diff --git a/microservices/gatewayApi/auth/authz.py b/microservices/gatewayApi/auth/authz.py index a18f0fe..b35b0dc 100644 --- a/microservices/gatewayApi/auth/authz.py +++ b/microservices/gatewayApi/auth/authz.py @@ -19,7 +19,7 @@ def enforce_authorization(namespace): # It can be in two formats: '/ns/' or '' ns = g.principal[the_ns_claim] if ns != namespace and ns != ('/%s/%s' % (users_group_root(), namespace)): - abort(make_response(jsonify(error="Not authorized to use %s namespace." % namespace), 403)) + abort(make_response(jsonify(error="Not authorized to use %s gateway." % namespace), 403)) def enforce_role_authorization(role): return diff --git a/microservices/gatewayApi/tests/routes/v2/test_gateway_err_validations.py b/microservices/gatewayApi/tests/routes/v2/test_gateway_err_validations.py index 0709831..8723229 100644 --- a/microservices/gatewayApi/tests/routes/v2/test_gateway_err_validations.py +++ b/microservices/gatewayApi/tests/routes/v2/test_gateway_err_validations.py @@ -49,7 +49,7 @@ def test_conflicting_qualifier(client): } response = client.put('/v2/namespaces/mytest/gateway', json=data) assert response.status_code == 400 - assert json.dumps(response.json) == '{"error": "Validation Errors:\\nToo many different qualified namespaces ([\'ns.mytest.dev\', \'ns.mytest.prod\']). Rejecting request."}' + assert json.dumps(response.json) == '{"error": "Validation Errors:\\nToo many different qualified gateways ([\'ns.mytest.dev\', \'ns.mytest.prod\']). Rejecting request."}' def test_invalid_host(client): @@ -73,7 +73,7 @@ def test_invalid_host(client): } response = client.put('/v2/namespaces/mytest/gateway', json=data) assert response.status_code == 400 - assert json.dumps(response.json) == '{"error": "Validation Errors:\\nHost invalid: route-1 myapi.invalid.site. Route hosts must end with one of [.api.gov.bc.ca,.cluster.local] for this namespace."}' + assert json.dumps(response.json) == '{"error": "Validation Errors:\\nHost invalid: route-1 myapi.invalid.site. Route hosts must end with one of [.api.gov.bc.ca,.cluster.local] for this gateway."}' def test_conflicting_host(client): @@ -97,7 +97,7 @@ def test_conflicting_host(client): } response = client.put('/v2/namespaces/mytest/gateway', json=data) assert response.status_code == 400 - assert json.dumps(response.json) == '{"error": "Validation Errors:\\nservice.my-service.route.route-1 The host is already used in another namespace \'ns1-service.api.gov.bc.ca\'"}' + assert json.dumps(response.json) == '{"error": "Validation Errors:\\nservice.my-service.route.route-1 The host is already used in another gateway \'ns1-service.api.gov.bc.ca\'"}' def test_invalid_upstream(client): configFile = ''' diff --git a/microservices/gatewayApi/v1/routes/gateway.py b/microservices/gatewayApi/v1/routes/gateway.py index 0751e9a..71f8f67 100644 --- a/microservices/gatewayApi/v1/routes/gateway.py +++ b/microservices/gatewayApi/v1/routes/gateway.py @@ -418,11 +418,11 @@ def validate_tags(yaml, required_tag): if traverse_has_ns_qualifier(yaml, required_tag) and traverse_has_ns_tag_only(yaml, required_tag): errors.append( - "Tags for the namespace can not have a mix of 'ns.' and 'ns..'. Rejecting request.") + "Tags for the gateway can not have a mix of 'ns.' and 'ns..'. Rejecting request.") traverse("", errors, yaml, required_tag, qualifiers) if len(qualifiers) > 1: - errors.append("Too many different qualified namespaces (%s). Rejecting request." % qualifiers) + errors.append("Too many different qualified gateways (%s). Rejecting request." % qualifiers) if len(errors) != 0: raise Exception('\n'.join(errors)) @@ -553,12 +553,12 @@ def validate_hosts(yaml, reserved_hosts, ns_attributes): if 'hosts' in route: for host in route['hosts']: if host in reserved_hosts: - errors.append("service.%s.route.%s The host is already used in another namespace '%s'" % ( + errors.append("service.%s.route.%s The host is already used in another gateway '%s'" % ( service['name'], route['name'], host)) if host_valid(host) is False: errors.append("Host not passing DNS-952 validation '%s'" % host) if host_ends_with_one_of_list(host, allowed_domains) is False: - errors.append("Host invalid: %s. Route hosts must end with one of [%s] for this namespace." % ( + errors.append("Host invalid: %s. Route hosts must end with one of [%s] for this gateway." % ( route['name'], ','.join(allowed_domains))) else: errors.append("service.%s.route.%s A host must be specified for routes." % diff --git a/microservices/gatewayApi/v1/routes/namespaces.py b/microservices/gatewayApi/v1/routes/namespaces.py index e0906b4..767afff 100644 --- a/microservices/gatewayApi/v1/routes/namespaces.py +++ b/microservices/gatewayApi/v1/routes/namespaces.py @@ -35,7 +35,7 @@ def create_namespace() -> object: if not namespace_valid(namespace): log.error("Namespace validation failed %s", namespace) - abort(make_response(jsonify(error="Namespace name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400)) + abort(make_response(jsonify(error="Gateway name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400)) try: svc = NamespaceService() @@ -50,11 +50,11 @@ def create_namespace() -> object: if err.response_code == 409: log.error("Namespace %s already created." % namespace) log.error(err) - abort(make_response(jsonify(error="Namespace is already created."), 400)) + abort(make_response(jsonify(error="Gateway is already created."), 400)) else: log.error("Failed to create namespace %s" % namespace) log.error(err) - abort(make_response(jsonify(error="Failed to add namespace"), 400)) + abort(make_response(jsonify(error="Failed to add gateway"), 400)) return ('', 201) @@ -69,7 +69,7 @@ def update_namespace(namespace: str) -> object: if not namespace_valid(namespace): log.error("Namespace validation failed %s", namespace) - abort(make_response(jsonify(error="Namespace name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400)) + abort(make_response(jsonify(error="Gateway name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400)) log.info("Updating namespace %s" % namespace) @@ -84,7 +84,7 @@ def update_namespace(namespace: str) -> object: except KeycloakGetError as err: log.error("Failed to update namespace %s", namespace) log.error(err) - abort(make_response(jsonify(error="Failed to update namespace"), 400)) + abort(make_response(jsonify(error="Failed to update gateway"), 400)) return make_response(jsonify()) @@ -105,7 +105,7 @@ def delete_namespace(namespace: str) -> object: except KeycloakGetError as err: log.error(err) - abort(make_response(jsonify(error="Failed to delete namespace"), 400)) + abort(make_response(jsonify(error="Failed to delete gateway"), 400)) return ('', 204) diff --git a/microservices/gatewayApi/v1/routes/serviceaccounts.py b/microservices/gatewayApi/v1/routes/serviceaccounts.py index bfe15ef..b5e3b2c 100644 --- a/microservices/gatewayApi/v1/routes/serviceaccounts.py +++ b/microservices/gatewayApi/v1/routes/serviceaccounts.py @@ -74,7 +74,7 @@ def create_service_account(namespace: str) -> object: return ({'client_id': cid, 'client_secret': r['value']}, 201) except KeycloakGetError as err: if err.response_code == 409: - abort(make_response(jsonify(error="Service Account for this namespace is already created."), 400)) + abort(make_response(jsonify(error="Service Account for this gateway is already created."), 400)) else: log.error(err) abort(make_response(jsonify(error="Failed to add service account"), 400)) @@ -97,7 +97,7 @@ def update_service_account_credentials(namespace: str, client_id: str) -> object return ({'client_id': client_id, 'client_secret': r['value']}, 201) except KeycloakGetError as err: if err.response_code == 409: - abort(make_response(jsonify(error="Service Account for this namespace is already created."), 400)) + abort(make_response(jsonify(error="Service Account for this gateway is already created."), 400)) else: log.error(err) abort(make_response(jsonify(error="Failed to add service account"), 400)) diff --git a/microservices/gatewayApi/v2/routes/consumers.py b/microservices/gatewayApi/v2/routes/consumers.py index e4e3e19..3a14b59 100644 --- a/microservices/gatewayApi/v2/routes/consumers.py +++ b/microservices/gatewayApi/v2/routes/consumers.py @@ -143,7 +143,7 @@ def validate_tags(data, required_tag): if traverse_has_ns_qualifier(data, required_tag): errors.append( - "Tags for the namespace can not have a mix of 'ns.' and 'ns..'. Rejecting request.") + "Tags for the gateway can not have a mix of 'ns.' and 'ns..'. Rejecting request.") else: errors.append("no tags found") diff --git a/microservices/gatewayApi/v2/routes/gateway.py b/microservices/gatewayApi/v2/routes/gateway.py index 2690bfb..ba1016c 100644 --- a/microservices/gatewayApi/v2/routes/gateway.py +++ b/microservices/gatewayApi/v2/routes/gateway.py @@ -417,11 +417,11 @@ def validate_tags(yaml, required_tag): if traverse_has_ns_qualifier(yaml, required_tag) and traverse_has_ns_tag_only(yaml, required_tag): errors.append( - "Tags for the namespace can not have a mix of 'ns.' and 'ns..'. Rejecting request.") + "Tags for the gateway can not have a mix of 'ns.' and 'ns..'. Rejecting request.") traverse("", errors, yaml, required_tag, qualifiers) if len(qualifiers) > 1: - errors.append("Too many different qualified namespaces (%s). Rejecting request." % qualifiers) + errors.append("Too many different qualified gateways (%s). Rejecting request." % qualifiers) if len(errors) != 0: raise Exception('\n'.join(errors)) @@ -574,14 +574,14 @@ def validate_hosts(yaml, reserved_hosts, ns_attributes): if 'hosts' in route: for host in route['hosts']: if host in reserved_hosts: - errors.append("service.%s.route.%s The host is already used in another namespace '%s'" % ( + errors.append("service.%s.route.%s The host is already used in another gateway '%s'" % ( service['name'], route['name'], host)) if host_valid(host) is False: errors.append("Host not passing DNS-952 validation '%s'" % host) if validate_local_host(host) is False: errors.append("Host failed validation for data plane '%s'" % host) if host_ends_with_one_of_list(host, allowed_domains) is False: - errors.append("Host invalid: %s %s. Route hosts must end with one of [%s] for this namespace." % ( + errors.append("Host invalid: %s %s. Route hosts must end with one of [%s] for this gateway." % ( route['name'], host, ','.join(allowed_domains))) else: errors.append("service.%s.route.%s A host must be specified for routes." %