Add distribution set and target type fine grained permissions (#2545)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-14 14:52:36 +03:00
parent c3fdd9fcc8
commit e7373275bf
53 changed files with 506 additions and 476 deletions
--- a/hawkbit-ddi/hawkbit-ddi-resource/src/test/java/org/eclipse/hawkbit/ddi/rest/resource/DdiRootControllerTest.java
+++ b/hawkbit-ddi/hawkbit-ddi-resource/src/test/java/org/eclipse/hawkbit/ddi/rest/resource/DdiRootControllerTest.java
@@ -10,7 +10,7 @@
 package org.eclipse.hawkbit.ddi.rest.resource;

 import static org.assertj.core.api.Assertions.assertThat;
-import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.CONTROLLER_ROLE_ANONYMOUS;
+import static org.eclipse.hawkbit.im.authentication.SpringEvalExpressions.CONTROLLER_ROLE_ANONYMOUS;
 import static org.eclipse.hawkbit.im.authentication.SpPermission.TENANT_CONFIGURATION;
 import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.callAs;
 import static org.eclipse.hawkbit.repository.test.util.SecurityContextSwitch.getAs;
--- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/Authenticator.java
+++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/Authenticator.java
@@ -14,7 +14,7 @@ import java.util.List;
 import java.util.Objects;

 import lombok.EqualsAndHashCode;
-import org.eclipse.hawkbit.im.authentication.SpPermission;
+import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
 import org.eclipse.hawkbit.security.SystemSecurityContext;
 import org.eclipse.hawkbit.tenancy.TenantAware;
@@ -77,7 +77,7 @@ public interface Authenticator {
        private static class AuthenticatedController extends AbstractAuthenticationToken {

            private static final Collection<GrantedAuthority> CONTROLLER_AUTHORITY =
-                    List.of(new SimpleGrantedAuthority(SpPermission.SpringEvalExpressions.CONTROLLER_ROLE));
+                    List.of(new SimpleGrantedAuthority(SpringEvalExpressions.CONTROLLER_ROLE));
            private final String controllerId;

            AuthenticatedController(final String tenant, final String controllerId) {
--- a/hawkbit-ddi/hawkbit-ddi-server/src/test/java/org/eclipse/hawkbit/app/ddi/PreAuthorizeEnabledTest.java
+++ b/hawkbit-ddi/hawkbit-ddi-server/src/test/java/org/eclipse/hawkbit/app/ddi/PreAuthorizeEnabledTest.java
@@ -13,6 +13,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;

 import org.eclipse.hawkbit.im.authentication.SpPermission;
+import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
 import org.eclipse.hawkbit.repository.test.util.WithUser;
 import org.junit.jupiter.api.Test;
 import org.springframework.http.HttpStatus;
@@ -39,7 +40,7 @@ class PreAuthorizeEnabledTest extends AbstractSecurityTest {
     * Tests whether request succeed if a role is granted for the user
     */
    @Test
-    @WithUser(authorities = { SpPermission.SpringEvalExpressions.CONTROLLER_ROLE }, autoCreateTenant = false)
+    @WithUser(authorities = { SpringEvalExpressions.CONTROLLER_ROLE }, autoCreateTenant = false)
    void successIfHasRole() throws Exception {
        mvc.perform(get("/DEFAULT/controller/v1/controllerId"))
                .andExpect(result -> assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value()));