More consistent auditor (#1756)

* action initiated by is set as current auditor - not user
* auto assigned by is set as current auditor - not user
PS: some unused method removed from DeplopymenHelper

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2024-06-27 15:31:45 +03:00
committed by GitHub
parent 494170405a
commit 719062215f
4 changed files with 18 additions and 48 deletions

View File

@@ -653,10 +653,10 @@ public class RepositoryApplicationConfiguration extends JpaBaseConfiguration {
final DistributionSetManagement distributionSetManagement, final QuotaManagement quotaManagement,
final JpaProperties properties, final TenantConfigurationManagement tenantConfigurationManagement,
final RepositoryProperties repositoryProperties,
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware) {
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware, final AuditorAware<String> auditorAware) {
return new JpaTargetFilterQueryManagement(targetFilterQueryRepository, targetManagement,
virtualPropertyReplacer, distributionSetManagement, quotaManagement, properties.getDatabase(),
tenantConfigurationManagement, repositoryProperties, systemSecurityContext, contextAware);
tenantConfigurationManagement, repositoryProperties, systemSecurityContext, contextAware, auditorAware);
}
@@ -813,11 +813,11 @@ public class RepositoryApplicationConfiguration extends JpaBaseConfiguration {
final EventPublisherHolder eventPublisherHolder, final AfterTransactionCommitExecutor afterCommit,
final VirtualPropertyReplacer virtualPropertyReplacer, final PlatformTransactionManager txManager,
final TenantConfigurationManagement tenantConfigurationManagement, final QuotaManagement quotaManagement,
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware,
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware, final AuditorAware<String> auditorAware,
final JpaProperties properties, final RepositoryProperties repositoryProperties) {
return new JpaDeploymentManagement(entityManager, actionRepository, distributionSetManagement, targetRepository, actionStatusRepository, auditorProvider,
eventPublisherHolder, afterCommit, virtualPropertyReplacer, txManager, tenantConfigurationManagement,
quotaManagement, systemSecurityContext, tenantAware, properties.getDatabase(), repositoryProperties);
quotaManagement, systemSecurityContext, tenantAware, auditorAware, properties.getDatabase(), repositoryProperties);
}
@Bean

View File

@@ -149,6 +149,7 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
private final TenantConfigurationManagement tenantConfigurationManagement;
private final SystemSecurityContext systemSecurityContext;
private final TenantAware tenantAware;
private final AuditorAware<String> auditorAware;
private final Database database;
private final RetryTemplate retryTemplate;
@@ -158,8 +159,8 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
final EventPublisherHolder eventPublisherHolder, final AfterTransactionCommitExecutor afterCommit,
final VirtualPropertyReplacer virtualPropertyReplacer, final PlatformTransactionManager txManager,
final TenantConfigurationManagement tenantConfigurationManagement, final QuotaManagement quotaManagement,
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware, final Database database,
final RepositoryProperties repositoryProperties) {
final SystemSecurityContext systemSecurityContext, final TenantAware tenantAware, final AuditorAware<String> auditorAware,
final Database database, final RepositoryProperties repositoryProperties) {
super(actionRepository, actionStatusRepository, quotaManagement, repositoryProperties);
this.entityManager = entityManager;
this.distributionSetManagement = distributionSetManagement;
@@ -176,6 +177,7 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
this.tenantConfigurationManagement = tenantConfigurationManagement;
this.systemSecurityContext = systemSecurityContext;
this.tenantAware = tenantAware;
this.auditorAware = auditorAware;
this.database = database;
this.retryTemplate = createRetryTemplate();
}
@@ -191,8 +193,9 @@ public class JpaDeploymentManagement extends JpaActionManagement implements Depl
.map(entry -> DeploymentManagement.deploymentRequest(entry.getKey(), entry.getValue()).build())
.toList();
return assignDistributionSets(tenantAware.getCurrentUsername(), deploymentRequests, null,
offlineDsAssignmentStrategy);
return assignDistributionSets(
auditorAware.getCurrentAuditor().orElse(tenantAware.getCurrentUsername()),
deploymentRequests, null, offlineDsAssignmentStrategy);
}
@Override

View File

@@ -52,6 +52,7 @@ import org.eclipse.hawkbit.repository.rsql.VirtualPropertyReplacer;
import org.eclipse.hawkbit.security.SystemSecurityContext;
import org.eclipse.hawkbit.utils.TenantConfigHelper;
import org.springframework.dao.ConcurrencyFailureException;
import org.springframework.data.domain.AuditorAware;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Slice;
@@ -82,6 +83,7 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
private final RepositoryProperties repositoryProperties;
private final SystemSecurityContext systemSecurityContext;
private final ContextAware contextAware;
private final AuditorAware<String> auditorAware;
private final Database database;
public JpaTargetFilterQueryManagement(final TargetFilterQueryRepository targetFilterQueryRepository,
@@ -89,7 +91,7 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
final DistributionSetManagement distributionSetManagement, final QuotaManagement quotaManagement,
final Database database, final TenantConfigurationManagement tenantConfigurationManagement,
final RepositoryProperties repositoryProperties,
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware) {
final SystemSecurityContext systemSecurityContext, final ContextAware contextAware, final AuditorAware<String> auditorAware) {
this.targetFilterQueryRepository = targetFilterQueryRepository;
this.targetManagement = targetManagement;
this.virtualPropertyReplacer = virtualPropertyReplacer;
@@ -100,6 +102,7 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
this.repositoryProperties = repositoryProperties;
this.systemSecurityContext = systemSecurityContext;
this.contextAware = contextAware;
this.auditorAware = auditorAware;
}
@Override
@@ -282,7 +285,8 @@ public class JpaTargetFilterQueryManagement implements TargetFilterQueryManageme
targetFilterQuery.setAutoAssignDistributionSet(distributionSet);
contextAware.getCurrentContext().ifPresent(targetFilterQuery::setAccessControlContext);
targetFilterQuery.setAutoAssignInitiatedBy(contextAware.getCurrentUsername());
targetFilterQuery.setAutoAssignInitiatedBy(
auditorAware.getCurrentAuditor().orElse(targetFilterQuery.getCreatedBy()));
targetFilterQuery.setAutoAssignActionType(sanitizeAutoAssignActionType(update.getActionType()));
targetFilterQuery.setAutoAssignWeight(
update.getWeight() == null ? repositoryProperties.getActionWeightIfAbsent() : update.getWeight());

View File

@@ -10,7 +10,6 @@
package org.eclipse.hawkbit.repository.jpa.utils;
import java.util.List;
import java.util.function.Supplier;
import jakarta.validation.constraints.NotNull;
@@ -26,8 +25,6 @@ import org.eclipse.hawkbit.repository.jpa.specifications.ActionSpecifications;
import org.eclipse.hawkbit.repository.model.Action;
import org.eclipse.hawkbit.repository.model.Action.Status;
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.security.SecurityContextTenantAware;
import org.eclipse.hawkbit.tenancy.TenantAware;
import org.springframework.data.domain.Sort;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.TransactionDefinition;
@@ -35,7 +32,6 @@ import org.springframework.transaction.annotation.Isolation;
import org.springframework.transaction.support.DefaultTransactionDefinition;
import org.springframework.transaction.support.TransactionCallback;
import org.springframework.transaction.support.TransactionTemplate;
import org.springframework.util.StringUtils;
/**
* Utility class for deployment related topics.
@@ -121,37 +117,4 @@ public final class DeploymentHelper {
def.setIsolationLevel(isolationLevel);
return new TransactionTemplate(txManager, def).execute(action);
}
/**
* Runs the given handler in a non-system user context. Switches to the user
* which is provided by the given callback.
*
* @param handler
* The handler to be invoked in the right user context.
* @param username
* Callback to obtain the real user the user context should be
* established for.
* @param tenantAware
* The {@link TenantAware} bean to determine the current tenant
* context.
*/
public static void runInNonSystemContext(@NotNull final Runnable handler, @NotNull final Supplier<String> username,
@NotNull final TenantAware tenantAware) {
final String currentUser = tenantAware.getCurrentUsername();
if (isNonSystemUser(currentUser)) {
handler.run();
return;
}
final String user = username.get();
log.debug("Switching user context from '{}' to '{}'", currentUser, user);
tenantAware.runAsTenantAsUser(tenantAware.getCurrentTenant(), user, () -> {
handler.run();
return null;
});
}
private static boolean isNonSystemUser(final String user) {
return (!(StringUtils.isEmpty(user) || SecurityContextTenantAware.SYSTEM_USER.equals(user)));
}
}
}