diff options
author | Martin Polden <mpolden@mpolden.no> | 2020-03-05 10:23:46 +0100 |
---|---|---|
committer | Martin Polden <mpolden@mpolden.no> | 2020-03-05 13:53:51 +0100 |
commit | 1e7e5d787497c067984a8effdceb06fcbb6d439a (patch) | |
tree | 19f854dca4dd0ff0c167e2c9a34b7740005720e0 /controller-server | |
parent | 50e75b45e06fb9d48cbc6be1dac66e4ee05b03ae (diff) |
Remove unused tenant and application roles
Diffstat (limited to 'controller-server')
2 files changed, 7 insertions, 11 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java index 66cbf4d17ef..0e3295b1143 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java @@ -335,13 +335,6 @@ public class UserApiHandler extends LoggingRequestHandler { private static String valueOf(Role role) { switch (role.definition()) { - case tenantOwner: return "tenantOwner"; - case tenantAdmin: return "tenantAdmin"; - case tenantOperator: return "tenantOperator"; - case applicationAdmin: return "applicationAdmin"; - case applicationOperator: return "applicationOperator"; - case applicationDeveloper: return "applicationDeveloper"; - case applicationReader: return "applicationReader"; case administrator: return "administrator"; case developer: return "developer"; case reader: return "reader"; diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java index 93d88ff8abd..6db5bc9f523 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java @@ -102,7 +102,7 @@ public class UserApiTest extends ControllerContainerCloudTest { tester.assertResponse(request("/user/v1/tenant/my-tenant/application/my-app", POST) .roles(Set.of(Role.administrator(TenantName.from("my-tenant")))) .data("{\"user\":\"headless@app\",\"roleName\":\"headless\"}"), - "{\"error-code\":\"INTERNAL_SERVER_ERROR\",\"message\":\"NullPointerException\"}", 500); + "{\"error-code\":\"BAD_REQUEST\",\"message\":\"role 'headless' of 'my-app' owned by 'my-tenant' not found\"}", 400); // POST an application is allowed for a tenant developer. tester.assertResponse(request("/application/v4/tenant/my-tenant/application/my-app", POST) @@ -193,10 +193,13 @@ public class UserApiTest extends ControllerContainerCloudTest { .data("{\"user\":\"administrator@tenant\",\"roleName\":\"administrator\"}"), "{\"error-code\":\"BAD_REQUEST\",\"message\":\"Can't remove the last administrator of a tenant.\"}", 400); - // DELETE the tenant is available to the tenant owner. + // DELETE the tenant is not allowed tester.assertResponse(request("/application/v4/tenant/my-tenant", DELETE) - .roles(Set.of(Role.tenantOwner(id.tenant()))), - new File("tenant-without-applications.json")); + .roles(Set.of(Role.developer(id.tenant()))), + "{\n" + + " \"code\" : 403,\n" + + " \"message\" : \"Access denied\"\n" + + "}", 403); } @Test |