diff --git a/hawkbit-repository/src/main/java/org/eclipse/hawkbit/MultiTenantJpaTransactionManager.java b/hawkbit-repository/src/main/java/org/eclipse/hawkbit/MultiTenantJpaTransactionManager.java index 7b97f5037..a45c846a9 100644 --- a/hawkbit-repository/src/main/java/org/eclipse/hawkbit/MultiTenantJpaTransactionManager.java +++ b/hawkbit-repository/src/main/java/org/eclipse/hawkbit/MultiTenantJpaTransactionManager.java @@ -11,8 +11,6 @@ package org.eclipse.hawkbit; import javax.persistence.EntityManager; import javax.transaction.Transaction; -import org.eclipse.hawkbit.repository.RolloutManagement; -import org.eclipse.hawkbit.repository.SystemManagement; import org.eclipse.hawkbit.repository.exception.TenantNotExistException; import org.eclipse.hawkbit.tenancy.TenantAware; import org.eclipse.persistence.config.PersistenceUnitProperties; @@ -42,34 +40,12 @@ public class MultiTenantJpaTransactionManager extends JpaTransactionManager { .getResource(getEntityManagerFactory()); final EntityManager em = emHolder.getEntityManager(); - if (notTenantManagement(definition) && notCurrentTenantKeyGenerator(definition) - && notRolloutScheduler(definition) && notGetOrCreateTenantMetadata(definition)) { - - final String currentTenant = tenantAware.getCurrentTenant(); - if (currentTenant == null) { - throw new TenantNotExistException("Tenant Unknown. Canceling transaction."); - } - - em.setProperty(PersistenceUnitProperties.MULTITENANT_PROPERTY_DEFAULT, currentTenant.toUpperCase()); + final String currentTenant = tenantAware.getCurrentTenant(); + if (currentTenant == null) { + throw new TenantNotExistException("Tenant Unknown. Canceling transaction."); } - } - private boolean notGetOrCreateTenantMetadata(final TransactionDefinition definition) { - return !definition.getName() - .startsWith(SystemManagement.class.getCanonicalName() + ".getOrCreateTenantMetadata"); - } + em.setProperty(PersistenceUnitProperties.MULTITENANT_PROPERTY_DEFAULT, currentTenant.toUpperCase()); - private boolean notRolloutScheduler(final TransactionDefinition definition) { - return !definition.getName().startsWith(RolloutManagement.class.getCanonicalName() + ".rolloutScheduler"); - } - - private boolean notCurrentTenantKeyGenerator(final TransactionDefinition definition) { - return !definition.getName() - .startsWith(SystemManagement.class.getCanonicalName() + ".currentTenantKeyGenerator"); - } - - private boolean notTenantManagement(final TransactionDefinition definition) { - return !definition.getName().startsWith(SystemManagement.class.getCanonicalName() + ".deleteTenant") - && !definition.getName().startsWith(SystemManagement.class.getCanonicalName() + ".findTenants"); } } diff --git a/hawkbit-repository/src/main/java/org/eclipse/hawkbit/repository/SystemManagement.java b/hawkbit-repository/src/main/java/org/eclipse/hawkbit/repository/SystemManagement.java index 5577e1d61..c1cee7223 100644 --- a/hawkbit-repository/src/main/java/org/eclipse/hawkbit/repository/SystemManagement.java +++ b/hawkbit-repository/src/main/java/org/eclipse/hawkbit/repository/SystemManagement.java @@ -164,6 +164,7 @@ public class SystemManagement { * @return the {@link CurrentTenantKeyGenerator} */ @Bean + @Transactional(propagation = Propagation.NOT_SUPPORTED) public CurrentTenantKeyGenerator currentTenantKeyGenerator() { return new CurrentTenantKeyGenerator(); } @@ -206,7 +207,6 @@ public class SystemManagement { @NotNull @PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN + SpringEvalExpressions.HAS_AUTH_OR + SpringEvalExpressions.IS_SYSTEM_CODE) - // tenant independent public List findTenants() { return tenantMetaDataRepository.findAll().stream().map(md -> md.getTenant()).collect(Collectors.toList()); } @@ -221,7 +221,6 @@ public class SystemManagement { @Transactional @Modifying @PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN) - // tenant independent public void deleteTenant(@NotNull final String tenant) { cacheManager.evictCaches(tenant); cacheManager.getCache("currentTenant").evict(currentTenantKeyGenerator().generate(null, null)); diff --git a/hawkbit-repository/src/test/java/org/eclipse/hawkbit/tenancy/MultiTenancyEntityTest.java b/hawkbit-repository/src/test/java/org/eclipse/hawkbit/tenancy/MultiTenancyEntityTest.java index 1dd4c9823..67b9b5a26 100644 --- a/hawkbit-repository/src/test/java/org/eclipse/hawkbit/tenancy/MultiTenancyEntityTest.java +++ b/hawkbit-repository/src/test/java/org/eclipse/hawkbit/tenancy/MultiTenancyEntityTest.java @@ -78,6 +78,22 @@ public class MultiTenancyEntityTest extends AbstractIntegrationTest { assertThat(findTargetsForTenant).hasSize(1); } + @Test + @Description(value = "Ensures that tenant with proper permissions can read and delete other tenants.") + @WithUser(tenantId = "mytenant", allSpPermissions = true) + public void deleteAnotherTenantPossible() throws Exception { + // create target for another tenant + final String anotherTenant = "anotherTenant"; + final String controllerAnotherTenant = "anotherController"; + createTargetForTenant(controllerAnotherTenant, anotherTenant); + + assertThat(systemManagement.findTenants()).as("Expected number if tenants before deletion is").hasSize(3); + + systemManagement.deleteTenant(anotherTenant); + + assertThat(systemManagement.findTenants()).as("Expected number if tenants after deletion is").hasSize(2); + } + @Test @Description(value = "Ensures that tenant metadata is retrieved for the current tenant.") @WithUser(tenantId = "mytenant", autoCreateTenant = false, allSpPermissions = true)