[Snapshot Restore] Migrate to new ES client

x-pack/plugins/snapshot_restore/server/lib/get_managed_policy_names.ts

@@ -5,17 +5,24 @@
  * 2.0.
  */
 
+import type { ElasticsearchClient } from 'src/core/server';
+
 // Cloud has its own system for managing SLM policies and we want to make
 // this clear when Snapshot and Restore is used in a Cloud deployment.
 // Retrieve the Cloud-managed policies so that UI can switch
 // logical paths based on this information.
-export const getManagedPolicyNames = async (callWithInternalUser: any): Promise<string[]> => {
+export const getManagedPolicyNames = async (
+  clusterClient: ElasticsearchClient
+): Promise<string[]> => {
   try {
-    const { persistent, transient, defaults } = await callWithInternalUser('cluster.getSettings', {
-      filterPath: '*.*managed_policies',
-      flatSettings: true,
-      includeDefaults: true,
+    const {
+      body: { persistent, transient, defaults },
+    } = await clusterClient.cluster.getSettings({
+      filter_path: '*.*managed_policies',
+      flat_settings: true,
+      include_defaults: true,
     });
+
     const { 'cluster.metadata.managed_policies': managedPolicyNames = [] } = {
       ...defaults,
       ...persistent,

x-pack/plugins/snapshot_restore/server/lib/get_managed_repository_name.ts

@@ -5,18 +5,22 @@
  * 2.0.
  */
 
+import type { ElasticsearchClient } from 'src/core/server';
+
 // Cloud has its own system for managing snapshots and we want to make
 // this clear when Snapshot and Restore is used in a Cloud deployment.
 // Retrieve the Cloud-managed repository name so that UI can switch
 // logical paths based on this information.
 export const getManagedRepositoryName = async (
-  callWithInternalUser: any
+  client: ElasticsearchClient
 ): Promise<string | undefined> => {
   try {
-    const { persistent, transient, defaults } = await callWithInternalUser('cluster.getSettings', {
-      filterPath: '*.*managed_repository',
-      flatSettings: true,
-      includeDefaults: true,
+    const {
+      body: { persistent, transient, defaults },
+    } = await client.cluster.getSettings({
+      filter_path: '*.*managed_repository',
+      flat_settings: true,
+      include_defaults: true,
     });
     const { 'cluster.metadata.managed_repository': managedRepositoryName = undefined } = {
       ...defaults,

x-pack/plugins/snapshot_restore/server/lib/index.ts

@@ -14,3 +14,4 @@ export { getManagedRepositoryName } from './get_managed_repository_name';
 export { getManagedPolicyNames } from './get_managed_policy_names';
 export { deserializeRestoreShard } from './restore_serialization';
 export { wrapEsError } from './wrap_es_error';
+export { isEsError } from './is_es_error';

x-pack/plugins/snapshot_restore/server/lib/is_es_error.ts

@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const isEsError = (e: Error) => e.name === 'ResponseError';

x-pack/plugins/snapshot_restore/server/plugin.ts

@@ -17,18 +17,11 @@ import {
 import { PLUGIN, APP_REQUIRED_CLUSTER_PRIVILEGES } from '../common';
 import { License } from './services';
 import { ApiRoutes } from './routes';
-import { wrapEsError } from './lib';
-import { isEsError } from './shared_imports';
-import { elasticsearchJsPlugin } from './client/elasticsearch_sr';
-import type { Dependencies, SnapshotRestoreRequestHandlerContext } from './types';
+import { wrapEsError, isEsError } from './lib';
+import { handleEsError } from './shared_imports';
+import type { Dependencies } from './types';
 import { SnapshotRestoreConfig } from './config';
 
-async function getCustomEsClient(getStartServices: CoreSetup['getStartServices']) {
-  const [core] = await getStartServices();
-  const esClientConfig = { plugins: [elasticsearchJsPlugin] };
-  return core.elasticsearch.legacy.createClient('snapshotRestore', esClientConfig);
-}
-
 export class SnapshotRestoreServerPlugin implements Plugin<void, void, any, any> {
   private readonly logger: Logger;
   private readonly apiRoutes: ApiRoutes;
@@ -52,7 +45,7 @@ export class SnapshotRestoreServerPlugin implements Plugin<void, void, any, any>
       return;
     }
 
-    const router = http.createRouter<SnapshotRestoreRequestHandlerContext>();
+    const router = http.createRouter();
 
     this.license.setup(
       {
@@ -82,17 +75,6 @@ export class SnapshotRestoreServerPlugin implements Plugin<void, void, any, any>
       ],
     });
 
-    http.registerRouteHandlerContext<SnapshotRestoreRequestHandlerContext, 'snapshotRestore'>(
-      'snapshotRestore',
-      async (ctx, request) => {
-        this.snapshotRestoreESClient =
-          this.snapshotRestoreESClient ?? (await getCustomEsClient(getStartServices));
-        return {
-          client: this.snapshotRestoreESClient.asScoped(request),
-        };
-      }
-    );
-
     this.apiRoutes.setup({
       router,
       license: this.license,
@@ -103,6 +85,7 @@ export class SnapshotRestoreServerPlugin implements Plugin<void, void, any, any>
       },
       lib: {
         isEsError,
+        handleEsError,
         wrapEsError,
       },
     });

x-pack/plugins/snapshot_restore/server/routes/api/app.ts

@@ -27,12 +27,12 @@ export function registerAppRoutes({
   router,
   config: { isSecurityEnabled },
   license,
-  lib: { isEsError },
+  lib: { isEsError, handleEsError },
 }: RouteDependencies) {
   router.get(
     { path: addBasePath('privileges'), validate: false },
     license.guardApiRoute(async (ctx, req, res) => {
-      const { callAsCurrentUser } = ctx.snapshotRestore!.client;
+      const { client: clusterClient } = ctx.core.elasticsearch;
 
       const privilegesResult: Privileges = {
         hasAllPrivileges: true,
@@ -48,42 +48,36 @@ export function registerAppRoutes({
       }
 
       try {
-        // Get cluster priviliges
-        const { has_all_requested: hasAllPrivileges, cluster } = await callAsCurrentUser(
-          'transport.request',
-          {
-            path: '/_security/user/_has_privileges',
-            method: 'POST',
-            body: {
-              cluster: [...APP_REQUIRED_CLUSTER_PRIVILEGES, ...APP_SLM_CLUSTER_PRIVILEGES],
-            },
-          }
-        );
+        // Get cluster privileges
+        const {
+          body: { has_all_requested: hasAllPrivileges, cluster },
+        } = await clusterClient.asCurrentUser.security.hasPrivileges({
+          body: {
+            cluster: [...APP_REQUIRED_CLUSTER_PRIVILEGES, ...APP_SLM_CLUSTER_PRIVILEGES],
+          },
+        });
 
         // Find missing cluster privileges and set overall app privileges
         privilegesResult.missingPrivileges.cluster = extractMissingPrivileges(cluster);
         privilegesResult.hasAllPrivileges = hasAllPrivileges;
 
         // Get all index privileges the user has
-        const { indices } = await callAsCurrentUser('transport.request', {
-          path: '/_security/user/_privileges',
-          method: 'GET',
-        });
+        const {
+          body: { indices },
+        } = await clusterClient.asCurrentUser.security.getUserPrivileges();
 
         // Check if they have all the required index privileges for at least one index
-        const oneIndexWithAllPrivileges = indices.find(
-          ({ privileges }: { privileges: string[] }) => {
-            if (privileges.includes('all')) {
-              return true;
-            }
+        const oneIndexWithAllPrivileges = indices.find(({ privileges }) => {
+          if (privileges.includes('all')) {
+            return true;
+          }
 
-            const indexHasAllPrivileges = APP_RESTORE_INDEX_PRIVILEGES.every((privilege) =>
-              privileges.includes(privilege)
-            );
+          const indexHasAllPrivileges = APP_RESTORE_INDEX_PRIVILEGES.every((privilege) =>
+            privileges.includes(privilege)
+          );
 
-            return indexHasAllPrivileges;
-          }
-        );
+          return indexHasAllPrivileges;
+        });
 
         // If they don't, return list of required index privileges
         if (!oneIndexWithAllPrivileges) {
@@ -93,10 +87,7 @@ export function registerAppRoutes({
         return res.ok({ body: privilegesResult });
       } catch (e) {
         if (isEsError(e)) {
-          return res.customError({
-            statusCode: e.statusCode,
-            body: e,
-          });
+          return handleEsError({ error: e, response: res });
         }
         // Case: default
         throw e;