replace Optional<String> with boolean

slobodanadamovic · slobodanadamovic · commit f07cd23f8631 · 2025-09-05T22:50:21.000+02:00
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/PreAuthorizationUtils.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/PreAuthorizationUtils.java
@@ -23,7 +23,6 @@
 
 import java.util.Arrays;
 import java.util.Map;
-import java.util.Optional;
 import java.util.Set;
 
 public final class PreAuthorizationUtils {
@@ -120,15 +119,15 @@ private static boolean shouldPreAuthorizeChildActionOfParent(final String parent
     public static boolean shouldRemoveParentAuthorizationFromThreadContext(
         String childAction,
         SecurityContext securityContext,
-        Optional<String> remoteClusterAlias
+        boolean isRemoteClusterRequest
     ) {
         final ParentActionAuthorization parentAuthorization = securityContext.getParentAuthorization();
         if (parentAuthorization == null) {
             // Nothing to remove.
             return false;
         }
 
-        if (remoteClusterAlias.isPresent()) {
+        if (isRemoteClusterRequest) {
             // We never want to send the parent authorization header to remote clusters.
             return true;
         }
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptor.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/transport/SecurityServerTransportInterceptor.java
@@ -146,7 +146,11 @@ public <T extends TransportResponse> void sendRequest(
                 assertNoCrossClusterAccessHeadersInContext();
                 final Optional<String> remoteClusterAlias = remoteClusterCredentialsResolver.apply(connection)
                     .map(RemoteClusterAliasWithCredentials::clusterAlias);
-                if (PreAuthorizationUtils.shouldRemoveParentAuthorizationFromThreadContext(action, securityContext, remoteClusterAlias)) {
+                if (PreAuthorizationUtils.shouldRemoveParentAuthorizationFromThreadContext(
+                    action,
+                    securityContext,
+                    remoteClusterAlias.isPresent()
+                )) {
                     securityContext.executeAfterRemovingParentAuthorization(original -> {
                         sendRequestInner(
                             sender,
diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/PreAuthorizationUtilsTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/PreAuthorizationUtilsTests.java
@@ -24,8 +24,6 @@
 import org.elasticsearch.xpack.core.security.user.User;
 import org.elasticsearch.xpack.security.authz.RBACEngine.RBACAuthorizationInfo;
 
-import java.util.Optional;
-
 import static org.elasticsearch.xpack.core.security.test.TestRestrictedIndices.RESTRICTED_INDICES;
 import static org.elasticsearch.xpack.security.authz.PreAuthorizationUtils.maybeSkipChildrenActionAuthorization;
 import static org.elasticsearch.xpack.security.authz.PreAuthorizationUtils.shouldRemoveParentAuthorizationFromThreadContext;
@@ -73,7 +71,7 @@ public void testShouldRemoveParentAuthorizationFromThreadContext() {
             shouldRemoveParentAuthorizationFromThreadContext(
                 randomWhitelistedChildAction(parentAction),
                 securityContextWithParentAuthorization,
-                Optional.empty()
+                false
             ),
             equalTo(false)
         );
@@ -83,7 +81,7 @@ public void testShouldRemoveParentAuthorizationFromThreadContext() {
             shouldRemoveParentAuthorizationFromThreadContext(
                 randomWhitelistedChildAction(parentAction),
                 new SecurityContext(Settings.EMPTY, new ThreadContext(Settings.EMPTY)),
-                Optional.ofNullable(randomBoolean() ? "my_remote_cluster" : null)
+                randomBoolean()
             ),
             equalTo(false)
         );
@@ -94,7 +92,7 @@ public void testShouldRemoveParentAuthorizationFromThreadContext() {
             shouldRemoveParentAuthorizationFromThreadContext(
                 randomWhitelistedChildAction(parentAction),
                 securityContextWithParentAuthorization,
-                Optional.of("my_remote_cluster")
+                true
             ),
             equalTo(true)
         );
@@ -106,7 +104,7 @@ public void testShouldRemoveParentAuthorizationFromThreadContext() {
             shouldRemoveParentAuthorizationFromThreadContext(
                 randomAlphaOfLengthBetween(3, 8),
                 securityContextWithParentAuthorization,
-                Optional.ofNullable(randomBoolean() ? "my_remote_cluster" : null)
+                randomBoolean()
             ),
             equalTo(true)
         );
