Added System Security Context as attribute to AbstractControllerAuthenticationFilter
This is necessary, because the tenant configuration methods are only accessable with specific permissions. With the SystemSecurityContext methods can be executed as SystemRunner and therefor we can set permissions. * updated the chaine of condtructors to set the context in the filter class * added SystemRunner permission to TenantConfigurationManagement * Autowired the system context to AMQP and HTTP controller Signed-off-by: Nonnenmacher Fabian <fabian.nonnenmacher@bosch-si.com>
This commit is contained in:
committed by
Nonnenmacher Fabian
parent
57e040aec1
commit
2be4922615
@@ -73,7 +73,8 @@ public class TenantConfigurationManagement implements EnvironmentAware {
|
||||
*/
|
||||
|
||||
@Cacheable(value = "tenantConfiguration", key = "#configurationKey.getKeyName()")
|
||||
@PreAuthorize(value = SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION)
|
||||
@PreAuthorize(value = SpringEvalExpressions.HAS_AUTH_TENANT_CONFIGURATION + SpringEvalExpressions.HAS_AUTH_OR
|
||||
+ SpringEvalExpressions.IS_SYSTEM_CODE)
|
||||
public <T> TenantConfigurationValue<T> getConfigurationValue(final TenantConfigurationKey configurationKey,
|
||||
final Class<T> propertyType) throws TenantConfigurationValidatorException {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user