diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-03-26 16:39:12 +0100 |
---|---|---|
committer | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-03-26 16:39:12 +0100 |
commit | 5f5098d1067a5df862485530e0136085cf624444 (patch) | |
tree | 6e0b54c1642eca1cfb29e35d570cc714008dbe34 | |
parent | e988dc174ca63abf9c724a0c3f4e7521260c215e (diff) |
Allow read access to dashboard, and avoid out of bounds in Path
3 files changed, 8 insertions, 2 deletions
diff --git a/container-core/src/main/java/com/yahoo/restapi/Path.java b/container-core/src/main/java/com/yahoo/restapi/Path.java index 3aa23fbc916..79f70168696 100644 --- a/container-core/src/main/java/com/yahoo/restapi/Path.java +++ b/container-core/src/main/java/com/yahoo/restapi/Path.java @@ -54,7 +54,7 @@ public class Path { values.clear(); String[] specElements = pathSpec.split("/"); boolean matchPrefix = false; - if (specElements[specElements.length-1].equals("{*}")) { + if (specElements.length > 1 && specElements[specElements.length-1].equals("{*}")) { matchPrefix = true; specElements = Arrays.copyOf(specElements, specElements.length-1); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java index 653c1d40684..0c804d07205 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/role/PathGroup.java @@ -62,7 +62,11 @@ public enum PathGroup { /** Read-only paths providing information related to deployments */ deploymentStatus("/badge/v1/{*}", "/deployment/v1/{*}", - "/zone/v1/{*}"); + "/zone/v1/{*}"), + + /** Paths used by some dashboard */ + dashboard("/", + "/d/{*}"); final Set<String> pathSpecs; diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java index bc810fdb5c5..e0bd4b18549 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/role/RoleMembershipTest.java @@ -82,6 +82,8 @@ public class RoleMembershipTest { assertTrue(roles.allows(Action.create, "/application/v4/tenant/t1/application/a1/jobreport")); assertTrue(roles.allows(Action.update, "/application/v4/tenant/t1/application/a1")); assertTrue("Global read access", roles.allows(Action.read, "/controller/v1/foo")); + assertTrue("Dashboard read access", roles.allows(Action.read, "/")); + assertTrue("Dashboard read access", roles.allows(Action.read, "/d/nodes")); } } |