diff options
Diffstat (limited to 'node-repository')
2 files changed, 40 insertions, 20 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/NodeAclResponse.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/NodeAclResponse.java index 3eb9c0a09f5..2a4f37151de 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/NodeAclResponse.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/v2/NodeAclResponse.java @@ -13,7 +13,6 @@ import com.yahoo.vespa.hosted.provision.NodeRepository; import java.io.File; import java.io.IOException; import java.io.OutputStream; -import java.util.List; /** * @author mpolden @@ -45,16 +44,29 @@ public class NodeAclResponse extends HttpResponse { Node node = nodeRepository.getNode(hostname) .orElseGet(() -> nodeRepository.getConfigNode(hostname) .orElseThrow(() -> new NotFoundException("No node with hostname '" + hostname + "'"))); - toSlime(nodeRepository.getNodeAcls(node, aclsForChildren), object.setArray("trustedNodes")); + + Cursor trustedNodesArray = object.setArray("trustedNodes"); + nodeRepository.getNodeAcls(node, aclsForChildren).forEach(nodeAcl -> toTrustedNodeSlime(nodeAcl, trustedNodesArray)); + + Cursor trustedNetworksArray = object.setArray("trustedNetworks"); + nodeRepository.getNodeAcls(node, aclsForChildren).forEach(nodeAcl -> toTrustedNetworkSlime(nodeAcl, trustedNetworksArray)); } - private void toSlime(List<NodeAcl> nodeAcls, Cursor array) { - nodeAcls.forEach(acl -> acl.trustedNodes().forEach(node -> node.ipAddresses().forEach(ipAddress -> { + private void toTrustedNodeSlime(NodeAcl nodeAcl, Cursor array) { + nodeAcl.trustedNodes().forEach(node -> node.ipAddresses().forEach(ipAddress -> { Cursor object = array.addObject(); object.setString("hostname", node.hostname()); object.setString("ipAddress", ipAddress); - object.setString("trustedBy", acl.node().hostname()); - }))); + object.setString("trustedBy", nodeAcl.node().hostname()); + })); + } + + private void toTrustedNetworkSlime(NodeAcl nodeAcl, Cursor array) { + nodeAcl.trustedNetworks().forEach(network -> { + Cursor object = array.addObject(); + object.setString("network", network); + object.setString("trustedBy", nodeAcl.node().hostname()); + }); } @Override diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/RestApiTest.java b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/RestApiTest.java index f139f2bc156..c46680b2fe0 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/RestApiTest.java +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/RestApiTest.java @@ -309,7 +309,7 @@ public class RestApiTest { "\\{\"hostname\":\"cfg1\",\"ipAddress\":\".+?\",\"trustedBy\":\"foo.yahoo.com\"}," + "\\{\"hostname\":\"cfg2\",\"ipAddress\":\".+?\",\"trustedBy\":\"foo.yahoo.com\"}," + "\\{\"hostname\":\"cfg3\",\"ipAddress\":\".+?\",\"trustedBy\":\"foo.yahoo.com\"}" + - "]}"); + "],\"trustedNetworks\":\\[\\]}"); assertResponseMatches(new Request("http://localhost:8080/nodes/v2/acl/" + hostname), responsePattern); } @@ -319,25 +319,33 @@ public class RestApiTest { "\\{\"hostname\":\"cfg1\",\"ipAddress\":\".+?\",\"trustedBy\":\"cfg1\"}," + "\\{\"hostname\":\"cfg2\",\"ipAddress\":\".+?\",\"trustedBy\":\"cfg1\"}," + "\\{\"hostname\":\"cfg3\",\"ipAddress\":\".+?\",\"trustedBy\":\"cfg1\"}" + - "]}"); + "],\"trustedNetworks\":\\[\\]}"); assertResponseMatches(new Request("http://localhost:8080/nodes/v2/acl/cfg1"), responsePattern); } @Test + public void acl_request_by_docker_host() throws Exception { + Pattern responsePattern = Pattern.compile("\\{\"trustedNodes\":\\[" + + "\\{\"hostname\":\"cfg1\",\"ipAddress\":\".+?\",\"trustedBy\":\"parent1.yahoo.com\"}," + + "\\{\"hostname\":\"cfg2\",\"ipAddress\":\".+?\",\"trustedBy\":\"parent1.yahoo.com\"}," + + "\\{\"hostname\":\"cfg3\",\"ipAddress\":\".+?\",\"trustedBy\":\"parent1.yahoo.com\"}]," + + "\"trustedNetworks\":\\[" + + "\\{\"network\":\"172.17.0.0/16\",\"trustedBy\":\"parent1.yahoo.com\"}]}"); + assertResponseMatches(new Request("http://localhost:8080/nodes/v2/acl/parent1.yahoo.com"), responsePattern); + } + + @Test public void acl_response_with_dual_stack_node() throws Exception { - assertResponse(new Request("http://localhost:8080/nodes/v2/node", - ("[" + asNodeJson("dual-stack-host.yahoo.com", "default", "127.0.0.1", "::1") + "]"). - getBytes(StandardCharsets.UTF_8), - Request.Method.POST), - "{\"message\":\"Added 1 nodes to the provisioned state\"}"); Pattern responsePattern = Pattern.compile("\\{\"trustedNodes\":\\[" + - "\\{\"hostname\":\"cfg1\",\"ipAddress\":\".+?\",\"trustedBy\":\"cfg1\"}," + - "\\{\"hostname\":\"cfg2\",\"ipAddress\":\".+?\",\"trustedBy\":\"cfg1\"}," + - "\\{\"hostname\":\"cfg3\",\"ipAddress\":\".+?\",\"trustedBy\":\"cfg1\"}," + - "\\{\"hostname\":\"dual-stack-host.yahoo.com\",\"ipAddress\":\"::1\",\"trustedBy\":\"cfg1\"}," + - "\\{\"hostname\":\"dual-stack-host.yahoo.com\",\"ipAddress\":\"127.0.0.1\",\"trustedBy\":\"cfg1\"}" + - ".*]}"); - assertResponseMatches(new Request("http://localhost:8080/nodes/v2/acl/cfg1"), responsePattern); + "\\{\"hostname\":\"cfg1\",\"ipAddress\":\".+?\",\"trustedBy\":\"host1.yahoo.com\"}," + + "\\{\"hostname\":\"cfg2\",\"ipAddress\":\".+?\",\"trustedBy\":\"host1.yahoo.com\"}," + + "\\{\"hostname\":\"cfg3\",\"ipAddress\":\".+?\",\"trustedBy\":\"host1.yahoo.com\"}," + + "\\{\"hostname\":\"host1.yahoo.com\",\"ipAddress\":\"::1\",\"trustedBy\":\"host1.yahoo.com\"}," + + "\\{\"hostname\":\"host1.yahoo.com\",\"ipAddress\":\"127.0.0.1\",\"trustedBy\":\"host1.yahoo.com\"}," + + "\\{\"hostname\":\"host2.yahoo.com\",\"ipAddress\":\"::1\",\"trustedBy\":\"host1.yahoo.com\"}," + + "\\{\"hostname\":\"host2.yahoo.com\",\"ipAddress\":\"127.0.0.1\",\"trustedBy\":\"host1.yahoo.com\"}" + + "],\"trustedNetworks\":\\[\\]}"); + assertResponseMatches(new Request("http://localhost:8080/nodes/v2/acl/host1.yahoo.com"), responsePattern); } @Test |