diff options
| author | Valerij Fredriksen <freva@users.noreply.github.com> | 2022-09-28 10:21:54 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-28 10:21:54 +0200 |
| commit | e48fb37a84d5d94fd71e3e3b5ade2299daafa163 (patch) | |
| tree | 8ab4bbf434367c3dc80c56d5ad659b1a45de98f8 | |
| parent | b55f60aea7973714936bba07ad7eeeb944863a10 (diff) | |
| parent | a6446962d4ddb22cff5fefb8dc0929bcb815244a (diff) | |
Merge pull request #24239 from vespa-engine/ogronnesby/user-api-check-tenant-and-app
Check that tenant and/or application exists in UserApi
| -rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java | 38 |
1 files changed, 23 insertions, 15 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java index 893befb57a2..3491ef4ab03 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java @@ -35,6 +35,7 @@ import com.yahoo.vespa.hosted.controller.api.role.RoleDefinition; import com.yahoo.vespa.hosted.controller.api.role.SecurityContext; import com.yahoo.vespa.hosted.controller.api.role.SimplePrincipal; import com.yahoo.vespa.hosted.controller.api.role.TenantRole; +import com.yahoo.vespa.hosted.controller.application.TenantAndApplicationId; import com.yahoo.vespa.hosted.controller.restapi.ErrorResponses; import com.yahoo.vespa.hosted.controller.restapi.application.EmptyResponse; import com.yahoo.vespa.hosted.controller.tenant.Tenant; @@ -231,24 +232,31 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { } private HttpResponse listTenantRoleMembers(String tenantName) { - Slime slime = new Slime(); - Cursor root = slime.setObject(); - root.setString("tenant", tenantName); - fillRoles(root, - Roles.tenantRoles(TenantName.from(tenantName)), - Collections.emptyList()); - return new SlimeJsonResponse(slime); + if (controller.tenants().get(tenantName).isPresent()) { + Slime slime = new Slime(); + Cursor root = slime.setObject(); + root.setString("tenant", tenantName); + fillRoles(root, + Roles.tenantRoles(TenantName.from(tenantName)), + Collections.emptyList()); + return new SlimeJsonResponse(slime); + } + return ErrorResponse.notFoundError("Tenant '" + tenantName + "' does not exist"); } private HttpResponse listApplicationRoleMembers(String tenantName, String applicationName) { - Slime slime = new Slime(); - Cursor root = slime.setObject(); - root.setString("tenant", tenantName); - root.setString("application", applicationName); - fillRoles(root, - Roles.applicationRoles(TenantName.from(tenantName), ApplicationName.from(applicationName)), - Roles.tenantRoles(TenantName.from(tenantName))); - return new SlimeJsonResponse(slime); + var id = TenantAndApplicationId.from(tenantName, applicationName); + if (controller.applications().getApplication(id).isPresent()) { + Slime slime = new Slime(); + Cursor root = slime.setObject(); + root.setString("tenant", tenantName); + root.setString("application", applicationName); + fillRoles(root, + Roles.applicationRoles(TenantName.from(tenantName), ApplicationName.from(applicationName)), + Roles.tenantRoles(TenantName.from(tenantName))); + return new SlimeJsonResponse(slime); + } + return ErrorResponse.notFoundError("Application '" + id + "' does not exist"); } private void fillRoles(Cursor root, List<? extends Role> roles, List<? extends Role> superRoles) { |