted
Expand All @@ -333,28 +332,33 @@ private void testSendRequestDecorateWithEmptyUserHeader(Version remoteNodeVersio
threadPool.getThreadContext().putHeader(null, "null");

// Add the other headers we check
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_CONF_REQUEST_HEADER, "fake security config request header");
threadPool.getThreadContext()
.putHeader(ConfigConstants.OPENDISTRO_SECURITY_CONF_REQUEST_HEADER, "fake security config request header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_ORIGIN_HEADER, "fake security origin header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER, "fake security remote address header");
threadPool.getThreadContext()
.putHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER, "fake security remote address header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_DLS_QUERY_HEADER, "fake dls query header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_FLS_FIELDS_HEADER, "fake fls fields header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_MASKED_FIELD_HEADER, "fake masked field header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_DOC_ALLOWLIST_HEADER, "fake doc allowlist header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_FILTER_LEVEL_DLS_DONE, "fake filter level dls header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_DLS_MODE_HEADER, "fake dls mode header");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_DLS_FILTER_LEVEL_QUERY_HEADER, "fake dls filter header");
threadPool.getThreadContext()
.putHeader(ConfigConstants.OPENDISTRO_SECURITY_DLS_FILTER_LEVEL_QUERY_HEADER, "fake dls filter header");
threadPool.getThreadContext().putHeader("_opendistro_security_trace", "fake trace value");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_INITIAL_ACTION_CLASS_HEADER, "fake initial action header");
threadPool.getThreadContext()
.putHeader(ConfigConstants.OPENDISTRO_SECURITY_INITIAL_ACTION_CLASS_HEADER, "fake initial action header");
threadPool.getThreadContext().putHeader("_opendistro_security_source_field_context", "fake source field context value");
threadPool.getThreadContext().putHeader(ConfigConstants.OPENDISTRO_SECURITY_INJECTED_ROLES_VALIDATION, "fake injected roles validation string");
threadPool.getThreadContext()
.putHeader(ConfigConstants.OPENDISTRO_SECURITY_INJECTED_ROLES_VALIDATION, "fake injected roles validation string");

// CS-SUPPRESS-SINGLE: RegexpSingleline Extensions manager used for creating a mock
OpenSearchSecurityPlugin.GuiceHolder guiceHolder = new OpenSearchSecurityPlugin.GuiceHolder(
mock(RepositoriesService.class),
transportService,
mock(IndicesService.class),
mock(PitService.class),
mock(ExtensionsManager.class)
mock(RepositoriesService.class),
transportService,
mock(IndicesService.class),
mock(PitService.class),
mock(ExtensionsManager.class)
);

// CS-ENFORCE-SINGLE
Expand Down Expand Up @@ -382,11 +386,11 @@ private void testSendRequestDecorateWithEmptyUserHeader(Version remoteNodeVersio
AsyncSender sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
User transientUser = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
assertEquals(transientUser, null);
Expand All @@ -405,11 +409,11 @@ public <T extends TransportResponse> void sendRequest(
sender = new AsyncSender() {
@Override
public <T extends TransportResponse> void sendRequest(
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
Connection connection,
String action,
TransportRequest request,
TransportRequestOptions options,
TransportResponseHandler<T> handler
) {
User transientUser = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
assertEquals(transientUser, null);
Expand Down

0 comments on commit 84ce6ab

Please sign in to comment.