Merge pull request #1188 from navikt/cleanup_confluence_group_access

Clean-up confluence group access
navikt · Sep 19, 2023 · 87abf2e · 87abf2e
2 parents 43bfe59 + 2d987f6
commit 87abf2e
Show file tree

Hide file tree

Showing 5 changed files with 1 addition and 9 deletions.
diff --git a/apps/backend/nais/backend-dev-gcp.yaml b/apps/backend/nais/backend-dev-gcp.yaml
@@ -104,8 +104,6 @@ spec:
       value: "https://behandlingskatalog-backend.intern.dev.nav.no"
     - name: CLIENT_NOM_GRAPHQL_URL
       value: "http://nom-api.nom.svc.cluster.local/graphql"
-    - name: AZURE_CLIENT_GROUPS
-      value: "ceab8bf0-0771-4478-bc39-186629b8cc2b"
     - name: AZURE_CLIENT_GROUPS_ADMIN
       value: "eedc0f72-585e-4814-94f4-25b43d9c8d1b"
     - name: AZURE_APP_MAIL_USER

diff --git a/apps/backend/nais/backend-prod-gcp.yaml b/apps/backend/nais/backend-prod-gcp.yaml
@@ -107,8 +107,6 @@ spec:
       value: "https://behandlingskatalog-backend.intern.nav.no"
     - name: CLIENT_NOM_GRAPHQL_URL
       value: "http://nom-api.nom.svc.cluster.local/graphql"
-    - name: AZURE_CLIENT_GROUPS
-      value: "2ee0ef50-718c-43d3-8c05-c839f2dc2490"
     - name: AZURE_CLIENT_GROUPS_ADMIN
       value: "eb3dd903-42c9-4337-b8df-618a45da47cd"
     - name: AZURE_APP_MAIL_USER

diff --git a/apps/backend/src/main/java/no/nav/data/common/security/RoleSupport.java b/apps/backend/src/main/java/no/nav/data/common/security/RoleSupport.java
@@ -37,9 +37,6 @@ public Set<GrantedAuthority> lookupGrantedAuthorities(List<String> groupIds) {
      * token v2 does not allow us to fetch group details, so we have to map by id instead
      */
     private String roleFor(String group) {
-        if (securityProperties.getWriteGroups().contains(group)) {
-            return AppRole.WRITE.name();
-        }
         if (securityProperties.getAdminGroups().contains(group)) {
             return AppRole.ADMIN.name();
         }

diff --git a/apps/backend/src/main/java/no/nav/data/common/security/SecurityProperties.java b/apps/backend/src/main/java/no/nav/data/common/security/SecurityProperties.java
@@ -17,7 +17,7 @@ public class SecurityProperties {
 
     private boolean enabled = true;
     private String encKey = "";
-    private List<String> writeGroups;
+
     private List<String> adminGroups;
     private List<String> redirectUris;
     private String env;

diff --git a/apps/backend/src/main/resources/application.properties b/apps/backend/src/main/resources/application.properties
@@ -41,7 +41,6 @@ azure.activedirectory.mail-user=${AZURE_APP_MAIL_USER}
 azure.activedirectory.mail-password=${AZURE_APP_MAIL_PASSWORD}
 
 team-catalog.security.enc-key=${AZURE_TOKEN_ENC_KEY:tokenkey}
-team-catalog.security.write-groups=${AZURE_CLIENT_GROUPS:nom}
 team-catalog.security.admin-groups=${AZURE_CLIENT_GROUPS_ADMIN:nom}
 team-catalog.security.redirectUris=http://localhost:3000
 team-catalog.security.env=${NAIS_CLUSTER_NAME:local}