Tenancy (#605)

* Provide putTenant and deleteTenant api for providers

* updated test cases

.gitignore

@@ -96,4 +96,7 @@ libs/go/ztsclientutil/bin/
 libs/go/ztsclientutil/pkg/
 libs/go/ztsclientutil/src/
 rdl/rdl-gen-athenz-server/rdl-gen-athenz-server
+aws-setup/ui-setup/tars/
+aws-setup/zms-setup/tars/
+aws-setup/zts-setup/tars/
 **test-output**

clients/java/zms/src/main/java/com/yahoo/athenz/zms/ZMSClient.java

@@ -231,19 +231,17 @@ public ZMSClient addCredentials(Principal identity) {
 
         principal = identity;
         principalCheckDone = false;
-
+
+        // we've already verified that our authority in the passed
+        // identity object is valid
         final Authority authority = principal.getAuthority();
-        if (authority != null) {
-
-            client.addCredentials(authority.getHeader(), principal.getCredentials());
+        client.addCredentials(authority.getHeader(), principal.getCredentials());
 
-            // final check if the authority does not support authorization
-            // by the zms server then it's most likely a user authority and
-            // we need to get a principal token
+        // final check if the authority does not support authorization
+        // by the zms server then it's most likely a user authority and
+        // we need to get a principal token
 
-            principalCheckDone = authority.allowAuthorization();
-        }
-
+        principalCheckDone = authority.allowAuthorization();
         return this;
     }
 
@@ -408,36 +406,23 @@ SSLContext createSSLContext() {
         ClientSSLContextBuilder builder = new SSLUtils.ClientSSLContextBuilder(clientProtocol)
                 .privateKeyStore(PRIVATE_KEY_STORE).keyStorePath(keyStorePath);
 
-        if (null != certAlias && !certAlias.isEmpty()) {
-            builder.certAlias(certAlias);
-        }
+        builder.certAlias(certAlias);
+
         if (null != keyStoreType && !keyStoreType.isEmpty()) {
             builder.keyStoreType(keyStoreType);
         }
-        if (null != keyStorePassword) {
-            builder.keyStorePassword(keyStorePassword);
-        }
-        if (null != keyStorePasswordAppName) {
-            builder.keyStorePasswordAppName(keyStorePasswordAppName);
-        }
-        if (null != keyManagerPassword) {
-            builder.keyManagerPassword(keyManagerPassword);
-        }
-        if (null != keyManagerPasswordAppName) {
-            builder.keyManagerPasswordAppName(keyManagerPasswordAppName);
-        }
-        if (null != trustStorePath && !trustStorePath.isEmpty()) {
-            builder.trustStorePath(trustStorePath);
-        }
+        builder.keyStorePassword(keyStorePassword);
+        builder.keyStorePasswordAppName(keyStorePasswordAppName);
+        builder.keyManagerPassword(keyManagerPassword);
+
+        builder.keyManagerPasswordAppName(keyManagerPasswordAppName);
+
+        builder.trustStorePath(trustStorePath);
         if (null != trustStoreType && !trustStoreType.isEmpty()) {
             builder.trustStoreType(trustStoreType);
         }
-        if (null != trustStorePassword) {
-            builder.trustStorePassword(trustStorePassword);
-        }
-        if (null != trustStorePasswordAppName) {
-            builder.trustStorePasswordAppName(trustStorePasswordAppName);
-        }
+        builder.trustStorePassword(trustStorePassword);
+        builder.trustStorePasswordAppName(trustStorePasswordAppName);
 
         return builder.build();
     }
@@ -1359,8 +1344,7 @@ public EntityList getEntityList(String domainName) {
     }
 
     /**
-     * Create a new tenant for the specified domain. The service specifies the 
-     * provider.
+     * Register a new provider service for a given tenant domain
      * @param tenantDomain name of the tenant domain
      * @param providerService name of the provider service
      *        format: provider-domain-name.provider-service-name, ex: "sports.storage"
@@ -1380,7 +1364,7 @@ public void putTenancy(String tenantDomain, String providerService, String audit
     }
 
     /**
-     * Delete the specified tenant from a domain
+     * Delete the specified provider service from a tenant domain
      * @param tenantDomain name of the tenant domain
      * @param providerService name of the provider service,
      *        format: provider-domain-name.provider-service-name, ex: "sports.storage"
@@ -1398,6 +1382,45 @@ public void deleteTenancy(String tenantDomain, String providerService, String au
         }
     }
 
+    /**
+     * Register a new tenant domain for the provider service
+     * @param providerDomain provider domain name
+     * @param providerService provider service name
+     * @param tenantDomain name of the tenant domain
+     * @param auditRef string containing audit specification or ticket number
+     * @param tenant Tenancy object with tenant details
+     * @throws ZMSClientException in case of failure
+     */
+    public void putTenant(String providerDomain, String providerService, String tenantDomain, String auditRef, Tenancy tenant) {
+        updatePrincipal();
+        try {
+            client.putTenant(providerDomain, providerService, tenantDomain, auditRef, tenant);
+        } catch (ResourceException ex) {
+            throw new ZMSClientException(ex.getCode(), ex.getData());
+        } catch (Exception ex) {
+            throw new ZMSClientException(ZMSClientException.BAD_REQUEST, ex.getMessage());
+        }
+    }
+
+    /**
+     * Delete the specified tenant from provider service
+     * @param providerDomain provider domain name
+     * @param providerService provider service name
+     * @param tenantDomain name of the tenant domain
+     * @param auditRef string containing audit specification or ticket number
+     * @throws ZMSClientException in case of failure
+     */
+    public void deleteTenant(String providerDomain, String providerService, String tenantDomain, String auditRef) {
+        updatePrincipal();
+        try {
+            client.deleteTenant(providerDomain, providerService, tenantDomain, auditRef);
+        } catch (ResourceException ex) {
+            throw new ZMSClientException(ex.getCode(), ex.getData());
+        } catch (Exception ex) {
+            throw new ZMSClientException(ZMSClientException.BAD_REQUEST, ex.getMessage());
+        }
+    }
+
     /**
      * Create tenant roles for the specified tenant resource group.
      * @param providerDomain name of the provider domain
@@ -1630,13 +1653,7 @@ public UserToken getUserToken(String userName, String serviceNames, Boolean head
      * @throws ZMSClientException in case of failure
      */
     public UserToken getUserToken(String userName, String serviceNames) {
-        try {
-            return client.getUserToken(userName, serviceNames, null);
-        } catch (ResourceException ex) {
-            throw new ZMSClientException(ex.getCode(), ex.getData());
-        } catch (Exception ex) {
-            throw new ZMSClientException(ZMSClientException.BAD_REQUEST, ex.getMessage());
-        }
+        return getUserToken(userName, serviceNames, null);
     }
 
     /**

clients/java/zms/src/main/java/com/yahoo/athenz/zms/ZMSRDLGeneratedClient.java

@@ -1098,6 +1098,54 @@ public Tenancy deleteTenancy(String domain, String service, String auditRef) {
 
     }
 
+    public Tenancy putTenant(String domain, String service, String tenantDomain, String auditRef, Tenancy detail) {
+        WebTarget target = base.path("/domain/{domain}/service/{service}/tenant/{tenantDomain}")
+            .resolveTemplate("domain", domain)
+            .resolveTemplate("service", service)
+            .resolveTemplate("tenantDomain", tenantDomain);
+        Invocation.Builder invocationBuilder = target.request("application/json");
+        if (credsHeader != null) {
+            invocationBuilder = credsHeader.startsWith("Cookie.") ? invocationBuilder.cookie(credsHeader.substring(7),
+                credsToken) : invocationBuilder.header(credsHeader, credsToken);
+        }
+        if (auditRef != null) {
+            invocationBuilder = invocationBuilder.header("Y-Audit-Ref", auditRef);
+        }
+        Response response = invocationBuilder.put(javax.ws.rs.client.Entity.entity(detail, "application/json"));
+        int code = response.getStatus();
+        switch (code) {
+        case 204:
+            return null;
+        default:
+            throw new ResourceException(code, response.readEntity(ResourceError.class));
+        }
+
+    }
+
+    public Tenancy deleteTenant(String domain, String service, String tenantDomain, String auditRef) {
+        WebTarget target = base.path("/domain/{domain}/service/{service}/tenant/{tenantDomain}")
+            .resolveTemplate("domain", domain)
+            .resolveTemplate("service", service)
+            .resolveTemplate("tenantDomain", tenantDomain);
+        Invocation.Builder invocationBuilder = target.request("application/json");
+        if (credsHeader != null) {
+            invocationBuilder = credsHeader.startsWith("Cookie.") ? invocationBuilder.cookie(credsHeader.substring(7),
+                credsToken) : invocationBuilder.header(credsHeader, credsToken);
+        }
+        if (auditRef != null) {
+            invocationBuilder = invocationBuilder.header("Y-Audit-Ref", auditRef);
+        }
+        Response response = invocationBuilder.delete();
+        int code = response.getStatus();
+        switch (code) {
+        case 204:
+            return null;
+        default:
+            throw new ResourceException(code, response.readEntity(ResourceError.class));
+        }
+
+    }
+
     public TenantResourceGroupRoles putTenantResourceGroupRoles(String domain, String service, String tenantDomain, String resourceGroup, String auditRef, TenantResourceGroupRoles detail) {
         WebTarget target = base.path("/domain/{domain}/service/{service}/tenant/{tenantDomain}/resourceGroup/{resourceGroup}")
             .resolveTemplate("domain", domain)