99* GitHub history for details.
1010*/
1111
12- package org .opensearch .security .privileges ;
12+ package org .opensearch .security .privileges . int_tests ;
1313
1414import com .carrotsearch .randomizedtesting .annotations .ThreadLeakScope ;
1515import org .apache .http .HttpStatus ;
3030import static org .hamcrest .Matchers .equalTo ;
3131import static org .opensearch .test .framework .TestSecurityConfig .AuthcDomain .AUTHC_HTTPBASIC_INTERNAL ;
3232
33- /**
34- * This is a port for the test
35- * org.opensearch.security.privileges.PrivilegesEvaluatorTest to the new test
36- * framework for direct comparison
37- */
3833@ RunWith (com .carrotsearch .randomizedtesting .RandomizedRunner .class )
3934@ ThreadLeakScope (ThreadLeakScope .Scope .NONE )
40- public class PrivilegesEvaluatorTest {
35+ public class MiscPrivilegesIntTests {
4136
4237 protected final static TestSecurityConfig .User NEGATIVE_LOOKAHEAD = new TestSecurityConfig .User ("negative_lookahead_user" ).roles (
4338 new Role ("negative_lookahead_role" ).indexPermissions ("read" ).on ("/^(?!t.*).*/" ).clusterPermissions ("cluster_composite_ops" )
@@ -58,11 +53,6 @@ public class PrivilegesEvaluatorTest {
5853 .clusterPermissions (RenderSearchTemplateAction .NAME )
5954 );
6055
61- private String TEST_QUERY =
62- "{\" source\" :{\" query\" :{\" match\" :{\" service\" :\" {{service_name}}\" }}},\" params\" :{\" service_name\" :\" Oracle\" }}" ;
63-
64- private String TEST_DOC = "{\" source\" : {\" title\" : \" Spirited Away\" }}" ;
65-
6656 private String TEST_RENDER_SEARCH_TEMPLATE_QUERY =
6757 "{\" params\" :{\" status\" :[\" pending\" ,\" published\" ]},\" source\" :\" {\\ \" query\\ \" : {\\ \" terms\\ \" : {\\ \" status\\ \" : [\\ \" {{#status}}\\ \" ,\\ \" {{.}}\\ \" ,\\ \" {{/status}}\\ \" ]}}}\" }" ;
6858
@@ -99,45 +89,6 @@ public void testRegexPattern() throws Exception {
9989
10090 }
10191
102- @ Test
103- public void testSearchTemplateRequestSuccess () {
104- // Insert doc into services index with admin user
105- try (TestRestClient client = cluster .getRestClient (TestSecurityConfig .User .USER_ADMIN )) {
106- TestRestClient .HttpResponse response = client .postJson ("services/_doc" , TEST_DOC );
107- assertThat (response .getStatusCode (), equalTo (HttpStatus .SC_CREATED ));
108- }
109-
110- try (TestRestClient client = cluster .getRestClient (SEARCH_TEMPLATE )) {
111- final String searchTemplateOnServicesIndex = "services/_search/template" ;
112- final TestRestClient .HttpResponse searchTemplateOnAuthorizedIndexResponse = client .getWithJsonBody (
113- searchTemplateOnServicesIndex ,
114- TEST_QUERY
115- );
116- assertThat (searchTemplateOnAuthorizedIndexResponse .getStatusCode (), equalTo (HttpStatus .SC_OK ));
117- }
118- }
119-
120- @ Test
121- public void testSearchTemplateRequestUnauthorizedIndex () {
122- try (TestRestClient client = cluster .getRestClient (SEARCH_TEMPLATE )) {
123- final String searchTemplateOnMoviesIndex = "movies/_search/template" ;
124- final TestRestClient .HttpResponse searchTemplateOnUnauthorizedIndexResponse = client .getWithJsonBody (
125- searchTemplateOnMoviesIndex ,
126- TEST_QUERY
127- );
128- assertThat (searchTemplateOnUnauthorizedIndexResponse .getStatusCode (), equalTo (HttpStatus .SC_FORBIDDEN ));
129- }
130- }
131-
132- @ Test
133- public void testSearchTemplateRequestUnauthorizedAllIndices () {
134- try (TestRestClient client = cluster .getRestClient (SEARCH_TEMPLATE )) {
135- final String searchTemplateOnAllIndices = "_search/template" ;
136- final TestRestClient .HttpResponse searchOnAllIndicesResponse = client .getWithJsonBody (searchTemplateOnAllIndices , TEST_QUERY );
137- assertThat (searchOnAllIndicesResponse .getStatusCode (), equalTo (HttpStatus .SC_FORBIDDEN ));
138- }
139- }
140-
14192 @ Test
14293 public void testRenderSearchTemplateRequestFailure () {
14394 try (TestRestClient client = cluster .getRestClient (SEARCH_TEMPLATE )) {
0 commit comments