fix the lookup of artifacts with the same lookup key, e.g. SHA1 hash if

multiple artifacts with key exists for different software modules

Signed-off-by: Michael Hirsch <michael.hirsch@bosch-si.com>
This commit is contained in:
Michael Hirsch
2016-04-12 09:39:07 +02:00
parent 85ec59b04e
commit c4fd082098
3 changed files with 97 additions and 4 deletions

View File

@@ -166,6 +166,8 @@ public class AmqpMessageHandlerService extends BaseAmqpService {
final LocalArtifact localArtifact = findLocalArtifactByFileResource(fileResource);
if (localArtifact == null) {
LOG.info("target {} requested file resource which does not exists to download",
secruityToken.getControllerId(), fileResource);
throw new EntityNotFoundException();
}
@@ -175,10 +177,14 @@ public class AmqpMessageHandlerService extends BaseAmqpService {
// assigned to this controller. Otherwise no controllerId is set =
// anonymous download
if (secruityToken.getControllerId() != null) {
final Action action = controllerManagement.getActionForDownloadByTargetAndSoftwareModule(
secruityToken.getControllerId(), localArtifact.getSoftwareModule());
LOG.info("Found action for download authentication request action: {}, resource: {}", action,
secruityToken.getFileResource());
LOG.debug("no anonymous download request, doing authentication check for target {} and artifact {}",
secruityToken.getControllerId(), localArtifact);
if (!controllerManagement.hasTargetArtifactAssigned(secruityToken.getControllerId(), localArtifact)) {
LOG.info("target {} tried to download artifact {} which is not assigned to the target");
throw new EntityNotFoundException();
}
LOG.info("download security check for target {} and artifact {} granted",
secruityToken.getControllerId(), localArtifact);
}
final Artifact artifact = convertDbArtifact(artifactManagement.loadLocalArtifactBinary(localArtifact));

View File

@@ -28,12 +28,14 @@ import org.eclipse.hawkbit.repository.model.Action.Status;
import org.eclipse.hawkbit.repository.model.ActionStatus;
import org.eclipse.hawkbit.repository.model.ActionStatus_;
import org.eclipse.hawkbit.repository.model.DistributionSet;
import org.eclipse.hawkbit.repository.model.LocalArtifact;
import org.eclipse.hawkbit.repository.model.SoftwareModule;
import org.eclipse.hawkbit.repository.model.Target;
import org.eclipse.hawkbit.repository.model.TargetInfo;
import org.eclipse.hawkbit.repository.model.TargetUpdateStatus;
import org.eclipse.hawkbit.repository.model.Target_;
import org.eclipse.hawkbit.repository.model.TenantConfiguration;
import org.eclipse.hawkbit.repository.specifications.ActionSpecifications;
import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey;
import org.hibernate.validator.constraints.NotEmpty;
@@ -166,6 +168,31 @@ public class ControllerManagement {
return action.get(0);
}
/**
* Checks if a given target has currently or has even been assigned to the
* given artifact through the action history list. This can e.g. indicate if
* a target is allowed to download a given artifact because it has currently
* assigned or had ever been assigned to the target and so it's visible to a
* specific target e.g. for downloading.
*
* @param targetId
* the ID of the target to check
* @param localArtifact
* the artifact to verify if the given target had even been
* assigned to
* @return {@code true} if the given target has currently or had ever a
* relation to the given artifact through the action history,
* otherwise {@code false}
*/
public boolean hasTargetArtifactAssigned(@NotNull final String targetId,
@NotNull final LocalArtifact localArtifact) {
final Target target = targetRepository.findByControllerId(targetId);
if (target == null) {
return false;
}
return actionRepository.count(ActionSpecifications.hasTargetArtifactAssigned(target, localArtifact)) > 0;
}
/**
* Refreshes the time of the last time the controller has been connected to
* the server.

View File

@@ -0,0 +1,60 @@
/**
* Copyright (c) 2015 Bosch Software Innovations GmbH and others.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*/
package org.eclipse.hawkbit.repository.specifications;
import javax.persistence.criteria.Join;
import javax.persistence.criteria.ListJoin;
import javax.persistence.criteria.SetJoin;
import org.eclipse.hawkbit.repository.model.Action;
import org.eclipse.hawkbit.repository.model.Action_;
import org.eclipse.hawkbit.repository.model.DistributionSet;
import org.eclipse.hawkbit.repository.model.DistributionSet_;
import org.eclipse.hawkbit.repository.model.LocalArtifact;
import org.eclipse.hawkbit.repository.model.LocalArtifact_;
import org.eclipse.hawkbit.repository.model.SoftwareModule;
import org.eclipse.hawkbit.repository.model.SoftwareModule_;
import org.eclipse.hawkbit.repository.model.Target;
import org.springframework.data.jpa.domain.Specification;
/**
* Utility class for {@link Action}s {@link Specification}s. The class provides
* Spring Data JPQL Specifications.
*
*/
public class ActionSpecifications {
private ActionSpecifications() {
// utility class
}
/**
* Specification which joins all necessary tables to retrieve the dependency
* between a target and a local file assignment through the assigen action
* of the target. All actions are included, not only active actions.
*
* @param target
* the target to verfiy if the given artifact is currently
* assigned or had been assigned
* @param localArtifact
* the local artifact to check wherever the target had ever been
* assigned
* @return a specification to use with spring JPA
*/
public static Specification<Action> hasTargetArtifactAssigned(final Target target,
final LocalArtifact localArtifact) {
return (actionRoot, query, cb) -> {
final Join<Action, DistributionSet> dsJoin = actionRoot.join(Action_.distributionSet);
final SetJoin<DistributionSet, SoftwareModule> modulesJoin = dsJoin.join(DistributionSet_.modules);
final ListJoin<SoftwareModule, LocalArtifact> artifactsJoin = modulesJoin.join(SoftwareModule_.artifacts);
return cb.and(cb.equal(artifactsJoin.get(LocalArtifact_.id), localArtifact.getId()),
cb.equal(actionRoot.get(Action_.target), target));
};
}
}