Fixed broken repo access security checks.
Signed-off-by: Kai Zimmermann <kai.zimmermann@bosch-si.com>
This commit is contained in:
@@ -177,7 +177,6 @@ public interface ControllerManagement {
|
|||||||
* @return the security context of the target, in case no target exists for
|
* @return the security context of the target, in case no target exists for
|
||||||
* the given controllerId {@code null} is returned
|
* the given controllerId {@code null} is returned
|
||||||
*/
|
*/
|
||||||
@PreAuthorize(SpringEvalExpressions.IS_CONTROLLER)
|
|
||||||
String getSecurityTokenByControllerId(@NotEmpty String controllerId);
|
String getSecurityTokenByControllerId(@NotEmpty String controllerId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -47,6 +47,7 @@ import org.eclipse.hawkbit.repository.model.TargetInfo;
|
|||||||
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
|
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
|
||||||
import org.eclipse.hawkbit.repository.model.TenantConfiguration;
|
import org.eclipse.hawkbit.repository.model.TenantConfiguration;
|
||||||
import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
|
import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
|
||||||
|
import org.eclipse.hawkbit.security.SystemSecurityContext;
|
||||||
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey;
|
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
@@ -102,6 +103,9 @@ public class JpaControllerManagement implements ControllerManagement {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private CacheWriteNotify cacheWriteNotify;
|
private CacheWriteNotify cacheWriteNotify;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private SystemSecurityContext systemSecurityContext;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getPollingTime() {
|
public String getPollingTime() {
|
||||||
final TenantConfigurationKey configurationKey = TenantConfigurationKey.POLLING_TIME_INTERVAL;
|
final TenantConfigurationKey configurationKey = TenantConfigurationKey.POLLING_TIME_INTERVAL;
|
||||||
@@ -109,8 +113,9 @@ public class JpaControllerManagement implements ControllerManagement {
|
|||||||
JpaTenantConfigurationManagement.validateTenantConfigurationDataType(configurationKey, propertyType);
|
JpaTenantConfigurationManagement.validateTenantConfigurationDataType(configurationKey, propertyType);
|
||||||
final TenantConfiguration tenantConfiguration = tenantConfigurationRepository
|
final TenantConfiguration tenantConfiguration = tenantConfigurationRepository
|
||||||
.findByKey(configurationKey.getKeyName());
|
.findByKey(configurationKey.getKeyName());
|
||||||
return tenantConfigurationManagement
|
|
||||||
.buildTenantConfigurationValueByKey(configurationKey, propertyType, tenantConfiguration).getValue();
|
return systemSecurityContext.runAsSystem(() -> tenantConfigurationManagement
|
||||||
|
.buildTenantConfigurationValueByKey(configurationKey, propertyType, tenantConfiguration).getValue());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
Reference in New Issue
Block a user