Improve Permission Management (#2604)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -13,7 +13,7 @@ import java.io.ByteArrayInputStream;
|
||||
import java.util.List;
|
||||
|
||||
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||
import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
|
||||
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||
import org.eclipse.hawkbit.repository.jpa.AbstractJpaIntegrationTest;
|
||||
import org.eclipse.hawkbit.repository.model.ArtifactUpload;
|
||||
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||
@@ -60,7 +60,7 @@ class ArtifactManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void getPermissionCheck() {
|
||||
assertPermissions(() -> artifactManagement.get(1L), List.of(SpPermission.READ_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.get(1L), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.get(1L), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -71,7 +71,7 @@ class ArtifactManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
assertPermissions(() -> artifactManagement.getByFilenameAndSoftwareModule("filename", 1L),
|
||||
List.of(SpPermission.READ_REPOSITORY), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.getByFilenameAndSoftwareModule("filename", 1L),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -80,7 +80,7 @@ class ArtifactManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void findFirstBySHA1PermissionCheck() {
|
||||
assertPermissions(() -> artifactManagement.findFirstBySHA1("sha1"), List.of(SpPermission.READ_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.findFirstBySHA1("sha1"), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.findFirstBySHA1("sha1"), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -89,7 +89,7 @@ class ArtifactManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void getByFilenamePermissionCheck() {
|
||||
assertPermissions(() -> artifactManagement.getByFilename("filename"), List.of(SpPermission.READ_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.getByFilename("filename"), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.getByFilename("filename"), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -114,7 +114,7 @@ class ArtifactManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void loadArtifactBinaryPermissionCheck() {
|
||||
assertPermissions(() -> artifactManagement.loadArtifactBinary("sha1", 1L, false), List.of(SpPermission.DOWNLOAD_REPOSITORY_ARTIFACT), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.loadArtifactBinary("sha1", 1L, false), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> artifactManagement.loadArtifactBinary("sha1", 1L, false), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
}
|
||||
@@ -27,6 +27,7 @@ import java.util.concurrent.Callable;
|
||||
import jakarta.validation.ConstraintViolationException;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||
import org.eclipse.hawkbit.repository.artifact.model.DbArtifact;
|
||||
import org.eclipse.hawkbit.repository.artifact.model.DbArtifactHash;
|
||||
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||
@@ -425,7 +426,8 @@ class ArtifactManagementTest extends AbstractJpaIntegrationTest {
|
||||
* Trys and fails to load an artifact without required permission. Checks if expected InsufficientPermissionException is thrown.
|
||||
*/
|
||||
@Test
|
||||
@WithUser(allSpPermissions = true, removeFromAllPermission = { SpPermission.DOWNLOAD_REPOSITORY_ARTIFACT })
|
||||
@WithUser(allSpPermissions = true, removeFromAllPermission = {
|
||||
SpPermission.DOWNLOAD_REPOSITORY_ARTIFACT, SpRole.CONTROLLER_ROLE, SpRole.CONTROLLER_ROLE_ANONYMOUS })
|
||||
void loadArtifactBinaryWithoutDownloadArtifactThrowsPermissionDenied() {
|
||||
assertThatExceptionOfType(InsufficientPermissionException.class)
|
||||
.as("Should not have worked with missing permission.")
|
||||
|
||||
@@ -12,7 +12,7 @@ package org.eclipse.hawkbit.repository.jpa.management;
|
||||
import java.util.List;
|
||||
|
||||
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||
import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
|
||||
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||
import org.eclipse.hawkbit.repository.jpa.AbstractJpaIntegrationTest;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
@@ -46,7 +46,7 @@ class ConfirmationManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
void getStatusPermissionsCheck() {
|
||||
assertPermissions(() -> confirmationManagement.getStatus("controllerId"), List.of(SpPermission.READ_TARGET),
|
||||
List.of(SpPermission.CREATE_TARGET));
|
||||
assertPermissions(() -> confirmationManagement.getStatus("controllerId"), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_TARGET));
|
||||
assertPermissions(() -> confirmationManagement.getStatus("controllerId"), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_TARGET));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -14,7 +14,6 @@ import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||
import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
|
||||
import org.eclipse.hawkbit.repository.exception.CancelActionNotAllowedException;
|
||||
import org.eclipse.hawkbit.repository.jpa.AbstractJpaIntegrationTest;
|
||||
import org.eclipse.hawkbit.repository.jpa.model.JpaAction;
|
||||
@@ -37,7 +36,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
void addCancelActionStatusPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.addCancelActionStatus(
|
||||
ActionStatusCreate.builder().actionId(0L).status(Action.Status.DOWNLOADED).build()),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -45,7 +44,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
*/
|
||||
@Test
|
||||
void getSoftwareModulePermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.getSoftwareModule(1L), List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
assertPermissions(() -> controllerManagement.getSoftwareModule(1L), List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -54,7 +53,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void findTargetVisibleMetaDataBySoftwareModuleIdPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.findTargetVisibleMetaDataBySoftwareModuleId(List.of(1L)),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -64,7 +63,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
void addInformationalActionStatusPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.addInformationalActionStatus(
|
||||
ActionStatusCreate.builder().actionId(0L).status(Action.Status.DOWNLOADED).build()),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -74,7 +73,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
void addUpdateActionStatusPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.addUpdateActionStatus(
|
||||
ActionStatusCreate.builder().actionId(0L).status(Action.Status.DOWNLOADED).build()),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -83,7 +82,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void findActiveActionWithHighestWeightPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.findActiveActionWithHighestWeight("controllerId"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -92,7 +91,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void findActiveActionsWithHighestWeightPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.findActiveActionsWithHighestWeight("controllerId", 1),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -100,7 +99,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
*/
|
||||
@Test
|
||||
void findActionWithDetailsPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.findActionWithDetails(1L), List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
assertPermissions(() -> controllerManagement.findActionWithDetails(1L), List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -109,7 +108,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void findActionStatusByActionPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.findActionStatusByAction(1L, Pageable.unpaged()),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -118,7 +117,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void findOrRegisterTargetIfItDoesNotExistPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.findOrRegisterTargetIfItDoesNotExist("controllerId", URI.create("someaddress")),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -128,7 +127,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
void findOrRegisterTargetIfItDoesNotExistWithDetailsPermissionsCheck() {
|
||||
assertPermissions(
|
||||
() -> controllerManagement.findOrRegisterTargetIfItDoesNotExist("controllerId", URI.create("someaddress"), "name", "type"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -137,7 +136,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void getActionForDownloadByTargetAndSoftwareModulePermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.getActionForDownloadByTargetAndSoftwareModule("controllerId", 1L),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -145,7 +144,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
*/
|
||||
@Test
|
||||
void getPollingTimePermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.getPollingTime(null), List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
assertPermissions(() -> controllerManagement.getPollingTime(null), List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -162,7 +161,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
// expected since action is not found
|
||||
}
|
||||
return null;
|
||||
}, List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
}, List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -171,7 +170,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void hasTargetArtifactAssignedPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.hasTargetArtifactAssigned("controllerId", "sha1Hash"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -180,7 +179,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void hasTargetArtifactAssignedByIdPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.hasTargetArtifactAssigned(1L, "sha1Hash"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -189,7 +188,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void updateControllerAttributesPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.updateControllerAttributes("controllerId", Map.of(), null),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -198,7 +197,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void getByControllerIdPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.getByControllerId("controllerId"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
assertPermissions(() -> controllerManagement.getByControllerId("controllerId"),
|
||||
List.of(SpRole.SYSTEM_ROLE));
|
||||
}
|
||||
@@ -208,7 +207,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
*/
|
||||
@Test
|
||||
void getPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.get(1L), List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
assertPermissions(() -> controllerManagement.get(1L), List.of(SpRole.CONTROLLER_ROLE));
|
||||
assertPermissions(() -> controllerManagement.get(1L), List.of(SpRole.SYSTEM_ROLE));
|
||||
}
|
||||
|
||||
@@ -218,7 +217,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void getActionHistoryMessagesPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.getActionHistoryMessages(1L, 1),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -235,7 +234,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
// expected since action is not found
|
||||
}
|
||||
return null;
|
||||
}, List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
}, List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -246,7 +245,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
assertPermissions(() -> {
|
||||
controllerManagement.updateActionExternalRef(1L, "externalRef");
|
||||
return null;
|
||||
}, List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
}, List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -255,7 +254,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void getActionByExternalRefPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.getActionByExternalRef("externalRef"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -266,7 +265,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
assertPermissions(() -> {
|
||||
controllerManagement.deleteExistingTarget("controllerId");
|
||||
return null;
|
||||
}, List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
}, List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -277,7 +276,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
final Target target = testdataFactory.createTarget();
|
||||
assertPermissions(
|
||||
() -> controllerManagement.getInstalledActionByTarget(target),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -287,7 +286,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
void activateAutoConfirmationPermissionsCheck() {
|
||||
assertPermissions(
|
||||
() -> controllerManagement.activateAutoConfirmation("controllerId", "initiator", "remark"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -298,7 +297,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
assertPermissions(() -> {
|
||||
controllerManagement.deactivateAutoConfirmation("controllerId");
|
||||
return null;
|
||||
}, List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
}, List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -307,7 +306,7 @@ class ControllerManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
@Test
|
||||
void updateOfflineAssignedVersionPermissionsCheck() {
|
||||
assertPermissions(() -> controllerManagement.updateOfflineAssignedVersion("controllerId", "distributionName", "version"),
|
||||
List.of(SpringEvalExpressions.CONTROLLER_ROLE));
|
||||
List.of(SpRole.CONTROLLER_ROLE));
|
||||
}
|
||||
|
||||
}
|
||||
@@ -12,8 +12,8 @@ package org.eclipse.hawkbit.repository.jpa.management;
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.assertj.core.api.Assertions.assertThatNoException;
|
||||
import static org.eclipse.hawkbit.im.authentication.SpringEvalExpressions.CONTROLLER_ROLE;
|
||||
import static org.eclipse.hawkbit.im.authentication.SpringEvalExpressions.CONTROLLER_ROLE_ANONYMOUS;
|
||||
import static org.eclipse.hawkbit.im.authentication.SpRole.CONTROLLER_ROLE;
|
||||
import static org.eclipse.hawkbit.im.authentication.SpRole.CONTROLLER_ROLE_ANONYMOUS;
|
||||
import static org.eclipse.hawkbit.repository.jpa.configuration.Constants.TX_RT_MAX;
|
||||
import static org.eclipse.hawkbit.repository.model.Action.ActionType.DOWNLOAD_ONLY;
|
||||
import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.runAs;
|
||||
|
||||
@@ -55,7 +55,8 @@ class DeploymentManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
*/
|
||||
@Test
|
||||
void offlineAssignedDistributionSetsPermissionsCheck() {
|
||||
assertPermissions(() -> deploymentManagement.offlineAssignedDistributionSets(List.of()), List.of(SpPermission.READ_REPOSITORY));
|
||||
assertPermissions(() -> deploymentManagement.offlineAssignedDistributionSets(List.of()),
|
||||
List.of(SpPermission.READ_REPOSITORY, SpPermission.UPDATE_TARGET));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -14,7 +14,6 @@ import java.util.List;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||
import org.eclipse.hawkbit.im.authentication.SpRole;
|
||||
import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
|
||||
import org.eclipse.hawkbit.repository.jpa.AbstractJpaIntegrationTest;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
@@ -79,7 +78,7 @@ class SystemManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
assertPermissions(() -> systemManagement.getTenantMetadata(), List.of(SpPermission.READ_REPOSITORY), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadata(), List.of(SpPermission.READ_TARGET), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadata(), List.of(SpPermission.READ_TENANT_CONFIGURATION), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadata(), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadata(), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -90,7 +89,7 @@ class SystemManagementSecurityTest extends AbstractJpaIntegrationTest {
|
||||
assertPermissions(() -> systemManagement.getTenantMetadataWithoutDetails(), List.of(SpPermission.READ_REPOSITORY), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadataWithoutDetails(), List.of(SpPermission.READ_TARGET), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadataWithoutDetails(), List.of(SpPermission.READ_TENANT_CONFIGURATION), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadataWithoutDetails(), List.of(SpringEvalExpressions.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
assertPermissions(() -> systemManagement.getTenantMetadataWithoutDetails(), List.of(SpRole.CONTROLLER_ROLE), List.of(SpPermission.CREATE_REPOSITORY));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user