reduce usage of getTenantMetadata(String)
Signed-off-by: Michael Hirsch <michael.hirsch@bosch-si.com>
This commit is contained in:
@@ -321,7 +321,7 @@ public class SecurityManagedConfiguration {
|
|||||||
userAuthenticationFilter.destroy();
|
userAuthenticationFilter.destroy();
|
||||||
}
|
}
|
||||||
}, RequestHeaderAuthenticationFilter.class)
|
}, RequestHeaderAuthenticationFilter.class)
|
||||||
.addFilterAfter(new AuthenticationSuccessTenantMetadataCreationFilter(tenantAware, systemManagement,
|
.addFilterAfter(new AuthenticationSuccessTenantMetadataCreationFilter(systemManagement,
|
||||||
systemSecurityContext), SessionManagementFilter.class)
|
systemSecurityContext), SessionManagementFilter.class)
|
||||||
.authorizeRequests().anyRequest().authenticated()
|
.authorizeRequests().anyRequest().authenticated()
|
||||||
.antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
|
.antMatchers(MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/**")
|
||||||
@@ -531,8 +531,8 @@ class TenantMetadataSavedRequestAwareVaadinAuthenticationSuccessHandler extends
|
|||||||
public void onAuthenticationSuccess(final Authentication authentication) throws Exception {
|
public void onAuthenticationSuccess(final Authentication authentication) throws Exception {
|
||||||
|
|
||||||
if (authentication.getClass().equals(TenantUserPasswordAuthenticationToken.class)) {
|
if (authentication.getClass().equals(TenantUserPasswordAuthenticationToken.class)) {
|
||||||
systemManagement
|
systemSecurityContext.runAsSystemAsTenant(() -> systemManagement.getTenantMetadata(),
|
||||||
.getTenantMetadata(((TenantUserPasswordAuthenticationToken) authentication).getTenant().toString());
|
((TenantUserPasswordAuthenticationToken) authentication).getTenant().toString());
|
||||||
} else if (authentication.getClass().equals(UsernamePasswordAuthenticationToken.class)) {
|
} else if (authentication.getClass().equals(UsernamePasswordAuthenticationToken.class)) {
|
||||||
// TODO: vaadin4spring-ext-security does not give us the
|
// TODO: vaadin4spring-ext-security does not give us the
|
||||||
// fullyAuthenticatedToken
|
// fullyAuthenticatedToken
|
||||||
@@ -542,8 +542,7 @@ class TenantMetadataSavedRequestAwareVaadinAuthenticationSuccessHandler extends
|
|||||||
// vaadin4spring 0.0.7 because it
|
// vaadin4spring 0.0.7 because it
|
||||||
// has been fixed.
|
// has been fixed.
|
||||||
final String defaultTenant = "DEFAULT";
|
final String defaultTenant = "DEFAULT";
|
||||||
systemSecurityContext.runAsSystemAsTenant(() -> systemManagement.getTenantMetadata(defaultTenant),
|
systemSecurityContext.runAsSystemAsTenant(() -> systemManagement.getTenantMetadata(), defaultTenant);
|
||||||
defaultTenant);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
super.onAuthenticationSuccess(authentication);
|
super.onAuthenticationSuccess(authentication);
|
||||||
@@ -555,13 +554,11 @@ class TenantMetadataSavedRequestAwareVaadinAuthenticationSuccessHandler extends
|
|||||||
*/
|
*/
|
||||||
class AuthenticationSuccessTenantMetadataCreationFilter implements Filter {
|
class AuthenticationSuccessTenantMetadataCreationFilter implements Filter {
|
||||||
|
|
||||||
private final TenantAware tenantAware;
|
|
||||||
private final SystemManagement systemManagement;
|
private final SystemManagement systemManagement;
|
||||||
private final SystemSecurityContext systemSecurityContext;
|
private final SystemSecurityContext systemSecurityContext;
|
||||||
|
|
||||||
AuthenticationSuccessTenantMetadataCreationFilter(final TenantAware tenantAware,
|
AuthenticationSuccessTenantMetadataCreationFilter(final SystemManagement systemManagement,
|
||||||
final SystemManagement systemManagement, final SystemSecurityContext systemSecurityContext) {
|
final SystemSecurityContext systemSecurityContext) {
|
||||||
this.tenantAware = tenantAware;
|
|
||||||
this.systemManagement = systemManagement;
|
this.systemManagement = systemManagement;
|
||||||
this.systemSecurityContext = systemSecurityContext;
|
this.systemSecurityContext = systemSecurityContext;
|
||||||
}
|
}
|
||||||
@@ -575,14 +572,10 @@ class AuthenticationSuccessTenantMetadataCreationFilter implements Filter {
|
|||||||
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
|
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
|
||||||
throws IOException, ServletException {
|
throws IOException, ServletException {
|
||||||
|
|
||||||
final String currentTenant = tenantAware.getCurrentTenant();
|
// lazy initialize tenant meta data after successful authentication
|
||||||
if (currentTenant != null) {
|
systemSecurityContext.runAsSystem(() -> systemManagement.getTenantMetadata());
|
||||||
// lazy initialize tenant meta data after successful authentication
|
|
||||||
systemSecurityContext.runAsSystemAsTenant(() -> systemManagement.getTenantMetadata(currentTenant),
|
|
||||||
currentTenant);
|
|
||||||
}
|
|
||||||
|
|
||||||
chain.doFilter(request, response);
|
chain.doFilter(request, response);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
@@ -40,7 +40,6 @@ import org.eclipse.hawkbit.repository.model.SoftwareModule;
|
|||||||
import org.eclipse.hawkbit.repository.model.Target;
|
import org.eclipse.hawkbit.repository.model.Target;
|
||||||
import org.eclipse.hawkbit.repository.model.TargetWithActionType;
|
import org.eclipse.hawkbit.repository.model.TargetWithActionType;
|
||||||
import org.eclipse.hawkbit.security.SystemSecurityContext;
|
import org.eclipse.hawkbit.security.SystemSecurityContext;
|
||||||
import org.eclipse.hawkbit.tenancy.TenantAware;
|
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@@ -73,9 +72,6 @@ public class MgmtDistributionSetResource implements MgmtDistributionSetRestApi {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private SystemManagement systemManagement;
|
private SystemManagement systemManagement;
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private TenantAware currentTenant;
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private EntityFactory entityFactory;
|
private EntityFactory entityFactory;
|
||||||
|
|
||||||
@@ -123,8 +119,8 @@ public class MgmtDistributionSetResource implements MgmtDistributionSetRestApi {
|
|||||||
|
|
||||||
LOG.debug("creating {} distribution sets", sets.size());
|
LOG.debug("creating {} distribution sets", sets.size());
|
||||||
// set default Ds type if ds type is null
|
// set default Ds type if ds type is null
|
||||||
final String defaultDsKey = systemSecurityContext.runAsSystem(() -> this.systemManagement
|
final String defaultDsKey = systemSecurityContext
|
||||||
.getTenantMetadata(this.currentTenant.getCurrentTenant()).getDefaultDsType().getKey());
|
.runAsSystem(() -> this.systemManagement.getTenantMetadata().getDefaultDsType().getKey());
|
||||||
sets.stream().filter(ds -> ds.getType() == null).forEach(ds -> ds.setType(defaultDsKey));
|
sets.stream().filter(ds -> ds.getType() == null).forEach(ds -> ds.setType(defaultDsKey));
|
||||||
|
|
||||||
final Iterable<DistributionSet> createdDSets = this.distributionSetManagement
|
final Iterable<DistributionSet> createdDSets = this.distributionSetManagement
|
||||||
|
|||||||
@@ -8,6 +8,9 @@
|
|||||||
*/
|
*/
|
||||||
package org.eclipse.hawkbit.repository.test.util;
|
package org.eclipse.hawkbit.repository.test.util;
|
||||||
|
|
||||||
|
import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.CONTROLLER_ROLE;
|
||||||
|
import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.SYSTEM_ROLE;
|
||||||
|
|
||||||
import org.eclipse.hawkbit.ExcludePathAwareShallowETagFilter;
|
import org.eclipse.hawkbit.ExcludePathAwareShallowETagFilter;
|
||||||
import org.eclipse.hawkbit.repository.ArtifactManagement;
|
import org.eclipse.hawkbit.repository.ArtifactManagement;
|
||||||
import org.eclipse.hawkbit.repository.ControllerManagement;
|
import org.eclipse.hawkbit.repository.ControllerManagement;
|
||||||
@@ -58,7 +61,7 @@ import org.springframework.web.context.WebApplicationContext;
|
|||||||
@RunWith(SpringJUnit4ClassRunner.class)
|
@RunWith(SpringJUnit4ClassRunner.class)
|
||||||
@WebAppConfiguration
|
@WebAppConfiguration
|
||||||
@ActiveProfiles({ "test" })
|
@ActiveProfiles({ "test" })
|
||||||
@WithUser(principal = "bumlux", allSpPermissions = true, authorities = "ROLE_CONTROLLER")
|
@WithUser(principal = "bumlux", allSpPermissions = true, authorities = { CONTROLLER_ROLE, SYSTEM_ROLE })
|
||||||
@SpringApplicationConfiguration(classes = { TestConfiguration.class })
|
@SpringApplicationConfiguration(classes = { TestConfiguration.class })
|
||||||
// destroy the context after each test class because otherwise we get problem
|
// destroy the context after each test class because otherwise we get problem
|
||||||
// when context is
|
// when context is
|
||||||
|
|||||||
Reference in New Issue
Block a user