diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 052d96ac31..e5993bc311 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -72,9 +72,9 @@ jobs: cp -r build/ ./bwc-test/ mkdir ./bwc-test/src/test/resources/security_plugin_version_no_snapshot cp build/distributions/opensearch-security-${security_plugin_version_no_snapshot}.zip ./bwc-test/src/test/resources/${security_plugin_version_no_snapshot} - mkdir bwc-test/src/test/resources/1.3.0.0 - wget https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/1.3.0/latest/linux/x64/builds/opensearch/plugins/opensearch-security-1.3.0.0.zip - mv opensearch-security-1.3.0.0.zip bwc-test/src/test/resources/1.3.0.0/ + mkdir bwc-test/src/test/resources/2.0.0.0 + wget https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/2.0.0/latest/linux/x64/tar/builds/opensearch/plugins/opensearch-security-2.0.0.0.zip + mv opensearch-security-2.0.0.0.zip bwc-test/src/test/resources/2.0.0.0/ cd bwc-test/ ./gradlew bwcTestSuite -Dtests.security.manager=false diff --git a/build.gradle b/build.gradle index b2bc0ec551..5a66d36b6d 100644 --- a/build.gradle +++ b/build.gradle @@ -53,11 +53,12 @@ repositories { maven { url "https://aws.oss.sonatype.org/content/repositories/snapshots" } mavenCentral() maven { url "https://plugins.gradle.org/m2/" } + maven { url "https://d1nvenhzbhpy0q.cloudfront.net/snapshots/lucene/" } } ext { isSnapshot = "true" == System.getProperty("build.snapshot", "true") - opensearch_version = System.getProperty("opensearch.version", "2.0.0-SNAPSHOT") + opensearch_version = System.getProperty("opensearch.version", "2.1.0-SNAPSHOT") buildVersionQualifier = System.getProperty("build.version_qualifier", "") version_tokens = opensearch_version.tokenize('-') opensearch_build = version_tokens[0] + '.0' diff --git a/bwc-test/build.gradle b/bwc-test/build.gradle index 42be2c9478..8ad987b1a7 100644 --- a/bwc-test/build.gradle +++ b/bwc-test/build.gradle @@ -47,7 +47,7 @@ ext { buildscript { ext { - opensearch_version = System.getProperty("opensearch.version", "2.0.0-SNAPSHOT") + opensearch_version = System.getProperty("opensearch.version", "2.1.0-SNAPSHOT") opensearch_group = "org.opensearch" } repositories { @@ -73,16 +73,16 @@ dependencies { testImplementation "org.opensearch.test:framework:${opensearch_version}" } -String bwcVersion = "1.3.0.0"; +String bwcVersion = "2.0.0.0"; String baseName = "securityBwcCluster" String bwcFilePath = "src/test/resources/" -String projectVersion = "2.0.0.0" +String projectVersion = "2.1.0.0" 2.times {i -> testClusters { "${baseName}$i" { testDistribution = "ARCHIVE" - versions = ["1.3.0","2.0.0"] + versions = ["2.0.0","2.1.0"] numberOfNodes = 3 plugin(provider(new Callable() { @Override diff --git a/bwc-test/gradle/wrapper/gradle-wrapper.properties b/bwc-test/gradle/wrapper/gradle-wrapper.properties index 549d84424d..92f06b50fd 100644 --- a/bwc-test/gradle/wrapper/gradle-wrapper.properties +++ b/bwc-test/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-6.9-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-7.4.2-all.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 2e6e5897b5..92f06b50fd 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.3-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-7.4.2-all.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java index 3602bda037..873fb46de8 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java @@ -964,6 +964,11 @@ public long nextOrd() throws IOException { return sortedSetDocValues.nextOrd(); } + @Override + public long docValueCount() { + return sortedSetDocValues.docValueCount(); + } + @Override public BytesRef lookupOrd(long ord) throws IOException { return mf.mask(sortedSetDocValues.lookupOrd(ord)); diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java index f1dd3a88fb..59e8feb198 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractRestApiUnitTest.java @@ -195,11 +195,11 @@ protected void checkGeneralAccess(int status, String username, String password) rh.sendAdminCertificate = sendAdminCertificate; } - protected String checkReadAccess(int status, String username, String password, String indexName, String type, + protected String checkReadAccess(int status, String username, String password, String indexName, String actionType, int id) throws Exception { boolean sendAdminCertificate = rh.sendAdminCertificate; rh.sendAdminCertificate = false; - String action = indexName + "/" + type + "/" + id; + String action = indexName + "/" + actionType + "/" + id; HttpResponse response = rh.executeGetRequest(action, encodeBasicHeader(username, password)); int returnedStatus = response.getStatusCode(); @@ -209,12 +209,12 @@ protected String checkReadAccess(int status, String username, String password, S } - protected String checkWriteAccess(int status, String username, String password, String indexName, String type, + protected String checkWriteAccess(int status, String username, String password, String indexName, String actionType, int id) throws Exception { boolean sendAdminCertificate = rh.sendAdminCertificate; rh.sendAdminCertificate = false; - String action = indexName + "/" + type + "/" + id; + String action = indexName + "/" + actionType + "/" + id; String payload = "{\"value\" : \"true\"}"; HttpResponse response = rh.executePutRequest(action, payload, encodeBasicHeader(username, password)); diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java index 0bdbf6ea70..f09d7284ee 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiTest.java @@ -337,8 +337,6 @@ private void checkAllSfAllowed() throws Exception { rh.sendAdminCertificate = false; checkReadAccess(HttpStatus.SC_OK, "picard", "picard", "sf", "_doc", 1); checkWriteAccess(HttpStatus.SC_OK, "picard", "picard", "sf", "_doc", 1); - // ES7 only supports one doc type, so trying to create a second one leads to 400 BAD REQUEST - checkWriteAccess(HttpStatus.SC_BAD_REQUEST, "picard", "picard", "sf", "public", 1); } private void checkAllSfForbidden() throws Exception {