diff options
author | Morten Tokle <mortent@verizonmedia.com> | 2022-03-15 14:14:58 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-15 14:14:58 +0100 |
commit | ca88507ce370ed59f73e9ef776b59f4a5a575bf7 (patch) | |
tree | e04cca51663183758904039f3fcfe733b44fe7bc | |
parent | dbd80722fa46b8c073827a20e2feb9129e2e12d1 (diff) | |
parent | 2dc1a2e9157f161fb1e43b429c480780bb16b2bb (diff) |
Merge pull request #21695 from vespa-engine/olaa/add-effect-to-assertion
Include assertion effect in entity
3 files changed, 20 insertions, 5 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAssertion.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAssertion.java index 49cc31fe8c2..a343ea6e8f0 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAssertion.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAssertion.java @@ -10,7 +10,14 @@ import java.util.OptionalLong; */ public class AthenzAssertion { - public enum Effect { ALLOW, DENY } + public enum Effect { + ALLOW, DENY; + + public static Effect valueOrNull(String value) { + try { return valueOf(value); } + catch (RuntimeException e) { return null; } + } + } private final Long id; private final Effect effect; diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java index eef833c91a7..a6d18f3167c 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java @@ -229,7 +229,7 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { athenzDomain.getName(), athenzPolicy)); HttpUriRequest request = RequestBuilder.put() .setUri(uri) - .setEntity(toJsonStringEntity(new AssertionEntity(athenzRole.toResourceNameString(), resourceName.toResourceNameString(), action))) + .setEntity(toJsonStringEntity(new AssertionEntity(athenzRole.toResourceNameString(), resourceName.toResourceNameString(), action, "ALLOW"))) .build(); execute(request, response -> readEntity(response, Void.class)); } @@ -281,6 +281,7 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { AthenzResourceName.fromString(a.getResource()), a.getAction()) .id(a.getId()) + .effect(AthenzAssertion.Effect.valueOrNull(a.getEffect())) .build()) .collect(toList()); return Optional.of(new AthenzPolicy(entity.getName(), assertions)); diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/AssertionEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/AssertionEntity.java index 4ef83760b5a..f0fe383a55b 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/AssertionEntity.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/AssertionEntity.java @@ -17,20 +17,23 @@ public class AssertionEntity { private final String resource; private final String action; private final Long id; + private final String effect; - public AssertionEntity(String role, String resource, String action) { - this(role, resource, action, null); + public AssertionEntity(String role, String resource, String action, String effect) { + this(role, resource, action, null, effect); } public AssertionEntity(@JsonProperty("role") String role, @JsonProperty("resource") String resource, @JsonProperty("action") String action, - @JsonProperty("id") Long id) { + @JsonProperty("id") Long id, + @JsonProperty("effect") String effect) { this.role = role; this.resource = resource; this.action = action; this.id = id; + this.effect = effect; } public String getRole() { @@ -45,6 +48,10 @@ public class AssertionEntity { return action; } + public String getEffect() { + return effect; + } + @JsonIgnore public long getId() { return id; |