WithUser refactoring (#2944)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -10,7 +10,6 @@
|
||||
package org.eclipse.hawkbit.repository;
|
||||
|
||||
import org.eclipse.hawkbit.auth.SpRole;
|
||||
import org.eclipse.hawkbit.auth.SpringEvalExpressions;
|
||||
import org.eclipse.hawkbit.repository.model.report.TenantUsage;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
|
||||
@@ -50,7 +50,6 @@ import org.eclipse.hawkbit.repository.model.SoftwareModule;
|
||||
import org.eclipse.hawkbit.repository.test.matcher.Expect;
|
||||
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
|
||||
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
|
||||
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
/**
|
||||
@@ -411,14 +410,6 @@ class ArtifactManagementTest extends AbstractJpaIntegrationTest {
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUser(authorities = {})
|
||||
void getArtifactBinaryWithoutDownloadArtifactThrowsPermissionDenied() {
|
||||
assertThatExceptionOfType(InsufficientPermissionException.class)
|
||||
.as("Should not have worked with missing permission.")
|
||||
.isThrownBy(() -> artifactManagement.getArtifactStream("123", 1, false));
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies that creation of an artifact with none matching hashes fails.
|
||||
*/
|
||||
@@ -537,7 +528,7 @@ class ArtifactManagementTest extends AbstractJpaIntegrationTest {
|
||||
}
|
||||
|
||||
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
||||
return SecurityContextSwitch.callAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
|
||||
return SecurityContextSwitch.callAs(SecurityContextSwitch.withTenantAndUserAndAllPermissions(tenant, "user"), callable);
|
||||
}
|
||||
|
||||
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
package org.eclipse.hawkbit.repository.jpa.management;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.withUserAndTenant;
|
||||
import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.withTenantAndUser;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.util.ArrayList;
|
||||
@@ -57,7 +57,7 @@ class SystemManagementTest extends AbstractJpaIntegrationTest {
|
||||
for (int i = 0; i < tenants; i++) {
|
||||
final String tenantname = "TENANT" + i;
|
||||
SecurityContextSwitch.getAs(
|
||||
withUserAndTenant(tenantname, "bumlux", new String[] { SpRole.SYSTEM_ROLE }, true, true),
|
||||
withTenantAndUser(tenantname, "bumlux", new String[] { SpRole.SYSTEM_ROLE }, true, true),
|
||||
() -> {
|
||||
systemManagement.getTenantMetadataWithoutDetails();
|
||||
if (artifactSize > 0) {
|
||||
|
||||
@@ -71,7 +71,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
* Ensures that targets created by a tenant are not visible by another tenant.
|
||||
*/
|
||||
@Test
|
||||
@WithUser(tenantId = "mytenant", authorities = SpRole.TENANT_ADMIN)
|
||||
@WithUser(tenant = "mytenant", authorities = SpRole.TENANT_ADMIN)
|
||||
void queryTargetFromDifferentTenantIsNotVisible() throws Exception {
|
||||
// create target for another tenant
|
||||
final String anotherTenant = "anotherTenant";
|
||||
@@ -93,7 +93,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
* Ensures that tenant with proper permissions can read and delete other tenants.
|
||||
*/
|
||||
@Test
|
||||
@WithUser(tenantId = "mytenant", authorities = SpRole.TENANT_ADMIN)
|
||||
@WithUser(tenant = "mytenant", authorities = SpRole.TENANT_ADMIN)
|
||||
void deleteAnotherTenantNotPossibleWithTenantPermissions() throws Exception {
|
||||
// create target for another tenant
|
||||
final String anotherTenant = "anotherTenant";
|
||||
@@ -106,7 +106,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUser(tenantId = "mytenant", authorities = { SpRole.SYSTEM_ROLE })
|
||||
@WithUser(tenant = "mytenant", authorities = { SpRole.SYSTEM_ROLE })
|
||||
void deleteAnotherTenantPossibleWithSystemRole() throws Exception {
|
||||
// create target for another tenant
|
||||
final String anotherTenant = "anotherTenant";
|
||||
@@ -122,7 +122,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
* Ensures that tenant metadata is retrieved for the current tenant.
|
||||
*/
|
||||
@Test
|
||||
@WithUser(tenantId = "mytenant", autoCreateTenant = false, authorities = SpRole.TENANT_ADMIN)
|
||||
@WithUser(tenant = "mytenant", autoCreateTenant = false, authorities = SpRole.TENANT_ADMIN)
|
||||
void getTenantMetdata() throws Exception {
|
||||
// logged in tenant mytenant - check if tenant default data is autogenerated
|
||||
assertThat(distributionSetTypeManagement.findAll(PAGE)).isEmpty();
|
||||
@@ -133,7 +133,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
|
||||
// check that the cache is not getting in the way, i.e. "bumlux" results in bumlux and not mytenant
|
||||
assertThat(SecurityContextSwitch.getAs(
|
||||
SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", "bumlux"),
|
||||
SecurityContextSwitch.withTenantAndUserAndAllPermissions("bumlux", "user"),
|
||||
() -> systemManagement.getTenantMetadataWithoutDetails().getTenant().toUpperCase()))
|
||||
.isEqualTo("bumlux".toUpperCase());
|
||||
}
|
||||
@@ -142,7 +142,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
* Ensures that targets created from a different tenant cannot be deleted from other tenants
|
||||
*/
|
||||
@Test
|
||||
@WithUser(tenantId = "mytenant", authorities = SpRole.TENANT_ADMIN)
|
||||
@WithUser(tenant = "mytenant", authorities = SpRole.TENANT_ADMIN)
|
||||
void deleteTargetFromOtherTenantIsNotPossible() throws Exception {
|
||||
// create target for another tenant
|
||||
final String anotherTenant = "anotherTenant";
|
||||
@@ -191,7 +191,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
}
|
||||
|
||||
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
||||
return SecurityContextSwitch.callAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
|
||||
return SecurityContextSwitch.callAs(SecurityContextSwitch.withTenantAndUserAndAllPermissions(tenant, "user"), callable);
|
||||
}
|
||||
|
||||
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {
|
||||
|
||||
@@ -38,7 +38,6 @@ import org.awaitility.Awaitility;
|
||||
import org.awaitility.core.ConditionFactory;
|
||||
import org.eclipse.hawkbit.artifact.ArtifactStorage;
|
||||
import org.eclipse.hawkbit.artifact.exception.ArtifactStoreException;
|
||||
import org.eclipse.hawkbit.auth.SpRole;
|
||||
import org.eclipse.hawkbit.repository.ArtifactManagement;
|
||||
import org.eclipse.hawkbit.repository.ConfirmationManagement;
|
||||
import org.eclipse.hawkbit.repository.ControllerManagement;
|
||||
|
||||
@@ -67,7 +67,7 @@ public class SecurityContextSwitch {
|
||||
setSecurityContext(withUser);
|
||||
try {
|
||||
if (withUser.autoCreateTenant()) {
|
||||
createTenant(withUser.tenantId());
|
||||
createTenant(withUser.tenant());
|
||||
}
|
||||
return callable.call();
|
||||
} finally {
|
||||
@@ -93,18 +93,18 @@ public class SecurityContextSwitch {
|
||||
}
|
||||
|
||||
public static WithUser withController(final String principal, final String... authorities) {
|
||||
return withUserAndTenant(DEFAULT_TENANT, principal, authorities, true, true);
|
||||
return withTenantAndUser(DEFAULT_TENANT, principal, authorities, true, true);
|
||||
}
|
||||
|
||||
public static WithUser withUser(final String principal, final String... authorities) {
|
||||
return withUserAndTenant(DEFAULT_TENANT, principal, authorities, false, true);
|
||||
return withTenantAndUser(DEFAULT_TENANT, principal, authorities, false, true);
|
||||
}
|
||||
|
||||
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant) {
|
||||
return withUserAndTenant(tenant, principal, new String[] { SpRole.TENANT_ADMIN }, false, true);
|
||||
public static WithUser withTenantAndUserAndAllPermissions(final String tenant, final String principal) {
|
||||
return withTenantAndUser(tenant, principal, new String[] { SpRole.TENANT_ADMIN }, false, true);
|
||||
}
|
||||
|
||||
public static WithUser withUserAndTenant(
|
||||
public static WithUser withTenantAndUser(
|
||||
final String tenant, final String principal, final String[] authorities,
|
||||
final boolean controller, final boolean autoCreateTenant) {
|
||||
return new WithUserImpl(tenant, principal, authorities, controller, autoCreateTenant);
|
||||
@@ -114,11 +114,11 @@ public class SecurityContextSwitch {
|
||||
SecurityContextHolder.setContext(new WithUserSecurityContext(annotation));
|
||||
}
|
||||
|
||||
private static void createTenant(final String tenantId) {
|
||||
private static void createTenant(final String tenant) {
|
||||
final SecurityContext oldContext = SecurityContextHolder.getContext();
|
||||
setSecurityContext(PRIVILEGED_USER);
|
||||
try {
|
||||
systemManagement.createTenantMetadata(tenantId);
|
||||
systemManagement.createTenantMetadata(tenant);
|
||||
} finally {
|
||||
SecurityContextHolder.setContext(oldContext);
|
||||
}
|
||||
@@ -140,17 +140,17 @@ public class SecurityContextSwitch {
|
||||
WithUserSecurityContext(final WithUser annotation) {
|
||||
this.annotation = annotation;
|
||||
if (annotation.autoCreateTenant()) {
|
||||
createTenant(annotation.tenantId());
|
||||
createTenant(annotation.tenant());
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Authentication getAuthentication() {
|
||||
final TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken(
|
||||
new TenantAwareUser(annotation.principal(), "***", null, annotation.tenantId()),
|
||||
new TenantAwareUser(annotation.principal(), "***", null, annotation.tenant()),
|
||||
annotation.credentials(), annotation.authorities());
|
||||
testingAuthenticationToken.setDetails(
|
||||
new TenantAwareAuthenticationDetails(annotation.tenantId(), annotation.controller()));
|
||||
new TenantAwareAuthenticationDetails(annotation.tenant(), annotation.controller()));
|
||||
return testingAuthenticationToken;
|
||||
}
|
||||
|
||||
@@ -201,7 +201,7 @@ public class SecurityContextSwitch {
|
||||
}
|
||||
|
||||
@Override
|
||||
public String tenantId() {
|
||||
public String tenant() {
|
||||
return tenant;
|
||||
}
|
||||
|
||||
|
||||
@@ -33,7 +33,7 @@ public @interface WithUser {
|
||||
*
|
||||
* @return test tenant id
|
||||
*/
|
||||
String tenantId() default "DEFAULT";
|
||||
String tenant() default "DEFAULT";
|
||||
|
||||
/**
|
||||
* Gets the test principal.
|
||||
|
||||
Reference in New Issue
Block a user