You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by sh...@apache.org on 2021/10/07 13:07:48 UTC
[trafficcontrol] branch master updated: Remove user_role and
api_capability tables, and the associated endpoints (#6251)
This is an automated email from the ASF dual-hosted git repository.
shamrick pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 85c73df Remove user_role and api_capability tables, and the associated endpoints (#6251)
85c73df is described below
commit 85c73dfa3182d3fda680bffff8466430a7ac9ac2
Author: Srijeet Chatterjee <30...@users.noreply.github.com>
AuthorDate: Thu Oct 7 07:07:36 2021 -0600
Remove user_role and api_capability tables, and the associated endpoints (#6251)
* Remove user_role and api_capability tables, and the associated endpoints
* Remove user_role and api_capability tables, and the associated endpoints
* format migrations
* remove api_capability from seeds.sql
* don't remove routes and code from v2 and v3
* formatting changes
* formatting changes
* code review fixes
---
CHANGELOG.md | 2 +
docs/source/api/v2/api_capabilities.rst | 2 +
docs/source/api/v3/api_capabilities.rst | 2 +
docs/source/api/v4/api_capabilities.rst | 104 ---------------------
.../2021100114200000_remove_user_role.down.sql | 36 +++++++
.../2021100114200000_remove_user_role.up.sql | 21 +++++
traffic_ops/testing/api/v4/api_capability_test.go | 85 -----------------
traffic_ops/testing/api/v4/todb_test.go | 6 --
traffic_ops/traffic_ops_golang/routing/routes.go | 3 -
traffic_ops/v4-client/api_capability.go | 31 ------
10 files changed, 63 insertions(+), 229 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 98a9939..6eda328 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,8 +20,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
- [#6179](https://github.com/apache/trafficcontrol/issues/6179) Updated the Traffic Ops rpm to include the `ToDnssecRefresh` binary and make the `trafops_dnssec_refresh` cron job use it
### Deprecated
+- Deprecated the endpoints and docs associated with `api_capability`.
### Removed
+- Removed the `user_role` table.
## [6.0.0] - 2021-08-30
### Added
diff --git a/docs/source/api/v2/api_capabilities.rst b/docs/source/api/v2/api_capabilities.rst
index 337de97..02835d8 100644
--- a/docs/source/api/v2/api_capabilities.rst
+++ b/docs/source/api/v2/api_capabilities.rst
@@ -18,6 +18,8 @@
********************
``api_capabilities``
********************
+.. deprecated:: ATCv7.0
+
Deals with the capabilities that may be associated with API endpoints and methods. These capabilities are assigned to :term:`Roles`, of which a user may have one or more. Capabilities support "wildcarding" or "globbing" using asterisks to group multiple routes into a single capability
``GET``
diff --git a/docs/source/api/v3/api_capabilities.rst b/docs/source/api/v3/api_capabilities.rst
index d234208..d135730 100644
--- a/docs/source/api/v3/api_capabilities.rst
+++ b/docs/source/api/v3/api_capabilities.rst
@@ -18,6 +18,8 @@
********************
``api_capabilities``
********************
+.. deprecated:: ATCv7.0
+
Deals with the capabilities that may be associated with API endpoints and methods. These capabilities are assigned to :term:`Roles`, of which a user may have one or more. Capabilities support "wildcarding" or "globbing" using asterisks to group multiple routes into a single capability
``GET``
diff --git a/docs/source/api/v4/api_capabilities.rst b/docs/source/api/v4/api_capabilities.rst
deleted file mode 100644
index 3ea8ccf..0000000
--- a/docs/source/api/v4/api_capabilities.rst
+++ /dev/null
@@ -1,104 +0,0 @@
-..
-..
-.. Licensed under the Apache License, Version 2.0 (the "License");
-.. you may not use this file except in compliance with the License.
-.. You may obtain a copy of the License at
-..
-.. http://www.apache.org/licenses/LICENSE-2.0
-..
-.. Unless required by applicable law or agreed to in writing, software
-.. distributed under the License is distributed on an "AS IS" BASIS,
-.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-.. See the License for the specific language governing permissions and
-.. limitations under the License.
-..
-
-.. _to-api-api_capabilities:
-
-********************
-``api_capabilities``
-********************
-Deals with the capabilities that may be associated with API endpoints and methods. These capabilities are assigned to :term:`Roles`, of which a user may have one or more. Capabilities support "wildcarding" or "globbing" using asterisks to group multiple routes into a single capability
-
-``GET``
-=======
-Get all API-capability mappings.
-
-:Auth. Required: Yes
-:Roles Required: None
-:Response Type: Array
-
-Request Structure
------------------
-.. table:: Request Query Parameters
-
- +----------------+----------+--------+------------------------------------+
- | Name | Required | Type | Description |
- +================+==========+========+====================================+
- | capability | no | string | Capability name |
- +----------------+----------+--------+------------------------------------+
-
-.. code-block:: http
- :caption: Request Example
-
- GET /api/4.0/api_capabilities?capability=types-write HTTP/1.1
- Host: trafficops.infra.ciab.test
- User-Agent: curl/7.47.0
- Accept: */*
- Cookie: mojolicious=...
-
-Response Structure
-------------------
-:capability: Capability name
-:httpMethod: An HTTP request method, practically one of:
-
- - ``GET``
- - ``POST``
- - ``PUT``
- - ``PATCH``
- - ``DELETE``
-
-:httpRoute: The request route for which this capability applies - relative to the Traffic Ops server's URL
-:id: An integer which uniquely identifies this capability
-:lastUpdated: The time at which this capability was last updated, in :ref:`non-rfc-datetime`
-
-.. code-block:: http
- :caption: Response Example
-
- HTTP/1.1 200 OK
- Access-Control-Allow-Credentials: true
- Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
- Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
- Access-Control-Allow-Origin: *
- Cache-Control: no-cache, no-store, max-age=0, must-revalidate
- Content-Type: application/json
- Date: Thu, 01 Nov 2018 14:45:24 GMT
- X-Server-Name: traffic_ops_golang/
- Set-Cookie: mojolicious=...; Path=/; Expires=Mon, 18 Nov 2019 17:40:54 GMT; Max-Age=3600; HttpOnly
- Vary: Accept-Encoding
- Whole-Content-Sha512: wptErtIop/AfTTQ+1MZdA2YpPXEOuLFfrPQvvaHqO/uX5fRruOVYW+7p8JTrtH1xg1WN+x6FnjQnSHuWwcpyJg==
- Content-Length: 393
-
- { "response": [
- {
- "httpMethod": "POST",
- "lastUpdated": "2018-11-01 14:10:22.794114+00",
- "httpRoute": "types",
- "id": 261,
- "capability": "types-write"
- },
- {
- "httpMethod": "PUT",
- "lastUpdated": "2018-11-01 14:10:22.795917+00",
- "httpRoute": "types/*",
- "id": 262,
- "capability": "types-write"
- },
- {
- "httpMethod": "DELETE",
- "lastUpdated": "2018-11-01 14:10:22.799748+00",
- "httpRoute": "types/*",
- "id": 263,
- "capability": "types-write"
- }
- ]}
diff --git a/traffic_ops/app/db/migrations/2021100114200000_remove_user_role.down.sql b/traffic_ops/app/db/migrations/2021100114200000_remove_user_role.down.sql
new file mode 100644
index 0000000..a544787
--- /dev/null
+++ b/traffic_ops/app/db/migrations/2021100114200000_remove_user_role.down.sql
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+CREATE TABLE IF NOT EXISTS user_role (
+user_id bigint NOT NULL,
+role_id bigint NOT NULL,
+last_updated timestamp with time zone NOT NULL DEFAULT now()
+);
+
+ALTER TABLE user_role OWNER TO traffic_ops;
+
+CREATE OR REPLACE FUNCTION create_constraint_if_not_exists (c_name text, t_name text, constraint_string text)
+RETURNS void AS
+$$
+BEGIN
+ IF NOT EXISTS (SELECT FROM information_schema.table_constraints WHERE constraint_name = c_name AND table_name = t_name) then execute constraint_string;
+END IF;
+END;
+$$ LANGUAGE PLPGSQL;
+
+SELECT create_constraint_if_not_exists('fk_user_id', 'user_role', 'ALTER TABLE ONLY user_role ADD CONSTRAINT fk_user_id FOREIGN KEY (user_id) REFERENCES tm_user (id) ON DELETE CASCADE;');
+SELECT create_constraint_if_not_exists('fk_role_id', 'user_role', 'ALTER TABLE ONLY user_role ADD CONSTRAINT fk_role_id FOREIGN KEY (role_id) REFERENCES role (id) ON DELETE RESTRICT;');
diff --git a/traffic_ops/app/db/migrations/2021100114200000_remove_user_role.up.sql b/traffic_ops/app/db/migrations/2021100114200000_remove_user_role.up.sql
new file mode 100644
index 0000000..660eb47
--- /dev/null
+++ b/traffic_ops/app/db/migrations/2021100114200000_remove_user_role.up.sql
@@ -0,0 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+ALTER TABLE user_role DROP CONSTRAINT fk_user_id;
+ALTER TABLE user_role DROP CONSTRAINT fk_role_id;
+
+DROP TABLE IF EXISTS user_role;
diff --git a/traffic_ops/testing/api/v4/api_capability_test.go b/traffic_ops/testing/api/v4/api_capability_test.go
deleted file mode 100644
index f8a29be..0000000
--- a/traffic_ops/testing/api/v4/api_capability_test.go
+++ /dev/null
@@ -1,85 +0,0 @@
-package v4
-
-/*
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-import (
- "net/url"
- "testing"
-
- client "github.com/apache/trafficcontrol/traffic_ops/v4-client"
-)
-
-func TestAPICapabilities(t *testing.T) {
- testCases := []struct {
- description string
- capability string
- order string
- first string
- hasRecords bool
- }{
- {
- description: "Successfully get all asns-write API Capabilities",
- capability: "asns-write",
- hasRecords: true,
- },
- {
- description: "Successfully get all asns-read API Capabilities",
- capability: "asns-read",
- hasRecords: true,
- },
- {
- description: "Successfully get all cache-groups-read API Capabilities",
- capability: "cache-groups-read",
- hasRecords: true,
- },
- {
- description: "Fail to get any API Capabilities with a bogus capability",
- capability: "foo",
- hasRecords: false,
- },
- {
- description: "Successfully get all API Capabilities in order of HTTP Method",
- order: "httpMethod",
- first: "GET",
- },
- }
-
- for _, c := range testCases {
- t.Run(c.description, func(t *testing.T) {
- opts := client.RequestOptions{
- QueryParameters: url.Values{},
- }
- opts.QueryParameters.Set("capability", c.capability)
- opts.QueryParameters.Set("orderby", c.order)
- caps, _, err := TOSession.GetAPICapabilities(opts)
-
- if err != nil {
- t.Fatalf("error retrieving API capabilities: %s", err.Error())
- }
-
- if len(caps.Response) == 0 && c.hasRecords {
- t.Fatalf("error: expected capability %s to have records, but found 0", c.capability)
- }
-
- if c.order != "" && c.hasRecords {
- if c.first != caps.Response[0].HTTPMethod {
- t.Fatalf("error: expected first element to be %s, got %s", c.first, caps.Response[0].HTTPMethod)
- }
- }
- })
- }
-
-}
diff --git a/traffic_ops/testing/api/v4/todb_test.go b/traffic_ops/testing/api/v4/todb_test.go
index d471a5e..c9d7562 100644
--- a/traffic_ops/testing/api/v4/todb_test.go
+++ b/traffic_ops/testing/api/v4/todb_test.go
@@ -68,12 +68,6 @@ func SetupTestData(*sql.DB) error {
os.Exit(1)
}
- err = SetupAPICapabilities(db)
- if err != nil {
- fmt.Printf("\nError setting up APICapabilities %s - %s, %v\n", Config.TrafficOps.URL, Config.TrafficOps.Users.Admin, err)
- os.Exit(1)
- }
-
err = SetupTenants(db)
if err != nil {
fmt.Printf("\nError setting up tenant %s - %s, %v\n", Config.TrafficOps.URL, Config.TrafficOps.Users.Admin, err)
diff --git a/traffic_ops/traffic_ops_golang/routing/routes.go b/traffic_ops/traffic_ops_golang/routing/routes.go
index 62cbb55..b8a3fc6 100644
--- a/traffic_ops/traffic_ops_golang/routing/routes.go
+++ b/traffic_ops/traffic_ops_golang/routing/routes.go
@@ -149,9 +149,6 @@ func Routes(d ServerData) ([]Route, http.Handler, error) {
{api.Version{Major: 4, Minor: 0}, http.MethodPost, `acme_autorenew/?$`, deliveryservice.RenewCertificates, auth.PrivLevelOperations, nil, Authenticated, nil, 2534390574},
{api.Version{Major: 4, Minor: 0}, http.MethodGet, `async_status/{id}$`, api.GetAsyncStatus, auth.PrivLevelOperations, nil, Authenticated, nil, 2534390575},
- // API Capability
- {api.Version{Major: 4, Minor: 0}, http.MethodGet, `api_capabilities/?$`, apicapability.GetAPICapabilitiesHandler, auth.PrivLevelReadOnly, nil, Authenticated, nil, 48132065893},
-
//ASNs
{api.Version{Major: 4, Minor: 0}, http.MethodPut, `asns/?$`, api.UpdateHandler(&asn.TOASNV11{}), auth.PrivLevelOperations, nil, Authenticated, nil, 42641723173},
{api.Version{Major: 4, Minor: 0}, http.MethodDelete, `asns/?$`, api.DeleteHandler(&asn.TOASNV11{}), auth.PrivLevelOperations, nil, Authenticated, nil, 402048983},
diff --git a/traffic_ops/v4-client/api_capability.go b/traffic_ops/v4-client/api_capability.go
deleted file mode 100644
index f8f2304..0000000
--- a/traffic_ops/v4-client/api_capability.go
+++ /dev/null
@@ -1,31 +0,0 @@
-package client
-
-/*
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-*/
-
-import (
- "github.com/apache/trafficcontrol/lib/go-tc"
- "github.com/apache/trafficcontrol/traffic_ops/toclientlib"
-)
-
-const apiAPICapabilities = "/api_capabilities"
-
-// GetAPICapabilities will retrieve API Capabilities. In the event that no capability parameter
-// is supplied, it will return all existing. If a capability is supplied, it will return only
-// those with an exact match. Order may be specified to change the default sort order.
-func (to *Session) GetAPICapabilities(opts RequestOptions) (tc.APICapabilityResponse, toclientlib.ReqInf, error) {
- var resp tc.APICapabilityResponse
- reqInf, err := to.get(apiAPICapabilities, opts, &resp)
- return resp, reqInf, err
-}