diff options
author | Jon Marius Venstad <jonmv@users.noreply.github.com> | 2019-04-15 11:58:40 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-04-15 11:58:40 +0200 |
commit | babfc4859ef4586711eb150b87c02415132a274b (patch) | |
tree | 57ab49955df4a14b35192c47ac7b797dcaf423ab /controller-server | |
parent | 62ae43a918e2ab66ddaaa4f3964cfa255e5aa307 (diff) | |
parent | 132c65ea92960f583ada0db4fcf5796d85bf6a4c (diff) |
Merge pull request #9129 from vespa-engine/jvenstad/really-hide-system-in-role-API
Jvenstad/really hide system in role api
Diffstat (limited to 'controller-server')
10 files changed, 67 insertions, 91 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java index 9886e5c1329..365b7960958 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/Controller.java @@ -23,11 +23,10 @@ import com.yahoo.vespa.hosted.controller.api.integration.github.GitHub; import com.yahoo.vespa.hosted.controller.api.integration.organization.Mailer; import com.yahoo.vespa.hosted.controller.api.integration.routing.RoutingGenerator; import com.yahoo.config.provision.zone.ZoneId; -import com.yahoo.vespa.hosted.controller.api.integration.user.UserRoles; +import com.yahoo.vespa.hosted.controller.api.integration.user.Roles; import com.yahoo.vespa.hosted.controller.api.integration.zone.ZoneRegistry; import com.yahoo.vespa.hosted.controller.api.role.ApplicationRole; import com.yahoo.vespa.hosted.controller.api.role.Role; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.api.role.TenantRole; import com.yahoo.vespa.hosted.controller.auditlog.AuditLogger; import com.yahoo.vespa.hosted.controller.deployment.JobController; @@ -82,7 +81,6 @@ public class Controller extends AbstractComponent { private final Mailer mailer; private final AuditLogger auditLogger; private final FlagSource flagSource; - private final UserRoles roles; /** * Creates a controller @@ -135,7 +133,6 @@ public class Controller extends AbstractComponent { ); tenantController = new TenantController(this, curator, accessControl); auditLogger = new AuditLogger(curator, clock); - roles = new UserRoles(new Roles(zoneRegistry.system())); // Record the version of this controller curator().writeControllerVersion(this.hostname(), Vtag.currentVersion); @@ -298,16 +295,16 @@ public class Controller extends AbstractComponent { /** Returns all other roles the given tenant role implies. */ public Set<Role> impliedRoles(TenantRole role) { - return Stream.concat(roles.tenantRoles(role.tenant()).stream(), + return Stream.concat(Roles.tenantRoles(role.tenant()).stream(), applications().asList(role.tenant()).stream() - .flatMap(application -> roles.applicationRoles(application.id().tenant(), application.id().application()).stream())) + .flatMap(application -> Roles.applicationRoles(application.id().tenant(), application.id().application()).stream())) .filter(role::implies) .collect(Collectors.toUnmodifiableSet()); } /** Returns all other roles the given application role implies. */ public Set<Role> impliedRoles(ApplicationRole role) { - return roles.applicationRoles(role.tenant(), role.application()).stream() + return Roles.applicationRoles(role.tenant(), role.application()).stream() .filter(role::implies) .collect(Collectors.toUnmodifiableSet()); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java index 8e397366203..15cdf034ca0 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilter.java @@ -17,7 +17,6 @@ import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.TenantController; import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactory; import com.yahoo.vespa.hosted.controller.api.role.Role; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.athenz.ApplicationAction; import com.yahoo.vespa.hosted.controller.athenz.impl.AthenzFacade; import com.yahoo.vespa.hosted.controller.api.role.SecurityContext; @@ -44,14 +43,12 @@ public class AthenzRoleFilter extends CorsRequestFilterBase { // TODO: No need f private final AthenzFacade athenz; private final TenantController tenants; - private final Roles roles; @Inject public AthenzRoleFilter(CorsFilterConfig config, AthenzClientFactory athenzClientFactory, Controller controller) { super(Set.copyOf(config.allowedUrls())); this.athenz = new AthenzFacade(athenzClientFactory); this.tenants = controller.tenants(); - this.roles = new Roles(controller.system()); } @Override @@ -80,18 +77,18 @@ public class AthenzRoleFilter extends CorsRequestFilterBase { // TODO: No need f AthenzIdentity identity = principal.getIdentity(); if (athenz.hasHostedOperatorAccess(identity)) - return Set.of(roles.hostedOperator()); + return Set.of(Role.hostedOperator()); if (tenant.isPresent() && isTenantAdmin(identity, tenant.get())) - return Set.of(roles.athenzTenantAdmin(tenant.get().name())); + return Set.of(Role.athenzTenantAdmin(tenant.get().name())); if (identity.getDomain().equals(SCREWDRIVER_DOMAIN) && application.isPresent() && tenant.isPresent()) // NOTE: Only fine-grained deploy authorization for Athenz tenants if ( tenant.get().type() != Tenant.Type.athenz || hasDeployerAccess(identity, ((AthenzTenant) tenant.get()).domain(), application.get())) - return Set.of(roles.tenantPipeline(tenant.get().name(), application.get())); + return Set.of(Role.tenantPipeline(tenant.get().name(), application.get())); - return Set.of(roles.everyone()); + return Set.of(Role.everyone()); } private boolean isTenantAdmin(AthenzIdentity identity, Tenant tenant) { diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilter.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilter.java index 181731ef896..d07ad1ca907 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilter.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilter.java @@ -11,11 +11,10 @@ import com.yahoo.jdisc.http.filter.security.cors.CorsRequestFilterBase; import com.yahoo.log.LogLevel; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.role.Action; +import com.yahoo.vespa.hosted.controller.api.role.Enforcer; import com.yahoo.vespa.hosted.controller.api.role.Role; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.api.role.SecurityContext; -import java.security.Principal; import java.util.Optional; import java.util.Set; import java.util.logging.Logger; @@ -29,7 +28,7 @@ public class ControllerAuthorizationFilter extends CorsRequestFilterBase { private static final Logger log = Logger.getLogger(ControllerAuthorizationFilter.class.getName()); - private final Roles roles; + private final Enforcer enforcer; @Inject public ControllerAuthorizationFilter(Controller controller, @@ -40,7 +39,7 @@ public class ControllerAuthorizationFilter extends CorsRequestFilterBase { ControllerAuthorizationFilter(SystemName system, Set<String> allowedUrls) { super(allowedUrls); - this.roles = new Roles(system); + this.enforcer = new Enforcer(system); } @Override @@ -54,11 +53,11 @@ public class ControllerAuthorizationFilter extends CorsRequestFilterBase { Action action = Action.from(HttpRequest.Method.valueOf(request.getMethod())); // Avoid expensive look-ups when request is always legal. - if (roles.everyone().allows(action, request.getUri())) + if (enforcer.allows(Role.everyone(), action, request.getUri())) return Optional.empty(); Set<Role> roles = securityContext.get().roles(); - if (roles.stream().anyMatch(role -> role.allows(action, request.getUri()))) + if (roles.stream().anyMatch(role -> enforcer.allows(role, action, request.getUri()))) return Optional.empty(); } catch (Exception e) { diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java index b8c904a80f6..5ef997b6d55 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java @@ -15,10 +15,9 @@ import com.yahoo.slime.Slime; import com.yahoo.vespa.config.SlimeUtils; import com.yahoo.vespa.hosted.controller.api.integration.user.UserId; import com.yahoo.vespa.hosted.controller.api.integration.user.UserManagement; -import com.yahoo.vespa.hosted.controller.api.integration.user.UserRoles; +import com.yahoo.vespa.hosted.controller.api.integration.user.Roles; import com.yahoo.vespa.hosted.controller.api.role.Role; import com.yahoo.vespa.hosted.controller.api.role.RoleDefinition; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.restapi.ErrorResponse; import com.yahoo.vespa.hosted.controller.restapi.MessageResponse; import com.yahoo.vespa.hosted.controller.restapi.SlimeJsonResponse; @@ -46,13 +45,11 @@ public class UserApiHandler extends LoggingRequestHandler { private final static Logger log = Logger.getLogger(UserApiHandler.class.getName()); private static final String optionalPrefix = "/api"; - private final UserRoles roles; private final UserManagement users; @Inject - public UserApiHandler(Context parentCtx, Roles roles, UserManagement users) { + public UserApiHandler(Context parentCtx, UserManagement users) { super(parentCtx); - this.roles = new UserRoles(roles); this.users = users; } @@ -112,7 +109,7 @@ public class UserApiHandler extends LoggingRequestHandler { Cursor root = slime.setObject(); root.setString("tenant", tenantName); fillRoles(root, - roles.tenantRoles(TenantName.from(tenantName)), + Roles.tenantRoles(TenantName.from(tenantName)), Collections.emptyList()); return new SlimeJsonResponse(slime); } @@ -123,8 +120,8 @@ public class UserApiHandler extends LoggingRequestHandler { root.setString("tenant", tenantName); root.setString("application", applicationName); fillRoles(root, - roles.applicationRoles(TenantName.from(tenantName), ApplicationName.from(applicationName)), - roles.tenantRoles(TenantName.from(tenantName))); + Roles.applicationRoles(TenantName.from(tenantName), ApplicationName.from(applicationName)), + Roles.tenantRoles(TenantName.from(tenantName))); return new SlimeJsonResponse(slime); } @@ -159,7 +156,7 @@ public class UserApiHandler extends LoggingRequestHandler { Inspector requestObject = bodyInspector(request); String roleName = require("roleName", Inspector::asString, requestObject); UserId user = new UserId(require("user", Inspector::asString, requestObject)); - Role role = roles.toRole(TenantName.from(tenantName), roleName); + Role role = Roles.toRole(TenantName.from(tenantName), roleName); users.addUsers(role, List.of(user)); return new MessageResponse(user + " is now a member of " + role); } @@ -168,7 +165,7 @@ public class UserApiHandler extends LoggingRequestHandler { Inspector requestObject = bodyInspector(request); String roleName = require("roleName", Inspector::asString, requestObject); UserId user = new UserId(require("user", Inspector::asString, requestObject)); - Role role = roles.toRole(TenantName.from(tenantName), ApplicationName.from(applicationName), roleName); + Role role = Roles.toRole(TenantName.from(tenantName), ApplicationName.from(applicationName), roleName); users.addUsers(role, List.of(user)); return new MessageResponse(user + " is now a member of " + role); } @@ -177,7 +174,7 @@ public class UserApiHandler extends LoggingRequestHandler { Inspector requestObject = bodyInspector(request); String roleName = require("roleName", Inspector::asString, requestObject); UserId user = new UserId(require("user", Inspector::asString, requestObject)); - Role role = roles.toRole(TenantName.from(tenantName), roleName); + Role role = Roles.toRole(TenantName.from(tenantName), roleName); if ( role.definition() == RoleDefinition.tenantOwner && users.listUsers(role).equals(List.of(user))) throw new IllegalArgumentException("Can't remove the last owner of a tenant."); @@ -190,7 +187,7 @@ public class UserApiHandler extends LoggingRequestHandler { Inspector requestObject = bodyInspector(request); String roleName = require("roleName", Inspector::asString, requestObject); UserId user = new UserId(require("user", Inspector::asString, requestObject)); - Role role = roles.toRole(TenantName.from(tenantName), ApplicationName.from(applicationName), roleName); + Role role = Roles.toRole(TenantName.from(tenantName), ApplicationName.from(applicationName), roleName); users.removeUsers(role, List.of(user)); return new MessageResponse(user + " is no longer a member of " + role); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java index 008be2fd276..f803ab9f29c 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java @@ -7,10 +7,9 @@ import com.yahoo.vespa.hosted.controller.Application; import com.yahoo.vespa.hosted.controller.api.integration.organization.Marketplace; import com.yahoo.vespa.hosted.controller.api.integration.user.UserId; import com.yahoo.vespa.hosted.controller.api.integration.user.UserManagement; -import com.yahoo.vespa.hosted.controller.api.integration.user.UserRoles; +import com.yahoo.vespa.hosted.controller.api.integration.user.Roles; import com.yahoo.vespa.hosted.controller.api.role.ApplicationRole; import com.yahoo.vespa.hosted.controller.api.role.Role; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.api.role.TenantRole; import com.yahoo.vespa.hosted.controller.tenant.CloudTenant; import com.yahoo.vespa.hosted.controller.tenant.Tenant; @@ -25,15 +24,11 @@ public class CloudAccessControl implements AccessControl { private final Marketplace marketplace; private final UserManagement userManagement; - private final Roles roles; - private final UserRoles userRoles; @Inject - public CloudAccessControl(Marketplace marketplace, UserManagement userManagement, Roles roles) { + public CloudAccessControl(Marketplace marketplace, UserManagement userManagement) { this.marketplace = marketplace; this.userManagement = userManagement; - this.roles = roles; - this.userRoles = new UserRoles(roles); } @Override @@ -41,9 +36,9 @@ public class CloudAccessControl implements AccessControl { CloudTenantSpec spec = (CloudTenantSpec) tenantSpec; CloudTenant tenant = new CloudTenant(spec.tenant(), marketplace.resolveCustomer(spec.getRegistrationToken())); - for (Role role : userRoles.tenantRoles(spec.tenant())) + for (Role role : Roles.tenantRoles(spec.tenant())) userManagement.createRole(role); - userManagement.addUsers(roles.tenantOwner(spec.tenant()), List.of(new UserId(credentials.user().getName()))); + userManagement.addUsers(Role.tenantOwner(spec.tenant()), List.of(new UserId(credentials.user().getName()))); return tenant; } @@ -57,20 +52,20 @@ public class CloudAccessControl implements AccessControl { public void deleteTenant(TenantName tenant, Credentials credentials) { // Probably terminate customer subscription? - for (TenantRole role : userRoles.tenantRoles(tenant)) + for (TenantRole role : Roles.tenantRoles(tenant)) userManagement.deleteRole(role); } @Override public void createApplication(ApplicationId id, Credentials credentials) { - for (Role role : userRoles.applicationRoles(id.tenant(), id.application())) + for (Role role : Roles.applicationRoles(id.tenant(), id.application())) userManagement.createRole(role); - userManagement.addUsers(roles.applicationAdmin(id.tenant(), id.application()), List.of(new UserId(credentials.user().getName()))); + userManagement.addUsers(Role.applicationAdmin(id.tenant(), id.application()), List.of(new UserId(credentials.user().getName()))); } @Override public void deleteApplication(ApplicationId id, Credentials credentials) { - for (ApplicationRole role : userRoles.applicationRoles(id.tenant(), id.application())) + for (ApplicationRole role : Roles.applicationRoles(id.tenant(), id.application())) userManagement.deleteRole(role); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerCloudTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerCloudTest.java index 95477758deb..4f068451d24 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerCloudTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerCloudTest.java @@ -3,7 +3,6 @@ package com.yahoo.vespa.hosted.controller.restapi; import com.yahoo.application.container.handler.Request; import com.yahoo.config.provision.SystemName; import com.yahoo.vespa.hosted.controller.api.role.Role; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.api.role.SecurityContext; import java.nio.charset.StandardCharsets; @@ -64,7 +63,7 @@ public class ControllerContainerCloudTest extends ControllerContainerTest { private final Request.Method method; private byte[] data = new byte[0]; private Principal user = () -> "user@test"; - private Set<Role> roles = Set.of(new Roles(system()).everyone()); + private Set<Role> roles = Set.of(Role.everyone()); private RequestBuilder(String path, Request.Method method) { this.path = path; diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java index 6abfa7fa72d..4cb0d509531 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java @@ -96,7 +96,6 @@ public class ControllerContainerTest { " <component id='com.yahoo.vespa.hosted.controller.integration.ApplicationStoreMock'/>\n" + " <component id='com.yahoo.vespa.hosted.controller.api.integration.stubs.MockTesterCloud'/>\n" + " <component id='com.yahoo.vespa.hosted.controller.api.integration.stubs.MockMailer'/>\n" + - " <component id='com.yahoo.vespa.hosted.controller.api.role.Roles'/>\n" + " <handler id='com.yahoo.vespa.hosted.controller.restapi.deployment.DeploymentApiHandler'>\n" + " <binding>http://*/deployment/v1/*</binding>\n" + " </handler>\n" + diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java index b48cb4bff50..e36a02f387c 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java @@ -10,7 +10,7 @@ import com.yahoo.vespa.athenz.api.AthenzUser; import com.yahoo.vespa.hosted.controller.ControllerTester; import com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId; import com.yahoo.vespa.hosted.controller.api.identifiers.ScrewdriverId; -import com.yahoo.vespa.hosted.controller.api.role.Roles; +import com.yahoo.vespa.hosted.controller.api.role.Role; import com.yahoo.vespa.hosted.controller.athenz.ApplicationAction; import com.yahoo.vespa.hosted.controller.athenz.HostedAthenzIdentities; import com.yahoo.vespa.hosted.controller.athenz.mock.AthenzClientFactoryMock; @@ -66,55 +66,53 @@ public class AthenzRoleFilterTest { @Test public void testTranslations() { - Roles roles = new Roles(tester.controller().system()); - // Hosted operators are always members of the hostedOperator role. - assertEquals(Set.of(roles.hostedOperator()), + assertEquals(Set.of(Role.hostedOperator()), filter.roles(HOSTED_OPERATOR, NO_CONTEXT_PATH)); - assertEquals(Set.of(roles.hostedOperator()), + assertEquals(Set.of(Role.hostedOperator()), filter.roles(HOSTED_OPERATOR, TENANT_CONTEXT_PATH)); - assertEquals(Set.of(roles.hostedOperator()), + assertEquals(Set.of(Role.hostedOperator()), filter.roles(HOSTED_OPERATOR, APPLICATION_CONTEXT_PATH)); // Tenant admins are members of the athenzTenantAdmin role within their tenant subtree. - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(TENANT_PIPELINE, NO_CONTEXT_PATH)); - assertEquals(Set.of(roles.athenzTenantAdmin(TENANT)), + assertEquals(Set.of(Role.athenzTenantAdmin(TENANT)), filter.roles(TENANT_ADMIN, TENANT_CONTEXT_PATH)); - assertEquals(Set.of(roles.athenzTenantAdmin(TENANT)), + assertEquals(Set.of(Role.athenzTenantAdmin(TENANT)), filter.roles(TENANT_ADMIN, APPLICATION_CONTEXT_PATH)); - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(TENANT_ADMIN, TENANT2_CONTEXT_PATH)); - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(TENANT_ADMIN, APPLICATION2_CONTEXT_PATH)); // Build services are members of the tenantPipeline role within their application subtree. - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(TENANT_PIPELINE, NO_CONTEXT_PATH)); - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(TENANT_PIPELINE, TENANT_CONTEXT_PATH)); - assertEquals(Set.of(roles.tenantPipeline(TENANT, APPLICATION)), + assertEquals(Set.of(Role.tenantPipeline(TENANT, APPLICATION)), filter.roles(TENANT_PIPELINE, APPLICATION_CONTEXT_PATH)); - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(TENANT_PIPELINE, APPLICATION2_CONTEXT_PATH)); // Unprivileged users are just members of the everyone role. - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(USER, NO_CONTEXT_PATH)); - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(USER, TENANT_CONTEXT_PATH)); - assertEquals(Set.of(roles.everyone()), + assertEquals(Set.of(Role.everyone()), filter.roles(USER, APPLICATION_CONTEXT_PATH)); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilterTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilterTest.java index 105e10eefd2..f2b0039750e 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilterTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/ControllerAuthorizationFilterTest.java @@ -7,7 +7,7 @@ import com.yahoo.config.provision.SystemName; import com.yahoo.jdisc.http.HttpRequest.Method; import com.yahoo.jdisc.http.filter.DiscFilterRequest; import com.yahoo.vespa.hosted.controller.ControllerTester; -import com.yahoo.vespa.hosted.controller.api.role.Roles; +import com.yahoo.vespa.hosted.controller.api.role.Role; import com.yahoo.vespa.hosted.controller.api.role.SecurityContext; import com.yahoo.vespa.hosted.controller.restapi.ApplicationRequestToDiscFilterRequestWrapper; import org.junit.Test; @@ -34,8 +34,7 @@ public class ControllerAuthorizationFilterTest { @Test public void operator() { ControllerTester tester = new ControllerTester(); - Roles roles = new Roles(tester.controller().system()); - SecurityContext securityContext = new SecurityContext(() -> "operator", Set.of(roles.hostedOperator())); + SecurityContext securityContext = new SecurityContext(() -> "operator", Set.of(Role.hostedOperator())); ControllerAuthorizationFilter filter = createFilter(tester); assertIsAllowed(invokeFilter(filter, createRequest(Method.POST, "/zone/v2/path", securityContext))); @@ -46,8 +45,7 @@ public class ControllerAuthorizationFilterTest { @Test public void unprivileged() { ControllerTester tester = new ControllerTester(); - Roles roles = new Roles(tester.controller().system()); - SecurityContext securityContext = new SecurityContext(() -> "user", Set.of(roles.everyone())); + SecurityContext securityContext = new SecurityContext(() -> "user", Set.of(Role.everyone())); ControllerAuthorizationFilter filter = createFilter(tester); assertIsForbidden(invokeFilter(filter, createRequest(Method.POST, "/zone/v2/path", securityContext))); @@ -59,8 +57,7 @@ public class ControllerAuthorizationFilterTest { public void unprivilegedInPublic() { ControllerTester tester = new ControllerTester(); tester.zoneRegistry().setSystemName(SystemName.Public); - Roles roles = new Roles(tester.controller().system()); - SecurityContext securityContext = new SecurityContext(() -> "user", Set.of(roles.everyone())); + SecurityContext securityContext = new SecurityContext(() -> "user", Set.of(Role.everyone())); ControllerAuthorizationFilter filter = createFilter(tester); assertIsForbidden(invokeFilter(filter, createRequest(Method.POST, "/zone/v2/path", securityContext))); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java index 3a78e9fc262..59f63f0472a 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java @@ -4,7 +4,6 @@ import com.yahoo.config.provision.ApplicationId; import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.TenantName; import com.yahoo.vespa.hosted.controller.api.role.Role; -import com.yahoo.vespa.hosted.controller.api.role.Roles; import com.yahoo.vespa.hosted.controller.restapi.ContainerTester; import com.yahoo.vespa.hosted.controller.restapi.ControllerContainerCloudTest; import org.junit.Test; @@ -28,8 +27,7 @@ public class UserApiTest extends ControllerContainerCloudTest { public void testUserManagement() { ContainerTester tester = new ContainerTester(container, responseFiles); assertEquals(SystemName.Public, tester.controller().system()); - Roles roles = new Roles(tester.controller().system()); - Set<Role> operator = Set.of(roles.hostedOperator()); + Set<Role> operator = Set.of(Role.hostedOperator()); ApplicationId id = ApplicationId.from("my-tenant", "my-app", "default"); @@ -70,80 +68,80 @@ public class UserApiTest extends ControllerContainerCloudTest { // POST a hosted operator role is not allowed. tester.assertResponse(request("/user/v1/tenant/my-tenant", POST) - .roles(Set.of(roles.tenantOwner(id.tenant()))) + .roles(Set.of(Role.tenantOwner(id.tenant()))) .data("{\"user\":\"evil@evil\",\"roleName\":\"hostedOperator\"}"), "{\"error-code\":\"BAD_REQUEST\",\"message\":\"Malformed or illegal role name 'hostedOperator'.\"}", 400); // POST a tenant operator is available to the tenant owner. tester.assertResponse(request("/user/v1/tenant/my-tenant", POST) - .roles(Set.of(roles.tenantOwner(id.tenant()))) + .roles(Set.of(Role.tenantOwner(id.tenant()))) .data("{\"user\":\"operator@tenant\",\"roleName\":\"tenantOperator\"}"), "{\"message\":\"user 'operator@tenant' is now a member of role 'tenantOperator' of 'my-tenant'\"}"); // POST a tenant admin is not available to a tenant operator. tester.assertResponse(request("/user/v1/tenant/my-tenant", POST) - .roles(Set.of(roles.tenantOperator(id.tenant()))) + .roles(Set.of(Role.tenantOperator(id.tenant()))) .data("{\"user\":\"admin@tenant\",\"roleName\":\"tenantAdmin\"}"), accessDenied, 403); // POST an application admin for a non-existent application fails. tester.assertResponse(request("/user/v1/tenant/my-tenant/application/my-app", POST) - .roles(Set.of(roles.tenantOwner(TenantName.from("my-tenant")))) + .roles(Set.of(Role.tenantOwner(TenantName.from("my-tenant")))) .data("{\"user\":\"admin@app\",\"roleName\":\"applicationAdmin\"}"), "{\"error-code\":\"INTERNAL_SERVER_ERROR\",\"message\":\"NullPointerException\"}", 500); // POST an application is allowed for a tenant operator. tester.assertResponse(request("/application/v4/tenant/my-tenant/application/my-app", POST) .user("operator@tenant") - .roles(Set.of(roles.tenantOperator(id.tenant()))), + .roles(Set.of(Role.tenantOperator(id.tenant()))), new File("application-created.json")); // POST an application is not allowed under a different tenant. tester.assertResponse(request("/application/v4/tenant/other-tenant/application/my-app", POST) - .roles(Set.of(roles.tenantOperator(id.tenant()))), + .roles(Set.of(Role.tenantOperator(id.tenant()))), accessDenied, 403); // POST an application role is allowed for a tenant admin. tester.assertResponse(request("/user/v1/tenant/my-tenant/application/my-app", POST) - .roles(Set.of(roles.tenantAdmin(id.tenant()))) + .roles(Set.of(Role.tenantAdmin(id.tenant()))) .data("{\"user\":\"reader@app\",\"roleName\":\"applicationReader\"}"), "{\"message\":\"user 'reader@app' is now a member of role 'applicationReader' of 'my-app' owned by 'my-tenant'\"}"); // POST a tenant role is not allowed to an application. tester.assertResponse(request("/user/v1/tenant/my-tenant/application/my-app", POST) - .roles(Set.of(roles.hostedOperator())) + .roles(Set.of(Role.hostedOperator())) .data("{\"user\":\"reader@app\",\"roleName\":\"tenantOperator\"}"), "{\"error-code\":\"BAD_REQUEST\",\"message\":\"Malformed or illegal role name 'tenantOperator'.\"}", 400); // GET tenant role information is available to application readers. tester.assertResponse(request("/user/v1/tenant/my-tenant") - .roles(Set.of(roles.applicationReader(id.tenant(), id.application()))), + .roles(Set.of(Role.applicationReader(id.tenant(), id.application()))), new File("tenant-roles.json")); // GET application role information is available to tenant operators. tester.assertResponse(request("/user/v1/tenant/my-tenant/application/my-app") - .roles(Set.of(roles.tenantOperator(id.tenant()))), + .roles(Set.of(Role.tenantOperator(id.tenant()))), new File("application-roles.json")); // GET application role information is available also under the /api prefix. tester.assertResponse(request("/api/user/v1/tenant/my-tenant/application/my-app") - .roles(Set.of(roles.tenantOperator(id.tenant()))), + .roles(Set.of(Role.tenantOperator(id.tenant()))), new File("application-roles.json")); // DELETE an application role is allowed for an application admin. tester.assertResponse(request("/user/v1/tenant/my-tenant/application/my-app", DELETE) - .roles(Set.of(roles.applicationAdmin(id.tenant(), id.application()))) + .roles(Set.of(Role.applicationAdmin(id.tenant(), id.application()))) .data("{\"user\":\"operator@tenant\",\"roleName\":\"applicationAdmin\"}"), "{\"message\":\"user 'operator@tenant' is no longer a member of role 'applicationAdmin' of 'my-app' owned by 'my-tenant'\"}"); // DELETE an application is available to application admins. tester.assertResponse(request("/application/v4/tenant/my-tenant/application/my-app", DELETE) - .roles(Set.of(roles.applicationAdmin(id.tenant(), id.application()))), + .roles(Set.of(Role.applicationAdmin(id.tenant(), id.application()))), ""); // DELETE a tenant role is available to tenant admins. tester.assertResponse(request("/user/v1/tenant/my-tenant", DELETE) - .roles(Set.of(roles.tenantAdmin(id.tenant()))) + .roles(Set.of(Role.tenantAdmin(id.tenant()))) .data("{\"user\":\"operator@tenant\",\"roleName\":\"tenantOperator\"}"), "{\"message\":\"user 'operator@tenant' is no longer a member of role 'tenantOperator' of 'my-tenant'\"}"); @@ -155,7 +153,7 @@ public class UserApiTest extends ControllerContainerCloudTest { // DELETE the tenant is available to the tenant owner. tester.assertResponse(request("/application/v4/tenant/my-tenant", DELETE) - .roles(Set.of(roles.tenantOwner(id.tenant()))), + .roles(Set.of(Role.tenantOwner(id.tenant()))), new File("tenant-without-applications.json")); } |