2021-03-23 13:40:05 +01:00
|
|
|
{
|
|
|
|
"ownerApp" : "Orchestrator",
|
|
|
|
"name" : "role_created",
|
|
|
|
"createBy" : "Marco Lettere",
|
|
|
|
"description": "Handle workflow related to Portal event role_created",
|
|
|
|
"version" : 1,
|
|
|
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
|
|
|
"inputParameters" : ["role"],
|
|
|
|
"tasks" : [
|
|
|
|
{
|
|
|
|
"name": "LAMBDA_TASK",
|
|
|
|
"taskReferenceName": "init",
|
|
|
|
"type": "LAMBDA",
|
|
|
|
"inputParameters": {
|
|
|
|
"keycloak": "{{ keycloak }}/{{ keycloak_realm }}",
|
|
|
|
"keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}",
|
2021-03-23 19:02:35 +01:00
|
|
|
"scriptExpression": "1 == 1"
|
2021-03-23 13:40:05 +01:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "pyrest",
|
|
|
|
"taskReferenceName" : "authorize",
|
|
|
|
"type" : "SIMPLE",
|
|
|
|
"inputParameters" : {
|
|
|
|
"url" : "{{ keycloak }}/master/protocol/openid-connect/token",
|
|
|
|
"method" : "POST",
|
|
|
|
"headers" : {
|
|
|
|
"Accept" : "application/json"
|
|
|
|
},
|
|
|
|
"body" : {
|
|
|
|
"client_id" : "orchestrator",
|
|
|
|
"client_secret" : "{{ keycloak_auth_master }}",
|
|
|
|
"grant_type" : "client_credentials"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "pyrest",
|
|
|
|
"taskReferenceName" : "get_all_vres",
|
|
|
|
"type" : "SIMPLE",
|
|
|
|
"inputParameters" : {
|
2021-03-23 19:07:04 +01:00
|
|
|
"url" : "${init.input.keycloak_admin}/clients?clientId=%252F&search=true&first=0&max=500",
|
2021-03-23 13:40:05 +01:00
|
|
|
"method" : "GET",
|
|
|
|
"headers" : {
|
|
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
|
|
"Accept" : "application/json"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
2021-03-24 09:28:32 +01:00
|
|
|
{
|
|
|
|
"name": "LAMBDA_TASK",
|
|
|
|
"taskReferenceName": "build_delete_role_tasks",
|
|
|
|
"type": "LAMBDA",
|
|
|
|
"inputParameters": {
|
|
|
|
"role" : "${workflow.input.role}",
|
|
|
|
"vres" : "${get_all_vres.output.body}",
|
|
|
|
"scriptExpression": "inputs={};tasks=[];for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'delete_role_'+i}),inputs['delete_role_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/roles/' + $.role,method:'DELETE'),headers:{Authorization:'Bearer ${authorize.output.body.access_token}'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "fork_dynamic",
|
|
|
|
"type" : "FORK_JOIN_DYNAMIC",
|
|
|
|
"taskReferenceName" : "parallel_delete_role",
|
|
|
|
"inputParameters" : {
|
|
|
|
"tasks" : "${build_delete_role_tasks.output.result.tasks}",
|
|
|
|
"inputs" : "${build_delete_role_tasks.output.result.inputs}"
|
|
|
|
},
|
|
|
|
"dynamicForkTasksParam": "tasks",
|
|
|
|
"dynamicForkTasksInputParamName": "inputs"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "join",
|
|
|
|
"type" : "JOIN",
|
|
|
|
"taskReferenceName" : "join_parallel_role_deletion"
|
|
|
|
},
|
2021-03-23 13:40:05 +01:00
|
|
|
{
|
|
|
|
"name": "LAMBDA_TASK",
|
|
|
|
"taskReferenceName": "build_add_role_tasks",
|
|
|
|
"type": "LAMBDA",
|
|
|
|
"inputParameters": {
|
|
|
|
"role" : "${workflow.input.role}",
|
|
|
|
"vres" : "${get_all_vres.output.body}",
|
2021-03-24 09:28:32 +01:00
|
|
|
"scriptExpression": "inputs={};tasks=[];for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_'+i}),inputs['create_role_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/roles',body:{clientRole:true,name:$.role,description: $.role + ' role'},method:'POST',headers:{Authorization:'Bearer ${authorize.output.body.access_token}','Content-Type':'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
|
2021-03-23 19:31:04 +01:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "fork_dynamic",
|
|
|
|
"type" : "FORK_JOIN_DYNAMIC",
|
|
|
|
"taskReferenceName" : "parallel_add_role",
|
|
|
|
"inputParameters" : {
|
|
|
|
"tasks" : "${build_add_role_tasks.output.result.tasks}",
|
|
|
|
"inputs" : "${build_add_role_tasks.output.result.inputs}"
|
|
|
|
},
|
|
|
|
"dynamicForkTasksParam": "tasks",
|
|
|
|
"dynamicForkTasksInputParamName": "inputs"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "join",
|
|
|
|
"type" : "JOIN",
|
|
|
|
"taskReferenceName" : "join_parallel_role_addition"
|
2021-03-24 09:03:01 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
"name": "LAMBDA_TASK",
|
|
|
|
"taskReferenceName": "build_get_back_role_tasks",
|
|
|
|
"type": "LAMBDA",
|
|
|
|
"inputParameters": {
|
|
|
|
"roleurls" : "${join_parallel_role_addition.output[*]..location}",
|
2021-03-24 09:05:28 +01:00
|
|
|
"scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.roleurls.length;i++)u=$.roleurls[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'get_back_'+i}),inputs['get_back_'+i]={url:u,method:'GET',headers:{Authorization:'Bearer ${authorize.output.body.access_token}',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
|
2021-03-24 09:03:01 +01:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "fork_dynamic",
|
|
|
|
"type" : "FORK_JOIN_DYNAMIC",
|
|
|
|
"taskReferenceName" : "parallel_get_back_role",
|
|
|
|
"inputParameters" : {
|
|
|
|
"tasks" : "${build_get_back_role_tasks.output.result.tasks}",
|
|
|
|
"inputs" : "${build_get_back_role_tasks.output.result.inputs}"
|
|
|
|
},
|
|
|
|
"dynamicForkTasksParam": "tasks",
|
|
|
|
"dynamicForkTasksInputParamName": "inputs"
|
|
|
|
},
|
2021-03-24 09:28:32 +01:00
|
|
|
{
|
|
|
|
"name" : "join",
|
|
|
|
"type" : "JOIN",
|
|
|
|
"taskReferenceName" : "join_parallel_getting_back"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name": "LAMBDA_TASK",
|
|
|
|
"taskReferenceName": "build_add_policy_tasks",
|
|
|
|
"type": "LAMBDA",
|
|
|
|
"inputParameters": {
|
2021-03-24 09:47:33 +01:00
|
|
|
"role" : "${workflow.input.role}"
|
2021-03-24 09:28:32 +01:00
|
|
|
"roles" : "${join_parallel_getting_back.output[*].body}",
|
2021-03-24 09:47:33 +01:00
|
|
|
"vres" : "${get_all_vres.output.body}",
|
|
|
|
"scriptExpression": "for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_policy'}),inputs['create_role_policy_']={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/authz/resource-server/policy/role',body:{name:$.role +'_policy',description:'',type:'role',logic:'POSITIVE',decisionStrategy:'UNANIMOUS',roles:[{id:${$.roles[i].id},required:true}]},method:'POST',headers:{Authorization:'Basic ${init.input.liferay_auth}',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
|
2021-03-24 09:28:32 +01:00
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"name" : "fork_dynamic",
|
|
|
|
"type" : "FORK_JOIN_DYNAMIC",
|
|
|
|
"taskReferenceName" : "parallel_add_policy_role",
|
|
|
|
"inputParameters" : {
|
|
|
|
"tasks" : "${build_add_policy_tasks.output.result.tasks}",
|
|
|
|
"inputs" : "${build_add_policy_tasks.output.result.inputs}"
|
|
|
|
},
|
|
|
|
"dynamicForkTasksParam": "tasks",
|
|
|
|
"dynamicForkTasksInputParamName": "inputs"
|
|
|
|
},
|
2021-03-24 09:03:01 +01:00
|
|
|
{
|
|
|
|
"name" : "join",
|
|
|
|
"type" : "JOIN",
|
2021-03-24 09:28:32 +01:00
|
|
|
"taskReferenceName" : "join_parallel_policy_addition"
|
2021-03-23 19:31:04 +01:00
|
|
|
}
|
2021-03-23 13:40:05 +01:00
|
|
|
]
|
|
|
|
}
|