summaryrefslogtreecommitdiffstats
path: root/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/playground/AllowingFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/playground/AllowingFilter.java')
-rw-r--r--controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/playground/AllowingFilter.java41
1 files changed, 41 insertions, 0 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/playground/AllowingFilter.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/playground/AllowingFilter.java
new file mode 100644
index 00000000000..de7f2515979
--- /dev/null
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/playground/AllowingFilter.java
@@ -0,0 +1,41 @@
+// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.hosted.controller.restapi.playground;
+
+import com.yahoo.jdisc.http.filter.DiscFilterRequest;
+import com.yahoo.jdisc.http.filter.security.base.JsonSecurityRequestFilterBase;
+import com.yahoo.vespa.athenz.api.AthenzDomain;
+import com.yahoo.vespa.athenz.api.AthenzPrincipal;
+import com.yahoo.vespa.athenz.api.AthenzUser;
+import com.yahoo.vespa.hosted.controller.api.integration.user.User;
+import com.yahoo.vespa.hosted.controller.api.role.Role;
+import com.yahoo.vespa.hosted.controller.api.role.SecurityContext;
+import com.yahoo.yolean.Exceptions;
+
+import java.time.Instant;
+import java.util.Optional;
+import java.util.Set;
+
+public class AllowingFilter extends JsonSecurityRequestFilterBase {
+
+ static final AthenzPrincipal user = new AthenzPrincipal(new AthenzUser("demo"));
+ static final AthenzDomain domain = new AthenzDomain("domain");
+
+ @Override
+ protected Optional<ErrorResponse> filter(DiscFilterRequest request) {
+ try {
+ request.setUserPrincipal(user);
+ request.setAttribute(User.ATTRIBUTE_NAME, new User("mail@mail", user.getName(), "demo", null, true, -1, User.NO_DATE));
+ request.setAttribute("okta.identity-token", "okta-it");
+ request.setAttribute("okta.access-token", "okta-at");
+ request.setAttribute(SecurityContext.ATTRIBUTE_NAME,
+ new SecurityContext(user,
+ Set.of(Role.hostedOperator()),
+ Instant.now().minusSeconds(3600)));
+ return Optional.empty();
+ }
+ catch (Throwable t) {
+ return Optional.of(new ErrorResponse(500, Exceptions.toMessageString(t)));
+ }
+ }
+
+}