From e618c4271102d7c039b6d852bd3d24bf2208ac42 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Mon, 5 Jan 2026 10:33:56 -0500 Subject: [PATCH 1/3] Fix test failure related to change in core to add content-encoding to response headers Signed-off-by: Craig Perkins --- .../java/org/opensearch/security/dlic/dlsfls/DlsTest.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java index 3514dff24b..32f3acd327 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java @@ -120,7 +120,9 @@ public void testDls() throws Exception { Assert.assertTrue(res.getBody().contains("\"value\" : 1,\n \"relation")); Assert.assertTrue(res.getBody().contains("\"failed\" : 0")); - assertThat(res.getHeaders().toString(), res.getHeaders().size(), is(3)); + // Example headers in response [X-OpenSearch-Version: OpenSearch/3.5.0-SNAPSHOT (opensearch), content-type: application/json; + // charset=UTF-8, content-encoding: gzip, content-length: 223] + assertThat(res.getHeaders().toString(), res.getHeaders().size(), is(4)); assertThat( HttpStatus.SC_OK, From b4643b652498afb51b4ec66d407667d65309c352 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Mon, 5 Jan 2026 10:35:25 -0500 Subject: [PATCH 2/3] Add to CHANGELOG Signed-off-by: Craig Perkins --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee9bf1fb44..9f30002744 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - Fix IllegalArgumentException when resolved indices are empty in PrivilegesEvaluator ([#5770](https://github.com/opensearch-project/security/pull/5797)) - Fixes an issue where recursive LDAP role search would fail with a NullPointerException ([#5861](https://github.com/opensearch-project/security/pull/5861)) - Skip hasExplicitIndexPrivilege check for plugin users accessing their own system indices ([#5858](https://github.com/opensearch-project/security/pull/5858)) +- Fix test failure related to change in core to add content-encoding to response headers ([#5897](https://github.com/opensearch-project/security/pull/5897)) ### Refactoring From 1c8935eb6528025ea1cc46744162ad2b64d7cc58 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Mon, 5 Jan 2026 10:57:51 -0500 Subject: [PATCH 3/3] Fix remaining tests Signed-off-by: Craig Perkins --- .../dlsfls/DlsFlsCrossClusterSearchTest.java | 282 +++++++----------- .../security/dlic/dlsfls/DlsTest.java | 229 +++++++------- 2 files changed, 214 insertions(+), 297 deletions(-) diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java index 50bb29427b..44b43d8351 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java @@ -91,7 +91,7 @@ public void testCcs() throws Exception { tc.index( new IndexRequest("twitter").setRefreshPolicy(RefreshPolicy.IMMEDIATE) .id("0") - .source("{\"cluster\": \"" + cl1Info.clustername + "\"}", XContentType.JSON) + .source("{\"cluster\": \"%s\"}".formatted(cl1Info.clustername), XContentType.JSON) ).actionGet(); } @@ -99,49 +99,33 @@ public void testCcs() throws Exception { tc.index( new IndexRequest("twutter").setRefreshPolicy(RefreshPolicy.IMMEDIATE) .id("0") - .source("{\"cluster\": \"" + cl2Info.clustername + "\"}", XContentType.JSON) - ).actionGet(); - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("0") - .source( - "{\"cluster\": \"" - + cl2Info.clustername - + "\"," - + "\"Designation\": \"CEO\"," - + "\"FirstName\": \"__fn__" - + cl2Info.clustername - + "\"," - + "\"LastName\": \"lastname0\"," - + "\"Salary\": \"salary0\"," - + "\"SecretFiled\": \"secret0\"," - + "\"AnotherSecredField\": \"anothersecret0\"," - + "\"XXX\": \"xxx0\"" - + "}", - XContentType.JSON - ) - ).actionGet(); - - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("1") - .source( - "{\"cluster\": \"" - + cl2Info.clustername - + "\"," - + "\"Designation\": \"someoneelse\"," - + "\"FirstName\": \"__fn__" - + cl2Info.clustername - + "\"," - + "\"LastName\": \"lastname1\"," - + "\"Salary\": \"salary1\"," - + "\"SecretFiled\": \"secret1\"," - + "\"AnotherSecredField\": \"anothersecret1\"," - + "\"XXX\": \"xxx1\"" - + "}", - XContentType.JSON - ) + .source("{\"cluster\": \"%s\"}".formatted(cl2Info.clustername), XContentType.JSON) ).actionGet(); + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("0").source(""" + { + "cluster": "%s", + "Designation": "CEO", + "FirstName": "__fn__%s", + "LastName": "lastname0", + "Salary": "salary0", + "SecretFiled": "secret0", + "AnotherSecredField": "anothersecret0", + "XXX": "xxx0" + } + """.formatted(cl2Info.clustername, cl2Info.clustername), XContentType.JSON)).actionGet(); + + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("1").source(""" + { + "cluster": "%s", + "Designation": "someoneelse", + "FirstName": "__fn__%s", + "LastName": "lastname1", + "Salary": "salary1", + "SecretFiled": "secret1", + "AnotherSecredField": "anothersecret1", + "XXX": "xxx1" + } + """.formatted(cl2Info.clustername, cl2Info.clustername), XContentType.JSON)).actionGet(); } @@ -167,7 +151,7 @@ public void testCcs() throws Exception { Assert.assertFalse(body.contains("secret1")); Assert.assertFalse(body.contains("AnotherSecredField")); Assert.assertFalse(body.contains("xxx1")); - assertThat(ccs.getHeaders().toString(), ccs.getHeaders().size(), is(3)); + assertThat(ccs.getHeaders().toString(), ccs.getHeaders().size(), is(4)); } @Test @@ -178,7 +162,7 @@ public void testCcsDifferentConfig() throws Exception { tc.index( new IndexRequest("twitter").setRefreshPolicy(RefreshPolicy.IMMEDIATE) .id("0") - .source("{\"cluster\": \"" + cl1Info.clustername + "\"}", XContentType.JSON) + .source("{\"cluster\": \"%s\"}".formatted(cl1Info.clustername), XContentType.JSON) ).actionGet(); } @@ -186,49 +170,33 @@ public void testCcsDifferentConfig() throws Exception { tc.index( new IndexRequest("twutter").setRefreshPolicy(RefreshPolicy.IMMEDIATE) .id("0") - .source("{\"cluster\": \"" + cl2Info.clustername + "\"}", XContentType.JSON) - ).actionGet(); - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("0") - .source( - "{\"cluster\": \"" - + cl2Info.clustername - + "\"," - + "\"Designation\": \"CEO\"," - + "\"FirstName\": \"__fn__" - + cl2Info.clustername - + "\"," - + "\"LastName\": \"lastname0\"," - + "\"Salary\": \"salary0\"," - + "\"SecretFiled\": \"secret0\"," - + "\"AnotherSecredField\": \"anothersecret0\"," - + "\"XXX\": \"xxx0\"" - + "}", - XContentType.JSON - ) - ).actionGet(); - - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("1") - .source( - "{\"cluster\": \"" - + cl2Info.clustername - + "\"," - + "\"Designation\": \"someoneelse\"," - + "\"FirstName\": \"__fn__" - + cl2Info.clustername - + "\"," - + "\"LastName\": \"lastname1\"," - + "\"Salary\": \"salary1\"," - + "\"SecretFiled\": \"secret1\"," - + "\"AnotherSecredField\": \"anothersecret1\"," - + "\"XXX\": \"xxx1\"" - + "}", - XContentType.JSON - ) + .source("{\"cluster\": \"%s\"}".formatted(cl2Info.clustername), XContentType.JSON) ).actionGet(); + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("0").source(""" + { + "cluster": "%s", + "Designation": "CEO", + "FirstName": "__fn__%s", + "LastName": "lastname0", + "Salary": "salary0", + "SecretFiled": "secret0", + "AnotherSecredField": "anothersecret0", + "XXX": "xxx0" + } + """.formatted(cl2Info.clustername, cl2Info.clustername), XContentType.JSON)).actionGet(); + + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("1").source(""" + { + "cluster": "%s", + "Designation": "someoneelse", + "FirstName": "__fn__%s", + "LastName": "lastname1", + "Salary": "salary1", + "SecretFiled": "secret1", + "AnotherSecredField": "anothersecret1", + "XXX": "xxx1" + } + """.formatted(cl2Info.clustername, cl2Info.clustername), XContentType.JSON)).actionGet(); } @@ -253,7 +221,7 @@ public void testCcsDifferentConfig() throws Exception { Assert.assertTrue(ccs.getBody().contains("__fn__crl2")); Assert.assertFalse(ccs.getBody().contains("secret1")); Assert.assertFalse(ccs.getBody().contains("AnotherSecredField")); - assertThat(ccs.getHeaders().toString(), ccs.getHeaders().size(), is(3)); + assertThat(ccs.getHeaders().toString(), ccs.getHeaders().size(), is(4)); } @Test @@ -264,99 +232,67 @@ public void testCcsDifferentConfigBoth() throws Exception { tc.index( new IndexRequest("twitter").setRefreshPolicy(RefreshPolicy.IMMEDIATE) .id("0") - .source("{\"cluster\": \"" + cl1Info.clustername + "\"}", XContentType.JSON) + .source("{\"cluster\": \"%s\"}".formatted(cl1Info.clustername), XContentType.JSON) ).actionGet(); - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("0") - .source( - "{\"cluster\": \"" - + cl1Info.clustername - + "\"," - + "\"Designation\": \"CEO\"," - + "\"FirstName\": \"__fn__" - + cl1Info.clustername - + "\"," - + "\"LastName\": \"lastname0\"," - + "\"Salary\": \"salary0\"," - + "\"SecretFiled\": \"secret3\"," - + "\"AnotherSecredField\": \"anothersecret3\"," - + "\"XXX\": \"xxx0\"" - + "}", - XContentType.JSON - ) - ).actionGet(); - - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("1") - .source( - "{\"cluster\": \"" - + cl1Info.clustername - + "\"," - + "\"Designation\": \"someoneelse\"," - + "\"FirstName\": \"__fn__" - + cl1Info.clustername - + "\"," - + "\"LastName\": \"lastname1\"," - + "\"Salary\": \"salary1\"," - + "\"SecretFiled\": \"secret4\"," - + "\"AnotherSecredField\": \"anothersecret4\"," - + "\"XXX\": \"xxx1\"" - + "}", - XContentType.JSON - ) - ).actionGet(); + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("0").source(""" + { + "cluster": "%s", + "Designation": "CEO", + "FirstName": "__fn__%s", + "LastName": "lastname0", + "Salary": "salary0", + "SecretFiled": "secret3", + "AnotherSecredField": "anothersecret3", + "XXX": "xxx0" + } + """.formatted(cl1Info.clustername, cl1Info.clustername), XContentType.JSON)).actionGet(); + + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("1").source(""" + { + "cluster": "%s", + "Designation": "someoneelse", + "FirstName": "__fn__%s", + "LastName": "lastname1", + "Salary": "salary1", + "SecretFiled": "secret4", + "AnotherSecredField": "anothersecret4", + "XXX": "xxx1" + } + """.formatted(cl1Info.clustername, cl1Info.clustername), XContentType.JSON)).actionGet(); } try (Client tc = cl2.nodeClient()) { tc.index( new IndexRequest("twutter").setRefreshPolicy(RefreshPolicy.IMMEDIATE) .id("0") - .source("{\"cluster\": \"" + cl2Info.clustername + "\"}", XContentType.JSON) - ).actionGet(); - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("0") - .source( - "{\"cluster\": \"" - + cl2Info.clustername - + "\"," - + "\"Designation\": \"CEO\"," - + "\"FirstName\": \"__fn__" - + cl2Info.clustername - + "\"," - + "\"LastName\": \"lastname0\"," - + "\"Salary\": \"salary0\"," - + "\"SecretFiled\": \"secret0\"," - + "\"AnotherSecredField\": \"anothersecret0\"," - + "\"XXX\": \"xxx0\"" - + "}", - XContentType.JSON - ) - ).actionGet(); - - tc.index( - new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE) - .id("1") - .source( - "{\"cluster\": \"" - + cl2Info.clustername - + "\"," - + "\"Designation\": \"someoneelse\"," - + "\"FirstName\": \"__fn__" - + cl2Info.clustername - + "\"," - + "\"LastName\": \"lastname1\"," - + "\"Salary\": \"salary1\"," - + "\"SecretFiled\": \"secret1\"," - + "\"AnotherSecredField\": \"anothersecret1\"," - + "\"XXX\": \"xxx1\"" - + "}", - XContentType.JSON - ) + .source("{\"cluster\": \"%s\"}".formatted(cl2Info.clustername), XContentType.JSON) ).actionGet(); + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("0").source(""" + { + "cluster": "%s", + "Designation": "CEO", + "FirstName": "__fn__%s", + "LastName": "lastname0", + "Salary": "salary0", + "SecretFiled": "secret0", + "AnotherSecredField": "anothersecret0", + "XXX": "xxx0" + } + """.formatted(cl2Info.clustername, cl2Info.clustername), XContentType.JSON)).actionGet(); + + tc.index(new IndexRequest("humanresources").setRefreshPolicy(RefreshPolicy.IMMEDIATE).id("1").source(""" + { + "cluster": "%s", + "Designation": "someoneelse", + "FirstName": "__fn__%s", + "LastName": "lastname1", + "Salary": "salary1", + "SecretFiled": "secret1", + "AnotherSecredField": "anothersecret1", + "XXX": "xxx1" + } + """.formatted(cl2Info.clustername, cl2Info.clustername), XContentType.JSON)).actionGet(); } @@ -383,6 +319,6 @@ public void testCcsDifferentConfigBoth() throws Exception { Assert.assertFalse(ccs.getBody().contains("secret1")); Assert.assertFalse(ccs.getBody().contains("AnotherSecredField")); Assert.assertTrue(ccs.getBody().contains("someoneelse")); - assertThat(ccs.getHeaders().toString(), ccs.getHeaders().size(), is(3)); + assertThat(ccs.getHeaders().toString(), ccs.getHeaders().size(), is(4)); } } diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java index 32f3acd327..d4eb547a6e 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java @@ -59,14 +59,12 @@ public void testDlsAggregations() throws Exception { setup(); - String query = "{" - + "\"query\" : {" - + "\"match_all\": {}" - + "}," - + "\"aggs\" : {" - + "\"thesum\" : { \"sum\" : { \"field\" : \"amount\" } }" - + "}" - + "}"; + String query = """ + { + "query": {"match_all": {}}, + "aggs": {"thesum": {"sum": {"field": "amount"}}} + } + """; HttpResponse res; assertThat( @@ -138,19 +136,15 @@ public void testDls() throws Exception { Assert.assertTrue(res.getBody().contains("\"value\" : 2,\n \"relation")); Assert.assertTrue(res.getBody().contains("\"failed\" : 0")); - String query = - - "{" - + "\"query\": {" - + "\"range\" : {" - + "\"amount\" : {" - + "\"gte\" : 8," - + "\"lte\" : 20," - + "\"boost\" : 3.0" - + "}" - + "}" - + "}" - + "}"; + String query = """ + { + "query": { + "range": { + "amount": {"gte": 8, "lte": 20, "boost": 3.0} + } + } + } + """; assertThat( HttpStatus.SC_OK, @@ -159,19 +153,15 @@ public void testDls() throws Exception { Assert.assertTrue(res.getBody().contains("\"value\" : 0,\n \"relation")); Assert.assertTrue(res.getBody().contains("\"failed\" : 0")); - query = - - "{" - + "\"query\": {" - + "\"range\" : {" - + "\"amount\" : {" - + "\"gte\" : 100," - + "\"lte\" : 2000," - + "\"boost\" : 2.0" - + "}" - + "}" - + "}" - + "}"; + query = """ + { + "query": { + "range": { + "amount": {"gte": 100, "lte": 2000, "boost": 2.0} + } + } + } + """; assertThat( HttpStatus.SC_OK, @@ -222,14 +212,12 @@ public void testDls() throws Exception { // mget // msearch - String msearchBody = "{\"index\":\"deals\", \"ignore_unavailable\": true}" - + System.lineSeparator() - + "{\"size\":10, \"query\":{\"bool\":{\"must\":{\"match_all\":{}}}}}" - + System.lineSeparator() - + "{\"index\":\"deals\", \"ignore_unavailable\": true}" - + System.lineSeparator() - + "{\"size\":10, \"query\":{\"bool\":{\"must\":{\"match_all\":{}}}}}" - + System.lineSeparator(); + String msearchBody = """ + {"index":"deals", "ignore_unavailable": true} + {"size":10, "query":{"bool":{"must":{"match_all":{}}}}} + {"index":"deals", "ignore_unavailable": true} + {"size":10, "query":{"bool":{"must":{"match_all":{}}}}} + """; assertThat( HttpStatus.SC_OK, @@ -240,18 +228,14 @@ public void testDls() throws Exception { Assert.assertTrue(res.getBody().contains("\"amount\" : 1500")); Assert.assertTrue(res.getBody().contains("\"failed\" : 0")); - String mgetBody = "{" - + "\"docs\" : [" - + "{" - + "\"_index\" : \"deals\"," - + "\"_id\" : \"1\"" - + " }," - + " {" - + "\"_index\" : \"deals\"," - + " \"_id\" : \"2\"" - + "}" - + "]" - + "}"; + String mgetBody = """ + { + "docs": [ + {"_index": "deals", "_id": "1"}, + {"_index": "deals", "_id": "2"} + ] + } + """; assertThat( HttpStatus.SC_OK, @@ -296,20 +280,16 @@ public void testNonDls() throws Exception { setup(); HttpResponse res; - String query = - - "{" - + "\"_source\": false," - + "\"query\": {" - + "\"range\" : {" - + "\"amount\" : {" - + "\"gte\" : 100," - + "\"lte\" : 2000," - + "\"boost\" : 2.0" - + "}" - + "}" - + "}" - + "}"; + String query = """ + { + "_source": false, + "query": { + "range": { + "amount": {"gte": 100, "lte": 2000, "boost": 2.0} + } + } + } + """; assertThat( HttpStatus.SC_OK, @@ -380,30 +360,26 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { // Terms Aggregation // Non-admin user with setting "min_doc_count":0. Expected to get error message "min_doc_count 0 is not supported when DLS is // activated". - String query1 = "{\n" - + " \"size\":0,\n" - + " \"query\":{\n" - + " \"bool\":{\n" - + " \"must\":[\n" - + " {\n" - + " \"range\":{\n" - + " \"amount\":{\"gte\":1,\"lte\":100}\n" - + " }\n" - + " }\n" - + " ]\n" - + " }\n" - + " },\n" - + " \"aggs\":{\n" - + " \"a\": {\n" - + " \"terms\": {\n" - + " \"field\": \"termX\",\n" - + " \"min_doc_count\":0,\n" - + "\"size\": 10,\n" - + "\"order\": { \"_count\": \"desc\" }\n" - + " }\n" - + " }\n" - + " }\n" - + "}"; + String query1 = """ + { + "size": 0, + "query": { + "bool": { + "must": [{"range": {"amount": {"gte": 1, "lte": 100}}}] + } + }, + "aggs": { + "a": { + "terms": { + "field": "termX", + "min_doc_count": 0, + "size": 10, + "order": {"_count": "desc"} + } + } + } + } + """; HttpResponse response1 = rh.executePostRequest("logs*/_search", query1, encodeBasicHeader("dept_manager", "password")); @@ -412,29 +388,25 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { // Non-admin user without setting "min_doc_count". Expected to only have access to buckets for dept_manager excluding E with 0 // doc_count". - String query2 = "{\n" - + " \"size\":0,\n" - + " \"query\":{\n" - + " \"bool\":{\n" - + " \"must\":[\n" - + " {\n" - + " \"range\":{\n" - + " \"amount\":{\"gte\":1,\"lte\":100}\n" - + " }\n" - + " }\n" - + " ]\n" - + " }\n" - + " },\n" - + " \"aggs\":{\n" - + " \"a\": {\n" - + " \"terms\": {\n" - + " \"field\": \"termX\",\n" - + "\"size\": 10,\n" - + "\"order\": { \"_count\": \"desc\" }\n" - + " }\n" - + " }\n" - + " }\n" - + "}"; + String query2 = """ + { + "size": 0, + "query": { + "bool": { + "must": [{"range": {"amount": {"gte": 1, "lte": 100}}}] + } + }, + "aggs": { + "a": { + "terms": { + "field": "termX", + "size": 10, + "order": {"_count": "desc"} + } + } + } + } + """; HttpResponse response2 = rh.executePostRequest("logs*/_search", query2, encodeBasicHeader("dept_manager", "password")); @@ -467,8 +439,9 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { // Significant Text Aggregation is not impacted. // Non-admin user with setting "min_doc_count=0". Expected to only have access to buckets for dept_manager". - String query3 = - "{\"size\":100,\"aggregations\":{\"significant_termX\":{\"significant_terms\":{\"field\":\"termX.keyword\",\"min_doc_count\":0}}}}"; + String query3 = """ + {"size":100,"aggregations":{"significant_termX":{"significant_terms":{"field":"termX.keyword","min_doc_count":0}}}} + """; HttpResponse response5 = rh.executePostRequest("logs*/_search", query3, encodeBasicHeader("dept_manager", "password")); assertThat(response5.getStatusCode(), is(HttpStatus.SC_OK)); @@ -479,7 +452,9 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { Assert.assertFalse(response5.getBody(), response5.getBody().contains("\"termX\":\"E\"")); // Non-admin user without setting "min_doc_count". Expected to only have access to buckets for dept_manager". - String query4 = "{\"size\":100,\"aggregations\":{\"significant_termX\":{\"significant_terms\":{\"field\":\"termX.keyword\"}}}}"; + String query4 = """ + {"size":100,"aggregations":{"significant_termX":{"significant_terms":{"field":"termX.keyword"}}}} + """; HttpResponse response6 = rh.executePostRequest("logs*/_search", query4, encodeBasicHeader("dept_manager", "password")); @@ -512,7 +487,9 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { // Histogram Aggregation is not impacted. // Non-admin user with setting "min_doc_count=0". Expected to only have access to buckets for dept_manager". - String query5 = "{\"size\":100,\"aggs\":{\"amount\":{\"histogram\":{\"field\":\"amount\",\"interval\":1,\"min_doc_count\":0}}}}"; + String query5 = """ + {"size":100,"aggs":{"amount":{"histogram":{"field":"amount","interval":1,"min_doc_count":0}}}} + """; HttpResponse response9 = rh.executePostRequest("logs*/_search", query5, encodeBasicHeader("dept_manager", "password")); @@ -524,7 +501,9 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { Assert.assertFalse(response9.getBody(), response9.getBody().contains("\"termX\":\"E\"")); // Non-admin user without setting "min_doc_count". Expected to only have access to buckets for dept_manager". - String query6 = "{\"size\":100,\"aggs\":{\"amount\":{\"histogram\":{\"field\":\"amount\",\"interval\":1}}}}"; + String query6 = """ + {"size":100,"aggs":{"amount":{"histogram":{"field":"amount","interval":1}}}} + """; HttpResponse response10 = rh.executePostRequest("logs*/_search", query6, encodeBasicHeader("dept_manager", "password")); @@ -557,8 +536,9 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { // Date Histogram Aggregation is not impacted. // Non-admin user with setting "min_doc_count=0". Expected to only have access to buckets for dept_manager". - String query7 = - "{\"size\":100,\"aggs\":{\"timestamp\":{\"date_histogram\":{\"field\":\"timestamp\",\"calendar_interval\":\"month\",\"min_doc_count\":0}}}}"; + String query7 = """ + {"size":100,"aggs":{"timestamp":{"date_histogram":{"field":"timestamp","calendar_interval":"month","min_doc_count":0}}}} + """; HttpResponse response13 = rh.executePostRequest("logs*/_search", query7, encodeBasicHeader("dept_manager", "password")); @@ -570,8 +550,9 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { Assert.assertFalse(response13.getBody(), response13.getBody().contains("\"termX\":\"E\"")); // Non-admin user without setting "min_doc_count". Expected to only have access to buckets for dept_manager". - String query8 = - "{\"size\":100,\"aggs\":{\"timestamp\":{\"date_histogram\":{\"field\":\"timestamp\",\"calendar_interval\":\"month\"}}}}"; + String query8 = """ + {"size":100,"aggs":{"timestamp":{"date_histogram":{"field":"timestamp","calendar_interval":"month"}}}} + """; HttpResponse response14 = rh.executePostRequest("logs*/_search", query8, encodeBasicHeader("dept_manager", "password"));