diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-08 14:20:36 +0200 |
---|---|---|
committer | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-09 13:05:40 +0200 |
commit | 4e341affb723f19d813ecc2f8d94124bfd832bbd (patch) | |
tree | 9a1ad37b03211d3d54f3e9e2ff0581186718adac /controller-api | |
parent | d6921ae2de107a1755f63bd8e7bb01d6929d3c27 (diff) |
Rewire role inheritance, and test it
Diffstat (limited to 'controller-api')
2 files changed, 56 insertions, 4 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java index 7aaadc96c4e..75d491a0a84 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java @@ -41,21 +41,24 @@ public enum RoleDefinition { Policy.developmentDeployment), /** Application operator with access to normal, operational tasks of an application. */ - applicationOperator(applicationDeveloper, + applicationOperator(applicationReader, Policy.applicationOperations), /** Application administrator with full access to an already existing application, including emergency operations. */ - applicationAdmin(applicationOperator, + applicationAdmin(applicationDeveloper, + applicationOperator, Policy.applicationUpdate, Policy.productionDeployment, Policy.submission), - /** Tenant operator with admin access to all applications under the tenant, as well as the ability to create applications. */ - tenantOperator(applicationAdmin, + /** Tenant operator with access to create application under a tenant, and to read the tenant's and public data. */ + tenantOperator(everyone, + Policy.tenantRead, Policy.applicationCreate), /** Tenant admin with full access to all tenant resources, except deleting the tenant. */ tenantAdmin(tenantOperator, + applicationAdmin, Policy.applicationDelete, Policy.manager, Policy.tenantUpdate), diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java index 1badd157b1b..6cfe01cfb77 100644 --- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java +++ b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java @@ -51,4 +51,53 @@ public class RoleTest { assertFalse("No global read access", role.allows(Action.read, URI.create("/controller/v1/foo"))); } + @Test + public void implications() { + Roles roles = new Roles(SystemName.main); + TenantName tenant1 = TenantName.from("t1"); + ApplicationName application1 = ApplicationName.from("a1"); + TenantName tenant2 = TenantName.from("t2"); + ApplicationName application2 = ApplicationName.from("a2"); + + Role tenantOwner1 = roles.tenantOwner(tenant1); + Role tenantAdmin1 = roles.tenantAdmin(tenant1); + Role tenantAdmin2 = roles.tenantAdmin(tenant2); + Role tenantOperator1 = roles.tenantOperator(tenant1); + Role applicationAdmin11 = roles.applicationAdmin(tenant1, application1); + Role applicationOperator11 = roles.applicationOperator(tenant1, application1); + Role applicationDeveloper11 = roles.applicationDeveloper(tenant1, application1); + Role applicationReader11 = roles.applicationReader(tenant1, application1); + Role applicationReader12 = roles.applicationReader(tenant1, application2); + Role applicationReader22 = roles.applicationReader(tenant2, application2); + + assertFalse(tenantOwner1.implies(tenantOwner1)); + assertTrue(tenantOwner1.implies(tenantAdmin1)); + assertFalse(tenantOwner1.implies(tenantAdmin2)); + assertTrue(tenantOwner1.implies(tenantOperator1)); + assertTrue(tenantOwner1.implies(applicationAdmin11)); + assertTrue(tenantOwner1.implies(applicationReader11)); + assertTrue(tenantOwner1.implies(applicationReader12)); + assertFalse(tenantOwner1.implies(applicationReader22)); + + assertFalse(tenantAdmin1.implies(tenantOwner1)); + assertFalse(tenantAdmin1.implies(tenantAdmin2)); + assertTrue(tenantAdmin1.implies(applicationDeveloper11)); + + assertFalse(tenantOperator1.implies(applicationReader11)); + + assertFalse(applicationAdmin11.implies(tenantAdmin1)); + assertFalse(applicationAdmin11.implies(tenantOperator1)); + assertTrue(applicationAdmin11.implies(applicationOperator11)); + assertTrue(applicationAdmin11.implies(applicationDeveloper11)); + assertTrue(applicationAdmin11.implies(applicationReader11)); + assertFalse(applicationAdmin11.implies(applicationReader12)); + assertFalse(applicationAdmin11.implies(applicationReader22)); + + assertFalse(applicationOperator11.implies(applicationDeveloper11)); + assertTrue(applicationOperator11.implies(applicationReader11)); + + assertFalse(applicationDeveloper11.implies(applicationOperator11)); + assertTrue(applicationDeveloper11.implies(applicationReader11)); + } + } |