Remove whitelisted hostnames

4 files changed, 28 insertions, 70 deletions

diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java
index 1b0bbffe507..28ead318cc0 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilter.java
@@ -3,11 +3,9 @@ package com.yahoo.vespa.hosted.provision.restapi.v2.filter;
 
 import com.google.inject.Inject;
 import com.yahoo.config.provision.Zone;
-import com.yahoo.config.provisioning.NodeRepositoryConfig;
 import com.yahoo.jdisc.handler.ResponseHandler;
 import com.yahoo.jdisc.http.filter.DiscFilterRequest;
 import com.yahoo.jdisc.http.filter.SecurityRequestFilter;
-import com.yahoo.net.HostName;
 import com.yahoo.vespa.hosted.provision.NodeRepository;
 import com.yahoo.vespa.hosted.provision.restapi.v2.ErrorResponse;
 import com.yahoo.yolean.chain.After;
@@ -17,8 +15,6 @@ import java.util.Optional;
 import java.util.function.BiConsumer;
 import java.util.function.BiPredicate;
 import java.util.logging.Logger;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
 
 /**
  * Authorization filter for all paths in config server. It assumes that {@link NodeIdentifierFilter} is part of filter chain.
@@ -35,23 +31,9 @@ public class AuthorizationFilter implements SecurityRequestFilter {
     private final BiConsumer<ErrorResponse, ResponseHandler> rejectAction;
 
     @Inject
-    public AuthorizationFilter(Zone zone, NodeRepository nodeRepository, NodeRepositoryConfig nodeRepositoryConfig) {
-        this(
-                new Authorizer(
-                        zone.system(),
-                        nodeRepository,
-                        Stream.concat(
-                                Stream.of(HostName.getLocalhost()),
-                                Stream.of(nodeRepositoryConfig.hostnameWhitelist().split(","))
-                        ).filter(hostname -> !hostname.isEmpty()).collect(Collectors.toSet())),
-                AuthorizationFilter::logAndReject
-        );
-    }
-
-    AuthorizationFilter(BiPredicate<NodePrincipal, URI> authorizer,
-                        BiConsumer<ErrorResponse, ResponseHandler> rejectAction) {
-        this.authorizer = authorizer;
-        this.rejectAction = rejectAction;
+    public AuthorizationFilter(Zone zone, NodeRepository nodeRepository) {
+        this.authorizer = new Authorizer(zone.system(), nodeRepository);
+        this.rejectAction = AuthorizationFilter::logAndReject;
     }
 
     @Override
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/Authorizer.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/Authorizer.java
index 6225a8a4fc4..afcde0949e3 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/Authorizer.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/Authorizer.java
@@ -31,7 +31,6 @@ import java.util.stream.Collectors;
  */
 public class Authorizer implements BiPredicate<NodePrincipal, URI> {
     private final NodeRepository nodeRepository;
-    private final Set<String> whitelistedHostnames;
     private final AthenzIdentity controllerIdentity;
     private final AthenzIdentity configServerIdentity = new AthenzService("vespa.vespa", "configserver");
     private final AthenzIdentity proxyIdentity = new AthenzService("vespa.vespa", "proxy");
@@ -39,10 +38,8 @@ public class Authorizer implements BiPredicate<NodePrincipal, URI> {
     private final Set<AthenzIdentity> trustedIdentities;
     private final Set<AthenzIdentity> hostAdminIdentities;
 
-    // TODO Remove whitelisted hostnames as these nodes should be included through 'trustedIdentities'
-    public Authorizer(SystemName system, NodeRepository nodeRepository, Set<String> whitelistedHostnames) {
+    public Authorizer(SystemName system, NodeRepository nodeRepository) {
         this.nodeRepository = nodeRepository;
-        this.whitelistedHostnames = whitelistedHostnames;
         controllerIdentity = system == SystemName.main
                 ? new AthenzService("vespa.vespa", "hosting")
                 : new AthenzService("vespa.vespa.cd", "hosting");
@@ -85,11 +82,6 @@ public class Authorizer implements BiPredicate<NodePrincipal, URI> {
             if (canAccessAny(nodeTypesFor(uri), principal, this::isNodeType)) {
                 return true;
             }
-
-            // The host itself can access all resources
-            if (whitelistedHostnames.contains(hostname)) {
-                return true;
-            }
         }
         return false;
     }
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilterTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilterTest.java
index b5d2861e5a0..2969b608d3a 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilterTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizationFilterTest.java
@@ -6,7 +6,6 @@ import com.yahoo.config.provision.Environment;
 import com.yahoo.config.provision.RegionName;
 import com.yahoo.config.provision.SystemName;
 import com.yahoo.config.provision.Zone;
-import com.yahoo.config.provisioning.NodeRepositoryConfig;
 import com.yahoo.vespa.curator.mock.MockCurator;
 import com.yahoo.vespa.hosted.provision.restapi.v2.filter.FilterTester.Request;
 import com.yahoo.vespa.hosted.provision.testutils.MockNodeFlavors;
@@ -48,8 +47,7 @@ public class AuthorizationFilterTest {
         Zone zone = new Zone(system, Environment.prod, RegionName.defaultName());
         return new FilterTester(new AuthorizationFilter(
                 zone,
-                new MockNodeRepository(new MockCurator(), new MockNodeFlavors()),
-                new NodeRepositoryConfig(new NodeRepositoryConfig.Builder())));
+                new MockNodeRepository(new MockCurator(), new MockNodeFlavors())));
     }
 
 }
diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizerTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizerTest.java
index 5e643bd09ab..d696328cd7f 100644
--- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizerTest.java
+++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/filter/AuthorizerTest.java
@@ -13,10 +13,6 @@ import org.junit.Before;
 import org.junit.Test;
 
 import java.net.URI;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
@@ -37,30 +33,27 @@ public class AuthorizerTest {
     public void before() {
         NodeFlavors flavors = new MockNodeFlavors();
         nodeRepository = new MockNodeRepository(new MockCurator(), flavors);
-        authorizer = new Authorizer(SystemName.main, nodeRepository, new HashSet<>(Arrays.asList("cfg1", "cfghost1")));
-        { // Populate with nodes used in this test. Note that only nodes requiring node repository lookup are added here
-            Set<String> ipAddresses = new HashSet<>(Arrays.asList("127.0.0.1", "::1"));
-            Flavor flavor = flavors.getFlavorOrThrow("default");
-            List<Node> nodes = new ArrayList<>();
-            nodes.add(nodeRepository.createNode("host1", "host1", ipAddresses,
-                                                Optional.empty(), flavor, NodeType.host));
-            nodes.add(nodeRepository.createNode("child1-1", "child1-1", ipAddresses,
-                                                Optional.of("host1"), flavor, NodeType.tenant));
-            nodes.add(nodeRepository.createNode("child1-2", "child1-2", ipAddresses,
-                                                Optional.of("host1"), flavor, NodeType.tenant));
-
-            nodes.add(nodeRepository.createNode("host2", "host2", ipAddresses,
-                                                Optional.empty(), flavor, NodeType.host));
-            nodes.add(nodeRepository.createNode("child2-1", "child2-1", ipAddresses,
-                                                Optional.of("host1.tld"), flavor, NodeType.tenant));
-
-            nodes.add(nodeRepository.createNode("proxy1", "proxy1", ipAddresses, Optional.empty(),
-                                                flavor, NodeType.proxy));
-
-            nodes.add(nodeRepository.createNode("proxy1-host1", "proxy1-host", ipAddresses,
-                                                Optional.empty(), flavor, NodeType.proxyhost));
-            nodeRepository.addNodes(nodes);
-        }
+        authorizer = new Authorizer(SystemName.main, nodeRepository);
+
+        Set<String> ipAddresses = Set.of("127.0.0.1", "::1");
+        Flavor flavor = flavors.getFlavorOrThrow("default");
+        List<Node> nodes = List.of(
+                nodeRepository.createNode(
+                        "host1", "host1", ipAddresses, Optional.empty(), flavor, NodeType.host),
+                nodeRepository.createNode(
+                        "child1-1", "child1-1", ipAddresses, Optional.of("host1"), flavor, NodeType.tenant),
+                nodeRepository.createNode(
+                        "child1-2", "child1-2", ipAddresses, Optional.of("host1"), flavor, NodeType.tenant),
+                nodeRepository.createNode(
+                        "host2", "host2", ipAddresses, Optional.empty(), flavor, NodeType.host),
+                nodeRepository.createNode(
+                        "child2-1", "child2-1", ipAddresses, Optional.of("host1.tld"), flavor, NodeType.tenant),
+                nodeRepository.createNode(
+                        "proxy1", "proxy1", ipAddresses, Optional.of("proxyhost1"), flavor, NodeType.proxy),
+                nodeRepository.createNode(
+                        "proxyhost1", "proxyhost1", ipAddresses, Optional.empty(), flavor, NodeType.proxyhost)
+        );
+        nodeRepository.addNodes(nodes);
     }
 
     @Test
@@ -106,7 +99,7 @@ public class AuthorizerTest {
 
         // Trusted services can access everything in their own system
         assertFalse(authorizedController("vespa.vespa.cd.hosting", "/")); // Wrong system
-        assertTrue(new Authorizer(SystemName.cd, nodeRepository, Collections.emptySet()).test(NodePrincipal.withAthenzIdentity("vespa.vespa.cd.hosting", emptyList()), uri("/")));
+        assertTrue(new Authorizer(SystemName.cd, nodeRepository).test(NodePrincipal.withAthenzIdentity("vespa.vespa.cd.hosting", emptyList()), uri("/")));
         assertTrue(authorizedController("vespa.vespa.hosting", "/"));
         assertTrue(authorizedController("vespa.vespa.configserver", "/"));
         assertTrue(authorizedController("vespa.vespa.hosting", "/nodes/v2/node/"));
@@ -167,14 +160,7 @@ public class AuthorizerTest {
         // Node of proxy or proxyhost type can access routing resource
         assertFalse(authorizedTenantNode("node1", "/routing/v1/status"));
         assertTrue(authorizedTenantNode("proxy1", "/routing/v1/status"));
-        assertTrue(authorizedTenantNode("proxy1-host", "/routing/v1/status"));
-    }
-
-    @Test
-    public void host_authorization() {
-        assertTrue(authorizedLegacyNode("cfg1", "/"));
-        assertTrue(authorizedLegacyNode("cfg1", "/application/v2"));
-        assertTrue(authorizedLegacyNode("cfghost1", "/application/v2"));
+        assertTrue(authorizedTenantNode("proxyhost1", "/routing/v1/status"));
     }
 
     @Test