Make SecurityContextSwitch more intuitive (#1715)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2024-04-12 17:48:58 +03:00
committed by GitHub
parent 1f2dd28ab6
commit da67193e0f
5 changed files with 13 additions and 17 deletions

View File

@@ -611,7 +611,7 @@ public class ArtifactManagementTest extends AbstractJpaIntegrationTest {
}
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
}
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {

View File

@@ -133,7 +133,7 @@ public class SystemManagementTest extends AbstractJpaIntegrationTest {
for (int i = 0; i < tenants; i++) {
final String tenantname = "tenant" + i;
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("bumlux", tenantname, true, true, false,
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("bumlux", tenantname, true, true, false,
SpringEvalExpressions.SYSTEM_ROLE), () -> {
systemManagement.getTenantMetadata();
if (artifactSize > 0) {

View File

@@ -188,15 +188,15 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
// retrieve security token only with READ_TARGET_SEC_TOKEN permission
final String securityTokenWithReadPermission = SecurityContextSwitch.runAs(
SecurityContextSwitch.withUser("OnlyTargetReadPermission", false, SpPermission.READ_TARGET_SEC_TOKEN),
SecurityContextSwitch.withUser("OnlyTargetReadPermission", SpPermission.READ_TARGET_SEC_TOKEN),
createdTarget::getSecurityToken);
// retrieve security token only with ROLE_TARGET_ADMIN permission
final String securityTokenWithTargetAdminPermission = SecurityContextSwitch.runAs(
SecurityContextSwitch.withUser("OnlyTargetAdminPermission", false, SpRole.TARGET_ADMIN),
SecurityContextSwitch.withUser("OnlyTargetAdminPermission", SpRole.TARGET_ADMIN),
createdTarget::getSecurityToken);
// retrieve security token only with ROLE_TENANT_ADMIN permission
final String securityTokenWithTenantAdminPermission = SecurityContextSwitch.runAs(
SecurityContextSwitch.withUser("OnlyTenantAdminPermission", false, SpRole.TENANT_ADMIN),
SecurityContextSwitch.withUser("OnlyTenantAdminPermission", SpRole.TENANT_ADMIN),
createdTarget::getSecurityToken);
// retrieve security token as system code execution
@@ -204,7 +204,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
// retrieve security token without any permissions
final String securityTokenWithoutPermission = SecurityContextSwitch
.runAs(SecurityContextSwitch.withUser("NoPermission", false), createdTarget::getSecurityToken);
.runAs(SecurityContextSwitch.withUser("NoPermission"), createdTarget::getSecurityToken);
assertThat(createdTarget.getSecurityToken()).isEqualTo("token");
assertThat(securityTokenWithReadPermission).isNotNull();

View File

@@ -117,7 +117,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
// check that the cache is not getting in the way, i.e. "bumlux" results
// in bumlux and not
// mytenant
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", "bumlux"),
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", "bumlux"),
() -> systemManagement.getTenantMetadata().getTenant().toUpperCase()))
.isEqualTo("bumlux".toUpperCase());
}
@@ -171,7 +171,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
}
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
}
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {

View File

@@ -64,22 +64,18 @@ public class SecurityContextSwitch {
}
public static WithUser withController(final String principal, final String... authorities) {
return withUserAndTenant(principal, DEFAULT_TENANT, true, false, true, authorities);
return withUserAndTenantAllSpPermissions(principal, DEFAULT_TENANT, true, false, true, authorities);
}
public static WithUser withUser(final String principal, final String... authorities) {
return withUserAndTenant(principal, DEFAULT_TENANT, true, false, false, authorities);
return withUserAndTenantAllSpPermissions(principal, DEFAULT_TENANT, true, false, false, authorities);
}
public static WithUser withUser(final String principal, final boolean allSpPermision, final String... authorities) {
return withUserAndTenant(principal, DEFAULT_TENANT, true, allSpPermision, false, authorities);
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant) {
return withUserAndTenantAllSpPermissions(principal, tenant, true, true, false);
}
public static WithUser withUserAndTenant(final String principal, final String tenant, final String... authorities) {
return withUserAndTenant(principal, tenant, true, true, false, authorities);
}
public static WithUser withUserAndTenant(final String principal, final String tenant,
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant,
final boolean autoCreateTenant, final boolean allSpPermission, final boolean controller,
final String... authorities) {
return createWithUser(principal, tenant, autoCreateTenant, allSpPermission, controller, authorities);