summaryrefslogtreecommitdiffstats
path: root/controller-server
diff options
context:
space:
mode:
authorgjoranv <gv@verizonmedia.com>2022-05-24 12:23:06 +0200
committergjoranv <gv@verizonmedia.com>2022-05-24 12:28:22 +0200
commitaac33f3107a812514bc7364619ac43c2e79be96c (patch)
tree45053a6899e4d6585d570ab7e97ec07abc445758 /controller-server
parentf3c40af9152d7c6eb9616073626551cef258a52d (diff)
Use RestApiException instead of exceptions from javax.ws.rs
- The latter trigger loading of Jersey classes.
Diffstat (limited to 'controller-server')
-rw-r--r--controller-server/pom.xml6
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java6
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java10
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/changemanagement/ChangeManagementApiHandler.java6
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiHandler.java4
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java8
-rw-r--r--controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java4
7 files changed, 18 insertions, 26 deletions
diff --git a/controller-server/pom.xml b/controller-server/pom.xml
index 5cf53929a98..ff7367e03b2 100644
--- a/controller-server/pom.xml
+++ b/controller-server/pom.xml
@@ -102,12 +102,6 @@
</dependency>
<dependency>
- <groupId>javax.ws.rs</groupId>
- <artifactId>javax.ws.rs-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
<groupId>com.yahoo.vespa</groupId>
<artifactId>flags</artifactId>
<version>${project.version}</version>
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java
index e4869cc9bf4..3bc2aec95ff 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java
@@ -8,6 +8,7 @@ import com.yahoo.config.provision.ApplicationName;
import com.yahoo.config.provision.Environment;
import com.yahoo.config.provision.TenantName;
import com.yahoo.config.provision.zone.ZoneId;
+import com.yahoo.restapi.RestApiException;
import com.yahoo.text.Text;
import com.yahoo.vespa.athenz.api.AthenzDomain;
import com.yahoo.vespa.athenz.api.AthenzIdentity;
@@ -33,7 +34,6 @@ import com.yahoo.vespa.hosted.controller.security.TenantSpec;
import com.yahoo.vespa.hosted.controller.tenant.AthenzTenant;
import com.yahoo.vespa.hosted.controller.tenant.Tenant;
-import javax.ws.rs.ForbiddenException;
import java.time.Instant;
import java.util.Arrays;
import java.util.List;
@@ -197,7 +197,7 @@ public class AthenzFacade implements AccessControl {
}
catch (ZmsClientException e) {
if (e.getErrorCode() == com.yahoo.jdisc.Response.Status.FORBIDDEN)
- throw new ForbiddenException("Not authorized to create application", e);
+ throw new RestApiException.Forbidden("Not authorized to create application", e);
else
throw e;
}
@@ -289,7 +289,7 @@ public class AthenzFacade implements AccessControl {
private void verifyIsDomainAdmin(AthenzIdentity identity, AthenzDomain domain) {
log("getMembership(domain=%s, role=%s, principal=%s)", domain, "admin", identity);
if ( ! zmsClient.getMembership(new AthenzRole(domain, "admin"), identity))
- throw new ForbiddenException(
+ throw new RestApiException.Forbidden(
Text.format("The user '%s' is not admin in Athenz domain '%s'", identity.getFullName(), domain.getName()));
}
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
index 91b76ac8d05..59ba5cc8443 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
@@ -35,6 +35,7 @@ import com.yahoo.restapi.ErrorResponse;
import com.yahoo.restapi.MessageResponse;
import com.yahoo.restapi.Path;
import com.yahoo.restapi.ResourceResponse;
+import com.yahoo.restapi.RestApiException;
import com.yahoo.restapi.SlimeJsonResponse;
import com.yahoo.security.KeyUtils;
import com.yahoo.slime.Cursor;
@@ -122,9 +123,6 @@ import com.yahoo.vespa.hosted.controller.versions.VersionStatus;
import com.yahoo.vespa.hosted.controller.versions.VespaVersion;
import com.yahoo.yolean.Exceptions;
-import javax.ws.rs.ForbiddenException;
-import javax.ws.rs.InternalServerErrorException;
-import javax.ws.rs.NotAuthorizedException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -208,10 +206,10 @@ public class ApplicationApiHandler extends AuditLoggingRequestHandler {
default: return ErrorResponse.methodNotAllowed("Method '" + request.getMethod() + "' is not supported");
}
}
- catch (ForbiddenException e) {
+ catch (RestApiException.Forbidden e) {
return ErrorResponse.forbidden(Exceptions.toMessageString(e));
}
- catch (NotAuthorizedException e) {
+ catch (RestApiException.Unauthorized e) {
return ErrorResponse.unauthorized(Exceptions.toMessageString(e));
}
catch (NotExistsException e) {
@@ -2531,7 +2529,7 @@ public class ApplicationApiHandler extends AuditLoggingRequestHandler {
private static Principal requireUserPrincipal(HttpRequest request) {
Principal principal = request.getJDiscRequest().getUserPrincipal();
- if (principal == null) throw new InternalServerErrorException("Expected a user principal");
+ if (principal == null) throw new RestApiException.InternalServerError("Expected a user principal");
return principal;
}
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/changemanagement/ChangeManagementApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/changemanagement/ChangeManagementApiHandler.java
index c72d8ceb089..a3b77e22f1d 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/changemanagement/ChangeManagementApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/changemanagement/ChangeManagementApiHandler.java
@@ -9,6 +9,7 @@ import com.yahoo.container.jdisc.HttpResponse;
import com.yahoo.container.jdisc.ThreadedHttpRequestHandler;
import com.yahoo.restapi.ErrorResponse;
import com.yahoo.restapi.Path;
+import com.yahoo.restapi.RestApiException;
import com.yahoo.restapi.SlimeJsonResponse;
import com.yahoo.slime.ArrayTraverser;
import com.yahoo.slime.Cursor;
@@ -24,7 +25,6 @@ import com.yahoo.vespa.hosted.controller.maintenance.ChangeManagementAssessor;
import com.yahoo.vespa.hosted.controller.persistence.ChangeRequestSerializer;
import com.yahoo.yolean.Exceptions;
-import javax.ws.rs.BadRequestException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
@@ -96,13 +96,13 @@ public class ChangeManagementApiHandler extends AuditLoggingRequestHandler {
try {
return SlimeUtils.jsonToSlime(request.getData().readAllBytes()).get();
} catch (IOException e) {
- throw new BadRequestException("Failed to parse request body");
+ throw new RestApiException.BadRequest("Failed to parse request body");
}
}
private static Inspector getInspectorFieldOrThrow(Inspector inspector, String field) {
if (!inspector.field(field).valid())
- throw new BadRequestException("Field " + field + " cannot be null");
+ throw new RestApiException.BadRequest("Field " + field + " cannot be null");
return inspector.field(field);
}
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiHandler.java
index 346e61c907c..3ca6335dcb7 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiHandler.java
@@ -12,6 +12,7 @@ import com.yahoo.restapi.ErrorResponse;
import com.yahoo.restapi.MessageResponse;
import com.yahoo.restapi.Path;
import com.yahoo.restapi.ResourceResponse;
+import com.yahoo.restapi.RestApiException;
import com.yahoo.security.X509CertificateUtils;
import com.yahoo.slime.Inspector;
import com.yahoo.slime.SlimeUtils;
@@ -27,7 +28,6 @@ import com.yahoo.vespa.hosted.controller.support.access.SupportAccess;
import com.yahoo.vespa.hosted.controller.versions.VespaVersion.Confidence;
import com.yahoo.yolean.Exceptions;
-import javax.ws.rs.InternalServerErrorException;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
@@ -203,7 +203,7 @@ public class ControllerApiHandler extends AuditLoggingRequestHandler {
private static Principal requireUserPrincipal(HttpRequest request) {
Principal principal = request.getJDiscRequest().getUserPrincipal();
- if (principal == null) throw new InternalServerErrorException("Expected a user principal");
+ if (principal == null) throw new RestApiException.InternalServerError("Expected a user principal");
return principal;
}
}
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java
index 87691d2927a..81e9b1972b9 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/security/CloudAccessControl.java
@@ -3,6 +3,7 @@ package com.yahoo.vespa.hosted.controller.security;
import com.yahoo.component.annotation.Inject;
import com.yahoo.config.provision.TenantName;
+import com.yahoo.restapi.RestApiException;
import com.yahoo.vespa.flags.BooleanFlag;
import com.yahoo.vespa.flags.FetchVector;
import com.yahoo.vespa.flags.FlagSource;
@@ -22,7 +23,6 @@ import com.yahoo.vespa.hosted.controller.application.TenantAndApplicationId;
import com.yahoo.vespa.hosted.controller.tenant.CloudTenant;
import com.yahoo.vespa.hosted.controller.tenant.Tenant;
-import javax.ws.rs.ForbiddenException;
import java.time.Instant;
import java.util.List;
import java.util.stream.Collectors;
@@ -76,7 +76,7 @@ public class CloudAccessControl implements AccessControl {
var trialTenants = billingController.tenantsWithPlan(tenantNames, trialPlanId).size();
if (maxTrialTenants.value() >= 0 && maxTrialTenants.value() <= trialTenants) {
- throw new ForbiddenException("Too many tenants with trial plans, please contact the Vespa support team");
+ throw new RestApiException.Forbidden("Too many tenants with trial plans, please contact the Vespa support team");
}
}
@@ -84,11 +84,11 @@ public class CloudAccessControl implements AccessControl {
if (allowedByPrivilegedRole(auth0Credentials)) return;
if (!allowedByFeatureFlag(auth0Credentials)) {
- throw new ForbiddenException("You are not currently permitted to create tenants. Please contact the Vespa team to request access.");
+ throw new RestApiException.Forbidden("You are not currently permitted to create tenants. Please contact the Vespa team to request access.");
}
if(administeredTenants(auth0Credentials) >= 3) {
- throw new ForbiddenException("You are already administering 3 tenants. If you need more, please contact the Vespa team.");
+ throw new RestApiException.Forbidden("You are already administering 3 tenants. If you need more, please contact the Vespa team.");
}
}
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java
index 5368cc73480..5627a1dd2d3 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java
@@ -7,6 +7,7 @@ import com.yahoo.config.provision.ApplicationId;
import com.yahoo.config.provision.ApplicationName;
import com.yahoo.config.provision.InstanceName;
import com.yahoo.config.provision.TenantName;
+import com.yahoo.restapi.RestApiException;
import com.yahoo.vespa.flags.InMemoryFlagSource;
import com.yahoo.vespa.flags.PermanentFlags;
import com.yahoo.vespa.hosted.controller.ControllerTester;
@@ -29,7 +30,6 @@ import com.yahoo.vespa.hosted.controller.tenant.CloudTenant;
import org.junit.Before;
import org.junit.Test;
-import javax.ws.rs.ForbiddenException;
import java.io.File;
import java.util.Collections;
import java.util.Optional;
@@ -221,7 +221,7 @@ public class ApplicationApiCloudTest extends ControllerContainerCloudTest {
try {
tester.controller().tenants().create(tenantSpec("tenant2"), credentials("administrator"));
fail("Should not be allowed to create tenant that exceed trial limit");
- } catch (ForbiddenException e) {
+ } catch (RestApiException.Forbidden e) {
assertEquals("Too many tenants with trial plans, please contact the Vespa support team", e.getMessage());
}
}