WithUser refactoring (#2944)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2026-02-27 14:30:52 +02:00
committed by GitHub
parent 5d043b2766
commit b38df5b512
11 changed files with 66 additions and 51 deletions

View File

@@ -10,7 +10,6 @@
package org.eclipse.hawkbit.repository;
import org.eclipse.hawkbit.auth.SpRole;
import org.eclipse.hawkbit.auth.SpringEvalExpressions;
import org.eclipse.hawkbit.repository.model.report.TenantUsage;
import org.springframework.security.access.prepost.PreAuthorize;

View File

@@ -50,7 +50,6 @@ import org.eclipse.hawkbit.repository.model.SoftwareModule;
import org.eclipse.hawkbit.repository.test.matcher.Expect;
import org.eclipse.hawkbit.repository.test.matcher.ExpectEvents;
import org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.junit.jupiter.api.Test;
/**
@@ -411,14 +410,6 @@ class ArtifactManagementTest extends AbstractJpaIntegrationTest {
}
}
@Test
@WithUser(authorities = {})
void getArtifactBinaryWithoutDownloadArtifactThrowsPermissionDenied() {
assertThatExceptionOfType(InsufficientPermissionException.class)
.as("Should not have worked with missing permission.")
.isThrownBy(() -> artifactManagement.getArtifactStream("123", 1, false));
}
/**
* Verifies that creation of an artifact with none matching hashes fails.
*/
@@ -537,7 +528,7 @@ class ArtifactManagementTest extends AbstractJpaIntegrationTest {
}
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
return SecurityContextSwitch.callAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
return SecurityContextSwitch.callAs(SecurityContextSwitch.withTenantAndUserAndAllPermissions(tenant, "user"), callable);
}
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {

View File

@@ -10,7 +10,7 @@
package org.eclipse.hawkbit.repository.jpa.management;
import static org.assertj.core.api.Assertions.assertThat;
import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.withUserAndTenant;
import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.withTenantAndUser;
import java.io.ByteArrayInputStream;
import java.util.ArrayList;
@@ -57,7 +57,7 @@ class SystemManagementTest extends AbstractJpaIntegrationTest {
for (int i = 0; i < tenants; i++) {
final String tenantname = "TENANT" + i;
SecurityContextSwitch.getAs(
withUserAndTenant(tenantname, "bumlux", new String[] { SpRole.SYSTEM_ROLE }, true, true),
withTenantAndUser(tenantname, "bumlux", new String[] { SpRole.SYSTEM_ROLE }, true, true),
() -> {
systemManagement.getTenantMetadataWithoutDetails();
if (artifactSize > 0) {

View File

@@ -71,7 +71,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
* Ensures that targets created by a tenant are not visible by another tenant.
*/
@Test
@WithUser(tenantId = "mytenant", authorities = SpRole.TENANT_ADMIN)
@WithUser(tenant = "mytenant", authorities = SpRole.TENANT_ADMIN)
void queryTargetFromDifferentTenantIsNotVisible() throws Exception {
// create target for another tenant
final String anotherTenant = "anotherTenant";
@@ -93,7 +93,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
* Ensures that tenant with proper permissions can read and delete other tenants.
*/
@Test
@WithUser(tenantId = "mytenant", authorities = SpRole.TENANT_ADMIN)
@WithUser(tenant = "mytenant", authorities = SpRole.TENANT_ADMIN)
void deleteAnotherTenantNotPossibleWithTenantPermissions() throws Exception {
// create target for another tenant
final String anotherTenant = "anotherTenant";
@@ -106,7 +106,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
}
@Test
@WithUser(tenantId = "mytenant", authorities = { SpRole.SYSTEM_ROLE })
@WithUser(tenant = "mytenant", authorities = { SpRole.SYSTEM_ROLE })
void deleteAnotherTenantPossibleWithSystemRole() throws Exception {
// create target for another tenant
final String anotherTenant = "anotherTenant";
@@ -122,7 +122,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
* Ensures that tenant metadata is retrieved for the current tenant.
*/
@Test
@WithUser(tenantId = "mytenant", autoCreateTenant = false, authorities = SpRole.TENANT_ADMIN)
@WithUser(tenant = "mytenant", autoCreateTenant = false, authorities = SpRole.TENANT_ADMIN)
void getTenantMetdata() throws Exception {
// logged in tenant mytenant - check if tenant default data is autogenerated
assertThat(distributionSetTypeManagement.findAll(PAGE)).isEmpty();
@@ -133,7 +133,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
// check that the cache is not getting in the way, i.e. "bumlux" results in bumlux and not mytenant
assertThat(SecurityContextSwitch.getAs(
SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", "bumlux"),
SecurityContextSwitch.withTenantAndUserAndAllPermissions("bumlux", "user"),
() -> systemManagement.getTenantMetadataWithoutDetails().getTenant().toUpperCase()))
.isEqualTo("bumlux".toUpperCase());
}
@@ -142,7 +142,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
* Ensures that targets created from a different tenant cannot be deleted from other tenants
*/
@Test
@WithUser(tenantId = "mytenant", authorities = SpRole.TENANT_ADMIN)
@WithUser(tenant = "mytenant", authorities = SpRole.TENANT_ADMIN)
void deleteTargetFromOtherTenantIsNotPossible() throws Exception {
// create target for another tenant
final String anotherTenant = "anotherTenant";
@@ -191,7 +191,7 @@ class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
}
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
return SecurityContextSwitch.callAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
return SecurityContextSwitch.callAs(SecurityContextSwitch.withTenantAndUserAndAllPermissions(tenant, "user"), callable);
}
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {

View File

@@ -38,7 +38,6 @@ import org.awaitility.Awaitility;
import org.awaitility.core.ConditionFactory;
import org.eclipse.hawkbit.artifact.ArtifactStorage;
import org.eclipse.hawkbit.artifact.exception.ArtifactStoreException;
import org.eclipse.hawkbit.auth.SpRole;
import org.eclipse.hawkbit.repository.ArtifactManagement;
import org.eclipse.hawkbit.repository.ConfirmationManagement;
import org.eclipse.hawkbit.repository.ControllerManagement;

View File

@@ -67,7 +67,7 @@ public class SecurityContextSwitch {
setSecurityContext(withUser);
try {
if (withUser.autoCreateTenant()) {
createTenant(withUser.tenantId());
createTenant(withUser.tenant());
}
return callable.call();
} finally {
@@ -93,18 +93,18 @@ public class SecurityContextSwitch {
}
public static WithUser withController(final String principal, final String... authorities) {
return withUserAndTenant(DEFAULT_TENANT, principal, authorities, true, true);
return withTenantAndUser(DEFAULT_TENANT, principal, authorities, true, true);
}
public static WithUser withUser(final String principal, final String... authorities) {
return withUserAndTenant(DEFAULT_TENANT, principal, authorities, false, true);
return withTenantAndUser(DEFAULT_TENANT, principal, authorities, false, true);
}
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant) {
return withUserAndTenant(tenant, principal, new String[] { SpRole.TENANT_ADMIN }, false, true);
public static WithUser withTenantAndUserAndAllPermissions(final String tenant, final String principal) {
return withTenantAndUser(tenant, principal, new String[] { SpRole.TENANT_ADMIN }, false, true);
}
public static WithUser withUserAndTenant(
public static WithUser withTenantAndUser(
final String tenant, final String principal, final String[] authorities,
final boolean controller, final boolean autoCreateTenant) {
return new WithUserImpl(tenant, principal, authorities, controller, autoCreateTenant);
@@ -114,11 +114,11 @@ public class SecurityContextSwitch {
SecurityContextHolder.setContext(new WithUserSecurityContext(annotation));
}
private static void createTenant(final String tenantId) {
private static void createTenant(final String tenant) {
final SecurityContext oldContext = SecurityContextHolder.getContext();
setSecurityContext(PRIVILEGED_USER);
try {
systemManagement.createTenantMetadata(tenantId);
systemManagement.createTenantMetadata(tenant);
} finally {
SecurityContextHolder.setContext(oldContext);
}
@@ -140,17 +140,17 @@ public class SecurityContextSwitch {
WithUserSecurityContext(final WithUser annotation) {
this.annotation = annotation;
if (annotation.autoCreateTenant()) {
createTenant(annotation.tenantId());
createTenant(annotation.tenant());
}
}
@Override
public Authentication getAuthentication() {
final TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken(
new TenantAwareUser(annotation.principal(), "***", null, annotation.tenantId()),
new TenantAwareUser(annotation.principal(), "***", null, annotation.tenant()),
annotation.credentials(), annotation.authorities());
testingAuthenticationToken.setDetails(
new TenantAwareAuthenticationDetails(annotation.tenantId(), annotation.controller()));
new TenantAwareAuthenticationDetails(annotation.tenant(), annotation.controller()));
return testingAuthenticationToken;
}
@@ -201,7 +201,7 @@ public class SecurityContextSwitch {
}
@Override
public String tenantId() {
public String tenant() {
return tenant;
}

View File

@@ -33,7 +33,7 @@ public @interface WithUser {
*
* @return test tenant id
*/
String tenantId() default "DEFAULT";
String tenant() default "DEFAULT";
/**
* Gets the test principal.