diff --git a/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/json/model/auth/MgmtUserInfo.java b/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/json/model/auth/MgmtUserInfo.java index 4300abeca..72df462f5 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/json/model/auth/MgmtUserInfo.java +++ b/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/json/model/auth/MgmtUserInfo.java @@ -21,4 +21,5 @@ public class MgmtUserInfo { private String tenant; private String username; + private String[] permissions; } \ No newline at end of file diff --git a/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java b/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java index 1e4a10116..a55d82deb 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java +++ b/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java @@ -14,6 +14,9 @@ import org.eclipse.hawkbit.mgmt.json.model.auth.MgmtUserInfo; import org.eclipse.hawkbit.mgmt.rest.api.MgmtBasicAuthRestApi; import org.eclipse.hawkbit.tenancy.TenantAware; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.RestController; /** @@ -32,8 +35,13 @@ public class MgmtBasicAuthResource implements MgmtBasicAuthRestApi { @AuditLog(entity = "BasicAuth", type = AuditLog.Type.READ, message = "Validate Basic Auth") public ResponseEntity validateBasicAuth() { final MgmtUserInfo userInfo = new MgmtUserInfo(); - userInfo.setUsername(tenantAware.getCurrentUsername()); userInfo.setTenant(tenantAware.getCurrentTenant()); + userInfo.setUsername(tenantAware.getCurrentUsername()); + final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + if (authentication != null) { + userInfo.setPermissions(authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).toArray(String[]::new)); + return ResponseEntity.ok(userInfo); + } return ResponseEntity.ok(userInfo); } } \ No newline at end of file diff --git a/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java b/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java index 299e1e74d..e6d681b3e 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java +++ b/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java @@ -10,6 +10,8 @@ package org.eclipse.hawkbit.mgmt.rest.resource; import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.hasItems; +import static org.hamcrest.CoreMatchers.is; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; @@ -80,20 +82,22 @@ class MgmtBasicAuthResourceTest { protected WebApplicationContext webApplicationContext; @Autowired MockMvc defaultMock; - private static final String TEST_USER = "testUser"; private static final String DEFAULT_TENANT = "DEFAULT"; + private static final String TEST_USER = "testUser"; @Test @Description("Test of userinfo api with basic auth validation") - @WithUser(principal = TEST_USER) + @WithUser(principal = TEST_USER, authorities = {"READ", "WRITE", "DELETE"}) void validateBasicAuthWithUserDetails() throws Exception { withSecurityMock().perform(get(MgmtRestConstants.AUTH_V1_REQUEST_MAPPING)) .andDo(MockMvcResultPrinter.print()) .andDo(MockMvcResultPrinter.print()) .andExpect(status().isOk()) .andExpect(content().contentType(MediaTypes.HAL_JSON_VALUE)) + .andExpect(jsonPath("$.tenant", equalTo(DEFAULT_TENANT))) .andExpect(jsonPath("$.username", equalTo(TEST_USER))) - .andExpect(jsonPath("$.tenant", equalTo(DEFAULT_TENANT))); + .andExpect(jsonPath("$.permissions.size()", is(3))) + .andExpect(jsonPath("$.permissions", hasItems("READ", "WRITE", "DELETE"))); } @Test