From 9e715c292c520167454d9e8b1d909cba2c65351c Mon Sep 17 00:00:00 2001 From: Michael Herdt <55577866+herdt-michael@users.noreply.github.com> Date: Thu, 20 Feb 2020 13:44:36 +0100 Subject: [PATCH] Read tenant configuration value from system context to prevent permission issues while loading the rollouts view. (#937) Signed-off-by: Michael Herdt --- .../eclipse/hawkbit/ui/rollout/RolloutView.java | 6 ++++-- .../ui/rollout/rollout/RolloutListGrid.java | 15 ++++++++++++--- .../ui/rollout/rollout/RolloutListView.java | 8 ++++++-- 3 files changed, 22 insertions(+), 7 deletions(-) diff --git a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/RolloutView.java b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/RolloutView.java index 99b34a56c..462cb97aa 100644 --- a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/RolloutView.java +++ b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/RolloutView.java @@ -21,6 +21,7 @@ import org.eclipse.hawkbit.repository.TargetFilterQueryManagement; import org.eclipse.hawkbit.repository.TargetManagement; import org.eclipse.hawkbit.repository.TenantConfigurationManagement; import org.eclipse.hawkbit.repository.model.Rollout; +import org.eclipse.hawkbit.security.SystemSecurityContext; import org.eclipse.hawkbit.ui.AbstractHawkbitUI; import org.eclipse.hawkbit.ui.SpPermissionChecker; import org.eclipse.hawkbit.ui.UiProperties; @@ -74,12 +75,13 @@ public class RolloutView extends VerticalLayout implements View { final RolloutGroupManagement rolloutGroupManagement, final TargetManagement targetManagement, final UINotification uiNotification, final UiProperties uiProperties, final EntityFactory entityFactory, final VaadinMessageSource i18n, final TargetFilterQueryManagement targetFilterQueryManagement, - final QuotaManagement quotaManagement, final TenantConfigurationManagement tenantConfigManagement) { + final QuotaManagement quotaManagement, final TenantConfigurationManagement tenantConfigManagement, + final SystemSecurityContext systemSecurityContext) { this.permChecker = permissionChecker; this.rolloutManagement = rolloutManagement; this.rolloutListView = new RolloutListView(permissionChecker, rolloutUIState, eventBus, rolloutManagement, targetManagement, uiNotification, uiProperties, entityFactory, i18n, targetFilterQueryManagement, - rolloutGroupManagement, quotaManagement, tenantConfigManagement); + rolloutGroupManagement, quotaManagement, tenantConfigManagement, systemSecurityContext); this.rolloutGroupsListView = new RolloutGroupsListView(i18n, eventBus, rolloutGroupManagement, rolloutUIState, permissionChecker); this.rolloutGroupTargetsListView = new RolloutGroupTargetsListView(eventBus, i18n, rolloutUIState); diff --git a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListGrid.java b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListGrid.java index 3be245884..f856196f1 100644 --- a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListGrid.java +++ b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListGrid.java @@ -31,6 +31,7 @@ import org.eclipse.hawkbit.repository.model.Rollout; import org.eclipse.hawkbit.repository.model.Rollout.RolloutStatus; import org.eclipse.hawkbit.repository.model.TotalTargetCountStatus; import org.eclipse.hawkbit.repository.model.TotalTargetCountStatus.Status; +import org.eclipse.hawkbit.security.SystemSecurityContext; import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey; import org.eclipse.hawkbit.ui.SpPermissionChecker; import org.eclipse.hawkbit.ui.UiProperties; @@ -100,6 +101,8 @@ public class RolloutListGrid extends AbstractGrid { private final transient TenantConfigurationManagement tenantConfigManagement; + private final transient SystemSecurityContext systemSecurityContext; + private final AddUpdateRolloutWindowLayout addUpdateRolloutWindow; private final UINotification uiNotification; @@ -163,7 +166,8 @@ public class RolloutListGrid extends AbstractGrid { final TargetManagement targetManagement, final EntityFactory entityFactory, final UiProperties uiProperties, final TargetFilterQueryManagement targetFilterQueryManagement, final RolloutGroupManagement rolloutGroupManagement, final QuotaManagement quotaManagement, - final TenantConfigurationManagement tenantConfigManagement) { + final TenantConfigurationManagement tenantConfigManagement, + final SystemSecurityContext systemSecurityContext) { super(i18n, eventBus, permissionChecker); this.rolloutManagement = rolloutManagement; this.rolloutGroupManagement = rolloutGroupManagement; @@ -173,6 +177,7 @@ public class RolloutListGrid extends AbstractGrid { rolloutGroupManagement, quotaManagement); this.uiNotification = uiNotification; this.rolloutUIState = rolloutUIState; + this.systemSecurityContext = systemSecurityContext; alignGenerator = new AlignCellStyleGenerator(null, centerAlignedColumns, null); setGeneratedPropertySupport(new RolloutGeneratedPropertySupport()); @@ -858,8 +863,7 @@ public class RolloutListGrid extends AbstractGrid { if (!permissionChecker.hasRolloutCreatePermission()) { modifiableColumnsList.remove(VIRT_PROP_COPY); } - if (!permissionChecker.hasRolloutApprovalPermission() || !tenantConfigManagement - .getConfigurationValue(TenantConfigurationKey.ROLLOUT_APPROVAL_ENABLED, Boolean.class).getValue()) { + if (!permissionChecker.hasRolloutApprovalPermission() || !isRolloutApprovalEnabled()) { modifiableColumnsList.remove(VIRT_PROP_APPROVE); } if (!permissionChecker.hasRolloutDeletePermission()) { @@ -873,4 +877,9 @@ public class RolloutListGrid extends AbstractGrid { setColumns(modifiableColumnsList.toArray()); } + private boolean isRolloutApprovalEnabled(){ + return systemSecurityContext.runAsSystem(() -> tenantConfigManagement + .getConfigurationValue(TenantConfigurationKey.ROLLOUT_APPROVAL_ENABLED, Boolean.class).getValue()); + } + } diff --git a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListView.java b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListView.java index 8bfbc4c3c..f2a952389 100644 --- a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListView.java +++ b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/rollout/rollout/RolloutListView.java @@ -15,6 +15,7 @@ import org.eclipse.hawkbit.repository.RolloutManagement; import org.eclipse.hawkbit.repository.TargetFilterQueryManagement; import org.eclipse.hawkbit.repository.TargetManagement; import org.eclipse.hawkbit.repository.TenantConfigurationManagement; +import org.eclipse.hawkbit.security.SystemSecurityContext; import org.eclipse.hawkbit.ui.SpPermissionChecker; import org.eclipse.hawkbit.ui.UiProperties; import org.eclipse.hawkbit.ui.common.grid.AbstractGrid; @@ -40,6 +41,7 @@ public class RolloutListView extends AbstractGridComponentLayout { private final transient TargetFilterQueryManagement targetFilterQueryManagement; private final transient QuotaManagement quotaManagement; private final transient TenantConfigurationManagement tenantConfigManagement; + private final transient SystemSecurityContext systemSecurityContext; private final SpPermissionChecker permissionChecker; private final RolloutUIState rolloutUIState; @@ -52,7 +54,8 @@ public class RolloutListView extends AbstractGridComponentLayout { final UiProperties uiProperties, final EntityFactory entityFactory, final VaadinMessageSource i18n, final TargetFilterQueryManagement targetFilterQueryManagement, final RolloutGroupManagement rolloutGroupManagement, final QuotaManagement quotaManagement, - final TenantConfigurationManagement tenantConfigManagement) { + final TenantConfigurationManagement tenantConfigManagement, + final SystemSecurityContext systemSecurityContext) { super(i18n, eventBus); this.permissionChecker = permissionChecker; this.rolloutUIState = rolloutUIState; @@ -65,6 +68,7 @@ public class RolloutListView extends AbstractGridComponentLayout { this.entityFactory = entityFactory; this.targetFilterQueryManagement = targetFilterQueryManagement; this.tenantConfigManagement = tenantConfigManagement; + this.systemSecurityContext = systemSecurityContext; init(); } @@ -85,7 +89,7 @@ public class RolloutListView extends AbstractGridComponentLayout { public AbstractGrid createGrid() { return new RolloutListGrid(getI18n(), getEventBus(), rolloutManagement, uiNotification, rolloutUIState, permissionChecker, targetManagement, entityFactory, uiProperties, targetFilterQueryManagement, - rolloutGroupManagement, quotaManagement, tenantConfigManagement); + rolloutGroupManagement, quotaManagement, tenantConfigManagement, systemSecurityContext); } }