Device management operations with no account:read permission fixed

Fix for #1039, #1040, #1041, #1042 and #1043 Signed-off-by: Claudio Mezzasalma <claudio.mezzasalma@eurotech.com>
eclipse-kapua · Nov 22, 2017 · 7b217fc · 7b217fc
1 parent 5185ece
commit 7b217fc
Show file tree

Hide file tree

Showing 10 changed files with 37 additions and 27 deletions.
diff --git a/...ipse/kapua/service/device/management/asset/internal/DeviceAssetManagementServiceImpl.java b/...ipse/kapua/service/device/management/asset/internal/DeviceAssetManagementServiceImpl.java
@@ -19,6 +19,7 @@
 import javax.xml.stream.XMLStreamException;
 
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.locator.KapuaProvider;
@@ -120,7 +121,7 @@ public DeviceAssets get(KapuaId scopeId, KapuaId deviceId, DeviceAssets deviceAs
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return deviceAssetsResponse;
     }
@@ -190,7 +191,7 @@ public DeviceAssets read(KapuaId scopeId, KapuaId deviceId, DeviceAssets deviceA
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return deviceAssetsResponse;
     }
@@ -260,7 +261,7 @@ public DeviceAssets write(KapuaId scopeId, KapuaId deviceId, DeviceAssets device
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return deviceAssetsResponse;
     }

diff --git a/...se/kapua/service/device/management/bundle/internal/DeviceBundleManagementServiceImpl.java b/...se/kapua/service/device/management/bundle/internal/DeviceBundleManagementServiceImpl.java
@@ -15,6 +15,7 @@
 import java.util.Date;
 
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.commons.util.xml.XmlUtil;
 import org.eclipse.kapua.locator.KapuaLocator;
@@ -123,7 +124,7 @@ public DeviceBundles get(KapuaId scopeId, KapuaId deviceId, Long timeout)
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return deviceBundleList;
     }
@@ -180,7 +181,7 @@ public void start(KapuaId scopeId, KapuaId deviceId, String bundleId, Long timeo
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
     @SuppressWarnings({ "unchecked", "rawtypes" })
@@ -235,7 +236,7 @@ public void stop(KapuaId scopeId, KapuaId deviceId, String bundleId, Long timeou
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
 }
diff --git a/.../kapua/service/device/management/command/internal/DeviceCommandManagementServiceImpl.java b/.../kapua/service/device/management/command/internal/DeviceCommandManagementServiceImpl.java
@@ -14,6 +14,7 @@
 import java.util.Date;
 
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.locator.KapuaProvider;
@@ -108,7 +109,7 @@ public DeviceCommandOutput exec(KapuaId scopeId, KapuaId deviceId, DeviceCommand
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         //
         // Parse the response

diff --git a/...ce/device/management/configuration/internal/DeviceConfigurationManagementServiceImpl.java b/...ce/device/management/configuration/internal/DeviceConfigurationManagementServiceImpl.java
@@ -20,6 +20,7 @@
 
 import org.eclipse.kapua.KapuaException;
 import org.eclipse.kapua.KapuaIllegalArgumentException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.commons.util.xml.XmlUtil;
 import org.eclipse.kapua.locator.KapuaLocator;
@@ -136,7 +137,7 @@ public DeviceConfiguration get(KapuaId scopeId, KapuaId deviceId, String configu
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return deviceConfiguration;
     }
@@ -210,7 +211,7 @@ public void put(KapuaId scopeId, KapuaId deviceId, DeviceComponentConfiguration
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
     }
 
@@ -291,6 +292,6 @@ public void put(KapuaId scopeId, KapuaId deviceId, DeviceConfiguration deviceCon
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 }
diff --git a/...apua/service/device/management/snapshot/internal/DeviceSnapshotManagementServiceImpl.java b/...apua/service/device/management/snapshot/internal/DeviceSnapshotManagementServiceImpl.java
@@ -14,6 +14,7 @@
 import java.util.Date;
 
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.commons.util.xml.XmlUtil;
 import org.eclipse.kapua.locator.KapuaLocator;
@@ -125,7 +126,7 @@ public DeviceSnapshots get(KapuaId scopeId, KapuaId deviceId, Long timeout)
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return deviceSnapshots;
     }
@@ -181,6 +182,6 @@ public void rollback(KapuaId scopeId, KapuaId deviceId, String snapshotId, Long
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 }
diff --git a/...kapua/service/device/management/packages/internal/DevicePackageManagementServiceImpl.java b/...kapua/service/device/management/packages/internal/DevicePackageManagementServiceImpl.java
@@ -16,6 +16,7 @@
 import org.eclipse.kapua.KapuaException;
 import org.eclipse.kapua.commons.model.id.IdGenerator;
 import org.eclipse.kapua.commons.model.id.KapuaEid;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.commons.util.xml.XmlUtil;
 import org.eclipse.kapua.locator.KapuaLocator;
@@ -143,7 +144,7 @@ public DevicePackages getInstalled(KapuaId scopeId, KapuaId deviceId, Long timeo
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return devicePackages;
     }
@@ -213,7 +214,7 @@ public void downloadExec(KapuaId scopeId, KapuaId deviceId, DevicePackageDownloa
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
     @Override
@@ -266,7 +267,7 @@ public void downloadStop(KapuaId scopeId, KapuaId deviceId, Long timeout)
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
     @Override
@@ -328,7 +329,7 @@ public DevicePackageDownloadOperation downloadStatus(KapuaId scopeId, KapuaId de
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return downloadOperation;
     }
@@ -393,7 +394,7 @@ public void installExec(KapuaId scopeId, KapuaId deviceId, DevicePackageInstallR
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
     }
 
@@ -470,7 +471,7 @@ public DevicePackageInstallOperation installStatus(KapuaId scopeId, KapuaId devi
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return installOperation;
     }
@@ -534,7 +535,7 @@ public void uninstallExec(KapuaId scopeId, KapuaId deviceId, DevicePackageUninst
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
     @Override
@@ -610,7 +611,7 @@ public DevicePackageUninstallOperation uninstallStatus(KapuaId scopeId, KapuaId
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return uninstallOperation;
     }

diff --git a/.../eclipse/kapua/service/device/registry/lifecycle/internal/DeviceLifeCycleServiceImpl.java b/.../eclipse/kapua/service/device/registry/lifecycle/internal/DeviceLifeCycleServiceImpl.java
@@ -12,6 +12,7 @@
 package org.eclipse.kapua.service.device.registry.lifecycle.internal;
 
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.locator.KapuaProvider;
 import org.eclipse.kapua.message.KapuaPayload;
@@ -122,7 +123,7 @@ public void birth(KapuaId connectionId, KapuaBirthMessage message)
             deviceEventCreator.setPosition(position);
         }
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
     @Override
@@ -151,7 +152,7 @@ public void death(KapuaId connectionId, KapuaDisconnectMessage message)
             deviceEventCreator.setPosition(position);
         }
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 
     @Override
@@ -183,7 +184,7 @@ public void missing(KapuaId connectionId, KapuaMissingMessage message)
             deviceEventCreator.setPosition(position);
         }
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
     }
 
@@ -216,6 +217,6 @@ public void applications(KapuaId connectionId, KapuaAppsMessage message)
             deviceEventCreator.setPosition(position);
         }
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
     }
 }
diff --git a/.../kapua/service/device/management/request/internal/DeviceRequestManagementServiceImpl.java b/.../kapua/service/device/management/request/internal/DeviceRequestManagementServiceImpl.java
@@ -15,6 +15,7 @@
 import org.eclipse.kapua.KapuaErrorCodes;
 import org.eclipse.kapua.KapuaException;
 import org.eclipse.kapua.KapuaRuntimeException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.locator.KapuaProvider;
@@ -115,7 +116,7 @@ public GenericResponseMessage exec(
         deviceEventCreator.setResponseCode(responseMessage.getResponseCode());
         deviceEventCreator.setEventMessage(responseMessage.getPayload().toDisplayString());
 
-        deviceEventService.create(deviceEventCreator);
+        KapuaSecurityUtils.doPrivileged(() -> deviceEventService.create(deviceEventCreator));
 
         return responseMessage;
     }

diff --git a/...ra/src/main/java/org/eclipse/kapua/translator/kapua/kura/AbstractTranslatorKapuaKura.java b/...ra/src/main/java/org/eclipse/kapua/translator/kapua/kura/AbstractTranslatorKapuaKura.java
@@ -13,6 +13,7 @@
 package org.eclipse.kapua.translator.kapua.kura;
 
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.message.KapuaChannel;
 import org.eclipse.kapua.message.KapuaMessage;
@@ -41,7 +42,7 @@ public KuraRequestMessage translate(FROM_M kapuaMessage) throws KapuaException {
         // Kura channel
         KapuaLocator locator = KapuaLocator.getInstance();
         AccountService accountService = locator.getService(AccountService.class);
-        Account account = accountService.find(kapuaMessage.getScopeId());
+        Account account = KapuaSecurityUtils.doPrivileged(() -> accountService.find(kapuaMessage.getScopeId()));
 
         Device device = null;
         DeviceRegistryService deviceService = locator.getService(DeviceRegistryService.class);

diff --git a/...ra/src/main/java/org/eclipse/kapua/translator/kura/kapua/AbstractTranslatorKuraKapua.java b/...ra/src/main/java/org/eclipse/kapua/translator/kura/kapua/AbstractTranslatorKuraKapua.java
@@ -14,6 +14,7 @@
 
 import org.eclipse.kapua.KapuaEntityNotFoundException;
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.message.KapuaChannel;
 import org.eclipse.kapua.message.KapuaMessage;
@@ -32,7 +33,7 @@ public TO_M translate(KuraResponseMessage kuraMessage) throws KapuaException {
 
         final KapuaLocator locator = KapuaLocator.getInstance();
         final AccountService accountService = locator.getService(AccountService.class);
-        final Account account = accountService.findByName(kuraMessage.getChannel().getScope());
+        final Account account = KapuaSecurityUtils.doPrivileged(() -> accountService.findByName(kuraMessage.getChannel().getScope()));
 
         if (account == null) {
             throw new KapuaEntityNotFoundException(Account.TYPE, kuraMessage.getChannel().getScope());