diff --git a/reports-scheduler/src/main/config/reports-scheduler.yml b/reports-scheduler/src/main/config/reports-scheduler.yml index c65708cb..b68f0785 100644 --- a/reports-scheduler/src/main/config/reports-scheduler.yml +++ b/reports-scheduler/src/main/config/reports-scheduler.yml @@ -27,24 +27,7 @@ ## # configuration file for the reports scheduler plugin -opendistro.reports: +opensearch.reports: general: operationTimeoutMs: 60000 # 60 seconds, Minimum 100ms defaultItemsQueryCount: 100 # default number of items to query - polling: - jobLockDurationSeconds: 300 # 5 Minutes, Minimum 10 seconds - minPollingDurationSeconds: 300 # 5 Minutes, Minimum 60 seconds - maxPollingDurationSeconds: 900 # 15 Minutes, Minimum 5 Minutes - maxLockRetries: 1 # Max number of retries to retry locking - access: - adminAccess: "AllReports" - # adminAccess values: - ## Standard -> Admin user access follows standard user - ## AllReports -> Admin user with "all_access" role can see all reports of all users. - filterBy: "NoFilter" # Applied when tenant != __user__ - # filterBy values: - ## NoFilter -> everyone see each other's reports - ## User -> reports are visible to only themselves - ## Roles -> reports are visible to users having any one of the role of creator - ## BackendRoles -> reports are visible to users having any one of the backend role of creator - ignoreRoles: ["own_index", "kibana_user", "reports_full_access", "reports_read_access", "reports_instances_read_access"] diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt index 9f0b7c33..5f6ad2e0 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/ReportsSchedulerPlugin.kt @@ -37,7 +37,6 @@ import org.opensearch.reportsscheduler.action.GetReportDefinitionAction import org.opensearch.reportsscheduler.action.GetReportInstanceAction import org.opensearch.reportsscheduler.action.InContextReportCreateAction import org.opensearch.reportsscheduler.action.OnDemandReportCreateAction -import org.opensearch.reportsscheduler.action.PollReportInstanceAction import org.opensearch.reportsscheduler.action.UpdateReportDefinitionAction import org.opensearch.reportsscheduler.action.UpdateReportInstanceStatusAction import org.opensearch.reportsscheduler.index.ReportDefinitionsIndex @@ -47,12 +46,10 @@ import org.opensearch.reportsscheduler.resthandler.OnDemandReportRestHandler import org.opensearch.reportsscheduler.resthandler.ReportDefinitionListRestHandler import org.opensearch.reportsscheduler.resthandler.ReportDefinitionRestHandler import org.opensearch.reportsscheduler.resthandler.ReportInstanceListRestHandler -import org.opensearch.reportsscheduler.resthandler.ReportInstancePollRestHandler import org.opensearch.reportsscheduler.resthandler.ReportInstanceRestHandler import org.opensearch.reportsscheduler.resthandler.ReportStatsRestHandler import org.opensearch.reportsscheduler.scheduler.ReportDefinitionJobParser import org.opensearch.reportsscheduler.scheduler.ReportDefinitionJobRunner -import org.opensearch.reportsscheduler.settings.LegacyPluginSettings import org.opensearch.reportsscheduler.settings.PluginSettings import org.opensearch.action.ActionRequest @@ -99,7 +96,6 @@ class ReportsSchedulerPlugin : Plugin(), ActionPlugin, JobSchedulerExtension { override fun getSettings(): List> { val settingList = arrayListOf>() settingList.addAll(PluginSettings.getAllSettings()) - settingList.addAll(LegacyPluginSettings.getAllSettings()) return settingList } @@ -171,7 +167,6 @@ class ReportsSchedulerPlugin : Plugin(), ActionPlugin, JobSchedulerExtension { ReportInstanceRestHandler(), ReportInstanceListRestHandler(), OnDemandReportRestHandler(), - ReportInstancePollRestHandler(), ReportStatsRestHandler() ) } @@ -189,7 +184,6 @@ class ReportsSchedulerPlugin : Plugin(), ActionPlugin, JobSchedulerExtension { ActionPlugin.ActionHandler(GetReportInstanceAction.ACTION_TYPE, GetReportInstanceAction::class.java), ActionPlugin.ActionHandler(InContextReportCreateAction.ACTION_TYPE, InContextReportCreateAction::class.java), ActionPlugin.ActionHandler(OnDemandReportCreateAction.ACTION_TYPE, OnDemandReportCreateAction::class.java), - ActionPlugin.ActionHandler(PollReportInstanceAction.ACTION_TYPE, PollReportInstanceAction::class.java), ActionPlugin.ActionHandler(UpdateReportDefinitionAction.ACTION_TYPE, UpdateReportDefinitionAction::class.java), ActionPlugin.ActionHandler(UpdateReportInstanceStatusAction.ACTION_TYPE, UpdateReportInstanceStatusAction::class.java) ) diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/PollReportInstanceAction.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/PollReportInstanceAction.kt deleted file mode 100644 index 37367f53..00000000 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/PollReportInstanceAction.kt +++ /dev/null @@ -1,64 +0,0 @@ -/* - * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. - */ - -/* - * Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - * - */ - -package org.opensearch.reportsscheduler.action - -import org.opensearch.commons.authuser.User -import org.opensearch.reportsscheduler.model.PollReportInstanceRequest -import org.opensearch.reportsscheduler.model.PollReportInstanceResponse -import org.opensearch.action.ActionType -import org.opensearch.action.support.ActionFilters -import org.opensearch.client.Client -import org.opensearch.common.inject.Inject -import org.opensearch.common.xcontent.NamedXContentRegistry -import org.opensearch.transport.TransportService - -/** - * Poll for report instance job transport action - */ -internal class PollReportInstanceAction @Inject constructor( - transportService: TransportService, - client: Client, - actionFilters: ActionFilters, - val xContentRegistry: NamedXContentRegistry -) : PluginBaseAction(NAME, - transportService, - client, - actionFilters, - ::PollReportInstanceRequest) { - companion object { - private const val NAME = "cluster:admin/opensearch/reports/instance/poll" - internal val ACTION_TYPE = ActionType(NAME, ::PollReportInstanceResponse) - } - - /** - * {@inheritDoc} - */ - override fun executeRequest(request: PollReportInstanceRequest, user: User?): PollReportInstanceResponse { - return ReportInstanceActions.poll(user) - } -} diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportDefinitionActions.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportDefinitionActions.kt index 8a4f9ac1..1e87cfcc 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportDefinitionActions.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportDefinitionActions.kt @@ -129,7 +129,7 @@ internal object ReportDefinitionActions { Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() throw OpenSearchStatusException("Permission denied for Report Definition ${request.reportDefinitionId}", RestStatus.FORBIDDEN) } - return GetReportDefinitionResponse(reportDefinitionDetails, UserAccessManager.hasAllInfoAccess(user)) + return GetReportDefinitionResponse(reportDefinitionDetails, true) } /** @@ -170,6 +170,6 @@ internal object ReportDefinitionActions { UserAccessManager.getSearchAccessInfo(user), request.fromIndex, request.maxItems) - return GetAllReportDefinitionsResponse(reportDefinitionsList, UserAccessManager.hasAllInfoAccess(user)) + return GetAllReportDefinitionsResponse(reportDefinitionsList, true) } } diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportInstanceActions.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportInstanceActions.kt index 49e04e00..f7bb5745 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportInstanceActions.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/action/ReportInstanceActions.kt @@ -40,18 +40,15 @@ import org.opensearch.reportsscheduler.model.InContextReportCreateRequest import org.opensearch.reportsscheduler.model.InContextReportCreateResponse import org.opensearch.reportsscheduler.model.OnDemandReportCreateRequest import org.opensearch.reportsscheduler.model.OnDemandReportCreateResponse -import org.opensearch.reportsscheduler.model.PollReportInstanceResponse import org.opensearch.reportsscheduler.model.ReportInstance import org.opensearch.reportsscheduler.model.ReportInstance.Status import org.opensearch.reportsscheduler.model.UpdateReportInstanceStatusRequest import org.opensearch.reportsscheduler.model.UpdateReportInstanceStatusResponse import org.opensearch.reportsscheduler.security.UserAccessManager -import org.opensearch.reportsscheduler.settings.PluginSettings import org.opensearch.reportsscheduler.util.logger import org.opensearch.OpenSearchStatusException import org.opensearch.rest.RestStatus import java.time.Instant -import kotlin.random.Random /** * Report instances index operation actions. @@ -85,7 +82,7 @@ internal object ReportInstanceActions { throw OpenSearchStatusException("Report Instance Creation failed", RestStatus.INTERNAL_SERVER_ERROR) } val reportInstanceCopy = reportInstance.copy(id = docId) - return InContextReportCreateResponse(reportInstanceCopy, UserAccessManager.hasAllInfoAccess(user)) + return InContextReportCreateResponse(reportInstanceCopy, true) } /** @@ -126,7 +123,7 @@ internal object ReportInstanceActions { throw OpenSearchStatusException("Report Instance Creation failed", RestStatus.INTERNAL_SERVER_ERROR) } val reportInstanceCopy = reportInstance.copy(id = docId) - return OnDemandReportCreateResponse(reportInstanceCopy, UserAccessManager.hasAllInfoAccess(user)) + return OnDemandReportCreateResponse(reportInstanceCopy, true) } /** @@ -181,7 +178,7 @@ internal object ReportInstanceActions { Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() throw OpenSearchStatusException("Permission denied for Report Definition ${request.reportInstanceId}", RestStatus.FORBIDDEN) } - return GetReportInstanceResponse(reportInstance, UserAccessManager.hasAllInfoAccess(user)) + return GetReportInstanceResponse(reportInstance, true) } /** @@ -196,41 +193,6 @@ internal object ReportInstanceActions { UserAccessManager.getSearchAccessInfo(user), request.fromIndex, request.maxItems) - return GetAllReportInstancesResponse(reportInstanceList, UserAccessManager.hasAllInfoAccess(user)) - } - - fun poll(user: User?): PollReportInstanceResponse { - log.info("$LOG_PREFIX:ReportInstance-poll") - UserAccessManager.validatePollingUser(user) - val currentTime = Instant.now() - val reportInstances = ReportInstancesIndex.getPendingReportInstances() - return if (reportInstances.isEmpty()) { - PollReportInstanceResponse(getRetryAfterTime()) - } else { - // Shuffle list so that when multiple requests are made, chances of lock conflict is less - reportInstances.shuffle() - /* - If the shuffling is perfect random then there is high probability that first item locking is successful - even when there are many parallel requests. i.e. say there are x jobs and y parallel requests. - then x out of y jobs can lock first item and rest cannot lock any jobs. However shuffle may not be perfect - hence checking first few jobs for locking. - */ - val lockedJob = reportInstances.subList(0, PluginSettings.maxLockRetries).find { - val updatedInstance = it.copy(reportInstance = it.reportInstance.copy( - updatedTime = currentTime, - status = Status.Executing - )) - ReportInstancesIndex.updateReportInstanceDoc(updatedInstance) - } - if (lockedJob == null) { - PollReportInstanceResponse(PluginSettings.minPollingDurationSeconds) - } else { - PollReportInstanceResponse(0, lockedJob.reportInstance, UserAccessManager.hasAllInfoAccess(user)) - } - } - } - - private fun getRetryAfterTime(): Int { - return Random.nextInt(PluginSettings.minPollingDurationSeconds, PluginSettings.maxPollingDurationSeconds) + return GetAllReportInstancesResponse(reportInstanceList, true) } } diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/index/ReportInstancesIndex.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/index/ReportInstancesIndex.kt index 4906f0d0..7d45bdd4 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/index/ReportInstancesIndex.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/index/ReportInstancesIndex.kt @@ -27,18 +27,6 @@ package org.opensearch.reportsscheduler.index -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREFIX -import org.opensearch.reportsscheduler.model.ReportInstance -import org.opensearch.reportsscheduler.model.ReportInstance.Status -import org.opensearch.reportsscheduler.model.ReportInstanceDoc -import org.opensearch.reportsscheduler.model.ReportInstanceSearchResults -import org.opensearch.reportsscheduler.model.RestTag.ACCESS_LIST_FIELD -import org.opensearch.reportsscheduler.model.RestTag.STATUS_FIELD -import org.opensearch.reportsscheduler.model.RestTag.TENANT_FIELD -import org.opensearch.reportsscheduler.model.RestTag.UPDATED_TIME_FIELD -import org.opensearch.reportsscheduler.settings.PluginSettings -import org.opensearch.reportsscheduler.util.SecureIndexClient -import org.opensearch.reportsscheduler.util.logger import org.opensearch.ResourceAlreadyExistsException import org.opensearch.action.DocWriteResponse import org.opensearch.action.admin.indices.create.CreateIndexRequest @@ -54,8 +42,17 @@ import org.opensearch.common.xcontent.LoggingDeprecationHandler import org.opensearch.common.xcontent.NamedXContentRegistry import org.opensearch.common.xcontent.XContentType import org.opensearch.index.query.QueryBuilders +import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREFIX +import org.opensearch.reportsscheduler.model.ReportInstance +import org.opensearch.reportsscheduler.model.ReportInstanceDoc +import org.opensearch.reportsscheduler.model.ReportInstanceSearchResults +import org.opensearch.reportsscheduler.model.RestTag.ACCESS_LIST_FIELD +import org.opensearch.reportsscheduler.model.RestTag.TENANT_FIELD +import org.opensearch.reportsscheduler.model.RestTag.UPDATED_TIME_FIELD +import org.opensearch.reportsscheduler.settings.PluginSettings +import org.opensearch.reportsscheduler.util.SecureIndexClient +import org.opensearch.reportsscheduler.util.logger import org.opensearch.search.builder.SearchSourceBuilder -import java.time.Instant import java.util.concurrent.TimeUnit /** @@ -256,42 +253,4 @@ internal object ReportInstancesIndex { } return response.result == DocWriteResponse.Result.DELETED } - - /** - * Get pending report instances - * @return ReportInstanceDoc list - */ - fun getPendingReportInstances(): MutableList { - createIndex() - val query = QueryBuilders.termsQuery(STATUS_FIELD, - Status.Scheduled.name, - Status.Executing.name - ) - val sourceBuilder = SearchSourceBuilder() - .timeout(TimeValue(PluginSettings.operationTimeoutMs, TimeUnit.MILLISECONDS)) - .size(PluginSettings.defaultItemsQueryCount) - .query(query) - val searchRequest = SearchRequest() - .indices(REPORT_INSTANCES_INDEX_NAME) - .source(sourceBuilder) - val actionFuture = client.search(searchRequest) - val response = actionFuture.actionGet(PluginSettings.operationTimeoutMs) - val hits = response.hits - log.info("$LOG_PREFIX:getPendingReportInstances; totalHits:${hits.totalHits}, retHits:${hits.hits.size}") - val mutableList: MutableList = mutableListOf() - val currentTime = Instant.now() - val refTime = currentTime.minusSeconds(PluginSettings.jobLockDurationSeconds.toLong()) - hits.forEach { - val parser = XContentType.JSON.xContent().createParser(NamedXContentRegistry.EMPTY, - LoggingDeprecationHandler.INSTANCE, - it.sourceAsString) - parser.nextToken() - val reportInstance = ReportInstance.parse(parser, it.id) - if (reportInstance.status == Status.Scheduled || // If still in Scheduled state - reportInstance.updatedTime.isBefore(refTime)) { // or when timeout happened - mutableList.add(ReportInstanceDoc(reportInstance, it.seqNo, it.primaryTerm)) - } - } - return mutableList - } } diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/PollReportInstanceRequest.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/PollReportInstanceRequest.kt deleted file mode 100644 index 9ec8d100..00000000 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/PollReportInstanceRequest.kt +++ /dev/null @@ -1,77 +0,0 @@ -/* - * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. - */ - -/* - * Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - * - */ - -package org.opensearch.reportsscheduler.model - -import org.opensearch.action.ActionRequest -import org.opensearch.action.ActionRequestValidationException -import org.opensearch.common.io.stream.StreamInput -import org.opensearch.common.io.stream.StreamOutput -import org.opensearch.common.xcontent.ToXContent -import org.opensearch.common.xcontent.ToXContentObject -import org.opensearch.common.xcontent.XContentBuilder -import org.opensearch.common.xcontent.XContentFactory -import java.io.IOException - -/** - * Poll Report Instance Request - * GET request - no data - */ -internal class PollReportInstanceRequest() : ActionRequest(), ToXContentObject { - - @Throws(IOException::class) - constructor(input: StreamInput) : this() - - /** - * {@inheritDoc} - */ - @Throws(IOException::class) - override fun writeTo(output: StreamOutput) = Unit - - /** - * create XContentBuilder from this object using [XContentFactory.jsonBuilder()] - * @param params XContent parameters - * @return created XContentBuilder object - */ - fun toXContent(params: ToXContent.Params = ToXContent.EMPTY_PARAMS): XContentBuilder? { - return toXContent(XContentFactory.jsonBuilder(), params) - } - - /** - * {@inheritDoc} - */ - override fun toXContent(builder: XContentBuilder?, params: ToXContent.Params?): XContentBuilder { - return builder!! - } - - /** - * {@inheritDoc} - */ - override fun validate(): ActionRequestValidationException? { - return null - } -} diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/PollReportInstanceResponse.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/PollReportInstanceResponse.kt deleted file mode 100644 index 102a18df..00000000 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/PollReportInstanceResponse.kt +++ /dev/null @@ -1,145 +0,0 @@ -/* - * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. - */ - -/* - * Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - * - */ - -package org.opensearch.reportsscheduler.model - -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREFIX -import org.opensearch.reportsscheduler.model.RestTag.REPORT_INSTANCE_FIELD -import org.opensearch.reportsscheduler.model.RestTag.RETRY_AFTER_FIELD -import org.opensearch.reportsscheduler.settings.PluginSettings -import org.opensearch.reportsscheduler.util.createJsonParser -import org.opensearch.reportsscheduler.util.logger -import org.opensearch.common.io.stream.StreamInput -import org.opensearch.common.io.stream.StreamOutput -import org.opensearch.common.xcontent.ToXContent -import org.opensearch.common.xcontent.XContentBuilder -import org.opensearch.common.xcontent.XContentFactory -import org.opensearch.common.xcontent.XContentParser -import org.opensearch.common.xcontent.XContentParser.Token -import org.opensearch.common.xcontent.XContentParserUtils -import org.opensearch.rest.RestStatus -import java.io.IOException - -/** - * Poll report instance info response. - * 
 JSON format
- * {@code
- * // On Success
- * {
- *   "reportInstance":{
- *      // refer [org.opensearch.reportsscheduler.model.ReportInstance]
- *   }
- * }
- * // if no job found
- * {
- *   "retryAfter":300
- * }
- * }
- */ -internal class PollReportInstanceResponse : BaseResponse { - val retryAfter: Int - val reportInstance: ReportInstance? - private val filterSensitiveInfo: Boolean - - companion object { - private val log by logger(GetReportDefinitionResponse::class.java) - } - - constructor(retryAfter: Int, reportInstance: ReportInstance? = null, filterSensitiveInfo: Boolean = true) : super() { - this.retryAfter = retryAfter - this.reportInstance = reportInstance - this.filterSensitiveInfo = filterSensitiveInfo - } - - @Throws(IOException::class) - constructor(input: StreamInput) : this(input.createJsonParser()) - - /** - * Parse the data from parser and create [PollReportInstanceResponse] object - * @param parser data referenced at parser - */ - constructor(parser: XContentParser) : super() { - var retryAfter: Int = PluginSettings.minPollingDurationSeconds - var reportInstance: ReportInstance? = null - XContentParserUtils.ensureExpectedToken(Token.START_OBJECT, parser.currentToken(), parser) - while (Token.END_OBJECT != parser.nextToken()) { - val fieldName = parser.currentName() - parser.nextToken() - when (fieldName) { - RETRY_AFTER_FIELD -> retryAfter = parser.intValue() - REPORT_INSTANCE_FIELD -> reportInstance = ReportInstance.parse(parser) - else -> { - parser.skipChildren() - log.info("$LOG_PREFIX:Skipping Unknown field $fieldName") - } - } - } - this.retryAfter = retryAfter - this.reportInstance = reportInstance - this.filterSensitiveInfo = false // Sensitive info Must have filtered when created json object - } - - /** - * {@inheritDoc} - */ - @Throws(IOException::class) - override fun writeTo(output: StreamOutput) { - toXContent(XContentFactory.jsonBuilder(output), ToXContent.EMPTY_PARAMS) - } - - /** - * {@inheritDoc} - */ - override fun getStatus(): RestStatus { - return if (reportInstance != null) { - RestStatus.OK - } else { - RestStatus.MULTI_STATUS - } - } - - /** - * {@inheritDoc} - */ - override fun toXContent(builder: XContentBuilder?, params: ToXContent.Params?): XContentBuilder { - return if (reportInstance != null) { - val xContentParams = if (filterSensitiveInfo) { - RestTag.FILTERED_REST_OUTPUT_PARAMS - } else { - RestTag.REST_OUTPUT_PARAMS - } - builder!!.startObject() - .field(REPORT_INSTANCE_FIELD) - reportInstance.toXContent(builder, xContentParams) - builder.endObject() - } else { - builder!!.startObject() - .field(RETRY_AFTER_FIELD, retryAfter) - .endObject() - } - } -} diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/ReportDefinitionDetails.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/ReportDefinitionDetails.kt index 787490ed..63faed84 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/ReportDefinitionDetails.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/ReportDefinitionDetails.kt @@ -38,7 +38,6 @@ import org.opensearch.reportsscheduler.model.RestTag.REPORT_DEFINITION_FIELD import org.opensearch.reportsscheduler.model.RestTag.TENANT_FIELD import org.opensearch.reportsscheduler.model.RestTag.UPDATED_TIME_FIELD import org.opensearch.reportsscheduler.security.UserAccessManager.DEFAULT_TENANT -import org.opensearch.reportsscheduler.settings.PluginSettings import org.opensearch.reportsscheduler.util.logger import org.opensearch.reportsscheduler.util.stringList import org.opensearch.common.xcontent.ToXContent @@ -171,13 +170,6 @@ internal data class ReportDefinitionDetails( return createdTime } - /** - * {@inheritDoc} - */ - override fun getLockDurationSeconds(): Long? { - return PluginSettings.jobLockDurationSeconds.toLong() - } - override fun getSchedule(): Schedule { return reportDefinition.trigger.schedule!! } diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/RestTag.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/RestTag.kt index 6c371cbe..c4e948bd 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/RestTag.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/model/RestTag.kt @@ -52,7 +52,6 @@ internal object RestTag { const val REPORT_DEFINITION_DETAILS_FIELD = "reportDefinitionDetails" const val FROM_INDEX_FIELD = "fromIndex" const val MAX_ITEMS_FIELD = "maxItems" - const val RETRY_AFTER_FIELD = "retryAfter" private val INCLUDE_ID = Pair(ID_FIELD, "true") private val EXCLUDE_ACCESS = Pair(ACCESS_LIST_FIELD, "false") val INSTANCE_INDEX_PARAMS: Params = ToXContent.MapParams(mapOf(INCLUDE_ID)) diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/resthandler/ReportInstancePollRestHandler.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/resthandler/ReportInstancePollRestHandler.kt deleted file mode 100644 index 2d80be85..00000000 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/resthandler/ReportInstancePollRestHandler.kt +++ /dev/null @@ -1,110 +0,0 @@ -/* - * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. - */ - -/* - * Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - * - */ -package org.opensearch.reportsscheduler.resthandler - -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.BASE_REPORTS_URI -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LEGACY_BASE_REPORTS_URI -import org.opensearch.reportsscheduler.action.PollReportInstanceAction -import org.opensearch.reportsscheduler.action.ReportInstanceActions -import org.opensearch.reportsscheduler.model.PollReportInstanceRequest -import org.opensearch.client.node.NodeClient -import org.opensearch.rest.BaseRestHandler.RestChannelConsumer -import org.opensearch.rest.BytesRestResponse -import org.opensearch.rest.RestHandler.Route -import org.opensearch.rest.RestHandler.ReplacedRoute -import org.opensearch.rest.RestRequest -import org.opensearch.rest.RestRequest.Method.GET -import org.opensearch.rest.RestStatus - -/** - * Rest handler for getting list of report instances. - * This handler uses [ReportInstanceActions]. - */ -internal class ReportInstancePollRestHandler : PluginBaseHandler() { - companion object { - private const val REPORT_INSTANCE_POLL_ACTION = "report_instance_poll_actions" - private const val POLL_REPORT_INSTANCE_URL = "$BASE_REPORTS_URI/poll_instance" - private const val LEGACY_POLL_REPORT_INSTANCE_URL = "$LEGACY_BASE_REPORTS_URI/poll_instance" - } - - /** - * {@inheritDoc} - */ - override fun getName(): String { - return REPORT_INSTANCE_POLL_ACTION - } - - /** - * {@inheritDoc} - */ - override fun routes(): List { - return listOf() - } - - /** - * {@inheritDoc} - */ - override fun replacedRoutes(): List { - return listOf( - /** - * Poll report instances for pending job - * Request URL: GET POLL_REPORT_INSTANCE_URL - * Request body: None - * Response body: Ref [org.opensearch.reportsscheduler.model.PollReportInstanceResponse] - */ - ReplacedRoute( - GET, - POLL_REPORT_INSTANCE_URL, - GET, - LEGACY_POLL_REPORT_INSTANCE_URL - ) - ) - } - - /** - * {@inheritDoc} - */ - override fun responseParams(): Set { - return setOf() - } - - /** - * {@inheritDoc} - */ - override fun executeRequest(request: RestRequest, client: NodeClient): RestChannelConsumer { - return when (request.method()) { - GET -> RestChannelConsumer { - client.execute(PollReportInstanceAction.ACTION_TYPE, - PollReportInstanceRequest(), - RestResponseToXContentListener(it)) - } - else -> RestChannelConsumer { - it.sendResponse(BytesRestResponse(RestStatus.METHOD_NOT_ALLOWED, "${request.method()} is not allowed")) - } - } - } -} diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/security/UserAccessManager.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/security/UserAccessManager.kt index 8811e59c..f2059c38 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/security/UserAccessManager.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/security/UserAccessManager.kt @@ -30,10 +30,8 @@ package org.opensearch.reportsscheduler.security import org.opensearch.commons.authuser.User import org.opensearch.reportsscheduler.metrics.Metrics import org.opensearch.reportsscheduler.settings.PluginSettings -import org.opensearch.reportsscheduler.settings.PluginSettings.FilterBy import org.opensearch.OpenSearchStatusException import org.opensearch.rest.RestStatus -import java.util.stream.Collectors /** * Class for checking/filtering user access. @@ -42,8 +40,6 @@ internal object UserAccessManager { private const val USER_TAG = "User:" private const val ROLE_TAG = "Role:" private const val BACKEND_ROLE_TAG = "BERole:" - private const val ALL_ACCESS_ROLE = "all_access" - private const val KIBANA_SERVER_USER = "kibanaserver" // TODO: Change it to background user when created. private const val PRIVATE_TENANT = "__user__" const val DEFAULT_TENANT = "" @@ -64,46 +60,12 @@ internal object UserAccessManager { throw OpenSearchStatusException("User name not provided for private tenant access", RestStatus.FORBIDDEN) } - when (PluginSettings.filterBy) { - FilterBy.NoFilter -> { // No validation - } - FilterBy.User -> { // User name must be present - user?.name - ?: run { - Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() - throw OpenSearchStatusException("Filter-by enabled with security disabled", - RestStatus.FORBIDDEN) - } - } - FilterBy.Roles -> { // backend roles must be present - if (user == null || user.roles.isNullOrEmpty()) { - Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() - throw OpenSearchStatusException("User doesn't have roles configured. Contact administrator.", - RestStatus.FORBIDDEN) - } else if (user.roles.stream().filter { !PluginSettings.ignoredRoles.contains(it) }.count() == 0L) { - Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() - throw OpenSearchStatusException("No distinguishing roles configured. Contact administrator.", - RestStatus.FORBIDDEN) - } - } - FilterBy.BackendRoles -> { // backend roles must be present - if (user?.backendRoles.isNullOrEmpty()) { - Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() - throw OpenSearchStatusException("User doesn't have backend roles configured. Contact administrator.", - RestStatus.FORBIDDEN) - } - } - } - } - - /** - * validate if user has access to polling actions - */ - fun validatePollingUser(user: User?) { - if (user != null) { // Check only if security is enabled - if (user.name != KIBANA_SERVER_USER) { + if (PluginSettings.isRbacEnabled()) { + // backend roles must be present + if (user?.backendRoles.isNullOrEmpty()) { Metrics.REPORT_PERMISSION_USER_ERROR.counter.increment() - throw OpenSearchStatusException("Permission denied", RestStatus.FORBIDDEN) + throw OpenSearchStatusException("User doesn't have backend roles configured. Contact administrator.", + RestStatus.FORBIDDEN) } } } @@ -144,17 +106,10 @@ internal object UserAccessManager { if (isUserPrivateTenant(user)) { return listOf("$USER_TAG${user.name}") // No sharing allowed in private tenant. } - if (canAdminViewAllItems(user)) { - return listOf() - } - return when (PluginSettings.filterBy) { - FilterBy.NoFilter -> listOf() - FilterBy.User -> listOf("$USER_TAG${user.name}") - FilterBy.Roles -> user.roles.stream() - .filter { !PluginSettings.ignoredRoles.contains(it) } - .map { "$ROLE_TAG$it" } - .collect(Collectors.toList()) - FilterBy.BackendRoles -> user.backendRoles.map { "$BACKEND_ROLE_TAG$it" } + return if (PluginSettings.isRbacEnabled()) { + user.backendRoles.map { "$BACKEND_ROLE_TAG$it" } + } else { + listOf() } } @@ -168,36 +123,11 @@ internal object UserAccessManager { if (getUserTenant(user) != tenant) { return false } - if (canAdminViewAllItems(user)) { - return true - } - return when (PluginSettings.filterBy) { - FilterBy.NoFilter -> true - FilterBy.User -> access.contains("$USER_TAG${user.name}") - FilterBy.Roles -> user.roles.stream() - .filter { !PluginSettings.ignoredRoles.contains(it) } - .map { "$ROLE_TAG$it" } - .anyMatch { it in access } - FilterBy.BackendRoles -> user.backendRoles.map { "$BACKEND_ROLE_TAG$it" }.any { it in access } - } - } - - /** - * Check if user has all info access. - */ - fun hasAllInfoAccess(user: User?): Boolean { - if (user == null) { // Security is disabled - return true + return if (PluginSettings.isRbacEnabled()) { + user.backendRoles.map { "$BACKEND_ROLE_TAG$it" }.any { it in access } + } else { + true } - return isAdminUser(user) - } - - private fun canAdminViewAllItems(user: User): Boolean { - return PluginSettings.adminAccess == PluginSettings.AdminAccess.AllReports && isAdminUser(user) - } - - private fun isAdminUser(user: User): Boolean { - return user.roles.contains(ALL_ACCESS_ROLE) } private fun isUserPrivateTenant(user: User?): Boolean { diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/LegacyPluginSettings.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/LegacyPluginSettings.kt deleted file mode 100644 index 7f5ffcf1..00000000 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/LegacyPluginSettings.kt +++ /dev/null @@ -1,498 +0,0 @@ -/* - * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. - */ - -/* - * Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"). - * You may not use this file except in compliance with the License. - * A copy of the License is located at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * or in the "license" file accompanying this file. This file is distributed - * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the License for the specific language governing - * permissions and limitations under the License. - * - */ - -package org.opensearch.reportsscheduler.settings - -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREFIX -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.PLUGIN_NAME -import org.apache.logging.log4j.LogManager -import org.opensearch.bootstrap.BootstrapInfo -import org.opensearch.cluster.service.ClusterService -import org.opensearch.common.settings.Setting -import org.opensearch.common.settings.Setting.Property.Dynamic -import org.opensearch.common.settings.Setting.Property.NodeScope -import org.opensearch.common.settings.Setting.Property.Deprecated -import org.opensearch.common.settings.Settings -import java.io.IOException -import java.nio.file.Path - -/** - * settings specific to reports scheduler Plugin. - */ -internal object LegacyPluginSettings { - - /** - * Settings Key prefix for this plugin. - */ - private const val KEY_PREFIX = "opendistro.reports" - - /** - * General settings Key prefix. - */ - private const val GENERAL_KEY_PREFIX = "$KEY_PREFIX.general" - - /** - * Polling settings Key prefix. - */ - private const val POLLING_KEY_PREFIX = "$KEY_PREFIX.polling" - - /** - * Access settings Key prefix. - */ - private const val ACCESS_KEY_PREFIX = "$KEY_PREFIX.access" - - /** - * Operation timeout for network operations. - */ - private const val OPERATION_TIMEOUT_MS_KEY = "$GENERAL_KEY_PREFIX.operationTimeoutMs" - - /** - * Setting to choose default number of items to query. - */ - private const val DEFAULT_ITEMS_QUERY_COUNT_KEY = "$GENERAL_KEY_PREFIX.defaultItemsQueryCount" - - /** - * Setting to choose Job lock duration. - */ - private const val JOB_LOCK_DURATION_S_KEY = "$POLLING_KEY_PREFIX.jobLockDurationSeconds" - - /** - * Setting to choose Minimum polling duration. - */ - private const val MIN_POLLING_DURATION_S_KEY = "$POLLING_KEY_PREFIX.minPollingDurationSeconds" - - /** - * Setting to choose Maximum polling duration. - */ - private const val MAX_POLLING_DURATION_S_KEY = "$POLLING_KEY_PREFIX.maxPollingDurationSeconds" - - /** - * Setting to choose Maximum number of retries to try locking. - */ - private const val MAX_LOCK_RETRIES_KEY = "$POLLING_KEY_PREFIX.maxLockRetries" - - /** - * Setting to choose admin access restriction. - */ - private const val ADMIN_ACCESS_KEY = "$ACCESS_KEY_PREFIX.adminAccess" - - /** - * Setting to choose filter method. - */ - private const val FILTER_BY_KEY = "$ACCESS_KEY_PREFIX.filterBy" - - /** - * Setting to choose ignored roles for filtering. - */ - private const val IGNORE_ROLE_KEY = "$ACCESS_KEY_PREFIX.ignoreRoles" - - /** - * Default operation timeout for network operations. - */ - private const val DEFAULT_OPERATION_TIMEOUT_MS = 60000L - - /** - * Minimum operation timeout for network operations. - */ - private const val MINIMUM_OPERATION_TIMEOUT_MS = 100L - - /** - * Default Job lock duration. - */ - private const val DEFAULT_JOB_LOCK_DURATION_S = 300 - - /** - * Minimum Job lock duration. - */ - private const val MINIMUM_JOB_LOCK_DURATION_S = 10 - - /** - * Default Minimum polling duration. - */ - private const val DEFAULT_MIN_POLLING_DURATION_S = 300 - - /** - * Minimum Min polling duration. - */ - private const val MINIMUM_MIN_POLLING_DURATION_S = 60 - - /** - * Default Maximum polling duration. - */ - private const val DEFAULT_MAX_POLLING_DURATION_S = 900 - - /** - * Minimum Maximum polling duration. - */ - private const val MINIMUM_MAX_POLLING_DURATION_S = 300 - - /** - * Default number of retries to try locking. - */ - private const val DEFAULT_MAX_LOCK_RETRIES = 4 - - /** - * Minimum number of retries to try locking. - */ - private const val MINIMUM_LOCK_RETRIES = 1 - - /** - * Default number of items to query. - */ - private const val DEFAULT_ITEMS_QUERY_COUNT_VALUE = 100 - - /** - * Minimum number of items to query. - */ - private const val MINIMUM_ITEMS_QUERY_COUNT = 10 - - /** - * Default admin access method. - */ - private const val DEFAULT_ADMIN_ACCESS_METHOD = "AllReports" - - /** - * Default filter-by method. - */ - private const val DEFAULT_FILTER_BY_METHOD = "NoFilter" - - /** - * Default filter-by method. - */ - private val DEFAULT_IGNORED_ROLES = listOf("own_index", - "kibana_user", - "reports_full_access", - "reports_read_access", - "reports_instances_read_access") - - /** - * Operation timeout setting in ms for I/O operations - */ - @Volatile - var operationTimeoutMs: Long - - /** - * Default number of items to query. - */ - @Volatile - var defaultItemsQueryCount: Int - - /** - * Job lock duration - */ - @Volatile - var jobLockDurationSeconds: Int - - /** - * Minimum polling duration - */ - @Volatile - var minPollingDurationSeconds: Int - - /** - * Maximum polling duration. - */ - @Volatile - var maxPollingDurationSeconds: Int - - /** - * Max number of retries to try locking. - */ - @Volatile - var maxLockRetries: Int - - /** - * admin access method. - */ - @Volatile - var adminAccess: AdminAccess - - /** - * Filter-by method. - */ - @Volatile - var filterBy: FilterBy - - /** - * list of ignored roles. - */ - @Volatile - var ignoredRoles: List - - /** - * Enum for types of admin access - * "Standard" -> Admin user access follows standard user - * "AllReports" -> Admin user with "all_access" role can see all reports of all users. - */ - internal enum class AdminAccess { Standard, AllReports } - - /** - * Enum for types of filterBy options - * NoFilter -> everyone see each other's reports - * User -> reports are visible to only themselves - * Roles -> reports are visible to users having any one of the role of creator - * BackendRoles -> reports are visible to users having any one of the backend role of creator - */ - internal enum class FilterBy { NoFilter, User, Roles, BackendRoles } - - private const val DECIMAL_RADIX: Int = 10 - - private val log = LogManager.getLogger(javaClass) - private val defaultSettings: Map - - init { - var settings: Settings? = null - val configDirName = BootstrapInfo.getSystemProperties()?.get("es.path.conf")?.toString() - if (configDirName != null) { - val defaultSettingYmlFile = Path.of(configDirName, PLUGIN_NAME, "reports-scheduler.yml") - try { - settings = Settings.builder().loadFromPath(defaultSettingYmlFile).build() - } catch (exception: IOException) { - log.warn("$LOG_PREFIX:Failed to load ${defaultSettingYmlFile.toAbsolutePath()}") - } - } - // Initialize the settings values to default values - operationTimeoutMs = (settings?.get(OPERATION_TIMEOUT_MS_KEY)?.toLong()) ?: DEFAULT_OPERATION_TIMEOUT_MS - defaultItemsQueryCount = (settings?.get(DEFAULT_ITEMS_QUERY_COUNT_KEY)?.toInt()) - ?: DEFAULT_ITEMS_QUERY_COUNT_VALUE - jobLockDurationSeconds = (settings?.get(JOB_LOCK_DURATION_S_KEY)?.toInt()) ?: DEFAULT_JOB_LOCK_DURATION_S - minPollingDurationSeconds = (settings?.get(MIN_POLLING_DURATION_S_KEY)?.toInt()) - ?: DEFAULT_MIN_POLLING_DURATION_S - maxPollingDurationSeconds = (settings?.get(MAX_POLLING_DURATION_S_KEY)?.toInt()) - ?: DEFAULT_MAX_POLLING_DURATION_S - maxLockRetries = (settings?.get(MAX_LOCK_RETRIES_KEY)?.toInt()) ?: DEFAULT_MAX_LOCK_RETRIES - adminAccess = AdminAccess.valueOf(settings?.get(ADMIN_ACCESS_KEY) ?: DEFAULT_ADMIN_ACCESS_METHOD) - filterBy = FilterBy.valueOf(settings?.get(FILTER_BY_KEY) ?: DEFAULT_FILTER_BY_METHOD) - ignoredRoles = settings?.getAsList(IGNORE_ROLE_KEY) ?: DEFAULT_IGNORED_ROLES - - defaultSettings = mapOf( - OPERATION_TIMEOUT_MS_KEY to operationTimeoutMs.toString(DECIMAL_RADIX), - DEFAULT_ITEMS_QUERY_COUNT_KEY to defaultItemsQueryCount.toString(DECIMAL_RADIX), - JOB_LOCK_DURATION_S_KEY to jobLockDurationSeconds.toString(DECIMAL_RADIX), - MIN_POLLING_DURATION_S_KEY to minPollingDurationSeconds.toString(DECIMAL_RADIX), - MAX_POLLING_DURATION_S_KEY to maxPollingDurationSeconds.toString(DECIMAL_RADIX), - MAX_LOCK_RETRIES_KEY to maxLockRetries.toString(DECIMAL_RADIX), - ADMIN_ACCESS_KEY to adminAccess.name, - FILTER_BY_KEY to filterBy.name - ) - } - - public val OPERATION_TIMEOUT_MS: Setting = Setting.longSetting( - OPERATION_TIMEOUT_MS_KEY, - defaultSettings[OPERATION_TIMEOUT_MS_KEY]!!.toLong(), - MINIMUM_OPERATION_TIMEOUT_MS, - NodeScope, Dynamic, Deprecated - ) - - public val DEFAULT_ITEMS_QUERY_COUNT: Setting = Setting.intSetting( - DEFAULT_ITEMS_QUERY_COUNT_KEY, - defaultSettings[DEFAULT_ITEMS_QUERY_COUNT_KEY]!!.toInt(), - MINIMUM_ITEMS_QUERY_COUNT, - NodeScope, Dynamic, Deprecated - ) - - public val JOB_LOCK_DURATION_S: Setting = Setting.intSetting( - JOB_LOCK_DURATION_S_KEY, - defaultSettings[JOB_LOCK_DURATION_S_KEY]!!.toInt(), - MINIMUM_JOB_LOCK_DURATION_S, - NodeScope, Dynamic, Deprecated - ) - - public val MIN_POLLING_DURATION_S: Setting = Setting.intSetting( - MIN_POLLING_DURATION_S_KEY, - defaultSettings[MIN_POLLING_DURATION_S_KEY]!!.toInt(), - MINIMUM_MIN_POLLING_DURATION_S, - NodeScope, Dynamic, Deprecated - ) - - public val MAX_POLLING_DURATION_S: Setting = Setting.intSetting( - MAX_POLLING_DURATION_S_KEY, - defaultSettings[MAX_POLLING_DURATION_S_KEY]!!.toInt(), - MINIMUM_MAX_POLLING_DURATION_S, - NodeScope, Dynamic, Deprecated - ) - - public val MAX_LOCK_RETRIES: Setting = Setting.intSetting( - MAX_LOCK_RETRIES_KEY, - defaultSettings[MAX_LOCK_RETRIES_KEY]!!.toInt(), - MINIMUM_LOCK_RETRIES, - NodeScope, Dynamic, Deprecated - ) - - public val ADMIN_ACCESS: Setting = Setting.simpleString( - ADMIN_ACCESS_KEY, - defaultSettings[ADMIN_ACCESS_KEY]!!, - NodeScope, Dynamic, Deprecated - ) - - public val FILTER_BY: Setting = Setting.simpleString( - FILTER_BY_KEY, - defaultSettings[FILTER_BY_KEY]!!, - NodeScope, Dynamic, Deprecated - ) - - public val IGNORED_ROLES: Setting> = Setting.listSetting( - IGNORE_ROLE_KEY, - DEFAULT_IGNORED_ROLES, - { it }, - NodeScope, Dynamic, Deprecated - ) - - /** - * Returns list of additional settings available specific to this plugin. - * - * @return list of settings defined in this plugin - */ - fun getAllSettings(): List> { - return listOf(OPERATION_TIMEOUT_MS, - DEFAULT_ITEMS_QUERY_COUNT, - JOB_LOCK_DURATION_S, - MIN_POLLING_DURATION_S, - MAX_POLLING_DURATION_S, - MAX_LOCK_RETRIES, - ADMIN_ACCESS, - FILTER_BY, - IGNORED_ROLES - ) - } - - /** - * Update the setting variables to setting values from local settings - * @param clusterService cluster service instance - */ - private fun updateSettingValuesFromLocal(clusterService: ClusterService) { - operationTimeoutMs = OPERATION_TIMEOUT_MS.get(clusterService.settings) - defaultItemsQueryCount = DEFAULT_ITEMS_QUERY_COUNT.get(clusterService.settings) - jobLockDurationSeconds = JOB_LOCK_DURATION_S.get(clusterService.settings) - minPollingDurationSeconds = MIN_POLLING_DURATION_S.get(clusterService.settings) - maxPollingDurationSeconds = MAX_POLLING_DURATION_S.get(clusterService.settings) - maxLockRetries = MAX_LOCK_RETRIES.get(clusterService.settings) - adminAccess = AdminAccess.valueOf(ADMIN_ACCESS.get(clusterService.settings)) - filterBy = FilterBy.valueOf(FILTER_BY.get(clusterService.settings)) - ignoredRoles = IGNORED_ROLES.get(clusterService.settings) - } - - /** - * Update the setting variables to setting values from cluster settings - * @param clusterService cluster service instance - */ - private fun updateSettingValuesFromCluster(clusterService: ClusterService) { - val clusterOperationTimeoutMs = clusterService.clusterSettings.get(OPERATION_TIMEOUT_MS) - if (clusterOperationTimeoutMs != null) { - log.debug("$LOG_PREFIX:$OPERATION_TIMEOUT_MS_KEY -autoUpdatedTo-> $clusterOperationTimeoutMs") - operationTimeoutMs = clusterOperationTimeoutMs - } - val clusterDefaultItemsQueryCount = clusterService.clusterSettings.get(DEFAULT_ITEMS_QUERY_COUNT) - if (clusterDefaultItemsQueryCount != null) { - log.debug("$LOG_PREFIX:$DEFAULT_ITEMS_QUERY_COUNT_KEY -autoUpdatedTo-> $clusterDefaultItemsQueryCount") - defaultItemsQueryCount = clusterDefaultItemsQueryCount - } - val clusterJobLockDurationSeconds = clusterService.clusterSettings.get(JOB_LOCK_DURATION_S) - if (clusterJobLockDurationSeconds != null) { - log.debug("$LOG_PREFIX:$JOB_LOCK_DURATION_S_KEY -autoUpdatedTo-> $clusterJobLockDurationSeconds") - jobLockDurationSeconds = clusterJobLockDurationSeconds - } - val clusterMinPollingDurationSeconds = clusterService.clusterSettings.get(MIN_POLLING_DURATION_S) - if (clusterMinPollingDurationSeconds != null) { - log.debug("$LOG_PREFIX:$MIN_POLLING_DURATION_S_KEY -autoUpdatedTo-> $clusterMinPollingDurationSeconds") - minPollingDurationSeconds = clusterMinPollingDurationSeconds - } - val clusterMaxPollingDurationSeconds = clusterService.clusterSettings.get(MAX_POLLING_DURATION_S) - if (clusterMaxPollingDurationSeconds != null) { - log.debug("$LOG_PREFIX:$MAX_POLLING_DURATION_S_KEY -autoUpdatedTo-> $clusterMaxPollingDurationSeconds") - maxPollingDurationSeconds = clusterMaxPollingDurationSeconds - } - val clusterMaxLockRetries = clusterService.clusterSettings.get(MAX_LOCK_RETRIES) - if (clusterMaxLockRetries != null) { - log.debug("$LOG_PREFIX:$MAX_LOCK_RETRIES_KEY -autoUpdatedTo-> $clusterMaxLockRetries") - maxLockRetries = clusterMaxLockRetries - } - val clusterAdminAccess = clusterService.clusterSettings.get(ADMIN_ACCESS) - if (clusterAdminAccess != null) { - log.debug("$LOG_PREFIX:$ADMIN_ACCESS_KEY -autoUpdatedTo-> $clusterAdminAccess") - adminAccess = AdminAccess.valueOf(clusterAdminAccess) - } - val clusterFilterBy = clusterService.clusterSettings.get(FILTER_BY) - if (clusterFilterBy != null) { - log.debug("$LOG_PREFIX:$FILTER_BY_KEY -autoUpdatedTo-> $clusterFilterBy") - filterBy = FilterBy.valueOf(clusterFilterBy) - } - val clusterIgnoredRoles = clusterService.clusterSettings.get(IGNORED_ROLES) - if (clusterIgnoredRoles != null) { - log.debug("$LOG_PREFIX:$IGNORE_ROLE_KEY -autoUpdatedTo-> $clusterIgnoredRoles") - ignoredRoles = clusterIgnoredRoles - } - } - - /** - * adds Settings update listeners to all settings. - * @param clusterService cluster service instance - */ - fun addSettingsUpdateConsumer(clusterService: ClusterService) { - updateSettingValuesFromLocal(clusterService) - // Update the variables to cluster setting values - // If the cluster is not yet started then we get default values again - updateSettingValuesFromCluster(clusterService) - - clusterService.clusterSettings.addSettingsUpdateConsumer(OPERATION_TIMEOUT_MS) { - operationTimeoutMs = it - log.info("$LOG_PREFIX:$OPERATION_TIMEOUT_MS_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(DEFAULT_ITEMS_QUERY_COUNT) { - defaultItemsQueryCount = it - log.info("$LOG_PREFIX:$DEFAULT_ITEMS_QUERY_COUNT_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(JOB_LOCK_DURATION_S) { - jobLockDurationSeconds = it - log.info("$LOG_PREFIX:$JOB_LOCK_DURATION_S_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(MIN_POLLING_DURATION_S) { - minPollingDurationSeconds = it - log.info("$LOG_PREFIX:$MIN_POLLING_DURATION_S_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(MAX_POLLING_DURATION_S) { - maxPollingDurationSeconds = it - log.info("$LOG_PREFIX:$MAX_POLLING_DURATION_S_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(MAX_LOCK_RETRIES) { - maxLockRetries = it - log.info("$LOG_PREFIX:$MAX_LOCK_RETRIES_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(ADMIN_ACCESS) { - adminAccess = AdminAccess.valueOf(it) - log.info("$LOG_PREFIX:$ADMIN_ACCESS_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(FILTER_BY) { - filterBy = FilterBy.valueOf(it) - log.info("$LOG_PREFIX:$FILTER_BY_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(IGNORED_ROLES) { - ignoredRoles = it - log.info("$LOG_PREFIX:$IGNORE_ROLE_KEY -updatedTo-> $it") - } - } -} diff --git a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/PluginSettings.kt b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/PluginSettings.kt index d2d21945..481e440c 100644 --- a/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/PluginSettings.kt +++ b/reports-scheduler/src/main/kotlin/org/opensearch/reportsscheduler/settings/PluginSettings.kt @@ -27,8 +27,6 @@ package org.opensearch.reportsscheduler.settings -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREFIX -import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.PLUGIN_NAME import org.apache.logging.log4j.LogManager import org.opensearch.bootstrap.BootstrapInfo import org.opensearch.cluster.service.ClusterService @@ -36,6 +34,8 @@ import org.opensearch.common.settings.Setting import org.opensearch.common.settings.Setting.Property.Dynamic import org.opensearch.common.settings.Setting.Property.NodeScope import org.opensearch.common.settings.Settings +import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.LOG_PREFIX +import org.opensearch.reportsscheduler.ReportsSchedulerPlugin.Companion.PLUGIN_NAME import java.io.IOException import java.nio.file.Path @@ -44,6 +44,8 @@ import java.nio.file.Path */ internal object PluginSettings { + private lateinit var clusterService: ClusterService + /** * Settings Key prefix for this plugin. */ @@ -54,16 +56,6 @@ internal object PluginSettings { */ private const val GENERAL_KEY_PREFIX = "$KEY_PREFIX.general" - /** - * Polling settings Key prefix. - */ - private const val POLLING_KEY_PREFIX = "$KEY_PREFIX.polling" - - /** - * Access settings Key prefix. - */ - private const val ACCESS_KEY_PREFIX = "$KEY_PREFIX.access" - /** * Operation timeout for network operations. */ @@ -75,39 +67,14 @@ internal object PluginSettings { private const val DEFAULT_ITEMS_QUERY_COUNT_KEY = "$GENERAL_KEY_PREFIX.defaultItemsQueryCount" /** - * Setting to choose Job lock duration. - */ - private const val JOB_LOCK_DURATION_S_KEY = "$POLLING_KEY_PREFIX.jobLockDurationSeconds" - - /** - * Setting to choose Minimum polling duration. - */ - private const val MIN_POLLING_DURATION_S_KEY = "$POLLING_KEY_PREFIX.minPollingDurationSeconds" - - /** - * Setting to choose Maximum polling duration. - */ - private const val MAX_POLLING_DURATION_S_KEY = "$POLLING_KEY_PREFIX.maxPollingDurationSeconds" - - /** - * Setting to choose Maximum number of retries to try locking. - */ - private const val MAX_LOCK_RETRIES_KEY = "$POLLING_KEY_PREFIX.maxLockRetries" - - /** - * Setting to choose admin access restriction. - */ - private const val ADMIN_ACCESS_KEY = "$ACCESS_KEY_PREFIX.adminAccess" - - /** - * Setting to choose filter method. + * Legacy Alerting plugin filter_by_backend_roles setting. */ - private const val FILTER_BY_KEY = "$ACCESS_KEY_PREFIX.filterBy" + private const val LEGACY_FILTER_BY_BACKEND_ROLES_KEY = "opendistro.alerting.filter_by_backend_roles" /** - * Setting to choose ignored roles for filtering. + * Alerting plugin filter_by_backend_roles setting. */ - private const val IGNORE_ROLE_KEY = "$ACCESS_KEY_PREFIX.ignoreRoles" + private const val FILTER_BY_BACKEND_ROLES_KEY = "plugins.alerting.filter_by_backend_roles" /** * Default operation timeout for network operations. @@ -119,46 +86,6 @@ internal object PluginSettings { */ private const val MINIMUM_OPERATION_TIMEOUT_MS = 100L - /** - * Default Job lock duration. - */ - private const val DEFAULT_JOB_LOCK_DURATION_S = 300 - - /** - * Minimum Job lock duration. - */ - private const val MINIMUM_JOB_LOCK_DURATION_S = 10 - - /** - * Default Minimum polling duration. - */ - private const val DEFAULT_MIN_POLLING_DURATION_S = 300 - - /** - * Minimum Min polling duration. - */ - private const val MINIMUM_MIN_POLLING_DURATION_S = 60 - - /** - * Default Maximum polling duration. - */ - private const val DEFAULT_MAX_POLLING_DURATION_S = 900 - - /** - * Minimum Maximum polling duration. - */ - private const val MINIMUM_MAX_POLLING_DURATION_S = 300 - - /** - * Default number of retries to try locking. - */ - private const val DEFAULT_MAX_LOCK_RETRIES = 4 - - /** - * Minimum number of retries to try locking. - */ - private const val MINIMUM_LOCK_RETRIES = 1 - /** * Default number of items to query. */ @@ -169,24 +96,7 @@ internal object PluginSettings { */ private const val MINIMUM_ITEMS_QUERY_COUNT = 10 - /** - * Default admin access method. - */ - private const val DEFAULT_ADMIN_ACCESS_METHOD = "AllReports" - - /** - * Default filter-by method. - */ - private const val DEFAULT_FILTER_BY_METHOD = "NoFilter" - - /** - * Default filter-by method. - */ - private val DEFAULT_IGNORED_ROLES = listOf("own_index", - "kibana_user", - "reports_full_access", - "reports_read_access", - "reports_instances_read_access") + private const val DECIMAL_RADIX: Int = 10 /** * Operation timeout setting in ms for I/O operations @@ -200,66 +110,6 @@ internal object PluginSettings { @Volatile var defaultItemsQueryCount: Int - /** - * Job lock duration - */ - @Volatile - var jobLockDurationSeconds: Int - - /** - * Minimum polling duration - */ - @Volatile - var minPollingDurationSeconds: Int - - /** - * Maximum polling duration. - */ - @Volatile - var maxPollingDurationSeconds: Int - - /** - * Max number of retries to try locking. - */ - @Volatile - var maxLockRetries: Int - - /** - * admin access method. - */ - @Volatile - var adminAccess: AdminAccess - - /** - * Filter-by method. - */ - @Volatile - var filterBy: FilterBy - - /** - * list of ignored roles. - */ - @Volatile - var ignoredRoles: List - - /** - * Enum for types of admin access - * "Standard" -> Admin user access follows standard user - * "AllReports" -> Admin user with "all_access" role can see all reports of all users. - */ - internal enum class AdminAccess { Standard, AllReports } - - /** - * Enum for types of filterBy options - * NoFilter -> everyone see each other's reports - * User -> reports are visible to only themselves - * Roles -> reports are visible to users having any one of the role of creator - * BackendRoles -> reports are visible to users having any one of the backend role of creator - */ - internal enum class FilterBy { NoFilter, User, Roles, BackendRoles } - - private const val DECIMAL_RADIX: Int = 10 - private val log = LogManager.getLogger(javaClass) private val defaultSettings: Map @@ -278,82 +128,49 @@ internal object PluginSettings { operationTimeoutMs = (settings?.get(OPERATION_TIMEOUT_MS_KEY)?.toLong()) ?: DEFAULT_OPERATION_TIMEOUT_MS defaultItemsQueryCount = (settings?.get(DEFAULT_ITEMS_QUERY_COUNT_KEY)?.toInt()) ?: DEFAULT_ITEMS_QUERY_COUNT_VALUE - jobLockDurationSeconds = (settings?.get(JOB_LOCK_DURATION_S_KEY)?.toInt()) ?: DEFAULT_JOB_LOCK_DURATION_S - minPollingDurationSeconds = (settings?.get(MIN_POLLING_DURATION_S_KEY)?.toInt()) - ?: DEFAULT_MIN_POLLING_DURATION_S - maxPollingDurationSeconds = (settings?.get(MAX_POLLING_DURATION_S_KEY)?.toInt()) - ?: DEFAULT_MAX_POLLING_DURATION_S - maxLockRetries = (settings?.get(MAX_LOCK_RETRIES_KEY)?.toInt()) ?: DEFAULT_MAX_LOCK_RETRIES - adminAccess = AdminAccess.valueOf(settings?.get(ADMIN_ACCESS_KEY) ?: DEFAULT_ADMIN_ACCESS_METHOD) - filterBy = FilterBy.valueOf(settings?.get(FILTER_BY_KEY) ?: DEFAULT_FILTER_BY_METHOD) - ignoredRoles = settings?.getAsList(IGNORE_ROLE_KEY) ?: DEFAULT_IGNORED_ROLES defaultSettings = mapOf( OPERATION_TIMEOUT_MS_KEY to operationTimeoutMs.toString(DECIMAL_RADIX), - DEFAULT_ITEMS_QUERY_COUNT_KEY to defaultItemsQueryCount.toString(DECIMAL_RADIX), - JOB_LOCK_DURATION_S_KEY to jobLockDurationSeconds.toString(DECIMAL_RADIX), - MIN_POLLING_DURATION_S_KEY to minPollingDurationSeconds.toString(DECIMAL_RADIX), - MAX_POLLING_DURATION_S_KEY to maxPollingDurationSeconds.toString(DECIMAL_RADIX), - MAX_LOCK_RETRIES_KEY to maxLockRetries.toString(DECIMAL_RADIX), - ADMIN_ACCESS_KEY to adminAccess.name, - FILTER_BY_KEY to filterBy.name + DEFAULT_ITEMS_QUERY_COUNT_KEY to defaultItemsQueryCount.toString(DECIMAL_RADIX) ) } private val OPERATION_TIMEOUT_MS: Setting = Setting.longSetting( OPERATION_TIMEOUT_MS_KEY, - LegacyPluginSettings.OPERATION_TIMEOUT_MS, + defaultSettings[OPERATION_TIMEOUT_MS_KEY]!!.toLong(), + MINIMUM_OPERATION_TIMEOUT_MS, NodeScope, Dynamic ) private val DEFAULT_ITEMS_QUERY_COUNT: Setting = Setting.intSetting( DEFAULT_ITEMS_QUERY_COUNT_KEY, - LegacyPluginSettings.DEFAULT_ITEMS_QUERY_COUNT, - NodeScope, Dynamic - ) - - private val JOB_LOCK_DURATION_S: Setting = Setting.intSetting( - JOB_LOCK_DURATION_S_KEY, - LegacyPluginSettings.JOB_LOCK_DURATION_S, - NodeScope, Dynamic - ) - - private val MIN_POLLING_DURATION_S: Setting = Setting.intSetting( - MIN_POLLING_DURATION_S_KEY, - LegacyPluginSettings.MIN_POLLING_DURATION_S, - NodeScope, Dynamic - ) - - private val MAX_POLLING_DURATION_S: Setting = Setting.intSetting( - MAX_POLLING_DURATION_S_KEY, - LegacyPluginSettings.MAX_POLLING_DURATION_S, + defaultSettings[DEFAULT_ITEMS_QUERY_COUNT_KEY]!!.toInt(), + MINIMUM_ITEMS_QUERY_COUNT, NodeScope, Dynamic ) - private val MAX_LOCK_RETRIES: Setting = Setting.intSetting( - MAX_LOCK_RETRIES_KEY, - LegacyPluginSettings.MAX_LOCK_RETRIES, - NodeScope, Dynamic - ) - - private val ADMIN_ACCESS: Setting = Setting.simpleString( - ADMIN_ACCESS_KEY, - LegacyPluginSettings.ADMIN_ACCESS, - NodeScope, Dynamic + private val LEGACY_FILTER_BY_BACKEND_ROLES: Setting = Setting.boolSetting( + LEGACY_FILTER_BY_BACKEND_ROLES_KEY, + false, + NodeScope, Dynamic, Setting.Property.Deprecated ) - private val FILTER_BY: Setting = Setting.simpleString( - FILTER_BY_KEY, - LegacyPluginSettings.FILTER_BY, + private val FILTER_BY_BACKEND_ROLES: Setting = Setting.boolSetting( + FILTER_BY_BACKEND_ROLES_KEY, + LEGACY_FILTER_BY_BACKEND_ROLES, NodeScope, Dynamic ) - private val IGNORED_ROLES: Setting> = Setting.listSetting( - IGNORE_ROLE_KEY, - LegacyPluginSettings.IGNORED_ROLES, - { it }, - NodeScope, Dynamic - ) + /** + * Returns true if RBAC is enabled, else false (default false). + */ + fun isRbacEnabled(): Boolean { + return if (clusterService.clusterSettings.get(FILTER_BY_BACKEND_ROLES_KEY) != null) { + return clusterService.clusterSettings.get(FILTER_BY_BACKEND_ROLES) ?: false + } else { + false + } + } /** * Returns list of additional settings available specific to this plugin. @@ -362,14 +179,7 @@ internal object PluginSettings { */ fun getAllSettings(): List> { return listOf(OPERATION_TIMEOUT_MS, - DEFAULT_ITEMS_QUERY_COUNT, - JOB_LOCK_DURATION_S, - MIN_POLLING_DURATION_S, - MAX_POLLING_DURATION_S, - MAX_LOCK_RETRIES, - ADMIN_ACCESS, - FILTER_BY, - IGNORED_ROLES + DEFAULT_ITEMS_QUERY_COUNT ) } @@ -380,13 +190,6 @@ internal object PluginSettings { private fun updateSettingValuesFromLocal(clusterService: ClusterService) { operationTimeoutMs = OPERATION_TIMEOUT_MS.get(clusterService.settings) defaultItemsQueryCount = DEFAULT_ITEMS_QUERY_COUNT.get(clusterService.settings) - jobLockDurationSeconds = JOB_LOCK_DURATION_S.get(clusterService.settings) - minPollingDurationSeconds = MIN_POLLING_DURATION_S.get(clusterService.settings) - maxPollingDurationSeconds = MAX_POLLING_DURATION_S.get(clusterService.settings) - maxLockRetries = MAX_LOCK_RETRIES.get(clusterService.settings) - adminAccess = AdminAccess.valueOf(ADMIN_ACCESS.get(clusterService.settings)) - filterBy = FilterBy.valueOf(FILTER_BY.get(clusterService.settings)) - ignoredRoles = IGNORED_ROLES.get(clusterService.settings) } /** @@ -404,41 +207,6 @@ internal object PluginSettings { log.debug("$LOG_PREFIX:$DEFAULT_ITEMS_QUERY_COUNT_KEY -autoUpdatedTo-> $clusterDefaultItemsQueryCount") defaultItemsQueryCount = clusterDefaultItemsQueryCount } - val clusterJobLockDurationSeconds = clusterService.clusterSettings.get(JOB_LOCK_DURATION_S) - if (clusterJobLockDurationSeconds != null) { - log.debug("$LOG_PREFIX:$JOB_LOCK_DURATION_S_KEY -autoUpdatedTo-> $clusterJobLockDurationSeconds") - jobLockDurationSeconds = clusterJobLockDurationSeconds - } - val clusterMinPollingDurationSeconds = clusterService.clusterSettings.get(MIN_POLLING_DURATION_S) - if (clusterMinPollingDurationSeconds != null) { - log.debug("$LOG_PREFIX:$MIN_POLLING_DURATION_S_KEY -autoUpdatedTo-> $clusterMinPollingDurationSeconds") - minPollingDurationSeconds = clusterMinPollingDurationSeconds - } - val clusterMaxPollingDurationSeconds = clusterService.clusterSettings.get(MAX_POLLING_DURATION_S) - if (clusterMaxPollingDurationSeconds != null) { - log.debug("$LOG_PREFIX:$MAX_POLLING_DURATION_S_KEY -autoUpdatedTo-> $clusterMaxPollingDurationSeconds") - maxPollingDurationSeconds = clusterMaxPollingDurationSeconds - } - val clusterMaxLockRetries = clusterService.clusterSettings.get(MAX_LOCK_RETRIES) - if (clusterMaxLockRetries != null) { - log.debug("$LOG_PREFIX:$MAX_LOCK_RETRIES_KEY -autoUpdatedTo-> $clusterMaxLockRetries") - maxLockRetries = clusterMaxLockRetries - } - val clusterAdminAccess = clusterService.clusterSettings.get(ADMIN_ACCESS) - if (clusterAdminAccess != null) { - log.debug("$LOG_PREFIX:$ADMIN_ACCESS_KEY -autoUpdatedTo-> $clusterAdminAccess") - adminAccess = AdminAccess.valueOf(clusterAdminAccess) - } - val clusterFilterBy = clusterService.clusterSettings.get(FILTER_BY) - if (clusterFilterBy != null) { - log.debug("$LOG_PREFIX:$FILTER_BY_KEY -autoUpdatedTo-> $clusterFilterBy") - filterBy = FilterBy.valueOf(clusterFilterBy) - } - val clusterIgnoredRoles = clusterService.clusterSettings.get(IGNORED_ROLES) - if (clusterIgnoredRoles != null) { - log.debug("$LOG_PREFIX:$IGNORE_ROLE_KEY -autoUpdatedTo-> $clusterIgnoredRoles") - ignoredRoles = clusterIgnoredRoles - } } /** @@ -446,6 +214,7 @@ internal object PluginSettings { * @param clusterService cluster service instance */ fun addSettingsUpdateConsumer(clusterService: ClusterService) { + this.clusterService = clusterService updateSettingValuesFromLocal(clusterService) // Update the variables to cluster setting values // If the cluster is not yet started then we get default values again @@ -459,33 +228,5 @@ internal object PluginSettings { defaultItemsQueryCount = it log.info("$LOG_PREFIX:$DEFAULT_ITEMS_QUERY_COUNT_KEY -updatedTo-> $it") } - clusterService.clusterSettings.addSettingsUpdateConsumer(JOB_LOCK_DURATION_S) { - jobLockDurationSeconds = it - log.info("$LOG_PREFIX:$JOB_LOCK_DURATION_S_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(MIN_POLLING_DURATION_S) { - minPollingDurationSeconds = it - log.info("$LOG_PREFIX:$MIN_POLLING_DURATION_S_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(MAX_POLLING_DURATION_S) { - maxPollingDurationSeconds = it - log.info("$LOG_PREFIX:$MAX_POLLING_DURATION_S_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(MAX_LOCK_RETRIES) { - maxLockRetries = it - log.info("$LOG_PREFIX:$MAX_LOCK_RETRIES_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(ADMIN_ACCESS) { - adminAccess = AdminAccess.valueOf(it) - log.info("$LOG_PREFIX:$ADMIN_ACCESS_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(FILTER_BY) { - filterBy = FilterBy.valueOf(it) - log.info("$LOG_PREFIX:$FILTER_BY_KEY -updatedTo-> $it") - } - clusterService.clusterSettings.addSettingsUpdateConsumer(IGNORED_ROLES) { - ignoredRoles = it - log.info("$LOG_PREFIX:$IGNORE_ROLE_KEY -updatedTo-> $it") - } } } diff --git a/reports-scheduler/src/test/kotlin/org/opensearch/reportsscheduler/rest/ReportDefinitionIT.kt b/reports-scheduler/src/test/kotlin/org/opensearch/reportsscheduler/rest/ReportDefinitionIT.kt index 80b0872d..0bc9b81a 100644 --- a/reports-scheduler/src/test/kotlin/org/opensearch/reportsscheduler/rest/ReportDefinitionIT.kt +++ b/reports-scheduler/src/test/kotlin/org/opensearch/reportsscheduler/rest/ReportDefinitionIT.kt @@ -500,7 +500,7 @@ class ReportDefinitionIT : PluginRestTestCase() { RestStatus.OK.status ) val totalHits = listReportDefinitions.get("totalHits").asInt - Assert.assertEquals(totalHits, 2) + Assert.assertEquals(2, totalHits) val reportDefinitionsList = listReportDefinitions.get("reportDefinitionDetailsList").asJsonArray Assert.assertEquals( reportDefinitionId,