Make SecurityContextSwitch more intuitive (#1715)
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -611,7 +611,7 @@ public class ArtifactManagementTest extends AbstractJpaIntegrationTest {
|
||||
}
|
||||
|
||||
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
||||
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
|
||||
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
|
||||
}
|
||||
|
||||
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {
|
||||
|
||||
@@ -133,7 +133,7 @@ public class SystemManagementTest extends AbstractJpaIntegrationTest {
|
||||
|
||||
for (int i = 0; i < tenants; i++) {
|
||||
final String tenantname = "tenant" + i;
|
||||
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("bumlux", tenantname, true, true, false,
|
||||
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("bumlux", tenantname, true, true, false,
|
||||
SpringEvalExpressions.SYSTEM_ROLE), () -> {
|
||||
systemManagement.getTenantMetadata();
|
||||
if (artifactSize > 0) {
|
||||
|
||||
@@ -188,15 +188,15 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
|
||||
|
||||
// retrieve security token only with READ_TARGET_SEC_TOKEN permission
|
||||
final String securityTokenWithReadPermission = SecurityContextSwitch.runAs(
|
||||
SecurityContextSwitch.withUser("OnlyTargetReadPermission", false, SpPermission.READ_TARGET_SEC_TOKEN),
|
||||
SecurityContextSwitch.withUser("OnlyTargetReadPermission", SpPermission.READ_TARGET_SEC_TOKEN),
|
||||
createdTarget::getSecurityToken);
|
||||
// retrieve security token only with ROLE_TARGET_ADMIN permission
|
||||
final String securityTokenWithTargetAdminPermission = SecurityContextSwitch.runAs(
|
||||
SecurityContextSwitch.withUser("OnlyTargetAdminPermission", false, SpRole.TARGET_ADMIN),
|
||||
SecurityContextSwitch.withUser("OnlyTargetAdminPermission", SpRole.TARGET_ADMIN),
|
||||
createdTarget::getSecurityToken);
|
||||
// retrieve security token only with ROLE_TENANT_ADMIN permission
|
||||
final String securityTokenWithTenantAdminPermission = SecurityContextSwitch.runAs(
|
||||
SecurityContextSwitch.withUser("OnlyTenantAdminPermission", false, SpRole.TENANT_ADMIN),
|
||||
SecurityContextSwitch.withUser("OnlyTenantAdminPermission", SpRole.TENANT_ADMIN),
|
||||
createdTarget::getSecurityToken);
|
||||
|
||||
// retrieve security token as system code execution
|
||||
@@ -204,7 +204,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
|
||||
|
||||
// retrieve security token without any permissions
|
||||
final String securityTokenWithoutPermission = SecurityContextSwitch
|
||||
.runAs(SecurityContextSwitch.withUser("NoPermission", false), createdTarget::getSecurityToken);
|
||||
.runAs(SecurityContextSwitch.withUser("NoPermission"), createdTarget::getSecurityToken);
|
||||
|
||||
assertThat(createdTarget.getSecurityToken()).isEqualTo("token");
|
||||
assertThat(securityTokenWithReadPermission).isNotNull();
|
||||
|
||||
@@ -117,7 +117,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
// check that the cache is not getting in the way, i.e. "bumlux" results
|
||||
// in bumlux and not
|
||||
// mytenant
|
||||
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", "bumlux"),
|
||||
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", "bumlux"),
|
||||
() -> systemManagement.getTenantMetadata().getTenant().toUpperCase()))
|
||||
.isEqualTo("bumlux".toUpperCase());
|
||||
}
|
||||
@@ -171,7 +171,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
||||
}
|
||||
|
||||
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
||||
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
|
||||
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
|
||||
}
|
||||
|
||||
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {
|
||||
|
||||
@@ -64,22 +64,18 @@ public class SecurityContextSwitch {
|
||||
}
|
||||
|
||||
public static WithUser withController(final String principal, final String... authorities) {
|
||||
return withUserAndTenant(principal, DEFAULT_TENANT, true, false, true, authorities);
|
||||
return withUserAndTenantAllSpPermissions(principal, DEFAULT_TENANT, true, false, true, authorities);
|
||||
}
|
||||
|
||||
public static WithUser withUser(final String principal, final String... authorities) {
|
||||
return withUserAndTenant(principal, DEFAULT_TENANT, true, false, false, authorities);
|
||||
return withUserAndTenantAllSpPermissions(principal, DEFAULT_TENANT, true, false, false, authorities);
|
||||
}
|
||||
|
||||
public static WithUser withUser(final String principal, final boolean allSpPermision, final String... authorities) {
|
||||
return withUserAndTenant(principal, DEFAULT_TENANT, true, allSpPermision, false, authorities);
|
||||
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant) {
|
||||
return withUserAndTenantAllSpPermissions(principal, tenant, true, true, false);
|
||||
}
|
||||
|
||||
public static WithUser withUserAndTenant(final String principal, final String tenant, final String... authorities) {
|
||||
return withUserAndTenant(principal, tenant, true, true, false, authorities);
|
||||
}
|
||||
|
||||
public static WithUser withUserAndTenant(final String principal, final String tenant,
|
||||
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant,
|
||||
final boolean autoCreateTenant, final boolean allSpPermission, final boolean controller,
|
||||
final String... authorities) {
|
||||
return createWithUser(principal, tenant, autoCreateTenant, allSpPermission, controller, authorities);
|
||||
|
||||
Reference in New Issue
Block a user