Add support for SearchTemplateRequest while resolving request #1678
Description
Security plugin doesn't support SearchTemplateRequest while resolving request/index permissions
This causes permissions to be evaluated against all(*) here- https://github.com/opensearch-project/security/blob/1.1/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java#L310-L312
Hence, a user/role with permissions limited to specific indices sees 403s when a search template request is used.
Currently available workaround is to use the following permissions-
- indices:data/read/search/template action for * (all indices)
- read action for specific index
Example request-
POST /<index>/_search/template
{<template>}
logs-
[] Resolve aliases, indices and types from SearchTemplateRequest
[] getOrReplaceAllIndices() for class org.opensearch.script.mustache.SearchTemplateRequest
[] class org.opensearch.script.mustache.SearchTemplateRequest not supported (It is likely not a indices related request)
[] Finally resolved for SearchTemplateRequest: Resolved [aliases=[*], allIndices=[*], types=[*], originalRequested=[*], remoteIndices=[]]
[] RequestedResolved : Resolved [aliases=[*], allIndices=[*], types=[*], originalRequested=[*], remoteIndices=[]]