Extracting subject id from user credentials for role mapping on Keycloak Api
This commit is contained in:
parent
a94473be49
commit
b46c4e19e2
|
@ -10,6 +10,7 @@ import eu.eudat.commons.enums.IsActive;
|
|||
import eu.eudat.commons.scope.user.UserScope;
|
||||
import eu.eudat.commons.types.user.AdditionalInfoEntity;
|
||||
import eu.eudat.convention.ConventionService;
|
||||
import eu.eudat.data.UserCredentialEntity;
|
||||
import eu.eudat.data.UserEntity;
|
||||
import eu.eudat.data.UserRoleEntity;
|
||||
import eu.eudat.errorcode.ErrorThesaurusProperties;
|
||||
|
@ -23,6 +24,7 @@ import eu.eudat.model.deleter.UserRoleDeleter;
|
|||
import eu.eudat.model.persist.UserAdditionalInfoPersist;
|
||||
import eu.eudat.model.persist.UserPersist;
|
||||
import eu.eudat.model.persist.UserRolePatchPersist;
|
||||
import eu.eudat.query.UserCredentialQuery;
|
||||
import eu.eudat.query.UserQuery;
|
||||
import eu.eudat.query.UserRoleQuery;
|
||||
import eu.eudat.service.keycloak.KeycloakRole;
|
||||
|
@ -206,6 +208,9 @@ public class UserServiceImpl implements UserService {
|
|||
if (data == null) throw new MyNotFoundException(messageSource.getMessage("General_ItemNotFound", new Object[]{model.getId(), User.class.getSimpleName()}, LocaleContextHolder.getLocale()));
|
||||
if (!this.conventionService.hashValue(data.getUpdatedAt()).equals(model.getHash())) throw new MyValidationException(this.errors.getHashConflict().getCode(), this.errors.getHashConflict().getMessage());
|
||||
|
||||
List<UserCredentialEntity> userCredentials = this.queryFactory.query(UserCredentialQuery.class).userIds(data.getId()).collect();
|
||||
boolean credentialsExist = !userCredentials.isEmpty();
|
||||
|
||||
List<UserRoleEntity> existingItems = this.queryFactory.query(UserRoleQuery.class).userIds(data.getId()).collect();
|
||||
List<UUID> foundIds = new ArrayList<>();
|
||||
for (String roleName : model.getRoles().stream().filter(x-> x != null && !x.isBlank()).distinct().toList()) {
|
||||
|
@ -217,7 +222,9 @@ public class UserServiceImpl implements UserService {
|
|||
item.setRole(roleName);
|
||||
item.setCreatedAt(Instant.now());
|
||||
this.entityManager.persist(item);
|
||||
this.keycloakService.addUserToGroup(data.getId(), KeycloakRole.valueOf(roleName));
|
||||
if (credentialsExist) {
|
||||
this.keycloakService.addUserToGroup(UUID.fromString(userCredentials.getFirst().getExternalId()), KeycloakRole.valueOf(roleName));
|
||||
}
|
||||
}
|
||||
foundIds.add(item.getId());
|
||||
}
|
||||
|
@ -225,7 +232,9 @@ public class UserServiceImpl implements UserService {
|
|||
this.entityManager.flush();
|
||||
|
||||
List<UserRoleEntity> toDelete = existingItems.stream().filter(x-> foundIds.stream().noneMatch(y-> y.equals(x.getId()))).collect(Collectors.toList());
|
||||
toDelete.forEach(x -> this.keycloakService.removeUserFromGroup(data.getId(), KeycloakRole.valueOf(x.getRole())));
|
||||
if (credentialsExist) {
|
||||
toDelete.forEach(x -> this.keycloakService.removeUserFromGroup(UUID.fromString(userCredentials.getFirst().getExternalId()), KeycloakRole.valueOf(x.getRole())));
|
||||
}
|
||||
this.deleterFactory.deleter(UserRoleDeleter.class).deleteAndSave(toDelete);
|
||||
|
||||
this.entityManager.flush();
|
||||
|
|
|
@ -7,7 +7,4 @@ keycloak-client:
|
|||
clientSecret: ${KEYCLOAK_API_CLIENT_SECRET:}
|
||||
|
||||
keycloak-resources:
|
||||
authorities: null
|
||||
tenantGroupsNamingStrategy: null
|
||||
guestsGroup: null
|
||||
administratorsGroup: null
|
||||
authorities: null
|
Loading…
Reference in New Issue