test changes

Signed-off-by: Prabhas Kurapati <prabhask@berkeley.edu>
prabhask5 · Jul 16, 2024 · 18cd883 · 18cd883
1 parent 8f5dc6f
commit 18cd883
Show file tree

Hide file tree

Showing 4 changed files with 77 additions and 63 deletions.
diff --git a/...tegrationTest/java/org/opensearch/security/api/DefaultApiAvailabilityIntegrationTest.java b/...tegrationTest/java/org/opensearch/security/api/DefaultApiAvailabilityIntegrationTest.java
@@ -16,7 +16,6 @@
 import org.opensearch.test.framework.cluster.TestRestClient;
 
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.core.Is.is;
 import static org.opensearch.security.api.PatchPayloadHelper.patch;
 import static org.opensearch.security.api.PatchPayloadHelper.replaceOp;
 
@@ -93,23 +92,6 @@ private void verifyAuthInfoApi(final TestRestClient client) throws Exception {
 
     }
 
-    @Test
-    public void flushCache() throws Exception {
-        withUser(NEW_USER, client -> {
-            forbidden(() -> client.get(apiPath("cache")));
-            forbidden(() -> client.postJson(apiPath("cache"), EMPTY_BODY));
-            forbidden(() -> client.putJson(apiPath("cache"), EMPTY_BODY));
-            forbidden(() -> client.delete(apiPath("cache")));
-        });
-        withUser(ADMIN_USER_NAME, localCluster.getAdminCertificate(), client -> {
-            notImplemented(() -> client.get(apiPath("cache")));
-            notImplemented(() -> client.postJson(apiPath("cache"), EMPTY_BODY));
-            notImplemented(() -> client.putJson(apiPath("cache"), EMPTY_BODY));
-            final var response = ok(() -> client.delete(apiPath("cache")));
-            assertThat(response.getBody(), response.getTextFromJsonBody("/message"), is("Cache flushed successfully."));
-        });
-    }
-
     @Test
     public void reloadSSLCertsNotAvailable() throws Exception {
         withUser(NEW_USER, client -> {

diff --git a/src/integrationTest/java/org/opensearch/security/api/FlushCacheApiIntegrationTest.java b/src/integrationTest/java/org/opensearch/security/api/FlushCacheApiIntegrationTest.java
@@ -0,0 +1,57 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * The OpenSearch Contributors require contributions made to
+ * this file be licensed under the Apache-2.0 license or a
+ * compatible open source license.
+ *
+ * Modifications Copyright OpenSearch Contributors. See
+ * GitHub history for details.
+ */
+
+package org.opensearch.security.api;
+
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+public class FlushCacheApiIntegrationTest extends AbstractApiIntegrationTest {
+    private final static String TEST_USER = "testuser";
+
+    private String cachePath() {
+        return super.apiPath("cache");
+    }
+
+    private String cachePath(String user) {
+        return super.apiPath("cache", "user", user);
+    }
+
+    @Test
+    public void testFlushCache() throws Exception {
+        withUser(NEW_USER, client -> {
+            forbidden(() -> client.get(cachePath()));
+            forbidden(() -> client.postJson(cachePath(), EMPTY_BODY));
+            forbidden(() -> client.putJson(cachePath(), EMPTY_BODY));
+            forbidden(() -> client.delete(cachePath()));
+            forbidden(() -> client.delete(cachePath(TEST_USER)));
+        });
+        withUser(ADMIN_USER_NAME, localCluster.getAdminCertificate(), client -> {
+            notImplemented(() -> client.get(cachePath()));
+            notImplemented(() -> client.postJson(cachePath(), EMPTY_BODY));
+            notImplemented(() -> client.putJson(cachePath(), EMPTY_BODY));
+            final var deleteAllCacheResponse = ok(() -> client.delete(cachePath()));
+            assertThat(
+                deleteAllCacheResponse.getBody(),
+                deleteAllCacheResponse.getTextFromJsonBody("/message"),
+                is("Cache flushed successfully.")
+            );
+            final var deleteUserCacheResponse = ok(() -> client.delete(cachePath(TEST_USER)));
+            assertThat(
+                deleteUserCacheResponse.getBody(),
+                deleteAllCacheResponse.getTextFromJsonBody("/message"),
+                is("Cache invalidated for user: " + TEST_USER)
+            );
+        });
+    }
+}
diff --git a/src/integrationTest/java/org/opensearch/security/http/LdapAuthenticationCacheTest.java b/src/integrationTest/java/org/opensearch/security/http/LdapAuthenticationCacheTest.java
@@ -13,8 +13,6 @@
 import java.util.Map;
 
 import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope;
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.Test;
@@ -26,7 +24,6 @@
 import org.opensearch.test.framework.AuthzDomain;
 import org.opensearch.test.framework.LdapAuthenticationConfigBuilder;
 import org.opensearch.test.framework.LdapAuthorizationConfigBuilder;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AuthenticationBackend;
@@ -67,8 +64,6 @@
 @ThreadLeakScope(ThreadLeakScope.Scope.NONE)
 public class LdapAuthenticationCacheTest {
 
-    private static final Logger log = LogManager.getLogger(LdapAuthenticationCacheTest.class);
-
     private static final TestSecurityConfig.User ADMIN_USER = new TestSecurityConfig.User("admin").roles(ALL_ACCESS);
 
     private static final TestCertificates TEST_CERTIFICATES = new TestCertificates();
@@ -114,10 +109,9 @@ public class LdapAuthenticationCacheTest {
         )
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .users(ADMIN_USER)
-        .rolesMapping(new RolesMapping(ALL_ACCESS).backendRoles(CN_GROUP_ADMIN))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ALL_ACCESS.getName()).backendRoles(CN_GROUP_ADMIN))
         .authz(
             new AuthzDomain("ldap_roles").httpEnabled(true)
-                .transportEnabled(true)
                 .authorizationBackend(
                     new AuthorizationBackend("ldap").config(
                         () -> new LdapAuthorizationConfigBuilder().hosts(List.of("localhost:" + embeddedLDAPServer.getLdapNonTlsPort()))

diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java
@@ -68,7 +68,7 @@ private void flushCacheApiRequestHandlers(RequestHandler.RequestHandlersBuilder
                 // Extract the username from the request
                 final String username = request.param("username");
                 if (username == null || username.isEmpty()) {
-                    internalSeverError(channel, "No username provided for cache invalidation.");
+                    internalServerError(channel, "No username provided for cache invalidation.");
                     return;
                 }
                 // Validate and handle user-specific cache invalidation
@@ -77,44 +77,25 @@ private void flushCacheApiRequestHandlers(RequestHandler.RequestHandlersBuilder
                 configUpdateRequest = new ConfigUpdateRequest(CType.lcStringValues().toArray(new String[0]));
             }
             client.execute(ConfigUpdateAction.INSTANCE, configUpdateRequest, new ActionListener<>() {
+                @Override
+                public void onResponse(ConfigUpdateResponse configUpdateResponse) {
+                    if (configUpdateResponse.hasFailures()) {
+                        LOGGER.error("Cannot flush cache due to", configUpdateResponse.failures().get(0));
+                        internalServerError(
+                            channel,
+                            "Cannot flush cache due to " + configUpdateResponse.failures().get(0).getMessage() + "."
+                        );
+                        return;
+                    }
+                    LOGGER.debug("cache flushed successfully");
+                    ok(channel, "Cache flushed successfully.");
+                }
 
-                                @Override
-                                public void onResponse(ConfigUpdateResponse configUpdateResponse) {
-                                    if (configUpdateResponse.hasFailures()) {
-                                        LOGGER.error("Cannot flush cache due to", configUpdateResponse.failures().get(0));
-                                        internalSeverError(
-                                            channel,
-                                            "Cannot flush cache due to " + configUpdateResponse.failures().get(0).getMessage() + "."
-                                        );
-                                        return;
-                                    }
-                                    LOGGER.debug("cache flushed successfully");
-                                    ok(channel, "Cache flushed successfully.");
-                                }
-                        @Override
-                        public void onResponse(ConfigUpdateResponse configUpdateResponse) {
-                            if (configUpdateResponse.hasFailures()) {
-                                LOGGER.error("Cannot flush cache due to", configUpdateResponse.failures().get(0));
-                                internalServerError(
-                                    channel,
-                                    "Cannot flush cache due to " + configUpdateResponse.failures().get(0).getMessage() + "."
-                                );
-                                return;
-                            }
-                            LOGGER.debug("cache flushed successfully");
-                            ok(channel, "Cache flushed successfully.");
-                        }
-
-                                @Override
-                                public void onFailure(final Exception e) {
-                                    LOGGER.error("Cannot flush cache due to", e);
-                                    internalSeverError(channel, "Cannot flush cache due to " + e.getMessage() + ".");
-                                }
-                        @Override
-                        public void onFailure(final Exception e) {
-                            LOGGER.error("Cannot flush cache due to", e);
-                            internalServerError(channel, "Cannot flush cache due to " + e.getMessage() + ".");
-                        }
+                @Override
+                public void onFailure(final Exception e) {
+                    LOGGER.error("Cannot flush cache due to", e);
+                    internalServerError(channel, "Cannot flush cache due to " + e.getMessage() + ".");
+                }
 
             });
         });