lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
3,664 Commits 1 Branch 0 Tags
b5a2d39518dfe1fe4dfba09d694b19461b6ef79f
Commit Graph

203 Commits

Author SHA1 Message Date
Avgustin Marinov
441b78460d Improve Permission Management (#2604) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-08-12 14:09:27 +03:00
Avgustin Marinov
c038c507a9 TargetManagement over RepositoryManagement (#2599) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-08-07 17:20:22 +03:00
Avgustin Marinov
10da0288d9 Fix sonar findings (#2572) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-30 10:13:23 +03:00
Avgustin Marinov
2b66449ff1 Fine grained repository permissions (#2562) 
1. Introduce @PrreAuthorize check based on hasPermission - allowing custom processing (compared with non-modifiable hasAuthority/Role processing)
2. Dedicated permissions could be implemented on management api level. Check is made by plugged in PermissionEvaluator
3. Thus common XXX_REPOSITORY permissions could differ for extending services
4. Change create/update entity builder pattern - not via EntityFactory but via clean static lombok based builders (with fine fluent api).
5. Implement abstract repository management jpa class that handles the boilerplate code from extending classes in single place consistently -> AbsreactJpaRepositoryManagement
6. Register management api-s as **Sevice**-s instead of **Bean**-s in order to make easier maintainable and get away from heavy argument forwading
7. Simplify custom hawkbit repository registration + adding proxy to handle exception mapping at lower level - thus not depending on Aspects for converting exceptions
8. Implemented general purpose 'copy' utility (ObjectCopyUtil) that using getter/setter patterns is able to copy (e.g. Create/Update) objects to other objects (e.g. JPA entity objects)
 2025-07-28 14:57:33 +03:00
Avgustin Marinov
0d38cb5a7d Fix Sonar findings (#2553) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-16 10:38:47 +03:00
Avgustin Marinov
a34364bc3e Make allAuthorities unmodifiable (#2551) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-15 13:29:20 +03:00
Avgustin Marinov
8bf77ee5dc Single all authorities resolving (#2550) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-15 10:56:36 +03:00
Avgustin Marinov
8a60f9b98b Fix getAllAuthorities (#2548) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-15 09:28:55 +03:00
Avgustin Marinov
e7373275bf Add distribution set and target type fine grained permissions (#2545) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-14 14:52:36 +03:00
Avgustin Marinov
c3fdd9fcc8 Refactor permissions (#2544) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-11 16:50:01 +03:00
Avgustin Marinov
21581c4ea4 Fine-grained permissions (#2535) 
* Fine-grained permissions

Adds support for permissions of type <permission>(/<rsql filter scope>)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Apply review fixes

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-10 13:51:49 +03:00
Avgustin Marinov
8c6d56f177 Make some test timeouts (await) configurable (#2525) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-07-02 12:45:26 +03:00
Avgustin Marinov
ef25aa59f0 Fix new line after @Test (#2486) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-20 17:42:55 +03:00
Avgustin Marinov
cb7f1107fe Remove allure (phase2) (#2483) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-20 15:51:06 +03:00
Avgustin Marinov
ba23ae3fc2 Remove allure (phase 1) - switch to surefire reporting (#2478) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-20 13:41:26 +03:00
Avgustin Marinov
0ba4c7b790 Update documentation (#2451) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-13 13:19:35 +03:00
Denislav Prinov
7aa33cd96b Refactoring the audit log message -> description field 
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
 2025-04-22 08:11:53 +03:00
Avgustin Marinov
32990ab2ea Add CORS support for DDI API (#2337) 
For instance if used in remote swagger or web apps

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-04-02 09:01:02 +03:00
Denislav Prinov
c6d89f6c83 Audit log wildcard * introduction to include all parameters by default 
Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
 2025-04-01 10:02:26 +03:00
Denislav Prinov
23154d70cc Audit Logging in HawkBit (#2314) 
* Introduction of Audit Logging in hawkBit

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Introduction of Audit Logging in hawkBit

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Refactoring:

* applied code formatter
* audit moved into hawkbit-security-core
* minimize dependences
* use AuditorAware to retrieve user - so to be compatible with the logs into DB

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Move audit entities to security core

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Introduce audit log method types

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

---------

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-03-31 08:51:54 +03:00
Avgustin Marinov
1c3245e013 Remove SYSTEM_ADMIN imply ROLTE_TENANT_ADMIN (#2293) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-02-19 14:45:09 +02:00
Avgustin Marinov
76ce1cf052 Cleanup and improve the controller authentication (#2287) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-02-18 15:10:16 +02:00
Avgustin Marinov
849ea24632 Security artifacts moved in hawkbit-security-parent (#2016) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-12 12:50:36 +02:00
Avgustin Marinov
6867b8eac0 Move spring-boot-starter-test and alure to root (#1973) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 16:25:19 +02:00
Avgustin Marinov
3effa996dd Refactor tenancy classes (#1972) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 16:12:18 +02:00
Avgustin Marinov
590dbc06ff Fix TenantAwareUserPropertes.User password (#1971) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 15:42:57 +02:00
Avgustin Marinov
a1e319ee37 Remove OidcUserManagementAutoConfiguration (#1969) 
[release notes]

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 14:32:17 +02:00
Avgustin Marinov
73253abce0 Refactor hawkbit-core (#1967) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 13:11:59 +02:00
Avgustin Marinov
ade5723c8c Remove unused TenantUserPasswordAuthenticationToken (#1966) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 12:29:19 +02:00
Avgustin Marinov
03baf2a4c2 Remvoe PermissionUtils class (#1965) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 11:36:16 +02:00
Avgustin Marinov
c69efe65b2 Remove PermissionsUtil (#1964) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-08 11:31:09 +02:00
Avgustin Marinov
1c16bd66d3 Code format hawkbit2 (#1949) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-11-05 11:43:54 +02:00
Avgustin Marinov
d842bc2aaa Code format hawkbit (#1948) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-11-05 11:41:56 +02:00
Avgustin Marinov
71aa00ca7c Code format - hawkbit-security-core (#1925) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-11-05 09:21:55 +02:00
Avgustin Marinov
8da475dff0 MDC hanlder refactoring (#1911) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-23 09:20:15 +03:00
Avgustin Marinov
12928a5939 Fix/jparolloutshandlerlogging (#1819) 
Fix JpaExecutorHandler logging MDC context

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-13 09:30:09 +03:00
Avgustin Marinov
9bb61fd829 Add MDC context in SecurityContdxtTenantAware (#1818) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-13 09:06:53 +03:00
Avgustin Marinov
a99e80b41e MDCHandler - fix sonar findings (#1816) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-12 11:45:35 +03:00
Avgustin Marinov
e10542929a Small code clean-up (#1815) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-12 09:11:19 +03:00
Avgustin Marinov
e9759fecdb Fix MDCHandler unused import (#1814) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-12 08:45:27 +03:00
Avgustin Marinov
e1d928e92e Fix MDCHandler when authentication is null (#1813) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-12 08:43:01 +03:00
Avgustin Marinov
d851fa4d02 Remove hard servlet dependency from SystemSecurityContext (#1812) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-11 10:50:01 +03:00
Avgustin Marinov
e874cf5014 Feature/remove hard requirements for mdc (#1811) 
* Remove hard requirements for MDCHandler dependencies

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-09 18:12:58 +03:00
Avgustin Marinov
8c2d1037bb Fix Sonar findings (#1810) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-09 17:43:50 +03:00
Avgustin Marinov
9dd493d783 Fix MDCHandler for servlets. Config enable -> enabled (#1808) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-09 16:38:20 +03:00
Avgustin Marinov
141d167a81 Improve MDCHolder method names (#1807) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-09 14:31:14 +03:00
Avgustin Marinov
c8321fdb44 Feature/add tenant and user into mdc (#1806) 
* Add MDC

* Add tenant/user into MDC in order to be possible to be used in logging

Enabled by default. Could be disabled via hawkbit.logging.mdchandler.enable=false

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-09 14:27:07 +03:00
Avgustin Marinov
bcafdbdb86 Remove contentSecurityPolicy - UI leftover (#1805) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-08-09 08:22:41 +03:00
Avgustin Marinov
6106d3c16c Fix sonar findings (#1792) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-07-29 13:50:42 +03:00
Avgustin Marinov
9cc9b23398 Make noop default password encoder for StaticAuthenticationProvider (#1791) 
if no provider is specified for the password

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-07-29 11:51:13 +03:00