From 935ca2f963ceaf783a536ddb53b564e7926670b7 Mon Sep 17 00:00:00 2001 From: Kai Zimmermann Date: Thu, 2 Jun 2016 08:20:55 +0200 Subject: [PATCH] Fixed broken repo access security checks. Signed-off-by: Kai Zimmermann --- .../eclipse/hawkbit/repository/ControllerManagement.java | 1 - .../hawkbit/repository/jpa/JpaControllerManagement.java | 9 +++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java index f8615bcc3..531da8819 100644 --- a/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java +++ b/hawkbit-repository/hawkbit-repository-api/src/main/java/org/eclipse/hawkbit/repository/ControllerManagement.java @@ -177,7 +177,6 @@ public interface ControllerManagement { * @return the security context of the target, in case no target exists for * the given controllerId {@code null} is returned */ - @PreAuthorize(SpringEvalExpressions.IS_CONTROLLER) String getSecurityTokenByControllerId(@NotEmpty String controllerId); /** diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/JpaControllerManagement.java b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/JpaControllerManagement.java index 80de385c8..77b71e661 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/JpaControllerManagement.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/JpaControllerManagement.java @@ -47,6 +47,7 @@ import org.eclipse.hawkbit.repository.model.TargetInfo; import org.eclipse.hawkbit.repository.model.TargetUpdateStatus; import org.eclipse.hawkbit.repository.model.TenantConfiguration; import org.eclipse.hawkbit.security.HawkbitSecurityProperties; +import org.eclipse.hawkbit.security.SystemSecurityContext; import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -102,6 +103,9 @@ public class JpaControllerManagement implements ControllerManagement { @Autowired private CacheWriteNotify cacheWriteNotify; + @Autowired + private SystemSecurityContext systemSecurityContext; + @Override public String getPollingTime() { final TenantConfigurationKey configurationKey = TenantConfigurationKey.POLLING_TIME_INTERVAL; @@ -109,8 +113,9 @@ public class JpaControllerManagement implements ControllerManagement { JpaTenantConfigurationManagement.validateTenantConfigurationDataType(configurationKey, propertyType); final TenantConfiguration tenantConfiguration = tenantConfigurationRepository .findByKey(configurationKey.getKeyName()); - return tenantConfigurationManagement - .buildTenantConfigurationValueByKey(configurationKey, propertyType, tenantConfiguration).getValue(); + + return systemSecurityContext.runAsSystem(() -> tenantConfigurationManagement + .buildTenantConfigurationValueByKey(configurationKey, propertyType, tenantConfiguration).getValue()); } @Override