add preauthorize to system management

Signed-off-by: Michael Hirsch <michael.hirsch@bosch-si.com>
This commit is contained in:
Michael Hirsch
2016-08-01 17:22:21 +02:00
parent 2b79cafb9e
commit 046ec2b2ec
2 changed files with 22 additions and 4 deletions

View File

@@ -61,6 +61,9 @@ public interface SystemManagement {
/** /**
* @return {@link TenantMetaData} of {@link TenantAware#getCurrentTenant()} * @return {@link TenantMetaData} of {@link TenantAware#getCurrentTenant()}
*/ */
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_READ_TARGET + SpringEvalExpressions.HAS_AUTH_OR
+ SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION)
TenantMetaData getTenantMetadata(); TenantMetaData getTenantMetadata();
/** /**
@@ -77,6 +80,7 @@ public interface SystemManagement {
* to retrieve data for * to retrieve data for
* @return {@link TenantMetaData} of given tenant * @return {@link TenantMetaData} of given tenant
*/ */
@PreAuthorize(SpringEvalExpressions.IS_SYSTEM_CODE)
TenantMetaData getTenantMetadata(@NotNull String tenant); TenantMetaData getTenantMetadata(@NotNull String tenant);
/** /**
@@ -86,6 +90,7 @@ public interface SystemManagement {
* to update * to update
* @return updated {@link TenantMetaData} entity * @return updated {@link TenantMetaData} entity
*/ */
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION)
TenantMetaData updateTenantMetadata(@NotNull TenantMetaData metaData); TenantMetaData updateTenantMetadata(@NotNull TenantMetaData metaData);
} }

View File

@@ -16,6 +16,7 @@ import java.util.List;
import java.util.concurrent.Callable; import java.util.concurrent.Callable;
import org.eclipse.hawkbit.im.authentication.SpPermission; import org.eclipse.hawkbit.im.authentication.SpPermission;
import org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions;
import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails; import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
import org.eclipse.hawkbit.repository.jpa.model.helper.SystemManagementHolder; import org.eclipse.hawkbit.repository.jpa.model.helper.SystemManagementHolder;
import org.junit.rules.TestRule; import org.junit.rules.TestRule;
@@ -56,10 +57,10 @@ public class WithSpringAuthorityRule implements TestRule {
annotation = description.getTestClass().getAnnotation(WithUser.class); annotation = description.getTestClass().getAnnotation(WithUser.class);
} }
if (annotation != null) { if (annotation != null) {
setSecurityContext(annotation);
if (annotation.autoCreateTenant()) { if (annotation.autoCreateTenant()) {
SystemManagementHolder.getInstance().getSystemManagement().getTenantMetadata(annotation.tenantId()); createTenant(annotation.tenantId());
} }
setSecurityContext(annotation);
} }
return oldContext; return oldContext;
} }
@@ -158,7 +159,7 @@ public class WithSpringAuthorityRule implements TestRule {
final SecurityContext oldContext = SecurityContextHolder.getContext(); final SecurityContext oldContext = SecurityContextHolder.getContext();
setSecurityContext(withUser); setSecurityContext(withUser);
if (withUser.autoCreateTenant()) { if (withUser.autoCreateTenant()) {
SystemManagementHolder.getInstance().getSystemManagement().getTenantMetadata(withUser.tenantId()); createTenant(withUser.tenantId());
} }
try { try {
return callable.call(); return callable.call();
@@ -166,6 +167,18 @@ public class WithSpringAuthorityRule implements TestRule {
after(oldContext); after(oldContext);
} }
} }
private void createTenant(final String tenantId) throws Exception {
final SecurityContext oldContext = SecurityContextHolder.getContext();
setSecurityContext(privilegedUser());
try
{
SystemManagementHolder.getInstance().getSystemManagement().getTenantMetadata(tenantId);
}finally
{
after(oldContext);
}
}
public static WithUser withUser(final String principal, final String... authorities) { public static WithUser withUser(final String principal, final String... authorities) {
return withUserAndTenant(principal, "default", true, true, authorities); return withUserAndTenant(principal, "default", true, true, authorities);
@@ -254,7 +267,7 @@ public class WithSpringAuthorityRule implements TestRule {
@Override @Override
public String[] authorities() { public String[] authorities() {
return new String[] { "ROLE_CONTROLLER" }; return new String[] { "ROLE_CONTROLLER", "ROLE_SYSTEM_CODE" };
} }
@Override @Override