diff --git a/src/main/java/org/apache/accumulo/access/AccessEvaluator.java b/src/main/java/org/apache/accumulo/access/AccessEvaluator.java index 1ea4d23..fe0daf0 100644 --- a/src/main/java/org/apache/accumulo/access/AccessEvaluator.java +++ b/src/main/java/org/apache/accumulo/access/AccessEvaluator.java @@ -19,6 +19,8 @@ package org.apache.accumulo.access; import java.util.Collection; +import java.util.List; +import java.util.function.Predicate; /** * This class is used to decide if an entity with a given set of authorizations can access @@ -88,12 +90,18 @@ static AccessEvaluator of(Authorizations authorizations) { } /** - * Creates an AccessEvaluator from an Authorizer object + * Creates an AccessEvaluator from a Predicate<String>. The Predicate is used to test + * whether an authorization seen in an access expression is authorized. The {@code test()} method + * of the Predicate will be called with a single authorization as its argument. The Predicate + * should return true if the exact String matches an authorization that should be granted access, + * and false otherwise. * - * @param authorizer authorizer to use in the AccessEvaluator + * @param authorizer Predicate<String> to use in the AccessEvaluator. This Predicate should + * return true for authorizations that should be granted access, and false for those that + * should not. * @return AccessEvaluator object */ - static AccessEvaluator of(Authorizer authorizer) { + static AccessEvaluator of(Predicate authorizer) { return new AccessEvaluatorImpl(authorizer); } @@ -159,13 +167,4 @@ static AccessEvaluator of(String... authorizations) { return new AccessEvaluatorImpl(AccessEvaluatorImpl.convert(authorizations)); } - /** - * An interface that is used to check if an authorization seen in an access expression is - * authorized. - * - * @since 1.0.0 - */ - interface Authorizer { - boolean isAuthorized(String auth); - } } diff --git a/src/main/java/org/apache/accumulo/access/AccessEvaluatorImpl.java b/src/main/java/org/apache/accumulo/access/AccessEvaluatorImpl.java index a73f627..5dec7ca 100644 --- a/src/main/java/org/apache/accumulo/access/AccessEvaluatorImpl.java +++ b/src/main/java/org/apache/accumulo/access/AccessEvaluatorImpl.java @@ -74,10 +74,10 @@ static Collection> convert(Authorizations authorizations) { } /** - * Create an AccessEvaluatorImpl using an Authorizer object + * Create an AccessEvaluatorImpl using a Predicate<String> */ - AccessEvaluatorImpl(Authorizer authorizationChecker) { - this.authorizedPredicates = List.of(auth -> authorizationChecker.isAuthorized(unescape(auth))); + AccessEvaluatorImpl(Predicate authorizationChecker) { + this.authorizedPredicates = List.of(auth -> authorizationChecker.test(unescape(auth))); } /** diff --git a/src/test/java/org/apache/accumulo/access/AccessEvaluatorTest.java b/src/test/java/org/apache/accumulo/access/AccessEvaluatorTest.java index 8d1c522..49c18f8 100644 --- a/src/test/java/org/apache/accumulo/access/AccessEvaluatorTest.java +++ b/src/test/java/org/apache/accumulo/access/AccessEvaluatorTest.java @@ -28,9 +28,9 @@ import java.io.IOException; import java.lang.reflect.Type; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; import java.util.Objects; -import java.util.Set; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -87,8 +87,7 @@ public void runTestCases() throws IOException { evaluator = AccessEvaluator.of(testSet.auths[0]); runTestCases(testSet, evaluator); - Set auths = Stream.of(testSet.auths[0]).collect(Collectors.toSet()); - evaluator = AccessEvaluator.of(auths::contains); + evaluator = AccessEvaluator.of(Arrays.asList(testSet.auths[0])::contains); runTestCases(testSet, evaluator); } else { var authSets =