diff options
author | Martin Polden <mpolden@mpolden.no> | 2020-03-05 13:49:02 +0100 |
---|---|---|
committer | Martin Polden <mpolden@mpolden.no> | 2020-03-05 13:53:51 +0100 |
commit | 55dd5a7e8db0cbb79802fdf8b059e8c75b6280f9 (patch) | |
tree | 9ba6eeddf433a6b386d05e8fc410298e992ad0d3 /controller-api | |
parent | 1e7e5d787497c067984a8effdceb06fcbb6d439a (diff) |
Remove unused athenzUser role
Diffstat (limited to 'controller-api')
4 files changed, 0 insertions, 52 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/InstanceRole.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/InstanceRole.java deleted file mode 100644 index 6cc726f2ac3..00000000000 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/InstanceRole.java +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. -package com.yahoo.vespa.hosted.controller.api.role; - -import com.yahoo.config.provision.ApplicationName; -import com.yahoo.config.provision.InstanceName; -import com.yahoo.config.provision.TenantName; - -/** - * A {@link Role} with a {@link Context} of a {@link TenantName}, an {@link ApplicationName}, and an {@link InstanceName}. - * - * @author jonmv - */ -public class InstanceRole extends Role { - - InstanceRole(RoleDefinition roleDefinition, TenantName tenant, ApplicationName application, InstanceName instance) { - super(roleDefinition, Context.limitedTo(tenant, application, instance)); - } - - /** Returns the {@link TenantName} this is bound to. */ - public TenantName tenant() { return context.tenant().get(); } - - /** Returns the {@link ApplicationName} this is bound to. */ - public ApplicationName application() { return context.application().get(); } - - /** Returns the {@link InstanceName} this is bound to. */ - public InstanceName instance() { return context.instance().get(); } - - @Override - public String toString() { - return "role '" + definition() + "' of instance '" + instance() + "' of '" + application() + "' owned by '" + tenant() + "'"; - } - -} diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java index c2203e3da40..beeb340647c 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java @@ -2,7 +2,6 @@ package com.yahoo.vespa.hosted.controller.api.role; import com.yahoo.config.provision.ApplicationName; -import com.yahoo.config.provision.InstanceName; import com.yahoo.config.provision.TenantName; import java.util.Objects; @@ -48,11 +47,6 @@ public abstract class Role { return new ApplicationRole(RoleDefinition.tenantPipeline, tenant, application); } - /** Returns a {@link RoleDefinition#athenzUser} for the current system and given tenant and application. */ - public static InstanceRole athenzUser(TenantName tenant, ApplicationName application, InstanceName instance) { - return new InstanceRole(RoleDefinition.athenzUser, tenant, application, instance); - } - /** Returns a {@link RoleDefinition#reader} for the current system and given tenant. */ public static TenantRole reader(TenantName tenant) { return new TenantRole(RoleDefinition.reader, tenant); diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java index 0d7222781fa..a350cb002b3 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java @@ -67,10 +67,6 @@ public enum RoleDefinition { Policy.deploymentPipeline, Policy.productionDeployment), - /** Athenz user with access to development resources under its instances. */ - athenzUser(everyone, - Policy.developmentDeployment), - /** Tenant administrator with full access to all child resources. */ athenzTenantAdmin(everyone, Policy.tenantRead, diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java index f0483e55b3e..f78ae24df9e 100644 --- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java +++ b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java @@ -2,7 +2,6 @@ package com.yahoo.vespa.hosted.controller.api.role; import com.yahoo.config.provision.ApplicationName; -import com.yahoo.config.provision.InstanceName; import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.TenantName; import org.junit.Test; @@ -82,14 +81,6 @@ public class RoleTest { } @Test - public void athenz_user_membership() { - Role role = Role.athenzUser(TenantName.from("t8"), ApplicationName.from("a6"), InstanceName.from("i1")); - assertTrue(mainEnforcer.allows(role, Action.create, URI.create("/application/v4/tenant/t8/application/a6/instance/i1/deploy/some-job"))); - assertTrue(mainEnforcer.allows(role, Action.delete, URI.create("/application/v4/tenant/t8/application/a6/instance/i1/environment/dev/region/r1"))); - assertFalse(mainEnforcer.allows(role, Action.delete, URI.create("/application/v4/tenant/t8/application/a6/instance/i1/environment/prod/region/r1"))); - } - - @Test public void new_implications() { TenantName tenant1 = TenantName.from("t1"); ApplicationName application1 = ApplicationName.from("a1"); |