diff --git a/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/SampleExtensionPlugin.java b/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/SampleExtensionPlugin.java index 37530e0f2c..10bcbed1fa 100644 --- a/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/SampleExtensionPlugin.java +++ b/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/SampleExtensionPlugin.java @@ -91,8 +91,7 @@ public Collection createComponents( this.client = client; if (SampleResourceSharingServiceProvider.getInstance().get() == null) { System.out.println("Using DefaultResourceSharingService"); - SampleResourceSharingServiceProvider.getInstance() - .set(new DefaultResourceSharingService<>(client, RESOURCE_INDEX_NAME, new SampleResourceParser(), xContentRegistry)); + SampleResourceSharingServiceProvider.getInstance().set(new DefaultResourceSharingService<>()); } System.out.println( "SampleResourceSharingServiceProvider.getInstance(): " + SampleResourceSharingServiceProvider.getInstance().get() diff --git a/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/get/GetSampleResourceTransportAction.java b/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/get/GetSampleResourceTransportAction.java index 5ea29634e7..12d470abf5 100644 --- a/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/get/GetSampleResourceTransportAction.java +++ b/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/get/GetSampleResourceTransportAction.java @@ -12,12 +12,17 @@ import org.apache.logging.log4j.Logger; import org.opensearch.action.support.ActionFilters; +import org.opensearch.client.Client; import org.opensearch.common.inject.Inject; +import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.security.sampleextension.resource.SampleResource; +import org.opensearch.security.sampleextension.resource.SampleResourceParser; import org.opensearch.security.sampleextension.resource.SampleResourceSharingServiceProvider; import org.opensearch.security.spi.actions.resource.get.GetResourceTransportAction; import org.opensearch.transport.TransportService; +import static org.opensearch.security.sampleextension.SampleExtensionPlugin.RESOURCE_INDEX_NAME; + /** * Transport action for GetSampleResource. */ @@ -28,8 +33,19 @@ public class GetSampleResourceTransportAction extends GetResourceTransportAction public GetSampleResourceTransportAction( TransportService transportService, ActionFilters actionFilters, - SampleResourceSharingServiceProvider resourceSharingService + SampleResourceSharingServiceProvider resourceSharingService, + Client client, + NamedXContentRegistry xContentRegistry ) { - super(transportService, actionFilters, GetSampleResourceAction.NAME, resourceSharingService.get()); + super( + transportService, + actionFilters, + GetSampleResourceAction.NAME, + RESOURCE_INDEX_NAME, + resourceSharingService.get(), + new SampleResourceParser(), + client, + xContentRegistry + ); } } diff --git a/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/list/ListSampleResourceTransportAction.java b/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/list/ListSampleResourceTransportAction.java index c8004f48e2..821a26a2b7 100644 --- a/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/list/ListSampleResourceTransportAction.java +++ b/sample-extension-plugin/src/main/java/org/opensearch/security/sampleextension/actions/list/ListSampleResourceTransportAction.java @@ -12,12 +12,17 @@ import org.apache.logging.log4j.Logger; import org.opensearch.action.support.ActionFilters; +import org.opensearch.client.Client; import org.opensearch.common.inject.Inject; +import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.security.sampleextension.resource.SampleResource; +import org.opensearch.security.sampleextension.resource.SampleResourceParser; import org.opensearch.security.sampleextension.resource.SampleResourceSharingServiceProvider; import org.opensearch.security.spi.actions.resource.list.ListResourceTransportAction; import org.opensearch.transport.TransportService; +import static org.opensearch.security.sampleextension.SampleExtensionPlugin.RESOURCE_INDEX_NAME; + /** * Transport action for ListSampleResource. */ @@ -28,8 +33,19 @@ public class ListSampleResourceTransportAction extends ListResourceTransportActi public ListSampleResourceTransportAction( TransportService transportService, ActionFilters actionFilters, - SampleResourceSharingServiceProvider resourceSharingService + SampleResourceSharingServiceProvider resourceSharingService, + NamedXContentRegistry xContentRegistry, + Client client ) { - super(transportService, actionFilters, ListSampleResourceAction.NAME, resourceSharingService.get()); + super( + transportService, + actionFilters, + ListSampleResourceAction.NAME, + RESOURCE_INDEX_NAME, + resourceSharingService.get(), + new SampleResourceParser(), + client, + xContentRegistry + ); } } diff --git a/spi/src/main/java/org/opensearch/security/spi/DefaultResourceSharingService.java b/spi/src/main/java/org/opensearch/security/spi/DefaultResourceSharingService.java index 34167d3b69..ef40b0ae56 100644 --- a/spi/src/main/java/org/opensearch/security/spi/DefaultResourceSharingService.java +++ b/spi/src/main/java/org/opensearch/security/spi/DefaultResourceSharingService.java @@ -1,113 +1,11 @@ package org.opensearch.security.spi; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import org.opensearch.OpenSearchException; -import org.opensearch.action.get.GetRequest; -import org.opensearch.action.get.GetResponse; -import org.opensearch.action.search.SearchRequest; -import org.opensearch.action.search.SearchResponse; -import org.opensearch.client.Client; -import org.opensearch.common.util.concurrent.ThreadContext; -import org.opensearch.common.xcontent.LoggingDeprecationHandler; -import org.opensearch.common.xcontent.XContentHelper; -import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.action.ActionListener; -import org.opensearch.core.xcontent.NamedXContentRegistry; -import org.opensearch.core.xcontent.XContentParser; -import org.opensearch.index.query.MatchAllQueryBuilder; -import org.opensearch.search.SearchHit; -import org.opensearch.search.builder.SearchSourceBuilder; public class DefaultResourceSharingService implements ResourceSharingService { - private final Client client; - private final String resourceIndex; - private final ResourceParser resourceParser; - private final NamedXContentRegistry xContentRegistry; - - public DefaultResourceSharingService( - Client client, - String resourceIndex, - ResourceParser resourceParser, - NamedXContentRegistry xContentRegistry - ) { - this.client = client; - this.resourceIndex = resourceIndex; - this.resourceParser = resourceParser; - this.xContentRegistry = xContentRegistry; - } - - @SuppressWarnings("unchecked") - @Override - public void listResources(ActionListener> listResourceListener) { - try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { - SearchRequest sr = new SearchRequest(resourceIndex); - SearchSourceBuilder matchAllQuery = new SearchSourceBuilder(); - matchAllQuery.query(new MatchAllQueryBuilder()); - sr.source(matchAllQuery); - /* Index already exists, ignore and continue */ - ActionListener searchListener = new ActionListener() { - @Override - public void onResponse(SearchResponse searchResponse) { - List resources = new ArrayList<>(); - for (SearchHit hit : searchResponse.getHits().getHits()) { - try { - XContentParser parser = XContentHelper.createParser( - xContentRegistry, - LoggingDeprecationHandler.INSTANCE, - hit.getSourceRef(), - XContentType.JSON - ); - T resource = resourceParser.parse(parser, hit.getId()); - resources.add(resource); - } catch (IOException e) { - throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); - } - } - listResourceListener.onResponse(resources); - } - - @Override - public void onFailure(Exception e) { - throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); - } - }; - client.search(sr, searchListener); - } - } - @SuppressWarnings("unchecked") @Override - public void getResource(String resourceId, ActionListener getResourceListener) { - try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { - GetRequest gr = new GetRequest(resourceIndex); - gr.id(resourceId); - /* Index already exists, ignore and continue */ - ActionListener getListener = new ActionListener() { - @Override - public void onResponse(GetResponse getResponse) { - try { - XContentParser parser = XContentHelper.createParser( - xContentRegistry, - LoggingDeprecationHandler.INSTANCE, - getResponse.getSourceAsBytesRef(), - XContentType.JSON - ); - T resource = resourceParser.parse(parser, getResponse.getId()); - getResourceListener.onResponse(resource); - } catch (IOException e) { - throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); - } - } - - @Override - public void onFailure(Exception e) { - throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); - } - }; - client.get(gr, getListener); - } + public void hasResourceBeenSharedWith(String resourceId, ActionListener resourceSharingListener) { + resourceSharingListener.onResponse(Boolean.TRUE); } } diff --git a/spi/src/main/java/org/opensearch/security/spi/ResourceDocVersion.java b/spi/src/main/java/org/opensearch/security/spi/ResourceDocVersion.java index 80aabd8011..f321c2de0b 100644 --- a/spi/src/main/java/org/opensearch/security/spi/ResourceDocVersion.java +++ b/spi/src/main/java/org/opensearch/security/spi/ResourceDocVersion.java @@ -16,6 +16,8 @@ import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.core.common.io.stream.Writeable; +// TODO Job Scheduler keeps track of doc version. Should this keep track of version similarly? + /** * Structure to represent resource document version. */ diff --git a/spi/src/main/java/org/opensearch/security/spi/ResourceSharingService.java b/spi/src/main/java/org/opensearch/security/spi/ResourceSharingService.java index 6faabaeee7..d2452a58bc 100644 --- a/spi/src/main/java/org/opensearch/security/spi/ResourceSharingService.java +++ b/spi/src/main/java/org/opensearch/security/spi/ResourceSharingService.java @@ -1,12 +1,7 @@ package org.opensearch.security.spi; -import java.util.List; - import org.opensearch.core.action.ActionListener; public interface ResourceSharingService { - - void listResources(ActionListener> listResourceListener); - - void getResource(String resourceId, ActionListener getResourceListener); + void hasResourceBeenSharedWith(String resourceId, ActionListener resourceSharingListener); } diff --git a/spi/src/main/java/org/opensearch/security/spi/actions/resource/get/GetResourceTransportAction.java b/spi/src/main/java/org/opensearch/security/spi/actions/resource/get/GetResourceTransportAction.java index bb5e5ba934..2dc97f946a 100644 --- a/spi/src/main/java/org/opensearch/security/spi/actions/resource/get/GetResourceTransportAction.java +++ b/spi/src/main/java/org/opensearch/security/spi/actions/resource/get/GetResourceTransportAction.java @@ -8,13 +8,26 @@ package org.opensearch.security.spi.actions.resource.get; +import java.io.IOException; + import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.opensearch.OpenSearchException; +import org.opensearch.action.get.GetRequest; +import org.opensearch.action.get.GetResponse; import org.opensearch.action.support.ActionFilters; import org.opensearch.action.support.HandledTransportAction; +import org.opensearch.client.Client; +import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.common.xcontent.LoggingDeprecationHandler; +import org.opensearch.common.xcontent.XContentHelper; +import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.action.ActionListener; +import org.opensearch.core.xcontent.NamedXContentRegistry; +import org.opensearch.core.xcontent.XContentParser; import org.opensearch.security.spi.Resource; +import org.opensearch.security.spi.ResourceParser; import org.opensearch.security.spi.ResourceSharingService; import org.opensearch.tasks.Task; import org.opensearch.transport.TransportService; @@ -27,14 +40,30 @@ public class GetResourceTransportAction extends HandledTrans private final ResourceSharingService resourceSharingService; + private final ResourceParser resourceParser; + + private final String resourceIndex; + + private final Client client; + + private final NamedXContentRegistry xContentRegistry; + public GetResourceTransportAction( TransportService transportService, ActionFilters actionFilters, String actionName, - ResourceSharingService resourceSharingService + String resourceIndex, + ResourceSharingService resourceSharingService, + ResourceParser resourceParser, + Client client, + NamedXContentRegistry xContentRegistry ) { super(actionName, transportService, actionFilters, GetResourceRequest::new); this.resourceSharingService = resourceSharingService; + this.resourceParser = resourceParser; + this.resourceIndex = resourceIndex; + this.client = client; + this.xContentRegistry = xContentRegistry; } @Override @@ -43,10 +72,58 @@ protected void doExecute(Task task, GetResourceRequest request, ActionListener> listener) { - ActionListener getResourceListener = ActionListener.wrap(sampleResource -> { - System.out.println("sampleResource: " + sampleResource); - listener.onResponse(new GetResourceResponse(sampleResource)); + ActionListener getResourceListener = ActionListener.wrap(resource -> { + System.out.println("resource: " + resource); + listener.onResponse(new GetResourceResponse(resource)); }, listener::onFailure); - resourceSharingService.getResource(request.getResourceId(), getResourceListener); + + try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { + GetRequest gr = new GetRequest(resourceIndex); + gr.id(request.getResourceId()); + ActionListener getListener = new ActionListener<>() { + @Override + public void onResponse(GetResponse getResponse) { + try { + XContentParser parser = XContentHelper.createParser( + xContentRegistry, + LoggingDeprecationHandler.INSTANCE, + getResponse.getSourceAsBytesRef(), + XContentType.JSON + ); + T resource = resourceParser.parse(parser, getResponse.getId()); + ActionListener shareListener = new ActionListener<>() { + @Override + public void onResponse(Boolean isShared) { + if (isShared) { + getResourceListener.onResponse(resource); + } else { + getResourceListener.onFailure( + new OpenSearchException("User is not authorized to access this resource") + ); + } + } + + @Override + public void onFailure(Exception e) { + getResourceListener.onFailure( + new OpenSearchException("Failed to check sharing status: " + e.getMessage(), e) + ); + } + }; + + resourceSharingService.hasResourceBeenSharedWith(request.getResourceId(), shareListener); + } catch (IOException e) { + throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); + } + } + + @Override + public void onFailure(Exception e) { + throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); + } + }; + client.get(gr, getListener); + } + // resourceSharingService.getResource(request.getResourceId(), getResourceListener); } } diff --git a/spi/src/main/java/org/opensearch/security/spi/actions/resource/list/ListResourceTransportAction.java b/spi/src/main/java/org/opensearch/security/spi/actions/resource/list/ListResourceTransportAction.java index c843678598..77c4027d4a 100644 --- a/spi/src/main/java/org/opensearch/security/spi/actions/resource/list/ListResourceTransportAction.java +++ b/spi/src/main/java/org/opensearch/security/spi/actions/resource/list/ListResourceTransportAction.java @@ -8,12 +8,29 @@ package org.opensearch.security.spi.actions.resource.list; +import java.io.IOException; +import java.util.ArrayList; import java.util.List; +import java.util.concurrent.atomic.AtomicInteger; +import org.opensearch.OpenSearchException; +import org.opensearch.action.search.SearchRequest; +import org.opensearch.action.search.SearchResponse; import org.opensearch.action.support.ActionFilters; import org.opensearch.action.support.HandledTransportAction; +import org.opensearch.client.Client; +import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.common.xcontent.LoggingDeprecationHandler; +import org.opensearch.common.xcontent.XContentHelper; +import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.action.ActionListener; +import org.opensearch.core.xcontent.NamedXContentRegistry; +import org.opensearch.core.xcontent.XContentParser; +import org.opensearch.index.query.MatchAllQueryBuilder; +import org.opensearch.search.SearchHit; +import org.opensearch.search.builder.SearchSourceBuilder; import org.opensearch.security.spi.Resource; +import org.opensearch.security.spi.ResourceParser; import org.opensearch.security.spi.ResourceSharingService; import org.opensearch.tasks.Task; import org.opensearch.transport.TransportService; @@ -24,22 +41,106 @@ public class ListResourceTransportAction extends HandledTransportAction> { private final ResourceSharingService resourceSharingService; + private final ResourceParser resourceParser; + + private final Client client; + + private final String resourceIndex; + + private final NamedXContentRegistry xContentRegistry; + public ListResourceTransportAction( TransportService transportService, ActionFilters actionFilters, String actionName, - ResourceSharingService resourceSharingService + String resourceIndex, + ResourceSharingService resourceSharingService, + ResourceParser resourceParser, + Client client, + NamedXContentRegistry xContentRegistry ) { super(actionName, transportService, actionFilters, ListResourceRequest::new); + this.client = client; this.resourceSharingService = resourceSharingService; + this.resourceIndex = resourceIndex; + this.xContentRegistry = xContentRegistry; + this.resourceParser = resourceParser; } @Override protected void doExecute(Task task, ListResourceRequest request, ActionListener> listener) { - ActionListener> sampleResourceListener = ActionListener.wrap(sampleResourcesList -> { - System.out.println("sampleResourcesList: " + sampleResourcesList); - listener.onResponse(new ListResourceResponse(sampleResourcesList)); + ActionListener> listResourceListener = ActionListener.wrap(resourcesList -> { + System.out.println("resourcesList: " + resourcesList); + listener.onResponse(new ListResourceResponse<>(resourcesList)); }, listener::onFailure); - resourceSharingService.listResources(sampleResourceListener); + try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { + SearchRequest sr = new SearchRequest(resourceIndex); + SearchSourceBuilder matchAllQuery = new SearchSourceBuilder(); + matchAllQuery.query(new MatchAllQueryBuilder()); + sr.source(matchAllQuery); + ActionListener searchListener = new ActionListener<>() { + @Override + public void onResponse(SearchResponse searchResponse) { + List resources = new ArrayList<>(); + + SearchHit[] hits = searchResponse.getHits().getHits(); + + if (hits.length == 0) { + listResourceListener.onResponse(resources); + return; + } + + AtomicInteger remainingChecks = new AtomicInteger(hits.length); + + for (SearchHit hit : hits) { + try { + XContentParser parser = XContentHelper.createParser( + xContentRegistry, + LoggingDeprecationHandler.INSTANCE, + hit.getSourceRef(), + XContentType.JSON + ); + T resource = resourceParser.parse(parser, hit.getId()); + + ActionListener shareListener = new ActionListener<>() { + @Override + public void onResponse(Boolean isShared) { + if (isShared) { + synchronized (resources) { + resources.add(resource); + } + } + if (remainingChecks.decrementAndGet() == 0) { + listResourceListener.onResponse(resources); + } + } + + @Override + public void onFailure(Exception e) { + listResourceListener.onFailure( + new OpenSearchException("Failed to check sharing status: " + e.getMessage(), e) + ); + } + }; + + resourceSharingService.hasResourceBeenSharedWith(hit.getId(), shareListener); + + } catch (IOException e) { + listResourceListener.onFailure( + new OpenSearchException("Caught exception while loading resources: " + e.getMessage(), e) + ); + return; + } + } + listResourceListener.onResponse(resources); + } + + @Override + public void onFailure(Exception e) { + throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); + } + }; + client.search(sr, searchListener); + } } } diff --git a/src/main/java/org/opensearch/security/resource/SecurityResourceSharingService.java b/src/main/java/org/opensearch/security/resource/SecurityResourceSharingService.java index c44ea872ba..46b1ebc730 100644 --- a/src/main/java/org/opensearch/security/resource/SecurityResourceSharingService.java +++ b/src/main/java/org/opensearch/security/resource/SecurityResourceSharingService.java @@ -12,16 +12,11 @@ package org.opensearch.security.resource; import java.io.IOException; -import java.util.ArrayList; -import java.util.List; import org.opensearch.OpenSearchException; import org.opensearch.ResourceNotFoundException; import org.opensearch.action.get.GetRequest; import org.opensearch.action.get.GetResponse; -import org.opensearch.action.get.MultiGetItemResponse; -import org.opensearch.action.get.MultiGetRequest; -import org.opensearch.action.get.MultiGetResponse; import org.opensearch.action.search.SearchRequest; import org.opensearch.action.search.SearchResponse; import org.opensearch.client.Client; @@ -85,110 +80,11 @@ private boolean hasPermissionsFor(User authenticatedUser, ResourceSharingEntry s return false; } - @SuppressWarnings("unchecked") @Override - public void listResources(ActionListener> listResourceListener) { - User authenticatedUser = client.threadPool().getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER); - try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { - SearchRequest rsr = new SearchRequest(RESOURCE_SHARING_INDEX); - BoolQueryBuilder boolQuery = QueryBuilders.boolQuery(); - - // 1. The resource_user is the currently authenticated user - boolQuery.should(QueryBuilders.termQuery("resource_user.name", authenticatedUser.getName())); - - // 2. The resource has been shared with the authenticated user - boolQuery.should(QueryBuilders.termQuery("share_with.users", authenticatedUser.getName())); - - // 3. The resource has been shared with a backend role that the authenticated user has - if (!authenticatedUser.getRoles().isEmpty()) { - BoolQueryBuilder roleQuery = QueryBuilders.boolQuery(); - for (String role : authenticatedUser.getRoles()) { - roleQuery.should(QueryBuilders.termQuery("share_with.backend_roles", role)); - } - boolQuery.should(roleQuery); - } - - // Set minimum should match to 1 to ensure at least one of the conditions is met - boolQuery.minimumShouldMatch(1); - - SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder(); - searchSourceBuilder.query(boolQuery); - rsr.source(searchSourceBuilder); - - ActionListener searchListener = new ActionListener() { - @Override - public void onResponse(SearchResponse searchResponse) { - List resources = new ArrayList<>(); - List resourceIds = new ArrayList<>(); - for (SearchHit hit : searchResponse.getHits().getHits()) { - resourceIds.add((String) hit.getSourceAsMap().get("resource_id")); - } - if (resourceIds.isEmpty()) { - listResourceListener.onResponse(resources); - } - - final MultiGetRequest mget = new MultiGetRequest(); - - for (String resourceId : resourceIds) { - mget.add(resourceIndex, resourceId); - } - - mget.refresh(true); - mget.realtime(true); - - client.multiGet(mget, new ActionListener() { - @Override - public void onResponse(MultiGetResponse response) { - MultiGetItemResponse[] responses = response.getResponses(); - for (MultiGetItemResponse singleResponse : responses) { - if (singleResponse != null && !singleResponse.isFailed()) { - GetResponse singleGetResponse = singleResponse.getResponse(); - if (singleGetResponse.isExists() && !singleGetResponse.isSourceEmpty()) { - try { - XContentParser parser = XContentHelper.createParser( - xContentRegistry, - LoggingDeprecationHandler.INSTANCE, - singleGetResponse.getSourceAsBytesRef(), - XContentType.JSON - ); - T resource = resourceParser.parse(parser, singleGetResponse.getId()); - resources.add(resource); - } catch (IOException e) { - throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); - } - } else { - // does not exist or empty source - continue; - } - } else { - // failure - continue; - } - } - listResourceListener.onResponse(resources); - } - - @Override - public void onFailure(Exception e) { - listResourceListener.onFailure(e); - } - }); - - } - - @Override - public void onFailure(Exception e) { - throw new OpenSearchException("Caught exception while loading resources: " + e.getMessage()); - } - }; - client.search(rsr, searchListener); - } - } - - @SuppressWarnings("unchecked") - @Override - public void getResource(String resourceId, ActionListener getResourceListener) { - User authenticatedUser = client.threadPool().getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER); + public void hasResourceBeenSharedWith(String resourceId, ActionListener resourceSharingListener) { + User authenticatedUser = (User) client.threadPool() + .getThreadContext() + .getPersistent(ConfigConstants.OPENDISTRO_SECURITY_AUTHENTICATED_USER); try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { SearchRequest searchRequest = new SearchRequest(RESOURCE_SHARING_INDEX); SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder(); @@ -200,7 +96,7 @@ public void getResource(String resourceId, ActionListener getResourceListener searchSourceBuilder.size(1); // Limit to 1 result searchRequest.source(searchSourceBuilder); - ActionListener searchListener = new ActionListener() { + ActionListener searchListener = new ActionListener<>() { @Override public void onResponse(SearchResponse searchResponse) { SearchHit[] hits = searchResponse.getHits().getHits(); @@ -208,12 +104,12 @@ public void onResponse(SearchResponse searchResponse) { SearchHit hit = hits[0]; ResourceSharingEntry sharedWith = ResourceSharingEntry.fromSource(hit.getSourceAsMap()); if (hasPermissionsFor(authenticatedUser, sharedWith)) { - finishGetResourceIfUserIsAllowed(resourceId, getResourceListener); + resourceSharingListener.onResponse(Boolean.TRUE); } else { - getResourceListener.onFailure(new OpenSearchException("User is not authorized to access this resource")); + resourceSharingListener.onResponse(Boolean.FALSE); } } else { - getResourceListener.onFailure(new ResourceNotFoundException("Resource not found")); + resourceSharingListener.onFailure(new ResourceNotFoundException("Resource not found")); } } @@ -231,8 +127,7 @@ private void finishGetResourceIfUserIsAllowed(String resourceId, ActionListener< try (ThreadContext.StoredContext ignore = client.threadPool().getThreadContext().stashContext()) { GetRequest gr = new GetRequest(resourceIndex); gr.id(resourceId); - /* Index already exists, ignore and continue */ - ActionListener getListener = new ActionListener() { + ActionListener getListener = new ActionListener<>() { @Override public void onResponse(GetResponse getResponse) { try {