use stream() for the final OPTIONAL check

Vladimir Kotal · Vladimir Kotal · commit 13048b5439f2 · 2020-11-24T12:34:23.000+01:00
diff --git a/opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/AuthorizationStack.java b/opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/AuthorizationStack.java
@@ -28,6 +28,7 @@
 import java.util.Locale;
 import java.util.Map;
 import java.util.TreeMap;
+import java.util.function.Predicate;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -219,7 +220,7 @@ protected boolean processStack(Nameable entity,
             PluginDecisionPredicate pluginPredicate,
             PluginSkippingPredicate skippingPredicate) {
 
-        Boolean overallDecision = null;
+        boolean overallDecision = true;
         boolean optionalFailure = false;
 
         if (getStack().isEmpty()) {
@@ -253,14 +254,9 @@ protected boolean processStack(Nameable entity,
                     break;
                 } else if (!entityDecision && authEntity.isOptional()) {
                     optionalFailure = true;
-                } else if (entityDecision && authEntity.isSufficient()) {
+                } else if (overallDecision && entityDecision && authEntity.isSufficient()) {
                     // sufficient immediately returns the success
-                    if ((overallDecision == null) || overallDecision) {
-                        overallDecision = true;
-                        break;
-                    }
-                } else if (overallDecision == null && entityDecision) {
-                    overallDecision = true;
+                    break;
                 }
             } catch (AuthorizationException ex) {
                 // Propagate up so that proper HTTP error can be given.
@@ -292,14 +288,12 @@ protected boolean processStack(Nameable entity,
             }
         }
 
-        if (overallDecision == null && optionalFailure) {
+        if (optionalFailure &&
+                getStack().stream().filter(AuthorizationEntity::isOptional).count() == 1 &&
+                getStack().stream().filter(Predicate.not(AuthorizationEntity::isOptional)).findAny().isEmpty()) {
             return false;
         }
 
-        if (overallDecision == null) {
-            return true;
-        }
-
         return overallDecision;
     }
 
diff --git a/opengrok-indexer/src/test/java/org/opengrok/indexer/authorization/AuthorizationFrameworkTest.java b/opengrok-indexer/src/test/java/org/opengrok/indexer/authorization/AuthorizationFrameworkTest.java
@@ -716,7 +716,7 @@ public static StackSetup[][] params() {
                     NewTest(true, createUnallowedProject()),
                     NewTest(true, createUnallowedGroup()),
                     // optional plugin1 returns true
-                    // optional plugin2 returns false
+                    // optional plugin2 returns false => true
                     NewTest(true, createAllowedProject()),
                     NewTest(true, createAllowedGroup()))
             },
