Unit tests for index and cluster privileges #50867
Labels
:Security/Authorization
Roles, Privileges, DLS/FLS, RBAC/ABAC
Team:Security
Meta label for security team
>test
Issues or PRs that are addressing/adding tests
Lately, see #50489 (comment) and #50643 we've learned that we miss unit test cases for index and cluster privileges. Right now we test them in the integ tests ,
IndexPrivilegeTests
andClusterPrivilegeTests
, but we need to test which actions a privilege grants without having to start a cluster node and create a role and an user; these tests are more suited for a mix of privileges/roles to test the full authorization mechanism.I think we need a new class of tests, modeled after the
AuthorizationServiceTests
, where we can pick on every privilege and every index (and cluster) action.The text was updated successfully, but these errors were encountered: