Assert

Author: n1v0lg

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/accesscontrol/IndicesAccessControl.java

@@ -13,7 +13,6 @@
 import org.elasticsearch.common.util.Maps;
 import org.elasticsearch.common.util.set.Sets;
 import org.elasticsearch.core.Nullable;
-import org.elasticsearch.core.Tuple;
 import org.elasticsearch.xpack.core.security.authz.IndicesAndAliasesResolverField;
 import org.elasticsearch.xpack.core.security.authz.permission.DocumentPermissions;
 import org.elasticsearch.xpack.core.security.authz.permission.FieldPermissions;
@@ -62,13 +61,10 @@ protected IndicesAccessControl(IndicesAccessControl copy) {
      */
     @Nullable
     public IndexAccessControl getIndexPermissions(String index) {
-        Tuple<String, String> indexAndSelector = IndexNameExpressionResolver.splitSelectorExpression(index);
-        return this.getAllIndexPermissions()
-            .get(
-                IndexComponentSelector.FAILURES.equals(IndexComponentSelector.getByKey(indexAndSelector.v2()))
-                    ? index
-                    : indexAndSelector.v1()
-            );
+        assert false == IndexNameExpressionResolver.hasSelectorSuffix(index)
+            || IndexNameExpressionResolver.hasSelector(index, IndexComponentSelector.FAILURES)
+            : "index name [" + index + "] cannot have explicit selector other than ::failures";
+        return getAllIndexPermissions().get(index);
     }
 
     public boolean hasIndexPermissions(String index) {

x-pack/plugin/security/qa/security-trial/src/javaRestTest/java/org/elasticsearch/xpack/security/failurestore/FailureStoreSecurityRestIT.java

@@ -418,7 +418,7 @@ public void testFailureStoreAccess() throws Exception {
 
         // search data
         {
-            var request = new Search("test1");
+            var request = new Search(randomFrom("test1::data", "test1"));
             for (var user : users) {
                 switch (user) {
                     case DATA_ACCESS, STAR_READ_ONLY_ACCESS, BOTH_ACCESS: