Skip to content

Commit

Permalink
Remove entitlement parameter (elastic#117597)
Browse files Browse the repository at this point in the history 
Removes the "entitlement" parameter from policy parsing.
  • Loading branch information
@jdconrad
jdconrad authored Nov 27, 2024
1 parent 5c928a4 commit 418cbbf
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 36 deletions.
13 changes: 0 additions & 13 deletions .../entitlement/src/main/java/org/elasticsearch/entitlement/runtime/policy/PolicyParser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@

package org.elasticsearch.entitlement.runtime.policy;

import org.elasticsearch.xcontent.ParseField;
import org.elasticsearch.xcontent.XContentParser;
import org.elasticsearch.xcontent.XContentParserConfiguration;
import org.elasticsearch.xcontent.yaml.YamlXContent;
Expand All @@ -31,8 +30,6 @@
*/
public class PolicyParser {

protected static final ParseField ENTITLEMENTS_PARSEFIELD = new ParseField("entitlements");

protected static final String entitlementPackageName = Entitlement.class.getPackage().getName();

protected final XContentParser policyParser;
Expand Down Expand Up @@ -65,13 +62,6 @@ public Policy parsePolicy() {

protected Scope parseScope(String scopeName) throws IOException {
try {
if (policyParser.nextToken() != XContentParser.Token.START_OBJECT) {
throw newPolicyParserException(scopeName, "expected object [" + ENTITLEMENTS_PARSEFIELD.getPreferredName() + "]");
}
if (policyParser.nextToken() != XContentParser.Token.FIELD_NAME
|| policyParser.currentName().equals(ENTITLEMENTS_PARSEFIELD.getPreferredName()) == false) {
throw newPolicyParserException(scopeName, "expected object [" + ENTITLEMENTS_PARSEFIELD.getPreferredName() + "]");
}
if (policyParser.nextToken() != XContentParser.Token.START_ARRAY) {
throw newPolicyParserException(scopeName, "expected array of <entitlement type>");
}
Expand All @@ -90,9 +80,6 @@ protected Scope parseScope(String scopeName) throws IOException {
throw newPolicyParserException(scopeName, "expected closing object");
}
}
if (policyParser.nextToken() != XContentParser.Token.END_OBJECT) {
throw newPolicyParserException(scopeName, "expected closing object");
}
return new Scope(scopeName, entitlements);
} catch (IOException ioe) {
throw new UncheckedIOException(ioe);
Expand Down
30 changes: 13 additions & 17 deletions .../src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyParserFailureTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,10 @@ public void testParserSyntaxFailures() {
public void testEntitlementDoesNotExist() throws IOException {
PolicyParserException ppe = expectThrows(PolicyParserException.class, () -> new PolicyParser(new ByteArrayInputStream("""
entitlement-module-name:
entitlements:
- does_not_exist: {}
- does_not_exist: {}
""".getBytes(StandardCharsets.UTF_8)), "test-failure-policy.yaml").parsePolicy());
assertEquals(
"[3:7] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name]: "
"[2:5] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name]: "
+ "unknown entitlement type [does_not_exist]",
ppe.getMessage()
);
Expand All @@ -42,23 +41,21 @@ public void testEntitlementDoesNotExist() throws IOException {
public void testEntitlementMissingParameter() throws IOException {
PolicyParserException ppe = expectThrows(PolicyParserException.class, () -> new PolicyParser(new ByteArrayInputStream("""
entitlement-module-name:
entitlements:
- file: {}
- file: {}
""".getBytes(StandardCharsets.UTF_8)), "test-failure-policy.yaml").parsePolicy());
assertEquals(
"[3:14] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name] "
"[2:12] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name] "
+ "for entitlement type [file]: missing entitlement parameter [path]",
ppe.getMessage()
);

ppe = expectThrows(PolicyParserException.class, () -> new PolicyParser(new ByteArrayInputStream("""
entitlement-module-name:
entitlements:
- file:
path: test-path
- file:
path: test-path
""".getBytes(StandardCharsets.UTF_8)), "test-failure-policy.yaml").parsePolicy());
assertEquals(
"[5:1] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name] "
"[4:1] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name] "
+ "for entitlement type [file]: missing entitlement parameter [actions]",
ppe.getMessage()
);
Expand All @@ -67,15 +64,14 @@ public void testEntitlementMissingParameter() throws IOException {
public void testEntitlementExtraneousParameter() throws IOException {
PolicyParserException ppe = expectThrows(PolicyParserException.class, () -> new PolicyParser(new ByteArrayInputStream("""
entitlement-module-name:
entitlements:
- file:
path: test-path
actions:
- read
extra: test
- file:
path: test-path
actions:
- read
extra: test
""".getBytes(StandardCharsets.UTF_8)), "test-failure-policy.yaml").parsePolicy());
assertEquals(
"[8:1] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name] "
"[7:1] policy parsing error for [test-failure-policy.yaml] in scope [entitlement-module-name] "
+ "for entitlement type [file]: extraneous entitlement parameter(s) {extra=test}",
ppe.getMessage()
);
Expand Down
11 changes: 5 additions & 6 deletions ...itlement/src/test/resources/org/elasticsearch/entitlement/runtime/policy/test-policy.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
entitlement-module-name:
entitlements:
- file:
path: "test/path/to/file"
actions:
- "read"
- "write"
- file:
path: "test/path/to/file"
actions:
- "read"
- "write"

0 comments on commit 418cbbf

Please sign in to comment.