Avgustin Marinov
2b66449ff1
Fine grained repository permissions ( #2562 )
...
1. Introduce @PrreAuthorize check based on hasPermission - allowing custom processing (compared with non-modifiable hasAuthority/Role processing)
2. Dedicated permissions could be implemented on management api level. Check is made by plugged in PermissionEvaluator
3. Thus common XXX_REPOSITORY permissions could differ for extending services
4. Change create/update entity builder pattern - not via EntityFactory but via clean static lombok based builders (with fine fluent api).
5. Implement abstract repository management jpa class that handles the boilerplate code from extending classes in single place consistently -> AbsreactJpaRepositoryManagement
6. Register management api-s as **Sevice**-s instead of **Bean**-s in order to make easier maintainable and get away from heavy argument forwading
7. Simplify custom hawkbit repository registration + adding proxy to handle exception mapping at lower level - thus not depending on Aspects for converting exceptions
8. Implemented general purpose 'copy' utility (ObjectCopyUtil) that using getter/setter patterns is able to copy (e.g. Create/Update) objects to other objects (e.g. JPA entity objects)
2025-07-28 14:57:33 +03:00
Avgustin Marinov
0d38cb5a7d
Fix Sonar findings ( #2553 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-16 10:38:47 +03:00
Stanislav Trailov
b4793fcce1
Introduce target grouping ( #2538 )
...
* Introduce target grouping
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* minor refactor
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* throw validation exception instead direct returning bad request response
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix group query parameter
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* remove wrongly added import
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* add review fixes
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply latest review changes
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply latest changes after sybnc/review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix after review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
---------
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
2025-07-14 15:48:37 +03:00
Avgustin Marinov
e7373275bf
Add distribution set and target type fine grained permissions ( #2545 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-14 14:52:36 +03:00
Avgustin Marinov
c3fdd9fcc8
Refactor permissions ( #2544 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-11 16:50:01 +03:00
Avgustin Marinov
21581c4ea4
Fine-grained permissions ( #2535 )
...
* Fine-grained permissions
Adds support for permissions of type <permission>(/<rsql filter scope>)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Apply review fixes
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-10 13:51:49 +03:00
Avgustin Marinov
edd6dabb90
Move artifact encryption to hawkbit-artifact-api where it does belong ( #2540 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-10 11:57:44 +03:00
Avgustin Marinov
7f97d6f441
Add support for pollingTime overrides ( #2533 )
...
* Add support for pollingTime overrides
* the current format HH:mm:ss is still supported
* add option for deviation percent (HH:mm:ss~\d{1,2}%) which allows the system to do some randomizing of the poll interval
* add support for overriding default polling time interval for devices matching some RSQL filters (in order), e.g. 01:00:00~10%, group == 'eu' -> 00:02:00~15%, status != in_sync -> 00:05:00
* IMPORTANT: overdue time is calculated according to the default polling time. So, the overdue status might be incorrect for targets with overridden poll interval
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Remove min polling time from the tenant config - it is a system configuration
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Add support for bigger poll intervals and overdue + duration format config support
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-07 16:33:55 +03:00
Avgustin Marinov
426bdbf179
Move Query Language (RSQL) in separate package and add Entity Matcher ( #2531 )
...
* Move Query Language (RSQL) in separate package - hawkbit-repository-ql
* Add Entity Matcher which match an entity object agains filter
* Spec to string utils now in runtime (as a library) - could be used in tests or to dump something in runtimes
* Move eclipselink/hibernate profiles in new QL module, this way provided / set to hawkbit-repository-jpa
* Remove unused javax.el imports
2025-07-03 14:41:55 +03:00
Avgustin Marinov
8c6d56f177
Make some test timeouts (await) configurable ( #2525 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-02 12:45:26 +03:00
Avgustin Marinov
affae1026a
Improve Spring Bus usage (remove stream direct use) ( #2521 )
...
* Improve Spring Bus usage (remove stream direct use)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Remove getApplicaton when creating remote events
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-02 08:32:55 +03:00
Avgustin Marinov
cd2c68081f
Refactor RabbitMQ configuration ( #2519 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-30 15:50:30 +03:00
Avgustin Marinov
5586e4b302
Fix Sonar findings ( #2489 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-23 10:19:43 +03:00
Avgustin Marinov
ef25aa59f0
Fix new line after @Test ( #2486 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-20 17:42:55 +03:00
Avgustin Marinov
cb7f1107fe
Remove allure (phase2) ( #2483 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-20 15:51:06 +03:00
Avgustin Marinov
651bd7df98
Deprecate PUT target tag multi-assignment ( #2468 )
...
* Deprecate PUT /rest/v1/targettags/{targetTagId}/assigned -> use new POST method with same endpoint and params
* Remove deprecated DS tag mulit-assigned PUT method /rest/v1/distributionsettags/{distributionsetTagId}/assigned -> use already existing POST method with same endpoint and params
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2025-06-18 15:13:25 +03:00
Avgustin Marinov
2098dc6223
Unifies security configurations ( #2448 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-12 09:06:50 +03:00
Avgustin Marinov
2992f5c211
Refactor management api style ( #2445 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-10 17:09:03 +03:00
Avgustin Marinov
85ef8652fc
Refactoring/simplifying rest resources code (2) ( #2444 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-10 15:14:43 +03:00
Avgustin Marinov
e643707d41
Refactoring/simplifying rest resources code ( #2443 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-10 14:06:43 +03:00
Avgustin Marinov
6167dce214
Hide getRolloutWithStatusDetails from API ( #2442 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-10 11:50:45 +03:00
Avgustin Marinov
a7162a1e48
Remove name and in of HTTP schemas of Mgmt apidoc - should not be specified with HTTP type ( #2441 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-10 09:47:13 +03:00
Avgustin Marinov
3e1d6b6dca
Remove OpenAPI registration ( #2440 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-09 17:57:06 +03:00
Avgustin Marinov
521c3cd096
Add version to Mgmt Open API info ( #2439 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-09 17:49:43 +03:00
Avgustin Marinov
6840025ec1
Order rest APIs in openapi doc ( #2438 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-09 15:41:09 +03:00
Vasil Ilchev
09a3d3e0c6
Fix retrieve Rollout with details ( #2435 )
...
* Fix retrieve Rollout with details
* Rename RolloutManagement method for retrieve Rollout slice with details. Slight refactoring in MgmtRolloutMapper
---------
Co-authored-by: vasilchev <vasil.ilchev@bosch.com >
2025-06-09 15:38:20 +03:00
Avgustin Marinov
5a304af165
Fix swagger config ( #2437 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-09 13:21:24 +03:00
Avgustin Marinov
32ad93c59c
Tune Swagger doc ( #2436 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-09 12:52:55 +03:00
Avgustin Marinov
c3aa2b7ae7
Rsql G3 ( #2423 )
...
* Rsql G3
* Move legacy and G2 visors in rsqllegacy and deprecate
* Refactor RSQLUtility
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-06-02 10:08:13 +03:00
Avgustin Marinov
b4d0ee2c5d
Bump spring boot to 3.4.6 and small refactoring ( #2414 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-05-22 16:17:01 +03:00
Avgustin Marinov
64ee8b9906
JpaSoftwareModule#metadata made map ( #2412 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-05-21 16:59:25 +03:00
Avgustin Marinov
452d8618d7
JpaDistributionSet#metadata made Map ( #2411 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-05-21 13:45:18 +03:00
Avgustin Marinov
ceba4f5cfb
Unify target attributes and metadata ( #2408 )
...
* Unify target attributes and metadata
Currently, the target attributes are Map while the metadata,
which has the same concept is List.
This PR unifies them making the metadata also a Map
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-05-21 11:26:02 +03:00
Avgustin Marinov
eac40f5243
Fix followPathInJwtClaims and slight OIDC refactoring ( #2393 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-05-09 09:30:35 +03:00
Christian Breitwieser
acaec605bd
OIDC Authentication/Authorization on Management API ( #2386 )
...
* Added Oidc ressource server capabilities to mgmt api to allow users to login via identity provider.
Signed-off-by: ChristianB <christian.breitwieser@blue-zone.at >
* Adress review findings:
- Code Style fixes
- Readability improvements
Signed-off-by: ChristianB <christian.breitwieser@blue-zone.at >
---------
Signed-off-by: ChristianB <christian.breitwieser@blue-zone.at >
2025-05-08 11:19:19 +03:00
Denislav Prinov
7aa33cd96b
Refactoring the audit log message -> description field
...
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com >
2025-04-22 08:11:53 +03:00
Avgustin Marinov
de4e58d0ee
Add robots.txt to servers - not for bots ( #2358 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-04-15 15:13:36 +03:00
Avgustin Marinov
f4fb11535c
[ #1744 ] Add permissions to MgmtUserInfo ( #2356 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-04-15 09:51:21 +03:00
Avgustin Marinov
9290ea194c
[ #1832 ] Fix root redirect to swagger ui ( #2355 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-04-15 09:13:50 +03:00
Avgustin Marinov
32990ab2ea
Add CORS support for DDI API ( #2337 )
...
For instance if used in remote swagger or web apps
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-04-02 09:01:02 +03:00
Denislav Prinov
23154d70cc
Audit Logging in HawkBit ( #2314 )
...
* Introduction of Audit Logging in hawkBit
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com >
* Introduction of Audit Logging in hawkBit
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com >
* Refactoring:
* applied code formatter
* audit moved into hawkbit-security-core
* minimize dependences
* use AuditorAware to retrieve user - so to be compatible with the logs into DB
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Move audit entities to security core
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com >
* Introduce audit log method types
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com >
---------
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com >
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-03-31 08:51:54 +03:00
Avgustin Marinov
70949769de
Migrate to jdk 21 ( #2295 )
...
* docker containers using images with jre 21
* project is still building with target java 17 - so jar artifacts are java 17 compatible
* provided option to have different version for client libraries (e.g. ddi and management REST api)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-03-27 09:28:28 +02:00
Avgustin Marinov
4e113f9483
Hibernate: use default HibernateJpaConfiguration ( #2325 )
...
Condifure properties via HibernatePropertiesCustomizer
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-03-21 16:48:14 +02:00
Avgustin Marinov
b2dcc19f5d
[ #2191 ] Remove DB2 and MS SQL support ( #2321 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-03-20 13:43:56 +02:00
Avgustin Marinov
ea8fa4e1bd
Small code style refactoring ( #2302 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-02-25 17:22:23 +02:00
Avgustin Marinov
beda747c67
Remove unnecessary JsonProperty annotations ( #2296 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-02-25 08:40:14 +02:00
Avgustin Marinov
76ce1cf052
Cleanup and improve the controller authentication ( #2287 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-02-18 15:10:16 +02:00
Avgustin Marinov
059fd26fae
Add POST REST method for assigning tag to multiple DS ( #2280 )
...
!!! the PUT method is deprecated for removal
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-02-13 14:49:55 +02:00
Avgustin Marinov
99bb88ce55
Remove deprecated REST Mgmt Methods (2) ( #2279 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-02-13 14:36:13 +02:00
Avgustin Marinov
a1a3881c47
Remove deprecated REST Mgmt Methods ( #2278 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-02-13 14:32:28 +02:00