Revert "Wire in RpcAuthorizer to RpcServer"

This reverts commit 72e11e84e405cefb4e010091ead4148f6525181f.
author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-05-21 20:12:19 +0200
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-05-21 20:12:19 +0200
commit: bbb3cfe7da8c4ac492ac62d1c00ec3aaf9751b00 (patch)
tree: 5df7187604e7a0c834ca13a63aa2bd9d3bb00a70 /configserver
parent: 062aeb883489e3c5b7c4860aea42a0880c46e18c (diff)
7 files changed, 17 insertions, 93 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java
index b12bfbf68a2..14c48687a40 100644
--- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java
+++ b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/RpcServer.java
@@ -3,12 +3,12 @@ package com.yahoo.vespa.config.server.rpc;
 
 import com.google.inject.Inject;
 import com.yahoo.cloud.config.ConfigserverConfig;
-import com.yahoo.component.Version;
 import com.yahoo.concurrent.ThreadFactoryFactory;
 import com.yahoo.config.FileReference;
 import com.yahoo.config.provision.ApplicationId;
 import com.yahoo.config.provision.HostLivenessTracker;
 import com.yahoo.config.provision.TenantName;
+import com.yahoo.component.Version;
 import com.yahoo.jrt.Acceptor;
 import com.yahoo.jrt.DataValue;
 import com.yahoo.jrt.Int32Value;
@@ -28,17 +28,16 @@ import com.yahoo.vespa.config.protocol.ConfigResponse;
 import com.yahoo.vespa.config.protocol.JRTServerConfigRequest;
 import com.yahoo.vespa.config.protocol.JRTServerConfigRequestV3;
 import com.yahoo.vespa.config.protocol.Trace;
-import com.yahoo.vespa.config.server.GetConfigContext;
-import com.yahoo.vespa.config.server.ReloadListener;
-import com.yahoo.vespa.config.server.RequestHandler;
 import com.yahoo.vespa.config.server.SuperModelRequestHandler;
 import com.yahoo.vespa.config.server.application.ApplicationSet;
+import com.yahoo.vespa.config.server.GetConfigContext;
 import com.yahoo.vespa.config.server.filedistribution.FileServer;
 import com.yahoo.vespa.config.server.host.HostRegistries;
 import com.yahoo.vespa.config.server.host.HostRegistry;
+import com.yahoo.vespa.config.server.ReloadListener;
+import com.yahoo.vespa.config.server.RequestHandler;
 import com.yahoo.vespa.config.server.monitoring.MetricUpdater;
 import com.yahoo.vespa.config.server.monitoring.MetricUpdaterFactory;
-import com.yahoo.vespa.config.server.rpc.security.RpcAuthorizer;
 import com.yahoo.vespa.config.server.tenant.TenantHandlerProvider;
 import com.yahoo.vespa.config.server.tenant.TenantListener;
 import com.yahoo.vespa.config.server.tenant.TenantRepository;
@@ -100,7 +99,6 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener {
     private final MetricUpdaterFactory metricUpdaterFactory;
     private final HostLivenessTracker hostLivenessTracker;
     private final FileServer fileServer;
-    private final RpcAuthorizer rpcAuthorizer;
 
     private final ThreadPoolExecutor executorService;
     private final FileDownloader downloader;
@@ -123,7 +121,7 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener {
     @Inject
     public RpcServer(ConfigserverConfig config, SuperModelRequestHandler superModelRequestHandler,
                      MetricUpdaterFactory metrics, HostRegistries hostRegistries,
-                     HostLivenessTracker hostLivenessTracker, FileServer fileServer, RpcAuthorizer rpcAuthorizer) {
+                     HostLivenessTracker hostLivenessTracker, FileServer fileServer) {
         this.superModelRequestHandler = superModelRequestHandler;
         metricUpdaterFactory = metrics;
         supervisor.setMaxOutputBufferSize(config.maxoutputbuffersize());
@@ -142,7 +140,6 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener {
         this.hostedVespa = config.hostedVespa();
         this.canReturnEmptySentinelConfig = config.canReturnEmptySentinelConfig();
         this.fileServer = fileServer;
-        this.rpcAuthorizer = rpcAuthorizer;
         downloader = fileServer.downloader();
         setUpHandlers();
     }
@@ -156,8 +153,7 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener {
             log.log(LogLevel.SPAM, getConfigMethodName);
         }
         req.detach();
-        rpcAuthorizer.authorizeConfigRequest(req)
-                .thenRun(() -> addToRequestQueue(JRTServerConfigRequestV3.createFromRequest(req)));
+        addToRequestQueue(JRTServerConfigRequestV3.createFromRequest(req));
     }
 
     /**
@@ -547,24 +543,17 @@ public class RpcServer implements Runnable, ReloadListener, TenantListener {
 
     public final void serveFile(Request request) {
         request.detach();
-        rpcAuthorizer.authorizeFileRequest(request)
-                .thenRun(() -> { // okay to do in authorizer thread as serveFile is async
-                    FileServer.Receiver receiver = new ChunkedFileReceiver(request.target());
-                    fileServer.serveFile(request.parameters().get(0).asString(), request.parameters().get(1).asInt32() == 0, request, receiver);
-                });
+        FileServer.Receiver receiver = new ChunkedFileReceiver(request.target());
+        fileServer.serveFile(request.parameters().get(0).asString(), request.parameters().get(1).asInt32() == 0, request, receiver);
     }
 
     public final void setFileReferencesToDownload(Request req) {
-        req.detach();
-        rpcAuthorizer.authorizeFileRequest(req)
-                .thenRun(() -> { // okay to do in authorizer thread as downloadIfNeeded is async
-                    String[] fileReferenceStrings = req.parameters().get(0).asStringArray();
-                    Stream.of(fileReferenceStrings)
-                            .map(FileReference::new)
-                            .forEach(fileReference -> downloader.downloadIfNeeded(
-                                    new FileReferenceDownload(fileReference, false /* downloadFromOtherSourceIfNotFound */)));
-                    req.returnValues().add(new Int32Value(0));
-                });
+        String[] fileReferenceStrings = req.parameters().get(0).asStringArray();
+        Stream.of(fileReferenceStrings)
+                .map(FileReference::new)
+                .forEach(fileReference -> downloader.downloadIfNeeded(
+                        new FileReferenceDownload(fileReference, false /* downloadFromOtherSourceIfNotFound */)));
+        req.returnValues().add(new Int32Value(0));
     }
 
     HostLivenessTracker hostLivenessTracker() {
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java
deleted file mode 100644
index 2e8b8182c3f..00000000000
--- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/DefaultRpcAuthorizerProvider.java
+++ /dev/null
@@ -1,36 +0,0 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.config.server.rpc.security;
-
-import com.google.inject.Inject;
-import com.google.inject.Provider;
-import com.yahoo.cloud.config.ConfigserverConfig;
-import com.yahoo.config.provision.security.NodeIdentifier;
-import com.yahoo.security.tls.TransportSecurityUtils;
-import com.yahoo.vespa.config.server.host.HostRegistries;
-import com.yahoo.vespa.config.server.tenant.TenantRepository;
-
-/**
- * A provider for {@link RpcAuthorizer}. The instance provided is dependent on the configuration of the configserver.
- *
- * @author bjorncs
- */
-public class DefaultRpcAuthorizerProvider implements Provider<RpcAuthorizer> {
-
-    private final RpcAuthorizer rpcAuthorizer;
-
-    @Inject
-    public DefaultRpcAuthorizerProvider(ConfigserverConfig config,
-                                        NodeIdentifier nodeIdentifier,
-                                        HostRegistries hostRegistries,
-                                        TenantRepository tenantRepository) {
-        this.rpcAuthorizer =
-                TransportSecurityUtils.isTransportSecurityEnabled() && config.multitenant()
-                        ? new MultiTenantRpcAuthorizer(nodeIdentifier, hostRegistries, tenantRepository)
-                        : new NoopRpcAuthorizer();
-    }
-
-    @Override
-    public RpcAuthorizer get() {
-        return rpcAuthorizer;
-    }
-}
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/NoopRpcAuthorizer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/NoopRpcAuthorizer.java
deleted file mode 100644
index 5eb35b70d0f..00000000000
--- a/configserver/src/main/java/com/yahoo/vespa/config/server/rpc/security/NoopRpcAuthorizer.java
+++ /dev/null
@@ -1,24 +0,0 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.vespa.config.server.rpc.security;
-
-import com.yahoo.jrt.Request;
-
-import java.util.concurrent.CompletableFuture;
-
-/**
- * A {@link RpcAuthorizer} that allow all RPC requests.
- *
- * @author bjorncs
- */
-public class NoopRpcAuthorizer implements RpcAuthorizer {
-
-    @Override
-    public CompletableFuture<Void> authorizeConfigRequest(Request request) {
-        return CompletableFuture.completedFuture(null);
-    }
-
-    @Override
-    public CompletableFuture<Void> authorizeFileRequest(Request request) {
-        return CompletableFuture.completedFuture(null);
-    }
-}
diff --git a/configserver/src/main/resources/configserver-app/services.xml b/configserver/src/main/resources/configserver-app/services.xml
index 640257f6fbf..a7fd0f696b3 100644
--- a/configserver/src/main/resources/configserver-app/services.xml
+++ b/configserver/src/main/resources/configserver-app/services.xml
@@ -39,7 +39,6 @@
     <component id="com.yahoo.vespa.config.server.filedistribution.FileServer" bundle="configserver" />
     <component id="com.yahoo.vespa.config.server.maintenance.ConfigServerMaintenance" bundle="configserver" />
     <component id="com.yahoo.config.provision.security.DummyNodeIdentifierProvider" bundle="config-provisioning" />
-    <component id="com.yahoo.vespa.config.server.rpc.security.DefaultRpcAuthorizerProvider" bundle="configserver" />
 
     <component id="com.yahoo.vespa.serviceview.ConfigServerLocation" bundle="configserver" />
 
diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistryTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistryTest.java
index 2c14c3f96b7..476f77ae1db 100644
--- a/configserver/src/test/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistryTest.java
+++ b/configserver/src/test/java/com/yahoo/vespa/config/server/InjectedGlobalComponentRegistryTest.java
@@ -14,7 +14,6 @@ import com.yahoo.vespa.config.server.modelfactory.ModelFactoryRegistry;
 import com.yahoo.vespa.config.server.monitoring.Metrics;
 import com.yahoo.vespa.config.server.provision.HostProvisionerProvider;
 import com.yahoo.vespa.config.server.rpc.RpcServer;
-import com.yahoo.vespa.config.server.rpc.security.NoopRpcAuthorizer;
 import com.yahoo.vespa.config.server.session.SessionPreparer;
 import com.yahoo.vespa.config.server.session.SessionTest;
 import com.yahoo.vespa.config.server.zookeeper.ConfigCurator;
@@ -67,7 +66,7 @@ public class InjectedGlobalComponentRegistryTest {
                         .configDefinitionsDir(temporaryFolder.newFolder("configdefinitions").getAbsolutePath()));
         sessionPreparer = new SessionTest.MockSessionPreparer();
         rpcServer = new RpcServer(configserverConfig, null, Metrics.createTestMetrics(),
-                                  new HostRegistries(), new ConfigRequestHostLivenessTracker(), new FileServer(temporaryFolder.newFolder("filereferences")), new NoopRpcAuthorizer());
+                                  new HostRegistries(), new ConfigRequestHostLivenessTracker(), new FileServer(temporaryFolder.newFolder("filereferences")));
         generationCounter = new SuperModelGenerationCounter(curator);
         defRepo = new StaticConfigDefinitionRepo();
         permanentApplicationPackage = new PermanentApplicationPackage(configserverConfig);
diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/MockRpc.java b/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/MockRpc.java
index 027636df350..0f8bfa5068c 100644
--- a/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/MockRpc.java
+++ b/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/MockRpc.java
@@ -11,7 +11,6 @@ import com.yahoo.vespa.config.server.filedistribution.FileServer;
 import com.yahoo.vespa.config.server.host.ConfigRequestHostLivenessTracker;
 import com.yahoo.vespa.config.server.host.HostRegistries;
 import com.yahoo.vespa.config.server.monitoring.Metrics;
-import com.yahoo.vespa.config.server.rpc.security.NoopRpcAuthorizer;
 import com.yahoo.vespa.config.server.tenant.MockTenantProvider;
 
 import java.io.File;
@@ -39,7 +38,7 @@ public class MockRpc extends RpcServer {
 
     public MockRpc(int port, boolean createDefaultTenant, boolean pretendToHaveLoadedAnyApplication, File tempDir) {
         super(createConfig(port), null, Metrics.createTestMetrics(), 
-              new HostRegistries(), new ConfigRequestHostLivenessTracker(), new FileServer(tempDir), new NoopRpcAuthorizer());
+              new HostRegistries(), new ConfigRequestHostLivenessTracker(), new FileServer(tempDir));
         if (createDefaultTenant) {
             onTenantCreate(TenantName.from("default"), new MockTenantProvider(pretendToHaveLoadedAnyApplication));
         }
diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/RpcTester.java b/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/RpcTester.java
index 01417bbc0b1..dd66f720b1f 100644
--- a/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/RpcTester.java
+++ b/configserver/src/test/java/com/yahoo/vespa/config/server/rpc/RpcTester.java
@@ -16,7 +16,6 @@ import com.yahoo.vespa.config.server.filedistribution.FileServer;
 import com.yahoo.vespa.config.server.host.ConfigRequestHostLivenessTracker;
 import com.yahoo.vespa.config.server.host.HostRegistries;
 import com.yahoo.vespa.config.server.monitoring.Metrics;
-import com.yahoo.vespa.config.server.rpc.security.NoopRpcAuthorizer;
 import com.yahoo.vespa.config.server.tenant.MockTenantProvider;
 import com.yahoo.vespa.config.server.tenant.TenantHandlerProvider;
 import com.yahoo.vespa.flags.InMemoryFlagSource;
@@ -98,8 +97,7 @@ public class RpcTester implements AutoCloseable {
                                                                        generationCounter,
                                                                        new InMemoryFlagSource())),
                                   Metrics.createTestMetrics(), new HostRegistries(),
-                                  hostLivenessTracker, new FileServer(temporaryFolder.newFolder()),
-                                  new NoopRpcAuthorizer());
+                                  hostLivenessTracker, new FileServer(temporaryFolder.newFolder()));
         rpcServer.onTenantCreate(TenantName.from("default"), tenantProvider);
         t = new Thread(rpcServer);
         t.start();
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-05-21 20:12:19 +0200
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-05-21 20:12:19 +0200
commit	bbb3cfe7da8c4ac492ac62d1c00ec3aaf9751b00 (patch)
tree	5df7187604e7a0c834ca13a63aa2bd9d3bb00a70 /configserver
parent	062aeb883489e3c5b7c4860aea42a0880c46e18c (diff)