More consistent auditor (#1756)
* action initiated by is set as current auditor - not user * auto assigned by is set as current auditor - not user PS: some unused method removed from DeplopymenHelper Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -653,10 +653,10 @@ public class RepositoryApplicationConfiguration extends JpaBaseConfiguration {
|
||||
final DistributionSetManagement distributionSetManagement, final QuotaManagement quotaManagement,
|
||||
final JpaProperties properties, final TenantConfigurationManagement tenantConfigurationManagement,
|
||||
final RepositoryProperties repositoryProperties,
|
||||
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware) {
|
||||
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware, final AuditorAware<String> auditorAware) {
|
||||
return new JpaTargetFilterQueryManagement(targetFilterQueryRepository, targetManagement,
|
||||
virtualPropertyReplacer, distributionSetManagement, quotaManagement, properties.getDatabase(),
|
||||
tenantConfigurationManagement, repositoryProperties, systemSecurityContext, contextAware);
|
||||
tenantConfigurationManagement, repositoryProperties, systemSecurityContext, contextAware, auditorAware);
|
||||
}
|
||||
|
||||
|
||||
@@ -813,11 +813,11 @@ public class RepositoryApplicationConfiguration extends JpaBaseConfiguration {
|
||||
final EventPublisherHolder eventPublisherHolder, final AfterTransactionCommitExecutor afterCommit,
|
||||
final VirtualPropertyReplacer virtualPropertyReplacer, final PlatformTransactionManager txManager,
|
||||
final TenantConfigurationManagement tenantConfigurationManagement, final QuotaManagement quotaManagement,
|
||||
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware,
|
||||
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware, final AuditorAware<String> auditorAware,
|
||||
final JpaProperties properties, final RepositoryProperties repositoryProperties) {
|
||||
return new JpaDeploymentManagement(entityManager, actionRepository, distributionSetManagement, targetRepository, actionStatusRepository, auditorProvider,
|
||||
eventPublisherHolder, afterCommit, virtualPropertyReplacer, txManager, tenantConfigurationManagement,
|
||||
quotaManagement, systemSecurityContext, tenantAware, properties.getDatabase(), repositoryProperties);
|
||||
quotaManagement, systemSecurityContext, tenantAware, auditorAware, properties.getDatabase(), repositoryProperties);
|
||||
}
|
||||
|
||||
@Bean
|
||||
|
||||
@@ -149,6 +149,7 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
|
||||
private final TenantConfigurationManagement tenantConfigurationManagement;
|
||||
private final SystemSecurityContext systemSecurityContext;
|
||||
private final TenantAware tenantAware;
|
||||
private final AuditorAware<String> auditorAware;
|
||||
private final Database database;
|
||||
private final RetryTemplate retryTemplate;
|
||||
|
||||
@@ -158,8 +159,8 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
|
||||
final EventPublisherHolder eventPublisherHolder, final AfterTransactionCommitExecutor afterCommit,
|
||||
final VirtualPropertyReplacer virtualPropertyReplacer, final PlatformTransactionManager txManager,
|
||||
final TenantConfigurationManagement tenantConfigurationManagement, final QuotaManagement quotaManagement,
|
||||
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware, final Database database,
|
||||
final RepositoryProperties repositoryProperties) {
|
||||
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware, final AuditorAware<String> auditorAware,
|
||||
final Database database, final RepositoryProperties repositoryProperties) {
|
||||
super(actionRepository, actionStatusRepository, quotaManagement, repositoryProperties);
|
||||
this.entityManager = entityManager;
|
||||
this.distributionSetManagement = distributionSetManagement;
|
||||
@@ -176,6 +177,7 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
|
||||
this.tenantConfigurationManagement = tenantConfigurationManagement;
|
||||
this.systemSecurityContext = systemSecurityContext;
|
||||
this.tenantAware = tenantAware;
|
||||
this.auditorAware = auditorAware;
|
||||
this.database = database;
|
||||
this.retryTemplate = createRetryTemplate();
|
||||
}
|
||||
@@ -191,8 +193,9 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
|
||||
.map(entry -> DeploymentManagement.deploymentRequest(entry.getKey(), entry.getValue()).build())
|
||||
.toList();
|
||||
|
||||
return assignDistributionSets(tenantAware.getCurrentUsername(), deploymentRequests, null,
|
||||
offlineDsAssignmentStrategy);
|
||||
return assignDistributionSets(
|
||||
auditorAware.getCurrentAuditor().orElse(tenantAware.getCurrentUsername()),
|
||||
deploymentRequests, null, offlineDsAssignmentStrategy);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -52,6 +52,7 @@ import org.eclipse.hawkbit.repository.rsql.VirtualPropertyReplacer;
|
||||
import org.eclipse.hawkbit.security.SystemSecurityContext;
|
||||
import org.eclipse.hawkbit.utils.TenantConfigHelper;
|
||||
import org.springframework.dao.ConcurrencyFailureException;
|
||||
import org.springframework.data.domain.AuditorAware;
|
||||
import org.springframework.data.domain.Page;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.data.domain.Slice;
|
||||
@@ -82,6 +83,7 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
|
||||
private final RepositoryProperties repositoryProperties;
|
||||
private final SystemSecurityContext systemSecurityContext;
|
||||
private final ContextAware contextAware;
|
||||
private final AuditorAware<String> auditorAware;
|
||||
private final Database database;
|
||||
|
||||
public JpaTargetFilterQueryManagement(final TargetFilterQueryRepository targetFilterQueryRepository,
|
||||
@@ -89,7 +91,7 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
|
||||
final DistributionSetManagement distributionSetManagement, final QuotaManagement quotaManagement,
|
||||
final Database database, final TenantConfigurationManagement tenantConfigurationManagement,
|
||||
final RepositoryProperties repositoryProperties,
|
||||
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware) {
|
||||
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware, final AuditorAware<String> auditorAware) {
|
||||
this.targetFilterQueryRepository = targetFilterQueryRepository;
|
||||
this.targetManagement = targetManagement;
|
||||
this.virtualPropertyReplacer = virtualPropertyReplacer;
|
||||
@@ -100,6 +102,7 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
|
||||
this.repositoryProperties = repositoryProperties;
|
||||
this.systemSecurityContext = systemSecurityContext;
|
||||
this.contextAware = contextAware;
|
||||
this.auditorAware = auditorAware;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -282,7 +285,8 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
|
||||
|
||||
targetFilterQuery.setAutoAssignDistributionSet(distributionSet);
|
||||
contextAware.getCurrentContext().ifPresent(targetFilterQuery::setAccessControlContext);
|
||||
targetFilterQuery.setAutoAssignInitiatedBy(contextAware.getCurrentUsername());
|
||||
targetFilterQuery.setAutoAssignInitiatedBy(
|
||||
auditorAware.getCurrentAuditor().orElse(targetFilterQuery.getCreatedBy()));
|
||||
targetFilterQuery.setAutoAssignActionType(sanitizeAutoAssignActionType(update.getActionType()));
|
||||
targetFilterQuery.setAutoAssignWeight(
|
||||
update.getWeight() == null ? repositoryProperties.getActionWeightIfAbsent() : update.getWeight());
|
||||
|
||||
@@ -10,7 +10,6 @@
|
||||
package org.eclipse.hawkbit.repository.jpa.utils;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
import jakarta.validation.constraints.NotNull;
|
||||
|
||||
@@ -26,8 +25,6 @@ import org.eclipse.hawkbit.repository.jpa.specifications.ActionSpecifications;
|
||||
import org.eclipse.hawkbit.repository.model.Action;
|
||||
import org.eclipse.hawkbit.repository.model.Action.Status;
|
||||
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
|
||||
import org.eclipse.hawkbit.security.SecurityContextTenantAware;
|
||||
import org.eclipse.hawkbit.tenancy.TenantAware;
|
||||
import org.springframework.data.domain.Sort;
|
||||
import org.springframework.transaction.PlatformTransactionManager;
|
||||
import org.springframework.transaction.TransactionDefinition;
|
||||
@@ -35,7 +32,6 @@ import org.springframework.transaction.annotation.Isolation;
|
||||
import org.springframework.transaction.support.DefaultTransactionDefinition;
|
||||
import org.springframework.transaction.support.TransactionCallback;
|
||||
import org.springframework.transaction.support.TransactionTemplate;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* Utility class for deployment related topics.
|
||||
@@ -121,37 +117,4 @@ public final class DeploymentHelper {
|
||||
def.setIsolationLevel(isolationLevel);
|
||||
return new TransactionTemplate(txManager, def).execute(action);
|
||||
}
|
||||
|
||||
/**
|
||||
* Runs the given handler in a non-system user context. Switches to the user
|
||||
* which is provided by the given callback.
|
||||
*
|
||||
* @param handler
|
||||
* The handler to be invoked in the right user context.
|
||||
* @param username
|
||||
* Callback to obtain the real user the user context should be
|
||||
* established for.
|
||||
* @param tenantAware
|
||||
* The {@link TenantAware} bean to determine the current tenant
|
||||
* context.
|
||||
*/
|
||||
public static void runInNonSystemContext(@NotNull final Runnable handler, @NotNull final Supplier<String> username,
|
||||
@NotNull final TenantAware tenantAware) {
|
||||
final String currentUser = tenantAware.getCurrentUsername();
|
||||
if (isNonSystemUser(currentUser)) {
|
||||
handler.run();
|
||||
return;
|
||||
}
|
||||
final String user = username.get();
|
||||
log.debug("Switching user context from '{}' to '{}'", currentUser, user);
|
||||
tenantAware.runAsTenantAsUser(tenantAware.getCurrentTenant(), user, () -> {
|
||||
handler.run();
|
||||
return null;
|
||||
});
|
||||
}
|
||||
|
||||
private static boolean isNonSystemUser(final String user) {
|
||||
return (!(StringUtils.isEmpty(user) || SecurityContextTenantAware.SYSTEM_USER.equals(user)));
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user