summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJon Marius Venstad <jvenstad@yahoo-inc.com>2019-03-26 16:39:12 +0100
committerJon Marius Venstad <jvenstad@yahoo-inc.com>2019-03-26 16:39:12 +0100
commit5f5098d1067a5df862485530e0136085cf624444 (patch)
tree6e0b54c1642eca1cfb29e35d570cc714008dbe34
parente988dc174ca63abf9c724a0c3f4e7521260c215e (diff)
Allow read access to dashboard, and avoid out of bounds in Path
Diffstat
-rw-r--r--container-core/src/main/java/com/yahoo/restapi/Path.java2
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java6
-rw-r--r--controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java2
3 files changed, 8 insertions, 2 deletions
diff --git a/container-core/src/main/java/com/yahoo/restapi/Path.java b/container-core/src/main/java/com/yahoo/restapi/Path.java
index 3aa23fbc916..79f70168696 100644
--- a/container-core/src/main/java/com/yahoo/restapi/Path.java
+++ b/container-core/src/main/java/com/yahoo/restapi/Path.java
@@ -54,7 +54,7 @@ public class Path {
values.clear();
String[] specElements = pathSpec.split("/");
boolean matchPrefix = false;
- if (specElements[specElements.length-1].equals("{*}")) {
+ if (specElements.length > 1 && specElements[specElements.length-1].equals("{*}")) {
matchPrefix = true;
specElements = Arrays.copyOf(specElements, specElements.length-1);
}
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java
index 653c1d40684..0c804d07205 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java
@@ -62,7 +62,11 @@ public enum PathGroup {
/** Read-only paths providing information related to deployments */
deploymentStatus("/badge/v1/{*}",
"/deployment/v1/{*}",
- "/zone/v1/{*}");
+ "/zone/v1/{*}"),
+
+ /** Paths used by some dashboard */
+ dashboard("/",
+ "/d/{*}");
final Set<String> pathSpecs;
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java
index bc810fdb5c5..e0bd4b18549 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java
@@ -82,6 +82,8 @@ public class RoleMembershipTest {
assertTrue(roles.allows(Action.create, "/application/v4/tenant/t1/application/a1/jobreport"));
assertTrue(roles.allows(Action.update, "/application/v4/tenant/t1/application/a1"));
assertTrue("Global read access", roles.allows(Action.read, "/controller/v1/foo"));
+ assertTrue("Dashboard read access", roles.allows(Action.read, "/"));
+ assertTrue("Dashboard read access", roles.allows(Action.read, "/d/nodes"));
}
}