hawkbit

Author	SHA1	Message	Date
Avgustin Marinov	2a636328a0	20250828 cleanup (#2639 ) * Cleanup * Refactor artifact management	2025-09-02 16:08:14 +03:00
Vasil Ilchev	4a8e60764f	Remote Events migrated from Spring Bus to Spring Cloud Stream (#2563 ) * Remote Events migrated from Spring Bus to Spring Cloud Stream --------- Co-authored-by: vasilchev <vasil.ilchev@bosch.com>	2025-07-30 16:58:00 +03:00
Avgustin Marinov	21581c4ea4	Fine-grained permissions (#2535 ) * Fine-grained permissions Adds support for permissions of type <permission>(/<rsql filter scope>) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com> * Apply review fixes --------- Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-07-10 13:51:49 +03:00
Avgustin Marinov	edd6dabb90	Move artifact encryption to hawkbit-artifact-api where it does belong (#2540 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-07-10 11:57:44 +03:00
Avgustin Marinov	0059a60f5b	[#2362 ] Set cache manager TTL by default 10sec (#2378 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-04-28 13:22:19 +03:00
Denislav Prinov	23e3c0bc43	Ensure AuditLoggingAspect Bean Registration Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2025-04-04 11:30:24 +03:00
Avgustin Marinov	2af5439b39	Clustering: Add distributed lock (#2333 ) To support sync of activities in cluster setups Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-04-02 12:25:08 +03:00
Denislav Prinov	23154d70cc	Audit Logging in HawkBit (#2314 ) * Introduction of Audit Logging in hawkBit Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Introduction of Audit Logging in hawkBit Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Refactoring: * applied code formatter * audit moved into hawkbit-security-core * minimize dependences * use AuditorAware to retrieve user - so to be compatible with the logs into DB Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com> * Move audit entities to security core Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Introduce audit log method types Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com> Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-03-31 08:51:54 +03:00
Avgustin Marinov	bbb5f40207	Sonar Fixes (6) (#2214 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-01-21 16:13:43 +02:00
Avgustin Marinov	ed93d3fc7b	Introduce pluggable tenant resolver (#2151 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-12-18 15:17:35 +02:00
Avgustin Marinov	299d7091a2	Reomve a @Cacheable that might not work (#2102 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-23 16:52:06 +02:00
Avgustin Marinov	e91cc5a349	Move EventuPublisherConfiguration into repository (#2100 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-22 19:19:58 +02:00
Avgustin Marinov	37dea970d2	Fix EventPublisherAuthConfiguration to run as system (#2099 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-22 17:59:25 +02:00
Avgustin Marinov	4de34eacc3	Fix AmqpMessageDispatcherServiceTest.testSendCancelRequest - set action tenant (#2098 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-22 17:36:07 +02:00
Avgustin Marinov	c3bcc4371d	Code formating and removing unused imports (#2072 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-18 09:13:58 +02:00
Avgustin Marinov	9b7606f68e	Code refactoring of hawkbit-core and hawkbit-autoconfigure (#2051 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-16 17:56:23 +02:00
Avgustin Marinov	7902b89268	Unify artifact names (#2021 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-12 15:09:03 +02:00
Avgustin Marinov	cf5b91cfd3	Fix ArtifactFilesystemConfiguration auto configuration (#2018 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-12 13:47:28 +02:00
Avgustin Marinov	42582229f1	Small adjustments (#2017 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-12 13:22:45 +02:00
Avgustin Marinov	c85518be3c	Split SecurityManagedConfiguration to mgmt and ddi starters (#2014 ) * SecurityManagedConfiguration is moved to hawkbit-rest-core with commons for mgmt and ddi only * Configurations for DDI and Management API are moved to respective starters * hawkbit-http-security is removed - DosFilter (as common) is moved in hawkbit-rest-security, rest to the ddi starter as used only there * some classes are moved into different packages - it is a bad practice to have same packet into multiple artifacts _release_notes_ Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-12 12:06:56 +02:00
Avgustin Marinov	baab2fcf95	Move Mgmt artifacts into hawkbit-mgmt (#2003 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-11 15:57:56 +02:00
Avgustin Marinov	05d8d6cc7e	Moves DDI artifacts into a dedicated directory/artifact parent (#2002 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-11 15:11:07 +02:00
Avgustin Marinov	25c09a7d39	Move all DMF artifacts in hawkbit-dmf (#2000 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-11 14:22:11 +02:00
Avgustin Marinov	f223ebf3a8	Remove ExecutorAutoConfiguration.uiExecutor (#2001 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-11 13:17:55 +02:00
Avgustin Marinov	56ff8168f9	Rename org.eclipse.hawkbit.api -> org.eclipse.hawkbit.artifact.repository.urlhandler (#1980 ) _release_notes_ Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 17:40:27 +02:00
Avgustin Marinov	6dec398cb9	Remove unusied org.eclipse.hawkbit.HawkbitServerProperties (#1979 ) _release_notes_ Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 17:18:59 +02:00
Avgustin Marinov	56c548e474	Remove unused org.eclipse.hawkbit.api.HostnameResolver (#1978 ) _release_notes_ Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 17:05:14 +02:00
Avgustin Marinov	3effa996dd	Refactor tenancy classes (#1972 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 16:12:18 +02:00
Avgustin Marinov	178fb48336	Remove OidcUserManagementAutoConfiguration from auto config (#1970 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 15:12:42 +02:00
Avgustin Marinov	a1e319ee37	Remove OidcUserManagementAutoConfiguration (#1969 ) [release notes] Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 14:32:17 +02:00
Avgustin Marinov	548c8d28a6	Code format hawkbit autoconfigure (#1946 ) * Code format hawkbit-rest Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> * Code format hawkbit-autoconfigure Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> --------- Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-11-05 11:34:36 +02:00
Avgustin Marinov	8da475dff0	MDC hanlder refactoring (#1911 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-10-23 09:20:15 +03:00
Avgustin Marinov	4bc082599b	Fix RoleHierarchyImpl deprecation (#1849 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-10-01 10:32:03 +03:00
Avgustin Marinov	d958d8e82c	Remove download by downloadId functionality (#1820 ) This functionallity seems to get via AMQP (after some authentication) a private (wihtout need of authentication) url to an artifact assigned to the controller. By default, DDI or DMF shall provide proper urls (for direct download) to devices and if they have to be without authentication this shall be solved in different ways - for instance separate download server providing dedicated private / signed urls. This functinallity is not a real hawkBit part but more like something intended to solve some edge cases. Since it is complicated, heeds support, doesn't solve wide spread use cases, and could be achieved with other means - better to be removed. Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-14 17:28:46 +03:00
Avgustin Marinov	d851fa4d02	Remove hard servlet dependency from SystemSecurityContext (#1812 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-11 10:50:01 +03:00
Avgustin Marinov	c8321fdb44	Feature/add tenant and user into mdc (#1806 ) * Add MDC * Add tenant/user into MDC in order to be possible to be used in logging Enabled by default. Could be disabled via hawkbit.logging.mdchandler.enable=false Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> --------- Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 14:27:07 +03:00
Avgustin Marinov	6106d3c16c	Fix sonar findings (#1792 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-29 13:50:42 +03:00
Avgustin Marinov	9cc9b23398	Make noop default password encoder for StaticAuthenticationProvider (#1791 ) if no provider is specified for the password Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-29 11:51:13 +03:00
Avgustin Marinov	947e48c1b5	Disable request cache (#1789 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-26 14:45:41 +03:00
Avgustin Marinov	0c5a0a65d0	Add REST API security filter chain customization (#1788 ) It is called just before the build and could be used for instance to set application provider. Note: implementation of customizers shall always take in account what is the already set by the hawkBit Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-26 13:49:09 +03:00
Avgustin Marinov	3a34ded4f6	Support for simultaneous base and OAuth authentication (#1785 ) * Remove _OidcAuthenticationSuccessHandler_: * _OAuth2AuthenticationToken.setDetails_ is made by jwt authentication converter * get tenant data (with potentially creating tenant) is done via a filter added in filterChainREST * _filterChainREST_ uses _Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>>_ as configuration for OAuth. Thus it is not bound with oauth client configuration * _OidcUserManagementAutoConfiguration_ - now registers (if conditions are met) Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> which covers both - oauth legacy filter from filterChainREST and OidcBearerTokenAuthenticationFilter * Since oauth clients are not related to hawkBit anymore (since removal of legacy UI) and the proper configuration would be via resource server or whatever, the _OidcUserManagementAutoConfiguration_ is DEPRECATED and for removal * _UserAuthenticationFilter_ is removed * Enabled sumiltaneous base and oauth authentication. Still, by default, if OAuth configured http authentication is disabled. However, if OAuth it is configured (via _Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>>)_ and hawkbit.server.security.allowHttpBasicOnOAuthEnabled is set to true then http auth would be also enabled * _OidcUserManagementAutoConfiguration_ could be disabled with hawkbit.server.security.oAuth2OnClientsConfig.enabled=false Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-26 10:59:15 +03:00
Avgustin Marinov	6b8917e229	Remove MultitenancyIndicator as not used (#1787 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-26 09:34:11 +03:00
Avgustin Marinov	c253a4fccd	Remove obsolete OIDC logout handling (#1781 ) Obsolete with removing th UI - no loging anymore Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com	2024-07-24 14:01:31 +03:00
Avgustin Marinov	b234271361	Support for OAuth2 resource server with issuer URI (#1731 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-05-14 16:59:05 +03:00
Avgustin Marinov	8d9cfcb17b	Remove PermissionService - unused (#1717 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-04-18 12:47:26 +03:00
Avgustin Marinov	1640025a25	Apply role hierarchy in hasPermission checks (#1675 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-03-07 18:52:50 +02:00
Avgustin Marinov	536bb19382	Add Roles and Hierarchies (#1673 ) Adds Roles (SpRole -> TENANT_ADMIN, REPOSITORY_ADMIN, ...) and intuitive hierarcy rules for them Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-03-01 12:35:40 +02:00
Avgustin Marinov	f45d8f0180	Fix TenantAwareUserProperies (#1672 ) Fixed in order to get properties of form hawkbit.security.user.<username>.<property> Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-29 16:03:11 +02:00
Avgustin Marinov	311922c4aa	Move static config based auth provider in security-core (#1671 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-29 15:18:44 +02:00
Avgustin Marinov	57450bf31b	Add fine graned role and permission for user management (#1670 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-29 12:01:35 +02:00

1 2 3 4 5

217 Commits