Set correct auth settings for all actions

A test has been added to RequestHandlerTest, making sure that, while we merely log errors for the time being, the correct dummy AuthResult is being created. Most actions use the default settings, which have been changed to INTERNAL / APP / IGNORED. Actions with non-default settings are: INTERNAL/NONE/PUBLIC (non-auth public endpoints) CheckApiAction WhoisHttpServer Rdap*Action INTERNAL,API/APP/ADMIN (things currently protected by web.xml) EppTlsAction EppToolAction CreateGroupsAction CreatePremiumListAction DeleteEntityAction List*sAction UpdatePremiumListAction VerifyOteAction WhoisServer INTERNAL,API,LEGACY/USER/PUBLIC (registrar console) RegistrarPaymentAction RegistrarPaymentSetupAction RegistrarSettingsAction EppConsoleAction INTERNAL,API,LEGACY/NONE/PUBLIC (registrar console main page) ConsoleUiAction ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=149761652
2025-05-14 00:17:20 +02:00 · 2017-03-10 08:47:52 -08:00 · 2017-03-10 08:47:52 -08:00 · 1f000b94e6
commit 1f000b94e6
parent f5e76868f0
38 changed files with 450 additions and 133 deletions
--- a/java/google/registry/whois/WhoisServer.java
+++ b/java/google/registry/whois/WhoisServer.java
@ -22,6 +22,8 @@ import com.google.common.net.MediaType;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.request.Action;
 import google.registry.request.Response;
+import google.registry.request.auth.Auth;
+import google.registry.request.auth.AuthLevel;
 import google.registry.util.Clock;
 import google.registry.util.FormattingLogger;
 import google.registry.whois.WhoisMetrics.WhoisMetric;
@ -33,18 +35,27 @@ import org.joda.time.DateTime;
 /**
 * HTTP request handler for WHOIS protocol requests sent to us by a proxy.
 *
- * <p>All commands and responses conform to the WHOIS spec as defined in RFC 3912. Commands must
- * be sent via an HTTP POST in the request body.
+ * <p>All commands and responses conform to the WHOIS spec as defined in RFC 3912. Commands must be
+ * sent via an HTTP POST in the request body.
 *
 * <p>This servlet is meant to serve as a low level interface for the proxy app which forwards us
- * requests received on port 43. However this interface is technically higher level because it
- * sends back proper HTTP error codes such as 200, 400, 500, etc. These are discarded by the proxy
- * because WHOIS specifies no manner for differentiating successful and erroneous requests.
+ * requests received on port 43. However this interface is technically higher level because it sends
+ * back proper HTTP error codes such as 200, 400, 500, etc. These are discarded by the proxy because
+ * WHOIS specifies no manner for differentiating successful and erroneous requests.
 *
 * @see WhoisHttpServer
 * @see <a href="http://www.ietf.org/rfc/rfc3912.txt">RFC 3912: WHOIS Protocol Specification</a>
 */
-@Action(path = "/_dr/whois", method = POST)
+@Action(
+  path = "/_dr/whois",
+  method = POST,
+  auth =
+      @Auth(
+        methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API},
+        minimumLevel = AuthLevel.APP,
+        userPolicy = Auth.UserPolicy.ADMIN
+      )
+)
 public class WhoisServer implements Runnable {

  private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();