Merge pull request #23936 from vespa-engine/revert-23922-ogronnesby/find-user-api

Revert "Expose method to find user and their tenants"
author: Øyvind Grønnesby <oyving@yahooinc.com> 2022-09-05 16:31:42 +0200
committer: GitHub <noreply@github.com> 2022-09-05 16:31:42 +0200
commit: 0548f6a7180b92083cf248abbfdacb3fe6606e6f (patch)
tree: 902c87e4c1e9b197fdddf178eb0569750a6da0d7
parent: f38ed1bb1ae6a78ff9abb4d9464985648227e9f7 (diff)
parent: 55f2e69ee26e926c23004395c77fe267f9a648e7 (diff)
8 files changed, 6 insertions, 70 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java
index 468e03bab13..0de51795bc0 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java
@@ -1,7 +1,6 @@
 // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.hosted.controller.api.integration.stubs;
 
-import com.yahoo.component.AbstractComponent;
 import com.yahoo.jdisc.http.filter.security.misc.User;
 import com.yahoo.vespa.hosted.controller.api.integration.user.UserId;
 import com.yahoo.vespa.hosted.controller.api.integration.user.UserManagement;
@@ -14,14 +13,13 @@ import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
 
 /**
  * @author jonmv
  */
-public class MockUserManagement extends AbstractComponent implements UserManagement {
+public class MockUserManagement implements UserManagement {
 
     private final Map<Role, Set<User>> memberships = new HashMap<>();
 
@@ -50,7 +48,7 @@ public class MockUserManagement extends AbstractComponent implements UserManagem
     public void addUsers(Role role, Collection<UserId> users) {
         List<User> userObjs = users.stream()
                                    .map(id -> new User(id.value(), id.value(), null, null))
-                                   .toList();
+                                   .collect(Collectors.toList());
         get(role).addAll(userObjs);
     }
 
@@ -80,22 +78,11 @@ public class MockUserManagement extends AbstractComponent implements UserManagem
 
     @Override
     public List<Role> listRoles(UserId userId) {
-        return memberships.entrySet().stream()
-                .filter(entry -> entry.getValue().stream().anyMatch(user -> user.name().equals(userId.value())))
-                .map(Map.Entry::getKey)
-                .toList();
+        return List.of();
     }
 
     @Override
     public List<Role> listRoles() {
         return new ArrayList<>(memberships.keySet());
     }
-
-    @Override
-    public Optional<User> findUser(String email) {
-        return memberships.values().stream()
-                .flatMap(Collection::stream)
-                .filter(user -> user.email().equals(email))
-                .findFirst();
-    }
 }
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java
index db0b66bc9db..9abd318d085 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java
@@ -6,7 +6,6 @@ import com.yahoo.vespa.hosted.controller.api.role.Role;
 
 import java.util.Collection;
 import java.util.List;
-import java.util.Optional;
 
 /**
  * Management of {@link UserId}s as members of {@link Role}s.
@@ -41,7 +40,4 @@ public interface UserManagement {
 
     /** Returns all roles */
     List<Role> listRoles();
-
-    /** Find a user with all attributes */
-    Optional<User> findUser(String email);
 }
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java
index c2682334ce0..43928b31b93 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java
@@ -90,8 +90,6 @@ enum PathGroup {
 
     accountant("/billing/v2/accountant/{*}"),
 
-    userSearch("/user/v1/find"),
-
     applicationKeys(Matcher.tenant,
                     Matcher.application,
                     "/application/v4/tenant/{tenant}/application/{application}/key/"),
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java
index 91eaec53aa4..e7b6f7fe8e5 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java
@@ -194,7 +194,7 @@ enum Policy {
 
     /** Invoice management */
     hostedAccountant(Privilege.grant(Action.all())
-                                    .on(PathGroup.hostedAccountant, PathGroup.accountant, PathGroup.userSearch)
+                                    .on(PathGroup.hostedAccountant, PathGroup.accountant)
                                     .in(SystemName.PublicCd, SystemName.Public)),
 
     /** Listing endpoint certificates and re-requesting certificates */
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java
index 5bdb84bb6dd..9cced2b8159 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java
@@ -101,7 +101,6 @@ public class UserApiHandler extends ThreadedHttpRequestHandler {
 
     private HttpResponse handleGET(Path path, HttpRequest request) {
         if (path.matches("/user/v1/user")) return userMetadata(request);
-        if (path.matches("/user/v1/find")) return userMetadataFromUserId(request.getProperty("email"));
         if (path.matches("/user/v1/tenant/{tenant}")) return listTenantRoleMembers(path.get("tenant"));
         if (path.matches("/user/v1/tenant/{tenant}/application/{application}")) return listApplicationRoleMembers(path.get("tenant"), path.get("application"));
 
@@ -134,18 +133,6 @@ public class UserApiHandler extends ThreadedHttpRequestHandler {
             RoleDefinition.hostedSupporter,
             RoleDefinition.hostedAccountant);
 
-    private HttpResponse userMetadataFromUserId(String email) {
-        var maybeUser = users.findUser(email);
-
-        if (maybeUser.isPresent()) {
-            var user = maybeUser.get();
-            var roles = users.listRoles(new UserId(user.email()));
-            return renderUserMetaData(user, Set.copyOf(roles));
-        }
-
-        return ErrorResponse.notFoundError("Could not find user: " + email);
-    }
-
     private HttpResponse userMetadata(HttpRequest request) {
         User user;
         if (request.getJDiscRequest().context().get(User.ATTRIBUTE_NAME) instanceof User) {
@@ -159,10 +146,6 @@ public class UserApiHandler extends ThreadedHttpRequestHandler {
 
         Set<Role> roles = getAttribute(request, SecurityContext.ATTRIBUTE_NAME, SecurityContext.class).roles();
 
-        return renderUserMetaData(user, roles);
-    }
-
-    private HttpResponse renderUserMetaData(User user, Set<Role> roles) {
         Map<TenantName, List<TenantRole>> tenantRolesByTenantName = roles.stream()
                 .flatMap(role -> filterTenantRoles(role).stream())
                 .distinct()
@@ -173,7 +156,7 @@ public class UserApiHandler extends ThreadedHttpRequestHandler {
         List<Role> operatorRoles = roles.stream()
                 .filter(role -> hostedOperators.contains(role.definition()))
                 .sorted(Comparator.comparing(Role::definition))
-                .toList();
+                .collect(Collectors.toList());
 
         Slime slime = new Slime();
         Cursor root = slime.setObject();
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java
index 5380cf4ee27..10fd57ce032 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java
@@ -344,7 +344,7 @@ public final class ControllerTester {
     private TenantName createCloudTenant(String tenantName) {
         TenantName tenant = TenantName.from(tenantName);
         TenantSpec spec = new CloudTenantSpec(tenant, "token");
-        controller().tenants().create(spec, new Auth0Credentials(new SimplePrincipal("dev-" + tenantName), Set.of(Role.administrator(tenant))));
+        controller().tenants().create(spec, new Auth0Credentials(new SimplePrincipal("dev"), Set.of(Role.administrator(tenant))));
         return tenant;
     }
 
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java
index 4194131e7fb..539d6cff06d 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java
@@ -16,7 +16,6 @@ import com.yahoo.vespa.flags.InMemoryFlagSource;
 import com.yahoo.vespa.hosted.controller.Controller;
 import com.yahoo.vespa.hosted.controller.api.integration.athenz.ApplicationAction;
 import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactoryMock;
-import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement;
 import com.yahoo.vespa.hosted.controller.integration.ServiceRegistryMock;
 
 import java.io.File;
@@ -65,10 +64,6 @@ public class ContainerTester {
         return (ServiceRegistryMock) container.components().getComponent(ServiceRegistryMock.class.getName());
     }
 
-    public MockUserManagement userManagement() {
-        return (MockUserManagement) container.components().getComponent(MockUserManagement.class.getName());
-    }
-
     public void authorize(AthenzDomain tenantDomain, AthenzIdentity identity, ApplicationAction action, ApplicationName application) {
         athenzClientFactory().getSetup()
                 .domains.get(tenantDomain)
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java
index efb06dd5c7d..f34dd3fe629 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java
@@ -10,8 +10,6 @@ import com.yahoo.vespa.flags.PermanentFlags;
 import com.yahoo.vespa.hosted.controller.ControllerTester;
 import com.yahoo.vespa.hosted.controller.api.integration.billing.PlanId;
 import com.yahoo.jdisc.http.filter.security.misc.User;
-import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement;
-import com.yahoo.vespa.hosted.controller.api.integration.user.UserId;
 import com.yahoo.vespa.hosted.controller.api.role.Role;
 import com.yahoo.vespa.hosted.controller.restapi.ContainerTester;
 import com.yahoo.vespa.hosted.controller.restapi.ControllerContainerCloudTest;
@@ -255,27 +253,6 @@ public class UserApiTest extends ControllerContainerCloudTest {
     }
 
     @Test
-    void findUser() {
-        try (Flags.Replacer ignored = Flags.clearFlagsForTesting(PermanentFlags.MAX_TRIAL_TENANTS.id(), PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id())) {
-            ContainerTester tester = new ContainerTester(container, responseFiles);
-            ((InMemoryFlagSource) tester.controller().flagSource())
-                    .withBooleanFlag(PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id(), true);
-            Set<Role> operator = Set.of(Role.hostedOperator(), Role.hostedSupporter(), Role.hostedAccountant());
-            User user = new User("dev@domail", "Joe Developer", "dev", null);
-
-            Role developer = Role.developer(TenantName.from("scoober"));
-            tester.userManagement().createRole(developer);
-            tester.userManagement().addToRoles(new UserId("dev@domail"), Set.of(developer));
-
-            tester.assertResponse(request("/user/v1/find?email=dev@domail")
-                    .roles(operator)
-                    .user(user),
-                    """
-                            {"isPublic":true,"isCd":false,"hasTrialCapacity":true,"user":{"name":"dev@domail","email":"dev@domail","verified":false},"tenants":{"scoober":{"supported":false,"roles":["developer"]}},"flags":[{"id":"enable-public-signup-flow","rules":[{"value":false}]}]}""");
-        }
-    }
-
-    @Test
     void maxTrialTenants() {
         try (Flags.Replacer ignored = Flags.clearFlagsForTesting(PermanentFlags.MAX_TRIAL_TENANTS.id(), PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id())) {
             ContainerTester tester = new ContainerTester(container, responseFiles);
author	Øyvind Grønnesby <oyving@yahooinc.com>	2022-09-05 16:31:42 +0200
committer	GitHub <noreply@github.com>	2022-09-05 16:31:42 +0200
commit	0548f6a7180b92083cf248abbfdacb3fe6606e6f (patch)
tree	902c87e4c1e9b197fdddf178eb0569750a6da0d7
parent	f38ed1bb1ae6a78ff9abb4d9464985648227e9f7 (diff)
parent	55f2e69ee26e926c23004395c77fe267f9a648e7 (diff)