Parameterize access to zk operations

2026-04-22 01:40:13 +01:00 · 2020-01-21 11:29:08 -08:00
parent ba3102d667
commit 75fc35ee4b
6 changed files with 28 additions and 11 deletions
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java
@@ -34,10 +34,12 @@ public class CertificateController {

  private final CertificateGenerator   certificateGenerator;
  private final ServerZkAuthOperations serverZkAuthOperations;
+  private final boolean                isZkEnabled;

-  public CertificateController(CertificateGenerator certificateGenerator, ServerZkAuthOperations serverZkAuthOperations) {
+  public CertificateController(CertificateGenerator certificateGenerator, ServerZkAuthOperations serverZkAuthOperations, boolean isZkEnabled) {
    this.certificateGenerator   = certificateGenerator;
    this.serverZkAuthOperations = serverZkAuthOperations;
+    this.isZkEnabled            = isZkEnabled;
  }

  @Timed
@@ -65,6 +67,7 @@ public class CertificateController {
                                                       @PathParam("startRedemptionTime") int startRedemptionTime,
                                                       @PathParam("endRedemptionTime") int endRedemptionTime)
  {
+    if (!isZkEnabled)                                         throw new WebApplicationException(Response.Status.NOT_FOUND);
    if (startRedemptionTime > endRedemptionTime)              throw new WebApplicationException(Response.Status.BAD_REQUEST);
    if (endRedemptionTime > Util.currentDaysSinceEpoch() + 7) throw new WebApplicationException(Response.Status.BAD_REQUEST);
    if (startRedemptionTime < Util.currentDaysSinceEpoch())   throw new WebApplicationException(Response.Status.BAD_REQUEST);
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java
@@ -68,6 +68,7 @@ public class ProfileController {
  private final PolicySigner              policySigner;
  private final PostPolicyGenerator       policyGenerator;
  private final ServerZkProfileOperations zkProfileOperations;
+  private final boolean                   isZkEnabled;

  private final AmazonS3            s3client;
  private final String              bucket;
@@ -80,7 +81,8 @@ public class ProfileController {
                           PostPolicyGenerator policyGenerator,
                           PolicySigner policySigner,
                           String bucket,
-                           ServerZkProfileOperations zkProfileOperations)
+                           ServerZkProfileOperations zkProfileOperations,
+                           boolean isZkEnabled)
  {
    this.rateLimiters        = rateLimiters;
    this.accountsManager     = accountsManager;
@@ -91,6 +93,7 @@ public class ProfileController {
    this.s3client            = s3client;
    this.policyGenerator     = policyGenerator;
    this.policySigner        = policySigner;
+    this.isZkEnabled         = isZkEnabled;
  }

  @Timed
@@ -98,6 +101,8 @@ public class ProfileController {
  @Produces(MediaType.APPLICATION_JSON)
  @Consumes(MediaType.APPLICATION_JSON)
  public Response setProfile(@Auth Account account, @Valid CreateProfileRequest request) {
+    if (!isZkEnabled) throw new WebApplicationException(Response.Status.NOT_FOUND);
+
    Optional<VersionedProfile>              currentProfile = profilesManager.get(account.getUuid(), request.getVersion());
    String                                  avatar         = request.isAvatar() ? generateAvatarObjectName() : null;
    Optional<ProfileAvatarUploadAttributes> response       = Optional.empty();
@@ -138,6 +143,7 @@ public class ProfileController {
                                      @PathParam("version")                     String version)
      throws RateLimitExceededException
  {
+    if (!isZkEnabled) throw new WebApplicationException(Response.Status.NOT_FOUND);
    return getVersionedProfile(requestAccount, accessKey, uuid, version, Optional.empty());
  }

@@ -152,6 +158,7 @@ public class ProfileController {
                                      @PathParam("credentialRequest")           String credentialRequest)
      throws RateLimitExceededException
  {
+    if (!isZkEnabled) throw new WebApplicationException(Response.Status.NOT_FOUND);
    return getVersionedProfile(requestAccount, accessKey, uuid, version, Optional.of(credentialRequest));
  }

@@ -163,6 +170,8 @@ public class ProfileController {
                                                Optional<String> credentialRequest)
      throws RateLimitExceededException
  {
+    if (!isZkEnabled) throw new WebApplicationException(Response.Status.NOT_FOUND);
+
    try {
      if (!requestAccount.isPresent() && !accessKey.isPresent()) {
        throw new WebApplicationException(Response.Status.UNAUTHORIZED);