mirror of
https://github.com/google/nomulus.git
synced 2025-05-13 16:07:15 +02:00
Change auth settings on some tools service actions
This brings the affected actions into line with the settings on other similar actions. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=157259842
This commit is contained in:
mountford
Ben McIlwain
parent
e46937beac
commit
bc63d80a5e
6 changed files with 40 additions and 9 deletions
|
|
@ -11,6 +11,7 @@ java_library(
|
||||||
deps = [
|
deps = [
|
||||||
"//java/google/registry/config",
|
"//java/google/registry/config",
|
||||||
"//java/google/registry/request",
|
"//java/google/registry/request",
|
||||||
|
"//java/google/registry/request/auth",
|
||||||
"//java/google/registry/security",
|
"//java/google/registry/security",
|
||||||
"//java/google/registry/util",
|
"//java/google/registry/util",
|
||||||
"//third_party/java/objectify:objectify-v4_1",
|
"//third_party/java/objectify:objectify-v4_1",
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,8 @@ import com.google.common.collect.Iterators;
|
||||||
import google.registry.config.RegistryEnvironment;
|
import google.registry.config.RegistryEnvironment;
|
||||||
import google.registry.request.Action;
|
import google.registry.request.Action;
|
||||||
import google.registry.request.Parameter;
|
import google.registry.request.Parameter;
|
||||||
|
import google.registry.request.auth.Auth;
|
||||||
|
import google.registry.request.auth.AuthLevel;
|
||||||
import google.registry.security.XsrfTokenManager;
|
import google.registry.security.XsrfTokenManager;
|
||||||
import google.registry.util.FormattingLogger;
|
import google.registry.util.FormattingLogger;
|
||||||
import google.registry.util.TaskEnqueuer;
|
import google.registry.util.TaskEnqueuer;
|
||||||
|
|
@ -47,15 +49,22 @@ import org.joda.time.DateTime;
|
||||||
* Simple load test action that can generate configurable QPSes of various EPP actions.
|
* Simple load test action that can generate configurable QPSes of various EPP actions.
|
||||||
*
|
*
|
||||||
* <p>All aspects of the load test are configured via URL parameters that are specified when the
|
* <p>All aspects of the load test are configured via URL parameters that are specified when the
|
||||||
* loadtest URL is being POSTed to. The {@code clientId} and {@code tld} parameters are required.
|
* loadtest URL is being POSTed to. The {@code clientId} and {@code tld} parameters are required.
|
||||||
* All of the other parameters are optional, but if none are specified then no actual load testing
|
* All of the other parameters are optional, but if none are specified then no actual load testing
|
||||||
* will be done since all of the different kinds of checks default to running zero per second. So at
|
* will be done since all of the different kinds of checks default to running zero per second. So at
|
||||||
* least one must be specified in order for load testing to do anything.
|
* least one must be specified in order for load testing to do anything.
|
||||||
*/
|
*/
|
||||||
@Action(
|
@Action(
|
||||||
path = LoadTestAction.PATH,
|
path = LoadTestAction.PATH,
|
||||||
method = Action.Method.POST,
|
method = Action.Method.POST,
|
||||||
automaticallyPrintOk = true)
|
automaticallyPrintOk = true,
|
||||||
|
auth =
|
||||||
|
@Auth(
|
||||||
|
methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API},
|
||||||
|
minimumLevel = AuthLevel.APP,
|
||||||
|
userPolicy = Auth.UserPolicy.ADMIN
|
||||||
|
)
|
||||||
|
)
|
||||||
public class LoadTestAction implements Runnable {
|
public class LoadTestAction implements Runnable {
|
||||||
|
|
||||||
private static final FormattingLogger logger = getLoggerForCallerClass();
|
private static final FormattingLogger logger = getLoggerForCallerClass();
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,8 @@ import google.registry.mapreduce.inputs.EppResourceInputs;
|
||||||
import google.registry.model.EppResource;
|
import google.registry.model.EppResource;
|
||||||
import google.registry.request.Action;
|
import google.registry.request.Action;
|
||||||
import google.registry.request.Response;
|
import google.registry.request.Response;
|
||||||
|
import google.registry.request.auth.Auth;
|
||||||
|
import google.registry.request.auth.AuthLevel;
|
||||||
import javax.inject.Inject;
|
import javax.inject.Inject;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -39,7 +41,15 @@ import javax.inject.Inject;
|
||||||
* run internally, or by pretending to be internal by setting the X-AppEngine-QueueName header,
|
* run internally, or by pretending to be internal by setting the X-AppEngine-QueueName header,
|
||||||
* which only admin users can do.
|
* which only admin users can do.
|
||||||
*/
|
*/
|
||||||
@Action(path = "/_dr/task/resaveAllEppResources")
|
@Action(
|
||||||
|
path = "/_dr/task/resaveAllEppResources",
|
||||||
|
auth =
|
||||||
|
@Auth(
|
||||||
|
methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API},
|
||||||
|
minimumLevel = AuthLevel.APP,
|
||||||
|
userPolicy = Auth.UserPolicy.ADMIN
|
||||||
|
)
|
||||||
|
)
|
||||||
public class ResaveAllEppResourcesAction implements Runnable {
|
public class ResaveAllEppResourcesAction implements Runnable {
|
||||||
|
|
||||||
@Inject MapreduceRunner mrRunner;
|
@Inject MapreduceRunner mrRunner;
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,7 @@ java_library(
|
||||||
"//java/google/registry/mapreduce/inputs",
|
"//java/google/registry/mapreduce/inputs",
|
||||||
"//java/google/registry/model",
|
"//java/google/registry/model",
|
||||||
"//java/google/registry/request",
|
"//java/google/registry/request",
|
||||||
|
"//java/google/registry/request/auth",
|
||||||
"//java/google/registry/util",
|
"//java/google/registry/util",
|
||||||
"//third_party/java/objectify:objectify-v4_1",
|
"//third_party/java/objectify:objectify-v4_1",
|
||||||
"@com_google_appengine_api_1_0_sdk",
|
"@com_google_appengine_api_1_0_sdk",
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,8 @@ import google.registry.model.EppResourceUtils;
|
||||||
import google.registry.model.domain.DomainResource;
|
import google.registry.model.domain.DomainResource;
|
||||||
import google.registry.request.Action;
|
import google.registry.request.Action;
|
||||||
import google.registry.request.Response;
|
import google.registry.request.Response;
|
||||||
|
import google.registry.request.auth.Auth;
|
||||||
|
import google.registry.request.auth.AuthLevel;
|
||||||
import google.registry.util.FormattingLogger;
|
import google.registry.util.FormattingLogger;
|
||||||
import javax.inject.Inject;
|
import javax.inject.Inject;
|
||||||
import org.joda.time.DateTime;
|
import org.joda.time.DateTime;
|
||||||
|
|
@ -37,7 +39,15 @@ import org.joda.time.DateTimeZone;
|
||||||
* run internally, or by pretending to be internal by setting the X-AppEngine-QueueName header,
|
* run internally, or by pretending to be internal by setting the X-AppEngine-QueueName header,
|
||||||
* which only admin users can do.
|
* which only admin users can do.
|
||||||
*/
|
*/
|
||||||
@Action(path = "/_dr/task/refreshAllDomains")
|
@Action(
|
||||||
|
path = "/_dr/task/refreshAllDomains",
|
||||||
|
auth =
|
||||||
|
@Auth(
|
||||||
|
methods = {Auth.AuthMethod.INTERNAL, Auth.AuthMethod.API},
|
||||||
|
minimumLevel = AuthLevel.APP,
|
||||||
|
userPolicy = Auth.UserPolicy.ADMIN
|
||||||
|
)
|
||||||
|
)
|
||||||
public class RefreshAllDomainsAction implements Runnable {
|
public class RefreshAllDomainsAction implements Runnable {
|
||||||
|
|
||||||
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
|
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
|
||||||
|
|
|
||||||
|
|
@ -11,11 +11,11 @@ PATH CLASS METHODS OK XSRF SCO
|
||||||
/_dr/admin/updatePremiumList UpdatePremiumListAction POST n n app n INTERNAL,API APP ADMIN
|
/_dr/admin/updatePremiumList UpdatePremiumListAction POST n n app n INTERNAL,API APP ADMIN
|
||||||
/_dr/admin/verifyOte VerifyOteAction POST n y admin n INTERNAL,API APP ADMIN
|
/_dr/admin/verifyOte VerifyOteAction POST n y admin n INTERNAL,API APP ADMIN
|
||||||
/_dr/epptool EppToolAction POST n y admin n INTERNAL,API APP ADMIN
|
/_dr/epptool EppToolAction POST n y admin n INTERNAL,API APP ADMIN
|
||||||
/_dr/loadtest LoadTestAction POST y n app n INTERNAL APP IGNORED
|
/_dr/loadtest LoadTestAction POST y n app n INTERNAL,API APP ADMIN
|
||||||
/_dr/publishDetailReport PublishDetailReportAction POST n y admin n INTERNAL,API APP ADMIN
|
/_dr/publishDetailReport PublishDetailReportAction POST n y admin n INTERNAL,API APP ADMIN
|
||||||
/_dr/task/generateZoneFiles GenerateZoneFilesAction POST n n app n INTERNAL,API APP ADMIN
|
/_dr/task/generateZoneFiles GenerateZoneFilesAction POST n n app n INTERNAL,API APP ADMIN
|
||||||
/_dr/task/killAllCommitLogs KillAllCommitLogsAction POST n n app n INTERNAL APP IGNORED
|
/_dr/task/killAllCommitLogs KillAllCommitLogsAction POST n n app n INTERNAL APP IGNORED
|
||||||
/_dr/task/killAllEppResources KillAllEppResourcesAction POST n n app n INTERNAL APP IGNORED
|
/_dr/task/killAllEppResources KillAllEppResourcesAction POST n n app n INTERNAL APP IGNORED
|
||||||
/_dr/task/refreshAllDomains RefreshAllDomainsAction GET n n app n INTERNAL APP IGNORED
|
/_dr/task/refreshAllDomains RefreshAllDomainsAction GET n n app n INTERNAL,API APP ADMIN
|
||||||
/_dr/task/resaveAllEppResources ResaveAllEppResourcesAction GET n n app n INTERNAL APP IGNORED
|
/_dr/task/resaveAllEppResources ResaveAllEppResourcesAction GET n n app n INTERNAL,API APP ADMIN
|
||||||
/_dr/task/restoreCommitLogs RestoreCommitLogsAction POST y n app n INTERNAL,API APP ADMIN
|
/_dr/task/restoreCommitLogs RestoreCommitLogsAction POST y n app n INTERNAL,API APP ADMIN
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue