zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-13 16:07:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge gtech_tool functionality into registry_tool

Browse source 
This change consolidates gtech_tool into registry_tool.  Since App Engine has
no actual ACLs on the remote API (any access is essentially root access), we're
removing this to avoid giving the impression to users that gtech_tool is truly
locked down from a security perspective compared to registry_tool.

In addition to merging GtechTool.COMMAND_MAP into RegistryTool.COMMAND_MAP, this
change also removes the {create,update}_sandbox_tld commands (which only made
sense for gtech_tool) and removes references to gtech_tool in the documentation.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=134828710
This commit is contained in:
nickfelt 2016-09-30 14:37:27 -07:00 committed by Ben McIlwain
parent f969e58025
commit ee13ee35b0
8 changed files with 50 additions and 282 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docs/registry-tool.md
View file

@ -31,16 +31,6 @@ registry_tool without specifying a command name, e.g.:
Note that the documentation for the commands comes from JCommander, which parses Note that the documentation for the commands comes from JCommander, which parses
metadata contained within the code to yield documentation. metadata contained within the code to yield documentation.
## Tech support commands
There are actually two separate tools, `gtech_tool`, which is a collection of
lower impact commands intended to be used by tech support personnel, and
`registry_tool`, which is a superset of `gtech_tool` that contains additional
commands that are potentially more destructive and can change more aspects of
the system. A full list of `gtech_tool` commands can be found in
`GtechTool.java`, and the additional commands that only `registry_tool` has
access to are in `RegistryTool.java`.
## Local and server-side commands ## Local and server-side commands
There are two broad ways that commands are implemented: some that send requests There are two broad ways that commands are implemented: some that send requests

10
java/google/registry/tools/BUILD
View file

@ -96,13 +96,3 @@ java_binary(
], ],
) )
java_binary(
name = "gtech_tool",
create_executable = 1,
main_class = "google.registry.tools.GtechTool",
runtime_deps = [
":tools",
"//third_party/java/appengine:appengine-api-link",
"//third_party/java/appengine:appengine-remote-api-link",
],
)

33
java/google/registry/tools/CreateSandboxTldCommand.java
View file

@ -1,33 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.tools;
import static com.google.common.base.Preconditions.checkArgument;
import com.beust.jcommander.Parameters;
import google.registry.config.RegistryEnvironment;
import google.registry.tools.Command.GtechCommand;
/** Command to create a TLD in sandbox, separated out for Gtech use. */
@Parameters(separators = " =", commandDescription = "Create new sandbox TLD(s)")
final class CreateSandboxTldCommand extends CreateTldCommand implements GtechCommand {
@Override
void assertAllowedEnvironment() {
checkArgument(
RegistryEnvironment.get() == RegistryEnvironment.SANDBOX,
"This command can only be run in the sandbox environment");
}
}

85
java/google/registry/tools/GtechTool.java
View file

@ -1,85 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.tools;
import com.google.common.collect.ImmutableMap;
import google.registry.tools.Command.GtechCommand;
/** Command line interface with a subset of commands that are safe for tech support to run. */
public final class GtechTool {
/**
* Commands that exist in both {@link GtechTool} and {@link RegistryTool}.
*
* <p><b>Note:</b> If changing the command-line name of any commands below, remember to resolve
* any invocations in scripts (e.g. PDT, ICANN reporting).
*/
static final ImmutableMap<String, Class<? extends GtechCommand>> COMMAND_MAP =
new ImmutableMap.Builder<String, Class<? extends GtechCommand>>()
.put("auction_status", AuctionStatusCommand.class)
.put("canonicalize_labels", CanonicalizeLabelsCommand.class)
.put("convert_idn", ConvertIdnCommand.class)
.put("create_anchor_tenant", CreateAnchorTenantCommand.class)
.put("create_contact", CreateContactCommand.class)
.put("create_credit", CreateCreditCommand.class)
.put("create_credit_balance", CreateCreditBalanceCommand.class)
.put("create_domain", CreateDomainCommand.class)
.put("create_host", CreateHostCommand.class)
.put("create_lrp_tokens", CreateLrpTokensCommand.class)
.put("create_registrar", CreateRegistrarCommand.class)
.put("create_registrar_groups", CreateRegistrarGroupsCommand.class)
.put("create_sandbox_tld", CreateSandboxTldCommand.class)
.put("delete_domain", DeleteDomainCommand.class)
.put("domain_application_info", DomainApplicationInfoCommand.class)
.put("domain_check", DomainCheckCommand.class)
.put("domain_check_claims", DomainCheckClaimsCommand.class)
.put("domain_check_fee", DomainCheckFeeCommand.class)
.put("generate_applications_report", GenerateApplicationsReportCommand.class)
.put("generate_auction_data", GenerateAuctionDataCommand.class)
.put("generate_dns_report", GenerateDnsReportCommand.class)
.put("get_application", GetApplicationCommand.class)
.put("get_application_ids", GetApplicationIdsCommand.class)
.put("get_applied_labels", GetAppliedLabelsCommand.class)
.put("get_contact", GetContactCommand.class)
.put("get_domain", GetDomainCommand.class)
.put("get_history_entries", GetHistoryEntriesCommand.class)
.put("get_host", GetHostCommand.class)
.put("get_lrp_token", GetLrpTokenCommand.class)
.put("get_registrar", GetRegistrarCommand.class)
.put("get_schema", GetSchemaCommand.class)
.put("get_schema_tree", GetSchemaTreeCommand.class)
.put("get_tld", GetTldCommand.class)
.put("hash_certificate", HashCertificateCommand.class)
.put("list_credits", ListCreditsCommand.class)
.put("list_registrars", ListRegistrarsCommand.class)
.put("list_tlds", ListTldsCommand.class)
.put("publish_detail_report", PublishDetailReportCommand.class)
.put("registrar_activity_report", RegistrarActivityReportCommand.class)
.put("registrar_contact", RegistrarContactCommand.class)
.put("setup_ote", SetupOteCommand.class)
.put("uniform_rapid_suspension", UniformRapidSuspensionCommand.class)
.put("update_registrar", UpdateRegistrarCommand.class)
.put("update_sandbox_tld", UpdateSandboxTldCommand.class)
.put("update_server_locks", UpdateServerLocksCommand.class)
.put("validate_login_credentials", ValidateLoginCredentialsCommand.class)
.put("verify_ote", VerifyOteCommand.class)
.put("whois_query", WhoisQueryCommand.class)
.build();
public static void main(String[] args) throws Exception {
RegistryToolEnvironment.parseFromArgs(args).setup();
new RegistryCli().run("gtech_tool", args, COMMAND_MAP);
}
}

54
java/google/registry/tools/RegistryTool.java
View file

@ -14,9 +14,7 @@
package google.registry.tools; package google.registry.tools;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSortedMap;
import google.registry.tools.javascrap.LoadAndResaveCommand; import google.registry.tools.javascrap.LoadAndResaveCommand;
import google.registry.tools.javascrap.RemoveIpAddressCommand; import google.registry.tools.javascrap.RemoveIpAddressCommand;
@ -29,51 +27,95 @@ public final class RegistryTool {
* <p><b>Note:</b> If changing the command-line name of any commands below, remember to resolve * <p><b>Note:</b> If changing the command-line name of any commands below, remember to resolve
* any invocations in scripts (e.g. PDT, ICANN reporting). * any invocations in scripts (e.g. PDT, ICANN reporting).
*/ */
@VisibleForTesting public static final ImmutableMap<String, Class<? extends Command>> COMMAND_MAP =
static final ImmutableMap<String, Class<? extends Command>> COMMAND_MAP = new ImmutableMap.Builder<String, Class<? extends Command>>()
ImmutableSortedMap.<String, Class<? extends Command>>naturalOrder()
.putAll(GtechTool.COMMAND_MAP)
.put("allocate_domain", AllocateDomainCommand.class) .put("allocate_domain", AllocateDomainCommand.class)
.put("auction_status", AuctionStatusCommand.class)
.put("canonicalize_labels", CanonicalizeLabelsCommand.class)
.put("check_snapshot", CheckSnapshotCommand.class) .put("check_snapshot", CheckSnapshotCommand.class)
.put("convert_idn", ConvertIdnCommand.class)
.put("create_anchor_tenant", CreateAnchorTenantCommand.class)
.put("create_auction_credits", CreateAuctionCreditsCommand.class) .put("create_auction_credits", CreateAuctionCreditsCommand.class)
.put("create_contact", CreateContactCommand.class)
.put("create_credit", CreateCreditCommand.class)
.put("create_credit_balance", CreateCreditBalanceCommand.class)
.put("create_domain", CreateDomainCommand.class)
.put("create_host", CreateHostCommand.class)
.put("create_lrp_tokens", CreateLrpTokensCommand.class)
.put("create_premium_list", CreatePremiumListCommand.class) .put("create_premium_list", CreatePremiumListCommand.class)
.put("create_registrar", CreateRegistrarCommand.class)
.put("create_registrar_groups", CreateRegistrarGroupsCommand.class)
.put("create_reserved_list", CreateReservedListCommand.class) .put("create_reserved_list", CreateReservedListCommand.class)
.put("create_tld", CreateTldCommand.class) .put("create_tld", CreateTldCommand.class)
.put("delete_credit", DeleteCreditCommand.class) .put("delete_credit", DeleteCreditCommand.class)
.put("delete_domain", DeleteDomainCommand.class)
.put("delete_entity", DeleteEntityCommand.class) .put("delete_entity", DeleteEntityCommand.class)
.put("delete_epp_resource", DeleteEppResourceCommand.class) .put("delete_epp_resource", DeleteEppResourceCommand.class)
.put("delete_premium_list", DeletePremiumListCommand.class) .put("delete_premium_list", DeletePremiumListCommand.class)
.put("delete_reserved_list", DeleteReservedListCommand.class) .put("delete_reserved_list", DeleteReservedListCommand.class)
.put("domain_application_info", DomainApplicationInfoCommand.class)
.put("domain_check", DomainCheckCommand.class)
.put("domain_check_claims", DomainCheckClaimsCommand.class)
.put("domain_check_fee", DomainCheckFeeCommand.class)
.put("encrypt_escrow_deposit", EncryptEscrowDepositCommand.class) .put("encrypt_escrow_deposit", EncryptEscrowDepositCommand.class)
.put("execute_epp", ExecuteEppCommand.class) .put("execute_epp", ExecuteEppCommand.class)
.put("generate_applications_report", GenerateApplicationsReportCommand.class)
.put("generate_auction_data", GenerateAuctionDataCommand.class)
.put("generate_dns_report", GenerateDnsReportCommand.class)
.put("generate_escrow_deposit", GenerateEscrowDepositCommand.class) .put("generate_escrow_deposit", GenerateEscrowDepositCommand.class)
.put("generate_lordn", GenerateLordnCommand.class) .put("generate_lordn", GenerateLordnCommand.class)
.put("generate_zone_files", GenerateZoneFilesCommand.class) .put("generate_zone_files", GenerateZoneFilesCommand.class)
.put("get_application", GetApplicationCommand.class)
.put("get_application_ids", GetApplicationIdsCommand.class)
.put("get_applied_labels", GetAppliedLabelsCommand.class)
.put("get_claims_list", GetClaimsListCommand.class) .put("get_claims_list", GetClaimsListCommand.class)
.put("get_contact", GetContactCommand.class)
.put("get_domain", GetDomainCommand.class)
.put("get_history_entries", GetHistoryEntriesCommand.class)
.put("get_host", GetHostCommand.class)
.put("get_lrp_token", GetLrpTokenCommand.class)
.put("get_registrar", GetRegistrarCommand.class)
.put("get_resource_by_key", GetResourceByKeyCommand.class) .put("get_resource_by_key", GetResourceByKeyCommand.class)
.put("get_schema", GetSchemaCommand.class)
.put("get_schema_tree", GetSchemaTreeCommand.class)
.put("get_tld", GetTldCommand.class)
.put("ghostryde", GhostrydeCommand.class) .put("ghostryde", GhostrydeCommand.class)
.put("hash_certificate", HashCertificateCommand.class)
.put("list_credits", ListCreditsCommand.class)
.put("list_cursors", ListCursorsCommand.class) .put("list_cursors", ListCursorsCommand.class)
.put("list_domains", ListDomainsCommand.class) .put("list_domains", ListDomainsCommand.class)
.put("list_hosts", ListHostsCommand.class) .put("list_hosts", ListHostsCommand.class)
.put("list_premium_lists", ListPremiumListsCommand.class) .put("list_premium_lists", ListPremiumListsCommand.class)
.put("list_registrars", ListRegistrarsCommand.class)
.put("list_reserved_lists", ListReservedListsCommand.class) .put("list_reserved_lists", ListReservedListsCommand.class)
.put("list_tlds", ListTldsCommand.class)
.put("load_and_resave", LoadAndResaveCommand.class) .put("load_and_resave", LoadAndResaveCommand.class)
.put("load_snapshot", LoadSnapshotCommand.class) .put("load_snapshot", LoadSnapshotCommand.class)
.put("make_billing_tables", MakeBillingTablesCommand.class) .put("make_billing_tables", MakeBillingTablesCommand.class)
.put("pending_escrow", PendingEscrowCommand.class) .put("pending_escrow", PendingEscrowCommand.class)
.put("publish_detail_report", PublishDetailReportCommand.class)
.put("registrar_activity_report", RegistrarActivityReportCommand.class)
.put("registrar_contact", RegistrarContactCommand.class)
.put("remove_ip_address", RemoveIpAddressCommand.class) .put("remove_ip_address", RemoveIpAddressCommand.class)
.put("resave_environment_entities", ResaveEnvironmentEntitiesCommand.class) .put("resave_environment_entities", ResaveEnvironmentEntitiesCommand.class)
.put("send_escrow_report_to_icann", SendEscrowReportToIcannCommand.class) .put("send_escrow_report_to_icann", SendEscrowReportToIcannCommand.class)
.put("setup_ote", SetupOteCommand.class)
.put("uniform_rapid_suspension", UniformRapidSuspensionCommand.class)
.put("update_application_status", UpdateApplicationStatusCommand.class) .put("update_application_status", UpdateApplicationStatusCommand.class)
.put("update_claims_notice", UpdateClaimsNoticeCommand.class) .put("update_claims_notice", UpdateClaimsNoticeCommand.class)
.put("update_credits", UpdateCreditsCommand.class) .put("update_credits", UpdateCreditsCommand.class)
.put("update_cursors", UpdateCursorsCommand.class) .put("update_cursors", UpdateCursorsCommand.class)
.put("update_premium_list", UpdatePremiumListCommand.class) .put("update_premium_list", UpdatePremiumListCommand.class)
.put("update_registrar", UpdateRegistrarCommand.class)
.put("update_reserved_list", UpdateReservedListCommand.class) .put("update_reserved_list", UpdateReservedListCommand.class)
.put("update_server_locks", UpdateServerLocksCommand.class)
.put("update_smd", UpdateSmdCommand.class) .put("update_smd", UpdateSmdCommand.class)
.put("update_tld", UpdateTldCommand.class) .put("update_tld", UpdateTldCommand.class)
.put("upload_claims_list", UploadClaimsListCommand.class) .put("upload_claims_list", UploadClaimsListCommand.class)
.put("validate_escrow_deposit", ValidateEscrowDepositCommand.class) .put("validate_escrow_deposit", ValidateEscrowDepositCommand.class)
.put("validate_login_credentials", ValidateLoginCredentialsCommand.class)
.put("verify_ote", VerifyOteCommand.class)
.put("whois_query", WhoisQueryCommand.class)
.build(); .build();
public static void main(String[] args) throws Exception { public static void main(String[] args) throws Exception {

3
java/google/registry/tools/UniformRapidSuspensionCommand.java
View file

@ -181,7 +181,8 @@ final class UniformRapidSuspensionCommand extends MutatingEppToolCommand impleme
if (undo) { if (undo) {
return ""; return "";
} }
StringBuilder undoBuilder = new StringBuilder("UNDO COMMAND:\n\ngtech_tool -e ") StringBuilder undoBuilder = new StringBuilder("UNDO COMMAND:\n\n)")
.append("registry_tool -e ")
.append(RegistryToolEnvironment.get()) .append(RegistryToolEnvironment.get())
.append(" uniform_rapid_suspension --undo --domain_name ") .append(" uniform_rapid_suspension --undo --domain_name ")
.append(domainName); .append(domainName);

33
java/google/registry/tools/UpdateSandboxTldCommand.java
View file

@ -1,33 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.tools;
import static com.google.common.base.Preconditions.checkArgument;
import com.beust.jcommander.Parameters;
import google.registry.config.RegistryEnvironment;
import google.registry.tools.Command.GtechCommand;
/** Command to update a TLD in sandbox, separated out for Gtech use. */
@Parameters(separators = " =", commandDescription = "Update new sandbox TLD(s)")
final class UpdateSandboxTldCommand extends UpdateTldCommand implements GtechCommand {
@Override
void assertAllowedEnvironment() {
checkArgument(
RegistryEnvironment.get() == RegistryEnvironment.SANDBOX,
"This command can only be run in the sandbox environment");
}
}

104
javatests/google/registry/tools/GtechToolTest.java
View file

@ -1,104 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.tools;
import static com.google.common.base.CaseFormat.LOWER_UNDERSCORE;
import static com.google.common.base.CaseFormat.UPPER_CAMEL;
import static com.google.common.reflect.Reflection.getPackageName;
import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth.assertWithMessage;
import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
import com.google.common.reflect.ClassPath;
import com.google.common.reflect.ClassPath.ClassInfo;
import com.google.common.truth.Expect;
import google.registry.tools.Command.GtechCommand;
import java.io.IOException;
import java.lang.reflect.Modifier;
import java.util.Map;
import java.util.Set;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
/** Unit tests for {@link GtechTool}. */
@RunWith(JUnit4.class)
public class GtechToolTest {
@Rule
public final Expect expect = Expect.create();
@Before
public void init() {
RegistryToolEnvironment.UNITTEST.setup();
}
@Test
public void test_commandMap_namesAreInAlphabeticalOrder() throws Exception {
assertThat(GtechTool.COMMAND_MAP.keySet()).isStrictlyOrdered();
}
@Test
public void testThatAllCommandsAreInCliOptions() throws Exception {
Set<Class<? extends GtechCommand>> commandMapClasses =
ImmutableSet.copyOf(GtechTool.COMMAND_MAP.values());
Set<Class<? extends GtechCommand>> commandsWithoutCliInvokers =
Sets.difference(getAllCommandClasses(), commandMapClasses);
String errorMsg =
"These Command classes are missing from GtechTool.COMMAND_MAP: "
+ Joiner.on(", ").join(commandsWithoutCliInvokers);
assertWithMessage(errorMsg).that(commandsWithoutCliInvokers).isEmpty();
}
@Test
public void testThatCommandNamesAreDerivedFromClassNames() throws Exception {
for (Map.Entry<String, ? extends Class<? extends Command>> commandEntry :
GtechTool.COMMAND_MAP.entrySet()) {
String className = commandEntry.getValue().getSimpleName();
expect.that(commandEntry.getKey())
// JCommander names should match the class name, up to "Command" and case formatting.
.isEqualTo(UPPER_CAMEL.to(LOWER_UNDERSCORE, className.replaceFirst("Command$", "")));
}
}
/**
* Gets the set of all non-abstract classes implementing the {@link GtechCommand} interface
* (abstract class and interface subtypes of Command aren't expected to have cli commands). Note
* that this also filters out HelpCommand, which has special handling in {@link RegistryCli} and
* isn't in the command map.
*
* @throws IOException if reading the classpath resources fails.
*/
@SuppressWarnings("unchecked")
private ImmutableSet<Class<? extends GtechCommand>> getAllCommandClasses() throws IOException {
ImmutableSet.Builder<Class<? extends GtechCommand>> builder = new ImmutableSet.Builder<>();
for (ClassInfo classInfo : ClassPath
.from(getClass().getClassLoader())
.getTopLevelClasses(getPackageName(getClass()))) {
Class<?> clazz = classInfo.load();
if (GtechCommand.class.isAssignableFrom(clazz)
&& !Modifier.isAbstract(clazz.getModifiers())
&& !Modifier.isInterface(clazz.getModifiers())
&& !clazz.equals(HelpCommand.class)) {
builder.add((Class<? extends GtechCommand>) clazz);
}
}
return builder.build();
}
}