hawkbit

Author	SHA1	Message	Date
Avgustin Marinov	ef25aa59f0	Fix new line after @Test (#2486 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-06-20 17:42:55 +03:00
Avgustin Marinov	cb7f1107fe	Remove allure (phase2) (#2483 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-06-20 15:51:06 +03:00
Avgustin Marinov	0ba4c7b790	Update documentation (#2451 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-06-13 13:19:35 +03:00
Denislav Prinov	7aa33cd96b	Refactoring the audit log message -> description field Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2025-04-22 08:11:53 +03:00
Avgustin Marinov	32990ab2ea	Add CORS support for DDI API (#2337 ) For instance if used in remote swagger or web apps Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-04-02 09:01:02 +03:00
Denislav Prinov	c6d89f6c83	Audit log wildcard * introduction to include all parameters by default Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>	2025-04-01 10:02:26 +03:00
Denislav Prinov	23154d70cc	Audit Logging in HawkBit (#2314 ) * Introduction of Audit Logging in hawkBit Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Introduction of Audit Logging in hawkBit Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Refactoring: * applied code formatter * audit moved into hawkbit-security-core * minimize dependences * use AuditorAware to retrieve user - so to be compatible with the logs into DB Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com> * Move audit entities to security core Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> * Introduce audit log method types Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> --------- Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com> Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com> Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-03-31 08:51:54 +03:00
Avgustin Marinov	1c3245e013	Remove SYSTEM_ADMIN imply ROLTE_TENANT_ADMIN (#2293 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-02-19 14:45:09 +02:00
Avgustin Marinov	76ce1cf052	Cleanup and improve the controller authentication (#2287 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2025-02-18 15:10:16 +02:00
Avgustin Marinov	849ea24632	Security artifacts moved in hawkbit-security-parent (#2016 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-12 12:50:36 +02:00
Avgustin Marinov	3effa996dd	Refactor tenancy classes (#1972 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 16:12:18 +02:00
Avgustin Marinov	590dbc06ff	Fix TenantAwareUserPropertes.User password (#1971 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 15:42:57 +02:00
Avgustin Marinov	a1e319ee37	Remove OidcUserManagementAutoConfiguration (#1969 ) [release notes] Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 14:32:17 +02:00
Avgustin Marinov	73253abce0	Refactor hawkbit-core (#1967 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 13:11:59 +02:00
Avgustin Marinov	ade5723c8c	Remove unused TenantUserPasswordAuthenticationToken (#1966 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 12:29:19 +02:00
Avgustin Marinov	03baf2a4c2	Remvoe PermissionUtils class (#1965 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 11:36:16 +02:00
Avgustin Marinov	c69efe65b2	Remove PermissionsUtil (#1964 ) Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>	2024-11-08 11:31:09 +02:00
Avgustin Marinov	1c16bd66d3	Code format hawkbit2 (#1949 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-11-05 11:43:54 +02:00
Avgustin Marinov	d842bc2aaa	Code format hawkbit (#1948 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-11-05 11:41:56 +02:00
Avgustin Marinov	71aa00ca7c	Code format - hawkbit-security-core (#1925 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-11-05 09:21:55 +02:00
Avgustin Marinov	8da475dff0	MDC hanlder refactoring (#1911 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-10-23 09:20:15 +03:00
Avgustin Marinov	12928a5939	Fix/jparolloutshandlerlogging (#1819 ) Fix JpaExecutorHandler logging MDC context Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-13 09:30:09 +03:00
Avgustin Marinov	9bb61fd829	Add MDC context in SecurityContdxtTenantAware (#1818 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-13 09:06:53 +03:00
Avgustin Marinov	a99e80b41e	MDCHandler - fix sonar findings (#1816 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-12 11:45:35 +03:00
Avgustin Marinov	e10542929a	Small code clean-up (#1815 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-12 09:11:19 +03:00
Avgustin Marinov	e9759fecdb	Fix MDCHandler unused import (#1814 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-12 08:45:27 +03:00
Avgustin Marinov	e1d928e92e	Fix MDCHandler when authentication is null (#1813 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-12 08:43:01 +03:00
Avgustin Marinov	d851fa4d02	Remove hard servlet dependency from SystemSecurityContext (#1812 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-11 10:50:01 +03:00
Avgustin Marinov	e874cf5014	Feature/remove hard requirements for mdc (#1811 ) * Remove hard requirements for MDCHandler dependencies Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> --------- Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 18:12:58 +03:00
Avgustin Marinov	8c2d1037bb	Fix Sonar findings (#1810 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 17:43:50 +03:00
Avgustin Marinov	9dd493d783	Fix MDCHandler for servlets. Config enable -> enabled (#1808 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 16:38:20 +03:00
Avgustin Marinov	141d167a81	Improve MDCHolder method names (#1807 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 14:31:14 +03:00
Avgustin Marinov	c8321fdb44	Feature/add tenant and user into mdc (#1806 ) * Add MDC * Add tenant/user into MDC in order to be possible to be used in logging Enabled by default. Could be disabled via hawkbit.logging.mdchandler.enable=false Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com> --------- Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 14:27:07 +03:00
Avgustin Marinov	bcafdbdb86	Remove contentSecurityPolicy - UI leftover (#1805 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-08-09 08:22:41 +03:00
Avgustin Marinov	6106d3c16c	Fix sonar findings (#1792 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-29 13:50:42 +03:00
Avgustin Marinov	9cc9b23398	Make noop default password encoder for StaticAuthenticationProvider (#1791 ) if no provider is specified for the password Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-29 11:51:13 +03:00
Avgustin Marinov	3a34ded4f6	Support for simultaneous base and OAuth authentication (#1785 ) * Remove _OidcAuthenticationSuccessHandler_: * _OAuth2AuthenticationToken.setDetails_ is made by jwt authentication converter * get tenant data (with potentially creating tenant) is done via a filter added in filterChainREST * _filterChainREST_ uses _Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>>_ as configuration for OAuth. Thus it is not bound with oauth client configuration * _OidcUserManagementAutoConfiguration_ - now registers (if conditions are met) Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>> which covers both - oauth legacy filter from filterChainREST and OidcBearerTokenAuthenticationFilter * Since oauth clients are not related to hawkBit anymore (since removal of legacy UI) and the proper configuration would be via resource server or whatever, the _OidcUserManagementAutoConfiguration_ is DEPRECATED and for removal * _UserAuthenticationFilter_ is removed * Enabled sumiltaneous base and oauth authentication. Still, by default, if OAuth configured http authentication is disabled. However, if OAuth it is configured (via _Customizer<OAuth2ResourceServerConfigurer<HttpSecurity>>)_ and hawkbit.server.security.allowHttpBasicOnOAuthEnabled is set to true then http auth would be also enabled * _OidcUserManagementAutoConfiguration_ could be disabled with hawkbit.server.security.oAuth2OnClientsConfig.enabled=false Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-26 10:59:15 +03:00
Avgustin Marinov	6b8917e229	Remove MultitenancyIndicator as not used (#1787 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-07-26 09:34:11 +03:00
Avgustin Marinov	6e6f96a0f4	Fix lastModifiedBy on modification perfomed by the JpaRolloutExecutor (#1748 ) 1. The auditor is got on transaction commit - so haven't used the tenant & user context until now - write system 2. The start/stop/delete are called by the user (saved in lastModifiedBy) but then executed in JpaRolloutExecutor So the change is: 1. Fix auditor for actions taken by JpaRolloutExecutor to be the createdBy 2. for start/stop/delete the auditor is set to the lastModifiedBy for the transaction (hence all action taken) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-06-21 08:27:24 +03:00
Avgustin Marinov	8d9cfcb17b	Remove PermissionService - unused (#1717 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-04-18 12:47:26 +03:00
Avgustin Marinov	1f2dd28ab6	[#1712 ] Fix READ_TENANT_CONFIGURATION hierarchy and add tests (#1714 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-04-12 17:39:31 +03:00
Avgustin Marinov	3611a8eccd	[#1712 ] Introduce READ_TENANT_CONFIGURATION permission (#1713 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-04-12 14:30:29 +03:00
Avgustin Marinov	1640025a25	Apply role hierarchy in hasPermission checks (#1675 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-03-07 18:52:50 +02:00
Avgustin Marinov	536bb19382	Add Roles and Hierarchies (#1673 ) Adds Roles (SpRole -> TENANT_ADMIN, REPOSITORY_ADMIN, ...) and intuitive hierarcy rules for them Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-03-01 12:35:40 +02:00
Avgustin Marinov	f45d8f0180	Fix TenantAwareUserProperies (#1672 ) Fixed in order to get properties of form hawkbit.security.user.<username>.<property> Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-29 16:03:11 +02:00
Avgustin Marinov	311922c4aa	Move static config based auth provider in security-core (#1671 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-29 15:18:44 +02:00
Avgustin Marinov	a0db5ff70e	Rename UserTenantAware to TenantAwareUser (#1668 ) in order to be compatible with other TenantAware entities Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-27 08:43:40 +02:00
Avgustin Marinov	24d70827b7	Improve hawkBit user management (#1666 ) 1. Definded with properties users (static) are configured using property map (no need of indexes) 2. AuthenticationProvider that authenticates them is always registered (if not needed - don't configure them) 3. UserDetailsService (in case of missing - won't be registered) 4. Spring security user (spring.security.username) will be registered together with other users (if any). If any - it will be system-wide, otherwise tenant-scoped. 5. UserPrincipal renamed to TenantAwareUser in order to match its purpose. 6. Some if its fields are removes as not needed - to be closer to spring security user 7. DefaultRolloutApprovalStrategy now use UserAuthoritiesResolver instead of UserDetailsService as the central point of truth Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-26 16:56:37 +02:00
Avgustin Marinov	ab10b67d4e	Fix lombok toString to call super where needed (#1634 ) Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-09 13:00:12 +02:00
Avgustin Marinov	fc561c3eff	REST doc / DDI - fix missed info (#1618 ) When spring restdoc was replaces with swagger & open api some info was lost This commit returns back this info for DDI API Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>	2024-02-07 15:36:32 +02:00

1 2 3 4

180 Commits