88
99import org .apache .http .entity .ContentType ;
1010import org .apache .http .entity .StringEntity ;
11+ import org .elasticsearch .ElasticsearchException ;
1112import org .elasticsearch .ElasticsearchStatusException ;
1213import org .elasticsearch .action .admin .cluster .repositories .put .PutRepositoryRequest ;
13- import org .elasticsearch .action .admin .cluster .snapshots .delete .DeleteSnapshotRequest ;
14+ import org .elasticsearch .action .admin .cluster .snapshots .get .GetSnapshotsRequest ;
15+ import org .elasticsearch .action .admin .cluster .snapshots .get .GetSnapshotsResponse ;
1416import org .elasticsearch .client .Node ;
1517import org .elasticsearch .client .Request ;
1618import org .elasticsearch .client .RequestOptions ;
1921import org .elasticsearch .client .RestClient ;
2022import org .elasticsearch .client .RestClientBuilder ;
2123import org .elasticsearch .client .RestHighLevelClient ;
24+ import org .elasticsearch .client .core .AcknowledgedResponse ;
2225import org .elasticsearch .client .slm .DeleteSnapshotLifecyclePolicyRequest ;
2326import org .elasticsearch .client .slm .ExecuteSnapshotLifecyclePolicyRequest ;
2427import org .elasticsearch .client .slm .ExecuteSnapshotLifecyclePolicyResponse ;
28+ import org .elasticsearch .client .slm .ExecuteSnapshotLifecycleRetentionRequest ;
2529import org .elasticsearch .client .slm .GetSnapshotLifecyclePolicyRequest ;
2630import org .elasticsearch .client .slm .PutSnapshotLifecyclePolicyRequest ;
2731import org .elasticsearch .client .slm .SnapshotLifecyclePolicy ;
3842import org .elasticsearch .common .xcontent .support .XContentMapValues ;
3943import org .elasticsearch .repositories .fs .FsRepository ;
4044import org .elasticsearch .rest .RestStatus ;
45+ import org .elasticsearch .snapshots .SnapshotState ;
4146import org .elasticsearch .test .rest .ESRestTestCase ;
4247import org .elasticsearch .xpack .core .ilm .DeleteAction ;
4348import org .elasticsearch .xpack .core .ilm .LifecycleAction ;
5661import static java .util .Collections .singletonMap ;
5762import static org .elasticsearch .common .xcontent .XContentFactory .jsonBuilder ;
5863import static org .elasticsearch .xpack .core .security .authc .support .UsernamePasswordToken .basicAuthHeaderValue ;
64+ import static org .hamcrest .Matchers .containsString ;
5965import static org .hamcrest .Matchers .equalTo ;
60- import static org .hamcrest .Matchers .is ;
6166
6267public class PermissionsIT extends ESRestTestCase {
6368
@@ -144,14 +149,15 @@ public void testCanManageIndexWithNoPermissions() throws Exception {
144149 }
145150
146151 public void testSLMWithPermissions () throws Exception {
152+ String repo = "my_repository" ;
147153 createIndexAsAdmin ("index" , Settings .builder ().put ("index.number_of_replicas" , 0 ).build (), "" );
148154
149155 // Set up two roles and users, one for reading SLM, another for managing SLM
150156 Request roleRequest = new Request ("PUT" , "/_security/role/slm-read" );
151157 roleRequest .setJsonEntity ("{ \" cluster\" : [\" read_slm\" ] }" );
152158 assertOK (adminClient ().performRequest (roleRequest ));
153159 roleRequest = new Request ("PUT" , "/_security/role/slm-manage" );
154- roleRequest .setJsonEntity ("{ \" cluster\" : [\" manage_slm\" , \" create_snapshot \" ]," +
160+ roleRequest .setJsonEntity ("{ \" cluster\" : [\" manage_slm\" , \" cluster:admin/repository/* \" , \" cluster:admin/snapshot/* \" ]," +
155161 "\" indices\" : [{ \" names\" : [\" .slm-history*\" ],\" privileges\" : [\" all\" ] }] }" );
156162 assertOK (adminClient ().performRequest (roleRequest ));
157163
@@ -181,7 +187,7 @@ public void testSLMWithPermissions() throws Exception {
181187
182188 Settings .Builder settingsBuilder = Settings .builder ().put ("location" , "." );
183189 repoRequest .settings (settingsBuilder );
184- repoRequest .name ("my_repository" );
190+ repoRequest .name (repo );
185191 repoRequest .type (FsRepository .TYPE );
186192 org .elasticsearch .action .support .master .AcknowledgedResponse response =
187193 hlAdminClient .snapshot ().createRepository (repoRequest , RequestOptions .DEFAULT );
@@ -190,7 +196,8 @@ public void testSLMWithPermissions() throws Exception {
190196 Map <String , Object > config = new HashMap <>();
191197 config .put ("indices" , Collections .singletonList ("index" ));
192198 SnapshotLifecyclePolicy policy = new SnapshotLifecyclePolicy (
193- "policy_id" , "name" , "1 2 3 * * ?" , "my_repository" , config , SnapshotRetentionConfiguration .EMPTY );
199+ "policy_id" , "name" , "1 2 3 * * ?" , repo , config ,
200+ new SnapshotRetentionConfiguration (TimeValue .ZERO , null , null ));
194201 PutSnapshotLifecyclePolicyRequest request = new PutSnapshotLifecyclePolicyRequest (policy );
195202
196203 expectThrows (ElasticsearchStatusException .class ,
@@ -208,25 +215,47 @@ public void testSLMWithPermissions() throws Exception {
208215
209216 ExecuteSnapshotLifecyclePolicyResponse executeResp =
210217 adminHLRC .indexLifecycle ().executeSnapshotLifecyclePolicy (executeRequest , RequestOptions .DEFAULT );
218+ final String snapName = executeResp .getSnapshotName ();
211219
212- DeleteSnapshotLifecyclePolicyRequest deleteRequest = new DeleteSnapshotLifecyclePolicyRequest ("policy_id" );
220+ assertBusy (() -> {
221+ try {
222+ logger .info ("--> checking for snapshot to be created" );
223+ GetSnapshotsRequest getSnaps = new GetSnapshotsRequest (repo );
224+ getSnaps .snapshots (new String []{snapName });
225+ GetSnapshotsResponse getResp = adminHLRC .snapshot ().get (getSnaps , RequestOptions .DEFAULT );
226+ assertThat (getResp .getSnapshots ().get (0 ).state (), equalTo (SnapshotState .SUCCESS ));
227+ } catch (ElasticsearchException e ) {
228+ fail ("expected snapshot to exist but it does not: " + e .getDetailedMessage ());
229+ }
230+ });
231+
232+ ExecuteSnapshotLifecycleRetentionRequest executeRetention = new ExecuteSnapshotLifecycleRetentionRequest ();
213233 expectThrows (ElasticsearchStatusException .class , () ->
214- readHlrc .indexLifecycle ().deleteSnapshotLifecyclePolicy ( deleteRequest , RequestOptions .DEFAULT ));
234+ readHlrc .indexLifecycle ().executeSnapshotLifecycleRetention ( executeRetention , RequestOptions .DEFAULT ));
215235
216- adminHLRC .indexLifecycle ().deleteSnapshotLifecyclePolicy (deleteRequest , RequestOptions .DEFAULT );
236+ AcknowledgedResponse retentionResp =
237+ adminHLRC .indexLifecycle ().executeSnapshotLifecycleRetention (executeRetention , RequestOptions .DEFAULT );
238+ assertTrue (retentionResp .isAcknowledged ());
217239
218- // Delete snapshot to clean up and make sure it's not on-going.
219- // This is inside an assertBusy because the snapshot may not
220- // yet exist (in which case it throws an error)
221240 assertBusy (() -> {
222241 try {
223- DeleteSnapshotRequest delReq = new DeleteSnapshotRequest ("my_repository" , executeResp .getSnapshotName ());
224- hlAdminClient .snapshot ().delete (delReq , RequestOptions .DEFAULT );
225- } catch (ElasticsearchStatusException e ) {
226- fail ("got exception: " + e );
242+ logger .info ("--> checking for snapshot to be deleted" );
243+ GetSnapshotsRequest getSnaps = new GetSnapshotsRequest (repo );
244+ getSnaps .snapshots (new String []{snapName });
245+ GetSnapshotsResponse getResp = adminHLRC .snapshot ().get (getSnaps , RequestOptions .DEFAULT );
246+ assertThat (getResp .getSnapshots ().size (), equalTo (0 ));
247+ } catch (ElasticsearchException e ) {
248+ // great, we want it to not exist
249+ assertThat (e .getDetailedMessage (), containsString ("snapshot_missing_exception" ));
227250 }
228251 });
229252
253+ DeleteSnapshotLifecyclePolicyRequest deleteRequest = new DeleteSnapshotLifecyclePolicyRequest ("policy_id" );
254+ expectThrows (ElasticsearchStatusException .class , () ->
255+ readHlrc .indexLifecycle ().deleteSnapshotLifecyclePolicy (deleteRequest , RequestOptions .DEFAULT ));
256+
257+ adminHLRC .indexLifecycle ().deleteSnapshotLifecyclePolicy (deleteRequest , RequestOptions .DEFAULT );
258+
230259 hlAdminClient .close ();
231260 readHlrc .close ();
232261 adminHLRC .close ();
0 commit comments