diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java index aaa2fbc97246b..73c96c9e85b38 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/FileRolesStoreTests.java @@ -361,7 +361,7 @@ public void testParseFileWithFLSAndDLSDisabled() throws Exception { assertThat(roles.get("role_query_fields"), nullValue()); assertThat(roles.get("role_query_invalid"), nullValue()); - assertThat(events, hasSize(4)); + assertThat(events, hasSize(TcpTransport.isUntrustedRemoteClusterEnabled() ? 4 : 5)); assertThat( events.get(0), startsWith( @@ -394,6 +394,9 @@ public void testParseFileWithFLSAndDLSDisabled() throws Exception { + "]. document and field level security is not enabled." ) ); + if (false == TcpTransport.isUntrustedRemoteClusterEnabled()) { + assertThat(events.get(4), startsWith("failed to parse role [role_remote_indices]. unexpected field [remote_indices]")); + } } public void testParseFileWithFLSAndDLSUnlicensed() throws Exception { diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java index 219ea86f4e522..50bb9535926d2 100644 --- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java +++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStoreTests.java @@ -38,6 +38,7 @@ import org.elasticsearch.test.VersionUtils; import org.elasticsearch.threadpool.TestThreadPool; import org.elasticsearch.threadpool.ThreadPool; +import org.elasticsearch.transport.TcpTransport; import org.elasticsearch.xcontent.ToXContent; import org.elasticsearch.xcontent.XContentBuilder; import org.elasticsearch.xcontent.XContentType; @@ -116,7 +117,7 @@ public void testRoleDescriptorWithFlsDlsLicensing() throws IOException { generateRandomStringArray(5, randomIntBetween(2, 8), true, true), RoleDescriptorTests.randomRoleDescriptorMetadata(ESTestCase.randomBoolean()), null, - RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) + TcpTransport.isUntrustedRemoteClusterEnabled() ? RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) : null ); assertFalse(flsRole.getTransientMetadata().containsKey("unlicensed_features")); @@ -131,7 +132,7 @@ public void testRoleDescriptorWithFlsDlsLicensing() throws IOException { generateRandomStringArray(5, randomIntBetween(2, 8), true, true), RoleDescriptorTests.randomRoleDescriptorMetadata(ESTestCase.randomBoolean()), null, - RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) + TcpTransport.isUntrustedRemoteClusterEnabled() ? RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) : null ); assertFalse(dlsRole.getTransientMetadata().containsKey("unlicensed_features")); @@ -151,7 +152,7 @@ public void testRoleDescriptorWithFlsDlsLicensing() throws IOException { generateRandomStringArray(5, randomIntBetween(2, 8), true, true), RoleDescriptorTests.randomRoleDescriptorMetadata(ESTestCase.randomBoolean()), null, - RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) + TcpTransport.isUntrustedRemoteClusterEnabled() ? RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) : null ); assertFalse(flsDlsRole.getTransientMetadata().containsKey("unlicensed_features")); @@ -164,7 +165,7 @@ public void testRoleDescriptorWithFlsDlsLicensing() throws IOException { generateRandomStringArray(5, randomIntBetween(2, 8), false, true), RoleDescriptorTests.randomRoleDescriptorMetadata(ESTestCase.randomBoolean()), null, - RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) + TcpTransport.isUntrustedRemoteClusterEnabled() ? RoleDescriptorTests.randomRemoteIndicesPrivileges(1, 2) : null ); assertFalse(noFlsDlsRole.getTransientMetadata().containsKey("unlicensed_features"));