Warn when using deprecated authorization validation

author: Bjørn Christian Seime <bjorncs@oath.com> 2017-10-18 13:47:15 +0200
committer: Bjørn Christian Seime <bjorncs@oath.com> 2017-10-18 13:47:15 +0200
commit: 0b7b360e32fc3444d657c7db1ade6de79a2eb76c (patch)
tree: e046854f5b6294a47accedaf0087aa6ee9ec8392 /controller-server
parent: c4f63f1db4137d71fa4405a7dcbc68701e789875 (diff)
2 files changed, 3 insertions, 1 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
index 55a435abe41..c50f1464be7 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
@@ -769,6 +769,9 @@ public class ApplicationApiHandler extends LoggingRequestHandler {
                                                           tenant,
                                                           applicationId);
         } else { // In case of host-based principal
+            // TODO What about other user type principals like Bouncer?
+            log.log(LogLevel.WARNING,
+                    "Using deprecated DeployAuthorizer.throwIfUnauthorizedForDeploy. Principal=" + principal);
             UserId userId = new UserId(principal.getName());
             deployAuthorizer.throwIfUnauthorizedForDeploy(
                     Environment.from(environment),
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/DeployAuthorizer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/DeployAuthorizer.java
index e3bce56778c..7cf19629774 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/DeployAuthorizer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/DeployAuthorizer.java
@@ -90,7 +90,6 @@ public class DeployAuthorizer {
                                              Tenant tenant,
                                              ApplicationId applicationId,
                                              Optional<ScrewdriverId> optionalScrewdriverId) {
-
         Principal principal = new UnauthenticatedUserPrincipal(userId.id());
 
         if (athenzCredentialsRequired(environment, tenant, applicationId, principal)) {
author	Bjørn Christian Seime <bjorncs@oath.com>	2017-10-18 13:47:15 +0200
committer	Bjørn Christian Seime <bjorncs@oath.com>	2017-10-18 13:47:15 +0200
commit	0b7b360e32fc3444d657c7db1ade6de79a2eb76c (patch)
tree	e046854f5b6294a47accedaf0087aa6ee9ec8392 /controller-server
parent	c4f63f1db4137d71fa4405a7dcbc68701e789875 (diff)