You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2017/06/26 14:30:23 UTC
airavata-php-gateway git commit: AIRAVATA-2417 Only show Airavata
roles in PGA
Repository: airavata-php-gateway
Updated Branches:
refs/heads/develop 9cd033bde -> dfc40266b
AIRAVATA-2417 Only show Airavata roles in PGA
Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/dfc40266
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/dfc40266
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/dfc40266
Branch: refs/heads/develop
Commit: dfc40266b9633c5165a0a144a7cc019004b8130d
Parents: 9cd033b
Author: Marcus Christie <ma...@iu.edu>
Authored: Mon Jun 26 10:29:41 2017 -0400
Committer: Marcus Christie <ma...@iu.edu>
Committed: Mon Jun 26 10:29:41 2017 -0400
----------------------------------------------------------------------
app/controllers/AdminController.php | 40 ++++++++++++++++++--------------
app/libraries/CommonUtilities.php | 14 +++++++++++
app/libraries/Keycloak/Keycloak.php | 7 ++++--
3 files changed, 41 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/dfc40266/app/controllers/AdminController.php
----------------------------------------------------------------------
diff --git a/app/controllers/AdminController.php b/app/controllers/AdminController.php
index c75e0d4..3084b8b 100644
--- a/app/controllers/AdminController.php
+++ b/app/controllers/AdminController.php
@@ -78,9 +78,10 @@ class AdminController extends BaseController {
else
$users = Keycloak::listUsers();
- $roles = Keycloak::getAllRoles();
- Session::put("admin-nav", "manage-users");
- return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
+ $roles = Keycloak::getAllRoles();
+ sort($roles);
+ Session::put("admin-nav", "manage-users");
+ return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
}
public function getUserCountInRole(){
@@ -88,22 +89,22 @@ class AdminController extends BaseController {
return count( $users);
}
- public function searchUsersView(){
- if(Input::has("search_val"))
- {
- $users = Keycloak::searchUsers(Input::get("search_val"));
- }
- else
- $users = Keycloak::listUsers();
+ public function searchUsersView(){
+ if(Input::has("search_val"))
+ {
+ $users = Keycloak::searchUsers(Input::get("search_val"));
+ }
+ else
+ $users = Keycloak::listUsers();
if(!isset($users) || empty($users)){
$users = array();
}
- $roles = Keycloak::getAllRoles();
- Session::put("admin-nav", "manage-users");
- return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
-
- }
+ $roles = Keycloak::getAllRoles();
+ sort($roles);
+ Session::put("admin-nav", "manage-users");
+ return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
+ }
private function cmp($a, $b)
{
@@ -191,8 +192,9 @@ class AdminController extends BaseController {
public function rolesView(){
$roles = Keycloak::getAllRoles();
- Session::put("admin-nav", "manage-roles");
- return View::make("admin/manage-roles", array("roles" => $roles));
+ sort($roles);
+ Session::put("admin-nav", "manage-roles");
+ return View::make("admin/manage-roles", array("roles" => $roles));
}
public function experimentsView(){
@@ -289,7 +291,9 @@ class AdminController extends BaseController {
}
public function getRoles(){
- return json_encode((array)Keycloak::getUserRoles(Input::get("username")));
+ $roles = Keycloak::getUserRoles(Input::get("username"));
+ sort($roles);
+ return json_encode((array)$roles);
}
public function deleteRole(){
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/dfc40266/app/libraries/CommonUtilities.php
----------------------------------------------------------------------
diff --git a/app/libraries/CommonUtilities.php b/app/libraries/CommonUtilities.php
index c90765c..8fb65ca 100644
--- a/app/libraries/CommonUtilities.php
+++ b/app/libraries/CommonUtilities.php
@@ -445,6 +445,20 @@ class CommonUtilities
return Config::get('pga_config.wsis.initial-role-name', 'user-pending');
}
+ /**
+ * Filter given list of role names to only include Airavata roles.
+ */
+ public static function filterAiravataRoles($roles) {
+ return array_filter($roles, function($role) {
+ return $role == Config::get('pga_config.wsis.admin-role-name')
+ || $role == Config::get('pga_config.wsis.read-only-admin-role-name')
+ || $role == Config::get('pga_config.wsis.user-role-name')
+ || $role == Config::get('pga_config.wsis.initial-role-name')
+ || $role == 'user-pending'
+ || $role == 'gateway-provider';
+ });
+ }
+
public static function hasAuthPasswordOption() {
return CommonUtilities::getAuthPasswordOption() != null;
}
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/dfc40266/app/libraries/Keycloak/Keycloak.php
----------------------------------------------------------------------
diff --git a/app/libraries/Keycloak/Keycloak.php b/app/libraries/Keycloak/Keycloak.php
index 32b7020..969e5f1 100644
--- a/app/libraries/Keycloak/Keycloak.php
+++ b/app/libraries/Keycloak/Keycloak.php
@@ -7,6 +7,8 @@ use Keycloak\API\Roles;
use Keycloak\API\Users;
use Keycloak\KeycloakUtil;
+use CommonUtilities;
+
use Exception;
use Log;
use Illuminate\Routing\UrlGenerator;
@@ -185,6 +187,7 @@ class Keycloak {
foreach ($role_mappings as $role_mapping) {
$roles[] = $role_mapping->name;
}
+ $roles = CommonUtilities::filterAiravataRoles($roles);
return array('username'=>$username, 'firstname'=>$firstname, 'lastname'=>$lastname, 'email'=>$email, 'roles'=>$roles);
}
@@ -282,7 +285,7 @@ class Keycloak {
foreach ($roles as $role) {
$role_names[] = $role->name;
}
- return $role_names;
+ return CommonUtilities::filterAiravataRoles($role_names);
} catch (Exception $ex) {
throw new Exception("Unable to get all roles", 0, $ex);
}
@@ -304,7 +307,7 @@ class Keycloak {
foreach ($roles as $role) {
$role_names[] = $role->name;
}
- return $role_names;
+ return CommonUtilities::filterAiravataRoles($role_names);
} catch (Exception $ex) {
throw new Exception("Unable to get User roles.", 0, $ex);
}