diff options
author | Ola Aunrønning <olaa@verizonmedia.com> | 2021-12-01 13:56:48 +0100 |
---|---|---|
committer | Ola Aunrønning <olaa@verizonmedia.com> | 2021-12-01 13:56:48 +0100 |
commit | 0c15763bef77955744d9b26785f78ced4fe7042c (patch) | |
tree | 2b86732d912240d9f54baa917bff7f0cab46da96 /controller-server | |
parent | 7cff9f240f16e5c02d562a691bc81a3dba830218 (diff) |
Delete tenants without Athenz domain
Diffstat (limited to 'controller-server')
4 files changed, 9 insertions, 6 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java index 537603427f5..59877fce634 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java @@ -161,7 +161,7 @@ public class TenantController { } /** Deletes the given tenant. */ - public void delete(TenantName tenant, Supplier<Credentials> credentials, boolean forget) { + public void delete(TenantName tenant, Optional<Credentials> credentials, boolean forget) { try (Lock lock = lock(tenant)) { Tenant oldTenant = get(tenant, true) .orElseThrow(() -> new NotExistsException("Could not delete tenant '" + tenant + "': Tenant not found")); @@ -171,7 +171,7 @@ public class TenantController { throw new IllegalArgumentException("Could not delete tenant '" + tenant.value() + "': This tenant has active applications"); - accessControl.deleteTenant(tenant, credentials.get()); + credentials.ifPresent(creds -> accessControl.deleteTenant(tenant, creds)); controller.notificationsDb().removeNotifications(NotificationSource.from(tenant)); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/UserManagementMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/UserManagementMaintainer.java index 33012763f97..0d278b7be6d 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/UserManagementMaintainer.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/UserManagementMaintainer.java @@ -8,6 +8,7 @@ import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.integration.user.RoleMaintainer; import java.time.Duration; +import java.util.Optional; import java.util.logging.Logger; import java.util.stream.Collectors; @@ -39,8 +40,8 @@ public class UserManagementMaintainer extends ControllerMaintainer { if (!controller().system().isPublic()) { roleMaintainer.tenantsToDelete(tenants) .forEach(tenant -> { - // TODO: controller().tenants().delete(tenant.name()); - logger.fine("Want to delete tenant " + tenant.name()); + logger.warning(tenant.name() + " has a non-existing Athenz domain. Deleting"); + controller().tenants().delete(tenant.name(), Optional.empty(), false); }); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java index ed16c86c94e..3e6bc2b6dec 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java @@ -2018,9 +2018,9 @@ public class ApplicationApiHandler extends AuditLoggingRequestHandler { return ErrorResponse.forbidden("Only operators can forget a tenant"); controller.tenants().delete(TenantName.from(tenantName), - () -> accessControlRequests.credentials(TenantName.from(tenantName), + Optional.of(accessControlRequests.credentials(TenantName.from(tenantName), toSlime(request.getData()).get(), - request.getJDiscRequest()), + request.getJDiscRequest())), forget); return new MessageResponse("Deleted tenant " + tenantName); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java index 6e8445102c3..e45bfb6eb88 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java @@ -895,6 +895,8 @@ public class ApplicationApiTest extends ControllerContainerTest { // Forget a deleted tenant tester.assertResponse(request("/application/v4/tenant/tenant1", DELETE).properties(Map.of("forget", "true")) + .data("{\"athensDomain\":\"domain1\"}") + .oktaAccessToken(OKTA_AT).oktaIdentityToken(OKTA_IT) .userIdentity(HOSTED_VESPA_OPERATOR), "{\"message\":\"Deleted tenant tenant1\"}"); tester.assertResponse(request("/application/v4/tenant/tenant1", GET).properties(Map.of("includeDeleted", "true")) |