diff --git a/src/integrationTest/java/org/opensearch/security/FlsAndFieldMaskingTests.java b/src/integrationTest/java/org/opensearch/security/FlsAndFieldMaskingTests.java index 0868e82c8d..71a1e21444 100644 --- a/src/integrationTest/java/org/opensearch/security/FlsAndFieldMaskingTests.java +++ b/src/integrationTest/java/org/opensearch/security/FlsAndFieldMaskingTests.java @@ -282,6 +282,13 @@ public class FlsAndFieldMaskingTests { "inclusive_exclusive_masked_user" ).roles(ROLE_ONLY_FIELD_TITLE_FLS, ROLE_NO_FIELD_TITLE_FLS, ROLE_ONLY_FIELD_TITLE_MASKED); + static final TestSecurityConfig.User USER_FLS_INCLUDE_STARS = new TestSecurityConfig.User("fls_include_stars_reader").roles( + new TestSecurityConfig.Role("fls_include_stars_reader").clusterPermissions("cluster_composite_ops_ro") + .indexPermissions("read") + .fls(FIELD_STARS) + .on("*") + ); + @ClassRule public static final LocalCluster cluster = new LocalCluster.Builder().clusterManager(ClusterManager.THREE_CLUSTER_MANAGERS) .anonymousAuth(false) @@ -303,7 +310,8 @@ public class FlsAndFieldMaskingTests { USER_BOTH_ONLY_AND_NO_FIELD_TITLE_FLS, USER_BOTH_ONLY_FIELD_TITLE_FLS_ONLY_FIELD_TITLE_MASKED, USER_BOTH_NO_FIELD_TITLE_FLS_ONLY_FIELD_TITLE_MASKED, - USER_ALL_ONLY_AND_NO_FIELD_TITLE_FLS_ONLY_FIELD_TITLE_MASKED + USER_ALL_ONLY_AND_NO_FIELD_TITLE_FLS_ONLY_FIELD_TITLE_MASKED, + USER_FLS_INCLUDE_STARS ) .build(); @@ -1727,13 +1735,9 @@ private void assertProperSearchResponseForTitleFieldMaskingAndNoTitleFieldAndOnl @Test public void flsWithIncludesRulesIncludesFieldMappersFromPlugins() throws IOException { String indexName = "fls_includes_index"; - TestSecurityConfig.Role userRole = new TestSecurityConfig.Role("fls_include_stars_reader").clusterPermissions( - "cluster_composite_ops_ro" - ).indexPermissions("read").fls(FIELD_STARS).on("*"); - TestSecurityConfig.User user = createUserWithRole("fls_includes_user", userRole); List docIds = createIndexWithDocs(indexName, SONGS[0], SONGS[1]); - try (RestHighLevelClient restHighLevelClient = cluster.getRestHighLevelClient(user)) { + try (RestHighLevelClient restHighLevelClient = cluster.getRestHighLevelClient(USER_FLS_INCLUDE_STARS)) { SearchRequest searchRequest = new SearchRequest(indexName); SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder(); MatchAllQueryBuilder matchAllQueryBuilder = QueryBuilders.matchAllQuery(); @@ -1750,11 +1754,7 @@ public void flsWithIncludesRulesIncludesFieldMappersFromPlugins() throws IOExcep @Test public void testFlsOnAClosedAndReopenedIndex() throws IOException { - String indexName = "fls_includes_index"; - TestSecurityConfig.Role userRole = new TestSecurityConfig.Role("fls_include_stars_reader").clusterPermissions( - "cluster_composite_ops_ro" - ).indexPermissions("read").fls(FIELD_STARS).on("*"); - TestSecurityConfig.User user = createUserWithRole("fls_includes_user", userRole); + String indexName = "fls_includes_index2"; List docIds = createIndexWithDocs(indexName, SONGS[0], SONGS[1]); try (TestRestClient client = cluster.getRestClient(ADMIN_USER)) { @@ -1763,7 +1763,7 @@ public void testFlsOnAClosedAndReopenedIndex() throws IOException { logsRule.assertThatContainExactly(indexName + " was closed. Setting metadataFields to empty. Closed index is not searchable."); } - try (RestHighLevelClient restHighLevelClient = cluster.getRestHighLevelClient(user)) { + try (RestHighLevelClient restHighLevelClient = cluster.getRestHighLevelClient(USER_FLS_INCLUDE_STARS)) { SearchRequest searchRequest = new SearchRequest(indexName); SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder(); MatchAllQueryBuilder matchAllQueryBuilder = QueryBuilders.matchAllQuery();