Removed deprecated GridFS column from repository (#419)
* Merged artifact sha1 hash and gridfs column. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Renamed exception to get rid of old GridFS name. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Added test description. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Fix typo. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com>
This commit is contained in:
@@ -9,6 +9,7 @@
|
||||
package org.eclipse.hawkbit.amqp;
|
||||
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.Optional;
|
||||
import java.util.UUID;
|
||||
|
||||
import org.eclipse.hawkbit.api.HostnameResolver;
|
||||
@@ -116,60 +117,60 @@ public class AmqpAuthenticationMessageHandler extends BaseAmqpService {
|
||||
*
|
||||
* @param secruityToken
|
||||
* the security token which holds the target ID to check on
|
||||
* @param artifactId
|
||||
* the artifact to verify if the given target is allowed to
|
||||
* @param sha1Hash
|
||||
* of the artifact to verify if the given target is allowed to
|
||||
* download it
|
||||
*/
|
||||
private void checkIfArtifactIsAssignedToTarget(final TenantSecurityToken secruityToken, final Long artifactId) {
|
||||
private void checkIfArtifactIsAssignedToTarget(final TenantSecurityToken secruityToken, final String sha1Hash) {
|
||||
|
||||
if (secruityToken.getControllerId() != null) {
|
||||
checkByControllerId(artifactId, secruityToken.getControllerId());
|
||||
checkByControllerId(sha1Hash, secruityToken.getControllerId());
|
||||
} else if (secruityToken.getTargetId() != null) {
|
||||
checkByTargetId(artifactId, secruityToken.getTargetId());
|
||||
checkByTargetId(sha1Hash, secruityToken.getTargetId());
|
||||
} else {
|
||||
LOG.info("anonymous download no authentication check for artifact {}", artifactId);
|
||||
LOG.info("anonymous download no authentication check for artifact {}", sha1Hash);
|
||||
return;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void checkByTargetId(final Long artifactId, final Long targetId) {
|
||||
private void checkByTargetId(final String sha1Hash, final Long targetId) {
|
||||
LOG.debug("no anonymous download request, doing authentication check for target {} and artifact {}", targetId,
|
||||
artifactId);
|
||||
if (!controllerManagement.hasTargetArtifactAssigned(targetId, artifactId)) {
|
||||
LOG.info("target {} tried to download artifact {} which is not assigned to the target", targetId,
|
||||
artifactId);
|
||||
sha1Hash);
|
||||
if (!controllerManagement.hasTargetArtifactAssigned(targetId, sha1Hash)) {
|
||||
LOG.info("target {} tried to download artifact {} which is not assigned to the target", targetId, sha1Hash);
|
||||
throw new EntityNotFoundException();
|
||||
}
|
||||
LOG.info("download security check for target {} and artifact {} granted", targetId, artifactId);
|
||||
LOG.info("download security check for target {} and artifact {} granted", targetId, sha1Hash);
|
||||
}
|
||||
|
||||
private void checkByControllerId(final Long artifactId, final String controllerId) {
|
||||
private void checkByControllerId(final String sha1Hash, final String controllerId) {
|
||||
LOG.debug("no anonymous download request, doing authentication check for target {} and artifact {}",
|
||||
controllerId, artifactId);
|
||||
if (!controllerManagement.hasTargetArtifactAssigned(controllerId, artifactId)) {
|
||||
controllerId, sha1Hash);
|
||||
if (!controllerManagement.hasTargetArtifactAssigned(controllerId, sha1Hash)) {
|
||||
LOG.info("target {} tried to download artifact {} which is not assigned to the target", controllerId,
|
||||
artifactId);
|
||||
sha1Hash);
|
||||
throw new EntityNotFoundException();
|
||||
}
|
||||
LOG.info("download security check for target {} and artifact {} granted", controllerId, artifactId);
|
||||
LOG.info("download security check for target {} and artifact {} granted", controllerId, sha1Hash);
|
||||
}
|
||||
|
||||
private org.eclipse.hawkbit.repository.model.Artifact findArtifactByFileResource(final FileResource fileResource) {
|
||||
private Optional<String> findArtifactByFileResource(final FileResource fileResource) {
|
||||
if (fileResource.getSha1() != null) {
|
||||
return artifactManagement.findFirstArtifactBySHA1(fileResource.getSha1());
|
||||
return Optional.ofNullable(fileResource.getSha1());
|
||||
} else if (fileResource.getFilename() != null) {
|
||||
return artifactManagement.findArtifactByFilename(fileResource.getFilename()).stream().findFirst()
|
||||
.orElse(null);
|
||||
.map(org.eclipse.hawkbit.repository.model.Artifact::getSha1Hash);
|
||||
} else if (fileResource.getArtifactId() != null) {
|
||||
return artifactManagement.findArtifact(fileResource.getArtifactId());
|
||||
return Optional.ofNullable(artifactManagement.findArtifact(fileResource.getArtifactId()))
|
||||
.map(org.eclipse.hawkbit.repository.model.Artifact::getSha1Hash);
|
||||
} else if (fileResource.getSoftwareModuleFilenameResource() != null) {
|
||||
return artifactManagement
|
||||
.findByFilenameAndSoftwareModule(fileResource.getSoftwareModuleFilenameResource().getFilename(),
|
||||
fileResource.getSoftwareModuleFilenameResource().getSoftwareModuleId())
|
||||
.stream().findFirst().orElse(null);
|
||||
.stream().findFirst().map(org.eclipse.hawkbit.repository.model.Artifact::getSha1Hash);
|
||||
}
|
||||
return null;
|
||||
return Optional.empty();
|
||||
}
|
||||
|
||||
private static Artifact convertDbArtifact(final DbArtifact dbArtifact) {
|
||||
@@ -189,26 +190,24 @@ public class AmqpAuthenticationMessageHandler extends BaseAmqpService {
|
||||
try {
|
||||
SecurityContextHolder.getContext().setAuthentication(authenticationManager.doAuthenticate(secruityToken));
|
||||
|
||||
final org.eclipse.hawkbit.repository.model.Artifact localArtifact = findArtifactByFileResource(
|
||||
fileResource);
|
||||
final Optional<String> sha1Hash = findArtifactByFileResource(fileResource);
|
||||
|
||||
if (localArtifact == null) {
|
||||
if (!sha1Hash.isPresent()) {
|
||||
LOG.info("target {} requested file resource {} which does not exists to download",
|
||||
secruityToken.getControllerId(), fileResource);
|
||||
throw new EntityNotFoundException();
|
||||
}
|
||||
|
||||
checkIfArtifactIsAssignedToTarget(secruityToken, localArtifact.getId());
|
||||
checkIfArtifactIsAssignedToTarget(secruityToken, sha1Hash.get());
|
||||
|
||||
final Artifact artifact = convertDbArtifact(artifactManagement.loadArtifactBinary(localArtifact.getId()));
|
||||
final Artifact artifact = convertDbArtifact(artifactManagement.loadArtifactBinary(sha1Hash.get()));
|
||||
if (artifact == null) {
|
||||
throw new EntityNotFoundException();
|
||||
}
|
||||
authentificationResponse.setArtifact(artifact);
|
||||
final String downloadId = UUID.randomUUID().toString();
|
||||
// SHA1 key is set, download by SHA1
|
||||
final DownloadArtifactCache downloadCache = new DownloadArtifactCache(DownloadType.BY_SHA1,
|
||||
localArtifact.getSha1Hash());
|
||||
final DownloadArtifactCache downloadCache = new DownloadArtifactCache(DownloadType.BY_SHA1, sha1Hash.get());
|
||||
cache.put(downloadId, downloadCache);
|
||||
authentificationResponse
|
||||
.setDownloadUrl(UriComponentsBuilder.fromUri(hostnameResolver.resolveHostname().toURI())
|
||||
|
||||
@@ -152,7 +152,7 @@ public class AmqpControllerAuthenticationTest {
|
||||
|
||||
authenticationManager.postConstruct();
|
||||
|
||||
final JpaArtifact testArtifact = new JpaArtifact("afilename", "afilename", new JpaSoftwareModule(
|
||||
final JpaArtifact testArtifact = new JpaArtifact(SHA1, "afilename", new JpaSoftwareModule(
|
||||
new JpaSoftwareModuleType("a key", "a name", null, 1), "a name", null, null, null));
|
||||
testArtifact.setId(1L);
|
||||
|
||||
@@ -161,8 +161,8 @@ public class AmqpControllerAuthenticationTest {
|
||||
|
||||
final DbArtifact artifact = new DbArtifact();
|
||||
artifact.setSize(ARTIFACT_SIZE);
|
||||
artifact.setHashes(new DbArtifactHash("sha1 test", "md5 test"));
|
||||
when(artifactManagementMock.loadArtifactBinary(1L)).thenReturn(artifact);
|
||||
artifact.setHashes(new DbArtifactHash(SHA1, "md5 test"));
|
||||
when(artifactManagementMock.loadArtifactBinary(SHA1)).thenReturn(artifact);
|
||||
|
||||
amqpMessageHandlerService = new AmqpMessageHandlerService(rabbitTemplate,
|
||||
mock(AmqpMessageDispatcherService.class), controllerManagementMock, new JpaEntityFactory());
|
||||
@@ -173,8 +173,8 @@ public class AmqpControllerAuthenticationTest {
|
||||
|
||||
when(hostnameResolverMock.resolveHostname()).thenReturn(new URL("http://localhost"));
|
||||
|
||||
when(controllerManagementMock.hasTargetArtifactAssigned(TARGET_ID, 1L)).thenReturn(true);
|
||||
when(controllerManagementMock.hasTargetArtifactAssigned(CONTROLLER_ID, 1L)).thenReturn(true);
|
||||
when(controllerManagementMock.hasTargetArtifactAssigned(TARGET_ID, SHA1)).thenReturn(true);
|
||||
when(controllerManagementMock.hasTargetArtifactAssigned(CONTROLLER_ID, SHA1)).thenReturn(true);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -10,7 +10,6 @@ package org.eclipse.hawkbit.amqp;
|
||||
|
||||
import static org.fest.assertions.api.Assertions.assertThat;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.mockito.Matchers.anyLong;
|
||||
import static org.mockito.Matchers.anyObject;
|
||||
import static org.mockito.Matchers.anyString;
|
||||
import static org.mockito.Mockito.mock;
|
||||
@@ -79,9 +78,10 @@ import ru.yandex.qatools.allure.annotations.Stories;
|
||||
@Stories("AmqpMessage Handler Service Test")
|
||||
public class AmqpMessageHandlerServiceTest {
|
||||
|
||||
private static final String SHA1 = "12345";
|
||||
private static final String TENANT = "DEFAULT";
|
||||
private static final Long TENANT_ID = 123L;
|
||||
private static String CONTROLLLER_ID = "123";
|
||||
private static final String CONTROLLLER_ID = "123";
|
||||
private static final Long TARGET_ID = 123L;
|
||||
|
||||
private AmqpMessageHandlerService amqpMessageHandlerService;
|
||||
@@ -362,17 +362,16 @@ public class AmqpMessageHandlerServiceTest {
|
||||
|
||||
// mock
|
||||
final Artifact localArtifactMock = mock(Artifact.class);
|
||||
final Long mockedArtifactId = 1L;
|
||||
when(localArtifactMock.getId()).thenReturn(mockedArtifactId);
|
||||
when(localArtifactMock.getSha1Hash()).thenReturn(SHA1);
|
||||
|
||||
final DbArtifact dbArtifactMock = mock(DbArtifact.class);
|
||||
when(artifactManagementMock.findFirstArtifactBySHA1(anyString())).thenReturn(localArtifactMock);
|
||||
when(controllerManagementMock.hasTargetArtifactAssigned(securityToken.getControllerId(), mockedArtifactId))
|
||||
when(artifactManagementMock.findFirstArtifactBySHA1(SHA1)).thenReturn(localArtifactMock);
|
||||
when(controllerManagementMock.hasTargetArtifactAssigned(securityToken.getControllerId(), SHA1))
|
||||
.thenReturn(true);
|
||||
when(artifactManagementMock.loadArtifactBinary(anyLong())).thenReturn(dbArtifactMock);
|
||||
when(artifactManagementMock.loadArtifactBinary(anyString())).thenReturn(dbArtifactMock);
|
||||
when(dbArtifactMock.getArtifactId()).thenReturn("artifactId");
|
||||
when(dbArtifactMock.getSize()).thenReturn(1L);
|
||||
when(dbArtifactMock.getHashes()).thenReturn(new DbArtifactHash("sha1", "md5"));
|
||||
when(dbArtifactMock.getHashes()).thenReturn(new DbArtifactHash(SHA1, "md5"));
|
||||
when(hostnameResolverMock.resolveHostname()).thenReturn(new URL("http://localhost"));
|
||||
|
||||
// test
|
||||
@@ -384,7 +383,7 @@ public class AmqpMessageHandlerServiceTest {
|
||||
assertThat(downloadResponse.getResponseCode()).as("Message body response code is wrong")
|
||||
.isEqualTo(HttpStatus.OK.value());
|
||||
assertThat(downloadResponse.getArtifact().getSize()).as("Wrong artifact size in message body").isEqualTo(1L);
|
||||
assertThat(downloadResponse.getArtifact().getHashes().getSha1()).as("Wrong sha1 hash").isEqualTo("sha1");
|
||||
assertThat(downloadResponse.getArtifact().getHashes().getSha1()).as("Wrong sha1 hash").isEqualTo(SHA1);
|
||||
assertThat(downloadResponse.getArtifact().getHashes().getMd5()).as("Wrong md5 hash").isEqualTo("md5");
|
||||
assertThat(downloadResponse.getDownloadUrl()).as("download url is wrong")
|
||||
.startsWith("http://localhost/api/v1/downloadserver/downloadId/");
|
||||
|
||||
Reference in New Issue
Block a user