This is an automated email from the ASF dual-hosted git repository. riemer pushed a commit to branch connect-admins-can-upload-files in repository https://gitbox.apache.org/repos/asf/streampipes.git
commit 82a5d8b328efb91c9d9d748f9ed2dfab86d2b143 Author: Dominik Riemer <[email protected]> AuthorDate: Tue Nov 25 11:15:59 2025 +0100 fix: Connect admins can upload files --- .../src/main/java/org/apache/streampipes/rest/impl/FileResource.java | 5 +++-- .../java/org/apache/streampipes/rest/security/AuthConstants.java | 4 ++++ .../configuration/dialog/file-upload/file-upload-dialog.component.ts | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/FileResource.java b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/FileResource.java index 14b43b4eed..209d30f061 100644 --- a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/FileResource.java +++ b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/FileResource.java @@ -63,7 +63,7 @@ public class FileResource extends AbstractAuthGuardedRestResource { @PostMapping( consumes = MediaType.MULTIPART_FORM_DATA_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) - @PreAuthorize(AuthConstants.IS_ADMIN_ROLE) + @PreAuthorize(AuthConstants.HAS_WRITE_FILE_PRIVILEGE) public ResponseEntity<?> storeFile(@RequestPart("file_upload") MultipartFile fileDetail) { try { FileMetadata metadata = @@ -86,7 +86,7 @@ public class FileResource extends AbstractAuthGuardedRestResource { } @DeleteMapping(path = "{fileId}") - @PreAuthorize(AuthConstants.IS_ADMIN_ROLE) + @PreAuthorize(AuthConstants.HAS_WRITE_FILE_PRIVILEGE) public ResponseEntity<Void> deleteFile(@PathVariable("fileId") String fileId) { fileManager.deleteFile(fileId); return ok(); @@ -114,6 +114,7 @@ public class FileResource extends AbstractAuthGuardedRestResource { description = "No file with the given file name could be found") } ) + @PreAuthorize(AuthConstants.HAS_READ_FILE_PRIVILEGE) public ResponseEntity<byte[]> getFile( @Parameter( in = ParameterIn.PATH, diff --git a/streampipes-rest/src/main/java/org/apache/streampipes/rest/security/AuthConstants.java b/streampipes-rest/src/main/java/org/apache/streampipes/rest/security/AuthConstants.java index 2d548cf43b..d3e19c8d56 100644 --- a/streampipes-rest/src/main/java/org/apache/streampipes/rest/security/AuthConstants.java +++ b/streampipes-rest/src/main/java/org/apache/streampipes/rest/security/AuthConstants.java @@ -29,6 +29,7 @@ import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constant import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_ASSETS_VALUE; import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_DASHBOARD_VALUE; import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_DATA_EXPLORER_VIEW_VALUE; +import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_FILES_VALUE; import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_GENERIC_STORAGE_VALUE; import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_PIPELINE_ELEMENT_VALUE; import static org.apache.streampipes.model.client.user.DefaultPrivilege.Constants.PRIVILEGE_WRITE_PIPELINE_VALUE; @@ -87,6 +88,9 @@ public class AuthConstants { public static final String HAS_READ_FILE_PRIVILEGE = BS + IS_ADMIN_ROLE + OR + HAS_ANY_AUTHORITY + PRIVILEGE_READ_FILES_VALUE + Q + BE2; + public static final String HAS_WRITE_FILE_PRIVILEGE = + BS + IS_ADMIN_ROLE + OR + HAS_ANY_AUTHORITY + PRIVILEGE_WRITE_FILES_VALUE + Q + BE2; + public static final String HAS_READ_ASSETS_PRIVILEGE = BS + IS_ADMIN_ROLE + OR + HAS_ANY_AUTHORITY + PRIVILEGE_READ_ASSETS_VALUE + Q + BE2; public static final String HAS_WRITE_ASSETS_PRIVILEGE = diff --git a/ui/src/app/configuration/dialog/file-upload/file-upload-dialog.component.ts b/ui/src/app/configuration/dialog/file-upload/file-upload-dialog.component.ts index 95d4a96751..71edd2f64f 100644 --- a/ui/src/app/configuration/dialog/file-upload/file-upload-dialog.component.ts +++ b/ui/src/app/configuration/dialog/file-upload/file-upload-dialog.component.ts @@ -103,7 +103,7 @@ export class FileUploadDialogComponent { this.uploadErrorMessage = error.error.notifications[0].title; } else { - this.uploadErrorMessage = error.error; + this.uploadErrorMessage = error.message; } }, );
