diff options
author | Jon Marius Venstad <jonmv@users.noreply.github.com> | 2024-01-26 17:53:13 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-26 17:53:13 +0100 |
commit | 1c97bdea2713238c87e44440cb03c913911090d2 (patch) | |
tree | 7b1f18032c52093ba00d9052e4da01539895b5f0 /config-model/src/test/java/com/yahoo/vespa/model/container | |
parent | 5fabffb2613cc7728b63e01e3cf336fe45b27566 (diff) |
Revert "Validate applied permissions in config model"
Diffstat (limited to 'config-model/src/test/java/com/yahoo/vespa/model/container')
-rw-r--r-- | config-model/src/test/java/com/yahoo/vespa/model/container/xml/CloudTokenDataPlaneFilterTest.java | 23 |
1 files changed, 3 insertions, 20 deletions
diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/CloudTokenDataPlaneFilterTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/CloudTokenDataPlaneFilterTest.java index 1c5eb16be80..c89ea421b39 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/CloudTokenDataPlaneFilterTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/CloudTokenDataPlaneFilterTest.java @@ -16,6 +16,7 @@ import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.Zone; import com.yahoo.jdisc.http.ConnectorConfig; import com.yahoo.jdisc.http.filter.security.cloud.config.CloudTokenDataPlaneFilterConfig; +import com.yahoo.processing.response.Data; import com.yahoo.vespa.model.container.ApplicationContainer; import com.yahoo.vespa.model.container.ContainerModel; import com.yahoo.vespa.model.container.http.ConnectorFactory; @@ -40,14 +41,14 @@ import static com.yahoo.vespa.model.container.xml.CloudDataPlaneFilterTest.creat import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertNull; public class CloudTokenDataPlaneFilterTest extends ContainerModelBuilderTestBase { private static final String servicesXmlTemplate = """ <container version='1.0'> <clients> - <client id="foo" permissions="read, write"> + <client id="foo" permissions="read,write"> <certificate file="%s"/> </client> <client id="bar" permissions="read"> @@ -144,24 +145,6 @@ public class CloudTokenDataPlaneFilterTest extends ContainerModelBuilderTestBase } - @Test - void fails_on_unknown_permission() throws IOException { - var certFile = securityFolder.resolve("foo.pem"); - var servicesXml = """ - <container version='1.0'> - <clients> - <client id="foo" permissions="read,unknown-permission"> - <certificate file="%s"/> - </client> - </clients> - </container> - """.formatted(applicationFolder.toPath().relativize(certFile).toString()); - var clusterElem = DomBuilderTest.parse(servicesXml); - createCertificate(certFile); - var exception = assertThrows(IllegalArgumentException.class, () -> buildModel(Set.of(mtlsEndpoint), defaultTokens, clusterElem)); - assertEquals("Invalid permission 'unknown-permission'. Valid values are 'read' and 'write'.", exception.getMessage()); - } - private static CloudTokenDataPlaneFilterConfig.Clients.Tokens tokenConfig( String id, Collection<String> fingerprints, Collection<String> accessCheckHashes, Collection<String> expirations) { return new CloudTokenDataPlaneFilterConfig.Clients.Tokens.Builder() |