Improve hawkBit user management (#1666)

1. Definded with properties users (static) are configured using property map (no need of indexes)
2. AuthenticationProvider that authenticates them is always registered (if not needed - don't configure them)
3. UserDetailsService (in case of missing - won't be registered)
4. Spring security user (spring.security.username) will be registered together with other users (if any). If any - it will be system-wide, otherwise tenant-scoped.
5. UserPrincipal renamed to TenantAwareUser in order to match its purpose.
6. Some if its fields are removes as not needed - to be closer to spring security user
7. DefaultRolloutApprovalStrategy now use UserAuthoritiesResolver instead of UserDetailsService as the central point of truth

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2024-02-26 16:56:37 +02:00
committed by GitHub
parent 783a5be2dd
commit 24d70827b7
16 changed files with 266 additions and 327 deletions

View File

@@ -35,12 +35,10 @@ spring.rabbitmq.virtual-host=/
spring.rabbitmq.host=localhost
spring.rabbitmq.port=5672
# Define own users instead of default "admin" user:
#hawkbit.server.im.users[0].username=hawkbit
#hawkbit.server.im.users[0].password={noop}isAwesome!
#hawkbit.server.im.users[0].firstname=Eclipse
#hawkbit.server.im.users[0].lastname=HawkBit
#hawkbit.server.im.users[0].permissions=ALL
# Define own (my_user) users instead together default "admin" (system-wide) user:
#hawkbit.security.user.my_user.password={noop}isAwesome!
#hawkbit.security.user.my_user.roles=ALL
#hawkbit.security.user.my_user.tenant=DEFAULT
# Enable CORS and specify the allowed origins:
#hawkbit.server.security.cors.enabled=true