Merge pull request #12214 from vespa-engine/jvenstad/require-okta-access-token-when-deleting-last-instance

Require Okta access token only when deleting last instance (and app)
author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2020-02-17 11:42:03 +0100
committer: GitHub <noreply@github.com> 2020-02-17 11:42:03 +0100
commit: 2f228361b2d64a74d79219d253c943601b101b58 (patch)
tree: 368a8b78f3dfe99c5fb3586947481ae3dc6af049 /controller-server
parent: 8c33025dc3c20e734d7db0860fcb01e936c6dee5 (diff)
parent: b36b87e4ec128bc1ae96555544223f6cfa1b10cf (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
index 814be383d65..e13f957eb9c 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java
@@ -1688,12 +1688,13 @@ public class ApplicationApiHandler extends LoggingRequestHandler {
 
     private HttpResponse deleteInstance(String tenantName, String applicationName, String instanceName, HttpRequest request) {
         TenantAndApplicationId id = TenantAndApplicationId.from(tenantName, applicationName);
-        Optional<Credentials> credentials = controller.tenants().require(id.tenant()).type() == Tenant.Type.user
-                ? Optional.empty()
-                : Optional.of(accessControlRequests.credentials(id.tenant(), toSlime(request.getData()).get(), request.getJDiscRequest()));
         controller.applications().deleteInstance(id.instance(instanceName));
-        if (controller.applications().requireApplication(id).instances().isEmpty())
+        if (controller.applications().requireApplication(id).instances().isEmpty()) {
+            Optional<Credentials> credentials = controller.tenants().require(id.tenant()).type() == Tenant.Type.user
+                                                ? Optional.empty()
+                                                : Optional.of(accessControlRequests.credentials(id.tenant(), toSlime(request.getData()).get(), request.getJDiscRequest()));
             controller.applications().deleteApplication(id, credentials);
+        }
         return new MessageResponse("Deleted instance " + id.instance(instanceName).toFullString());
     }
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2020-02-17 11:42:03 +0100
committer	GitHub <noreply@github.com>	2020-02-17 11:42:03 +0100
commit	2f228361b2d64a74d79219d253c943601b101b58 (patch)
tree	368a8b78f3dfe99c5fb3586947481ae3dc6af049 /controller-server
parent	8c33025dc3c20e734d7db0860fcb01e936c6dee5 (diff)
parent	b36b87e4ec128bc1ae96555544223f6cfa1b10cf (diff)