diff options
author | Øyvind Grønnesby <oyving@yahooinc.com> | 2022-09-05 16:31:42 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-05 16:31:42 +0200 |
commit | 0548f6a7180b92083cf248abbfdacb3fe6606e6f (patch) | |
tree | 902c87e4c1e9b197fdddf178eb0569750a6da0d7 | |
parent | f38ed1bb1ae6a78ff9abb4d9464985648227e9f7 (diff) | |
parent | 55f2e69ee26e926c23004395c77fe267f9a648e7 (diff) |
Merge pull request #23936 from vespa-engine/revert-23922-ogronnesby/find-user-api
Revert "Expose method to find user and their tenants"
8 files changed, 6 insertions, 70 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java index 468e03bab13..0de51795bc0 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/stubs/MockUserManagement.java @@ -1,7 +1,6 @@ // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.controller.api.integration.stubs; -import com.yahoo.component.AbstractComponent; import com.yahoo.jdisc.http.filter.security.misc.User; import com.yahoo.vespa.hosted.controller.api.integration.user.UserId; import com.yahoo.vespa.hosted.controller.api.integration.user.UserManagement; @@ -14,14 +13,13 @@ import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; /** * @author jonmv */ -public class MockUserManagement extends AbstractComponent implements UserManagement { +public class MockUserManagement implements UserManagement { private final Map<Role, Set<User>> memberships = new HashMap<>(); @@ -50,7 +48,7 @@ public class MockUserManagement extends AbstractComponent implements UserManagem public void addUsers(Role role, Collection<UserId> users) { List<User> userObjs = users.stream() .map(id -> new User(id.value(), id.value(), null, null)) - .toList(); + .collect(Collectors.toList()); get(role).addAll(userObjs); } @@ -80,22 +78,11 @@ public class MockUserManagement extends AbstractComponent implements UserManagem @Override public List<Role> listRoles(UserId userId) { - return memberships.entrySet().stream() - .filter(entry -> entry.getValue().stream().anyMatch(user -> user.name().equals(userId.value()))) - .map(Map.Entry::getKey) - .toList(); + return List.of(); } @Override public List<Role> listRoles() { return new ArrayList<>(memberships.keySet()); } - - @Override - public Optional<User> findUser(String email) { - return memberships.values().stream() - .flatMap(Collection::stream) - .filter(user -> user.email().equals(email)) - .findFirst(); - } } diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java index db0b66bc9db..9abd318d085 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/UserManagement.java @@ -6,7 +6,6 @@ import com.yahoo.vespa.hosted.controller.api.role.Role; import java.util.Collection; import java.util.List; -import java.util.Optional; /** * Management of {@link UserId}s as members of {@link Role}s. @@ -41,7 +40,4 @@ public interface UserManagement { /** Returns all roles */ List<Role> listRoles(); - - /** Find a user with all attributes */ - Optional<User> findUser(String email); } diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java index c2682334ce0..43928b31b93 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java @@ -90,8 +90,6 @@ enum PathGroup { accountant("/billing/v2/accountant/{*}"), - userSearch("/user/v1/find"), - applicationKeys(Matcher.tenant, Matcher.application, "/application/v4/tenant/{tenant}/application/{application}/key/"), diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java index 91eaec53aa4..e7b6f7fe8e5 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java @@ -194,7 +194,7 @@ enum Policy { /** Invoice management */ hostedAccountant(Privilege.grant(Action.all()) - .on(PathGroup.hostedAccountant, PathGroup.accountant, PathGroup.userSearch) + .on(PathGroup.hostedAccountant, PathGroup.accountant) .in(SystemName.PublicCd, SystemName.Public)), /** Listing endpoint certificates and re-requesting certificates */ diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java index 5bdb84bb6dd..9cced2b8159 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java @@ -101,7 +101,6 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { private HttpResponse handleGET(Path path, HttpRequest request) { if (path.matches("/user/v1/user")) return userMetadata(request); - if (path.matches("/user/v1/find")) return userMetadataFromUserId(request.getProperty("email")); if (path.matches("/user/v1/tenant/{tenant}")) return listTenantRoleMembers(path.get("tenant")); if (path.matches("/user/v1/tenant/{tenant}/application/{application}")) return listApplicationRoleMembers(path.get("tenant"), path.get("application")); @@ -134,18 +133,6 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { RoleDefinition.hostedSupporter, RoleDefinition.hostedAccountant); - private HttpResponse userMetadataFromUserId(String email) { - var maybeUser = users.findUser(email); - - if (maybeUser.isPresent()) { - var user = maybeUser.get(); - var roles = users.listRoles(new UserId(user.email())); - return renderUserMetaData(user, Set.copyOf(roles)); - } - - return ErrorResponse.notFoundError("Could not find user: " + email); - } - private HttpResponse userMetadata(HttpRequest request) { User user; if (request.getJDiscRequest().context().get(User.ATTRIBUTE_NAME) instanceof User) { @@ -159,10 +146,6 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { Set<Role> roles = getAttribute(request, SecurityContext.ATTRIBUTE_NAME, SecurityContext.class).roles(); - return renderUserMetaData(user, roles); - } - - private HttpResponse renderUserMetaData(User user, Set<Role> roles) { Map<TenantName, List<TenantRole>> tenantRolesByTenantName = roles.stream() .flatMap(role -> filterTenantRoles(role).stream()) .distinct() @@ -173,7 +156,7 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { List<Role> operatorRoles = roles.stream() .filter(role -> hostedOperators.contains(role.definition())) .sorted(Comparator.comparing(Role::definition)) - .toList(); + .collect(Collectors.toList()); Slime slime = new Slime(); Cursor root = slime.setObject(); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java index 5380cf4ee27..10fd57ce032 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java @@ -344,7 +344,7 @@ public final class ControllerTester { private TenantName createCloudTenant(String tenantName) { TenantName tenant = TenantName.from(tenantName); TenantSpec spec = new CloudTenantSpec(tenant, "token"); - controller().tenants().create(spec, new Auth0Credentials(new SimplePrincipal("dev-" + tenantName), Set.of(Role.administrator(tenant)))); + controller().tenants().create(spec, new Auth0Credentials(new SimplePrincipal("dev"), Set.of(Role.administrator(tenant)))); return tenant; } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java index 4194131e7fb..539d6cff06d 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java @@ -16,7 +16,6 @@ import com.yahoo.vespa.flags.InMemoryFlagSource; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.integration.athenz.ApplicationAction; import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactoryMock; -import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement; import com.yahoo.vespa.hosted.controller.integration.ServiceRegistryMock; import java.io.File; @@ -65,10 +64,6 @@ public class ContainerTester { return (ServiceRegistryMock) container.components().getComponent(ServiceRegistryMock.class.getName()); } - public MockUserManagement userManagement() { - return (MockUserManagement) container.components().getComponent(MockUserManagement.class.getName()); - } - public void authorize(AthenzDomain tenantDomain, AthenzIdentity identity, ApplicationAction action, ApplicationName application) { athenzClientFactory().getSetup() .domains.get(tenantDomain) diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java index efb06dd5c7d..f34dd3fe629 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java @@ -10,8 +10,6 @@ import com.yahoo.vespa.flags.PermanentFlags; import com.yahoo.vespa.hosted.controller.ControllerTester; import com.yahoo.vespa.hosted.controller.api.integration.billing.PlanId; import com.yahoo.jdisc.http.filter.security.misc.User; -import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement; -import com.yahoo.vespa.hosted.controller.api.integration.user.UserId; import com.yahoo.vespa.hosted.controller.api.role.Role; import com.yahoo.vespa.hosted.controller.restapi.ContainerTester; import com.yahoo.vespa.hosted.controller.restapi.ControllerContainerCloudTest; @@ -255,27 +253,6 @@ public class UserApiTest extends ControllerContainerCloudTest { } @Test - void findUser() { - try (Flags.Replacer ignored = Flags.clearFlagsForTesting(PermanentFlags.MAX_TRIAL_TENANTS.id(), PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id())) { - ContainerTester tester = new ContainerTester(container, responseFiles); - ((InMemoryFlagSource) tester.controller().flagSource()) - .withBooleanFlag(PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id(), true); - Set<Role> operator = Set.of(Role.hostedOperator(), Role.hostedSupporter(), Role.hostedAccountant()); - User user = new User("dev@domail", "Joe Developer", "dev", null); - - Role developer = Role.developer(TenantName.from("scoober")); - tester.userManagement().createRole(developer); - tester.userManagement().addToRoles(new UserId("dev@domail"), Set.of(developer)); - - tester.assertResponse(request("/user/v1/find?email=dev@domail") - .roles(operator) - .user(user), - """ - {"isPublic":true,"isCd":false,"hasTrialCapacity":true,"user":{"name":"dev@domail","email":"dev@domail","verified":false},"tenants":{"scoober":{"supported":false,"roles":["developer"]}},"flags":[{"id":"enable-public-signup-flow","rules":[{"value":false}]}]}"""); - } - } - - @Test void maxTrialTenants() { try (Flags.Replacer ignored = Flags.clearFlagsForTesting(PermanentFlags.MAX_TRIAL_TENANTS.id(), PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id())) { ContainerTester tester = new ContainerTester(container, responseFiles); |