mirror of
https://github.com/google/nomulus.git
synced 2025-07-22 18:55:58 +02:00
580302898d
This also deletes the associated commands and domain application specific entities. We haven't used any of these TLD phases since early 2015 and have no intent to do so in the future, so it makes sense to delete them now so we don't have to carry them through the Registry 3.0 migration. Note that, while there are data model changes, there should be no required data migrations. The fields and entities being removed will simply remain as orphans. I confirmed that the removed types (such as the SUNRUSH_ADD GracePeriodType) are no longer used in production data, and left types that are still used, e.g. BillingEvent.Flag.LANDRUSH or HistoryEntry.Type.ALLOCATE. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=228752843
197 lines
6.8 KiB
XML
197 lines
6.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
|
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
|
<!-- Servlets -->
|
|
|
|
<!-- Servlet for injected tools actions -->
|
|
<servlet>
|
|
<display-name>ToolsServlet</display-name>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<servlet-class>google.registry.module.tools.ToolsServlet</servlet-class>
|
|
<load-on-startup>1</load-on-startup>
|
|
</servlet>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/verifyOte</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/createGroups</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/createPremiumList</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/list/*</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/deleteEntity</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/updatePremiumList</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/loadtest</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- The nomulus command line tool uses this endpoint to write to Datastore. -->
|
|
<servlet>
|
|
<display-name>Remote API Servlet</display-name>
|
|
<servlet-name>RemoteApiServlet</servlet-name>
|
|
<servlet-class>com.google.apphosting.utils.remoteapi.RemoteApiServlet</servlet-class>
|
|
<load-on-startup>1</load-on-startup>
|
|
</servlet>
|
|
<servlet-mapping>
|
|
<servlet-name>RemoteApiServlet</servlet-name>
|
|
<url-pattern>/remote_api</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- ExecuteEppCommand uses this to execute remotely. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/epptool</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Mapreduce to re-save all HistoryEntries. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/resaveAllHistoryEntries</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Mapreduce to delete EppResources, children, and indices. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/killAllEppResources</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Mapreduce to delete all commit logs. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/killAllCommitLogs</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Restores commit logs. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/restoreCommitLogs</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- This path serves up the App Engine results page for mapreduce runs. -->
|
|
<servlet>
|
|
<servlet-name>mapreduce</servlet-name>
|
|
<servlet-class>com.google.appengine.tools.mapreduce.MapReduceServlet</servlet-class>
|
|
</servlet>
|
|
<servlet-mapping>
|
|
<servlet-name>mapreduce</servlet-name>
|
|
<url-pattern>/_dr/mapreduce/*</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Pipeline GUI servlets. -->
|
|
<servlet>
|
|
<servlet-name>pipeline</servlet-name>
|
|
<servlet-class>com.google.appengine.tools.pipeline.impl.servlets.PipelineServlet</servlet-class>
|
|
</servlet>
|
|
<servlet-mapping>
|
|
<servlet-name>pipeline</servlet-name>
|
|
<url-pattern>/_ah/pipeline/*</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Refreshes all active domains in DNS -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/refreshDnsForAllDomains</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/generateZoneFiles</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/pollMapreduce</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Security config -->
|
|
<security-constraint>
|
|
<web-resource-collection>
|
|
<web-resource-name>Internal</web-resource-name>
|
|
<description>
|
|
Admin-only internal section. Requests for paths covered by the URL patterns below will be
|
|
checked for a logged-in user account that's allowed to access the AppEngine admin console
|
|
(NOTE: this includes Editor/Viewer permissions in addition to Owner and the new IAM
|
|
App Engine Admin role. See https://cloud.google.com/appengine/docs/java/access-control
|
|
specifically the "Access handlers that have a login:admin restriction" line.)
|
|
|
|
TODO(b/28219927): lift some of these restrictions so that we can allow OAuth authentication
|
|
for endpoints that need to be accessed by open-source automated processes.
|
|
</description>
|
|
|
|
<!-- Internal AppEngine endpoints. The '_ah' is short for app hosting. -->
|
|
<url-pattern>/_ah/*</url-pattern>
|
|
|
|
<!-- Registrar console (should not be available on non-default module). -->
|
|
<url-pattern>/registrar*</url-pattern>
|
|
|
|
<!-- Verbatim JavaScript sources (only visible to admins for debugging). -->
|
|
<url-pattern>/assets/sources/*</url-pattern>
|
|
|
|
</web-resource-collection>
|
|
<auth-constraint>
|
|
<role-name>admin</role-name>
|
|
</auth-constraint>
|
|
|
|
<!-- Repeated here since catch-all rule below is not inherited. -->
|
|
<user-data-constraint>
|
|
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
|
</user-data-constraint>
|
|
</security-constraint>
|
|
|
|
<!-- Require TLS on all requests. -->
|
|
<security-constraint>
|
|
<web-resource-collection>
|
|
<web-resource-name>Secure</web-resource-name>
|
|
<description>
|
|
Require encryption for all paths. http URLs will be redirected to https.
|
|
</description>
|
|
<url-pattern>/*</url-pattern>
|
|
</web-resource-collection>
|
|
<user-data-constraint>
|
|
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
|
</user-data-constraint>
|
|
</security-constraint>
|
|
|
|
<!-- See: https://code.google.com/p/objectify-appengine/wiki/Setup -->
|
|
<filter>
|
|
<filter-name>ObjectifyFilter</filter-name>
|
|
<filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
|
|
</filter>
|
|
<filter-mapping>
|
|
<filter-name>ObjectifyFilter</filter-name>
|
|
<url-pattern>/*</url-pattern>
|
|
</filter-mapping>
|
|
|
|
<!-- Register types with Objectify. -->
|
|
<filter>
|
|
<filter-name>OfyFilter</filter-name>
|
|
<filter-class>google.registry.model.ofy.OfyFilter</filter-class>
|
|
</filter>
|
|
<filter-mapping>
|
|
<filter-name>OfyFilter</filter-name>
|
|
<url-pattern>/*</url-pattern>
|
|
</filter-mapping>
|
|
</web-app>
|