IABTechLab · gmsdelmundo · Jun 18, 2025 · Jun 18, 2025
diff --git a/src/main/java/com/uid2/admin/vertx/Endpoints.java b/src/main/java/com/uid2/admin/vertx/Endpoints.java
@@ -67,8 +67,8 @@ public enum Endpoints {
     API_PRIVATE_SITES_REFRESH_NOW("/api/private-sites/refreshNow"),
 
     API_SALT_SNAPSHOTS("/api/salt/snapshots"),
+    API_SALT_REBUILD("/api/salt/rebuild"),
     API_SALT_ROTATE("/api/salt/rotate"),
-    API_SALT_ROTATE_ZERO("/api/salt/rotate-zero"),
 
     API_SEARCH("/api/search"),
 

diff --git a/src/main/java/com/uid2/admin/vertx/service/SaltService.java b/src/main/java/com/uid2/admin/vertx/service/SaltService.java
@@ -54,23 +54,23 @@ public void setupRoutes(Router router) {
         router.get(API_SALT_SNAPSHOTS.toString()).handler(
                 auth.handle(this::handleSaltSnapshots, Role.MAINTAINER));
 
-        router.post(API_SALT_ROTATE.toString()).blockingHandler(auth.handle((ctx) -> {
+        router.post(API_SALT_REBUILD.toString()).blockingHandler(auth.handle(ctx -> {
             synchronized (writeLock) {
-                this.handleSaltRotate(ctx);
+                this.handleSaltRebuild(ctx);
             }
-        }, new AuditParams(List.of("fraction", "min_ages_in_seconds", "target_date"), Collections.emptyList()), Role.SUPER_USER, Role.SECRET_ROTATION));
+        }, new AuditParams(List.of(), Collections.emptyList()), Role.MAINTAINER));
 
-        router.post(API_SALT_ROTATE_ZERO.toString()).blockingHandler(auth.handle((ctx) -> {
+        router.post(API_SALT_ROTATE.toString()).blockingHandler(auth.handle((ctx) -> {
             synchronized (writeLock) {
-                this.handleSaltRotateZero(ctx);
+                this.handleSaltRotate(ctx);
             }
-        }, new AuditParams(List.of(), Collections.emptyList()), Role.MAINTAINER));
+        }, new AuditParams(List.of("fraction", "min_ages_in_seconds", "target_date"), Collections.emptyList()), Role.SUPER_USER, Role.SECRET_ROTATION));
     }
 
     private void handleSaltSnapshots(RoutingContext rc) {
         try {
             final JsonArray ja = new JsonArray();
-            this.saltProvider.getSnapshots().stream()
+            saltProvider.getSnapshots().stream()
                     .forEachOrdered(s -> ja.add(toJson(s)));
 
             rc.response()
@@ -82,30 +82,21 @@ private void handleSaltSnapshots(RoutingContext rc) {
         }
     }
 
-    private void handleSaltRotate(RoutingContext rc) {
+    private void handleSaltRebuild(RoutingContext rc) {
         try {
-            final Optional<Double> fraction = RequestUtil.getDouble(rc, "fraction");
-            if (fraction.isEmpty()) return;
-            final Duration[] minAges = RequestUtil.getDurations(rc, "min_ages_in_seconds");
-            if (minAges == null) return;
-
-
-            final TargetDate targetDate =
-                    RequestUtil.getDate(rc, "target_date", DateTimeFormatter.ISO_LOCAL_DATE)
-                            .map(TargetDate::new)
-                            .orElse(TargetDate.now().plusDays(1))
-            ;
+            Instant now = Instant.now();
 
             // force refresh
-            this.saltProvider.loadContent();
+            saltProvider.loadContent();
 
             // mark all the referenced files as ready to archive
             storageManager.archiveSaltLocations();
 
-            final List<RotatingSaltProvider.SaltSnapshot> snapshots = this.saltProvider.getSnapshots();
-            final RotatingSaltProvider.SaltSnapshot lastSnapshot = snapshots.getLast();
+            // Unlike in regular salt rotation, this should be based on the currently effective snapshot.
+            // The latest snapshot may be in the future, and we may have changes that shouldn't be activated yet.
+            var effectiveSnapshot = saltProvider.getSnapshot(now);
 
-            final SaltRotation.Result result = saltRotation.rotateSalts(lastSnapshot, minAges, fraction.get(), targetDate);
+            var result = saltRotation.rotateSaltsZero(effectiveSnapshot, TargetDate.now(), now);
             if (!result.hasSnapshot()) {
                 ResponseUtil.error(rc, 200, result.getReason());
                 return;
@@ -122,21 +113,28 @@ private void handleSaltRotate(RoutingContext rc) {
         }
     }
 
-    private void handleSaltRotateZero(RoutingContext rc) {
+    private void handleSaltRotate(RoutingContext rc) {
         try {
-            Instant now = Instant.now();
+            final Optional<Double> fraction = RequestUtil.getDouble(rc, "fraction");
+            if (fraction.isEmpty()) return;
+            final Duration[] minAges = RequestUtil.getDurations(rc, "min_ages_in_seconds");
+            if (minAges == null) return;
 
-            // force refresh
-            this.saltProvider.loadContent();
+            final TargetDate targetDate =
+                    RequestUtil.getDate(rc, "target_date", DateTimeFormatter.ISO_LOCAL_DATE)
+                            .map(TargetDate::new)
+                            .orElse(TargetDate.now().plusDays(1));
 
-            // mark all the referenced files as ready to archive
+            // Force refresh
+            saltProvider.loadContent();
+
+            // Mark all the referenced files as ready to archive
             storageManager.archiveSaltLocations();
 
-            // Unlike in regular salt rotation, this should be based on the currently effective snapshot.
-            // The latest snapshot may be in the future, and we may have changes that shouldn't be activated yet.
-            var effectiveSnapshot = this.saltProvider.getSnapshot(now);
+            final List<RotatingSaltProvider.SaltSnapshot> snapshots = saltProvider.getSnapshots();
+            final RotatingSaltProvider.SaltSnapshot lastSnapshot = snapshots.getLast();
 
-            var result = saltRotation.rotateSaltsZero(effectiveSnapshot, TargetDate.now(), now);
+            final SaltRotation.Result result = saltRotation.rotateSalts(lastSnapshot, minAges, fraction.get(), targetDate);
             if (!result.hasSnapshot()) {
                 ResponseUtil.error(rc, 200, result.getReason());
                 return;

diff --git a/webroot/adm/salt.html b/webroot/adm/salt.html
@@ -33,8 +33,8 @@ <h3>Operations</h3>
 
 <ul>
     <li class="ro-sem" style="display: none"><a href="#" id="doSnapshots">List Salt Snapshots</a></li>
-    <li class="ro-sem" style="display: none"><a href="#" id="doRotate">Rotate second level salts (SUPER_USER)</a></li>
-    <li class="ro-sem" style="display: none"><a href="#" id="doRotateZero">Rotate zero salts</a></li>
+    <li class="ro-sem" style="display: none"><a href="#" id="doRebuild">Rebuild Salts File</a></li>
+    <li class="ro-sem" style="display: none"><a href="#" id="doRotate">Rotate Second Level Salts (SUPER_USER)</a></li>
 </ul>
 
 <br>
@@ -64,6 +64,10 @@ <h3>Output</h3>
             doApiCall('GET', '/api/salt/snapshots', '#standardOutput', '#errorOutput');
         });
 
+        $('#doRebuild').on('click', function () {
+            doApiCall('POST', '/api/salt/rebuild', '#standardOutput', '#errorOutput');
+        });
+
         $('#doRotate').on('click', function () {
             const minAges = encodeURIComponent($('#minAges').val());
             const fraction = encodeURIComponent($('#fraction').val());
@@ -72,10 +76,6 @@ <h3>Output</h3>
 
             doApiCall('POST', url, '#standardOutput', '#errorOutput');
         });
-
-        $('#doRotateZero').on('click', function () {
-            doApiCall('POST', '/api/salt/rotate-zero', '#standardOutput', '#errorOutput');
-        });
     });
 </script>