rework file entitlement

rjernst · Jan 13, 2025 · 2ca136e · 2ca136e
1 parent 264d1c2
commit 2ca136e
Showing 1 changed file with 9 additions and 51 deletions.
diff --git a/...titlement/src/main/java/org/elasticsearch/entitlement/runtime/policy/FileEntitlement.java b/...titlement/src/main/java/org/elasticsearch/entitlement/runtime/policy/FileEntitlement.java
@@ -9,62 +9,20 @@
 
 package org.elasticsearch.entitlement.runtime.policy;
 
-import java.util.List;
-import java.util.Objects;
+import java.util.Locale;
 
 /**
- * Describes a file entitlement with a path and actions.
+ * Describes a file entitlement with a path and mode.
  */
-public class FileEntitlement implements Entitlement {
+public record FileEntitlement(String path, Mode mode) implements Entitlement {
 
-    public static final int READ_ACTION = 0x1;
-    public static final int WRITE_ACTION = 0x2;
-
-    public static final String READ = "read";
-    public static final String WRITE = "write";
-
-    private final String path;
-    private final int actions;
-
-    @ExternalEntitlement(parameterNames = { "path", "actions" }, esModulesOnly = false)
-    public FileEntitlement(String path, List<String> actionsList) {
-        this.path = path;
-        int actionsInt = 0;
-
-        for (String actionString : actionsList) {
-            if (READ.equals(actionString)) {
-                if ((actionsInt & READ_ACTION) == READ_ACTION) {
-                    throw new IllegalArgumentException("file action [read] specified multiple times");
-                }
-                actionsInt |= READ_ACTION;
-            } else if (WRITE.equals(actionString)) {
-                if ((actionsInt & WRITE_ACTION) == WRITE_ACTION) {
-                    throw new IllegalArgumentException("file action [write] specified multiple times");
-                }
-                actionsInt |= WRITE_ACTION;
-            } else {
-                throw new IllegalArgumentException("unknown file action [" + actionString + "]");
-            }
-        }
-
-        this.actions = actionsInt;
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-        FileEntitlement that = (FileEntitlement) o;
-        return actions == that.actions && Objects.equals(path, that.path);
-    }
-
-    @Override
-    public int hashCode() {
-        return Objects.hash(path, actions);
+    public enum Mode {
+        READ,
+        READ_WRITE
     }
 
-    @Override
-    public String toString() {
-        return "FileEntitlement{" + "path='" + path + '\'' + ", actions=" + actions + '}';
+    @ExternalEntitlement(parameterNames = { "path", "mode" }, esModulesOnly = false)
+    public FileEntitlement(String path, String mode) {
+        this(path, Mode.valueOf(mode.toUpperCase(Locale.ROOT)));
     }
 }