Add additional backend roles test cases

[adityaj1107]

Describe the solution you'd like We can add additional backend role test cases for the alerting plugin to test fine grained access control via security plugin. We can find more information on backend roles here:

• https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html
• https://opensearch.org/blog/technical-posts/2020/10/fine-grained-access-control-for-search/

Reference: https://github.com/opensearch-project/alerting/issues/219

[lezzago]

Add trimIndent to the entities Ref to the file this started from: https://github.com/opensearch-project/alerting/pull/303/files#r801173359

[adityaj1107]

Add the test cases for the no_access role.

Ref:

• https://github.com/opensearch-project/alerting/pull/303/files#diff-f7d3b9e9678f71314744864cb464f5c5704aa1be36b217e740d815ac3e4dc8e3R162-R189
• https://github.com/opensearch-project/alerting/pull/303/files#diff-3ac5d82c1f3e79d4c99c92b9ae07f7ce458f1f40da4328ded7f08f9ba022f39dR557-R584

[adityaj1107]

Additional References:

• https://github.com/opensearch-project/alerting/pull/303/files#diff-3ac5d82c1f3e79d4c99c92b9ae07f7ce458f1f40da4328ded7f08f9ba022f39dR532-R557

• https://github.com/opensearch-project/alerting/pull/303/files#diff-3ac5d82c1f3e79d4c99c92b9ae07f7ce458f1f40da4328ded7f08f9ba022f39dR809-R843

[adityaj1107]

Future Improvements:

• We will need to create test scenarios for cross roles accesses for backend roles which we are not validating currently. Breaking tests into smaller more logical grouping (classes).

• See if we can leverage OpenSearchIntegTestCase and create abstraction to run integration tests against a JVM private OpenSearch Cluster.

cc: @getsaurabh02

[qreshi]

Security tests are failing due to a recent change to the assertions and the recommendation is to revert the assertion check back (example run: https://github.com/opensearch-project/alerting/runs/5401010692?check_suite_focus=true)

Current failing assertion:

        } catch (e: AssertionError) {
            assertEquals("Unexpected status", "Expected 403 FORBIDDEN response", e.message)
        }

Old passing assertion:

        } catch (e: ResponseException) {
            assertEquals("Unexpected status", RestStatus.FORBIDDEN, e.response.restStatus())
        }

The reason this wasn't caught when the changes themselves were introduced was because the OpenSearch 1.3.0 snapshot distribution that is used to run these tests was failing for the last couple weeks until recently due to some security plugin bug.

[lezzago]

It seems like the integ tests are flaky

[lezzago]

It seems like the integ tests are flaky

This could be due to the security docker image