diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java index d51191f3b9..288a8eac0e 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java @@ -57,8 +57,6 @@ import org.opensearch.security.dlic.rest.validation.AbstractConfigurationValidator.ErrorType; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.securityconf.DynamicConfigFactory; -import org.opensearch.security.securityconf.Hideable; -import org.opensearch.security.securityconf.StaticDefinable; import org.opensearch.security.securityconf.impl.CType; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; import org.opensearch.security.ssl.transport.PrincipalExtractor; @@ -588,23 +586,13 @@ protected void notImplemented(RestChannel channel, Method method) { } protected final boolean isReserved(SecurityDynamicConfiguration configuration, String resourceName) { - if (isStatic(configuration, resourceName)) { // static is also always reserved - return true; - } - - final Object o = configuration.getCEntry(resourceName); - return o != null && o instanceof Hideable && ((Hideable) o).isReserved(); + return configuration.isStatic(resourceName) || configuration.isReserved(resourceName); } protected final boolean isHidden(SecurityDynamicConfiguration configuration, String resourceName) { return configuration.isHidden(resourceName) && !isSuperAdmin(); } - protected final boolean isStatic(SecurityDynamicConfiguration configuration, String resourceName) { - final Object o = configuration.getCEntry(resourceName); - return o != null && o instanceof StaticDefinable && ((StaticDefinable) o).isStatic(); - } - /** * Consume all defined parameters for the request. Before we handle the * request in subclasses where we actually need the parameter, some global @@ -636,7 +624,7 @@ protected boolean isSuperAdmin() { * @return True if resource readonly */ protected boolean isReadOnly(final SecurityDynamicConfiguration existingConfiguration, String name) { - return isSuperAdmin() ? false : isReserved(existingConfiguration, name); + return !isSuperAdmin() && isReserved(existingConfiguration, name); } /** diff --git a/src/main/java/org/opensearch/security/securityconf/impl/SecurityDynamicConfiguration.java b/src/main/java/org/opensearch/security/securityconf/impl/SecurityDynamicConfiguration.java index 285dec5d10..e86eed779c 100644 --- a/src/main/java/org/opensearch/security/securityconf/impl/SecurityDynamicConfiguration.java +++ b/src/main/java/org/opensearch/security/securityconf/impl/SecurityDynamicConfiguration.java @@ -40,9 +40,6 @@ import com.fasterxml.jackson.databind.JsonNode; import org.opensearch.ExceptionsHelper; -import org.opensearch.common.bytes.BytesReference; -import org.opensearch.common.xcontent.XContentHelper; -import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.ToXContent; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.security.DefaultObjectMapper; @@ -216,11 +213,6 @@ public boolean exists(String key) { return centries.containsKey(key); } - @JsonIgnore - public BytesReference toBytesReference() throws IOException { - return XContentHelper.toXContent(this, XContentType.JSON, false); - } - @Override public String toString() { return "SecurityDynamicConfiguration [seqNo=" @@ -322,7 +314,19 @@ public boolean containsAny(SecurityDynamicConfiguration other) { public boolean isHidden(String resourceName) { final Object o = centries.get(resourceName); - return o != null && o instanceof Hideable && ((Hideable) o).isHidden(); + return o instanceof Hideable && ((Hideable) o).isHidden(); + } + + @JsonIgnore + public boolean isStatic(final String resourceName) { + final Object o = centries.get(resourceName); + return o instanceof StaticDefinable && ((StaticDefinable) o).isStatic(); + } + + @JsonIgnore + public boolean isReserved(final String resourceName) { + final Object o = centries.get(resourceName); + return o instanceof Hideable && ((Hideable) o).isReserved(); } }