Merge branch 'master' into reporting/5.0/encrypt-headers

ycombinator · ycombinator · commit 0a89f0b984e7 · 2016-09-07T18:39:51.000-05:00
Original commit: elastic/x-pack-elasticsearch@38c755c
diff --git a/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/permission/IngestAdminRole.java b/elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authz/permission/IngestAdminRole.java
@@ -8,6 +8,7 @@
 import org.elasticsearch.xpack.security.authz.RoleDescriptor;
 import org.elasticsearch.xpack.security.authz.privilege.ClusterPrivilege;
 import org.elasticsearch.xpack.security.authz.privilege.Privilege.Name;
+import org.elasticsearch.xpack.security.support.MetadataUtils;
 
 /**
  * Role for users that should be allowed to use the Add Data/Ingest features in the UI
@@ -18,7 +19,8 @@ public class IngestAdminRole extends Role {
     private static final RoleDescriptor.IndicesPrivileges[] INDICES_PRIVILEGES = new RoleDescriptor.IndicesPrivileges[0];
 
     public static final String NAME = "ingest_admin";
-    public static final RoleDescriptor DESCRIPTOR = new RoleDescriptor(NAME, CLUSTER_PRIVILEGES, INDICES_PRIVILEGES, null);
+    public static final RoleDescriptor DESCRIPTOR =
+            new RoleDescriptor(NAME, CLUSTER_PRIVILEGES, INDICES_PRIVILEGES, null, MetadataUtils.DEFAULT_RESERVED_METADATA);
     public static final IngestAdminRole INSTANCE = new IngestAdminRole();
 
     private IngestAdminRole() {
diff --git a/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authz/permission/IngestAdminRoleTests.java b/elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authz/permission/IngestAdminRoleTests.java
@@ -20,6 +20,7 @@
 import org.elasticsearch.xpack.monitoring.action.MonitoringBulkAction;
 import org.elasticsearch.xpack.security.authc.Authentication;
 
+import static org.hamcrest.Matchers.hasEntry;
 import static org.hamcrest.Matchers.is;
 import static org.mockito.Mockito.mock;
 
@@ -48,4 +49,8 @@ public void testNoIndicesPermissions() {
         assertThat(IngestAdminRole.INSTANCE.indices().allowedIndicesMatcher(GetAction.NAME).test(randomAsciiOfLengthBetween(8, 24)),
                 is(false));
     }
+
+    public void testHasReservedMetadata() {
+        assertThat(IngestAdminRole.DESCRIPTOR.getMetadata(), hasEntry("_reserved", true));
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,7 @@`
`20`	`20`	`import org.elasticsearch.xpack.monitoring.action.MonitoringBulkAction;`
`21`	`21`	`import org.elasticsearch.xpack.security.authc.Authentication;`
`22`	`22`
	`23`	`+import static org.hamcrest.Matchers.hasEntry;`
`23`	`24`	`import static org.hamcrest.Matchers.is;`
`24`	`25`	`import static org.mockito.Mockito.mock;`
`25`	`26`
`@@ -48,4 +49,8 @@ public void testNoIndicesPermissions() {`
`48`	`49`	`assertThat(IngestAdminRole.INSTANCE.indices().allowedIndicesMatcher(GetAction.NAME).test(randomAsciiOfLengthBetween(8, 24)),`
`49`	`50`	`is(false));`
`50`	`51`	`}`
	`52`	`+`
	`53`	`+ public void testHasReservedMetadata() {`
	`54`	`+ assertThat(IngestAdminRole.DESCRIPTOR.getMetadata(), hasEntry("_reserved", true));`
	`55`	`+ }`
`51`	`56`	`}`