Unified secman test (#2606)

* Unified Security Management Test

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Add unified ManagementSecurityTest

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2025-08-13 12:12:16 +03:00
committed by GitHub
parent c5bbbeaac7
commit 8abf7275c4
9 changed files with 538 additions and 113 deletions

View File

@@ -9,43 +9,31 @@
*/
package org.eclipse.hawkbit.repository;
import org.eclipse.hawkbit.im.authentication.SpPermission;
import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
import org.eclipse.hawkbit.repository.model.DistributionSet;
import org.eclipse.hawkbit.repository.model.DistributionSetInvalidation;
import org.eclipse.hawkbit.repository.model.DistributionSetInvalidationCount;
import org.springframework.security.access.prepost.PreAuthorize;
/**
* A DistributionSetInvalidationManagement service provides operations to
* invalidate {@link DistributionSet}s.
* A DistributionSetInvalidationManagement service provides operations to invalidate {@link DistributionSet}s.
*/
public interface DistributionSetInvalidationManagement {
public interface DistributionSetInvalidationManagement extends PermissionSupport {
@Override
default String permissionGroup() {
return SpPermission.DISTRIBUTION_SET;
}
/**
* Invalidates a given {@link DistributionSet}. The invalidation always
* cancels all auto assignments referring this {@link DistributionSet} and
* can not be undone. Optionally, all rollouts and actions referring this
* {@link DistributionSet} can be canceled.
* Invalidates a given {@link DistributionSet}. The invalidation always cancels all auto assignments referring this {@link DistributionSet}
* and can not be undone. Optionally, all rollouts and actions referring this {@link DistributionSet} can be canceled.
* <p>
* {@link PreAuthorize} missing intentionally as it relies on the permission set defined in the management api methods that it calls internally.
*
* @param distributionSetInvalidation defines the {@link DistributionSet} and options what should be
* canceled
* @param distributionSetInvalidation defines the {@link DistributionSet} and options what should be canceled
*/
@PreAuthorize(SpringEvalExpressions.HAS_UPDATE_REPOSITORY)
void invalidateDistributionSet(final DistributionSetInvalidation distributionSetInvalidation);
/**
* Counts all entities for a list of {@link DistributionSet}s that will be
* canceled when invalidation is called for those {@link DistributionSet}s.
* <p>
* {@link PreAuthorize} missing intentionally as it relies on the permission set defined in the management api methods that it calls internally.
*
* @param distributionSetInvalidation defines the {@link DistributionSet} and options what should be
* canceled
* @return The {@link DistributionSetInvalidationCount} object that holds
* information about the count of affected rollouts,
* auto-assignments and actions
*/
DistributionSetInvalidationCount countEntitiesForInvalidation(
final DistributionSetInvalidation distributionSetInvalidation);
}
}