Add asserts and comments about keeping BACKWARDS_COMPATIBLE_ONLY in only special cases

gwbrown · gwbrown · commit 8bd9f816e332 · 2021-07-14T14:21:10.000-06:00
diff --git a/server/src/main/java/org/elasticsearch/cluster/metadata/IndexNameExpressionResolver.java b/server/src/main/java/org/elasticsearch/cluster/metadata/IndexNameExpressionResolver.java
@@ -748,7 +748,10 @@ boolean isPatternMatchingAllIndices(Metadata metadata, String[] indicesOrAliases
     }
 
     public SystemIndexAccessLevel getSystemIndexAccessLevel() {
-        return systemIndices.getSystemIndexAccessLevel(threadContext);
+        final SystemIndexAccessLevel accessLevel = systemIndices.getSystemIndexAccessLevel(threadContext);
+        assert accessLevel != SystemIndexAccessLevel.BACKWARDS_COMPATIBLE_ONLY
+            : "BACKWARDS_COMPATIBLE_ONLY access level should never be used automatically, it should only be used in known special cases";
+        return accessLevel;
     }
 
     public Predicate<String> getSystemIndexAccessPredicate() {
diff --git a/server/src/main/java/org/elasticsearch/indices/SystemIndices.java b/server/src/main/java/org/elasticsearch/indices/SystemIndices.java
@@ -351,6 +351,7 @@ public SystemDataStreamDescriptor validateDataStreamAccess(String dataStreamName
                 .orElseThrow(() -> new IllegalStateException("system data stream descriptor not found for [" + dataStreamName + "]"));
             if (dataStreamDescriptor.isExternal()) {
                 final SystemIndexAccessLevel accessLevel = getSystemIndexAccessLevel(threadContext);
+                assert accessLevel != SystemIndexAccessLevel.BACKWARDS_COMPATIBLE_ONLY : "BACKWARDS_COMPATIBLE access level is leaking";
                 if (accessLevel == SystemIndexAccessLevel.NONE) {
                     throw dataStreamAccessException(null, dataStreamName);
                 } else if (accessLevel == SystemIndexAccessLevel.RESTRICTED) {
@@ -409,6 +410,8 @@ IllegalArgumentException dataStreamAccessException(@Nullable String product, Str
      * {@link SystemIndexAccessLevel#NONE} if no system index access should be allowed.
      */
     public SystemIndexAccessLevel getSystemIndexAccessLevel(ThreadContext threadContext) {
+        // This method intentionally cannot return BACKWARDS_COMPATIBLE_ONLY - that access level should only be used manually
+        // in known special cases.
         final String headerValue = threadContext.getHeader(SYSTEM_INDEX_ACCESS_CONTROL_HEADER_KEY);
         final String productHeaderValue = threadContext.getHeader(EXTERNAL_SYSTEM_INDEX_ACCESS_CONTROL_HEADER_KEY);
 

Original file line number	Diff line number	Diff line change
`@@ -748,7 +748,10 @@ boolean isPatternMatchingAllIndices(Metadata metadata, String[] indicesOrAliases`
`748`	`748`	`}`
`749`	`749`
`750`	`750`	`public SystemIndexAccessLevel getSystemIndexAccessLevel() {`
`751`		`- return systemIndices.getSystemIndexAccessLevel(threadContext);`
	`751`	`+ final SystemIndexAccessLevel accessLevel = systemIndices.getSystemIndexAccessLevel(threadContext);`
	`752`	`+ assert accessLevel != SystemIndexAccessLevel.BACKWARDS_COMPATIBLE_ONLY`
	`753`	`+ : "BACKWARDS_COMPATIBLE_ONLY access level should never be used automatically, it should only be used in known special cases";`
	`754`	`+ return accessLevel;`
`752`	`755`	`}`
`753`	`756`
`754`	`757`	`public Predicate<String> getSystemIndexAccessPredicate() {`