refactor away from using streams

slobodanadamovic · slobodanadamovic · commit 4d8ea21a9ce6 · 2025-03-12T12:42:54.000+01:00
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/FailureStoreRequestInterceptor.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/interceptor/FailureStoreRequestInterceptor.java
@@ -17,7 +17,6 @@
 import org.elasticsearch.threadpool.ThreadPool;
 import org.elasticsearch.xpack.core.security.authz.accesscontrol.IndicesAccessControl;
 
-import java.util.Arrays;
 import java.util.Map;
 
 public class FailureStoreRequestInterceptor extends FieldAndDocumentLevelSecurityRequestInterceptor {
@@ -32,24 +31,32 @@ void disableFeatures(
         Map<String, IndicesAccessControl.IndexAccessControl> indicesAccessControlByIndex,
         ActionListener<Void> listener
     ) {
-        if (indicesAccessControlByIndex.entrySet()
-            .stream()
-            .anyMatch(iac -> hasFailureStoreSelectorSuffix(iac.getKey()) && hasDlsFlsPermissions(iac.getValue()))) {
-            listener.onFailure(
-                new ElasticsearchSecurityException(
-                    "Failure store access is not allowed for users who have field or document level security enabled on one of the indices",
-                    RestStatus.BAD_REQUEST
-                )
-            );
-        } else {
-            listener.onResponse(null);
+        for (var indexAccessControl : indicesAccessControlByIndex.entrySet()) {
+            if (hasFailureStoreSelectorSuffix(indexAccessControl.getKey()) && hasDlsFlsPermissions(indexAccessControl.getValue())) {
+                listener.onFailure(
+                    new ElasticsearchSecurityException(
+                        "Failure store access is not allowed for users who have "
+                            + "field or document level security enabled on one of the indices",
+                        RestStatus.BAD_REQUEST
+                    )
+                );
+                return;
+            }
         }
+        listener.onResponse(null);
     }
 
     @Override
     boolean supports(IndicesRequest request) {
         // TODO: check if this is the right approach or should we only intercept search requests
-        return request.indicesOptions().allowSelectors() && Arrays.stream(request.indices()).anyMatch(this::hasFailureStoreSelectorSuffix);
+        if (request.indicesOptions().allowSelectors()) {
+            for (String index : request.indices()) {
+                if (hasFailureStoreSelectorSuffix(index)) {
+                    return true;
+                }
+            }
+        }
+        return false;
     }
 
     private boolean hasFailureStoreSelectorSuffix(String name) {
