github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-06-29 01:44:36 -04:00
Code Issues Projects Releases Packages Wiki Activity

Support audit ignore policy by index privileges

Browse source 
Addressing review comments + changing approach:
- use permission check instead of simple "checkIfGrants"
- adding more testing
This commit is contained in:
BigPandaToo 2021-02-15 23:26:37 +01:00
parent 96d22a4267
commit 79649e9a6a
1 changed files with 0 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

14
x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/security/audit/logfile/AuditTrailSettingsUpdateTests.java
View file

@ -124,20 +124,6 @@ public class AuditTrailSettingsUpdateTests extends SecurityIntegTestCase {
assertThat(e.getMessage(), containsString("illegal value can't update")); assertThat(e.getMessage(), containsString("illegal value can't update"));
} }
public void testInvalidBothPrivilegesFilterSettings() throws Exception {
final Settings.Builder settingsBuilder1 = Settings.builder();
settingsBuilder1.putList("xpack.security.audit.logfile.events.ignore_filters.BothPrivilegesFilter.index_privileges",
"read");
updateSettings(settingsBuilder1.build(), true);
final Settings.Builder settingsBuilder2 = Settings.builder();
settingsBuilder2.putList("xpack.security.audit.logfile.events.ignore_filters.BothPrivilegesFilter.cluster_privileges", "monitor");
IllegalArgumentException e = expectThrows(IllegalArgumentException.class,
() -> updateSettings(settingsBuilder2.build(), true));
assertThat(e.getMessage(), containsString("illegal value can't update"));
}
public void testDynamicHostSettings() { public void testDynamicHostSettings() {
final boolean persistent = randomBoolean(); final boolean persistent = randomBoolean();
final Settings.Builder settingsBuilder = Settings.builder(); final Settings.Builder settingsBuilder = Settings.builder();