Absract metatype impl (#2575)

* Add common "interface" for metadata supporting entities
* Add common metadata implementation for distribution set and software module
* Extract PermissionSupport + extend by TargetManagement
* TargetManagement tags are now protected by Target permissions - as it should be

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2025-08-01 12:41:53 +03:00
committed by GitHub
parent b40de54d83
commit 5d75c9b0cc
22 changed files with 449 additions and 373 deletions

View File

@@ -160,11 +160,11 @@ class DistributionSetAccessControllerTest extends AbstractJpaIntegrationTest {
// verify distributionSetManagement#updateMetaData
final String newValue = "newValue";
distributionSetManagement.updateMetadata(permitted.getId(), mdPresetKey, newValue);
assertThatThrownBy(() -> distributionSetManagement.updateMetadata(readOnlyId, mdPresetKey, newValue))
distributionSetManagement.createMetadata(permitted.getId(), mdPresetKey, newValue);
assertThatThrownBy(() -> distributionSetManagement.createMetadata(readOnlyId, mdPresetKey, newValue))
.as("Distribution set not allowed to me modified.")
.isInstanceOf(InsufficientPermissionException.class);
assertThatThrownBy(() -> distributionSetManagement.updateMetadata(hiddenId, mdPresetKey, newValue))
assertThatThrownBy(() -> distributionSetManagement.createMetadata(hiddenId, mdPresetKey, newValue))
.as("Distribution set should not be visible.")
.isInstanceOf(EntityNotFoundException.class);

View File

@@ -74,7 +74,7 @@ class DistributionSetManagementSecurityTest
* Tests ManagementAPI PreAuthorized method with correct and insufficient permissions.
*/
@Test
void createMetadataPermissionsCheck() {
void createMetadataMapPermissionsCheck() {
assertPermissions(
() -> {
distributionSetManagement.createMetadata(1L, Map.of("key", "value"));
@@ -95,9 +95,9 @@ class DistributionSetManagementSecurityTest
* Tests ManagementAPI PreAuthorized method with correct and insufficient permissions.
*/
@Test
void updateMetadataPermissionsCheck() {
void createMetadataPermissionsCheck() {
assertPermissions(() -> {
distributionSetManagement.updateMetadata(1L, "key", "value");
distributionSetManagement.createMetadata(1L, "key", "value");
return null;
},
List.of(SpPermission.UPDATE_REPOSITORY));

View File

@@ -156,8 +156,7 @@ class DistributionSetManagementTest extends AbstractJpaIntegrationTest {
() -> distributionSetManagement.update(DistributionSetManagement.Update.builder().id(NOT_EXIST_IDL).build()),
"DistributionSet");
verifyThrownExceptionBy(() -> distributionSetManagement.updateMetadata(NOT_EXIST_IDL, "xxx", "xxx"), "DistributionSet");
verifyThrownExceptionBy(() -> distributionSetManagement.updateMetadata(set.getId(), NOT_EXIST_ID, "xxx"), "DistributionSet");
verifyThrownExceptionBy(() -> distributionSetManagement.createMetadata(NOT_EXIST_IDL, "xxx", "xxx"), "DistributionSet");
verifyThrownExceptionBy(() -> distributionSetManagement.getOrElseThrowException(NOT_EXIST_IDL), "DistributionSet");
@@ -240,19 +239,6 @@ class DistributionSetManagementTest extends AbstractJpaIntegrationTest {
});
}
/**
* Checks that metadata for a distribution set can be created.
*/
@Test
void createMetadata() {
final String knownKey = "dsMetaKnownKey";
final String knownValue = "dsMetaKnownValue";
final DistributionSet ds = testdataFactory.createDistributionSet("testDs");
insertMetadata(knownKey, knownValue, ds); // and validate
}
/**
* Verifies the enforcement of the metadata quota per distribution set.
*/
@@ -520,7 +506,7 @@ class DistributionSetManagementTest extends AbstractJpaIntegrationTest {
*/
@Test
@WithUser(allSpPermissions = true)
void updateMetadata() {
void createMetadata() {
final String knownKey = "myKnownKey";
final String knownValue = "myKnownValue";
final String knownUpdateValue = "myNewUpdatedValue";
@@ -539,7 +525,7 @@ class DistributionSetManagementTest extends AbstractJpaIntegrationTest {
waitNextMillis();
// update the DS metadata
distributionSetManagement.updateMetadata(ds.getId(), knownKey, knownUpdateValue);
distributionSetManagement.createMetadata(ds.getId(), knownKey, knownUpdateValue);
// we are updating the sw metadata so also modifying the base software
// module so opt lock revision must be three
final DistributionSet reloadedDS = getOrThrow(distributionSetManagement.get(ds.getId()));
@@ -944,7 +930,7 @@ class DistributionSetManagementTest extends AbstractJpaIntegrationTest {
// assert that an existing metadata can not be updated
assertThatExceptionOfType(InvalidDistributionSetException.class)
.as("Invalid distributionSet should throw an exception")
.isThrownBy(() -> distributionSetManagement.updateMetadata(dsId, knownKey1, knownUpdateValue));
.isThrownBy(() -> distributionSetManagement.createMetadata(dsId, knownKey1, knownUpdateValue));
}
/**

View File

@@ -500,13 +500,13 @@ class TargetManagementSecurityTest extends AbstractJpaIntegrationTest {
* Tests ManagementAPI PreAuthorized method with correct and insufficient permissions.
*/
@Test
void createMetadataPermissionsCheck() {
void createMetadataMapPermissionsCheck() {
assertPermissions(
() -> {
targetManagement.createMetadata("controllerId", Map.of("key", "value"));
return null;
},
List.of(SpPermission.UPDATE_REPOSITORY));
List.of(SpPermission.UPDATE_TARGET));
}
/**
@@ -514,20 +514,20 @@ class TargetManagementSecurityTest extends AbstractJpaIntegrationTest {
*/
@Test
void getMetadataPermissionsCheck() {
assertPermissions(() -> targetManagement.getMetadata("controllerId"), List.of(SpPermission.READ_REPOSITORY));
assertPermissions(() -> targetManagement.getMetadata("controllerId"), List.of(SpPermission.READ_TARGET));
}
/**
* Tests ManagementAPI PreAuthorized method with correct and insufficient permissions.
*/
@Test
@WithUser(principal = "user", authorities = { SpPermission.UPDATE_REPOSITORY })
void updateMetadataPermissionsCheck() {
@WithUser(principal = "user", authorities = { SpPermission.UPDATE_TARGET })
void createMetadataPermissionsCheck() {
assertPermissions(() -> {
targetManagement.updateMetadata("controllerId", "key", "value");
targetManagement.createMetadata("controllerId", "key", "value");
return null;
},
List.of(SpPermission.UPDATE_REPOSITORY));
List.of(SpPermission.UPDATE_TARGET));
}
/**
@@ -538,6 +538,6 @@ class TargetManagementSecurityTest extends AbstractJpaIntegrationTest {
assertPermissions(() -> {
targetManagement.deleteMetadata("controllerId", "key");
return null;
}, List.of(SpPermission.UPDATE_REPOSITORY));
}, List.of(SpPermission.UPDATE_TARGET));
}
}

View File

@@ -154,7 +154,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
verifyThrownExceptionBy(() -> targetManagement.deleteMetadata(NOT_EXIST_ID, "xxx"), "Target");
verifyThrownExceptionBy(() -> targetManagement.deleteMetadata(target.getControllerId(), NOT_EXIST_ID), "Target");
verifyThrownExceptionBy(() -> targetManagement.getMetadata(NOT_EXIST_ID).get("xxx"), "Target");
verifyThrownExceptionBy(() -> targetManagement.updateMetadata(NOT_EXIST_ID, "xxx", "xxx"), "Target");
verifyThrownExceptionBy(() -> targetManagement.createMetadata(NOT_EXIST_ID, "xxx", "xxx"), "Target");
}
/**
@@ -773,17 +773,6 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
assertThat(target.isRequestControllerAttributes()).isFalse();
assertThat(targetManagement.findByControllerAttributesRequested(PAGE).getContent()).contains(updated);
assertThat(targetManagement.isControllerAttributesRequested(knownControllerId)).isTrue();
}
/**
* Checks that metadata for a target can be created.
*/
@Test
void createMetadata() {
insertMetadata(
"targetMetaKnownKey", "targetMetaKnownValue",
testdataFactory.createTarget("targetIdWithMetadata")); // and validate
}
/**
@@ -847,7 +836,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
*/
@Test
@WithUser(allSpPermissions = true)
void updateMetadata() {
void createMetadata() {
final String knownKey = "myKnownKey";
final String knownValue = "myKnownValue";
final String knownUpdateValue = "myNewUpdatedValue";
@@ -864,7 +853,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
assertThat(changedLockRevisionTarget.getOptLockRevision()).isEqualTo(2);
// update the target metadata
targetManagement.updateMetadata(target.getControllerId(), knownKey, knownUpdateValue);
targetManagement.createMetadata(target.getControllerId(), knownKey, knownUpdateValue);
// we are updating the target meta-data so also modifying the target so opt lock revision must be three
final Target changedLockRevisionTarget2 = targetManagement.get(target.getId()).orElseThrow(NoSuchElementException::new);
assertThat(changedLockRevisionTarget2.getOptLockRevision()).isEqualTo(3);