Skip to content

Commit

Permalink
remote index mismatch test
Browse files Browse the repository at this point in the history
  • Loading branch information
jakelandis committed Apr 11, 2024
1 parent 2798d32 commit 79fa902
Showing 1 changed file with 25 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -398,7 +398,7 @@ public void testCrossClusterQueryWithOnlyRemotePrivs() throws Exception {
populateData();

// Query cluster
final var putRoleRequest = new Request("PUT", "/_security/role/" + REMOTE_SEARCH_ROLE);
var putRoleRequest = new Request("PUT", "/_security/role/" + REMOTE_SEARCH_ROLE);
putRoleRequest.setJsonEntity("""
{
"indices": [{"names": [""], "privileges": ["read_cross_cluster"]}],
Expand All @@ -412,7 +412,7 @@ public void testCrossClusterQueryWithOnlyRemotePrivs() throws Exception {
}""");
assertOK(adminClient().performRequest(putRoleRequest));

// Query cluster
// query appropriate privs
Response response = performRequestWithRemoteSearchUser(esqlRequest("""
FROM my_remote_cluster:employees
| SORT emp_id ASC
Expand All @@ -421,6 +421,28 @@ public void testCrossClusterQueryWithOnlyRemotePrivs() throws Exception {
assertOK(response);
assertRemoteOnlyResults(response);

// without the remote index priv
putRoleRequest.setJsonEntity("""
{
"indices": [{"names": [""], "privileges": ["read_cross_cluster"]}],
"remote_indices": [
{
"names": ["idontexist"],
"privileges": ["read"],
"clusters": ["my_remote_cluster"]
}
]
}""");
assertOK(adminClient().performRequest(putRoleRequest));

ResponseException error = expectThrows(ResponseException.class, () -> performRequestWithRemoteSearchUser(esqlRequest("""
FROM my_remote_cluster:employees
| SORT emp_id ASC
| LIMIT 2
| KEEP emp_id, department""")));
assertThat(error.getResponse().getStatusLine().getStatusCode(), equalTo(400));
assertThat(error.getMessage(), containsString("Unknown index [my_remote_cluster:employees]"));

// no local privs at all will fail
final var putRoleNoLocalPrivs = new Request("PUT", "/_security/role/" + REMOTE_SEARCH_ROLE);
putRoleNoLocalPrivs.setJsonEntity("""
Expand All @@ -436,7 +458,7 @@ public void testCrossClusterQueryWithOnlyRemotePrivs() throws Exception {
}""");
assertOK(adminClient().performRequest(putRoleNoLocalPrivs));

ResponseException error = expectThrows(ResponseException.class, () -> { performRequestWithRemoteSearchUser(esqlRequest("""
error = expectThrows(ResponseException.class, () -> { performRequestWithRemoteSearchUser(esqlRequest("""
FROM my_remote_cluster:employees
| SORT emp_id ASC
| LIMIT 2
Expand Down

0 comments on commit 79fa902

Please sign in to comment.