Revert "Revert "Reapply "Remove unnecessary component" [run-systemtest]"""

author: Harald Musum <musum@verizonmedia.com> 2021-01-12 16:41:40 +0100
committer: GitHub <noreply@github.com> 2021-01-12 16:41:40 +0100
commit: 4ef7df9811a221ccf50627cdb09ffcd6d5b70e46 (patch)
tree: 2f44161613e939c927dc6997c0c54820ce4e467a /configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
parent: 3af508945a49a03494e91aba2934d6bade6141cc (diff)
1 files changed, 8 insertions, 10 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
index 49a8df3d0e4..8353e3fab1f 100644
--- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
+++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
@@ -1,4 +1,4 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.config.server.rpc.security;
 
 import com.yahoo.cloud.config.SentinelConfig;
@@ -16,7 +16,6 @@ import com.yahoo.security.tls.TransportSecurityUtils;
 import com.yahoo.vespa.config.ConfigKey;
 import com.yahoo.vespa.config.protocol.JRTServerConfigRequestV3;
 import com.yahoo.vespa.config.server.RequestHandler;
-import com.yahoo.vespa.config.server.host.HostRegistries;
 import com.yahoo.vespa.config.server.host.HostRegistry;
 import com.yahoo.vespa.config.server.rpc.RequestHandlerProvider;
 
@@ -34,7 +33,6 @@ import java.util.logging.Logger;
 import static com.yahoo.vespa.config.server.rpc.security.AuthorizationException.Type;
 import static com.yahoo.yolean.Exceptions.throwUnchecked;
 
-
 /**
  * A {@link RpcAuthorizer} that perform access control for configserver RPC methods when TLS and multi-tenant mode are enabled.
  *
@@ -45,22 +43,22 @@ public class MultiTenantRpcAuthorizer implements RpcAuthorizer {
     private static final Logger log = Logger.getLogger(MultiTenantRpcAuthorizer.class.getName());
 
     private final NodeIdentifier nodeIdentifier;
-    private final HostRegistry<TenantName> hostRegistry;
+    private final HostRegistry hostRegistry;
     private final RequestHandlerProvider handlerProvider;
     private final Executor executor;
 
     public MultiTenantRpcAuthorizer(NodeIdentifier nodeIdentifier,
-                                    HostRegistries hostRegistries,
+                                    HostRegistry hostRegistry,
                                     RequestHandlerProvider handlerProvider,
                                     int threadPoolSize) {
         this(nodeIdentifier,
-             hostRegistries.getTenantHostRegistry(),
+             hostRegistry,
              handlerProvider,
              Executors.newFixedThreadPool(threadPoolSize, new DaemonThreadFactory("multi-tenant-rpc-authorizer-")));
     }
 
     MultiTenantRpcAuthorizer(NodeIdentifier nodeIdentifier,
-                             HostRegistry<TenantName> hostRegistry,
+                             HostRegistry hostRegistry,
                              RequestHandlerProvider handlerProvider,
                              Executor executor) {
         this.nodeIdentifier = nodeIdentifier;
@@ -108,14 +106,14 @@ public class MultiTenantRpcAuthorizer implements RpcAuthorizer {
                     return; // global config access ok
                 } else {
                     String hostname = configRequest.getClientHostName();
-                    Optional<TenantName> tenantName = Optional.ofNullable(hostRegistry.getKeyForHost(hostname));
-                    if (tenantName.isEmpty()) {
+                    ApplicationId applicationId = hostRegistry.getKeyForHost(hostname);
+                    if (applicationId == null) {
                         if (isConfigKeyForSentinelConfig(configKey)) {
                             return; // config processor will return empty sentinel config for unknown nodes
                         }
                         throw new AuthorizationException(Type.SILENT, String.format("Host '%s' not found in host registry for [%s]", hostname, configKey));
                     }
-                    RequestHandler tenantHandler = getTenantHandler(tenantName.get());
+                    RequestHandler tenantHandler = getTenantHandler(applicationId.tenant());
                     ApplicationId resolvedApplication = tenantHandler.resolveApplicationId(hostname);
                     ApplicationId peerOwner = applicationId(peerIdentity);
                     if (peerOwner.equals(resolvedApplication)) {
author	Harald Musum <musum@verizonmedia.com>	2021-01-12 16:41:40 +0100
committer	GitHub <noreply@github.com>	2021-01-12 16:41:40 +0100
commit	4ef7df9811a221ccf50627cdb09ffcd6d5b70e46 (patch)
tree	2f44161613e939c927dc6997c0c54820ce4e467a /configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/MultiTenantRpcAuthorizer.java
parent	3af508945a49a03494e91aba2934d6bade6141cc (diff)