-
Notifications
You must be signed in to change notification settings - Fork 274
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds integration tests for FLS DLS field masking Signed-off-by: Kacper Trochimiak <kacper.trochimiak@eliatra.com>
- Loading branch information
1 parent
cc45b04
commit 5116d99
Showing
24 changed files
with
1,584 additions
and
85 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
975 changes: 975 additions & 0 deletions
975
src/integrationTest/java/org/opensearch/security/FlsDlsAndFieldMaskingTest.java
Large diffs are not rendered by default.
Oops, something went wrong.
113 changes: 55 additions & 58 deletions
113
src/integrationTest/java/org/opensearch/security/SearchOperationTest.java
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
...grationTest/java/org/opensearch/test/framework/matcher/ContainsExactlyIndicesMatcher.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* The OpenSearch Contributors require contributions made to | ||
* this file be licensed under the Apache-2.0 license or a | ||
* compatible open source license. | ||
* | ||
*/ | ||
package org.opensearch.test.framework.matcher; | ||
|
||
import java.util.Set; | ||
|
||
import org.hamcrest.Description; | ||
import org.hamcrest.TypeSafeDiagnosingMatcher; | ||
|
||
import org.opensearch.action.fieldcaps.FieldCapabilitiesResponse; | ||
|
||
import static java.util.Objects.isNull; | ||
|
||
class ContainsExactlyIndicesMatcher extends TypeSafeDiagnosingMatcher<FieldCapabilitiesResponse> { | ||
|
||
private final Set<String> expectedIndices; | ||
|
||
ContainsExactlyIndicesMatcher(String... expectedIndices) { | ||
if (isNull(expectedIndices) || expectedIndices.length == 0) { | ||
throw new IllegalArgumentException("expectedIndices cannot be null or empty"); | ||
} | ||
this.expectedIndices = Set.of(expectedIndices); | ||
} | ||
|
||
@Override | ||
protected boolean matchesSafely(FieldCapabilitiesResponse response, Description mismatchDescription) { | ||
Set<String> actualIndices = Set.of(response.getIndices()); | ||
if (!expectedIndices.equals(actualIndices)) { | ||
mismatchDescription.appendText("Actual indices: ").appendValue(actualIndices); | ||
return false; | ||
} | ||
return true; | ||
} | ||
|
||
@Override | ||
public void describeTo(Description description) { | ||
description.appendText("Response contains indices: ").appendValue(expectedIndices); | ||
} | ||
} |
51 changes: 51 additions & 0 deletions
51
...egrationTest/java/org/opensearch/test/framework/matcher/ContainsFieldWithTypeMatcher.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* The OpenSearch Contributors require contributions made to | ||
* this file be licensed under the Apache-2.0 license or a | ||
* compatible open source license. | ||
* | ||
*/ | ||
package org.opensearch.test.framework.matcher; | ||
|
||
import java.util.Map; | ||
|
||
import org.hamcrest.Description; | ||
import org.hamcrest.TypeSafeDiagnosingMatcher; | ||
|
||
import org.opensearch.action.fieldcaps.FieldCapabilities; | ||
import org.opensearch.action.fieldcaps.FieldCapabilitiesResponse; | ||
|
||
import static java.util.Objects.requireNonNull; | ||
|
||
class ContainsFieldWithTypeMatcher extends TypeSafeDiagnosingMatcher<FieldCapabilitiesResponse> { | ||
|
||
private final String expectedFieldName; | ||
private final String expectedFieldType; | ||
|
||
ContainsFieldWithTypeMatcher(String expectedFieldName, String expectedFieldType) { | ||
this.expectedFieldName = requireNonNull(expectedFieldName, "Field name is required");; | ||
this.expectedFieldType = requireNonNull(expectedFieldType, "Field type is required");; | ||
} | ||
|
||
@Override | ||
protected boolean matchesSafely(FieldCapabilitiesResponse response, Description mismatchDescription) { | ||
Map<String, Map<String, FieldCapabilities>> fieldCapabilitiesMap = response.get(); | ||
if (!fieldCapabilitiesMap.containsKey(expectedFieldName)) { | ||
mismatchDescription.appendText("Response does not contain field with name ").appendText(expectedFieldName); | ||
return false; | ||
} | ||
if (!fieldCapabilitiesMap.get(expectedFieldName).containsKey(expectedFieldType)) { | ||
mismatchDescription.appendText("Field type does not match ").appendText(expectedFieldType); | ||
return false; | ||
} | ||
return true; | ||
} | ||
|
||
@Override | ||
public void describeTo(Description description) { | ||
description.appendText("Response contains field with name ").appendValue(expectedFieldName) | ||
.appendText(" and type ").appendValue(expectedFieldType); | ||
} | ||
} |
32 changes: 32 additions & 0 deletions
32
...ionTest/java/org/opensearch/test/framework/matcher/FieldCapabilitiesResponseMatchers.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* The OpenSearch Contributors require contributions made to | ||
* this file be licensed under the Apache-2.0 license or a | ||
* compatible open source license. | ||
* | ||
*/ | ||
package org.opensearch.test.framework.matcher; | ||
|
||
import org.hamcrest.Matcher; | ||
|
||
import org.opensearch.action.fieldcaps.FieldCapabilitiesResponse; | ||
|
||
public class FieldCapabilitiesResponseMatchers { | ||
|
||
private FieldCapabilitiesResponseMatchers() {} | ||
|
||
public static Matcher<FieldCapabilitiesResponse> containsExactlyIndices(String... expectedIndices) { | ||
return new ContainsExactlyIndicesMatcher(expectedIndices); | ||
} | ||
|
||
public static Matcher<FieldCapabilitiesResponse> containsFieldWithNameAndType(String expectedFieldName, String expectedFieldType) { | ||
return new ContainsFieldWithTypeMatcher(expectedFieldName, expectedFieldType); | ||
} | ||
|
||
public static Matcher<FieldCapabilitiesResponse> numberOfFieldsIsEqualTo(int expectedNumberOfFields) { | ||
return new NumberOfFieldsIsEqualToMatcher(expectedNumberOfFields); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
49 changes: 49 additions & 0 deletions
49
...arch/test/framework/matcher/GetResponseDocumentContainsExactlyFieldsWithNamesMatcher.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* The OpenSearch Contributors require contributions made to | ||
* this file be licensed under the Apache-2.0 license or a | ||
* compatible open source license. | ||
* | ||
*/ | ||
package org.opensearch.test.framework.matcher; | ||
|
||
import java.util.Map; | ||
import java.util.Set; | ||
|
||
import org.hamcrest.Description; | ||
import org.hamcrest.TypeSafeDiagnosingMatcher; | ||
|
||
import org.opensearch.action.get.GetResponse; | ||
|
||
import static java.util.Objects.isNull; | ||
|
||
class GetResponseDocumentContainsExactlyFieldsWithNamesMatcher extends TypeSafeDiagnosingMatcher<GetResponse> { | ||
|
||
private final Set<String> expectedFieldsNames; | ||
|
||
GetResponseDocumentContainsExactlyFieldsWithNamesMatcher(String... expectedFieldsNames) { | ||
if (isNull(expectedFieldsNames) || expectedFieldsNames.length == 0) { | ||
throw new IllegalArgumentException("expectedFieldsNames cannot be null or empty"); | ||
} | ||
this.expectedFieldsNames = Set.of(expectedFieldsNames); | ||
} | ||
|
||
@Override | ||
protected boolean matchesSafely(GetResponse response, Description mismatchDescription) { | ||
Map<String, Object> sourceMap = response.getSourceAsMap(); | ||
Set<String> actualFieldsNames = sourceMap.keySet(); | ||
if (!expectedFieldsNames.equals(actualFieldsNames)) { | ||
mismatchDescription.appendValue("Document with id ").appendValue(response.getId()) | ||
.appendText(" contains fields with names: ").appendValue(actualFieldsNames); | ||
return false; | ||
} | ||
return true; | ||
} | ||
|
||
@Override | ||
public void describeTo(Description description) { | ||
description.appendText("Document contain exactly fields with names: ").appendValue(expectedFieldsNames); | ||
} | ||
} |
Oops, something went wrong.