apache · DomGarguilo · Feb 20, 2024 · Feb 20, 2024 · Feb 20, 2024 · Feb 21, 2024
diff --git a/src/main/java/org/apache/accumulo/access/AccessEvaluator.java b/src/main/java/org/apache/accumulo/access/AccessEvaluator.java
@@ -19,6 +19,8 @@
 package org.apache.accumulo.access;
 
 import java.util.Collection;
+import java.util.List;
+import java.util.function.Predicate;
 
 /**
  * This class is used to decide if an entity with a given set of authorizations can access
@@ -88,12 +90,18 @@ static AccessEvaluator of(Authorizations authorizations) {
   }
 
   /**
-   * Creates an AccessEvaluator from an Authorizer object
+   * Creates an AccessEvaluator from a Predicate&lt;String&gt;. The Predicate is used to test
+   * whether an authorization seen in an access expression is authorized. The {@code test()} method
+   * of the Predicate will be called with a single authorization as its argument. The Predicate
+   * should return true if the exact String matches an authorization that should be granted access,
+   * and false otherwise.
    *
-   * @param authorizer authorizer to use in the AccessEvaluator
+   * @param authorizer Predicate&lt;String&gt; to use in the AccessEvaluator. This Predicate should
+   *        return true for authorizations that should be granted access, and false for those that
+   *        should not.
    * @return AccessEvaluator object
    */
-  static AccessEvaluator of(Authorizer authorizer) {
+  static AccessEvaluator of(Predicate<String> authorizer) {
     return new AccessEvaluatorImpl(authorizer);
   }
 
@@ -159,13 +167,4 @@ static AccessEvaluator of(String... authorizations) {
     return new AccessEvaluatorImpl(AccessEvaluatorImpl.convert(authorizations));
   }
 
-  /**
-   * An interface that is used to check if an authorization seen in an access expression is
-   * authorized.
-   *
-   * @since 1.0.0
-   */
-  interface Authorizer {
-    boolean isAuthorized(String auth);
-  }
 }
diff --git a/src/main/java/org/apache/accumulo/access/AccessEvaluatorImpl.java b/src/main/java/org/apache/accumulo/access/AccessEvaluatorImpl.java
@@ -74,10 +74,10 @@ static Collection<List<byte[]>> convert(Authorizations authorizations) {
   }
 
   /**
-   * Create an AccessEvaluatorImpl using an Authorizer object
+   * Create an AccessEvaluatorImpl using a Predicate&lt;String&gt;
    */
-  AccessEvaluatorImpl(Authorizer authorizationChecker) {
-    this.authorizedPredicates = List.of(auth -> authorizationChecker.isAuthorized(unescape(auth)));
+  AccessEvaluatorImpl(Predicate<String> authorizationChecker) {
+    this.authorizedPredicates = List.of(auth -> authorizationChecker.test(unescape(auth)));
   }
 
   /**

diff --git a/src/test/java/org/apache/accumulo/access/AccessEvaluatorTest.java b/src/test/java/org/apache/accumulo/access/AccessEvaluatorTest.java
@@ -28,9 +28,9 @@
 import java.io.IOException;
 import java.lang.reflect.Type;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Objects;
-import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -87,8 +87,7 @@ public void runTestCases() throws IOException {
         evaluator = AccessEvaluator.of(testSet.auths[0]);
         runTestCases(testSet, evaluator);
 
-        Set<String> auths = Stream.of(testSet.auths[0]).collect(Collectors.toSet());
-        evaluator = AccessEvaluator.of(auths::contains);
+        evaluator = AccessEvaluator.of(Arrays.asList(testSet.auths[0])::contains);
         runTestCases(testSet, evaluator);
       } else {
         var authSets =