diff options
Diffstat (limited to 'controller-api')
3 files changed, 34 insertions, 2 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/Roles.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/Roles.java index 0eff7de3f9f..e76b976d3d2 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/Roles.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/Roles.java @@ -22,7 +22,10 @@ public class Roles { public static List<TenantRole> tenantRoles(TenantName tenant) { return List.of(Role.tenantOwner(tenant), Role.tenantAdmin(tenant), - Role.tenantOperator(tenant)); + Role.tenantOperator(tenant), + Role.administrator(tenant), + Role.developer(tenant), + Role.reader(tenant)); } /** Returns the list of {@link ApplicationRole}s a {@link UserId} may be a member of. */ @@ -30,7 +33,8 @@ public class Roles { return List.of(Role.applicationAdmin(tenant, application), Role.applicationOperator(tenant, application), Role.applicationDeveloper(tenant, application), - Role.applicationReader(tenant, application)); + Role.applicationReader(tenant, application), + Role.headless(tenant, application)); } /** Returns the {@link Role} the given value represents. */ @@ -48,6 +52,9 @@ public class Roles { case "tenantOwner": return Role.tenantOwner(tenant); case "tenantAdmin": return Role.tenantAdmin(tenant); case "tenantOperator": return Role.tenantOperator(tenant); + case "administrator": return Role.administrator(tenant); + case "developer": return Role.developer(tenant); + case "reader": return Role.reader(tenant); default: throw new IllegalArgumentException("Malformed or illegal role name '" + roleName + "'."); } } @@ -59,6 +66,7 @@ public class Roles { case "applicationOperator": return Role.applicationOperator(tenant, application); case "applicationDeveloper": return Role.applicationDeveloper(tenant, application); case "applicationReader": return Role.applicationReader(tenant, application); + case "headless": return Role.headless(tenant, application); default: throw new IllegalArgumentException("Malformed or illegal role name '" + roleName + "'."); } } @@ -101,6 +109,10 @@ public class Roles { case applicationOperator: return "applicationOperator"; case applicationDeveloper: return "applicationDeveloper"; case applicationReader: return "applicationReader"; + case administrator: return "administrator"; + case developer: return "developer"; + case reader: return "reader"; + case headless: return "headless"; default: throw new IllegalArgumentException("No value defined for role '" + role + "'."); } } diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/user/RolesTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/user/RolesTest.java index 4c7fe57a6d8..19d2d1a6c49 100644 --- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/user/RolesTest.java +++ b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/integration/user/RolesTest.java @@ -30,6 +30,11 @@ public class RolesTest { Roles.toRole("my-tenant.tenantOperator")); assertEquals(Role.applicationReader(tenant, application), Roles.toRole("my-tenant.my-application.applicationReader")); + + assertEquals(Role.administrator(tenant), Roles.toRole("my-tenant.administrator")); + assertEquals(Role.developer(tenant), Roles.toRole("my-tenant.developer")); + assertEquals(Role.reader(tenant), Roles.toRole("my-tenant.reader")); + assertEquals(Role.headless(tenant, application), Roles.toRole("my-tenant.my-application.headless")); } @Test(expected = IllegalArgumentException.class) diff --git a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java index d141ef6c73e..e1248ab857f 100644 --- a/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java +++ b/controller-api/src/test/java/com/yahoo/vespa/hosted/controller/api/role/RoleTest.java @@ -102,4 +102,19 @@ public class RoleTest { assertTrue(applicationDeveloper11.implies(applicationReader11)); } + @Test + public void new_implications() { + TenantName tenant1 = TenantName.from("t1"); + ApplicationName application1 = ApplicationName.from("a1"); + ApplicationName application2 = ApplicationName.from("a2"); + + Role tenantAdmin1 = Role.administrator(tenant1); + Role tenantDeveloper1 = Role.developer(tenant1); + Role applicationHeadless11 = Role.headless(tenant1, application1); + Role applicationHeadless12 = Role.headless(tenant1, application2); + + assertFalse(tenantAdmin1.implies(tenantDeveloper1)); + assertFalse(tenantAdmin1.implies(applicationHeadless11)); + assertFalse(applicationHeadless11.implies(applicationHeadless12)); + } } |