public DefaultInterClusterRequestEvaluator(final Settings settings) { this.certOid = settings.get(ConfigConstants.SEARCHGUARD_CERT_OID, "1.2.3.4.5.5"); this.nodesDn = settings.getAsList(ConfigConstants.SEARCHGUARD_NODES_DN, Collections.emptyList()); }
private Set<String> resolve(final Settings actionGroups, final String entry) { final Set<String> ret = new HashSet<String>(); // SG5 format, plain array List<String> en = actionGroups.getAsList(entry); if (en.isEmpty()) { // try SG6 format including readonly and permissions key en = actionGroups.getAsList(entry +"." + ConfigConstants.CONFIGKEY_ACTION_GROUPS_PERMISSIONS); } for (String string: en) { if (actionGroups.names().contains(string)) { ret.addAll(resolve(actionGroups,string)); } else { ret.add(string); } } return ret; }
@Override public void fillRoles(User user, AuthCredentials credentials) throws ElasticsearchSecurityException { final Settings cfg = getConfigSettings(); if (cfg == null) { throw new ElasticsearchSecurityException("Internal authentication backend not configured. May be Search Guard is not initialized. See http://docs.search-guard.com/v6/sgadmin"); } final List<String> roles = cfg.getAsList(credentials.getUsername() + ".roles", Collections.emptyList()); if(roles != null && !roles.isEmpty() && user != null) { user.addRoles(roles); } } }
this.irr = irr; this.auditLog = auditLog; final List<String> watchedReadFields = this.settings.getAsList(ConfigConstants.SEARCHGUARD_COMPLIANCE_HISTORY_READ_WATCHED_FIELDS, Collections.emptyList(), false); watchedWriteIndices = settings.getAsList(ConfigConstants.SEARCHGUARD_COMPLIANCE_HISTORY_WRITE_WATCHED_INDICES, Collections.emptyList()); logDiffsForWrite = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_COMPLIANCE_HISTORY_WRITE_LOG_DIFFS, false); logWriteMetadataOnly = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_COMPLIANCE_HISTORY_WRITE_METADATA_ONLY, false); logExternalConfig = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_COMPLIANCE_HISTORY_EXTERNAL_CONFIG_ENABLED, false); logInternalConfig = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_COMPLIANCE_HISTORY_INTERNAL_CONFIG_ENABLED, false); immutableIndicesPatterns = new HashSet<String>(settings.getAsList(ConfigConstants.SEARCHGUARD_COMPLIANCE_IMMUTABLE_INDICES, Collections.emptyList())); final String saltAsString = settings.get(ConfigConstants.SEARCHGUARD_COMPLIANCE_SALT, ConfigConstants.SEARCHGUARD_COMPLIANCE_SALT_DEFAULT); final byte[] saltAsBytes = saltAsString.getBytes(StandardCharsets.UTF_8);
this.injectAdminUserEnabled = settings.getAsBoolean(ConfigConstants.SEARCHGUARD_UNSUPPORTED_INJECT_ADMIN_USER_ENABLED, false); final List<String> adminDnsA = settings.getAsList(ConfigConstants.SEARCHGUARD_AUTHCZ_ADMIN_DN, Collections.emptyList()); allowedImpersonations.putAll(new LdapName(dnString), settings.getAsList(ConfigConstants.SEARCHGUARD_AUTHCZ_IMPERSONATION_DN+"."+dnString)); } catch (final InvalidNameException e) { log.error("Unable to parse allowedImpersonations dn {}",dnString, e); allowedRestImpersonations.putAll(user, settings.getAsList(ConfigConstants.SEARCHGUARD_AUTHCZ_REST_IMPERSONATION_USERS+"."+user));
final Settings roleMapSettings = rolesMapping.getByPrefix(roleMap); if (WildcardMatcher.allPatternsMatched(roleMapSettings.getAsList(".and_backendroles", Collections.emptyList()).toArray(new String[0]), user.getRoles().toArray(new String[0]))) { sgRoles.add(roleMap); continue; if (WildcardMatcher.matchAny(roleMapSettings.getAsList(".backendroles", Collections.emptyList()).toArray(new String[0]), user.getRoles().toArray(new String[0]))) { sgRoles.add(roleMap); continue; if (WildcardMatcher.matchAny(roleMapSettings.getAsList(".users"), user.getName())) { sgRoles.add(roleMap); continue; if (WildcardMatcher.matchAny(roleMapSettings.getAsList(".hosts"), ipAddress)) { sgRoles.add(roleMap); continue; final String hostName = caller.address().getHostString(); if (WildcardMatcher.matchAny(roleMapSettings.getAsList(".hosts"), hostName)) { sgRoles.add(roleMap); continue; if (WildcardMatcher.matchAny(roleMapSettings.getAsList(".hosts"), resolvedHostName)) { sgRoles.add(roleMap); continue;
final Set<String> permittedClusterActions = ah.resolvedActions(sgRoleSettings.getAsList(".cluster", Collections.emptyList())); _sgRole.addClusterPerms(permittedClusterActions); final List<String> fls = settings.getAsList(resolvedRole+".indices."+indexPattern+"._fls_"); final List<String> maskedFields = settings.getAsList(resolvedRole+".indices."+indexPattern+"._masked_fields_"); final List<String> perms = settings.getAsList(resolvedRole+".indices."+indexPattern+"."+type); typePerm.addPerms(ah.resolvedActions(perms)); _indexPattern.addTypePerms(typePerm);
final List<String> roles = cfg.getAsList(credentials.getUsername() + ".roles", Collections.emptyList()); final Settings customAttributes = cfg.getAsSettings(credentials.getUsername() + ".attributes");
final List<String> roles = cfg.getAsList(user.getName() + ".roles", Collections.emptyList());
/** * The values associated with a setting key as an immutable list. * <p> * If commaDelimited is true, it will automatically load a comma separated list under the settingPrefix and merge with * the numbered format. * * @param key The setting key to load the list by * @return The setting list values */ public List<String> getAsList(String key, List<String> defaultValue) throws SettingsException { return getAsList(key, defaultValue, true); }
/** * The values associated with a setting key as an immutable list. * <p> * It will also automatically load a comma separated list under the settingPrefix and merge with * the numbered format. * * @param key The setting key to load the list by * @return The setting list values */ public List<String> getAsList(String key) throws SettingsException { return getAsList(key, Collections.emptyList()); }
@Override String innerGetRaw(final Settings settings) { List<String> array = settings.getAsList(getKey(), null); return array == null ? defaultValue.apply(settings) : arrayToParsableString(array); }
private void setForcedAwarenessAttributes(Settings forceSettings) { Map<String, List<String>> forcedAwarenessAttributes = new HashMap<>(); Map<String, Settings> forceGroups = forceSettings.getAsGroups(); for (Map.Entry<String, Settings> entry : forceGroups.entrySet()) { List<String> aValues = entry.getValue().getAsList("values"); if (aValues.size() > 0) { forcedAwarenessAttributes.put(entry.getKey(), aValues); } } this.forcedAwarenessAttributes = forcedAwarenessAttributes; }
public static CharArraySet parseStemExclusion(Settings settings, CharArraySet defaultStemExclusion) { String value = settings.get("stem_exclusion"); if ("_none_".equals(value)) { return CharArraySet.EMPTY_SET; } List<String> stemExclusion = settings.getAsList("stem_exclusion", null); if (stemExclusion != null) { // LUCENE 4 UPGRADE: Should be settings.getAsBoolean("stem_exclusion_case", false)? return new CharArraySet(stemExclusion, false); } else { return defaultStemExclusion; } }
protected Reader getRulesFromSettings(Environment env) { Reader rulesReader; if (settings.getAsList("synonyms", null) != null) { List<String> rulesList = Analysis.getWordList(env, settings, "synonyms"); StringBuilder sb = new StringBuilder(); for (String line : rulesList) { sb.append(line).append(System.lineSeparator()); } rulesReader = new StringReader(sb.toString()); } else if (settings.get("synonyms_path") != null) { rulesReader = Analysis.getReaderFromFile(env, settings, "synonyms_path"); } else { throw new IllegalArgumentException("synonym requires either `synonyms` or `synonyms_path` to be configured"); } return rulesReader; }
/** * Fetches a list of words from the specified settings file. The list should either be available at the key * specified by <code>settingList</code> or in a file specified by <code>settingPath</code>. * * @throws IllegalArgumentException * If the word list cannot be found at either key. */ public static List<String> getWordList(Environment env, Settings settings, String settingPath, String settingList) { String wordListPath = settings.get(settingPath, null); if (wordListPath == null) { List<String> explicitWordList = settings.getAsList(settingList, null); if (explicitWordList == null) { return null; } else { return explicitWordList; } } final Path path = env.configFile().resolve(wordListPath); try (BufferedReader reader = Files.newBufferedReader(path, StandardCharsets.UTF_8)) { return loadWordList(reader, "#"); } catch (CharacterCodingException ex) { String message = String.format(Locale.ROOT, "Unsupported character encoding detected while reading %s: %s - files must be UTF-8 encoded", settingPath, path.toString()); throw new IllegalArgumentException(message, ex); } catch (IOException ioe) { String message = String.format(Locale.ROOT, "IOException while reading %s: %s", settingPath, path.toString()); throw new IllegalArgumentException(message, ioe); } }
List<String> charFilterNames = analyzerSettings.getAsList("char_filter"); List<CharFilterFactory> charFiltersList = new ArrayList<>(charFilterNames.size()); for (String charFilterName : charFilterNames) { List<String> tokenFilterNames = analyzerSettings.getAsList("filter"); List<TokenFilterFactory> tokenFilterList = new ArrayList<>(tokenFilterNames.size()); for (String tokenFilterName : tokenFilterNames) {
public static CharArraySet parseWords(Environment env, Settings settings, String name, CharArraySet defaultWords, Map<String, Set<?>> namedWords, boolean ignoreCase) { String value = settings.get(name); if (value != null) { if ("_none_".equals(value)) { return CharArraySet.EMPTY_SET; } else { return resolveNamedWords(settings.getAsList(name), namedWords, ignoreCase); } } List<String> pathLoadedWords = getWordList(env, settings, name); if (pathLoadedWords != null) { return resolveNamedWords(pathLoadedWords, namedWords, ignoreCase); } return defaultWords; }
@Override public void diff(Settings.Builder builder, Settings source, Settings defaultSettings) { if (exists(source) == false) { List<String> asList = defaultSettings.getAsList(getKey(), null); if (asList == null) { builder.putList(getKey(), defaultStringValue.apply(defaultSettings)); } else { builder.putList(getKey(), asList); } } } }
final List<String> value = settings.getAsList(key); final String upgradedKey = upgrader.getKey(key); final List<String> upgradedValue = upgrader.getListValue(value);