Enable authentication/authorization checks

The code to authenticate and authorize incoming requests (including via OAuth) has been in the system. This CL actually turns it on, since we are satisfied from logging information that it is not unjustly denying access. Auth settings are also updated on a few commands missed earlier. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=152381820
2025-05-12 22:38:16 +02:00 · 2017-04-06 07:59:15 -07:00 · 2017-04-06 07:59:15 -07:00 · 5127aeafb5
commit 5127aeafb5
parent bd696b4b92
7 changed files with 40 additions and 42 deletions
--- a/java/google/registry/tools/server/javascrap/RefreshAllDomainsAction.java
+++ b/java/google/registry/tools/server/javascrap/RefreshAllDomainsAction.java
@ -30,7 +30,13 @@ import javax.inject.Inject;
 import org.joda.time.DateTime;
 import org.joda.time.DateTimeZone;

-/** A mapreduce that enqueues publish tasks on all active domains. */
+/**
+ * A mapreduce that enqueues publish tasks on all active domains.
+ *
+ * <p>Because there are no auth settings in the {@link Action} annotation, this command can only be
+ * run internally, or by pretending to be internal by setting the X-AppEngine-QueueName header,
+ * which only admin users can do.
+ */
@Action(path = "/_dr/task/refreshAllDomains")
 public class RefreshAllDomainsAction implements Runnable {