diff options
author | Øyvind Grønnesby <oyving@yahooinc.com> | 2022-09-06 10:02:01 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-06 10:02:01 +0200 |
commit | f4e9ed2a5cfec33c0ff3e014490b013b144036fd (patch) | |
tree | bb47c2a25ebc19bf6a651d65b5299888b850d67d /controller-server | |
parent | b6e8c11f75baa6eaa9034737a34945b2ca4775cc (diff) | |
parent | d2f4fba91b90a54432bc46409efbb85917c383a7 (diff) |
Merge pull request #23937 from vespa-engine/revert-23936-revert-23922-ogronnesby/find-user-api
Revert "Revert "Expose method to find user and their tenants""
Diffstat (limited to 'controller-server')
4 files changed, 47 insertions, 2 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java index 9cced2b8159..5bdb84bb6dd 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java @@ -101,6 +101,7 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { private HttpResponse handleGET(Path path, HttpRequest request) { if (path.matches("/user/v1/user")) return userMetadata(request); + if (path.matches("/user/v1/find")) return userMetadataFromUserId(request.getProperty("email")); if (path.matches("/user/v1/tenant/{tenant}")) return listTenantRoleMembers(path.get("tenant")); if (path.matches("/user/v1/tenant/{tenant}/application/{application}")) return listApplicationRoleMembers(path.get("tenant"), path.get("application")); @@ -133,6 +134,18 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { RoleDefinition.hostedSupporter, RoleDefinition.hostedAccountant); + private HttpResponse userMetadataFromUserId(String email) { + var maybeUser = users.findUser(email); + + if (maybeUser.isPresent()) { + var user = maybeUser.get(); + var roles = users.listRoles(new UserId(user.email())); + return renderUserMetaData(user, Set.copyOf(roles)); + } + + return ErrorResponse.notFoundError("Could not find user: " + email); + } + private HttpResponse userMetadata(HttpRequest request) { User user; if (request.getJDiscRequest().context().get(User.ATTRIBUTE_NAME) instanceof User) { @@ -146,6 +159,10 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { Set<Role> roles = getAttribute(request, SecurityContext.ATTRIBUTE_NAME, SecurityContext.class).roles(); + return renderUserMetaData(user, roles); + } + + private HttpResponse renderUserMetaData(User user, Set<Role> roles) { Map<TenantName, List<TenantRole>> tenantRolesByTenantName = roles.stream() .flatMap(role -> filterTenantRoles(role).stream()) .distinct() @@ -156,7 +173,7 @@ public class UserApiHandler extends ThreadedHttpRequestHandler { List<Role> operatorRoles = roles.stream() .filter(role -> hostedOperators.contains(role.definition())) .sorted(Comparator.comparing(Role::definition)) - .collect(Collectors.toList()); + .toList(); Slime slime = new Slime(); Cursor root = slime.setObject(); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java index 10fd57ce032..5380cf4ee27 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java @@ -344,7 +344,7 @@ public final class ControllerTester { private TenantName createCloudTenant(String tenantName) { TenantName tenant = TenantName.from(tenantName); TenantSpec spec = new CloudTenantSpec(tenant, "token"); - controller().tenants().create(spec, new Auth0Credentials(new SimplePrincipal("dev"), Set.of(Role.administrator(tenant)))); + controller().tenants().create(spec, new Auth0Credentials(new SimplePrincipal("dev-" + tenantName), Set.of(Role.administrator(tenant)))); return tenant; } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java index 539d6cff06d..4194131e7fb 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java @@ -16,6 +16,7 @@ import com.yahoo.vespa.flags.InMemoryFlagSource; import com.yahoo.vespa.hosted.controller.Controller; import com.yahoo.vespa.hosted.controller.api.integration.athenz.ApplicationAction; import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactoryMock; +import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement; import com.yahoo.vespa.hosted.controller.integration.ServiceRegistryMock; import java.io.File; @@ -64,6 +65,10 @@ public class ContainerTester { return (ServiceRegistryMock) container.components().getComponent(ServiceRegistryMock.class.getName()); } + public MockUserManagement userManagement() { + return (MockUserManagement) container.components().getComponent(MockUserManagement.class.getName()); + } + public void authorize(AthenzDomain tenantDomain, AthenzIdentity identity, ApplicationAction action, ApplicationName application) { athenzClientFactory().getSetup() .domains.get(tenantDomain) diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java index f34dd3fe629..efb06dd5c7d 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiTest.java @@ -10,6 +10,8 @@ import com.yahoo.vespa.flags.PermanentFlags; import com.yahoo.vespa.hosted.controller.ControllerTester; import com.yahoo.vespa.hosted.controller.api.integration.billing.PlanId; import com.yahoo.jdisc.http.filter.security.misc.User; +import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockUserManagement; +import com.yahoo.vespa.hosted.controller.api.integration.user.UserId; import com.yahoo.vespa.hosted.controller.api.role.Role; import com.yahoo.vespa.hosted.controller.restapi.ContainerTester; import com.yahoo.vespa.hosted.controller.restapi.ControllerContainerCloudTest; @@ -253,6 +255,27 @@ public class UserApiTest extends ControllerContainerCloudTest { } @Test + void findUser() { + try (Flags.Replacer ignored = Flags.clearFlagsForTesting(PermanentFlags.MAX_TRIAL_TENANTS.id(), PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id())) { + ContainerTester tester = new ContainerTester(container, responseFiles); + ((InMemoryFlagSource) tester.controller().flagSource()) + .withBooleanFlag(PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id(), true); + Set<Role> operator = Set.of(Role.hostedOperator(), Role.hostedSupporter(), Role.hostedAccountant()); + User user = new User("dev@domail", "Joe Developer", "dev", null); + + Role developer = Role.developer(TenantName.from("scoober")); + tester.userManagement().createRole(developer); + tester.userManagement().addToRoles(new UserId("dev@domail"), Set.of(developer)); + + tester.assertResponse(request("/user/v1/find?email=dev@domail") + .roles(operator) + .user(user), + """ + {"isPublic":true,"isCd":false,"hasTrialCapacity":true,"user":{"name":"dev@domail","email":"dev@domail","verified":false},"tenants":{"scoober":{"supported":false,"roles":["developer"]}},"flags":[{"id":"enable-public-signup-flow","rules":[{"value":false}]}]}"""); + } + } + + @Test void maxTrialTenants() { try (Flags.Replacer ignored = Flags.clearFlagsForTesting(PermanentFlags.MAX_TRIAL_TENANTS.id(), PermanentFlags.ENABLE_PUBLIC_SIGNUP_FLOW.id())) { ContainerTester tester = new ContainerTester(container, responseFiles); |