diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2017-10-12 16:05:22 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2017-10-16 14:38:49 +0200 |
commit | 93b58e00125e6be95c51ee276e459b32a32210e5 (patch) | |
tree | 46a9ed60bf0c457b80360ce66d9d60df256ece19 /controller-api/src | |
parent | 30faaf802bd334aeaae13fac448e88a63b986810 (diff) |
Open-source Athenz integration for controller-server
Diffstat (limited to 'controller-api/src')
20 files changed, 1 insertions, 751 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/identifiers/AthensDomain.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/identifiers/AthensDomain.java index eb8b5c5256b..194088df7dc 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/identifiers/AthensDomain.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/identifiers/AthensDomain.java @@ -4,6 +4,7 @@ package com.yahoo.vespa.hosted.controller.api.identifiers; /** * @author smorgrav */ +// TODO Rename to AthenzDomain public class AthensDomain extends Identifier { public AthensDomain(String id) { diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ApplicationAction.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ApplicationAction.java deleted file mode 100644 index cb5731164c8..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ApplicationAction.java +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -/** - * @author mpolden - */ -public enum ApplicationAction { - deploy("deployer"), - read("reader"), - write("writer"); - - public final String roleName; - - ApplicationAction(String roleName) { - this.roleName = roleName; - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/Athens.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/Athens.java deleted file mode 100644 index 0635fb850b7..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/Athens.java +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.identifiers.ScrewdriverId; -import com.yahoo.vespa.hosted.controller.api.identifiers.UserId; - -/** - * Interface for integrating controller with Athens. - * - * @author mpolden - */ -public interface Athens { - - String principalTokenHeader(); - AthensPrincipal principalFrom(ScrewdriverId screwdriverId); - AthensPrincipal principalFrom(UserId userId); - NTokenValidator validator(); - NToken nTokenFrom(String rawToken); - ZmsClientFactory zmsClientFactory(); - AthensDomain screwdriverDomain(); - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensPrincipal.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensPrincipal.java deleted file mode 100644 index 58b878870b9..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensPrincipal.java +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.identifiers.UserId; - -import java.security.Principal; -import java.util.Objects; - -/** - * @author bjorncs - */ -public class AthensPrincipal implements Principal { - - private final AthensDomain domain; - private final UserId userId; - - public AthensPrincipal(AthensDomain domain, UserId userId) { - this.domain = domain; - this.userId = userId; - } - - public UserId getUserId() { - return userId; - } - - public AthensDomain getDomain() { - return domain; - } - - public String toYRN() { - return domain.id() + "." + userId.id(); - } - - @Override - public String toString() { - return toYRN(); - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - AthensPrincipal that = (AthensPrincipal) o; - return Objects.equals(domain, that.domain) && - Objects.equals(userId, that.userId); - } - - @Override - public int hashCode() { - return Objects.hash(domain, userId); - } - - @Override - public String getName() { - return userId.id(); - } - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensPublicKey.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensPublicKey.java deleted file mode 100644 index 9bbb5f28d8f..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensPublicKey.java +++ /dev/null @@ -1,48 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import java.security.PublicKey; -import java.util.Objects; - -/** - * @author bjorncs - */ -public class AthensPublicKey { - private final PublicKey publicKey; - private final String keyId; - - public AthensPublicKey(PublicKey publicKey, String keyId) { - this.publicKey = publicKey; - this.keyId = keyId; - } - - public PublicKey getPublicKey() { - return publicKey; - } - - public String getKeyId() { - return keyId; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - AthensPublicKey that = (AthensPublicKey) o; - return Objects.equals(publicKey, that.publicKey) && - Objects.equals(keyId, that.keyId); - } - - @Override - public int hashCode() { - return Objects.hash(publicKey, keyId); - } - - @Override - public String toString() { - return "AthensPublicKey{" + - "publicKey=" + publicKey + - ", keyId='" + keyId + '\'' + - '}'; - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensService.java deleted file mode 100644 index 42af966be3d..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/AthensService.java +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; - -import java.util.Objects; - -/** - * @author bjorncs - */ -public class AthensService { - - private final AthensDomain domain; - private final String serviceName; - - public AthensService(AthensDomain domain, String serviceName) { - this.domain = domain; - this.serviceName = serviceName; - } - - public String toFullServiceName() { - return domain.id() + "." + serviceName; - } - - public AthensDomain getDomain() { - return domain; - } - - public String getServiceName() { - return serviceName; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - AthensService that = (AthensService) o; - return Objects.equals(domain, that.domain) && - Objects.equals(serviceName, that.serviceName); - } - - @Override - public int hashCode() { - return Objects.hash(domain, serviceName); - } - - @Override - public String toString() { - return String.format("AthensService(%s)", toFullServiceName()); - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/InvalidTokenException.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/InvalidTokenException.java deleted file mode 100644 index 9c21d5814cb..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/InvalidTokenException.java +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -/** - * @author bjorncs - */ -public class InvalidTokenException extends Exception { - public InvalidTokenException(String message) { - super(message); - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/NToken.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/NToken.java deleted file mode 100644 index b74872b4c6a..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/NToken.java +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.identifiers.UserId; - -import java.security.PublicKey; - -/** - * @author mpolden - */ -public interface NToken { - - AthensPrincipal getPrincipal(); - UserId getUser(); - AthensDomain getDomain(); - String getToken(); - String getKeyId(); - void validateSignatureAndExpiration(PublicKey publicKey) throws InvalidTokenException; - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/NTokenValidator.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/NTokenValidator.java deleted file mode 100644 index 905d7d864a3..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/NTokenValidator.java +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -/** - * @author mpolden - */ -public interface NTokenValidator { - - void preloadPublicKeys(); - AthensPrincipal validate(NToken nToken) throws InvalidTokenException; - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsClient.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsClient.java deleted file mode 100644 index 7ff54957e16..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsClient.java +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId; -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; - -import java.util.List; - -/** - * @author bjorncs - */ -public interface ZmsClient { - void createTenant(AthensDomain tenantDomain); - - void deleteTenant(AthensDomain tenantDomain); - - void addApplication(AthensDomain tenantDomain, ApplicationId applicationName); - - void deleteApplication(AthensDomain tenantDomain, ApplicationId applicationName); - - boolean hasApplicationAccess(AthensPrincipal principal, ApplicationAction action, AthensDomain tenantDomain, ApplicationId applicationName); - - boolean hasTenantAdminAccess(AthensPrincipal principal, AthensDomain tenantDomain); - - // Used before vespa tenancy is established for the domain. - boolean isDomainAdmin(AthensPrincipal principal, AthensDomain domain); - - List<AthensDomain> getDomainList(String prefix); - - List<AthensDomain> getTenantDomainsForUser(AthensPrincipal principal); - - AthensPublicKey getPublicKey(AthensService service, String keyId); - - List<AthensPublicKey> getPublicKeys(AthensService service); -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsClientFactory.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsClientFactory.java deleted file mode 100644 index e00f3ce2f64..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsClientFactory.java +++ /dev/null @@ -1,11 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -/** - * @author bjorncs - */ -public interface ZmsClientFactory { - ZmsClient createClientWithServicePrincipal(); - - ZmsClient createClientWithAuthorizedServiceToken(NToken authorizedServiceToken); -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsException.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsException.java deleted file mode 100644 index ed5b2daca86..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsException.java +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -/** - * @author bjorncs - */ -public class ZmsException extends RuntimeException { - - private final int code; - - public ZmsException(Throwable t, int code) { - super(t.getMessage(), t); - this.code = code; - } - - public ZmsException(int code) { - this.code = code; - } - - public int getCode() { - return code; - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsKeystore.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsKeystore.java deleted file mode 100644 index 4f8e5f5ff05..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/ZmsKeystore.java +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import java.security.PublicKey; -import java.util.Optional; - -/** - * Interface for a keystore containing public keys for Athens services - * - * @author bjorncs - */ -@FunctionalInterface -public interface ZmsKeystore { - Optional<PublicKey> getPublicKey(AthensService service, String keyId); - - default void preloadKeys(AthensService service) { - // Default implementation is noop - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/AthensDbMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/AthensDbMock.java deleted file mode 100644 index 8a02d0dcff5..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/AthensDbMock.java +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens.mock; - -import com.yahoo.vespa.hosted.controller.api.integration.athens.ApplicationAction; -import com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId; -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.integration.athens.AthensPrincipal; - -import java.util.HashMap; -import java.util.HashSet; -import java.util.Map; -import java.util.Set; - -/** - * @author bjorncs - */ -public class AthensDbMock { - - public final Map<AthensDomain, Domain> domains = new HashMap<>(); - - public AthensDbMock addDomain(Domain domain) { - domains.put(domain.name, domain); - return this; - } - - public static class Domain { - - public final AthensDomain name; - public final Set<AthensPrincipal> admins = new HashSet<>(); - public final Set<AthensPrincipal> tenantAdmins = new HashSet<>(); - public final Map<ApplicationId, Application> applications = new HashMap<>(); - public boolean isVespaTenant = false; - - public Domain(AthensDomain name) { - this.name = name; - } - - public Domain admin(AthensPrincipal user) { - admins.add(user); - return this; - } - - public Domain tenantAdmin(AthensPrincipal user) { - tenantAdmins.add(user); - return this; - } - - /** - * Simulates establishing Vespa tenancy in Athens. - */ - public void markAsVespaTenant() { - isVespaTenant = true; - } - - } - - public static class Application { - - public final Map<ApplicationAction, Set<AthensPrincipal>> acl = new HashMap<>(); - - public Application() { - acl.put(ApplicationAction.deploy, new HashSet<>()); - acl.put(ApplicationAction.read, new HashSet<>()); - acl.put(ApplicationAction.write, new HashSet<>()); - } - - public Application addRoleMember(ApplicationAction action, AthensPrincipal user) { - acl.get(action).add(user); - return this; - } - } - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/AthensMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/AthensMock.java deleted file mode 100644 index 8bed95bfcd4..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/AthensMock.java +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens.mock; - -import com.google.inject.Inject; -import com.yahoo.component.AbstractComponent; -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.identifiers.ScrewdriverId; -import com.yahoo.vespa.hosted.controller.api.identifiers.UserId; -import com.yahoo.vespa.hosted.controller.api.integration.athens.Athens; -import com.yahoo.vespa.hosted.controller.api.integration.athens.AthensPrincipal; -import com.yahoo.vespa.hosted.controller.api.integration.athens.InvalidTokenException; -import com.yahoo.vespa.hosted.controller.api.integration.athens.NToken; -import com.yahoo.vespa.hosted.controller.api.integration.athens.NTokenValidator; -import com.yahoo.vespa.hosted.controller.api.integration.athens.ZmsClientFactory; - -/** - * @author mpolden - */ -public class AthensMock extends AbstractComponent implements Athens { - - private static final AthensDomain userDomain = new AthensDomain("domain1"); - private static final AthensDomain screwdriverDomain = new AthensDomain("screwdriver-domain"); - - private final ZmsClientFactory zmsClientFactory; - private final NTokenValidator nTokenValidator; - - public AthensMock(AthensDbMock athensDb, NTokenValidator nTokenValidator) { - this.zmsClientFactory = new ZmsClientFactoryMock(athensDb); - this.nTokenValidator = nTokenValidator; - } - - public AthensMock(AthensDbMock athensDbMock) { - this(athensDbMock, mockValidator); - } - - @Inject - public AthensMock() { - this(new AthensDbMock(), mockValidator); - } - - @Override - public String principalTokenHeader() { - return "X-Athens-Token"; - } - - @Override - public AthensPrincipal principalFrom(ScrewdriverId screwdriverId) { - return new AthensPrincipal(screwdriverDomain, new UserId("screwdriver-" + screwdriverId.id())); - } - - @Override - public AthensPrincipal principalFrom(UserId userId) { - return new AthensPrincipal(userDomain, userId); - } - - @Override - public NTokenValidator validator() { - return nTokenValidator; - } - - @Override - public NToken nTokenFrom(String rawToken) { - return new NTokenMock(rawToken); - } - - @Override - public ZmsClientFactory zmsClientFactory() { - return zmsClientFactory; - } - - @Override - public AthensDomain screwdriverDomain() { - return screwdriverDomain; - } - - private static final NTokenValidator mockValidator = new NTokenValidator() { - @Override - public void preloadPublicKeys() { - } - - @Override - public AthensPrincipal validate(NToken nToken) throws InvalidTokenException { - return nToken.getPrincipal(); - } - }; - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/NTokenMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/NTokenMock.java deleted file mode 100644 index ae23a69e409..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/NTokenMock.java +++ /dev/null @@ -1,68 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens.mock; - -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.identifiers.UserId; -import com.yahoo.vespa.hosted.controller.api.integration.athens.AthensPrincipal; -import com.yahoo.vespa.hosted.controller.api.integration.athens.InvalidTokenException; -import com.yahoo.vespa.hosted.controller.api.integration.athens.NToken; - -import java.security.PublicKey; -import java.util.Objects; - -/** - * @author mpolden - */ -public class NTokenMock implements NToken { - - private static final AthensDomain domain = new AthensDomain("test"); - private static final UserId userId = new UserId("user"); - - private final String rawToken; - - public NTokenMock(String rawToken) { - this.rawToken = rawToken; - } - - @Override - public AthensPrincipal getPrincipal() { - return new AthensPrincipal(domain, userId); - } - - @Override - public UserId getUser() { - return userId; - } - - @Override - public AthensDomain getDomain() { - return domain; - } - - @Override - public String getToken() { - return "test-token"; - } - - @Override - public String getKeyId() { - return "test-key"; - } - - @Override - public void validateSignatureAndExpiration(PublicKey publicKey) throws InvalidTokenException { - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (!(o instanceof NTokenMock)) return false; - NTokenMock that = (NTokenMock) o; - return Objects.equals(rawToken, that.rawToken); - } - - @Override - public int hashCode() { - return Objects.hash(rawToken); - } -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/ZmsClientFactoryMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/ZmsClientFactoryMock.java deleted file mode 100644 index 8bc8b29fb4c..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/ZmsClientFactoryMock.java +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens.mock; - -import com.yahoo.component.AbstractComponent; -import com.yahoo.vespa.hosted.controller.api.integration.athens.NToken; -import com.yahoo.vespa.hosted.controller.api.integration.athens.ZmsClient; -import com.yahoo.vespa.hosted.controller.api.integration.athens.ZmsClientFactory; - -import java.util.logging.Level; -import java.util.logging.Logger; - -/** - * @author bjorncs - */ -public class ZmsClientFactoryMock extends AbstractComponent implements ZmsClientFactory { - - private static final Logger log = Logger.getLogger(ZmsClientFactoryMock.class.getName()); - - private final AthensDbMock athens; - - public ZmsClientFactoryMock() { - this(new AthensDbMock()); - } - - ZmsClientFactoryMock(AthensDbMock athens) { - this.athens = athens; - } - - public AthensDbMock getSetup() { - return athens; - } - - @Override - public ZmsClient createClientWithServicePrincipal() { - log("createClientWithServicePrincipal()"); - return new ZmsClientMock(athens); - } - - @Override - public ZmsClient createClientWithAuthorizedServiceToken(NToken authorizedServiceToken) { - log("createClientWithAuthorizedServiceToken(authorizedServiceToken='%s')", authorizedServiceToken); - return new ZmsClientMock(athens); - } - - private static void log(String format, Object... args) { - log.log(Level.INFO, String.format(format, args)); - } - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/ZmsClientMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/ZmsClientMock.java deleted file mode 100644 index 97f391f792d..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/ZmsClientMock.java +++ /dev/null @@ -1,131 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.integration.athens.mock; - -import com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId; -import com.yahoo.vespa.hosted.controller.api.identifiers.AthensDomain; -import com.yahoo.vespa.hosted.controller.api.integration.athens.ApplicationAction; -import com.yahoo.vespa.hosted.controller.api.integration.athens.AthensPrincipal; -import com.yahoo.vespa.hosted.controller.api.integration.athens.AthensPublicKey; -import com.yahoo.vespa.hosted.controller.api.integration.athens.AthensService; -import com.yahoo.vespa.hosted.controller.api.integration.athens.ZmsClient; -import com.yahoo.vespa.hosted.controller.api.integration.athens.ZmsException; - -import java.util.ArrayList; -import java.util.List; -import java.util.Optional; -import java.util.logging.Level; -import java.util.logging.Logger; - -import static java.util.stream.Collectors.toList; - -/** - * @author bjorncs - */ -public class ZmsClientMock implements ZmsClient { - - private static final Logger log = Logger.getLogger(ZmsClientMock.class.getName()); - - private final AthensDbMock athens; - - public ZmsClientMock(AthensDbMock athens) { - this.athens = athens; - } - - @Override - public void createTenant(AthensDomain tenantDomain) { - log("createTenant(tenantDomain='%s')", tenantDomain); - getDomainOrThrow(tenantDomain, false).isVespaTenant = true; - } - - @Override - public void deleteTenant(AthensDomain tenantDomain) { - log("deleteTenant(tenantDomain='%s')", tenantDomain); - AthensDbMock.Domain domain = getDomainOrThrow(tenantDomain, false); - domain.isVespaTenant = false; - domain.applications.clear(); - domain.tenantAdmins.clear(); - } - - @Override - public void addApplication(AthensDomain tenantDomain, ApplicationId applicationName) { - log("addApplication(tenantDomain='%s', applicationName='%s')", tenantDomain, applicationName); - AthensDbMock.Domain domain = getDomainOrThrow(tenantDomain, true); - if (!domain.applications.containsKey(applicationName)) { - domain.applications.put(applicationName, new AthensDbMock.Application()); - } - } - - @Override - public void deleteApplication(AthensDomain tenantDomain, ApplicationId applicationName) { - log("addApplication(tenantDomain='%s', applicationName='%s')", tenantDomain, applicationName); - getDomainOrThrow(tenantDomain, true).applications.remove(applicationName); - } - - @Override - public boolean hasApplicationAccess(AthensPrincipal principal, ApplicationAction action, AthensDomain tenantDomain, ApplicationId applicationName) { - log("hasApplicationAccess(principal='%s', action='%s', tenantDomain='%s', applicationName='%s')", - principal, action, tenantDomain, applicationName); - AthensDbMock.Domain domain = getDomainOrThrow(tenantDomain, true); - AthensDbMock.Application application = domain.applications.get(applicationName); - if (application == null) { - throw zmsException(400, "Application '%s' not found", applicationName); - } - return domain.admins.contains(principal) || application.acl.get(action).contains(principal); - } - - @Override - public boolean hasTenantAdminAccess(AthensPrincipal principal, AthensDomain tenantDomain) { - log("hasTenantAdminAccess(principal='%s', tenantDomain='%s')", principal, tenantDomain); - return isDomainAdmin(principal, tenantDomain) || - getDomainOrThrow(tenantDomain, true).tenantAdmins.contains(principal); - } - - @Override - public boolean isDomainAdmin(AthensPrincipal principal, AthensDomain domain) { - log("isDomainAdmin(principal='%s', domain='%s')", principal, domain); - return getDomainOrThrow(domain, false).admins.contains(principal); - } - - @Override - public List<AthensDomain> getDomainList(String prefix) { - log("getDomainList()"); - return new ArrayList<>(athens.domains.keySet()); - } - - @Override - public List<AthensDomain> getTenantDomainsForUser(AthensPrincipal principal) { - log("getTenantDomainsForUser(principal='%s')", principal); - return athens.domains.values().stream() - .filter(domain -> domain.tenantAdmins.contains(principal) || domain.admins.contains(principal)) - .map(domain -> domain.name) - .collect(toList()); - } - - @Override - public AthensPublicKey getPublicKey(AthensService service, String keyId) { - throw new UnsupportedOperationException(); - } - - @Override - public List<AthensPublicKey> getPublicKeys(AthensService service) { - throw new UnsupportedOperationException(); - } - - private AthensDbMock.Domain getDomainOrThrow(AthensDomain domainName, boolean verifyVespaTenant) { - AthensDbMock.Domain domain = Optional.ofNullable(athens.domains.get(domainName)) - .orElseThrow(() -> zmsException(400, "Domain '%s' not found", domainName)); - if (verifyVespaTenant && !domain.isVespaTenant) { - throw zmsException(400, "Domain not a Vespa tenant: '%s'", domainName); - } - return domain; - } - - private static ZmsException zmsException(int code, String message, Object... args) { - return new ZmsException(new RuntimeException(String.format(message, args)), code); - } - - private static void log(String format, Object... args) { - log.log(Level.INFO, String.format(format, args)); - } - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/package-info.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/package-info.java deleted file mode 100644 index d4454503786..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/mock/package-info.java +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -/** - * @author bjorncs - */ -@ExportPackage -package com.yahoo.vespa.hosted.controller.api.integration.athens.mock; - -import com.yahoo.osgi.annotation.ExportPackage; diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/package-info.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/package-info.java deleted file mode 100644 index eabe214abf2..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athens/package-info.java +++ /dev/null @@ -1,5 +0,0 @@ -// Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -@ExportPackage -package com.yahoo.vespa.hosted.controller.api.integration.athens; - -import com.yahoo.osgi.annotation.ExportPackage; |