Remove requireLogin action attribute

The affected actions have been changed to check that the user is logged in by [] so this attribute is no longer needed. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=159572365
2025-05-13 07:57:13 +02:00 · 2017-06-20 09:42:45 -07:00 · 2017-06-20 09:42:45 -07:00 · 9d96072e01
commit 9d96072e01
parent d05151b026
14 changed files with 83 additions and 159 deletions
--- a/java/google/registry/module/backend/BackendRequestHandler.java
+++ b/java/google/registry/module/backend/BackendRequestHandler.java
@ -14,7 +14,6 @@

 package google.registry.module.backend;

-import com.google.appengine.api.users.UserService;
 import google.registry.request.RequestHandler;
 import google.registry.request.auth.RequestAuthenticator;
 import javax.inject.Inject;
@ -25,8 +24,7 @@ public class BackendRequestHandler extends RequestHandler<BackendRequestComponen

  @Inject BackendRequestHandler(
      Provider<BackendRequestComponent.Builder> componentBuilderProvider,
-      UserService userService,
      RequestAuthenticator requestAuthenticator) {
-    super(componentBuilderProvider, userService, requestAuthenticator);
+    super(componentBuilderProvider, requestAuthenticator);
  }
 }
--- a/java/google/registry/module/frontend/FrontendRequestHandler.java
+++ b/java/google/registry/module/frontend/FrontendRequestHandler.java
@ -14,7 +14,6 @@

 package google.registry.module.frontend;

-import com.google.appengine.api.users.UserService;
 import google.registry.request.RequestHandler;
 import google.registry.request.auth.RequestAuthenticator;
 import javax.inject.Inject;
@ -25,8 +24,7 @@ public class FrontendRequestHandler extends RequestHandler<FrontendRequestCompon

  @Inject FrontendRequestHandler(
      Provider<FrontendRequestComponent.Builder> componentBuilderProvider,
-      UserService userService,
      RequestAuthenticator requestAuthenticator) {
-    super(componentBuilderProvider, userService, requestAuthenticator);
+    super(componentBuilderProvider, requestAuthenticator);
  }
 }
--- a/java/google/registry/module/tools/ToolsRequestHandler.java
+++ b/java/google/registry/module/tools/ToolsRequestHandler.java
@ -14,7 +14,6 @@

 package google.registry.module.tools;

-import com.google.appengine.api.users.UserService;
 import google.registry.request.RequestHandler;
 import google.registry.request.auth.RequestAuthenticator;
 import javax.inject.Inject;
@ -25,8 +24,7 @@ public class ToolsRequestHandler extends RequestHandler<ToolsRequestComponent> {

  @Inject ToolsRequestHandler(
      Provider<ToolsRequestComponent.Builder> componentBuilderProvider,
-      UserService userService,
      RequestAuthenticator requestAuthenticator) {
-    super(componentBuilderProvider, userService, requestAuthenticator);
+    super(componentBuilderProvider, requestAuthenticator);
  }
 }
--- a/java/google/registry/request/Action.java
+++ b/java/google/registry/request/Action.java
@ -46,16 +46,6 @@ public @interface Action {
   */
  boolean automaticallyPrintOk() default false;

-  /**
-   * Require user be logged-in or 302 redirect to the Google auth login page.
-   *
-   * <p><b>Warning:</b> DO NOT use this for cron and task queue endpoints.
-   *
-   * <p><b>Note:</b> Logged-in actions should also be guarded by a {@code <security-constraint>} in
-   * {@code web.xml} with {@code <role-name>*</role-name>}.
-   */
-  boolean requireLogin() default false;
-
  /** Authentication settings. */
  Auth auth() default @Auth;
 }
--- a/java/google/registry/request/RequestHandler.java
+++ b/java/google/registry/request/RequestHandler.java
@ -15,14 +15,11 @@
 package google.registry.request;

 import static com.google.common.base.Preconditions.checkNotNull;
-import static com.google.common.net.HttpHeaders.LOCATION;
 import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
 import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
 import static javax.servlet.http.HttpServletResponse.SC_METHOD_NOT_ALLOWED;
-import static javax.servlet.http.HttpServletResponse.SC_MOVED_TEMPORARILY;
 import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;

-import com.google.appengine.api.users.UserService;
 import com.google.common.base.Optional;
 import google.registry.request.auth.AuthResult;
 import google.registry.request.auth.RequestAuthenticator;
@ -58,8 +55,6 @@ import javax.servlet.http.HttpServletResponse;
 *
 * <h3>Security Features</h3>
 *
- * <p>This class also enforces the {@link Action#requireLogin() requireLogin} setting.
- *
 * @param <C> request component type
 */
 public class RequestHandler<C> {
@ -68,7 +63,6 @@ public class RequestHandler<C> {

  private final Router router;
  private final Provider<? extends RequestComponentBuilder<C>> requestComponentBuilderProvider;
-  private final UserService userService;
  private final RequestAuthenticator requestAuthenticator;

  /**
@ -81,33 +75,28 @@ public class RequestHandler<C> {
   * @param requestComponentBuilderProvider a Dagger {@code Provider} of builder instances that can
   *     be used to construct new instances of the request component (with the required
   *     request-derived modules provided by this class)
-   * @param userService an instance of the App Engine UserService API
   * @param requestAuthenticator an instance of the {@link RequestAuthenticator} class
   */
  protected RequestHandler(
      Provider<? extends RequestComponentBuilder<C>> requestComponentBuilderProvider,
-      UserService userService,
      RequestAuthenticator requestAuthenticator) {
-    this(null, requestComponentBuilderProvider, userService, requestAuthenticator);
+    this(null, requestComponentBuilderProvider, requestAuthenticator);
  }

  /** Creates a new RequestHandler with an explicit component class for test purposes. */
  public static <C> RequestHandler<C> createForTest(
      Class<C> component,
      Provider<? extends RequestComponentBuilder<C>> requestComponentBuilderProvider,
-      UserService userService,
      RequestAuthenticator requestAuthenticator) {
    return new RequestHandler<>(
        checkNotNull(component),
        requestComponentBuilderProvider,
-        userService,
        requestAuthenticator);
  }

  private RequestHandler(
      @Nullable Class<C> component,
      Provider<? extends RequestComponentBuilder<C>> requestComponentBuilderProvider,
-      UserService userService,
      RequestAuthenticator requestAuthenticator) {
    // If the component class isn't explicitly provided, infer it from the class's own typing.
    // This is safe only for use by subclasses of RequestHandler where the generic parameter is
@ -115,7 +104,6 @@ public class RequestHandler<C> {
    this.router = Router.create(
        component != null ? component : new TypeInstantiator<C>(getClass()){}.getExactType());
    this.requestComponentBuilderProvider = checkNotNull(requestComponentBuilderProvider);
-    this.userService = checkNotNull(userService);
    this.requestAuthenticator = checkNotNull(requestAuthenticator);
  }

@ -143,12 +131,6 @@ public class RequestHandler<C> {
      rsp.sendError(SC_METHOD_NOT_ALLOWED);
      return;
    }
-    if (route.get().action().requireLogin() && !userService.isUserLoggedIn()) {
-      logger.info("not logged in");
-      rsp.setStatus(SC_MOVED_TEMPORARILY);
-      rsp.setHeader(LOCATION, userService.createLoginURL(req.getRequestURI()));
-      return;
-    }
    Optional<AuthResult> authResult =
        requestAuthenticator.authorize(route.get().action().auth(), req);
    if (!authResult.isPresent()) {
--- a/java/google/registry/request/RouterDisplayHelper.java
+++ b/java/google/registry/request/RouterDisplayHelper.java
@ -38,7 +38,6 @@ import java.util.Map;
 * <li>the simple name of the action class
 * <li>the allowable HTTP methods
 * <li>whether to automatically print "ok" in the response
- * <li>whether login is required
 * <li>the allowable authentication methods
 * <li>the minimum authentication level
 * <li>the user policy
@ -55,7 +54,7 @@ public class RouterDisplayHelper {
  private static final String MINIMUM_LEVEL = "minLevel";

  private static final String FORMAT =
-      "%%-%ds %%-%ds %%-%ds %%-2s %%-5s %%-%ds %%-%ds %%s";
+      "%%-%ds %%-%ds %%-%ds %%-2s %%-%ds %%-%ds %%s";

  /** Returns a string representation of the routing map in the specified component. */
  public static String extractHumanReadableRoutesFromComponent(Class<?> componentClass) {
@ -79,7 +78,6 @@ public class RouterDisplayHelper {
        "CLASS",
        "METHODS",
        "OK",
-        "LOGIN",
        "AUTH_METHODS",
        "MIN",
        "USER_POLICY");
@ -92,7 +90,6 @@ public class RouterDisplayHelper {
        route.actionClass().getSimpleName(),
        Joiner.on(",").join(route.action().method()),
        route.action().automaticallyPrintOk() ? "y" : "n",
-        route.action().requireLogin() ? "y" : "n",
        Joiner.on(",").join(route.action().auth().methods()),
        route.action().auth().minimumLevel(),
        route.action().auth().userPolicy());
--- a/java/google/registry/ui/server/registrar/ConsoleUiAction.java
+++ b/java/google/registry/ui/server/registrar/ConsoleUiAction.java
@ -45,7 +45,6 @@ import javax.servlet.http.HttpServletRequest;
 /** Action that serves Registrar Console single HTML page (SPA). */
@Action(
  path = ConsoleUiAction.PATH,
-  requireLogin = true,
  auth =
      @Auth(
        methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API, Auth.AuthMethod.LEGACY},
--- a/java/google/registry/ui/server/registrar/RegistrarPaymentAction.java
+++ b/java/google/registry/ui/server/registrar/RegistrarPaymentAction.java
@ -97,7 +97,6 @@ import org.joda.money.Money;
@Action(
  path = "/registrar-payment",
  method = Action.Method.POST,
-  requireLogin = true,
  auth =
      @Auth(
        methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API, Auth.AuthMethod.LEGACY},
--- a/java/google/registry/ui/server/registrar/RegistrarPaymentSetupAction.java
+++ b/java/google/registry/ui/server/registrar/RegistrarPaymentSetupAction.java
@ -72,7 +72,6 @@ import org.joda.money.CurrencyUnit;
@Action(
  path = "/registrar-payment-setup",
  method = Action.Method.POST,
-  requireLogin = true,
  auth =
      @Auth(
        methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API, Auth.AuthMethod.LEGACY},
--- a/java/google/registry/ui/server/registrar/RegistrarSettingsAction.java
+++ b/java/google/registry/ui/server/registrar/RegistrarSettingsAction.java
@ -64,7 +64,6 @@ import javax.servlet.http.HttpServletRequest;
 */
@Action(
  path = RegistrarSettingsAction.PATH,
-  requireLogin = true,
  method = Action.Method.POST,
  auth =
      @Auth(
--- a/javatests/google/registry/module/backend/testdata/backend_routing.txt
+++ b/javatests/google/registry/module/backend/testdata/backend_routing.txt
@ -1,38 +1,38 @@
-PATH                                   CLASS                              METHODS  OK LOGIN AUTH_METHODS MIN USER_POLICY
-/_dr/cron/commitLogCheckpoint          CommitLogCheckpointAction          GET      y  n     INTERNAL     APP IGNORED
-/_dr/cron/commitLogFanout              CommitLogFanoutAction              GET      y  n     INTERNAL     APP IGNORED
-/_dr/cron/fanout                       TldFanoutAction                    GET      y  n     INTERNAL     APP IGNORED
-/_dr/cron/readDnsQueue                 ReadDnsQueueAction                 GET      y  n     INTERNAL     APP IGNORED
-/_dr/dnsRefresh                        RefreshDnsAction                   GET      y  n     INTERNAL     APP IGNORED
-/_dr/task/brdaCopy                     BrdaCopyAction                     POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/checkSnapshot                CheckSnapshotAction                POST,GET y  n     INTERNAL     APP IGNORED
-/_dr/task/deleteContactsAndHosts       DeleteContactsAndHostsAction       GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/deleteOldCommitLogs          DeleteOldCommitLogsAction          POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/deleteProberData             DeleteProberDataAction             POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/expandRecurringBillingEvents ExpandRecurringBillingEventsAction GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/exportCommitLogDiff          ExportCommitLogDiffAction          POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/exportDomainLists            ExportDomainListsAction            POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/exportReservedTerms          ExportReservedTermsAction          POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/exportSnapshot               ExportSnapshotAction               POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/importRdeContacts            RdeContactImportAction             GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/importRdeDomains             RdeDomainImportAction              GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/importRdeHosts               RdeHostImportAction                GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/linkRdeHosts                 RdeHostLinkAction                  GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/loadSnapshot                 LoadSnapshotAction                 POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/mapreduceEntityCleanup       MapreduceEntityCleanupAction       GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/metrics                      MetricsExportAction                POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/nordnUpload                  NordnUploadAction                  POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/nordnVerify                  NordnVerifyAction                  POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/pollBigqueryJob              BigqueryPollJobAction              GET,POST y  n     INTERNAL     APP IGNORED
-/_dr/task/publishDnsUpdates            PublishDnsUpdatesAction            POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/rdeReport                    RdeReportAction                    POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/rdeStaging                   RdeStagingAction                   GET,POST n  n     INTERNAL     APP IGNORED
-/_dr/task/rdeUpload                    RdeUploadAction                    POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/refreshDnsOnHostRename       RefreshDnsOnHostRenameAction       GET      n  n     INTERNAL     APP IGNORED
-/_dr/task/syncGroupMembers             SyncGroupMembersAction             POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/syncRegistrarsSheet          SyncRegistrarsSheetAction          POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/tmchCrl                      TmchCrlAction                      POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/tmchDnl                      TmchDnlAction                      POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/tmchSmdrl                    TmchSmdrlAction                    POST     y  n     INTERNAL     APP IGNORED
-/_dr/task/updateSnapshotView           UpdateSnapshotViewAction           POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/verifyEntityIntegrity        VerifyEntityIntegrityAction        POST     n  n     INTERNAL     APP IGNORED
+PATH                                   CLASS                              METHODS  OK AUTH_METHODS MIN USER_POLICY
+/_dr/cron/commitLogCheckpoint          CommitLogCheckpointAction          GET      y  INTERNAL     APP IGNORED
+/_dr/cron/commitLogFanout              CommitLogFanoutAction              GET      y  INTERNAL     APP IGNORED
+/_dr/cron/fanout                       TldFanoutAction                    GET      y  INTERNAL     APP IGNORED
+/_dr/cron/readDnsQueue                 ReadDnsQueueAction                 GET      y  INTERNAL     APP IGNORED
+/_dr/dnsRefresh                        RefreshDnsAction                   GET      y  INTERNAL     APP IGNORED
+/_dr/task/brdaCopy                     BrdaCopyAction                     POST     y  INTERNAL     APP IGNORED
+/_dr/task/checkSnapshot                CheckSnapshotAction                POST,GET y  INTERNAL     APP IGNORED
+/_dr/task/deleteContactsAndHosts       DeleteContactsAndHostsAction       GET      n  INTERNAL     APP IGNORED
+/_dr/task/deleteOldCommitLogs          DeleteOldCommitLogsAction          POST     y  INTERNAL     APP IGNORED
+/_dr/task/deleteProberData             DeleteProberDataAction             POST     n  INTERNAL     APP IGNORED
+/_dr/task/expandRecurringBillingEvents ExpandRecurringBillingEventsAction GET      n  INTERNAL     APP IGNORED
+/_dr/task/exportCommitLogDiff          ExportCommitLogDiffAction          POST     y  INTERNAL     APP IGNORED
+/_dr/task/exportDomainLists            ExportDomainListsAction            POST     n  INTERNAL     APP IGNORED
+/_dr/task/exportReservedTerms          ExportReservedTermsAction          POST     n  INTERNAL     APP IGNORED
+/_dr/task/exportSnapshot               ExportSnapshotAction               POST     y  INTERNAL     APP IGNORED
+/_dr/task/importRdeContacts            RdeContactImportAction             GET      n  INTERNAL     APP IGNORED
+/_dr/task/importRdeDomains             RdeDomainImportAction              GET      n  INTERNAL     APP IGNORED
+/_dr/task/importRdeHosts               RdeHostImportAction                GET      n  INTERNAL     APP IGNORED
+/_dr/task/linkRdeHosts                 RdeHostLinkAction                  GET      n  INTERNAL     APP IGNORED
+/_dr/task/loadSnapshot                 LoadSnapshotAction                 POST     n  INTERNAL     APP IGNORED
+/_dr/task/mapreduceEntityCleanup       MapreduceEntityCleanupAction       GET      n  INTERNAL     APP IGNORED
+/_dr/task/metrics                      MetricsExportAction                POST     n  INTERNAL     APP IGNORED
+/_dr/task/nordnUpload                  NordnUploadAction                  POST     y  INTERNAL     APP IGNORED
+/_dr/task/nordnVerify                  NordnVerifyAction                  POST     y  INTERNAL     APP IGNORED
+/_dr/task/pollBigqueryJob              BigqueryPollJobAction              GET,POST y  INTERNAL     APP IGNORED
+/_dr/task/publishDnsUpdates            PublishDnsUpdatesAction            POST     y  INTERNAL     APP IGNORED
+/_dr/task/rdeReport                    RdeReportAction                    POST     n  INTERNAL     APP IGNORED
+/_dr/task/rdeStaging                   RdeStagingAction                   GET,POST n  INTERNAL     APP IGNORED
+/_dr/task/rdeUpload                    RdeUploadAction                    POST     n  INTERNAL     APP IGNORED
+/_dr/task/refreshDnsOnHostRename       RefreshDnsOnHostRenameAction       GET      n  INTERNAL     APP IGNORED
+/_dr/task/syncGroupMembers             SyncGroupMembersAction             POST     n  INTERNAL     APP IGNORED
+/_dr/task/syncRegistrarsSheet          SyncRegistrarsSheetAction          POST     n  INTERNAL     APP IGNORED
+/_dr/task/tmchCrl                      TmchCrlAction                      POST     y  INTERNAL     APP IGNORED
+/_dr/task/tmchDnl                      TmchDnlAction                      POST     y  INTERNAL     APP IGNORED
+/_dr/task/tmchSmdrl                    TmchSmdrlAction                    POST     y  INTERNAL     APP IGNORED
+/_dr/task/updateSnapshotView           UpdateSnapshotViewAction           POST     n  INTERNAL     APP IGNORED
+/_dr/task/verifyEntityIntegrity        VerifyEntityIntegrityAction        POST     n  INTERNAL     APP IGNORED
--- a/javatests/google/registry/module/frontend/testdata/frontend_routing.txt
+++ b/javatests/google/registry/module/frontend/testdata/frontend_routing.txt
@ -1,19 +1,19 @@
-PATH                     CLASS                       METHODS  OK LOGIN AUTH_METHODS        MIN  USER_POLICY
-/_dr/epp                 EppTlsAction                POST     n  n     INTERNAL,API        APP  ADMIN
-/_dr/whois               WhoisServer                 POST     n  n     INTERNAL,API        APP  ADMIN
-/check                   CheckApiAction              GET      n  n     INTERNAL            NONE PUBLIC
-/rdap/autnum/(*)         RdapAutnumAction            GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/domain/(*)         RdapDomainAction            GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/domains            RdapDomainSearchAction      GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/entities           RdapEntitySearchAction      GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/entity/(*)         RdapEntityAction            GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/help(*)            RdapHelpAction              GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/ip/(*)             RdapIpAction                GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/nameserver/(*)     RdapNameserverAction        GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/rdap/nameservers        RdapNameserverSearchAction  GET,HEAD n  n     INTERNAL            NONE PUBLIC
-/registrar               ConsoleUiAction             GET      n  y     INTERNAL,API,LEGACY NONE PUBLIC
-/registrar-payment       RegistrarPaymentAction      POST     n  y     INTERNAL,API,LEGACY USER PUBLIC
-/registrar-payment-setup RegistrarPaymentSetupAction POST     n  y     INTERNAL,API,LEGACY USER PUBLIC
-/registrar-settings      RegistrarSettingsAction     POST     n  y     INTERNAL,API,LEGACY USER PUBLIC
-/registrar-xhr           EppConsoleAction            POST     n  n     INTERNAL,API,LEGACY USER PUBLIC
-/whois/(*)               WhoisHttpServer             GET      n  n     INTERNAL            NONE PUBLIC
+PATH                     CLASS                       METHODS  OK AUTH_METHODS        MIN  USER_POLICY
+/_dr/epp                 EppTlsAction                POST     n  INTERNAL,API        APP  ADMIN
+/_dr/whois               WhoisServer                 POST     n  INTERNAL,API        APP  ADMIN
+/check                   CheckApiAction              GET      n  INTERNAL            NONE PUBLIC
+/rdap/autnum/(*)         RdapAutnumAction            GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/domain/(*)         RdapDomainAction            GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/domains            RdapDomainSearchAction      GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/entities           RdapEntitySearchAction      GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/entity/(*)         RdapEntityAction            GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/help(*)            RdapHelpAction              GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/ip/(*)             RdapIpAction                GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/nameserver/(*)     RdapNameserverAction        GET,HEAD n  INTERNAL            NONE PUBLIC
+/rdap/nameservers        RdapNameserverSearchAction  GET,HEAD n  INTERNAL            NONE PUBLIC
+/registrar               ConsoleUiAction             GET      n  INTERNAL,API,LEGACY NONE PUBLIC
+/registrar-payment       RegistrarPaymentAction      POST     n  INTERNAL,API,LEGACY USER PUBLIC
+/registrar-payment-setup RegistrarPaymentSetupAction POST     n  INTERNAL,API,LEGACY USER PUBLIC
+/registrar-settings      RegistrarSettingsAction     POST     n  INTERNAL,API,LEGACY USER PUBLIC
+/registrar-xhr           EppConsoleAction            POST     n  INTERNAL,API,LEGACY USER PUBLIC
+/whois/(*)               WhoisHttpServer             GET      n  INTERNAL            NONE PUBLIC
--- a/javatests/google/registry/module/tools/testdata/tools_routing.txt
+++ b/javatests/google/registry/module/tools/testdata/tools_routing.txt
@ -1,21 +1,21 @@
-PATH                            CLASS                       METHODS  OK LOGIN AUTH_METHODS MIN USER_POLICY
-/_dr/admin/createGroups         CreateGroupsAction          POST     n  n     INTERNAL,API APP ADMIN
-/_dr/admin/createPremiumList    CreatePremiumListAction     POST     n  n     INTERNAL,API APP ADMIN
-/_dr/admin/deleteEntity         DeleteEntityAction          GET      n  n     INTERNAL,API APP ADMIN
-/_dr/admin/list/domains         ListDomainsAction           GET,POST n  n     INTERNAL,API APP ADMIN
-/_dr/admin/list/hosts           ListHostsAction             GET,POST n  n     INTERNAL,API APP ADMIN
-/_dr/admin/list/premiumLists    ListPremiumListsAction      GET,POST n  n     INTERNAL,API APP ADMIN
-/_dr/admin/list/registrars      ListRegistrarsAction        GET,POST n  n     INTERNAL,API APP ADMIN
-/_dr/admin/list/reservedLists   ListReservedListsAction     GET,POST n  n     INTERNAL,API APP ADMIN
-/_dr/admin/list/tlds            ListTldsAction              GET,POST n  n     INTERNAL,API APP ADMIN
-/_dr/admin/updatePremiumList    UpdatePremiumListAction     POST     n  n     INTERNAL,API APP ADMIN
-/_dr/admin/verifyOte            VerifyOteAction             POST     n  n     INTERNAL,API APP ADMIN
-/_dr/epptool                    EppToolAction               POST     n  n     INTERNAL,API APP ADMIN
-/_dr/loadtest                   LoadTestAction              POST     y  n     INTERNAL,API APP ADMIN
-/_dr/publishDetailReport        PublishDetailReportAction   POST     n  n     INTERNAL,API APP ADMIN
-/_dr/task/generateZoneFiles     GenerateZoneFilesAction     POST     n  n     INTERNAL,API APP ADMIN
-/_dr/task/killAllCommitLogs     KillAllCommitLogsAction     POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/killAllEppResources   KillAllEppResourcesAction   POST     n  n     INTERNAL     APP IGNORED
-/_dr/task/refreshAllDomains     RefreshAllDomainsAction     GET      n  n     INTERNAL,API APP ADMIN
-/_dr/task/resaveAllEppResources ResaveAllEppResourcesAction GET      n  n     INTERNAL,API APP ADMIN
-/_dr/task/restoreCommitLogs     RestoreCommitLogsAction     POST     y  n     INTERNAL,API APP ADMIN
+PATH                            CLASS                       METHODS  OK AUTH_METHODS MIN USER_POLICY
+/_dr/admin/createGroups         CreateGroupsAction          POST     n  INTERNAL,API APP ADMIN
+/_dr/admin/createPremiumList    CreatePremiumListAction     POST     n  INTERNAL,API APP ADMIN
+/_dr/admin/deleteEntity         DeleteEntityAction          GET      n  INTERNAL,API APP ADMIN
+/_dr/admin/list/domains         ListDomainsAction           GET,POST n  INTERNAL,API APP ADMIN
+/_dr/admin/list/hosts           ListHostsAction             GET,POST n  INTERNAL,API APP ADMIN
+/_dr/admin/list/premiumLists    ListPremiumListsAction      GET,POST n  INTERNAL,API APP ADMIN
+/_dr/admin/list/registrars      ListRegistrarsAction        GET,POST n  INTERNAL,API APP ADMIN
+/_dr/admin/list/reservedLists   ListReservedListsAction     GET,POST n  INTERNAL,API APP ADMIN
+/_dr/admin/list/tlds            ListTldsAction              GET,POST n  INTERNAL,API APP ADMIN
+/_dr/admin/updatePremiumList    UpdatePremiumListAction     POST     n  INTERNAL,API APP ADMIN
+/_dr/admin/verifyOte            VerifyOteAction             POST     n  INTERNAL,API APP ADMIN
+/_dr/epptool                    EppToolAction               POST     n  INTERNAL,API APP ADMIN
+/_dr/loadtest                   LoadTestAction              POST     y  INTERNAL,API APP ADMIN
+/_dr/publishDetailReport        PublishDetailReportAction   POST     n  INTERNAL,API APP ADMIN
+/_dr/task/generateZoneFiles     GenerateZoneFilesAction     POST     n  INTERNAL,API APP ADMIN
+/_dr/task/killAllCommitLogs     KillAllCommitLogsAction     POST     n  INTERNAL     APP IGNORED
+/_dr/task/killAllEppResources   KillAllEppResourcesAction   POST     n  INTERNAL     APP IGNORED
+/_dr/task/refreshAllDomains     RefreshAllDomainsAction     GET      n  INTERNAL,API APP ADMIN
+/_dr/task/resaveAllEppResources ResaveAllEppResourcesAction GET      n  INTERNAL,API APP ADMIN
+/_dr/task/restoreCommitLogs     RestoreCommitLogsAction     POST     y  INTERNAL,API APP ADMIN
--- a/javatests/google/registry/request/RequestHandlerTest.java
+++ b/javatests/google/registry/request/RequestHandlerTest.java
@ -97,17 +97,6 @@ public final class RequestHandlerTest {
    public void run() {}
  }

-  @Action(
-    path = "/users-only",
-    method = GET,
-    requireLogin = true,
-    auth = @Auth(minimumLevel = AuthLevel.NONE)
-  )
-  public static class UsersOnlyAction implements Runnable {
-    @Override
-    public void run() {}
-  }
-
  @Action(path = "/fail", auth = @Auth(minimumLevel = AuthLevel.NONE))
  public static final class FailTask implements Runnable {
    @Override
@ -189,10 +178,6 @@ public final class RequestHandlerTest {
      return safeSlothTask;
    }

-    public UsersOnlyAction usersOnlyAction() {
-      return usersOnlyAction;
-    }
-
    public FailTask failTask() {
      return new FailTask();
    }
@ -223,7 +208,6 @@ public final class RequestHandlerTest {
  private final HttpServletResponse rsp = mock(HttpServletResponse.class);
  private final BumblebeeTask bumblebeeTask = mock(BumblebeeTask.class);
  private final SlothTask slothTask = mock(SlothTask.class);
-  private final UsersOnlyAction usersOnlyAction = mock(UsersOnlyAction.class);
  private final SafeSlothTask safeSlothTask = mock(SafeSlothTask.class);

  private final Component component = new Component();
@ -259,7 +243,6 @@ public final class RequestHandlerTest {
            return component;
          }
        }),
-        userService,
        requestAuthenticator);
    when(rsp.getWriter()).thenReturn(new PrintWriter(httpOutput));
  }
@ -400,24 +383,6 @@ public final class RequestHandlerTest {
    verify(safeSlothTask).run();
  }

-  @Test
-  public void testMustBeLoggedIn_notLoggedIn_redirectsToLoginPage() throws Exception {
-    when(req.getMethod()).thenReturn("GET");
-    when(req.getRequestURI()).thenReturn("/users-only");
-    handler.handleRequest(req, rsp);
-    verify(rsp).setStatus(302);
-    verify(rsp).setHeader("Location", "/login?dest=/users-only");
-  }
-
-  @Test
-  public void testMustBeLoggedIn_loggedIn_runsAction() throws Exception {
-    userService.setUser(testUser,  false);
-    when(req.getMethod()).thenReturn("GET");
-    when(req.getRequestURI()).thenReturn("/users-only");
-    handler.handleRequest(req, rsp);
-    verify(usersOnlyAction).run();
-  }
-
  @Test
  public void testNoAuthNeeded_success() throws Exception {
    when(req.getMethod()).thenReturn("GET");