opendistro-for-elasticsearch
diff --git a/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/IndexManagementPlugin.kt‎
Lines changed: 0 additions & 1 deletion b/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/IndexManagementPlugin.kt‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/elasticapi/ElasticExtensions.kt‎
Lines changed: 0 additions & 68 deletions b/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/elasticapi/ElasticExtensions.kt‎
Lines changed: 0 additions & 68 deletions
diff --git a/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/ManagedIndexCoordinator.kt‎
Lines changed: 2 additions & 2 deletions b/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/ManagedIndexCoordinator.kt‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/ManagedIndexRunner.kt‎
Lines changed: 1 addition & 24 deletions b/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/ManagedIndexRunner.kt‎
Lines changed: 1 addition & 24 deletions
diff --git a/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/model/ISMTemplate.kt‎
Lines changed: 3 additions & 13 deletions b/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/model/ISMTemplate.kt‎
Lines changed: 3 additions & 13 deletions
diff --git a/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/model/ManagedIndexConfig.kt‎
Lines changed: 2 additions & 17 deletions b/‎src/main/kotlin/com/amazon/opendistroforelasticsearch/indexmanagement/indexstatemanagement/model/ManagedIndexConfig.kt‎
Lines changed: 2 additions & 17 deletions
@@ -224,7 +224,6 @@ internal class IndexManagementPlugin : JobSchedulerExtension, NetworkPlugin, Act
             .registerNamedXContentRegistry(xContentRegistry)
             .registerScriptService(scriptService)
             .registerSettings(settings)
-            .registerThreadPool(threadPool)
             .registerConsumers() // registerConsumers must happen after registerSettings/clusterService
         val rollupRunner = RollupRunner
             .registerClient(client)
 
@@ -17,17 +17,11 @@
 
 package com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi
 
-import com.amazon.opendistroforelasticsearch.commons.InjectSecurity
-import com.amazon.opendistroforelasticsearch.commons.authuser.User
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model.ISMTemplate
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model.Policy
 import com.amazon.opendistroforelasticsearch.indexmanagement.util.NO_ID
 import com.amazon.opendistroforelasticsearch.jobscheduler.spi.utils.LockService
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.ThreadContextElement
 import kotlinx.coroutines.delay
-import kotlinx.coroutines.withContext
-import org.apache.logging.log4j.LogManager
 import org.apache.logging.log4j.Logger
 import org.elasticsearch.ElasticsearchException
 import org.elasticsearch.ExceptionsHelper
@@ -36,9 +30,7 @@ import org.elasticsearch.action.bulk.BackoffPolicy
 import org.elasticsearch.action.support.DefaultShardOperationFailedException
 import org.elasticsearch.client.ElasticsearchClient
 import org.elasticsearch.common.bytes.BytesReference
-import org.elasticsearch.common.settings.Settings
 import org.elasticsearch.common.unit.TimeValue
-import org.elasticsearch.common.util.concurrent.ThreadContext
 import org.elasticsearch.common.xcontent.LoggingDeprecationHandler
 import org.elasticsearch.common.xcontent.NamedXContentRegistry
 import org.elasticsearch.common.xcontent.ToXContent
@@ -54,7 +46,6 @@ import org.elasticsearch.rest.RestStatus
 import org.elasticsearch.transport.RemoteTransportException
 import java.io.IOException
 import java.time.Instant
-import kotlin.coroutines.CoroutineContext
 import kotlin.coroutines.resume
 import kotlin.coroutines.resumeWithException
 import kotlin.coroutines.suspendCoroutine
@@ -89,13 +80,6 @@ fun XContentBuilder.optionalTimeField(name: String, instant: Instant?): XContent
     return this.timeField(name, "${name}_in_millis", instant.toEpochMilli())
 }
 
-fun XContentBuilder.optionalUserField(name: String, user: User?): XContentBuilder {
-    if (user == null) {
-        return nullField(name)
-    }
-    return this.field(name, user)
-}
-
 fun XContentBuilder.optionalISMTemplateField(name: String, ismTemplate: ISMTemplate?): XContentBuilder {
     if (ismTemplate == null) {
         return nullField(name)
@@ -203,55 +187,3 @@ fun <T> XContentParser.parseWithType(
     ensureExpectedToken(Token.END_OBJECT, this.nextToken(), this)
     return parsed
 }
-
-val log = LogManager.getLogger("IndexManagementElasticExtention")
-const val INDEX_MANAGEMENT_PLUGIN_INTERNAL = "index_management_plugin_internal"
-/**
- * @param internalReq: used as flag to indicate if the request is from
- * outside user or plugin runner. if the value of this element is true
- * then we will not update user object.
- */
-class InjectorContextElement(
-    private val id: String,
-    settings: Settings,
-    private val threadContext: ThreadContext,
-    private val roles: List<String>?,
-    private val internalReq: Boolean = false
-) : ThreadContextElement<Unit> {
-
-    companion object Key : CoroutineContext.Key<InjectorContextElement>
-    override val key: CoroutineContext.Key<*>
-        get() = Key
-
-    var rolesInjectorHelper = InjectSecurity(id, settings, threadContext)
-
-    override fun updateThreadContext(context: CoroutineContext) {
-        rolesInjectorHelper.injectRoles(roles)
-        if (threadContext.getTransient<Boolean>(INDEX_MANAGEMENT_PLUGIN_INTERNAL) != internalReq) {
-            threadContext.putTransient(INDEX_MANAGEMENT_PLUGIN_INTERNAL, internalReq)
-            log.debug("Job [$id], rollup internal request: $internalReq;" +
-                " Thread: ${Thread.currentThread().name}")
-        } else {
-            log.error("Job [$id], rollup internal request [$internalReq] not cleaned up;" +
-                " Thread: ${Thread.currentThread().name}")
-        }
-    }
-
-    override fun restoreThreadContext(context: CoroutineContext, oldState: Unit) {
-        rolesInjectorHelper.close()
-        log.debug("Job [$id], rollup internal request cleaned: " +
-            "${threadContext.getTransient<Boolean>(INDEX_MANAGEMENT_PLUGIN_INTERNAL)};" +
-            " Thread: ${Thread.currentThread().name}")
-    }
-}
-
-suspend fun <T> withCloseableContext(
-    context: CoroutineContext,
-    block: suspend CoroutineScope.() -> T
-): T {
-    try {
-        return withContext(context) { block() }
-    } finally {
-        (context[InjectorContextElement.Key] as InjectorContextElement).rolesInjectorHelper.close()
-    }
-}
@@ -290,9 +290,9 @@ class ManagedIndexCoordinator(
                 val indexUuid = indexMetadatas[index].indexUUID
                 val ismTemplate = templates[policyID]
                 if (indexUuid != null && ismTemplate != null) {
-                    logger.info("index [$index] will be managed by policy [$policyID] of roles [${ismTemplate.user?.roles}]")
+                    logger.info("Index [$index] will be managed by policy [$policyID]")
                     updateManagedIndexReqs.add(
-                        managedIndexConfigIndexRequest(index, indexUuid, policyID, jobInterval, ismTemplate.user)
+                        managedIndexConfigIndexRequest(index, indexUuid, policyID, jobInterval)
                     )
                 } else {
                     logger.warn("Index [$index] has index uuid [$indexUuid] and/or " +
 
@@ -16,7 +16,6 @@
 package com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement
 
 import com.amazon.opendistroforelasticsearch.indexmanagement.IndexManagementPlugin.Companion.INDEX_MANAGEMENT_INDEX
-import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.InjectorContextElement
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.action.Action
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.convertToMap
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.parseWithType
@@ -26,7 +25,6 @@ import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagemen
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.retry
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.string
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.suspendUntil
-import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.withCloseableContext
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model.ManagedIndexConfig
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model.ManagedIndexMetaData
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model.Policy
@@ -102,7 +100,6 @@ import org.elasticsearch.rest.RestStatus
 import org.elasticsearch.script.Script
 import org.elasticsearch.script.ScriptService
 import org.elasticsearch.script.TemplateScript
-import org.elasticsearch.threadpool.ThreadPool
 import java.time.Instant
 import java.time.temporal.ChronoUnit
 
@@ -117,7 +114,6 @@ object ManagedIndexRunner : ScheduledJobRunner,
     private lateinit var xContentRegistry: NamedXContentRegistry
     private lateinit var scriptService: ScriptService
     private lateinit var settings: Settings
-    private lateinit var threadPool: ThreadPool
     private var indexStateManagementEnabled: Boolean = DEFAULT_ISM_ENABLED
     @Suppress("MagicNumber")
     private val savePolicyRetryPolicy = BackoffPolicy.exponentialBackoff(TimeValue.timeValueMillis(250), 3)
@@ -172,11 +168,6 @@ object ManagedIndexRunner : ScheduledJobRunner,
         return this
     }
 
-    fun registerThreadPool(threadPool: ThreadPool): ManagedIndexRunner {
-        this.threadPool = threadPool
-        return this
-    }
-
     override fun runJob(job: ScheduledJobParameter, context: JobExecutionContext) {
         if (job !is ManagedIndexConfig) {
             throw IllegalArgumentException("Invalid job type, found ${job.javaClass.simpleName} with id: ${context.jobId}")
@@ -206,17 +197,6 @@ object ManagedIndexRunner : ScheduledJobRunner,
             return
         }
 
-        /*
-         * We need to handle 3 cases:
-         * 1. ISM jobs that are created by older versions and never updated wont have User details in the
-         * job object. `managedIndexConfig.user` will be null. Insert `all_access` role.
-         * 2. ISM jobs that are created when security plugin is disabled will have empty User object.
-         * (`managedIndexConfig.user.name`, `managedIndexConfig.user.roles` are empty )
-         * 3. ISM jobs that are created when security plugin is enabled will have an User object.
-         */
-        val roles = managedIndexConfig.getRoles()
-        logger.debug("Running ISM job: ${managedIndexConfig.name} with roles: $roles Thread: ${Thread.currentThread().name}")
-
         // Get current IndexMetaData and ManagedIndexMetaData
         val indexMetaData = getIndexMetaData(managedIndexConfig.index)
         if (indexMetaData == null) {
@@ -303,10 +283,7 @@ object ManagedIndexRunner : ScheduledJobRunner,
 
         if (updateResult && state != null && action != null && step != null && currentActionMetaData != null) {
             // Step null check is done in getStartingManagedIndexMetaData
-            withCloseableContext(InjectorContextElement(managedIndexConfig.id, settings, threadPool.threadContext, roles)) {
-                step.preExecute(logger).execute().postExecute(logger)
-            }
-
+            step.preExecute(logger).execute().postExecute(logger)
             var executedManagedIndexMetaData = startingManagedIndexMetaData.getCompletedManagedIndexMetaData(action, step)
 
             if (executedManagedIndexMetaData.isFailed) {
 
@@ -15,10 +15,8 @@
 
 package com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model
 
-import com.amazon.opendistroforelasticsearch.commons.authuser.User
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.instant
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.optionalTimeField
-import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.optionalUserField
 import org.apache.logging.log4j.LogManager
 import org.elasticsearch.common.io.stream.StreamInput
 import org.elasticsearch.common.io.stream.StreamOutput
@@ -38,8 +36,7 @@ private val log = LogManager.getLogger(ISMTemplate::class.java)
 data class ISMTemplate(
     val indexPatterns: List<String>,
     val priority: Int,
-    val lastUpdatedTime: Instant,
-    val user: User?
+    val lastUpdatedTime: Instant
 ) : ToXContentObject, Writeable {
 
     init {
@@ -52,39 +49,34 @@ data class ISMTemplate(
             .field(INDEX_PATTERN, indexPatterns)
             .field(PRIORITY, priority)
             .optionalTimeField(LAST_UPDATED_TIME_FIELD, lastUpdatedTime)
-            .optionalUserField(USER_FIELD, user)
             .endObject()
     }
 
     @Throws(IOException::class)
     constructor(sin: StreamInput) : this(
         sin.readStringList(),
         sin.readInt(),
-        sin.readInstant(),
-        sin.readOptionalWriteable(::User)
+        sin.readInstant()
     )
 
     @Throws(IOException::class)
     override fun writeTo(out: StreamOutput) {
         out.writeStringCollection(indexPatterns)
         out.writeInt(priority)
         out.writeInstant(lastUpdatedTime)
-        out.writeOptionalWriteable(user)
     }
 
     companion object {
         const val ISM_TEMPLATE_TYPE = "ism_template"
         const val INDEX_PATTERN = "index_patterns"
         const val PRIORITY = "priority"
         const val LAST_UPDATED_TIME_FIELD = "last_updated_time"
-        const val USER_FIELD = "user"
 
         @Suppress("ComplexMethod")
         fun parse(xcp: XContentParser): ISMTemplate {
             val indexPatterns: MutableList<String> = mutableListOf()
             var priority = 0
             var lastUpdatedTime: Instant? = null
-            var user: User? = null
 
             ensureExpectedToken(Token.START_OBJECT, xcp.currentToken(), xcp)
             while (xcp.nextToken() != Token.END_OBJECT) {
@@ -100,16 +92,14 @@ data class ISMTemplate(
                     }
                     PRIORITY -> priority = if (xcp.currentToken() == Token.VALUE_NULL) 0 else xcp.intValue()
                     LAST_UPDATED_TIME_FIELD -> lastUpdatedTime = xcp.instant()
-                    USER_FIELD -> user = if (xcp.currentToken() == Token.VALUE_NULL) null else User.parse(xcp)
                     else -> throw IllegalArgumentException("Invalid field: [$fieldName] found in ISMTemplate.")
                 }
             }
 
             return ISMTemplate(
                 indexPatterns = indexPatterns,
                 priority = priority,
-                lastUpdatedTime = lastUpdatedTime ?: Instant.now(),
-                user = user
+                lastUpdatedTime = lastUpdatedTime ?: Instant.now()
             )
         }
     }
 
@@ -15,12 +15,9 @@
 
 package com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.model
 
-import com.amazon.opendistroforelasticsearch.commons.authuser.User
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.instant
 import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.optionalTimeField
-import com.amazon.opendistroforelasticsearch.indexmanagement.elasticapi.optionalUserField
 import com.amazon.opendistroforelasticsearch.indexmanagement.indexstatemanagement.util.XCONTENT_WITHOUT_TYPE
-import com.amazon.opendistroforelasticsearch.indexmanagement.util.ALL_ACCESS_ROLE
 import com.amazon.opendistroforelasticsearch.jobscheduler.spi.ScheduledJobParameter
 import com.amazon.opendistroforelasticsearch.jobscheduler.spi.schedule.Schedule
 import com.amazon.opendistroforelasticsearch.jobscheduler.spi.schedule.ScheduleParser
@@ -48,8 +45,7 @@ data class ManagedIndexConfig(
     val policySeqNo: Long?,
     val policyPrimaryTerm: Long?,
     val policy: Policy?,
-    val changePolicy: ChangePolicy?,
-    val user: User?
+    val changePolicy: ChangePolicy?
 ) : ScheduledJobParameter {
 
     init {
@@ -88,18 +84,11 @@ data class ManagedIndexConfig(
                     .field(POLICY_PRIMARY_TERM_FIELD, policyPrimaryTerm)
                     .field(POLICY_FIELD, policy, XCONTENT_WITHOUT_TYPE)
                     .field(CHANGE_POLICY_FIELD, changePolicy)
-                    .optionalUserField(USER_FIELD, user)
                 .endObject()
             .endObject()
         return builder
     }
 
-    fun getRoles(): List<String> {
-        return if (user == null) {
-            ALL_ACCESS_ROLE
-        } else user.roles
-    }
-
     companion object {
         const val MANAGED_INDEX_TYPE = "managed_index"
         const val NO_ID = ""
@@ -115,7 +104,6 @@ data class ManagedIndexConfig(
         const val POLICY_SEQ_NO_FIELD = "policy_seq_no"
         const val POLICY_PRIMARY_TERM_FIELD = "policy_primary_term"
         const val CHANGE_POLICY_FIELD = "change_policy"
-        const val USER_FIELD = "user"
 
         @Suppress("ComplexMethod", "LongMethod")
         @JvmStatic
@@ -139,7 +127,6 @@ data class ManagedIndexConfig(
             var enabled = true
             var policyPrimaryTerm: Long? = SequenceNumbers.UNASSIGNED_PRIMARY_TERM
             var policySeqNo: Long? = SequenceNumbers.UNASSIGNED_SEQ_NO
-            var user: User? = null
 
             ensureExpectedToken(Token.START_OBJECT, xcp.currentToken(), xcp)
             while (xcp.nextToken() != Token.END_OBJECT) {
@@ -167,7 +154,6 @@ data class ManagedIndexConfig(
                     CHANGE_POLICY_FIELD -> {
                         changePolicy = if (xcp.currentToken() == Token.VALUE_NULL) null else ChangePolicy.parse(xcp)
                     }
-                    USER_FIELD -> user = if (xcp.currentToken() == Token.VALUE_NULL) null else User.parse(xcp)
                     else -> throw IllegalArgumentException("Invalid field: [$fieldName] found in ManagedIndexConfig.")
                 }
             }
@@ -193,8 +179,7 @@ data class ManagedIndexConfig(
                 policyPrimaryTerm = policyPrimaryTerm,
                 policy = policy?.copy(seqNo = policySeqNo ?: SequenceNumbers.UNASSIGNED_SEQ_NO,
                     primaryTerm = policyPrimaryTerm ?: SequenceNumbers.UNASSIGNED_PRIMARY_TERM),
-                changePolicy = changePolicy,
-                user = user
+                changePolicy = changePolicy
             )
         }
     }