diff --git a/src/main/java/org/opensearch/security/privileges/ActionPrivileges.java b/src/main/java/org/opensearch/security/privileges/ActionPrivileges.java index 6066a62725..dcb6cded2d 100644 --- a/src/main/java/org/opensearch/security/privileges/ActionPrivileges.java +++ b/src/main/java/org/opensearch/security/privileges/ActionPrivileges.java @@ -1026,11 +1026,7 @@ PrivilegesEvaluatorResponse providesExplicitPrivilege( } } return PrivilegesEvaluatorResponse.insufficient(checkTable) - .reason( - resolvedIndices.getAllIndices().size() == 1 - ? "Insufficient permissions for the referenced index" - : "None of " + resolvedIndices.getAllIndices().size() + " referenced indices has sufficient permissions" - ) + .reason("No explicit privileges have been provided for the referenced indices.") .evaluationExceptions(exceptions); } diff --git a/src/test/java/org/opensearch/security/action/apitokens/ApiTokenAuthenticatorTest.java b/src/test/java/org/opensearch/security/action/apitokens/ApiTokenAuthenticatorTest.java index 9dd2270dcb..b6c5e0b0f1 100644 --- a/src/test/java/org/opensearch/security/action/apitokens/ApiTokenAuthenticatorTest.java +++ b/src/test/java/org/opensearch/security/action/apitokens/ApiTokenAuthenticatorTest.java @@ -120,7 +120,8 @@ public void testExtractCredentialsFailWhenTokenIsExpired() { AuthCredentials ac = authenticator.extractCredentials(request, threadcontext); assertNull("Should return null when JTI is expired", ac); - verify(log).debug(eq("Invalid or expired JWT token."), any(ExpiredJwtException.class)); + verify(log).debug(eq("Invalid or expired api token."), any(ExpiredJwtException.class)); + } @Test @@ -183,7 +184,6 @@ public void testAuthenticatorNotEnabled() { Settings settings = Settings.builder() .put("enabled", "false") .put("signing_key", "U3VwZXJTZWNyZXRLZXlUaGF0SXNFeGFjdGx5NjRCeXRlc0xvbmdBbmRXaWxsV29ya1dpdGhIUzUxMkFsZ29yaXRobSEhCgo=") - .put("encryption_key", "MTIzNDU2Nzg5MDEyMzQ1Ng==") .build(); ThreadContext threadContext = new ThreadContext(settings);