Disable writing Key ACLs (#274)

* disable setting Key ACL and mark Key ACL overall deprecated and separate away from normal admin functionalities

Author: sunnywu

src/main/java/com/uid2/admin/vertx/service/KeyAclService.java

@@ -56,16 +56,17 @@ public void setupRoutes(Router router) {
             }
         }, Role.PRIVILEGED));
 
-        router.post("/api/keys_acl/reset").blockingHandler(auth.handle((ctx) -> {
-            synchronized (writeLock) {
-                this.handleKeyAclReset(ctx);
-            }
-        }, Role.MAINTAINER));
-        router.post("/api/keys_acl/update").blockingHandler(auth.handle((ctx) -> {
-            synchronized (writeLock) {
-                this.handleKeyAclUpdate(ctx);
-            }
-        }, Role.MAINTAINER));
+//        UID2-2758 Disable setting Key ACLs
+//        router.post("/api/keys_acl/reset").blockingHandler(auth.handle((ctx) -> {
+//            synchronized (writeLock) {
+//                this.handleKeyAclReset(ctx);
+//            }
+//        }, Role.MAINTAINER));
+//        router.post("/api/keys_acl/update").blockingHandler(auth.handle((ctx) -> {
+//            synchronized (writeLock) {
+//                this.handleKeyAclUpdate(ctx);
+//            }
+//        }, Role.MAINTAINER));
     }
 
     private void handleRewriteMetadata(RoutingContext rc) {

src/test/java/com/uid2/admin/vertx/KeyAclServiceTest.java

@@ -69,6 +69,7 @@ void listKeyAclsHaveAcls(Vertx vertx, VertxTestContext testContext) {
         });
     }
 
+/** UID2-2758 Disable setting Key ACLs
     @Test
     void keyAclResetNoAclToWhitelist(Vertx vertx, VertxTestContext testContext) throws Exception {
         fakeAuth(Role.MAINTAINER);
@@ -477,4 +478,5 @@ void keyAclUpdateRemoveUnlistedSite(Vertx vertx, VertxTestContext testContext) t
             testContext.completeNow();
         });
     }
+*/
 }

webroot/adm/key-acl.html

@@ -4,13 +4,14 @@
     <script src="/js/main.js"></script>
 </head>
 <body>
-<h1>UID2 Admin - Key ACL Management</h1>
+<h1><b>Deprecated</b>: UID2 Admin - Key ACL Management</h1>
+
+<h2 style="color: red"><a href="https://atlassian.thetradedesk.com/jira/browse/UID2-2758">UID2-2758</a>: Key ACL entries must no longer be created. Read only by legacy operators now.</h2>
 
 <a href="/">Back</a>
 
-<br>
-<br>
 
+<!--
 <h3>Inputs</h3>
 
 <label for="siteId">Site Id:</label>
@@ -24,16 +25,16 @@ <h3>Inputs</h3>
     <option value="whitelist">whitelist</option>
     <option value="blacklist">blacklist</option>
 </select>
-
+-->
 <br>
 <br>
 
 <h3>Operations</h3>
 
 <ul>
     <li class="ro-cki" style="display: none"><a href="#" id="doList">List ACLs</a></li>
-    <li class="ro-cki" style="display: none"><a href="#" id="doReset">Reset ACL</a></li>
-    <li class="ro-cki" style="display: none"><a href="#" id="doUpdate">Update ACL</a></li>
+<!--    <li class="ro-cki" style="display: none"><a href="#" id="doReset">Reset ACL</a></li>-->
+<!--    <li class="ro-cki" style="display: none"><a href="#" id="doUpdate">Update ACL</a></li>-->
 </ul>
 
 <br>

webroot/index.html

@@ -30,7 +30,6 @@ <h1>UID2 Admin Site</h1>
 
 <ul>
     <li class="ro-cki ro-adm" style="display: none"><a href="/adm/client-key.html">Client Key Management</a></li>
-    <li class="ro-cki ro-adm" style="display: none"><a href="/adm/key-acl.html">Encryption Key ACL Management</a></li>
     <li class="ro-adm" style="display: none"><a href="/adm/keysets.html">Keyset Access Management</a></li>
     <li class="ro-sem" style="display: none"><a href="/adm/encryption-key.html">Encryption Key Management</a></li>
     <li class="ro-sem" style="display: none"><a href="/adm/salt.html">Salts Management</a></li>
@@ -42,7 +41,10 @@ <h1>UID2 Admin Site</h1>
     <li class="ro-adm" style="display: none"><a href="/adm/search.html">Key and Secret Search</a></li>
     <li class="ro-nil" style="display: none">No Admin Permissions</li>
 </ul>
-
-
+<br/>
+<h3>Deprecated</h3>
+<ul>
+    <li class="ro-cki ro-adm" style="display: none"><a href="/adm/key-acl.html">Encryption Key ACL Management</a></li>
+</ul>
 </body>
 </html>