diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-09 15:54:51 +0200 |
---|---|---|
committer | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-09 15:54:51 +0200 |
commit | 7fa1556829f42c22250b4213c7d1ac3837ea283a (patch) | |
tree | fec90f8ef333443a903606befbb262d2efa89c7d | |
parent | 32455805db6c0d5cce01c967fa90a60a0263b583 (diff) |
Create all tenant and application roles on creation
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java index 01b3ee33a62..008be2fd276 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java @@ -41,9 +41,9 @@ public class CloudAccessControl implements AccessControl { CloudTenantSpec spec = (CloudTenantSpec) tenantSpec; CloudTenant tenant = new CloudTenant(spec.tenant(), marketplace.resolveCustomer(spec.getRegistrationToken())); - Role ownerRole = roles.tenantOwner(spec.tenant()); - userManagement.createRole(ownerRole); - userManagement.addUsers(ownerRole, List.of(new UserId(credentials.user().getName()))); + for (Role role : userRoles.tenantRoles(spec.tenant())) + userManagement.createRole(role); + userManagement.addUsers(roles.tenantOwner(spec.tenant()), List.of(new UserId(credentials.user().getName()))); return tenant; } @@ -62,10 +62,10 @@ public class CloudAccessControl implements AccessControl { } @Override - public void createApplication(ApplicationId application, Credentials credentials) { - Role ownerRole = roles.applicationAdmin(application.tenant(), application.application()); - userManagement.createRole(ownerRole); - userManagement.addUsers(ownerRole, List.of(new UserId(credentials.user().getName()))); + public void createApplication(ApplicationId id, Credentials credentials) { + for (Role role : userRoles.applicationRoles(id.tenant(), id.application())) + userManagement.createRole(role); + userManagement.addUsers(roles.applicationAdmin(id.tenant(), id.application()), List.of(new UserId(credentials.user().getName()))); } @Override |