Skip to content

Commit

Permalink
Removed unnecessary parameter
Browse files Browse the repository at this point in the history 
Signed-off-by: Nils Bandener <nils.bandener@eliatra.com>
  • Loading branch information
@nibix
nibix committed Oct 30, 2024
1 parent 1fef11b commit c474bf7
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 17 deletions.
16 changes: 8 additions & 8 deletions src/main/java/org/opensearch/security/privileges/ActionPrivileges.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -429,7 +429,7 @@ PrivilegesEvaluatorResponse providesPrivilege(PrivilegesEvaluationContext contex
}
}

return PrivilegesEvaluatorResponse.insufficient(action, context);
return PrivilegesEvaluatorResponse.insufficient(action);
}

/**
Expand Down Expand Up @@ -462,7 +462,7 @@ PrivilegesEvaluatorResponse providesExplicitPrivilege(PrivilegesEvaluationContex
}
}

return PrivilegesEvaluatorResponse.insufficient(action, context);
return PrivilegesEvaluatorResponse.insufficient(action);
}

/**
Expand Down Expand Up @@ -499,9 +499,9 @@ PrivilegesEvaluatorResponse providesAnyPrivilege(PrivilegesEvaluationContext con
}

if (actions.size() == 1) {
return PrivilegesEvaluatorResponse.insufficient(actions.iterator().next(), context);
return PrivilegesEvaluatorResponse.insufficient(actions.iterator().next());
} else {
return PrivilegesEvaluatorResponse.insufficient("any of " + actions, context);
return PrivilegesEvaluatorResponse.insufficient("any of " + actions);
}
}
}
Expand Down Expand Up @@ -781,10 +781,10 @@ PrivilegesEvaluatorResponse providesPrivilege(
Set<String> availableIndices = checkTable.getCompleteRows();

if (!availableIndices.isEmpty()) {
return PrivilegesEvaluatorResponse.partiallyOk(availableIndices, checkTable, context).evaluationExceptions(exceptions);
return PrivilegesEvaluatorResponse.partiallyOk(availableIndices, checkTable).evaluationExceptions(exceptions);
}

return PrivilegesEvaluatorResponse.insufficient(checkTable, context)
return PrivilegesEvaluatorResponse.insufficient(checkTable)
.reason(
resolvedIndices.getAllIndices().size() == 1
? "Insufficient permissions for the referenced index"
Expand Down Expand Up @@ -829,7 +829,7 @@ PrivilegesEvaluatorResponse providesExplicitPrivilege(
List<PrivilegesEvaluationException> exceptions = new ArrayList<>();

if (!CollectionUtils.containsAny(actions, this.explicitlyRequiredIndexActions)) {
return PrivilegesEvaluatorResponse.insufficient(CheckTable.create(ImmutableSet.of("_"), actions), context);
return PrivilegesEvaluatorResponse.insufficient(CheckTable.create(ImmutableSet.of("_"), actions));
}

for (String role : context.getMappedRoles()) {
Expand All @@ -856,7 +856,7 @@ PrivilegesEvaluatorResponse providesExplicitPrivilege(
}
}

return PrivilegesEvaluatorResponse.insufficient(checkTable, context)
return PrivilegesEvaluatorResponse.insufficient(checkTable)
.reason("No explicit privileges have been provided for the referenced indices.")
.evaluationExceptions(exceptions);
}
Expand Down
4 changes: 2 additions & 2 deletions src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,7 @@ public PrivilegesEvaluatorResponse evaluate(PrivilegesEvaluationContext context)
if (isClusterPerm(action0)) {
if (serviceAccountUser) {
log.info("{} is a service account which doesn't have access to cluster level permission: {}", user, action0);
return PrivilegesEvaluatorResponse.insufficient(action0, context);
return PrivilegesEvaluatorResponse.insufficient(action0);
}

presponse = actionPrivileges.hasClusterPrivilege(context, action0);
Expand Down Expand Up @@ -520,7 +520,7 @@ public PrivilegesEvaluatorResponse evaluate(PrivilegesEvaluationContext context)
if (!replaceResult.continueEvaluation) {
if (replaceResult.accessDenied) {
auditLog.logMissingPrivileges(action0, request, task);
return PrivilegesEvaluatorResponse.insufficient(action0, context);
return PrivilegesEvaluatorResponse.insufficient(action0);
} else {
presponse.allowed = true;
presponse.createIndexRequestBuilder = replaceResult.createIndexRequestBuilder;
Expand Down
10 changes: 3 additions & 7 deletions src/main/java/org/opensearch/security/privileges/PrivilegesEvaluatorResponse.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,25 +178,21 @@ public static PrivilegesEvaluatorResponse ok() {

public static PrivilegesEvaluatorResponse partiallyOk(
Set<String> availableIndices,
CheckTable<String, String> indexToActionCheckTable,
PrivilegesEvaluationContext context
CheckTable<String, String> indexToActionCheckTable
) {
PrivilegesEvaluatorResponse response = new PrivilegesEvaluatorResponse();
response.onlyAllowedForIndices = ImmutableSet.copyOf(availableIndices);
response.indexToActionCheckTable = indexToActionCheckTable;
return response;
}

public static PrivilegesEvaluatorResponse insufficient(String missingPrivilege, PrivilegesEvaluationContext context) {
public static PrivilegesEvaluatorResponse insufficient(String missingPrivilege) {
PrivilegesEvaluatorResponse response = new PrivilegesEvaluatorResponse();
response.indexToActionCheckTable = CheckTable.create(ImmutableSet.of("_"), ImmutableSet.of(missingPrivilege));
return response;
}

public static PrivilegesEvaluatorResponse insufficient(
CheckTable<String, String> indexToActionCheckTable,
PrivilegesEvaluationContext context
) {
public static PrivilegesEvaluatorResponse insufficient(CheckTable<String, String> indexToActionCheckTable) {
PrivilegesEvaluatorResponse response = new PrivilegesEvaluatorResponse();
response.indexToActionCheckTable = indexToActionCheckTable;
return response;
Expand Down

0 comments on commit c474bf7

Please sign in to comment.