From 7b67de3082747592eca30de9092e02ba240e9181 Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Fri, 3 Nov 2023 09:32:10 +0200 Subject: [PATCH] [#1360] Fix ConfigurationManagement#getState (#1467) Fix access control: HAS_AUTH_READ_TARGET -> IS_CONTROLLER or HAS_AUTH_READ_TARGET (shall be accessibly by targets when confirmation base is requested) Signed-off-by: Marinov Avgustin --- .../org/eclipse/hawkbit/repository/ConfirmationManagement.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ConfirmationManagement.java b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ConfirmationManagement.java index eaca0fb25..7ca480ab4 100644 --- a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ConfirmationManagement.java +++ b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ConfirmationManagement.java @@ -61,7 +61,8 @@ public interface ConfirmationManagement { * @return instance of {@link AutoConfirmationStatus} wrapped in an * {@link Optional}. Present if active and empty if disabled. */ - @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_TARGET) + @PreAuthorize(SpPermission.SpringEvalExpressions.IS_CONTROLLER + SpPermission.SpringEvalExpressions.HAS_AUTH_OR + + SpPermission.SpringEvalExpressions.HAS_AUTH_READ_TARGET) Optional getStatus(@NotEmpty String controllerId); /**