Apply role hierarchy in hasPermission checks (#1675)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2024-03-07 18:52:50 +02:00
committed by GitHub
parent 536bb19382
commit 1640025a25
6 changed files with 61 additions and 60 deletions

View File

@@ -28,6 +28,7 @@ import org.eclipse.hawkbit.cache.DefaultDownloadIdCache;
import org.eclipse.hawkbit.cache.DownloadIdCache;
import org.eclipse.hawkbit.cache.TenantAwareCacheManager;
import org.eclipse.hawkbit.event.BusProtoStuffMessageConverter;
import org.eclipse.hawkbit.im.authentication.SpRole;
import org.eclipse.hawkbit.repository.RolloutApprovalStrategy;
import org.eclipse.hawkbit.repository.RolloutStatusCache;
import org.eclipse.hawkbit.repository.event.ApplicationEventFilter;
@@ -67,6 +68,7 @@ import org.springframework.integration.support.locks.DefaultLockRegistry;
import org.springframework.integration.support.locks.LockRegistry;
import org.springframework.messaging.converter.MessageConverter;
import org.springframework.scheduling.annotation.AsyncConfigurer;
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
import org.springframework.security.concurrent.DelegatingSecurityContextExecutorService;
import org.springframework.security.concurrent.DelegatingSecurityContextScheduledExecutorService;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
@@ -106,7 +108,9 @@ public class TestConfiguration implements AsyncConfigurer {
@Bean
SystemSecurityContext systemSecurityContext(final TenantAware tenantAware) {
return new SystemSecurityContext(tenantAware);
final RoleHierarchyImpl hierarchy = new RoleHierarchyImpl();
hierarchy.setHierarchy(SpRole.DEFAULT_ROLE_HIERARCHY);
return new SystemSecurityContext(tenantAware, hierarchy);
}
@Bean