diff options
author | Øyvind Grønnesby <oyving@verizonmedia.com> | 2020-11-26 16:30:46 +0100 |
---|---|---|
committer | Øyvind Grønnesby <oyving@verizonmedia.com> | 2020-11-26 16:30:46 +0100 |
commit | 21b4c580cd116cd6cf336feec5ed02ab9e4ccf58 (patch) | |
tree | 4fd0b73a287fcdb6d3468318f90089226a403098 /controller-api | |
parent | c4e7e04c88782b7eac14ba48f8504c1748827045 (diff) |
Limit operator's access to the billing API
Diffstat (limited to 'controller-api')
3 files changed, 41 insertions, 18 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java index 3fdf358a63d..2acf7c93925 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/PathGroup.java @@ -286,6 +286,26 @@ enum PathGroup { return EnumSet.complementOf(EnumSet.copyOf(List.of(pathGroups))); } + static Set<PathGroup> allExcept(Set<PathGroup> pathGroups) { + return EnumSet.complementOf(EnumSet.copyOf(pathGroups)); + } + + static Set<PathGroup> billingPaths() { + var paths = billingPathsNoToken(); + paths.add(PathGroup.billingToken); + return paths; + } + + static Set<PathGroup> billingPathsNoToken() { + return EnumSet.of( + PathGroup.billingCollection, + PathGroup.billingInstrument, + PathGroup.billingList, + PathGroup.billingPlan, + PathGroup.hostedAccountant + ); + } + /** Returns whether this group matches path in given context */ boolean matches(URI uri, Context context) { return get(uri).map(p -> { diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java index 4191dbd767d..ff29725fe7c 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Policy.java @@ -22,11 +22,14 @@ enum Policy { /** Full access to everything. */ operator(Privilege.grant(Action.all()) - .on(PathGroup.allExcept(PathGroup.hostedAccountant)) + .on(PathGroup.allExcept(PathGroup.billingPaths())) .in(SystemName.all()), - Privilege.grant(Action.read) - .on(PathGroup.hostedAccountant) - .in(SystemName.PublicCd)), + Privilege.grant(Action.read) + .on(PathGroup.billingPathsNoToken()) + .in(SystemName.all()), + Privilege.grant(Action.read) + .on(PathGroup.billingToken) + .in(SystemName.PublicCd)), /** Full access to everything. */ supporter(Privilege.grant(Action.read) diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java index 1a24b5361dd..ab72098303f 100644 --- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java +++ b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java @@ -201,7 +201,7 @@ public class RoleTest { tester.on("/billing/v1/tenant/t1/token") .assertAction(accountant) - .assertAction(operator, Action.create, Action.read, Action.update, Action.delete) + .assertAction(operator, Action.read) .assertAction(reader) .assertAction(developer) .assertAction(admin, Action.read) @@ -209,7 +209,7 @@ public class RoleTest { tester.on("/billing/v1/tenant/t1/instrument") .assertAction(accountant) - .assertAction(operator, Action.create, Action.read, Action.update, Action.delete) + .assertAction(operator, Action.read) .assertAction(reader, Action.read, Action.delete) .assertAction(developer, Action.read, Action.delete) .assertAction(admin, Action.read, Action.update, Action.delete) @@ -217,31 +217,31 @@ public class RoleTest { tester.on("/billing/v1/tenant/t1/instrument/i1") .assertAction(accountant) - .assertAction(operator, Action.create, Action.read, Action.update, Action.delete) - .assertAction(reader, Action.read, Action.delete) - .assertAction(developer, Action.read, Action.delete) - .assertAction(admin, Action.read, Action.update, Action.delete) + .assertAction(operator, Action.read) + .assertAction(reader, Action.read, Action.delete) + .assertAction(developer, Action.read, Action.delete) + .assertAction(admin, Action.read, Action.update, Action.delete) .assertAction(otherAdmin); tester.on("/billing/v1/tenant/t1/billing") .assertAction(accountant) - .assertAction(operator, Action.create, Action.read, Action.update, Action.delete) - .assertAction(reader, Action.read) - .assertAction(developer, Action.read) - .assertAction(admin, Action.read) + .assertAction(operator, Action.read) + .assertAction(reader, Action.read) + .assertAction(developer, Action.read) + .assertAction(admin, Action.read) .assertAction(otherAdmin); tester.on("/billing/v1/tenant/t1/plan") - .assertAction(accountant, Action.update) - .assertAction(operator, Action.create, Action.read, Action.update, Action.delete) + .assertAction(accountant, Action.update) + .assertAction(operator, Action.read) .assertAction(reader) .assertAction(developer) - .assertAction(admin, Action.update) + .assertAction(admin, Action.update) .assertAction(otherAdmin); tester.on("/billing/v1/tenant/t1/collection") .assertAction(accountant, Action.update) - .assertAction(operator, Action.create, Action.read, Action.update, Action.delete) + .assertAction(operator, Action.read) .assertAction(reader) .assertAction(developer) .assertAction(admin) |