Remove SYSTEM_ADMIN (#2936)

Not needed. Overlaping with system role. Could be added on top of others if needed Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2026-02-25 14:00:25 +02:00
parent ea9519deae
commit 56da119979
11 changed files with 14 additions and 54 deletions
--- a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java
+++ b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java
@@ -264,7 +264,7 @@ public interface ControllerManagement {
     * @return {@link Target} or {@code null} if it does not exist
     * @see Target#getControllerId()
     */
-    @PreAuthorize(SpringEvalExpressions.IS_CONTROLLER + " or " + SpringEvalExpressions.IS_SYSTEM_CODE)
+    @PreAuthorize(SpringEvalExpressions.IS_CONTROLLER)
    Optional<Target> findByControllerId(@NotEmpty String controllerId);

    /**
@@ -274,7 +274,7 @@ public interface ControllerManagement {
     * @return {@link Target} or {@code null} if it does not exist
     * @see Target#getId()
     */
-    @PreAuthorize(SpringEvalExpressions.IS_CONTROLLER + " or " + SpringEvalExpressions.IS_SYSTEM_CODE)
+    @PreAuthorize(SpringEvalExpressions.IS_CONTROLLER)
    Optional<Target> find(long targetId);

    /**
--- a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/DeploymentManagement.java
+++ b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/DeploymentManagement.java
@@ -403,6 +403,6 @@ public interface DeploymentManagement extends PermissionSupport {
    @PreAuthorize(HAS_UPDATE_REPOSITORY)
    void cancelActionsForDistributionSet(final ActionCancellationType cancelationType, final DistributionSet set);

-    @PreAuthorize(HAS_UPDATE_REPOSITORY + " or " + SpringEvalExpressions.IS_SYSTEM_CODE)
+    @PreAuthorize(HAS_UPDATE_REPOSITORY)
    void handleMaxAssignmentsExceeded(Long targetId, Long requested, AssignmentQuotaExceededException quotaExceededException);
 }
--- a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/SystemManagement.java
+++ b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/SystemManagement.java
@@ -78,6 +78,6 @@ public interface SystemManagement {
     *
     * @param tenant to delete
     */
-    @PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN)
+    @PreAuthorize(SpringEvalExpressions.IS_SYSTEM_CODE)
    void deleteTenant(@NotNull String tenant);
 }
--- a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/TenantStatsManagement.java
+++ b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/TenantStatsManagement.java
@@ -25,9 +25,6 @@ public interface TenantStatsManagement {
     *
     * @return collected statistics
     */
-    @PreAuthorize(
-            "hasAuthority('" + SpRole.TENANT_ADMIN + "')" + " or " +
-            SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN + " or " +
-            SpringEvalExpressions.IS_SYSTEM_CODE)
+    @PreAuthorize("hasAuthority('" + SpRole.TENANT_ADMIN + "')")
    TenantUsage getStatsOfTenant();
 }