Skip to content

Remove allowTrial flag in license checking #54293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 30, 2020
Merged

Remove allowTrial flag in license checking #54293

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
822731d
Remove allowTrial flag in license checking
rjernst Mar 26, 2020
03c49c2
remove leftover refs to allowTrial
rjernst Mar 26, 2020
4197782
Merge branch 'master' into refactor_license6
rjernst Mar 27, 2020
ee71bdf
Merge branch 'master' into refactor_license6
rjernst Mar 27, 2020
b4463a3
Merge branch 'master' into refactor_license6
rjernst Mar 30, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion x-pack/plugin/core/src/main/java/org/elasticsearch/license/RemoteClusterLicenseChecker.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ public RemoteClusterLicenseChecker(final Client client, final Predicate<License.

public static boolean isAllowedByLicense(final XPackInfoResponse.LicenseInfo licenseInfo) {
final License.OperationMode mode = License.OperationMode.parse(licenseInfo.getMode());
return XPackLicenseState.isAllowedByOperationMode(mode, License.OperationMode.PLATINUM, true);
return XPackLicenseState.isAllowedByOperationMode(mode, License.OperationMode.PLATINUM);
}

/**
Expand Down
50 changes: 24 additions & 26 deletions x-pack/plugin/core/src/main/java/org/elasticsearch/license/XPackLicenseState.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -405,15 +405,15 @@ public boolean isActive() {
* @return true if authentication and authorization should be enabled.
*/
public boolean isAuthAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.BASIC, false, true);
return isAllowedBySecurityAndLicense(OperationMode.BASIC, false);
}

public boolean isIpFilteringAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}

public boolean isAuditingAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}

public boolean isStatsAndHealthAllowed() {
Expand All @@ -434,49 +434,49 @@ public boolean isStatsAndHealthAllowed() {
* @return {@code true} to enable DLS and FLS. Otherwise {@code false}.
*/
public boolean isDocumentAndFieldLevelSecurityAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false);
}

public boolean areAllRealmsAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, false);
}

public boolean areStandardRealmsAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}

public boolean isCustomRoleProvidersAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true);
}

/**
* Whether the Elasticsearch {@code TokenService} is allowed
*/
public boolean isTokenServiceAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false, true);
return isAllowedBySecurityAndLicense(OperationMode.GOLD, false);
}

/**
* Whether the Elasticsearch {@code ApiKeyService} is allowed
*/
public boolean isApiKeyServiceAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.MISSING, false, true);
return isAllowedBySecurityAndLicense(OperationMode.MISSING, false);
}

/**
* Whether "authorization_realms" is allowed
* @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings
*/
public boolean isAuthorizationRealmAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true);
}

/**
* Whether a custom authorization engine is allowed
* @see org.elasticsearch.xpack.core.security.authc.support.DelegatedAuthorizationSettings
*/
public boolean isAuthorizationEngineAllowed() {
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true, true);
return isAllowedBySecurityAndLicense(OperationMode.PLATINUM, true);
}

public boolean isWatcherAllowed() {
Expand Down Expand Up @@ -507,7 +507,7 @@ public boolean isMonitoringClusterAlertsAllowed() {
* @return {@code true} if the user is allowed to modify the retention. Otherwise {@code false}.
*/
public boolean isUpdateRetentionAllowed() {
return isAllowedByLicense(OperationMode.STANDARD, false, true);
return isAllowedByLicense(OperationMode.STANDARD, false);
}

public boolean isGraphAllowed() {
Expand All @@ -519,7 +519,7 @@ public boolean isMachineLearningAllowed() {
}

public static boolean isMachineLearningAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM);
}

public boolean isTransformAllowed() {
Expand All @@ -532,7 +532,7 @@ public static boolean isTransformAllowedForOperationMode(final OperationMode ope
}

public static boolean isFipsAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM);
}

public boolean isRollupAllowed() {
Expand Down Expand Up @@ -667,12 +667,12 @@ public boolean isCcrAllowed() {
}

public static boolean isCcrAllowedForOperationMode(final OperationMode operationMode) {
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM, true);
return isAllowedByOperationMode(operationMode, OperationMode.PLATINUM);
}

public static boolean isAllowedByOperationMode(
final OperationMode operationMode, final OperationMode minimumMode, final boolean allowTrial) {
if (allowTrial && OperationMode.TRIAL == operationMode) {
final OperationMode operationMode, final OperationMode minimumMode) {
if (OperationMode.TRIAL == operationMode) {
return true;
}
return operationMode.compareTo(minimumMode) >= 0;
Expand All @@ -691,16 +691,15 @@ public XPackLicenseState copyCurrentLicenseState() {

/**
* Test whether a feature is allowed by the status of license and security configuration.
* Note the difference to {@link #isAllowedByLicense(OperationMode, boolean, boolean)}
* Note the difference to {@link #isAllowedByLicense(OperationMode, boolean)}
* is this method requires security to be enabled.
*
* @param minimumMode The minimum license to meet or exceed
* @param needActive Whether current license needs to be active.
* @param allowTrial Whether the feature is allowed for trial license
*
* @return true if feature is allowed, otherwise false
*/
private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean needActive, boolean allowTrial) {
private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean needActive) {
return checkAgainstStatus(status -> {
if (false == isSecurityEnabled(status.mode, isSecurityExplicitlyEnabled, isSecurityEnabled)) {
return false;
Expand All @@ -709,7 +708,7 @@ private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean
if (needActive && false == status.active) {
return false;
}
return isAllowedByOperationMode(status.mode, minimumMode, allowTrial);
return isAllowedByOperationMode(status.mode, minimumMode);
});
}

Expand All @@ -720,27 +719,26 @@ private boolean isAllowedBySecurityAndLicense(OperationMode minimumMode, boolean
*
* @param minimumMode The minimum license to meet or exceed
* @param needActive Whether current license needs to be active
* @param allowTrial Whether the feature is allowed for trial license
*
* @return true if feature is allowed, otherwise false
*/
public boolean isAllowedByLicense(OperationMode minimumMode, boolean needActive, boolean allowTrial) {
public boolean isAllowedByLicense(OperationMode minimumMode, boolean needActive) {
return checkAgainstStatus(status -> {
if (needActive && false == status.active) {
return false;
}
return isAllowedByOperationMode(status.mode, minimumMode, allowTrial);
return isAllowedByOperationMode(status.mode, minimumMode);
});
}

/**
* A convenient method to test whether a feature is by license status.
* @see #isAllowedByLicense(OperationMode, boolean, boolean)
* @see #isAllowedByLicense(OperationMode, boolean)
*
* @param minimumMode The minimum license to meet or exceed
*/
public boolean isAllowedByLicense(OperationMode minimumMode) {
return isAllowedByLicense(minimumMode, true, true);
return isAllowedByLicense(minimumMode, true);
}

}
12 changes: 6 additions & 6 deletions ...plugin/core/src/test/java/org/elasticsearch/license/RemoteClusterLicenseCheckerTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ public void testCheckRemoteClusterLicensesGivenCompatibleLicenses() {

final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<RemoteClusterLicenseChecker.LicenseCheck> licenseCheck = new AtomicReference<>();

licenseChecker.checkRemoteClusterLicenses(
Expand Down Expand Up @@ -190,7 +190,7 @@ public void testCheckRemoteClusterLicensesGivenIncompatibleLicense() {

final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<RemoteClusterLicenseChecker.LicenseCheck> licenseCheck = new AtomicReference<>();

licenseChecker.checkRemoteClusterLicenses(
Expand Down Expand Up @@ -237,7 +237,7 @@ public void testCheckRemoteClusterLicencesGivenNonExistentCluster() {

final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<Exception> exception = new AtomicReference<>();

licenseChecker.checkRemoteClusterLicenses(
Expand Down Expand Up @@ -278,7 +278,7 @@ public void testRemoteClusterLicenseCallUsesSystemContext() throws InterruptedEx

final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));

final List<String> remoteClusterAliases = Collections.singletonList("valid");
licenseChecker.checkRemoteClusterLicenses(
Expand Down Expand Up @@ -318,7 +318,7 @@ public void testListenerIsExecutedWithCallingContext() throws InterruptedExcepti

final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));

final AtomicBoolean listenerInvoked = new AtomicBoolean();
threadPool.getThreadContext().putHeader("key", "value");
Expand Down Expand Up @@ -394,7 +394,7 @@ public void testCheckRemoteClusterLicencesNoLicenseMetadata() {

final RemoteClusterLicenseChecker licenseChecker =
new RemoteClusterLicenseChecker(client, operationMode ->
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true));
XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM));
final AtomicReference<Exception> exception = new AtomicReference<>();

licenseChecker.checkRemoteClusterLicenses(
Expand Down
12 changes: 6 additions & 6 deletions ...rc/test/java/org/elasticsearch/xpack/core/common/validation/SourceDestValidatorTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -598,7 +598,7 @@ public void testRemoteSourcePlatinum() throws InterruptedException {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithBasicLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_BASIC + ":" + "SOURCE_1" },
"dest",
"node_id",
Expand Down Expand Up @@ -628,7 +628,7 @@ public void testRemoteSourcePlatinum() throws InterruptedException {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithPlatinumLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_PLATINUM + ":" + "SOURCE_1" },
"dest",
"node_id",
Expand All @@ -649,7 +649,7 @@ public void testRemoteSourcePlatinum() throws InterruptedException {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithPlatinumLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_PLATINUM + ":" + "SOURCE_1" },
"dest",
"node_id",
Expand All @@ -671,7 +671,7 @@ public void testRemoteSourcePlatinum() throws InterruptedException {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithTrialLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_PLATINUM + ":" + "SOURCE_1" },
"dest",
"node_id",
Expand All @@ -695,7 +695,7 @@ public void testRemoteSourceLicenseInActive() throws InterruptedException {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithExpiredBasicLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { REMOTE_BASIC + ":" + "SOURCE_1" },
"dest",
"node_id",
Expand All @@ -722,7 +722,7 @@ public void testRemoteSourceDoesNotExist() throws InterruptedException {
new IndexNameExpressionResolver(),
remoteClusterService,
new RemoteClusterLicenseChecker(clientWithExpiredBasicLicense,
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM, true)),
operationMode -> XPackLicenseState.isAllowedByOperationMode(operationMode, License.OperationMode.PLATINUM)),
new String[] { "non_existing_remote:" + "SOURCE_1" },
"dest",
"node_id",
Expand Down