diff options
author | gjoranv <gv@verizonmedia.com> | 2022-07-27 00:38:07 +0200 |
---|---|---|
committer | gjoranv <gv@verizonmedia.com> | 2022-07-27 00:38:07 +0200 |
commit | 142b8794721fed01606e22b821faebacea031736 (patch) | |
tree | c5c823608e17dcf5eb03469db6c6649b0e519859 | |
parent | ba3b5a897289d202a52a25dbba50ed400e979dae (diff) |
Move rule-based-filter config to configdefinitions module/bundle
.. to remove import-package from config-model to jdisc-security-filters.
- Keep the old config def for a while in case it's needed by
hosted Vespa config models.
9 files changed, 43 insertions, 19 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java b/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java index 167dac4c57e..039daba8ad0 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilter.java @@ -7,7 +7,7 @@ import com.yahoo.component.chain.dependencies.Dependencies; import com.yahoo.component.chain.model.ChainedComponentModel; import com.yahoo.config.model.api.ContainerEndpoint; import com.yahoo.container.bundle.BundleInstantiationSpecification; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; import com.yahoo.vespa.model.clients.ContainerDocumentApi; import com.yahoo.vespa.model.container.ContainerCluster; @@ -17,11 +17,11 @@ import java.util.List; import java.util.Set; import java.util.stream.Collectors; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.DefaultRule.Action.Enum.ALLOW; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Action.Enum.BLOCK; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Methods.Enum.DELETE; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Methods.Enum.POST; -import static com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Methods.Enum.PUT; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.DefaultRule.Action.Enum.ALLOW; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Action.Enum.BLOCK; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Methods.Enum.DELETE; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Methods.Enum.POST; +import static com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Methods.Enum.PUT; /** * @author mortent diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java index 1691868ee65..b17be9eb55e 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/container/http/BlockFeedGlobalEndpointsFilterTest.java @@ -4,7 +4,7 @@ package com.yahoo.vespa.model.container.http; import com.yahoo.config.model.api.ApplicationClusterEndpoint; import com.yahoo.config.model.api.ContainerEndpoint; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; import org.junit.Test; import java.util.Collections; @@ -12,7 +12,6 @@ import java.util.List; import java.util.Set; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; import static org.junit.Assert.assertTrue; public class BlockFeedGlobalEndpointsFilterTest { diff --git a/configdefinitions/src/main/java/com/yahoo/vespa/config/jdisc/http/filter/package-info.java b/configdefinitions/src/main/java/com/yahoo/vespa/config/jdisc/http/filter/package-info.java new file mode 100644 index 00000000000..9dcdc2504d1 --- /dev/null +++ b/configdefinitions/src/main/java/com/yahoo/vespa/config/jdisc/http/filter/package-info.java @@ -0,0 +1,5 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +@ExportPackage +package com.yahoo.vespa.config.jdisc.http.filter; + +import com.yahoo.osgi.annotation.ExportPackage; diff --git a/configdefinitions/src/vespa/jdisc.http.filter.security.rule.config.rule-based-filter.def b/configdefinitions/src/vespa/jdisc.http.filter.security.rule.config.rule-based-filter.def new file mode 100644 index 00000000000..3fe850908dc --- /dev/null +++ b/configdefinitions/src/vespa/jdisc.http.filter.security.rule.config.rule-based-filter.def @@ -0,0 +1,18 @@ +# Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package=com.yahoo.vespa.config.jdisc.http.filter + +dryrun bool default=false +defaultRule.action enum { ALLOW, BLOCK } +defaultRule.blockResponseCode int default=403 +defaultRule.blockResponseMessage string default="" +defaultRule.blockResponseHeaders[].name string +defaultRule.blockResponseHeaders[].value string +rule[].name string +rule[].action enum { ALLOW, BLOCK } +rule[].hostNames[] string +rule[].methods[] enum { GET, POST, PUT, PATCH, DELETE } +rule[].pathExpressions[] string +rule[].blockResponseCode int default=403 +rule[].blockResponseMessage string default="" +rule[].blockResponseHeaders[].name string +rule[].blockResponseHeaders[].value string diff --git a/jdisc-security-filters/pom.xml b/jdisc-security-filters/pom.xml index 475a8b7e3e9..dd44a114236 100644 --- a/jdisc-security-filters/pom.xml +++ b/jdisc-security-filters/pom.xml @@ -19,6 +19,12 @@ <!-- provided --> <dependency> <groupId>com.yahoo.vespa</groupId> + <artifactId>configdefinitions</artifactId> + <version>${project.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.yahoo.vespa</groupId> <artifactId>container-dev</artifactId> <version>${project.version}</version> <scope>provided</scope> diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java index dac4d3ee4d6..9fb709126bf 100644 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java +++ b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilter.java @@ -6,7 +6,8 @@ import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.filter.DiscFilterRequest; import com.yahoo.jdisc.http.filter.security.base.JsonSecurityRequestFilterBase; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule.Action; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule.Action; import com.yahoo.restapi.Path; import java.net.URI; diff --git a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/package-info.java b/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/package-info.java deleted file mode 100644 index 73313c2c86d..00000000000 --- a/jdisc-security-filters/src/main/java/com/yahoo/jdisc/http/filter/security/rule/package-info.java +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -/** - * @author bjorncs - */ -@ExportPackage -package com.yahoo.jdisc.http.filter.security.rule; - -import com.yahoo.osgi.annotation.ExportPackage;
\ No newline at end of file diff --git a/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def b/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def index 1d0dcddfc31..d619f5ff735 100644 --- a/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def +++ b/jdisc-security-filters/src/main/resources/configdefinitions/jdisc.http.filter.security.rule.rule-based-filter.def @@ -1,4 +1,6 @@ # Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +# TODO: remove this def when oldest hosted model no longer uses it. + namespace=jdisc.http.filter.security.rule dryrun bool default=false diff --git a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java index cfd0e80968f..bb3408f0089 100644 --- a/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java +++ b/jdisc-security-filters/src/test/java/com/yahoo/jdisc/http/filter/security/rule/RuleBasedRequestFilterTest.java @@ -8,8 +8,9 @@ import com.yahoo.container.jdisc.RequestHandlerTestDriver.MockResponseHandler; import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.filter.DiscFilterRequest; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.DefaultRule; -import com.yahoo.jdisc.http.filter.security.rule.RuleBasedFilterConfig.Rule; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.DefaultRule; +import com.yahoo.vespa.config.jdisc.http.filter.RuleBasedFilterConfig.Rule; import com.yahoo.test.json.JsonTestHelper; import org.junit.jupiter.api.Test; |