"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/SearchRequestInterceptor.java" between
elasticsearch-6.8.14-src.tar.gz and elasticsearch-6.8.15-src.tar.gz

About: elasticsearch is a Distributed, RESTful, Search Engine built on top of Apache Lucene. Source package (GitHub).

SearchRequestInterceptor.java  (elasticsearch-6.8.14-src):SearchRequestInterceptor.java  (elasticsearch-6.8.15-src)
skipping to change at line 14 skipping to change at line 14
* you may not use this file except in compliance with the Elastic License. * you may not use this file except in compliance with the Elastic License.
*/ */
package org.elasticsearch.xpack.security.authz.interceptor; package org.elasticsearch.xpack.security.authz.interceptor;
import org.elasticsearch.ElasticsearchSecurityException; import org.elasticsearch.ElasticsearchSecurityException;
import org.elasticsearch.action.ActionListener; import org.elasticsearch.action.ActionListener;
import org.elasticsearch.action.IndicesRequest; import org.elasticsearch.action.IndicesRequest;
import org.elasticsearch.action.search.SearchRequest; import org.elasticsearch.action.search.SearchRequest;
import org.elasticsearch.license.XPackLicenseState; import org.elasticsearch.license.XPackLicenseState;
import org.elasticsearch.rest.RestStatus; import org.elasticsearch.rest.RestStatus;
import org.elasticsearch.search.builder.SearchSourceBuilder;
import org.elasticsearch.search.internal.ShardSearchTransportRequest;
import org.elasticsearch.threadpool.ThreadPool; import org.elasticsearch.threadpool.ThreadPool;
/** /**
* If field level security is enabled this interceptor disables the request cach e for search requests. * If field level security is enabled this interceptor disables the request cach e for search requests.
*/ */
public class SearchRequestInterceptor extends FieldAndDocumentLevelSecurityReque stInterceptor { public class SearchRequestInterceptor extends FieldAndDocumentLevelSecurityReque stInterceptor {
public SearchRequestInterceptor(ThreadPool threadPool, XPackLicenseState lic enseState) { public SearchRequestInterceptor(ThreadPool threadPool, XPackLicenseState lic enseState) {
super(threadPool.getThreadContext(), licenseState); super(threadPool.getThreadContext(), licenseState);
} }
@Override @Override
public void disableFeatures(IndicesRequest indicesRequest, boolean fieldLeve lSecurityEnabled, boolean documentLevelSecurityEnabled, public void disableFeatures(IndicesRequest indicesRequest, boolean fieldLeve lSecurityEnabled, boolean documentLevelSecurityEnabled,
ActionListener<Void> listener) { ActionListener<Void> listener) {
final SearchRequest request = (SearchRequest) indicesRequest;
request.requestCache(false); assert indicesRequest instanceof SearchRequest || indicesRequest instanc
eof ShardSearchTransportRequest
: "request must be either SearchRequest or ShardSearchTransportReque
st";
final SearchSourceBuilder source;
if (indicesRequest instanceof SearchRequest) {
final SearchRequest request = (SearchRequest) indicesRequest;
request.requestCache(false);
source = request.source();
} else {
final ShardSearchTransportRequest request = (ShardSearchTransportReq
uest) indicesRequest;
request.requestCache(false);
source = request.source();
}
if (documentLevelSecurityEnabled) { if (documentLevelSecurityEnabled) {
if (request.source() != null && request.source().suggest() != null) { if (source != null && source.suggest() != null) {
listener.onFailure(new ElasticsearchSecurityException("Suggest i sn't supported if document level security is enabled", listener.onFailure(new ElasticsearchSecurityException("Suggest i sn't supported if document level security is enabled",
RestStatus.BAD_REQUEST)); RestStatus.BAD_REQUEST));
} else if (request.source() != null && request.source().profile()) { } else if (source != null && source.profile()) {
listener.onFailure(new ElasticsearchSecurityException("A search request cannot be profiled if document level security " + listener.onFailure(new ElasticsearchSecurityException("A search request cannot be profiled if document level security " +
"is enabled", RestStatus.BAD_REQUEST)); "is enabled", RestStatus.BAD_REQUEST));
} else { } else {
listener.onResponse(null); listener.onResponse(null);
} }
} else { } else {
listener.onResponse(null); listener.onResponse(null);
} }
} }
@Override @Override
public boolean supports(IndicesRequest request) { public boolean supports(IndicesRequest request) {
return request instanceof SearchRequest; return request instanceof SearchRequest || request instanceof ShardSearc hTransportRequest;
} }
} }
 End of changes. 5 change blocks. 
5 lines changed or deleted 22 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)