Security: cleanup code in file stores (#30348)

jaymode · web-flow · commit 5039b9bcb38a · 2018-05-10T13:28:19.000-06:00
This commit cleans up some code in the FileUserPasswdStore and the
FileUserRolesStore classes. The maps used in these classes are volatile
so we need to make sure that we don't perform multiple operations with
the map unless we are sure we are using a reference to the same map.

The maps are also never null, but there were a few null checks in the
code that were not needed. These checks have been removed.
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/file/FileUserPasswdStore.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/file/FileUserPasswdStore.java
@@ -80,7 +80,7 @@ public int usersCount() {
     }
 
     public AuthenticationResult verifyPassword(String username, SecureString password, java.util.function.Supplier<User> user) {
-        char[] hash = users.get(username);
+        final char[] hash = users.get(username);
         if (hash == null) {
             return AuthenticationResult.notHandled();
         }
@@ -91,7 +91,7 @@ public AuthenticationResult verifyPassword(String username, SecureString passwor
     }
 
     public boolean userExists(String username) {
-        return users != null && users.containsKey(username);
+        return users.containsKey(username);
     }
 
     public static Path resolveFile(Environment env) {
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/file/FileUserRolesStore.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/file/FileUserRolesStore.java
@@ -75,11 +75,8 @@ int entriesCount() {
     }
 
     public String[] roles(String username) {
-        if (userRoles == null) {
-            return Strings.EMPTY_ARRAY;
-        }
-        String[] roles = userRoles.get(username);
-        return roles == null ? Strings.EMPTY_ARRAY : userRoles.get(username);
+        final String[] roles = userRoles.get(username);
+        return roles == null ? Strings.EMPTY_ARRAY : roles;
     }
 
     public static Path resolveFile(Environment env) {
@@ -160,11 +157,7 @@ public static Map<String, String[]> parseFile(Path path, @Nullable Logger logger
             }
 
             for (String user : roleUsers) {
-                List<String> roles = userToRoles.get(user);
-                if (roles == null) {
-                    roles = new ArrayList<>();
-                    userToRoles.put(user, roles);
-                }
+                List<String> roles = userToRoles.computeIfAbsent(user, k -> new ArrayList<>());
                 roles.add(role);
             }
         }
@@ -185,11 +178,7 @@ public static void writeFile(Map<String, String[]> userToRoles, Path path) {
         HashMap<String, List<String>> roleToUsers = new HashMap<>();
         for (Map.Entry<String, String[]> entry : userToRoles.entrySet()) {
             for (String role : entry.getValue()) {
-                List<String> users = roleToUsers.get(role);
-                if (users == null) {
-                    users = new ArrayList<>();
-                    roleToUsers.put(role, users);
-                }
+                List<String> users = roleToUsers.computeIfAbsent(role, k -> new ArrayList<>());
                 users.add(entry.getKey());
             }
         }

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,7 @@ public int usersCount() {`
`80`	`80`	`}`
`81`	`81`
`82`	`82`	`public AuthenticationResult verifyPassword(String username, SecureString password, java.util.function.Supplier<User> user) {`
`83`		`- char[] hash = users.get(username);`
	`83`	`+ final char[] hash = users.get(username);`
`84`	`84`	`if (hash == null) {`
`85`	`85`	`return AuthenticationResult.notHandled();`
`86`	`86`	`}`
`@@ -91,7 +91,7 @@ public AuthenticationResult verifyPassword(String username, SecureString passwor`
`91`	`91`	`}`
`92`	`92`
`93`	`93`	`public boolean userExists(String username) {`
`94`		`- return users != null && users.containsKey(username);`
	`94`	`+ return users.containsKey(username);`
`95`	`95`	`}`
`96`	`96`
`97`	`97`	`public static Path resolveFile(Environment env) {`
Original file line number	Diff line number	Diff line change
`@@ -75,11 +75,8 @@ int entriesCount() {`
`75`	`75`	`}`
`76`	`76`
`77`	`77`	`public String[] roles(String username) {`
`78`		`- if (userRoles == null) {`
`79`		`- return Strings.EMPTY_ARRAY;`
`80`		`- }`
`81`		`- String[] roles = userRoles.get(username);`
`82`		`- return roles == null ? Strings.EMPTY_ARRAY : userRoles.get(username);`
	`78`	`+ final String[] roles = userRoles.get(username);`
	`79`	`+ return roles == null ? Strings.EMPTY_ARRAY : roles;`
`83`	`80`	`}`
`84`	`81`
`85`	`82`	`public static Path resolveFile(Environment env) {`
`@@ -160,11 +157,7 @@ public static Map<String, String[]> parseFile(Path path, @Nullable Logger logger`
`160`	`157`	`}`
`161`	`158`
`162`	`159`	`for (String user : roleUsers) {`
`163`		`- List<String> roles = userToRoles.get(user);`
`164`		`- if (roles == null) {`
`165`		`- roles = new ArrayList<>();`
`166`		`- userToRoles.put(user, roles);`
`167`		`- }`
	`160`	`+ List<String> roles = userToRoles.computeIfAbsent(user, k -> new ArrayList<>());`
`168`	`161`	`roles.add(role);`
`169`	`162`	`}`
`170`	`163`	`}`
`@@ -185,11 +178,7 @@ public static void writeFile(Map<String, String[]> userToRoles, Path path) {`
`185`	`178`	`HashMap<String, List<String>> roleToUsers = new HashMap<>();`
`186`	`179`	`for (Map.Entry<String, String[]> entry : userToRoles.entrySet()) {`
`187`	`180`	`for (String role : entry.getValue()) {`
`188`		`- List<String> users = roleToUsers.get(role);`
`189`		`- if (users == null) {`
`190`		`- users = new ArrayList<>();`
`191`		`- roleToUsers.put(role, users);`
`192`		`- }`
	`181`	`+ List<String> users = roleToUsers.computeIfAbsent(role, k -> new ArrayList<>());`
`193`	`182`	`users.add(entry.getKey());`
`194`	`183`	`}`
`195`	`184`	`}`