Fix properties files to make admin a DEFAULT tenant user (#1689)
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -11,14 +11,15 @@
|
|||||||
spring.application.name=mgmt-server
|
spring.application.name=mgmt-server
|
||||||
spring.port=8080
|
spring.port=8080
|
||||||
|
|
||||||
# User Security
|
# Define DEFAULT tenant admin user admin/admin
|
||||||
spring.security.user.name=admin
|
hawkbit.security.user.admin.password={noop}admin
|
||||||
spring.security.user.password={noop}admin
|
hawkbit.security.user.admin.roles=TENANT_ADMIN
|
||||||
spring.main.allow-bean-definition-overriding=true
|
hawkbit.security.user.admin.tenant=DEFAULT
|
||||||
|
# allow to auto/implicit create DEFAULT tenant (on mgmt api call)
|
||||||
# allow to auto create DEFAULT tenant (on mgmt api call)
|
|
||||||
hawkbit.server.repository.implicitTenantCreateAllowed=true
|
hawkbit.server.repository.implicitTenantCreateAllowed=true
|
||||||
|
|
||||||
|
spring.main.allow-bean-definition-overriding=true
|
||||||
|
|
||||||
# Http Encoding
|
# Http Encoding
|
||||||
server.servlet.encoding.charset=UTF-8
|
server.servlet.encoding.charset=UTF-8
|
||||||
server.servlet.encoding.enabled=true
|
server.servlet.encoding.enabled=true
|
||||||
@@ -34,11 +35,6 @@ spring.rabbitmq.virtual-host=/
|
|||||||
spring.rabbitmq.host=localhost
|
spring.rabbitmq.host=localhost
|
||||||
spring.rabbitmq.port=5672
|
spring.rabbitmq.port=5672
|
||||||
|
|
||||||
# Define own (my_user) users instead together default "admin" (system-wide) user:
|
|
||||||
#hawkbit.security.user.my_user.password={noop}isAwesome!
|
|
||||||
#hawkbit.security.user.my_user.roles=TENANT_ADMIN
|
|
||||||
#hawkbit.security.user.my_user.tenant=DEFAULT
|
|
||||||
|
|
||||||
# Enable CORS and specify the allowed origins:
|
# Enable CORS and specify the allowed origins:
|
||||||
#hawkbit.server.security.cors.enabled=true
|
#hawkbit.server.security.cors.enabled=true
|
||||||
#hawkbit.server.security.cors.allowedOrigins=http://localhost
|
#hawkbit.server.security.cors.allowedOrigins=http://localhost
|
||||||
|
|||||||
@@ -14,12 +14,13 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
|
|||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||||
|
|
||||||
|
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||||
import org.eclipse.hawkbit.mgmt.rest.api.MgmtRestConstants;
|
import org.eclipse.hawkbit.mgmt.rest.api.MgmtRestConstants;
|
||||||
|
|
||||||
|
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
import org.springframework.boot.test.context.SpringBootTest;
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpHeaders;
|
||||||
import org.springframework.security.test.context.support.WithUserDetails;
|
|
||||||
import org.springframework.test.web.servlet.ResultActions;
|
import org.springframework.test.web.servlet.ResultActions;
|
||||||
|
|
||||||
import io.qameta.allure.Description;
|
import io.qameta.allure.Description;
|
||||||
@@ -44,9 +45,9 @@ public class CorsTest extends AbstractSecurityTest {
|
|||||||
private final static String INVALID_ORIGIN = "http://test.invalid.origin";
|
private final static String INVALID_ORIGIN = "http://test.invalid.origin";
|
||||||
private final static String INVALID_CORS_REQUEST = "Invalid CORS request";
|
private final static String INVALID_CORS_REQUEST = "Invalid CORS request";
|
||||||
|
|
||||||
@WithUserDetails("admin")
|
|
||||||
@Test
|
@Test
|
||||||
@Description("Ensures that Cors is working.")
|
@Description("Ensures that Cors is working.")
|
||||||
|
@WithUser(authorities = SpRole.TENANT_ADMIN)
|
||||||
public void validateCorsRequest() throws Exception {
|
public void validateCorsRequest() throws Exception {
|
||||||
performOptionsRequestToRestWithOrigin(ALLOWED_ORIGIN_FIRST).andExpect(status().isOk())
|
performOptionsRequestToRestWithOrigin(ALLOWED_ORIGIN_FIRST).andExpect(status().isOk())
|
||||||
.andExpect(header().string(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOWED_ORIGIN_FIRST));
|
.andExpect(header().string(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOWED_ORIGIN_FIRST));
|
||||||
|
|||||||
@@ -13,6 +13,7 @@ import io.qameta.allure.Description;
|
|||||||
import io.qameta.allure.Feature;
|
import io.qameta.allure.Feature;
|
||||||
import io.qameta.allure.Story;
|
import io.qameta.allure.Story;
|
||||||
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||||
|
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||||
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
@@ -40,4 +41,13 @@ public class PreAuthorizeEnabledTest extends AbstractSecurityTest {
|
|||||||
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Description("Tests whether request succeed if a role is granted for the user")
|
||||||
|
@WithUser(authorities = { SpRole.TENANT_ADMIN })
|
||||||
|
public void successIfHasTenantAdminRole() throws Exception {
|
||||||
|
mvc.perform(get("/rest/v1/distributionsets")).andExpect(result -> {
|
||||||
|
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@@ -8,13 +8,15 @@
|
|||||||
# SPDX-License-Identifier: EPL-2.0
|
# SPDX-License-Identifier: EPL-2.0
|
||||||
#
|
#
|
||||||
|
|
||||||
# User Security
|
# Define DEFAULT tenant admin user admin/admin
|
||||||
spring.security.user.name=admin
|
hawkbit.security.user.admin.password={noop}admin
|
||||||
spring.security.user.password={noop}admin
|
hawkbit.security.user.admin.roles=TENANT_ADMIN
|
||||||
spring.main.allow-bean-definition-overriding=true
|
hawkbit.security.user.admin.tenant=DEFAULT
|
||||||
# allow to auto create DEFAULT tenant (on mgmt api call)
|
# allow to auto/implicit create DEFAULT tenant (on mgmt api call)
|
||||||
hawkbit.server.repository.implicitTenantCreateAllowed=true
|
hawkbit.server.repository.implicitTenantCreateAllowed=true
|
||||||
|
|
||||||
|
spring.main.allow-bean-definition-overriding=true
|
||||||
|
|
||||||
# Http Encoding
|
# Http Encoding
|
||||||
server.servlet.encoding.charset=UTF-8
|
server.servlet.encoding.charset=UTF-8
|
||||||
server.servlet.encoding.enabled=true
|
server.servlet.encoding.enabled=true
|
||||||
@@ -35,11 +37,6 @@ spring.rabbitmq.virtual-host=/
|
|||||||
spring.rabbitmq.host=localhost
|
spring.rabbitmq.host=localhost
|
||||||
spring.rabbitmq.port=5672
|
spring.rabbitmq.port=5672
|
||||||
|
|
||||||
# Define own (my_user) users instead together default "admin" (system-wide) user:
|
|
||||||
#hawkbit.security.user.my_user.password={noop}isAwesome!
|
|
||||||
#hawkbit.security.user.my_user.roles=TENANT_ADMIN
|
|
||||||
#hawkbit.security.user.my_user.tenant=DEFAULT
|
|
||||||
|
|
||||||
# Enable CORS and specify the allowed origins:
|
# Enable CORS and specify the allowed origins:
|
||||||
#hawkbit.server.security.cors.enabled=true
|
#hawkbit.server.security.cors.enabled=true
|
||||||
#hawkbit.server.security.cors.allowedOrigins=http://localhost
|
#hawkbit.server.security.cors.allowedOrigins=http://localhost
|
||||||
|
|||||||
@@ -14,12 +14,13 @@ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilder
|
|||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
||||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||||
|
|
||||||
|
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||||
import org.eclipse.hawkbit.mgmt.rest.api.MgmtRestConstants;
|
import org.eclipse.hawkbit.mgmt.rest.api.MgmtRestConstants;
|
||||||
|
|
||||||
|
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
import org.springframework.boot.test.context.SpringBootTest;
|
import org.springframework.boot.test.context.SpringBootTest;
|
||||||
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpHeaders;
|
||||||
import org.springframework.security.test.context.support.WithUserDetails;
|
|
||||||
import org.springframework.test.web.servlet.ResultActions;
|
import org.springframework.test.web.servlet.ResultActions;
|
||||||
|
|
||||||
import io.qameta.allure.Description;
|
import io.qameta.allure.Description;
|
||||||
@@ -44,9 +45,9 @@ public class CorsTest extends AbstractSecurityTest {
|
|||||||
private final static String INVALID_ORIGIN = "http://test.invalid.origin";
|
private final static String INVALID_ORIGIN = "http://test.invalid.origin";
|
||||||
private final static String INVALID_CORS_REQUEST = "Invalid CORS request";
|
private final static String INVALID_CORS_REQUEST = "Invalid CORS request";
|
||||||
|
|
||||||
@WithUserDetails("admin")
|
|
||||||
@Test
|
@Test
|
||||||
@Description("Ensures that Cors is working.")
|
@Description("Ensures that Cors is working.")
|
||||||
|
@WithUser(authorities = SpRole.TENANT_ADMIN)
|
||||||
public void validateCorsRequest() throws Exception {
|
public void validateCorsRequest() throws Exception {
|
||||||
performOptionsRequestToRestWithOrigin(ALLOWED_ORIGIN_FIRST).andExpect(status().isOk())
|
performOptionsRequestToRestWithOrigin(ALLOWED_ORIGIN_FIRST).andExpect(status().isOk())
|
||||||
.andExpect(header().string(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOWED_ORIGIN_FIRST));
|
.andExpect(header().string(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, ALLOWED_ORIGIN_FIRST));
|
||||||
|
|||||||
@@ -13,6 +13,7 @@ import io.qameta.allure.Description;
|
|||||||
import io.qameta.allure.Feature;
|
import io.qameta.allure.Feature;
|
||||||
import io.qameta.allure.Story;
|
import io.qameta.allure.Story;
|
||||||
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||||
|
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||||
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
@@ -40,4 +41,13 @@ public class PreAuthorizeEnabledTest extends AbstractSecurityTest {
|
|||||||
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Description("Tests whether request succeed if a role is granted for the user")
|
||||||
|
@WithUser(authorities = { SpRole.TENANT_ADMIN })
|
||||||
|
public void successIfHasTenantAdminRole() throws Exception {
|
||||||
|
mvc.perform(get("/rest/v1/distributionsets")).andExpect(result -> {
|
||||||
|
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user