You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2021/06/15 17:55:13 UTC
[airavata] branch develop updated: AIRAVATA-3383 Add manage-clients
role to generated portal client
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata.git
The following commit(s) were added to refs/heads/develop by this push:
new b66261f AIRAVATA-3383 Add manage-clients role to generated portal client
new ff12b5c Merge branch 'airavata-3383' into develop
b66261f is described below
commit b66261fe70b34e9434a466208d84dc000b45e0c2
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Mon Jun 14 13:47:05 2021 -0400
AIRAVATA-3383 Add manage-clients role to generated portal client
manage-clients is needed so that web client can generate additional clients for local development
---
.../admin/services/core/impl/TenantManagementKeycloakImpl.java | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
index 7baa89d..14dc387 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
@@ -303,15 +303,15 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
Response httpResponse = client.realms().realm(gatewayDetails.getGatewayId()).clients().create(pgaClient);
logger.info("Tenant Client configuration exited with code : " + httpResponse.getStatus()+" : " +httpResponse.getStatusInfo());
- // Add the manage-users role to the web client
+ // Add the manage-users and manage-clients roles to the web client
UserRepresentation serviceAccountUserRepresentation = getUserByUsername(client, gatewayDetails.getGatewayId(), "service-account-" + pgaClient.getClientId());
UserResource serviceAccountUser = client.realms().realm(gatewayDetails.getGatewayId()).users().get(serviceAccountUserRepresentation.getId());
String realmManagementClientId = getRealmManagementClientId(client, gatewayDetails.getGatewayId());
- List<RoleRepresentation> manageUsersRole = serviceAccountUser.roles().clientLevel(realmManagementClientId).listAvailable()
+ List<RoleRepresentation> manageUsersAndManageClientsRoles = serviceAccountUser.roles().clientLevel(realmManagementClientId).listAvailable()
.stream()
- .filter(r -> r.getName().equals("manage-users"))
+ .filter(r -> r.getName().equals("manage-users") || r.getName().equals("manage-clients"))
.collect(Collectors.toList());
- serviceAccountUser.roles().clientLevel(realmManagementClientId).add(manageUsersRole);
+ serviceAccountUser.roles().clientLevel(realmManagementClientId).add(manageUsersAndManageClientsRoles);
if(httpResponse.getStatus() == 201){
String ClientUUID = client.realms().realm(gatewayDetails.getGatewayId()).clients().findByClientId(pgaClient.getClientId()).get(0).getId();