Fix fix and add test

Signed-off-by: Derek Ho <dxho@amazon.com>
derek-ho · Oct 8, 2024 · f10603a · f10603a
1 parent 56f483e
commit f10603a
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 10 deletions.
diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
@@ -108,21 +108,29 @@ public void configureSecuritySettings() throws IOException {
      */
     @SuppressWarnings("unchecked")
     void checkIfSecurityPluginIsAlreadyConfigured() {
-        // Check if the configuration file contains the 'plugins.security' string
+        // Check if the configuration file contains security settings
         if (installer.OPENSEARCH_CONF_FILE != null && new File(installer.OPENSEARCH_CONF_FILE).exists()) {
             try (BufferedReader br = new BufferedReader(new FileReader(installer.OPENSEARCH_CONF_FILE, StandardCharsets.UTF_8))) {
                 Yaml yaml = new Yaml();
                 Map<String, Object> yamlData = yaml.load(br);
-
-                if (yamlData != null && yamlData.containsKey("plugins")) {
-                    Map<String, Object> plugins = (Map<String, Object>) yamlData.get("plugins");
-                    if (plugins != null && plugins.containsKey("security")) {
-                        System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
-                        System.exit(installer.skip_updates);
+                // Check for flat keys
+                if (yamlData != null) {
+                    for (String key : yamlData.keySet()) {
+                        if (key.startsWith("plugins.security")) {
+                            System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
+                            System.exit(installer.skip_updates);
+                        }
+                    }
+                    // Check for nested keys
+                    if (yamlData.containsKey("plugins")) {
+                        Map<String, Object> plugins = (Map<String, Object>) yamlData.get("plugins");
+                        for (String key : plugins.keySet()) {
+                            if (key.startsWith("security")) {
+                                System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
+                                System.exit(installer.skip_updates);
+                            }
+                        }
                     }
-                } else if (yamlData != null && yamlData.containsKey("plugins.security")){
-                    System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
-                    System.exit(installer.skip_updates);
                 }
             } catch (IOException e) {
                 System.err.println("Error reading configuration file.");

diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java
@@ -363,6 +363,24 @@ public void testCreateSecurityAdminDemoScript_invalidPath() {
         }
     }
 
+    @Test
+    public void testReadNonFlatYamlAlreadyConfigured() throws IOException {
+        installer.OPENSEARCH_CONF_FILE = Paths.get("src/test/resources/opensearch-config-non-flat.yaml").toFile().getAbsolutePath();
+        String expectedMessage = installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.";
+        try {
+            System.setSecurityManager(new NoExitSecurityManager());
+            securitySettingsConfigurer.checkIfSecurityPluginIsAlreadyConfigured();
+        } catch (SecurityException e) {
+            assertThat(e.getMessage(), equalTo("System.exit(-1) blocked to allow print statement testing."));
+        } finally {
+            System.setSecurityManager(null);
+        }
+        verifyStdOutContainsString(expectedMessage);
+
+        // reset the file pointer
+        installer.OPENSEARCH_CONF_FILE = installer.OPENSEARCH_CONF_DIR + "opensearch.yml";
+    }
+
     @SuppressWarnings("unchecked")
     public static void setEnv(String key, String value) throws NoSuchFieldException, IllegalAccessException {
         Class<?>[] classes = Collections.class.getDeclaredClasses();

diff --git a/src/test/resources/opensearch-config-non-flat.yaml b/src/test/resources/opensearch-config-non-flat.yaml
@@ -0,0 +1,14 @@
+plugins:
+  security:
+    ssl:
+      transport:
+        pemcert_filepath: esnode.pem
+        pemkey_filepath: esnode-key.pem
+        pemtrustedcas_filepath: root-ca.pem
+        enforce_hostname_verification: false
+      http:
+        enabled: true
+        pemcert_filepath: esnode.pem
+        pemkey_filepath: esnode-key.pem
+        pemtrustedcas_filepath: root-ca.pem
+    allow_unsafe_democertificates: true