Make SecurityContextSwitch more intuitive (#1715)
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -611,7 +611,7 @@ public class ArtifactManagementTest extends AbstractJpaIntegrationTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
||||||
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
|
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
|
||||||
}
|
}
|
||||||
|
|
||||||
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {
|
private SoftwareModule createSoftwareModuleForTenant(final String tenant) throws Exception {
|
||||||
|
|||||||
@@ -133,7 +133,7 @@ public class SystemManagementTest extends AbstractJpaIntegrationTest {
|
|||||||
|
|
||||||
for (int i = 0; i < tenants; i++) {
|
for (int i = 0; i < tenants; i++) {
|
||||||
final String tenantname = "tenant" + i;
|
final String tenantname = "tenant" + i;
|
||||||
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("bumlux", tenantname, true, true, false,
|
SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("bumlux", tenantname, true, true, false,
|
||||||
SpringEvalExpressions.SYSTEM_ROLE), () -> {
|
SpringEvalExpressions.SYSTEM_ROLE), () -> {
|
||||||
systemManagement.getTenantMetadata();
|
systemManagement.getTenantMetadata();
|
||||||
if (artifactSize > 0) {
|
if (artifactSize > 0) {
|
||||||
|
|||||||
@@ -188,15 +188,15 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
|
|||||||
|
|
||||||
// retrieve security token only with READ_TARGET_SEC_TOKEN permission
|
// retrieve security token only with READ_TARGET_SEC_TOKEN permission
|
||||||
final String securityTokenWithReadPermission = SecurityContextSwitch.runAs(
|
final String securityTokenWithReadPermission = SecurityContextSwitch.runAs(
|
||||||
SecurityContextSwitch.withUser("OnlyTargetReadPermission", false, SpPermission.READ_TARGET_SEC_TOKEN),
|
SecurityContextSwitch.withUser("OnlyTargetReadPermission", SpPermission.READ_TARGET_SEC_TOKEN),
|
||||||
createdTarget::getSecurityToken);
|
createdTarget::getSecurityToken);
|
||||||
// retrieve security token only with ROLE_TARGET_ADMIN permission
|
// retrieve security token only with ROLE_TARGET_ADMIN permission
|
||||||
final String securityTokenWithTargetAdminPermission = SecurityContextSwitch.runAs(
|
final String securityTokenWithTargetAdminPermission = SecurityContextSwitch.runAs(
|
||||||
SecurityContextSwitch.withUser("OnlyTargetAdminPermission", false, SpRole.TARGET_ADMIN),
|
SecurityContextSwitch.withUser("OnlyTargetAdminPermission", SpRole.TARGET_ADMIN),
|
||||||
createdTarget::getSecurityToken);
|
createdTarget::getSecurityToken);
|
||||||
// retrieve security token only with ROLE_TENANT_ADMIN permission
|
// retrieve security token only with ROLE_TENANT_ADMIN permission
|
||||||
final String securityTokenWithTenantAdminPermission = SecurityContextSwitch.runAs(
|
final String securityTokenWithTenantAdminPermission = SecurityContextSwitch.runAs(
|
||||||
SecurityContextSwitch.withUser("OnlyTenantAdminPermission", false, SpRole.TENANT_ADMIN),
|
SecurityContextSwitch.withUser("OnlyTenantAdminPermission", SpRole.TENANT_ADMIN),
|
||||||
createdTarget::getSecurityToken);
|
createdTarget::getSecurityToken);
|
||||||
|
|
||||||
// retrieve security token as system code execution
|
// retrieve security token as system code execution
|
||||||
@@ -204,7 +204,7 @@ class TargetManagementTest extends AbstractJpaIntegrationTest {
|
|||||||
|
|
||||||
// retrieve security token without any permissions
|
// retrieve security token without any permissions
|
||||||
final String securityTokenWithoutPermission = SecurityContextSwitch
|
final String securityTokenWithoutPermission = SecurityContextSwitch
|
||||||
.runAs(SecurityContextSwitch.withUser("NoPermission", false), createdTarget::getSecurityToken);
|
.runAs(SecurityContextSwitch.withUser("NoPermission"), createdTarget::getSecurityToken);
|
||||||
|
|
||||||
assertThat(createdTarget.getSecurityToken()).isEqualTo("token");
|
assertThat(createdTarget.getSecurityToken()).isEqualTo("token");
|
||||||
assertThat(securityTokenWithReadPermission).isNotNull();
|
assertThat(securityTokenWithReadPermission).isNotNull();
|
||||||
|
|||||||
@@ -117,7 +117,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
|||||||
// check that the cache is not getting in the way, i.e. "bumlux" results
|
// check that the cache is not getting in the way, i.e. "bumlux" results
|
||||||
// in bumlux and not
|
// in bumlux and not
|
||||||
// mytenant
|
// mytenant
|
||||||
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", "bumlux"),
|
assertThat(SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", "bumlux"),
|
||||||
() -> systemManagement.getTenantMetadata().getTenant().toUpperCase()))
|
() -> systemManagement.getTenantMetadata().getTenant().toUpperCase()))
|
||||||
.isEqualTo("bumlux".toUpperCase());
|
.isEqualTo("bumlux".toUpperCase());
|
||||||
}
|
}
|
||||||
@@ -171,7 +171,7 @@ public class MultiTenancyEntityTest extends AbstractJpaIntegrationTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
private <T> T runAsTenant(final String tenant, final Callable<T> callable) throws Exception {
|
||||||
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenant("user", tenant), callable);
|
return SecurityContextSwitch.runAs(SecurityContextSwitch.withUserAndTenantAllSpPermissions("user", tenant), callable);
|
||||||
}
|
}
|
||||||
|
|
||||||
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {
|
private Target createTargetForTenant(final String controllerId, final String tenant) throws Exception {
|
||||||
|
|||||||
@@ -64,22 +64,18 @@ public class SecurityContextSwitch {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public static WithUser withController(final String principal, final String... authorities) {
|
public static WithUser withController(final String principal, final String... authorities) {
|
||||||
return withUserAndTenant(principal, DEFAULT_TENANT, true, false, true, authorities);
|
return withUserAndTenantAllSpPermissions(principal, DEFAULT_TENANT, true, false, true, authorities);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static WithUser withUser(final String principal, final String... authorities) {
|
public static WithUser withUser(final String principal, final String... authorities) {
|
||||||
return withUserAndTenant(principal, DEFAULT_TENANT, true, false, false, authorities);
|
return withUserAndTenantAllSpPermissions(principal, DEFAULT_TENANT, true, false, false, authorities);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static WithUser withUser(final String principal, final boolean allSpPermision, final String... authorities) {
|
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant) {
|
||||||
return withUserAndTenant(principal, DEFAULT_TENANT, true, allSpPermision, false, authorities);
|
return withUserAndTenantAllSpPermissions(principal, tenant, true, true, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static WithUser withUserAndTenant(final String principal, final String tenant, final String... authorities) {
|
public static WithUser withUserAndTenantAllSpPermissions(final String principal, final String tenant,
|
||||||
return withUserAndTenant(principal, tenant, true, true, false, authorities);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static WithUser withUserAndTenant(final String principal, final String tenant,
|
|
||||||
final boolean autoCreateTenant, final boolean allSpPermission, final boolean controller,
|
final boolean autoCreateTenant, final boolean allSpPermission, final boolean controller,
|
||||||
final String... authorities) {
|
final String... authorities) {
|
||||||
return createWithUser(principal, tenant, autoCreateTenant, allSpPermission, controller, authorities);
|
return createWithUser(principal, tenant, autoCreateTenant, allSpPermission, controller, authorities);
|
||||||
|
|||||||
Reference in New Issue
Block a user