elastic · original-brownbear · Feb 7, 2022 · Feb 4, 2022 · Feb 6, 2022
diff --git a/...-provider/src/test/java/org/elasticsearch/xpack/idp/LocalStateIdentityProviderPlugin.java b/...-provider/src/test/java/org/elasticsearch/xpack/idp/LocalStateIdentityProviderPlugin.java
@@ -20,7 +20,7 @@ public class LocalStateIdentityProviderPlugin extends LocalStateCompositeXPackPl
     public LocalStateIdentityProviderPlugin(Settings settings, Path configPath) throws Exception {
         super(settings, configPath);
         LocalStateIdentityProviderPlugin thisVar = this;
-        plugins.add(new Security(settings, configPath) {
+        plugins.add(new Security(settings) {
             @Override
             protected SSLService getSslService() {
                 return thisVar.getSslService();

diff --git a/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/LocalStateMachineLearning.java b/x-pack/plugin/ml/src/test/java/org/elasticsearch/xpack/ml/LocalStateMachineLearning.java
@@ -68,7 +68,7 @@ protected XPackLicenseState getLicenseState() {
                 return thisVar.getLicenseState();
             }
         });
-        plugins.add(new Security(settings, configPath) {
+        plugins.add(new Security(settings) {
             @Override
             protected SSLService getSslService() {
                 return thisVar.getSslService();

diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java
@@ -319,7 +319,6 @@
 import org.elasticsearch.xpack.security.transport.nio.SecurityNioTransport;
 
 import java.io.IOException;
-import java.nio.file.Path;
 import java.time.Clock;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -471,11 +470,11 @@ public class Security extends Plugin
     private final SetOnce<Transport> transportReference = new SetOnce<>();
     private final SetOnce<ScriptService> scriptServiceReference = new SetOnce<>();
 
-    public Security(Settings settings, final Path configPath) {
-        this(settings, configPath, Collections.emptyList());
+    public Security(Settings settings) {
+        this(settings, Collections.emptyList());
     }
 
-    Security(Settings settings, final Path configPath, List<SecurityExtension> extensions) {
+    Security(Settings settings, List<SecurityExtension> extensions) {
         // TODO This is wrong. Settings can change after this. We should use the settings from createComponents
         this.settings = settings;
         // TODO this is wrong, we should only use the environment that is provided to createComponents
@@ -863,8 +862,7 @@ Collection<Object> createComponents(
                 authzService,
                 getSslService(),
                 securityContext.get(),
-                destructiveOperations,
-                clusterService
+                destructiveOperations
             )
         );
 

diff --git a/...n/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptor.java b/...n/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptor.java
@@ -11,14 +11,12 @@
 import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionListener;
 import org.elasticsearch.action.support.DestructiveOperations;
-import org.elasticsearch.cluster.service.ClusterService;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.ssl.SslConfiguration;
 import org.elasticsearch.common.util.Maps;
 import org.elasticsearch.common.util.concurrent.AbstractRunnable;
 import org.elasticsearch.common.util.concurrent.RunOnce;
 import org.elasticsearch.common.util.concurrent.ThreadContext;
-import org.elasticsearch.gateway.GatewayService;
 import org.elasticsearch.tasks.Task;
 import org.elasticsearch.threadpool.ThreadPool;
 import org.elasticsearch.transport.SendRequestTransportException;
@@ -57,17 +55,14 @@ public class SecurityServerTransportInterceptor implements TransportInterceptor
     private final Settings settings;
     private final SecurityContext securityContext;
 
-    private volatile boolean isStateNotRecovered = true;
-
     public SecurityServerTransportInterceptor(
         Settings settings,
         ThreadPool threadPool,
         AuthenticationService authcService,
         AuthorizationService authzService,
         SSLService sslService,
         SecurityContext securityContext,
-        DestructiveOperations destructiveOperations,
-        ClusterService clusterService
+        DestructiveOperations destructiveOperations
     ) {
         this.settings = settings;
         this.threadPool = threadPool;
@@ -76,7 +71,6 @@ public SecurityServerTransportInterceptor(
         this.sslService = sslService;
         this.securityContext = securityContext;
         this.profileFilters = initializeProfileFilters(destructiveOperations);
-        clusterService.addListener(e -> isStateNotRecovered = e.state().blocks().hasGlobalBlock(GatewayService.STATE_NOT_RECOVERED_BLOCK));
     }
 
     @Override
@@ -176,16 +170,7 @@ public <T extends TransportRequest> TransportRequestHandler<T> interceptHandler(
         boolean forceExecution,
         TransportRequestHandler<T> actualHandler
     ) {
-        return new ProfileSecuredRequestHandler<>(
-            logger,
-            action,
-            forceExecution,
-            executor,
-            actualHandler,
-            profileFilters,
-            settings,
-            threadPool
-        );
+        return new ProfileSecuredRequestHandler<>(logger, action, forceExecution, executor, actualHandler, profileFilters, threadPool);
     }
 
     private Map<String, ServerTransportFilter> initializeProfileFilters(DestructiveOperations destructiveOperations) {
@@ -232,7 +217,6 @@ public static class ProfileSecuredRequestHandler<T extends TransportRequest> imp
             String executorName,
             TransportRequestHandler<T> handler,
             Map<String, ServerTransportFilter> profileFilters,
-            Settings settings,
             ThreadPool threadPool
         ) {
             this.logger = logger;

diff --git a/...ck/plugin/security/src/test/java/org/elasticsearch/xpack/security/LocalStateSecurity.java b/...ck/plugin/security/src/test/java/org/elasticsearch/xpack/security/LocalStateSecurity.java
@@ -97,7 +97,7 @@ protected XPackLicenseState getLicenseState() {
                 return thisVar.getLicenseState();
             }
         });
-        plugins.add(new Security(settings, configPath) {
+        plugins.add(new Security(settings) {
             @Override
             protected SSLService getSslService() {
                 return thisVar.getSslService();

diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java
@@ -132,7 +132,7 @@ private Collection<Object> createComponentsUtil(Settings settings, SecurityExten
         NodeMetadata nodeMetadata = new NodeMetadata(randomAlphaOfLength(8), Version.CURRENT, Version.CURRENT);
         licenseState = new TestUtils.UpdatableLicenseState(settings);
         SSLService sslService = new SSLService(env);
-        security = new Security(settings, null, Arrays.asList(extensions)) {
+        security = new Security(settings, Arrays.asList(extensions)) {
             @Override
             protected XPackLicenseState getLicenseState() {
                 return licenseState;
@@ -658,7 +658,7 @@ public void testSecurityPluginInstallsRestHandlerWrapperEvenIfSecurityIsDisabled
 
         try {
             UsageService usageService = new UsageService();
-            Security security = new Security(settings, null);
+            Security security = new Security(settings);
             assertTrue(security.getRestHandlerWrapper(threadPool.getThreadContext()) != null);
 
         } finally {
@@ -680,7 +680,7 @@ public void testSecurityRestHandlerWrapperCanBeInstalled() throws IllegalAccessE
 
         try {
             UsageService usageService = new UsageService();
-            Security security = new Security(settings, null);
+            Security security = new Security(settings);
 
             // Verify Security rest wrapper is about to be installed
             // We will throw later if another wrapper is already installed

diff --git a/...a/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptorTests.java b/...a/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptorTests.java
@@ -96,8 +96,7 @@ public void testSendAsync() throws Exception {
             new DestructiveOperations(
                 Settings.EMPTY,
                 new ClusterSettings(Settings.EMPTY, Collections.singleton(DestructiveOperations.REQUIRES_NAME_SETTING))
-            ),
-            clusterService
+            )
         );
         ClusterServiceUtils.setState(clusterService, clusterService.state()); // force state update to trigger listener
 
@@ -144,8 +143,7 @@ public void testSendAsyncSwitchToSystem() throws Exception {
             new DestructiveOperations(
                 Settings.EMPTY,
                 new ClusterSettings(Settings.EMPTY, Collections.singleton(DestructiveOperations.REQUIRES_NAME_SETTING))
-            ),
-            clusterService
+            )
         );
         ClusterServiceUtils.setState(clusterService, clusterService.state()); // force state update to trigger listener
 
@@ -187,8 +185,7 @@ public void testSendWithoutUser() throws Exception {
             new DestructiveOperations(
                 Settings.EMPTY,
                 new ClusterSettings(Settings.EMPTY, Collections.singleton(DestructiveOperations.REQUIRES_NAME_SETTING))
-            ),
-            clusterService
+            )
         ) {
             @Override
             void assertNoAuthentication(String action) {}
@@ -236,8 +233,7 @@ public void testSendToNewerVersionSetsCorrectVersion() throws Exception {
             new DestructiveOperations(
                 Settings.EMPTY,
                 new ClusterSettings(Settings.EMPTY, Collections.singleton(DestructiveOperations.REQUIRES_NAME_SETTING))
-            ),
-            clusterService
+            )
         );
         ClusterServiceUtils.setState(clusterService, clusterService.state()); // force state update to trigger listener
 
@@ -291,8 +287,7 @@ public void testSendToOlderVersionSetsCorrectVersion() throws Exception {
             new DestructiveOperations(
                 Settings.EMPTY,
                 new ClusterSettings(Settings.EMPTY, Collections.singleton(DestructiveOperations.REQUIRES_NAME_SETTING))
-            ),
-            clusterService
+            )
         );
         ClusterServiceUtils.setState(clusterService, clusterService.state()); // force state update to trigger listener
 
@@ -411,7 +406,6 @@ public void testProfileSecuredRequestHandlerDecrementsRefCountOnFailure() throws
                     profileName,
                     new ServerTransportFilter(null, null, threadContext, randomBoolean(), destructiveOperations, securityContext)
                 ),
-                settings,
                 threadPool
             );
         final TransportChannel channel = mock(TransportChannel.class);