Commit Graph

81 Commits

Author SHA1 Message Date
Avgustin Marinov
ae3a004da0 Finalize and polish fine-grained permission (#2660)
* Remove _REPOSITORY_ permissions -> replaced with _SOFTWARE_MODULE_, _SOFTWARE_MODULE_TYPE_, _DISTRIBUTION_SET_, _DISTRIBUTION_SET_TYPE_ permissions
* Still kept _ROLE_REPOSITORY_ADMIN_ role granting all repository fine-graned permissions
* Added dedicated _TARGET_TYPE_ permission set - the _TARGET_ permissions just grant _READ_TARGET_TYPE_ (analogically _SOFTWARE_MODULE_ permissions grant _READ_SOFTWARE_MODULE_TYPE_ and _DISTRIBUTION_SET_ grants _READ_DISTRIBUTON_SET_TYPE_
* Hierarcy is not configurable - could be completely replaced by setting spring application property org.eclipse.hawkbit.hierarchy or could be extended by adding rules using org.eclipse.hawkbit.hierarchy.ext

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-09-09 15:42:11 +03:00
Avgustin Marinov
2e97d67489 Small Artifact storage refactoring (#2648)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-09-03 17:05:59 +03:00
Avgustin Marinov
2a636328a0 20250828 cleanup (#2639)
* Cleanup

* Refactor artifact management
2025-09-02 16:08:14 +03:00
Avgustin Marinov
b4edde8cc3 Refactor Management interfaces: find/get pattern (#2609)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-15 16:18:32 +03:00
Avgustin Marinov
8abf7275c4 Unified secman test (#2606)
* Unified Security Management Test

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Add unified ManagementSecurityTest

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-13 12:12:16 +03:00
Avgustin Marinov
c5bbbeaac7 Align DeploymentRequestBuilder with the rest of the builders (#2607)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-13 08:58:35 +03:00
Stanislav Trailov
45cd012532 Introduce Stop of a rollout (#2595)
* Stop of a rollout feature

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* remove some test comments

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* make stop transactional

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* attempt to fix hibernate failed tests

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix some sonar issues

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* changes after review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix build

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fixes after review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* finish all rollout groups on deletion of rollout

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* refactor finishing groups

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix RolloutManagementTest

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
2025-08-12 17:13:50 +03:00
Avgustin Marinov
124fef189e Remove Rollout(Group) builders (#2603)
* Fix entityManager.merge for ds and sm

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Remove Rollout(Group) builders

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Remove EntityFactory

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-11 14:01:03 +03:00
Avgustin Marinov
bff77ac224 Cleanup TargetManagement (#2601)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-08 13:13:28 +03:00
Avgustin Marinov
5217297c24 Fix Sonar findings (#2600)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-08 10:33:17 +03:00
Avgustin Marinov
c038c507a9 TargetManagement over RepositoryManagement (#2599)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-07 17:20:22 +03:00
Avgustin Marinov
b3e32c14b6 Fix Sonar Findings (#2596)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-07 09:27:52 +03:00
Avgustin Marinov
6aa8ccaa9c Refactor DS Management (#2591)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-05 15:45:41 +03:00
Avgustin Marinov
7b24981a1d Implement TargetFilterQueryManagement with AbstractJpaRepositoryManagement (#2587)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-05 09:53:24 +03:00
Avgustin Marinov
a689733d4c TargetType management over common RepositoryManagement (#2581)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-01 19:24:49 +03:00
Avgustin Marinov
fd9c0fc50d Implement target tag management using common RepositoryManagement (and abstract JPA impl) (#2580)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-01 13:41:20 +03:00
Avgustin Marinov
5d75c9b0cc Absract metatype impl (#2575)
* Add common "interface" for metadata supporting entities
* Add common metadata implementation for distribution set and software module
* Extract PermissionSupport + extend by TargetManagement
* TargetManagement tags are now protected by Target permissions - as it should be

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-08-01 12:41:53 +03:00
Avgustin Marinov
08cacf9034 Soft Module metadata as complex map value (#2568)
---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-30 17:29:02 +03:00
Avgustin Marinov
10da0288d9 Fix sonar findings (#2572)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-30 10:13:23 +03:00
Florian BEZANNIER
d2b8e74056 Improve Simple UI (#2554)
* feat[Simple-UI]: add action status list

* fix[Simple-UI]: various ui issues

* chore: add devtool

* feat[Simple-UI: add DS metadata

* feat[Simple-UI]: add sort in DS view

* feat[Simple-UI]: add created at to DS view

* style[Simple-UI]: remove id from DS view

* feat[Simple-UI]: add rsql filter & url filter

* feat[Simple-UI]: if one ds in result show details

* feat[Simple-UI]: add filter from url to targetview

* feat[Simple-UI]: add link from target details view to DS

* feat[Simple-UI]: add sort & version on target view

* refacto[Simple-UI]: linkted text area

* feat[Simple-UI]: dynamic homepage depending on permissions

* feat[Simple-UI]: sort by newest version

* feat[Simple-UI]: add target address

* feat[Simple-UI]: sort by last modified target

* fix[Simple-UI]: securityToken null if no permission

* fix[Simple-UI]: green circle on bad update

* feat[Simple-UI]: use local date format

* docs: update user config

* fix: tag filter

* feat[Simple-UI]: search on multiple attributes

* refacto: rename TargetActions -> TargetActionsHistory

* refacto: move TargetActionsHistory to a new file
2025-07-28 16:07:25 +03:00
Avgustin Marinov
2b66449ff1 Fine grained repository permissions (#2562)
1. Introduce @PrreAuthorize check based on hasPermission - allowing custom processing (compared with non-modifiable hasAuthority/Role processing)
2. Dedicated permissions could be implemented on management api level. Check is made by plugged in PermissionEvaluator
3. Thus common XXX_REPOSITORY permissions could differ for extending services
4. Change create/update entity builder pattern - not via EntityFactory but via clean static lombok based builders (with fine fluent api).
5. Implement abstract repository management jpa class that handles the boilerplate code from extending classes in single place consistently -> AbsreactJpaRepositoryManagement
6. Register management api-s as **Sevice**-s instead of **Bean**-s in order to make easier maintainable and get away from heavy argument forwading
7. Simplify custom hawkbit repository registration + adding proxy to handle exception mapping at lower level - thus not depending on Aspects for converting exceptions
8. Implemented general purpose 'copy' utility (ObjectCopyUtil) that using getter/setter patterns is able to copy (e.g. Create/Update) objects to other objects (e.g. JPA entity objects)
2025-07-28 14:57:33 +03:00
Avgustin Marinov
0d38cb5a7d Fix Sonar findings (#2553)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-16 10:38:47 +03:00
Stanislav Trailov
b4793fcce1 Introduce target grouping (#2538)
* Introduce target grouping

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* minor refactor

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* throw validation exception instead direct returning bad request response

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix group query parameter

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* remove wrongly added import

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* add review fixes

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* apply latest review changes

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* apply latest changes after sybnc/review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

* fix after review

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>

---------

Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
2025-07-14 15:48:37 +03:00
Avgustin Marinov
e7373275bf Add distribution set and target type fine grained permissions (#2545)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-14 14:52:36 +03:00
Avgustin Marinov
21581c4ea4 Fine-grained permissions (#2535)
* Fine-grained permissions

Adds support for permissions of type <permission>(/<rsql filter scope>)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Apply review fixes

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-10 13:51:49 +03:00
Avgustin Marinov
edd6dabb90 Move artifact encryption to hawkbit-artifact-api where it does belong (#2540)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-07-10 11:57:44 +03:00
Avgustin Marinov
651bd7df98 Deprecate PUT target tag multi-assignment (#2468)
* Deprecate PUT /rest/v1/targettags/{targetTagId}/assigned -> use new POST method with same endpoint and params
* Remove deprecated DS tag mulit-assigned PUT method /rest/v1/distributionsettags/{distributionsetTagId}/assigned -> use already existing POST method with same endpoint and params

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2025-06-18 15:13:25 +03:00
Avgustin Marinov
2992f5c211 Refactor management api style (#2445)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-10 17:09:03 +03:00
Avgustin Marinov
85ef8652fc Refactoring/simplifying rest resources code (2) (#2444)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-10 15:14:43 +03:00
Avgustin Marinov
e643707d41 Refactoring/simplifying rest resources code (#2443)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-10 14:06:43 +03:00
Avgustin Marinov
6167dce214 Hide getRolloutWithStatusDetails from API (#2442)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-10 11:50:45 +03:00
Avgustin Marinov
a7162a1e48 Remove name and in of HTTP schemas of Mgmt apidoc - should not be specified with HTTP type (#2441)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-10 09:47:13 +03:00
Avgustin Marinov
3e1d6b6dca Remove OpenAPI registration (#2440)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-09 17:57:06 +03:00
Avgustin Marinov
521c3cd096 Add version to Mgmt Open API info (#2439)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-09 17:49:43 +03:00
Avgustin Marinov
6840025ec1 Order rest APIs in openapi doc (#2438)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-09 15:41:09 +03:00
Vasil Ilchev
09a3d3e0c6 Fix retrieve Rollout with details (#2435)
* Fix retrieve Rollout with details

* Rename RolloutManagement method for retrieve Rollout slice with details. Slight refactoring in MgmtRolloutMapper

---------

Co-authored-by: vasilchev <vasil.ilchev@bosch.com>
2025-06-09 15:38:20 +03:00
Avgustin Marinov
5a304af165 Fix swagger config (#2437)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-09 13:21:24 +03:00
Avgustin Marinov
32ad93c59c Tune Swagger doc (#2436)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-09 12:52:55 +03:00
Avgustin Marinov
64ee8b9906 JpaSoftwareModule#metadata made map (#2412)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-05-21 16:59:25 +03:00
Avgustin Marinov
452d8618d7 JpaDistributionSet#metadata made Map (#2411)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-05-21 13:45:18 +03:00
Avgustin Marinov
ceba4f5cfb Unify target attributes and metadata (#2408)
* Unify target attributes and metadata

Currently, the target attributes are Map while the metadata,
which has the same concept is List.
This PR unifies them making the metadata also a Map

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-05-21 11:26:02 +03:00
Denislav Prinov
7aa33cd96b Refactoring the audit log message -> description field
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
2025-04-22 08:11:53 +03:00
Avgustin Marinov
f4fb11535c [#1744] Add permissions to MgmtUserInfo (#2356)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-04-15 09:51:21 +03:00
Denislav Prinov
23154d70cc Audit Logging in HawkBit (#2314)
* Introduction of Audit Logging in hawkBit

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Introduction of Audit Logging in hawkBit

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Refactoring:

* applied code formatter
* audit moved into hawkbit-security-core
* minimize dependences
* use AuditorAware to retrieve user - so to be compatible with the logs into DB

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Move audit entities to security core

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Introduce audit log method types

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

---------

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-03-31 08:51:54 +03:00
Avgustin Marinov
beda747c67 Remove unnecessary JsonProperty annotations (#2296)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-02-25 08:40:14 +02:00
Avgustin Marinov
059fd26fae Add POST REST method for assigning tag to multiple DS (#2280)
!!! the PUT method is deprecated for removal

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-02-13 14:49:55 +02:00
Avgustin Marinov
1c9153f080 SDK: Fix link download release (#2273)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-02-13 09:52:49 +02:00
Vasil Ilchev
64ffc6a27a Mgmt/actions confirm (#2271)
* Extend MGMT API to be possible to confirm/deny Actions on Targets as Operators.

* Added tests

* Fixed permissions in api doc

* added missing license header

---------

Co-authored-by: vasilchev <vasil.ilchev@bosch.com>
2025-02-13 09:10:24 +02:00
Avgustin Marinov
881900600f Sonar Fixes (#2243)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-01-27 16:46:28 +02:00
Avgustin Marinov
a61e9cd6ae Sonar Fixes (#2233)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-01-24 15:41:06 +02:00