Merge pull request RedHatInsights#1212 from coderbydesign/disable-v2-…

…apis-by-default

Disable v2 APIs by default (configurable)

deploy/rbac-clowdapp.yml

@@ -513,6 +513,9 @@ objects:
             value: ${IT_SERVICE_TIMEOUT_SECONDS}
           - name: IT_TOKEN_JKWS_CACHE_LIFETIME
             value: ${IT_TOKEN_JKWS_CACHE_LIFETIME}
+          - name: V2_APIS_ENABLED
+            value: ${V2_APIS_ENABLED}
+
     jobs:
       - name: tenant-org-id-populator
         podSpec:
@@ -915,3 +918,6 @@ parameters:
 - name: RELATION_API_SERVER
   description: The gRPC API server to use for the relation
   value: "localhost:9000"
+- name: V2_APIS_ENABLED
+  description: Flag to explicitly enable v2 API endpoints
+  value: 'False'

rbac/rbac/settings.py

@@ -483,3 +483,6 @@
 
 RELATION_API_SERVER = ENVIRONMENT.get_value("RELATION_API_SERVER", default="localhost:9000")
 ENV_NAME = ENVIRONMENT.get_value("ENV_NAME", default="stage")
+
+# Versioned API settings
+V2_APIS_ENABLED = ENVIRONMENT.bool("V2_APIS_ENABLED", default=False)

rbac/rbac/urls.py

@@ -21,6 +21,7 @@
 """
 import os
 
+from django.conf import settings
 from django.conf.urls import include
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 from django.urls import path, re_path
@@ -37,9 +38,11 @@
 urlpatterns = [
     re_path(r"^{}v1/".format(API_PATH_PREFIX), include("api.urls")),
     re_path(r"^{}v1/".format(API_PATH_PREFIX), include("management.urls")),
-    re_path(r"^{}v2/".format(API_PATH_PREFIX), include("management.v2_urls")),
     re_path(r"^_private/", include("internal.urls")),
     path("", include("django_prometheus.urls")),
 ]
 
+if settings.V2_APIS_ENABLED:
+    urlpatterns.append(re_path(r"^{}v2/".format(API_PATH_PREFIX), include("management.v2_urls")))
+
 urlpatterns += staticfiles_urlpatterns()

tests/management/workspace/test_view.py

@@ -17,13 +17,18 @@
 """Test the Audit Logs Model."""
 from django.db import transaction
 from django.test import TestCase
+from django.test.utils import override_settings
+from django.conf import settings
+from django.urls import clear_url_caches
+from importlib import reload
 from unittest.mock import Mock
 from django.urls import reverse
 from rest_framework import status
 from rest_framework.response import Response
 from rest_framework.test import APIClient
 
 from management.models import Workspace
+from rbac import urls
 from tests.identity_request import IdentityRequest
 
 
@@ -32,6 +37,8 @@ class WorkspaceViewTests(IdentityRequest):
 
     def setUp(self):
         """Set up the audit log model tests."""
+        reload(urls)
+        clear_url_caches()
         super().setUp()
         self.parent_workspace = Workspace.objects.create(name="Parent Workspace", tenant=self.tenant)
         self.init_workspace = Workspace.objects.create(
@@ -46,6 +53,9 @@ def tearDown(self):
         Workspace.objects.update(parent=None)
         Workspace.objects.all().delete()
 
+
+@override_settings(V2_APIS_ENABLED=True)
+class WorkspaceViewTestsV2Enabled(WorkspaceViewTests):
     def test_create_workspace(self):
         """Test for creating a workspace."""
         workspace_data = {
@@ -523,3 +533,13 @@ def test_get_workspace_list(self):
             self.assertIn(keyname, payload)
         for keyname in ["name", "uuid", "parent_id", "description"]:
             self.assertIn(keyname, payload.get("data")[0])
+
+
+class WorkspaceViewTestsV2Disabled(WorkspaceViewTests):
+    def test_get_workspace_list(self):
+        """Test for accessing v2 APIs which should be disabled by default."""
+        url = "/api/rbac/v2/workspaces/"
+        client = APIClient()
+        response = client.get(url, None, format="json", **self.headers)
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)