Fixed broken repo access security checks.

Signed-off-by: Kai Zimmermann <kai.zimmermann@bosch-si.com>
This commit is contained in:
Kai Zimmermann
2016-06-02 08:20:55 +02:00
parent 561e6b9706
commit 935ca2f963
2 changed files with 7 additions and 3 deletions

View File

@@ -177,7 +177,6 @@ public interface ControllerManagement {
* @return the security context of the target, in case no target exists for
* the given controllerId {@code null} is returned
*/
@PreAuthorize(SpringEvalExpressions.IS_CONTROLLER)
String getSecurityTokenByControllerId(@NotEmpty String controllerId);
/**

View File

@@ -47,6 +47,7 @@ import org.eclipse.hawkbit.repository.model.TargetInfo;
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.model.TenantConfiguration;
import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
import org.eclipse.hawkbit.security.SystemSecurityContext;
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -102,6 +103,9 @@ public class JpaControllerManagement implements ControllerManagement {
@Autowired
private CacheWriteNotify cacheWriteNotify;
@Autowired
private SystemSecurityContext systemSecurityContext;
@Override
public String getPollingTime() {
final TenantConfigurationKey configurationKey = TenantConfigurationKey.POLLING_TIME_INTERVAL;
@@ -109,8 +113,9 @@ public class JpaControllerManagement implements ControllerManagement {
JpaTenantConfigurationManagement.validateTenantConfigurationDataType(configurationKey, propertyType);
final TenantConfiguration tenantConfiguration = tenantConfigurationRepository
.findByKey(configurationKey.getKeyName());
return tenantConfigurationManagement
.buildTenantConfigurationValueByKey(configurationKey, propertyType, tenantConfiguration).getValue();
return systemSecurityContext.runAsSystem(() -> tenantConfigurationManagement
.buildTenantConfigurationValueByKey(configurationKey, propertyType, tenantConfiguration).getValue());
}
@Override