You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2019/06/26 20:34:26 UTC
[airavata] branch staging updated (ea77eee -> 4127487)
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a change to branch staging
in repository https://gitbox.apache.org/repos/asf/airavata.git.
from ea77eee Adding profile service stubs to participant distribution
new 4a291c7 Looks up roles for user using exact username
new 4127487 Filter out badly formed user ids when migrating roles to groups
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../admin/services/core/impl/TenantManagementKeycloakImpl.java | 10 +++-------
.../registry/migrator/airavata/AiravataDataMigrator.java | 7 +++----
2 files changed, 6 insertions(+), 11 deletions(-)
[airavata] 01/02: Looks up roles for user using exact username
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch staging
in repository https://gitbox.apache.org/repos/asf/airavata.git
commit 4a291c7a91910d83953e2fe60ff83a4086b7dec0
Author: Marcus Christie <ma...@iu.edu>
AuthorDate: Wed Jun 26 16:31:23 2019 -0400
Looks up roles for user using exact username
---
.../admin/services/core/impl/TenantManagementKeycloakImpl.java | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
index b9027e5..e93d6c0 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
@@ -768,16 +768,12 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
Keycloak client = null;
try{
client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
- List<UserRepresentation> userRepresentationList = client.realm(tenantId).users().search(username,
- null,
- null,
- null,
- 0, 1);
- if (userRepresentationList.isEmpty()) {
+ UserRepresentation userRepresentation = getUserByUsername(client, tenantId, username);
+ if (userRepresentation == null) {
logger.warn("No Keycloak user found for username [" + username + "] in tenant [" + tenantId + "].");
return null;
}
- UserResource retrievedUser = client.realm(tenantId).users().get(userRepresentationList.get(0).getId());
+ UserResource retrievedUser = client.realm(tenantId).users().get(userRepresentation.getId());
return retrievedUser.roles().realmLevel().listAll()
.stream()
.map(roleRepresentation -> roleRepresentation.getName())
[airavata] 02/02: Filter out badly formed user ids when migrating
roles to groups
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch staging
in repository https://gitbox.apache.org/repos/asf/airavata.git
commit 41274878383756fed383ac008f090c475d640185
Author: Marcus Christie <ma...@iu.edu>
AuthorDate: Wed Jun 26 16:31:56 2019 -0400
Filter out badly formed user ids when migrating roles to groups
---
.../sharing/registry/migrator/airavata/AiravataDataMigrator.java | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
index 57caba2..19c7e86 100644
--- a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
+++ b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
@@ -359,8 +359,7 @@ public class AiravataDataMigrator {
for (User sharingUser : sharingUsers) {
String userId = sharingUser.getUserId();
- int index = userId.lastIndexOf("@");
- if (index <= 0) {
+ if (!userId.endsWith("@" + domainID)) {
System.out.println("Skipping credentials for user " + userId + " since sharing user id is improperly formed");
continue;
}
@@ -431,8 +430,8 @@ public class AiravataDataMigrator {
// Migrate roles to groups
List<String> usernames = sharingRegistryServerHandler.getUsers(domain.getDomainId(), 0, -1)
.stream()
- // Filter out bad ids that don't have an "@" in them
- .filter(user -> user.getUserId().lastIndexOf("@") > 0)
+ // Filter out bad user ids that don't end in "@" + domainId
+ .filter(user -> user.getUserId().endsWith("@" + domain.getDomainId()))
.map(user -> user.getUserId().substring(0, user.getUserId().lastIndexOf("@")))
.collect(Collectors.toList());
Map<String, List<String>> roleMap = loadRolesForUsers(domain.getDomainId(), usernames);