Avgustin Marinov
98daa696de
Refactor caches ( #2775 )
...
* added static usage of cache in order access it easier
* added mandatory (in hawkbit-core) registration - always tenant aware caches shall be used - hawkbit depends on it
* added per cache and tenant name configuration
* (not really realted to caches) but in order to be easier evicted entities after commit handlers are now statically accessed
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-24 16:42:40 +03:00
Stanislav Trailov
1b62bee92f
Add update repositopry permission to handleMaxAssignmentsExceeded in deployment management ( #2768 )
...
* Action history cleanup/purge initial
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply changes after review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix hibernate build by annotating delete methods with transactional annotation
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* changes after review and new test cases for new requirements
* accept 0 for keep last
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* Fix ManagementSecurityTest
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply object utils check
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix for oldestAction deletion
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* remove unused comment
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* rename action ids variable
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* Fix access control handling
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Add update repositopry permission to handleMaxAssignmentsExceeded in deployment management
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
---------
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-22 14:54:40 +03:00
Avgustin Marinov
8a36ba6203
Fix action delete access control - to require only target update (not delete also) ( #2767 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-22 13:33:56 +03:00
Avgustin Marinov
3caa9d9eda
Switch completely to locked for checking if DS could be functionally modified ( #2766 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-22 11:46:36 +03:00
Avgustin Marinov
e154e1b18a
[ #2429 ] Add completeness property for software modules ( #2765 )
...
* add `min artifacts` requirement on the Software Module Type level for Software Module completeness
* removed `complete` Distribution Set property from DB - calculated runtime
* Distribution Set and Software Module completeness is calcualted on demand in memory (TODO: implement cache)
* locking of Software Module now requires the software module to be `completed`
* removed 'complete' search field for DistributionSet type. Still keep (DEPRECATED) limited support for search with 'complete' -
only on the first level of expression and with AND. I.e. complete==true, complete==false and id=in=(1, 3) is suppoted,
while complete==false or id=in=(1, 3) and id=in(1, 3) and (type==os and complete==true) are not
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-22 09:57:45 +03:00
Stanislav Trailov
f1c3d0175e
Action history cleanup/purge initial ( #2728 )
...
* Action history cleanup/purge initial
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply changes after review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix hibernate build by annotating delete methods with transactional annotation
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* changes after review and new test cases for new requirements
* accept 0 for keep last
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* Fix ManagementSecurityTest
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply object utils check
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix for oldestAction deletion
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* remove unused comment
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* rename action ids variable
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* Fix access control handling
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
---------
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-21 10:34:58 +03:00
Avgustin Marinov
04cd9fb30d
Refactor TenantAware - remove TenantRunner and replace with standard Runnable / Callable ( #2755 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-14 16:36:42 +03:00
Avgustin Marinov
3447ac3b1b
Fix system context resolving in ACM ( #2737 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-10 12:02:16 +03:00
Avgustin Marinov
e7d9ee7990
Add Target(Type)Management tests ( #2735 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-10 08:36:08 +03:00
Avgustin Marinov
e23d2aa920
Add DeploymentManagement ACM test ( #2726 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-10-08 11:07:15 +03:00
Avgustin Marinov
ccecf9b8d6
Rename READ_SOFTWARE_MODULE_DOWNLOAD to READ_SOFTWARE_MODULE_ARTIFACT ( #2710 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-30 16:13:41 +03:00
Avgustin Marinov
1919af4a9d
Remove VirtualPropertyReplacer ( #2701 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-26 17:17:38 +03:00
Avgustin Marinov
4434484d35
Deprecate VirtualPropertyReplacer ( #2697 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-26 14:56:32 +03:00
Avgustin Marinov
b181b66ee5
Extend Query Langage Support ( #2696 )
...
* add option for parser replacement - so, one could replace the query language and don't use RSQL
* add easy way to modify query root Node
* add easy Node modification utilities
* code refactored and naming more 'QL' than 'RSQL' oriented
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-26 14:19:25 +03:00
Avgustin Marinov
c906c2f2eb
Type Access Controllers enabled by default if AC is enabled ( #2694 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-25 16:53:19 +03:00
Avgustin Marinov
4444fc92bc
Finalize and polish fine-grained permission (Follow up) ( #2676 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-18 12:02:40 +03:00
Avgustin Marinov
ae3a004da0
Finalize and polish fine-grained permission ( #2660 )
...
* Remove _REPOSITORY_ permissions -> replaced with _SOFTWARE_MODULE_, _SOFTWARE_MODULE_TYPE_, _DISTRIBUTION_SET_, _DISTRIBUTION_SET_TYPE_ permissions
* Still kept _ROLE_REPOSITORY_ADMIN_ role granting all repository fine-graned permissions
* Added dedicated _TARGET_TYPE_ permission set - the _TARGET_ permissions just grant _READ_TARGET_TYPE_ (analogically _SOFTWARE_MODULE_ permissions grant _READ_SOFTWARE_MODULE_TYPE_ and _DISTRIBUTION_SET_ grants _READ_DISTRIBUTON_SET_TYPE_
* Hierarcy is not configurable - could be completely replaced by setting spring application property org.eclipse.hawkbit.hierarchy or could be extended by adding rules using org.eclipse.hawkbit.hierarchy.ext
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-09 15:42:11 +03:00
Avgustin Marinov
1f71e01318
Implement JSON security context serializer (new default) - smaller info and human readable ( #2652 )
...
keeps backward compatibility by being able to fallback to JAVA_SERIALIZATION
+ fix DMF messages with status code
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-05 13:35:45 +03:00
Avgustin Marinov
2c995b3665
Add fine grained sm/ds type permission ( #2649 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-09-04 15:05:32 +03:00
Avgustin Marinov
2a636328a0
20250828 cleanup ( #2639 )
...
* Cleanup
* Refactor artifact management
2025-09-02 16:08:14 +03:00
Avgustin Marinov
4f0a8893c7
Abstract RepositoryManagement test ( #2631 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-28 12:58:53 +03:00
Avgustin Marinov
b4edde8cc3
Refactor Management interfaces: find/get pattern ( #2609 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-15 16:18:32 +03:00
Avgustin Marinov
8abf7275c4
Unified secman test ( #2606 )
...
* Unified Security Management Test
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Add unified ManagementSecurityTest
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-13 12:12:16 +03:00
Avgustin Marinov
c5bbbeaac7
Align DeploymentRequestBuilder with the rest of the builders ( #2607 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-13 08:58:35 +03:00
Stanislav Trailov
45cd012532
Introduce Stop of a rollout ( #2595 )
...
* Stop of a rollout feature
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* remove some test comments
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* make stop transactional
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* attempt to fix hibernate failed tests
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix some sonar issues
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* changes after review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix build
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fixes after review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* finish all rollout groups on deletion of rollout
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* refactor finishing groups
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix RolloutManagementTest
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
---------
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
2025-08-12 17:13:50 +03:00
Avgustin Marinov
441b78460d
Improve Permission Management ( #2604 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-12 14:09:27 +03:00
Avgustin Marinov
124fef189e
Remove Rollout(Group) builders ( #2603 )
...
* Fix entityManager.merge for ds and sm
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Remove Rollout(Group) builders
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Remove EntityFactory
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-11 14:01:03 +03:00
Avgustin Marinov
bff77ac224
Cleanup TargetManagement ( #2601 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-08 13:13:28 +03:00
Avgustin Marinov
c038c507a9
TargetManagement over RepositoryManagement ( #2599 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-07 17:20:22 +03:00
Avgustin Marinov
08ff739bbe
Fix DS Type update to do not remove mandatory/optional module types ( #2598 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-07 14:29:54 +03:00
Vasil Ilchev
a55d5cd517
Fix class cast exception when deserielize getRemoteEvent() by any ServiceEvent ( #2593 )
...
Co-authored-by: vasilchev <vasil.ilchev@bosch.com >
2025-08-06 09:46:19 +03:00
Avgustin Marinov
e2805fd386
Refactor SofrwareModule Management ( #2594 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-05 17:26:22 +03:00
Avgustin Marinov
6aa8ccaa9c
Refactor DS Management ( #2591 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-05 15:45:41 +03:00
Vasil Ilchev
1a4df60c59
Introducing TargetUpdatedServiceEvent, ActionCreatedServiceEvent, Act… ( #2588 )
...
* Introducing TargetUpdatedServiceEvent, ActionCreatedServiceEvent, ActionUpdatedServiceEvent
* Fix ActionServiceEvents with payload annotation and add ActionEvents and ActionService tests to message converters
* Adapted EventVerifier to expect new ServiceEvents
---------
Co-authored-by: vasilchev <vasil.ilchev@bosch.com >
2025-08-05 10:16:08 +03:00
Avgustin Marinov
7b24981a1d
Implement TargetFilterQueryManagement with AbstractJpaRepositoryManagement ( #2587 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-05 09:53:24 +03:00
Vasil Ilchev
78a7f92868
Fix ServiceRemoteEvents to be RemoteTenantAware ( #2586 )
...
Co-authored-by: vasilchev <vasil.ilchev@bosch.com >
2025-08-04 12:54:39 +03:00
Avgustin Marinov
e7b553cd5d
Fix Sonar Findings ( #2584 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-04 09:35:43 +03:00
Avgustin Marinov
a689733d4c
TargetType management over common RepositoryManagement ( #2581 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-01 19:24:49 +03:00
Avgustin Marinov
fd9c0fc50d
Implement target tag management using common RepositoryManagement (and abstract JPA impl) ( #2580 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-01 13:41:20 +03:00
Avgustin Marinov
5d75c9b0cc
Absract metatype impl ( #2575 )
...
* Add common "interface" for metadata supporting entities
* Add common metadata implementation for distribution set and software module
* Extract PermissionSupport + extend by TargetManagement
* TargetManagement tags are now protected by Target permissions - as it should be
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-08-01 12:41:53 +03:00
Vasil Ilchev
cca105c80e
Move EventPublisher to hawkbit-repository-core making hawkbit-reposit… ( #2576 )
...
* Move EventPublisher to hawkbit-repository-core making hawkbit-repository-api non dependent to rabbit binders
* Move EventPublisherHolder to org.eclipse.hawkbit.repository.event
* Fix overriding default values of RemoteEvents and rabbit binder
---------
Co-authored-by: vasilchev <vasil.ilchev@bosch.com >
2025-08-01 08:48:07 +03:00
Avgustin Marinov
08cacf9034
Soft Module metadata as complex map value ( #2568 )
...
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-30 17:29:02 +03:00
Vasil Ilchev
4a8e60764f
Remote Events migrated from Spring Bus to Spring Cloud Stream ( #2563 )
...
* Remote Events migrated from Spring Bus to Spring Cloud Stream
---------
Co-authored-by: vasilchev <vasil.ilchev@bosch.com >
2025-07-30 16:58:00 +03:00
Avgustin Marinov
10da0288d9
Fix sonar findings ( #2572 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-30 10:13:23 +03:00
Avgustin Marinov
2b66449ff1
Fine grained repository permissions ( #2562 )
...
1. Introduce @PrreAuthorize check based on hasPermission - allowing custom processing (compared with non-modifiable hasAuthority/Role processing)
2. Dedicated permissions could be implemented on management api level. Check is made by plugged in PermissionEvaluator
3. Thus common XXX_REPOSITORY permissions could differ for extending services
4. Change create/update entity builder pattern - not via EntityFactory but via clean static lombok based builders (with fine fluent api).
5. Implement abstract repository management jpa class that handles the boilerplate code from extending classes in single place consistently -> AbsreactJpaRepositoryManagement
6. Register management api-s as **Sevice**-s instead of **Bean**-s in order to make easier maintainable and get away from heavy argument forwading
7. Simplify custom hawkbit repository registration + adding proxy to handle exception mapping at lower level - thus not depending on Aspects for converting exceptions
8. Implemented general purpose 'copy' utility (ObjectCopyUtil) that using getter/setter patterns is able to copy (e.g. Create/Update) objects to other objects (e.g. JPA entity objects)
2025-07-28 14:57:33 +03:00
Stanislav Trailov
0e3fa11d3e
fix build ( #2547 )
...
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
2025-07-14 17:01:05 +03:00
Stanislav Trailov
b4793fcce1
Introduce target grouping ( #2538 )
...
* Introduce target grouping
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* minor refactor
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* throw validation exception instead direct returning bad request response
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix group query parameter
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* remove wrongly added import
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* add review fixes
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply latest review changes
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* apply latest changes after sybnc/review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
* fix after review
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
---------
Signed-off-by: strailov <Stanislav.Trailov@bosch.io >
2025-07-14 15:48:37 +03:00
Avgustin Marinov
e7373275bf
Add distribution set and target type fine grained permissions ( #2545 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-14 14:52:36 +03:00
Avgustin Marinov
21581c4ea4
Fine-grained permissions ( #2535 )
...
* Fine-grained permissions
Adds support for permissions of type <permission>(/<rsql filter scope>)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
* Apply review fixes
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-10 13:51:49 +03:00
Avgustin Marinov
edd6dabb90
Move artifact encryption to hawkbit-artifact-api where it does belong ( #2540 )
...
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com >
2025-07-10 11:57:44 +03:00