System indices should be treated as a special set of indices and not be
accessible by all users. The existing security codebase has the notion
of restricted indices, which are currently a subset of system indices.
This change unifies the two concepts by making system indices the set
of restricted indices. This means that going forward, consumers of
system indices will need access to restricted indices.
Our intention is that this will be handled internally as much as
possible. For example, restricted index access can be used implicitly
by setting a valid origin on a request or using a system index plugin.
In these cases, the security module will apply internally defined
privileges when necessary.
The main impact of this change for developers is that system index
deletions will require superuser privileges, so we have to make sure
we are using an admin role for test cleanup.
Closes#69298
Co-authored-by: William Brafford <william.brafford@elastic.co>
Co-authored-by: Albert Zaharovits <albert.zaharovits@elastic.co>
22e9d3719d