From 3f04e387b7752487cfe5c05049266c1a05759297 Mon Sep 17 00:00:00 2001
From: Ryan Ernst <ryan@iernst.net>
Date: Wed, 9 Aug 2017 13:34:13 -0700
Subject: [PATCH] Settings: Add keystore creation to add commands

This commits changes the keystore cli add commands to prompt for
creating the keystore if it does not exist. This will make it easier on
users starting out, not having to run a separate command for creation.
---
 .../settings/AddFileKeyStoreCommand.java      | 13 ++++++++---
 .../settings/AddStringKeyStoreCommand.java    | 13 ++++++++---
 .../settings/AddFileKeyStoreCommandTests.java | 22 +++++++++++++++----
 .../AddStringKeyStoreCommandTests.java        | 21 ++++++++++++++----
 4 files changed, 55 insertions(+), 14 deletions(-)

diff --git a/core/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java b/core/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java
index 5ccac9a2ac3fa..a488d238859aa 100644
--- a/core/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java
+++ b/core/src/main/java/org/elasticsearch/common/settings/AddFileKeyStoreCommand.java
@@ -61,11 +61,18 @@ class AddFileKeyStoreCommand extends EnvironmentAwareCommand {
     protected void execute(Terminal terminal, OptionSet options, Environment env) throws Exception {
         KeyStoreWrapper keystore = KeyStoreWrapper.load(env.configFile());
         if (keystore == null) {
-            throw new UserException(ExitCodes.DATA_ERROR, "Elasticsearch keystore not found. Use 'create' command to create one.");
+            if (options.has(forceOption) == false &&
+                terminal.promptYesNo("The elasticsearch keystore does not exist. Do you want to create it?", false) == false) {
+                terminal.println("Exiting without creating keystore.");
+                return;
+            }
+            keystore = KeyStoreWrapper.create(new char[0] /* always use empty passphrase for auto created keystore */);
+            keystore.save(env.configFile());
+            terminal.println("Created elasticsearch keystore in " + env.configFile());
+        } else {
+            keystore.decrypt(new char[0] /* TODO: prompt for password when they are supported */);
         }
 
-        keystore.decrypt(new char[0] /* TODO: prompt for password when they are supported */);
-
         List<String> argumentValues = arguments.values(options);
         if (argumentValues.size() == 0) {
             throw new UserException(ExitCodes.USAGE, "Missing setting name");
diff --git a/core/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java b/core/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java
index 599fac8c376f0..69a76f0f18fac 100644
--- a/core/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java
+++ b/core/src/main/java/org/elasticsearch/common/settings/AddStringKeyStoreCommand.java
@@ -58,11 +58,18 @@ InputStream getStdin() {
     protected void execute(Terminal terminal, OptionSet options, Environment env) throws Exception {
         KeyStoreWrapper keystore = KeyStoreWrapper.load(env.configFile());
         if (keystore == null) {
-            throw new UserException(ExitCodes.DATA_ERROR, "Elasticsearch keystore not found. Use 'create' command to create one.");
+            if (options.has(forceOption) == false &&
+                terminal.promptYesNo("The elasticsearch keystore does not exist. Do you want to create it?", false) == false) {
+                terminal.println("Exiting without creating keystore.");
+                return;
+            }
+            keystore = KeyStoreWrapper.create(new char[0] /* always use empty passphrase for auto created keystore */);
+            keystore.save(env.configFile());
+            terminal.println("Created elasticsearch keystore in " + env.configFile());
+        } else {
+            keystore.decrypt(new char[0] /* TODO: prompt for password when they are supported */);
         }
 
-        keystore.decrypt(new char[0] /* TODO: prompt for password when they are supported */);
-
         String setting = arguments.value(options);
         if (setting == null) {
             throw new UserException(ExitCodes.USAGE, "The setting name can not be null");
diff --git a/core/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java b/core/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java
index 91f08e8c0a037..071d394eb1e64 100644
--- a/core/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java
+++ b/core/src/test/java/org/elasticsearch/common/settings/AddFileKeyStoreCommandTests.java
@@ -59,10 +59,24 @@ private void addFile(KeyStoreWrapper keystore, String setting, Path file) throws
         keystore.save(env.configFile());
     }
 
-    public void testMissing() throws Exception {
-        UserException e = expectThrows(UserException.class, this::execute);
-        assertEquals(ExitCodes.DATA_ERROR, e.exitCode);
-        assertThat(e.getMessage(), containsString("keystore not found"));
+    public void testMissingPromptCreate() throws Exception {
+        Path file1 = createRandomFile();
+        terminal.addTextInput("y");
+        execute("foo", file1.toString());
+        assertSecureFile("foo", file1);
+    }
+
+    public void testMissingForceCreate() throws Exception {
+        Path file1 = createRandomFile();
+        terminal.addSecretInput("bar");
+        execute("-f", "foo", file1.toString());
+        assertSecureFile("foo", file1);
+    }
+
+    public void testMissingNoCreate() throws Exception {
+        terminal.addTextInput("n"); // explicit no
+        execute("foo");
+        assertNull(KeyStoreWrapper.load(env.configFile()));
     }
 
     public void testOverwritePromptDefault() throws Exception {
diff --git a/core/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java b/core/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java
index a83349d28fa4b..d0d8fdb500d3a 100644
--- a/core/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java
+++ b/core/src/test/java/org/elasticsearch/common/settings/AddStringKeyStoreCommandTests.java
@@ -49,10 +49,23 @@ InputStream getStdin() {
         };
     }
 
-    public void testMissing() throws Exception {
-        UserException e = expectThrows(UserException.class, this::execute);
-        assertEquals(ExitCodes.DATA_ERROR, e.exitCode);
-        assertThat(e.getMessage(), containsString("keystore not found"));
+    public void testMissingPromptCreate() throws Exception {
+        terminal.addTextInput("y");
+        terminal.addSecretInput("bar");
+        execute("foo");
+        assertSecureString("foo", "bar");
+    }
+
+    public void testMissingForceCreate() throws Exception {
+        terminal.addSecretInput("bar");
+        execute("-f", "foo");
+        assertSecureString("foo", "bar");
+    }
+
+    public void testMissingNoCreate() throws Exception {
+        terminal.addTextInput("n"); // explicit no
+        execute("foo");
+        assertNull(KeyStoreWrapper.load(env.configFile()));
     }
 
     public void testOverwritePromptDefault() throws Exception {