From e19b11290d8d082dfd8a16ebad80614dbbfb7574 Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Fri, 19 Sep 2025 10:25:18 +0300 Subject: [PATCH] Fix Sonar Findings (#2679) Signed-off-by: Avgustin Marinov --- .../mapper/MgmtDistributionSetMapper.java | 9 +----- .../AbstractRepositoryManagementTest.java | 4 +-- .../management/ControllerManagementTest.java | 16 ++++++---- .../security/SecurityConfiguration.java | 29 ++++++++++--------- 4 files changed, 28 insertions(+), 30 deletions(-) diff --git a/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/mapper/MgmtDistributionSetMapper.java b/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/mapper/MgmtDistributionSetMapper.java index f4882e63b..6eb20b3c8 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/mapper/MgmtDistributionSetMapper.java +++ b/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/mapper/MgmtDistributionSetMapper.java @@ -51,17 +51,10 @@ import org.springframework.util.CollectionUtils; @Service public class MgmtDistributionSetMapper { - private final DistributionSetTypeManagement distributionSetTypeManagement; private final SoftwareModuleManagement softwareModuleManagement; - private final SystemManagement systemManagement; - MgmtDistributionSetMapper( - final DistributionSetTypeManagement distributionSetTypeManagement, - final SoftwareModuleManagement softwareModuleManagement, - final SystemManagement systemManagement) { - this.distributionSetTypeManagement = distributionSetTypeManagement; + MgmtDistributionSetMapper(final SoftwareModuleManagement softwareModuleManagement) { this.softwareModuleManagement = softwareModuleManagement; - this.systemManagement = systemManagement; } public List fromRequest( diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/AbstractRepositoryManagementTest.java b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/AbstractRepositoryManagementTest.java index 42d543192..62c790a95 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/AbstractRepositoryManagementTest.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/AbstractRepositoryManagementTest.java @@ -303,9 +303,7 @@ public abstract class AbstractRepositoryManagementTest set = new HashSet<>(); -// set.add(forType(createType)); - return (O) set; + return (O) new HashSet<>(); } else if (type.isEnum()) { final O[] constants = type.getEnumConstants(); return constants[(int) (counter.incrementAndGet() % constants.length)]; diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/ControllerManagementTest.java b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/ControllerManagementTest.java index 7c6b1d885..e7f126acf 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/ControllerManagementTest.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/ControllerManagementTest.java @@ -241,22 +241,24 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest { testdataFactory.createDistributionSet("ds1"), testdataFactory.createTargets(1, "t1"))); assertThat(actionId1).isNotNull(); final ActionStatusCreateBuilder status = ActionStatusCreate.builder().actionId(actionId1).status(Status.WARNING); - for (int i = 0; i < maxStatusEntries; ++i) { + for (int i = 0; i < maxStatusEntries; i++) { controllerManagement.addInformationalActionStatus(status.messages(List.of("Msg " + i)).occurredAt(System.currentTimeMillis()).build()); } + final ActionStatusCreate actionStatusCreate = status.build(); assertThatExceptionOfType(AssignmentQuotaExceededException.class) - .isThrownBy(() -> controllerManagement.addInformationalActionStatus(status.build())); + .isThrownBy(() -> controllerManagement.addInformationalActionStatus(actionStatusCreate)); // test for update status (and mixed case) final Long actionId2 = getFirstAssignedActionId(assignDistributionSet( testdataFactory.createDistributionSet("ds2"), testdataFactory.createTargets(1, "t2"))); assertThat(actionId2).isNotEqualTo(actionId1); final ActionStatusCreateBuilder statusWarning = ActionStatusCreate.builder().actionId(actionId2).status(Status.WARNING); - for (int i = 0; i < maxStatusEntries; ++i) { + for (int i = 0; i < maxStatusEntries; i++) { controllerManagement.addUpdateActionStatus(statusWarning.messages(List.of("Msg " + i)).occurredAt(System.currentTimeMillis()).build()); } + final ActionStatusCreate actionStatusCreateQE = statusWarning.build(); assertThatExceptionOfType(AssignmentQuotaExceededException.class) - .isThrownBy(() -> controllerManagement.addInformationalActionStatus(statusWarning.build())); + .isThrownBy(() -> controllerManagement.addInformationalActionStatus(actionStatusCreateQE)); } /** @@ -334,12 +336,14 @@ class ControllerManagementTest extends AbstractJpaIntegrationTest { assertThat(controllerManagement.findActionWithDetails(NOT_EXIST_IDL)).isNotPresent(); assertThat(controllerManagement.findByControllerId(NOT_EXIST_ID)).isNotPresent(); assertThat(controllerManagement.find(NOT_EXIST_IDL)).isNotPresent(); + final String controllerId = target.getControllerId(); + final Long moduleId = module.getId(); assertThatExceptionOfType(EntityNotFoundException.class) - .isThrownBy(() -> controllerManagement.getActionForDownloadByTargetAndSoftwareModule(target.getControllerId(), module.getId())); + .isThrownBy(() -> controllerManagement.getActionForDownloadByTargetAndSoftwareModule(controllerId, moduleId)); assertThat(controllerManagement.findActiveActionWithHighestWeight(NOT_EXIST_ID)).isNotPresent(); - assertThat(controllerManagement.hasTargetArtifactAssigned(target.getControllerId(), "XXX")).isFalse(); + assertThat(controllerManagement.hasTargetArtifactAssigned(controllerId, "XXX")).isFalse(); assertThat(controllerManagement.hasTargetArtifactAssigned(target.getId(), "XXX")).isFalse(); } diff --git a/hawkbit-simple-ui/src/main/java/org/eclipse/hawkbit/ui/simple/security/SecurityConfiguration.java b/hawkbit-simple-ui/src/main/java/org/eclipse/hawkbit/ui/simple/security/SecurityConfiguration.java index 2621a8bdc..6dca06c84 100644 --- a/hawkbit-simple-ui/src/main/java/org/eclipse/hawkbit/ui/simple/security/SecurityConfiguration.java +++ b/hawkbit-simple-ui/src/main/java/org/eclipse/hawkbit/ui/simple/security/SecurityConfiguration.java @@ -9,19 +9,22 @@ */ package org.eclipse.hawkbit.ui.simple.security; -import com.vaadin.flow.spring.security.VaadinWebSecurity; +import com.vaadin.flow.spring.security.VaadinAwareSecurityContextHolderStrategyConfiguration; +import com.vaadin.flow.spring.security.VaadinSecurityConfigurer; import org.eclipse.hawkbit.ui.simple.view.LoginView; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Import; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.AuthenticationFailureHandler; import java.net.URLEncoder; @@ -30,7 +33,8 @@ import java.nio.charset.StandardCharsets; @EnableWebSecurity @Configuration @EnableConfigurationProperties(OidcClientProperties.class) -public class SecurityConfiguration extends VaadinWebSecurity { +@Import(VaadinAwareSecurityContextHolderStrategyConfiguration.class) +public class SecurityConfiguration { private Customizer> oAuth2LoginConfigurerCustomizer; @@ -47,26 +51,25 @@ public class SecurityConfiguration extends VaadinWebSecurity { @Bean public AuthenticationFailureHandler customFailureHandler() { - return (request, response, exception) -> { - // Redirect back to login with your message + // Redirect back to login with your message + return (request, response, exception) -> response.sendRedirect("/login?error=" + URLEncoder.encode(exception.getMessage(), StandardCharsets.UTF_8)); - }; } - @Override - protected void configure(final HttpSecurity http) throws Exception { + @Bean + SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http.authorizeHttpRequests(authorize -> authorize.requestMatchers("/images/*.png").permitAll()); - - super.configure(http); - if (oAuth2LoginConfigurerCustomizer != null) { http.oauth2Login(oAuth2LoginConfigurerCustomizer); } else { http.formLogin(form -> form .loginPage("/login") - .failureHandler(customFailureHandler()) - ); - setLoginView(http, LoginView.class); + .failureHandler(customFailureHandler())); } + return http.with(VaadinSecurityConfigurer.vaadin(), configurer -> { + if (oAuth2LoginConfigurerCustomizer == null) { + configurer.loginView(LoginView.class); + } + }).build(); } }