diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetManagement.java b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetManagement.java index 66e1122d9..a27ccd52e 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetManagement.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetManagement.java @@ -27,6 +27,7 @@ import java.util.stream.Collectors; import jakarta.persistence.EntityManager; import jakarta.validation.constraints.NotNull; +import org.eclipse.hawkbit.im.authentication.SpPermission; import org.eclipse.hawkbit.repository.DistributionSetFields; import org.eclipse.hawkbit.repository.DistributionSetManagement; import org.eclipse.hawkbit.repository.DistributionSetMetadataFields; @@ -86,6 +87,7 @@ import org.springframework.data.jpa.domain.Specification; import org.springframework.orm.jpa.vendor.Database; import org.springframework.retry.annotation.Backoff; import org.springframework.retry.annotation.Retryable; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.CollectionUtils; import org.springframework.util.ObjectUtils; @@ -151,6 +153,7 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public List create(final Collection creates) { final List toCreate = creates.stream().map(JpaDistributionSetCreate.class::cast) .map(this::setDefaultTypeIfMissing).map(JpaDistributionSetCreate::build).toList(); @@ -162,6 +165,7 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public DistributionSet create(final DistributionSetCreate c) { final JpaDistributionSetCreate create = (JpaDistributionSetCreate) c; setDefaultTypeIfMissing(create); @@ -173,6 +177,7 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_UPDATE_REPOSITORY) public DistributionSet update(final DistributionSetUpdate u) { final GenericDistributionSetUpdate update = (GenericDistributionSetUpdate) u; @@ -204,6 +209,7 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public long count() { return distributionSetRepository.count(DistributionSetSpecification.isNotDeleted()); } @@ -212,6 +218,7 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final long id) { delete(List.of(id)); } @@ -220,6 +227,7 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final Collection distributionSetIDs) { getDistributionSets(distributionSetIDs); // throws EntityNotFoundException if any of these do not exists final List setsFound = distributionSetRepository.findAll( @@ -260,27 +268,32 @@ public class JpaDistributionSetManagement implements DistributionSetManagement { } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public List get(final Collection ids) { return Collections.unmodifiableList(getDistributionSets(ids)); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public boolean exists(final long id) { return distributionSetRepository.existsById(id); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Optional get(final long id) { return distributionSetRepository.findById(id).map(DistributionSet.class::cast); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Slice findAll(final Pageable pageable) { return JpaManagementHelper.findAllWithoutCountBySpec(distributionSetRepository, pageable, List.of( DistributionSetSpecification.isNotDeleted())); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Page findByRsql(final Pageable pageable, final String rsqlParam) { return JpaManagementHelper.findAllWithCountBySpec(distributionSetRepository, pageable, List.of( RSQLUtility.buildRsqlSpecification(rsqlParam, DistributionSetFields.class, virtualPropertyReplacer, diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTagManagement.java b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTagManagement.java index cbcdf3085..3f9904f6e 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTagManagement.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTagManagement.java @@ -15,6 +15,7 @@ import java.util.List; import java.util.Optional; import java.util.stream.Collectors; +import org.eclipse.hawkbit.im.authentication.SpPermission; import org.eclipse.hawkbit.repository.DistributionSetTagFields; import org.eclipse.hawkbit.repository.DistributionSetTagManagement; import org.eclipse.hawkbit.repository.TargetTagManagement; @@ -43,6 +44,7 @@ import org.springframework.data.jpa.domain.Specification; import org.springframework.orm.jpa.vendor.Database; import org.springframework.retry.annotation.Backoff; import org.springframework.retry.annotation.Retryable; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.validation.annotation.Validated; @@ -72,6 +74,7 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public List create(final Collection dst) { final List toCreate = dst.stream().map(JpaTagCreate.class::cast) .map(JpaTagCreate::buildDistributionSetTag).toList(); @@ -83,6 +86,7 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public DistributionSetTag create(final TagCreate c) { final JpaTagCreate create = (JpaTagCreate) c; return distributionSetTagRepository.save(AccessController.Operation.CREATE, create.buildDistributionSetTag()); @@ -92,6 +96,7 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_UPDATE_REPOSITORY) public DistributionSetTag update(final TagUpdate u) { final GenericTagUpdate update = (GenericTagUpdate) u; @@ -106,6 +111,7 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public long count() { return distributionSetTagRepository.count(); } @@ -114,6 +120,7 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final long id) { distributionSetTagRepository.deleteById(id); } @@ -122,6 +129,7 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final Collection ids) { final List setsFound = distributionSetTagRepository.findAllById(ids); @@ -134,26 +142,31 @@ public class JpaDistributionSetTagManagement implements DistributionSetTagManage } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public List get(final Collection ids) { return Collections.unmodifiableList(distributionSetTagRepository.findAllById(ids)); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public boolean exists(final long id) { return distributionSetTagRepository.existsById(id); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Optional get(final long id) { return distributionSetTagRepository.findById(id).map(DistributionSetTag.class::cast); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Slice findAll(final Pageable pageable) { return JpaManagementHelper.findAllWithoutCountBySpec(distributionSetTagRepository, pageable, null); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Page findByRsql(final Pageable pageable, final String rsqlParam) { final Specification spec = RSQLUtility.buildRsqlSpecification(rsqlParam, DistributionSetTagFields.class, virtualPropertyReplacer, database); diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTypeManagement.java b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTypeManagement.java index c6f22a283..c0843df28 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTypeManagement.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaDistributionSetTypeManagement.java @@ -19,6 +19,7 @@ import java.util.function.LongFunction; import java.util.stream.Collectors; import java.util.stream.Stream; +import org.eclipse.hawkbit.im.authentication.SpPermission; import org.eclipse.hawkbit.repository.DistributionSetTypeFields; import org.eclipse.hawkbit.repository.DistributionSetTypeManagement; import org.eclipse.hawkbit.repository.QuotaManagement; @@ -52,6 +53,7 @@ import org.springframework.data.domain.Slice; import org.springframework.orm.jpa.vendor.Database; import org.springframework.retry.annotation.Backoff; import org.springframework.retry.annotation.Retryable; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.CollectionUtils; import org.springframework.validation.annotation.Validated; @@ -127,6 +129,7 @@ public class JpaDistributionSetTypeManagement implements DistributionSetTypeMana @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public List create(final Collection types) { final List typesToCreate = types.stream() .map(JpaDistributionSetTypeCreate.class::cast) @@ -139,6 +142,7 @@ public class JpaDistributionSetTypeManagement implements DistributionSetTypeMana @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public DistributionSetType create(final DistributionSetTypeCreate c) { final JpaDistributionSetType distributionSetType = ((JpaDistributionSetTypeCreate) c).build(); return distributionSetTypeRepository.save(AccessController.Operation.CREATE, distributionSetType); @@ -148,6 +152,7 @@ public class JpaDistributionSetTypeManagement implements DistributionSetTypeMana @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_UPDATE_REPOSITORY) public DistributionSetType update(final DistributionSetTypeUpdate u) { final GenericDistributionSetTypeUpdate update = (GenericDistributionSetTypeUpdate) u; final JpaDistributionSetType type = findDistributionSetTypeAndThrowExceptionIfNotFound(update.getId()); @@ -181,6 +186,7 @@ public class JpaDistributionSetTypeManagement implements DistributionSetTypeMana } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public long count() { return distributionSetTypeRepository.count(DistributionSetTypeSpecification.isNotDeleted()); } @@ -189,6 +195,7 @@ public class JpaDistributionSetTypeManagement implements DistributionSetTypeMana @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final long id) { final JpaDistributionSetType toDelete = distributionSetTypeRepository.findById(id) .orElseThrow(() -> new EntityNotFoundException(DistributionSetType.class, id)); @@ -207,32 +214,38 @@ public class JpaDistributionSetTypeManagement implements DistributionSetTypeMana @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final Collection ids) { distributionSetTypeRepository.deleteAllById(ids); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public List get(final Collection ids) { return Collections.unmodifiableList(distributionSetTypeRepository.findAllById(ids)); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public boolean exists(final long id) { return distributionSetTypeRepository.existsById(id); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Optional get(final long id) { return distributionSetTypeRepository.findById(id).map(DistributionSetType.class::cast); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Slice findAll(final Pageable pageable) { return JpaManagementHelper.findAllWithoutCountBySpec(distributionSetTypeRepository, pageable, List.of( DistributionSetTypeSpecification.isNotDeleted())); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Page findByRsql(final Pageable pageable, final String rsqlParam) { return JpaManagementHelper.findAllWithCountBySpec(distributionSetTypeRepository, pageable, List.of( RSQLUtility.buildRsqlSpecification(rsqlParam, DistributionSetTypeFields.class, virtualPropertyReplacer, database), diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleManagement.java b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleManagement.java index cac7e96df..73b7a6516 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleManagement.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleManagement.java @@ -23,6 +23,7 @@ import java.util.stream.Stream; import jakarta.persistence.EntityManager; +import org.eclipse.hawkbit.im.authentication.SpPermission; import org.eclipse.hawkbit.repository.ArtifactEncryptionService; import org.eclipse.hawkbit.repository.ArtifactManagement; import org.eclipse.hawkbit.repository.QuotaManagement; @@ -72,6 +73,7 @@ import org.springframework.data.jpa.domain.Specification; import org.springframework.orm.jpa.vendor.Database; import org.springframework.retry.annotation.Backoff; import org.springframework.retry.annotation.Retryable; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.ObjectUtils; import org.springframework.validation.annotation.Validated; @@ -118,6 +120,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public List create(final Collection swModules) { final List modulesToCreate = swModules.stream().map(JpaSoftwareModuleCreate.class::cast) .map(JpaSoftwareModuleCreate::build).toList(); @@ -138,6 +141,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public SoftwareModule create(final SoftwareModuleCreate c) { final JpaSoftwareModuleCreate create = (JpaSoftwareModuleCreate) c; @@ -155,6 +159,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_UPDATE_REPOSITORY) public SoftwareModule update(final SoftwareModuleUpdate u) { final GenericSoftwareModuleUpdate update = (GenericSoftwareModuleUpdate) u; @@ -175,6 +180,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public long count() { return softwareModuleRepository.count(SoftwareModuleSpecification.isNotDeleted()); } @@ -183,6 +189,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final long id) { delete(List.of(id)); } @@ -191,6 +198,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final Collection ids) { final List swModulesToDelete = softwareModuleRepository.findAllById(ids); if (swModulesToDelete.size() < ids.size()) { @@ -235,21 +243,25 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public List get(final Collection ids) { return Collections.unmodifiableList(softwareModuleRepository.findAllById(ids)); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public boolean exists(final long id) { return softwareModuleRepository.existsById(id); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Optional get(final long id) { return softwareModuleRepository.findById(id).map(SoftwareModule.class::cast); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Slice findAll(final Pageable pageable) { return JpaManagementHelper.findAllWithoutCountBySpec(softwareModuleRepository, pageable, List.of( SoftwareModuleSpecification.isNotDeleted(), @@ -257,6 +269,7 @@ public class JpaSoftwareModuleManagement implements SoftwareModuleManagement { } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Page findByRsql(final Pageable pageable, final String rsqlParam) { return JpaManagementHelper.findAllWithCountBySpec(softwareModuleRepository, pageable, List.of( RSQLUtility.buildRsqlSpecification(rsqlParam, SoftwareModuleFields.class, virtualPropertyReplacer, diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleTypeManagement.java b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleTypeManagement.java index 1e37a0dcd..8425be4ed 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleTypeManagement.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/main/java/org/eclipse/hawkbit/repository/jpa/management/JpaSoftwareModuleTypeManagement.java @@ -14,6 +14,7 @@ import java.util.Collections; import java.util.List; import java.util.Optional; +import org.eclipse.hawkbit.im.authentication.SpPermission; import org.eclipse.hawkbit.repository.SoftwareModuleTypeFields; import org.eclipse.hawkbit.repository.SoftwareModuleTypeManagement; import org.eclipse.hawkbit.repository.builder.GenericSoftwareModuleTypeUpdate; @@ -39,6 +40,7 @@ import org.springframework.data.domain.Slice; import org.springframework.orm.jpa.vendor.Database; import org.springframework.retry.annotation.Backoff; import org.springframework.retry.annotation.Retryable; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.validation.annotation.Validated; @@ -81,6 +83,7 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public List create(final Collection c) { final List creates = c.stream().map(JpaSoftwareModuleTypeCreate.class::cast) .map(JpaSoftwareModuleTypeCreate::build).toList(); @@ -92,6 +95,7 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_CREATE_REPOSITORY) public SoftwareModuleType create(final SoftwareModuleTypeCreate c) { final JpaSoftwareModuleTypeCreate create = (JpaSoftwareModuleTypeCreate) c; @@ -102,6 +106,7 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_UPDATE_REPOSITORY) public SoftwareModuleType update(final SoftwareModuleTypeUpdate u) { final GenericSoftwareModuleTypeUpdate update = (GenericSoftwareModuleTypeUpdate) u; @@ -115,6 +120,7 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public long count() { return softwareModuleTypeRepository.count(SoftwareModuleTypeSpecification.isNotDeleted()); } @@ -123,6 +129,7 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final long id) { final JpaSoftwareModuleType toDelete = softwareModuleTypeRepository.findById(id) .orElseThrow(() -> new EntityNotFoundException(SoftwareModuleType.class, id)); @@ -134,6 +141,7 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage @Transactional @Retryable(retryFor = { ConcurrencyFailureException.class }, maxAttempts = Constants.TX_RT_MAX, backoff = @Backoff(delay = Constants.TX_RT_DELAY)) + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_DELETE_REPOSITORY) public void delete(final Collection ids) { softwareModuleTypeRepository .findAll(AccessController.Operation.DELETE, softwareModuleTypeRepository.byIdsSpec(ids)) @@ -141,27 +149,32 @@ public class JpaSoftwareModuleTypeManagement implements SoftwareModuleTypeManage } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public List get(final Collection ids) { return Collections.unmodifiableList(softwareModuleTypeRepository.findAllById(ids)); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public boolean exists(final long id) { return softwareModuleTypeRepository.existsById(id); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Optional get(final long id) { return softwareModuleTypeRepository.findById(id).map(SoftwareModuleType.class::cast); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Slice findAll(final Pageable pageable) { return JpaManagementHelper.findAllWithoutCountBySpec(softwareModuleTypeRepository, pageable, List.of(SoftwareModuleTypeSpecification.isNotDeleted())); } @Override + @PreAuthorize(SpPermission.SpringEvalExpressions.HAS_AUTH_READ_REPOSITORY) public Page findByRsql(final Pageable pageable, final String rsqlParam) { return JpaManagementHelper.findAllWithCountBySpec(softwareModuleTypeRepository, pageable, List.of(