diff options
| author | Ola Aunrønning <olaa@verizonmedia.com> | 2020-03-30 08:56:49 +0200 |
|---|---|---|
| committer | Ola Aunrønning <olaa@verizonmedia.com> | 2020-03-30 09:02:25 +0200 |
| commit | 19163175ddec91a8909848ce980e1d046d9f1df2 (patch) | |
| tree | b97440a9f9ea466250ad78da9d5e75719664b450 /controller-api | |
| parent | e71af718fc05b3129954b635a9e792e9cd6627c3 (diff) | |
Add role, policy and path group for payment notification callback
Diffstat (limited to 'controller-api')
4 files changed, 17 insertions, 3 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java index 0b9161c0bc6..5c11dfc2a55 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java @@ -202,7 +202,11 @@ enum PathGroup { /** Paths used for "dry-running" system-wide feature flags. */ - systemFlagsDryrun(PathPrefix.none, "/system-flags/v1/dryrun"); + systemFlagsDryrun(PathPrefix.none, "/system-flags/v1/dryrun"), + + /** Paths used for receiving payment callbacks */ + paymentProcessor(PathPrefix.none, "/payment/notification"); + final List<String> pathSpecs; final PathPrefix prefix; diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java index 55512b38f95..cfe8d247e54 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java @@ -137,7 +137,12 @@ enum Policy { /** Access to /system-flags/v1/dryrun. */ systemFlagsDryrun(Privilege.grant(Action.update) .on(PathGroup.systemFlagsDryrun) - .in(SystemName.all())); + .in(SystemName.all())), + + /** Access to /payment/notification */ + paymentProcessor(Privilege.grant(Action.create) + .on(PathGroup.paymentProcessor) + .in(SystemName.PublicCd)); private final Set<Privilege> privileges; diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java index 532088e94aa..d3c5e412215 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java @@ -73,6 +73,9 @@ public abstract class Role { /** Returns the role for system flag dryrun */ public static UnboundRole systemFlagsDryrunner() { return new UnboundRole(RoleDefinition.systemFlagsDryrunner); } + /** Returns the role of the payment processor */ + public static UnboundRole paymentProcessor() { return new UnboundRole(RoleDefinition.paymentProcessor); } + /** Returns the role definition of this bound role. */ public RoleDefinition definition() { return roleDefinition; } diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java index c4ce70a8f1e..c05936ee593 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java @@ -76,7 +76,9 @@ public enum RoleDefinition { systemFlagsDeployer(Policy.systemFlagsDeploy, Policy.systemFlagsDryrun), - systemFlagsDryrunner(Policy.systemFlagsDryrun); + systemFlagsDryrunner(Policy.systemFlagsDryrun), + + paymentProcessor(Policy.paymentProcessor); private final Set<RoleDefinition> parents; private final Set<Policy> policies; |