From df23c4ef836f25b5630e86614c2a6e1944bfbd62 Mon Sep 17 00:00:00 2001
From: Stefan Behl <stefan.behl@bosch-si.com>
Date: Fri, 1 Feb 2019 14:18:38 +0100
Subject: [PATCH] In-memory user management should not ignore user roles
 configured via Spring (#794)

* Fix hawkBit UserDetailsService bean to honor the configured roles

Signed-off-by: Stefan Behl <stefan.behl@bosch-si.com>

* Fix Sonar issues

Signed-off-by: Stefan Behl <stefan.behl@bosch-si.com>
---
 .../InMemoryUserManagementAutoConfiguration.java     | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementAutoConfiguration.java b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementAutoConfiguration.java
index 0beff46ca..e80c8220c 100644
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementAutoConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/InMemoryUserManagementAutoConfiguration.java
@@ -9,6 +9,7 @@
 package org.eclipse.hawkbit.autoconfigure.security;
 
 import java.util.ArrayList;
+import java.util.List;
 
 import org.eclipse.hawkbit.im.authentication.MultitenancyIndicator;
 import org.eclipse.hawkbit.im.authentication.PermissionUtils;
@@ -24,6 +25,7 @@ import org.springframework.security.config.annotation.authentication.builders.Au
 import org.springframework.security.config.annotation.authentication.configuration.GlobalAuthenticationConfigurerAdapter;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.User.UserBuilder;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@@ -57,8 +59,14 @@ public class InMemoryUserManagementAutoConfiguration extends GlobalAuthenticatio
     UserDetailsService userDetailsService() {
         final InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserPrincipalDetailsManager();
         inMemoryUserDetailsManager.setAuthenticationManager(null);
-        inMemoryUserDetailsManager.createUser(new User(securityProperties.getUser().getName(),
-                securityProperties.getUser().getPassword(), PermissionUtils.createAllAuthorityList()));
+        final SecurityProperties.User user = securityProperties.getUser();
+        final UserBuilder userBuilder = User.builder().username(user.getName()).password(user.getPassword())
+                .authorities(PermissionUtils.createAllAuthorityList());
+        final List<String> roles = user.getRoles();
+        if (!roles.isEmpty()) {
+            userBuilder.roles(roles.toArray(new String[roles.size()]));
+        }
+        inMemoryUserDetailsManager.createUser(userBuilder.build());
         return inMemoryUserDetailsManager;
     }