[#1228] review:

* use supplier of exceptions in ThingCommandEnforcement to not build exception when not needed Signed-off-by: Thomas Jaeckle <thomas.jaeckle@bosch.io>
eclipse-ditto · Dec 15, 2021 · 48efa0a · 48efa0a
1 parent bf49535
commit 48efa0a
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/...rc/main/java/org/eclipse/ditto/concierge/service/enforcement/ThingCommandEnforcement.java b/...rc/main/java/org/eclipse/ditto/concierge/service/enforcement/ThingCommandEnforcement.java
@@ -28,6 +28,7 @@
 import java.util.concurrent.CompletionStage;
 import java.util.function.BiFunction;
 import java.util.function.Function;
+import java.util.function.Supplier;
 import java.util.stream.Collectors;
 
 import javax.annotation.Nullable;
@@ -946,12 +947,12 @@ static <T extends ThingCommand<T>> T authorizeByPolicyOrThrow(final Enforcer pol
 
         final var condition = dittoHeaders.getCondition();
         if (!(command instanceof CreateThing) && condition.isPresent()) {
-            enforceReadPermissionOnCondition(condition.get(), policyEnforcer, dittoHeaders,
+            enforceReadPermissionOnCondition(condition.get(), policyEnforcer, dittoHeaders, () ->
                     ThingConditionFailedException.newBuilderForInsufficientPermission(dittoHeaders).build());
         }
         final var liveChannelCondition = dittoHeaders.getLiveChannelCondition();
         if ((command instanceof ThingQueryCommand) && liveChannelCondition.isPresent()) {
-            enforceReadPermissionOnCondition(liveChannelCondition.get(), policyEnforcer, dittoHeaders,
+            enforceReadPermissionOnCondition(liveChannelCondition.get(), policyEnforcer, dittoHeaders, () ->
                     ThingConditionFailedException.newBuilderForInsufficientLiveChannelPermission(dittoHeaders).build());
         }
 
@@ -965,14 +966,14 @@ static <T extends ThingCommand<T>> T authorizeByPolicyOrThrow(final Enforcer pol
     private static void enforceReadPermissionOnCondition(final String condition,
             final Enforcer policyEnforcer,
             final DittoHeaders dittoHeaders,
-            final DittoRuntimeException exception) {
+            final Supplier<DittoRuntimeException> exceptionSupplier) {
 
         final var authorizationContext = dittoHeaders.getAuthorizationContext();
         final var rootNode = tryParseRqlCondition(condition, dittoHeaders);
         final var resourceKeys = determineResourceKeys(rootNode, dittoHeaders);
 
         if (!policyEnforcer.hasUnrestrictedPermissions(resourceKeys, authorizationContext, Permission.READ)) {
-            throw exception;
+            throw exceptionSupplier.get();
         }
     }