Remove WithSpringContextRule (#1505)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2023-12-07 23:52:23 +02:00
committed by GitHub
parent aa1bad91e1
commit 1ae72d4ead
16 changed files with 69 additions and 103 deletions

View File

@@ -50,7 +50,7 @@ import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.test.TestConfiguration;
import org.eclipse.hawkbit.repository.test.util.TestdataFactory;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.util.IpUtil;
import org.junit.jupiter.api.BeforeEach;
import org.mockito.Mockito;
@@ -102,10 +102,10 @@ public abstract class AbstractAmqpServiceIntegrationTest extends AbstractAmqpInt
protected <T> T waitUntilIsPresent(final Callable<Optional<T>> callable) {
createConditionFactory()
.until(() -> WithSpringAuthorityRule.runAsPrivileged(() -> callable.call().isPresent()));
.until(() -> SecurityContextSwitch.runAsPrivileged(() -> callable.call().isPresent()));
try {
return WithSpringAuthorityRule.runAsPrivileged(() -> callable.call().get());
return SecurityContextSwitch.runAsPrivileged(() -> callable.call().get());
} catch (final Exception e) {
return null;
}
@@ -429,7 +429,7 @@ public abstract class AbstractAmqpServiceIntegrationTest extends AbstractAmqpInt
createConditionFactory().untilAsserted(() -> {
try {
final Map<String, String> controllerAttributes = WithSpringAuthorityRule
final Map<String, String> controllerAttributes = SecurityContextSwitch
.runAsPrivileged(() -> targetManagement.getControllerAttributes(controllerId));
assertThat(controllerAttributes.size()).isEqualTo(attributes.size());
assertThat(controllerAttributes).containsAllEntriesOf(attributes);

View File

@@ -72,7 +72,7 @@ import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.EnumSource;
@@ -565,7 +565,7 @@ public class AmqpMessageDispatcherServiceIntegrationTest extends AbstractAmqpSer
}
private void waitUntil(final Callable<Boolean> callable) {
createConditionFactory().until(() -> WithSpringAuthorityRule.runAsPrivileged(callable));
createConditionFactory().until(() -> SecurityContextSwitch.runAsPrivileged(callable));
}
private void assertLatestMultiActionMessageContainsInstallMessages(final String controllerId,

View File

@@ -63,7 +63,7 @@ import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.TargetTestData;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.NullSource;
@@ -941,7 +941,7 @@ class AmqpMessageHandlerServiceIntegrationTest extends AbstractAmqpServiceIntegr
private void assertAction(final Long actionId, final int messages, final Status... expectedActionStates) {
createConditionFactory().await().untilAsserted(() -> {
try {
WithSpringAuthorityRule.runAsPrivileged(() -> {
SecurityContextSwitch.runAsPrivileged(() -> {
final List<ActionStatus> actionStatusList = deploymentManagement
.findActionStatusByAction(PAGE, actionId).getContent();
@@ -979,7 +979,7 @@ class AmqpMessageHandlerServiceIntegrationTest extends AbstractAmqpServiceIntegr
final Status... expectedActionStates) {
createConditionFactory().await().untilAsserted(() -> {
try {
WithSpringAuthorityRule.runAsPrivileged(() -> {
SecurityContextSwitch.runAsPrivileged(() -> {
final List<ActionStatus> actionStatusList = deploymentManagement
.findActionStatusByAction(PAGE, actionId).getContent();
assertThat(actionStatusList).hasSize(statusListCount);

View File

@@ -50,7 +50,7 @@ import org.eclipse.hawkbit.repository.model.SoftwareModule;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.HashGeneratorUtils;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.junit.jupiter.api.Test;
@@ -612,7 +612,7 @@ public class ArtifactManagementTest extends AbstractJpaIntegrationTest {
}
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
return WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUserAndTenant("user", tenant), callable);
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
}
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {

View File

@@ -76,7 +76,7 @@ import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.TargetTestData;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
@@ -844,7 +844,7 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest {
final String controllerId = "test123";
final Target target = testdataFactory.createTarget(controllerId);
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
SecurityContextSwitch.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
addAttributeAndVerify(controllerId);
addSecondAttributeAndVerify(controllerId);
updateAttributeAndVerify(controllerId);
@@ -999,8 +999,8 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest {
final int allowedAttributes = quotaManagement.getMaxAttributeEntriesPerTarget();
testdataFactory.createTarget(controllerId);
assertThatExceptionOfType(AssignmentQuotaExceededException.class).isThrownBy(() -> WithSpringAuthorityRule
.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
assertThatExceptionOfType(AssignmentQuotaExceededException.class).isThrownBy(() -> SecurityContextSwitch
.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
writeAttributes(controllerId, allowedAttributes + 1, "key", "value");
return null;
})).withMessageContaining("" + allowedAttributes);
@@ -1010,7 +1010,7 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest {
// Write allowed number of attributes twice with same key should result
// in update but work
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
SecurityContextSwitch.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
writeAttributes(controllerId, allowedAttributes, "key", "value1");
writeAttributes(controllerId, allowedAttributes, "key", "value2");
return null;
@@ -1018,8 +1018,8 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest {
assertThat(targetManagement.getControllerAttributes(controllerId)).hasSize(10);
// Now rite one more
assertThatExceptionOfType(AssignmentQuotaExceededException.class).isThrownBy(() -> WithSpringAuthorityRule
.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
assertThatExceptionOfType(AssignmentQuotaExceededException.class).isThrownBy(() -> SecurityContextSwitch
.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
writeAttributes(controllerId, 1, "additional", "value1");
return null;
})).withMessageContaining("" + allowedAttributes);
@@ -1075,8 +1075,8 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest {
final Long actionId = createTargetAndAssignDs();
// Fails as one entry is already in there from the assignment
assertThatExceptionOfType(AssignmentQuotaExceededException.class).isThrownBy(() -> WithSpringAuthorityRule
.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
assertThatExceptionOfType(AssignmentQuotaExceededException.class).isThrownBy(() -> SecurityContextSwitch
.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
writeStatus(actionId, allowStatusEntries);
return null;
})).withMessageContaining("" + allowStatusEntries);

View File

@@ -81,7 +81,7 @@ import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.model.TotalTargetCountStatus;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -2224,7 +2224,7 @@ class RolloutManagementTest extends AbstractJpaIntegrationTest {
private void awaitRunningState(final Long myRolloutId) {
Awaitility.await().atMost(Duration.ofSeconds(10)).pollInterval(Duration.ofMillis(500)).with()
.until(() -> WithSpringAuthorityRule
.until(() -> SecurityContextSwitch
.runAsPrivileged(
() -> rolloutManagement.get(myRolloutId).orElseThrow(NoSuchElementException::new))
.getStatus().equals(RolloutStatus.RUNNING));

View File

@@ -23,7 +23,7 @@ import org.eclipse.hawkbit.repository.model.SoftwareModule;
import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.report.model.TenantUsage;
import org.eclipse.hawkbit.repository.test.util.DisposableSqlTestDatabaseExtension;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
@@ -117,7 +117,7 @@ public class SystemManagementTest extends AbstractJpaIntegrationTest {
for (int i = 0; i < tenants; i++) {
final String tenantname = "tenant" + i;
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUserAndTenant("bumlux", tenantname, true, true, false,
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("bumlux", tenantname, true, true, false,
SpringEvalExpressions.SYSTEM_ROLE), () -> {
systemManagement.getTenantMetadata(tenantname);
if (artifactSize > 0) {

View File

@@ -68,7 +68,7 @@ import org.eclipse.hawkbit.repository.model.TargetType;
import org.eclipse.hawkbit.repository.model.TargetTypeAssignmentResult;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.junit.jupiter.api.Test;
import org.springframework.data.domain.Page;
@@ -183,16 +183,16 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
.create(entityFactory.target().create().controllerId("targetWithSecurityToken").securityToken("token"));
// retrieve security token only with READ_TARGET_SEC_TOKEN permission
final String securityTokenWithReadPermission = WithSpringAuthorityRule.runAs(
WithSpringAuthorityRule.withUser("OnlyTargetReadPermission", false, SpPermission.READ_TARGET_SEC_TOKEN),
final String securityTokenWithReadPermission = SecurityContextSwitch.runAs(
SecurityContextSwitch.withUser("OnlyTargetReadPermission", false, SpPermission.READ_TARGET_SEC_TOKEN),
createdTarget::getSecurityToken);
// retrieve security token as system code execution
final String securityTokenAsSystemCode = systemSecurityContext.runAsSystem(createdTarget::getSecurityToken);
// retrieve security token without any permissions
final String securityTokenWithoutPermission = WithSpringAuthorityRule
.runAs(WithSpringAuthorityRule.withUser("NoPermission", false), createdTarget::getSecurityToken);
final String securityTokenWithoutPermission = SecurityContextSwitch
.runAs(SecurityContextSwitch.withUser("NoPermission", false), createdTarget::getSecurityToken);
assertThat(createdTarget.getSecurityToken()).isEqualTo("token");
assertThat(securityTokenWithReadPermission).isNotNull();
@@ -871,7 +871,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
final String knownTargetControllerId = "readTarget";
controllerManagement.findOrRegisterTargetIfItDoesNotExist(knownTargetControllerId, new URI("http://127.0.0.1"));
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUser("bumlux", "READ_TARGET"), () -> {
SecurityContextSwitch.runAs(SecurityContextSwitch.withUser("bumlux", "READ_TARGET"), () -> {
final Target findTargetByControllerID = targetManagement.getByControllerID(knownTargetControllerId)
.orElseThrow(IllegalStateException::new);
assertThat(findTargetByControllerID).isNotNull();

View File

@@ -21,7 +21,7 @@ import org.eclipse.hawkbit.repository.jpa.AbstractJpaIntegrationTest;
import org.eclipse.hawkbit.repository.model.DistributionSet;
import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.test.util.DisposableSqlTestDatabaseExtension;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
@@ -115,7 +115,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
// check that the cache is not getting in the way, i.e. "bumlux" results
// in bumlux and not
// mytenant
assertThat(WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUserAndTenant("user", "bumlux"),
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", "bumlux"),
() -> systemManagement.getTenantMetadata().getTenant().toUpperCase()))
.isEqualTo("bumlux".toUpperCase());
}
@@ -169,7 +169,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
}
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
return WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUserAndTenant("user", tenant), callable);
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
}
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {

View File

@@ -92,7 +92,7 @@ import org.springframework.test.context.TestExecutionListeners.MergeMode;
import org.springframework.test.context.TestPropertySource;
@ActiveProfiles({ "test" })
@ExtendWith({ JUnitTestLoggerExtension.class, WithSpringAuthorityRule.class , SharedSqlTestDatabaseExtension.class })
@ExtendWith({ JUnitTestLoggerExtension.class , SharedSqlTestDatabaseExtension.class })
@WithUser(principal = "bumlux", allSpPermissions = true, authorities = { CONTROLLER_ROLE, SYSTEM_ROLE })
@SpringBootTest
@ContextConfiguration(classes = { TestConfiguration.class, TestSupportBinderAutoConfiguration.class })
@@ -391,22 +391,22 @@ public abstract class AbstractIntegrationTest {
final String description = "Updated description.";
osType = WithSpringAuthorityRule
osType = SecurityContextSwitch
.runAsPrivileged(() -> testdataFactory.findOrCreateSoftwareModuleType(TestdataFactory.SM_TYPE_OS));
osType = WithSpringAuthorityRule.runAsPrivileged(() -> softwareModuleTypeManagement
osType = SecurityContextSwitch.runAsPrivileged(() -> softwareModuleTypeManagement
.update(entityFactory.softwareModuleType().update(osType.getId()).description(description)));
appType = WithSpringAuthorityRule.runAsPrivileged(
appType = SecurityContextSwitch.runAsPrivileged(
() -> testdataFactory.findOrCreateSoftwareModuleType(TestdataFactory.SM_TYPE_APP, Integer.MAX_VALUE));
appType = WithSpringAuthorityRule.runAsPrivileged(() -> softwareModuleTypeManagement
appType = SecurityContextSwitch.runAsPrivileged(() -> softwareModuleTypeManagement
.update(entityFactory.softwareModuleType().update(appType.getId()).description(description)));
runtimeType = WithSpringAuthorityRule
runtimeType = SecurityContextSwitch
.runAsPrivileged(() -> testdataFactory.findOrCreateSoftwareModuleType(TestdataFactory.SM_TYPE_RT));
runtimeType = WithSpringAuthorityRule.runAsPrivileged(() -> softwareModuleTypeManagement
runtimeType = SecurityContextSwitch.runAsPrivileged(() -> softwareModuleTypeManagement
.update(entityFactory.softwareModuleType().update(runtimeType.getId()).description(description)));
standardDsType = WithSpringAuthorityRule.runAsPrivileged(() -> testdataFactory.findOrCreateDefaultTestDsType());
standardDsType = SecurityContextSwitch.runAsPrivileged(() -> testdataFactory.findOrCreateDefaultTestDsType());
// publish the reset counter market event to reset the counters after
// setup. The setup is transparent by the test and its @ExpectedEvent

View File

@@ -25,7 +25,7 @@ public class CleanupTestExecutionListener extends AbstractTestExecutionListener
@Override
public void afterTestMethod(final TestContext testContext) throws Exception {
WithSpringAuthorityRule.runAsPrivileged(() -> {
SecurityContextSwitch.runAsPrivileged(() -> {
final ApplicationContext applicationContext = testContext.getApplicationContext();
new JpaTestRepositoryManagement(applicationContext.getBean(TenantAwareCacheManager.class),
applicationContext.getBean(SystemSecurityContext.class),

View File

@@ -9,6 +9,7 @@
*/
package org.eclipse.hawkbit.repository.test.util;
import java.io.Serial;
import java.lang.annotation.Annotation;
import java.util.Arrays;
import java.util.List;
@@ -19,55 +20,27 @@ import org.eclipse.hawkbit.im.authentication.SpPermission;
import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails;
import org.eclipse.hawkbit.im.authentication.UserPrincipal;
import org.eclipse.hawkbit.repository.model.helper.SystemManagementHolder;
import org.junit.jupiter.api.extension.AfterEachCallback;
import org.junit.jupiter.api.extension.BeforeEachCallback;
import org.junit.jupiter.api.extension.ExtensionContext;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
public class WithSpringAuthorityRule implements BeforeEachCallback, AfterEachCallback {
public class SecurityContextSwitch {
public static final String DEFAULT_TENANT = "default";
private SecurityContext oldContext;
@Override
public void beforeEach(ExtensionContext context) throws Exception {
oldContext = SecurityContextHolder.getContext();
WithUser annotation = getWithUserAnnotation(context);
if (annotation != null) {
if (annotation.autoCreateTenant()) {
createTenant(annotation.tenantId());
}
setSecurityContext(annotation);
}
}
private WithUser getWithUserAnnotation(ExtensionContext context) {
if (context.getRequiredTestMethod().isAnnotationPresent(WithUser.class)) {
return context.getRequiredTestMethod().getAnnotation(WithUser.class);
}
if(context.getRequiredTestClass().isAnnotationPresent(WithUser.class)){
return context.getRequiredTestClass().getAnnotation(WithUser.class);
}
return null;
}
@Override
public void afterEach(ExtensionContext context) throws Exception {
SecurityContextHolder.setContext(oldContext);
}
private static final WithUser PRIVILEDGED_USER =
createWithUser("bumlux", DEFAULT_TENANT, false, true, false, "ROLE_CONTROLLER", "ROLE_SYSTEM_CODE");
private static void setSecurityContext(final WithUser annotation) {
SecurityContextHolder.setContext(new SecurityContextWithUser(annotation));
SecurityContextHolder.setContext(new WithUserSecurityContext(annotation));
}
public static <T> T runAsPrivileged(final Callable<T> callable) throws Exception {
return runAs(privilegedUser(), callable);
public static <T> T runAsPrivileged(final Callable<T> callable) throws Exception {
createTenant(DEFAULT_TENANT);
return runAs(PRIVILEDGED_USER, callable);
}
public static <T> T runAs(final WithUser withUser, final Callable<T> callable) throws Exception {
public static <T> T runAs(final WithUser withUser, final Callable<T> callable) throws Exception {
final SecurityContext oldContext = SecurityContextHolder.getContext();
setSecurityContext(withUser);
if (withUser.autoCreateTenant()) {
@@ -82,7 +55,7 @@ public class WithSpringAuthorityRule implements BeforeEachCallback, AfterEachCal
private static void createTenant(final String tenantId) {
final SecurityContext oldContext = SecurityContextHolder.getContext();
setSecurityContext(privilegedUser());
setSecurityContext(PRIVILEDGED_USER);
try {
SystemManagementHolder.getInstance().getSystemManagement().getTenantMetadata(tenantId);
} finally {
@@ -102,10 +75,6 @@ public class WithSpringAuthorityRule implements BeforeEachCallback, AfterEachCal
return withUserAndTenant(principal, DEFAULT_TENANT, true, allSpPermision, false, authorities);
}
public static WithUser withUser(final boolean autoCreateTenant) {
return withUserAndTenant("bumlux", DEFAULT_TENANT, autoCreateTenant, true, false);
}
public static WithUser withUserAndTenant(final String principal, final String tenant, final String... authorities) {
return withUserAndTenant(principal, tenant, true, true, false, authorities);
}
@@ -116,10 +85,6 @@ public class WithSpringAuthorityRule implements BeforeEachCallback, AfterEachCal
return createWithUser(principal, tenant, autoCreateTenant, allSpPermission, controller, authorities);
}
private static WithUser privilegedUser() {
return createWithUser("bumlux", DEFAULT_TENANT, true, true, false, "ROLE_CONTROLLER", "ROLE_SYSTEM_CODE");
}
private static WithUser createWithUser(final String principal, final String tenant, final boolean autoCreateTenant,
final boolean allSpPermission, final boolean controller, final String... authorities) {
return new WithUser() {
@@ -171,12 +136,17 @@ public class WithSpringAuthorityRule implements BeforeEachCallback, AfterEachCal
};
}
static class SecurityContextWithUser implements SecurityContext {
static class WithUserSecurityContext implements SecurityContext {
@Serial
private static final long serialVersionUID = 1L;
private final WithUser annotation;
public SecurityContextWithUser(WithUser annotation) {
public WithUserSecurityContext(final WithUser annotation) {
this.annotation = annotation;
if (annotation.autoCreateTenant()) {
createTenant(annotation.tenantId());
}
}
@Override
@@ -214,7 +184,7 @@ public class WithSpringAuthorityRule implements BeforeEachCallback, AfterEachCal
@Override
public boolean equals(final Object obj) {
if (obj instanceof SecurityContextWithUser otherSecurityContextWithUser) {
if (obj instanceof WithUserSecurityContext otherSecurityContextWithUser) {
return Objects.equals(annotation, otherSecurityContextWithUser.annotation);
} else {
return false;

View File

@@ -83,7 +83,7 @@ public @interface WithUser {
class WithUserPrincipalSecurityContextFactory implements WithSecurityContextFactory<WithUser> {
@Override
public SecurityContext createSecurityContext(final WithUser withUserPrincipal) {
return new WithSpringAuthorityRule.SecurityContextWithUser(withUserPrincipal);
return new SecurityContextSwitch.WithUserSecurityContext(withUserPrincipal);
}
}
}

View File

@@ -56,7 +56,7 @@ import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.eclipse.hawkbit.rest.util.JsonBuilder;
import org.eclipse.hawkbit.rest.util.MockMvcResultPrinter;
@@ -150,7 +150,7 @@ class DdiRootControllerTest extends AbstractDDiApiIntegrationTest {
// make a poll, audit information should not be changed, run as
// controller principal!
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS),
SecurityContextSwitch.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS),
() -> {
mvc.perform(get(CONTROLLER_BASE, tenantAware.getCurrentTenant(), knownTargetControllerId))
.andDo(MockMvcResultPrinter.print()).andExpect(status().isOk());
@@ -208,14 +208,14 @@ class DdiRootControllerTest extends AbstractDDiApiIntegrationTest {
@Expect(type = TargetPollEvent.class, count = 1),
@Expect(type = TenantConfigurationCreatedEvent.class, count = 1) })
void pollWithModifiedGlobalPollingTime() throws Exception {
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUser("tenantadmin", HAS_AUTH_TENANT_CONFIGURATION),
SecurityContextSwitch.runAs(SecurityContextSwitch.withUser("tenantadmin", HAS_AUTH_TENANT_CONFIGURATION),
() -> {
tenantConfigurationManagement.addOrUpdateConfiguration(TenantConfigurationKey.POLLING_TIME_INTERVAL,
"00:02:00");
return null;
});
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUser("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
SecurityContextSwitch.runAs(SecurityContextSwitch.withUser("controller", CONTROLLER_ROLE_ANONYMOUS), () -> {
mvc.perform(get(CONTROLLER_BASE, tenantAware.getCurrentTenant(), 4711)).andDo(MockMvcResultPrinter.print())
.andExpect(status().isOk()).andExpect(content().contentType(MediaTypes.HAL_JSON))
.andExpect(jsonPath("$.config.polling.sleep", equalTo("00:02:00")));
@@ -343,7 +343,7 @@ class DdiRootControllerTest extends AbstractDDiApiIntegrationTest {
final long create = System.currentTimeMillis();
// make a poll, audit information should be set on plug and play
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withController("controller", CONTROLLER_ROLE_ANONYMOUS),
SecurityContextSwitch.runAs(SecurityContextSwitch.withController("controller", CONTROLLER_ROLE_ANONYMOUS),
() -> {
mvc.perform(get(CONTROLLER_BASE, tenantAware.getCurrentTenant(), knownControllerId1))
.andDo(MockMvcResultPrinter.print()).andExpect(status().isOk());
@@ -594,7 +594,7 @@ class DdiRootControllerTest extends AbstractDDiApiIntegrationTest {
void sleepTimeResponseForDifferentMaintenanceWindowParameters() throws Exception {
final DistributionSet ds = testdataFactory.createDistributionSet("");
WithSpringAuthorityRule.runAs(WithSpringAuthorityRule.withUser("tenantadmin", HAS_AUTH_TENANT_CONFIGURATION),
SecurityContextSwitch.runAs(SecurityContextSwitch.withUser("tenantadmin", HAS_AUTH_TENANT_CONFIGURATION),
() -> {
tenantConfigurationManagement.addOrUpdateConfiguration(TenantConfigurationKey.POLLING_TIME_INTERVAL,
"00:05:00");

View File

@@ -19,10 +19,8 @@ import org.eclipse.hawkbit.repository.test.matcher.EventVerifier;
import org.eclipse.hawkbit.repository.test.util.CleanupTestExecutionListener;
import org.eclipse.hawkbit.repository.test.util.JUnitTestLoggerExtension;
import org.eclipse.hawkbit.repository.test.util.SharedSqlTestDatabaseExtension;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.eclipse.hawkbit.rest.RestConfiguration;
import org.eclipse.hawkbit.rest.filter.ExcludePathAwareShallowETagFilter;
import org.eclipse.hawkbit.rest.util.FilterHttpResponse;
import org.eclipse.hawkbit.rest.util.MockMvcResultPrinter;
import org.junit.jupiter.api.Test;
@@ -46,8 +44,6 @@ import org.springframework.util.Base64Utils;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.filter.CharacterEncodingFilter;
import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.CONTROLLER_ROLE;
import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.SYSTEM_ROLE;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;

View File

@@ -52,7 +52,7 @@ import org.eclipse.hawkbit.repository.model.RolloutGroupConditionBuilder;
import org.eclipse.hawkbit.repository.model.RolloutGroupConditions;
import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.test.util.RolloutTestApprovalStrategy;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.eclipse.hawkbit.rest.util.JsonBuilder;
import org.eclipse.hawkbit.rest.util.MockMvcResultPrinter;
@@ -1206,7 +1206,7 @@ class MgmtRolloutResourceTest extends AbstractManagementApiIntegrationTest {
private void awaitRunningState(final Long rolloutId) {
Awaitility.await().atMost(Duration.ofMinutes(1)).pollInterval(Duration.ofMillis(100)).with()
.until(() -> WithSpringAuthorityRule
.until(() -> SecurityContextSwitch
.runAsPrivileged(
() -> rolloutManagement.get(rolloutId).orElseThrow(NoSuchElementException::new))
.getStatus().equals(RolloutStatus.RUNNING));