gCubeSystem
/
ansible-role-conductor-workflows-user-management
17
0
Fork 0
Code Issues Pull Requests Releases 5 Wiki Activity

modernize role_created and role_deleted workflows

This commit is contained in:
Marco Lettere 2023-10-12 16:43:37 +02:00
parent f6e3e0f250
commit 09494eb668
3 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
defaults/main.yaml
View File

@ -2,15 +2,15 @@
workflows: workflows:
# - create-user-add-to-vre # - create-user-add-to-vre
# - group_deleted # - group_deleted
- user-group_created # - user-group_created
# - user-group-role_created # - user-group-role_created
# - group_created # - group_created
- invitation-accepted # - invitation-accepted
- user-group_deleted # - user-group_deleted
# - user-group-role_deleted # - user-group-role_deleted
# - delete-user-account # - delete-user-account
# - role_deleted - role_deleted
# - role_created - role_created
# - add_role_policy_permission # - add_role_policy_permission
# - add_all_member_roles # - add_all_member_roles
# - create_system_service # - create_system_service

28
templates/role_created.json.j2
View File

@ -8,13 +8,14 @@
"inputParameters" : ["role", "first", "max"], "inputParameters" : ["role", "first", "max"],
"tasks" : [ "tasks" : [
{ {
"name": "LAMBDA_TASK", "name": "INLINE_TASK",
"taskReferenceName": "init", "taskReferenceName": "init",
"type": "LAMBDA", "type": "INLINE",
"inputParameters": { "inputParameters": {
"keycloak": "{{ keycloak }}/{{ keycloak_realm }}", "keycloak": "{{ keycloak }}/{{ keycloak_realm }}",
"keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}",
"scriptExpression": "1 == 1" "evaluatorType" : "javascript",
"expression": "1 == 1"
} }
}, },
{ {
@ -65,13 +66,14 @@
} }
}, },
{ {
"name": "LAMBDA_TASK", "name": "INLINE_TASK",
"taskReferenceName": "build_add_role_tasks", "taskReferenceName": "build_add_role_tasks",
"type": "LAMBDA", "type": "INLINE",
"inputParameters": { "inputParameters": {
"role" : "${workflow.input.role}", "role" : "${workflow.input.role}",
"vres" : "${get_all_vres.output.body}", "vres" : "${get_all_vres.output.body}",
"scriptExpression": "inputs={};tasks=[];for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_'+i}),inputs['create_role_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/roles',body:{clientRole:true,name:$.role,description: $.role + ' role'},method:'POST',headers:{Authorization:'Bearer ${authorize2.output.body.access_token}','Content-Type':'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};" "evaluatorType" : "javascript",
"expression": "inputs={};tasks=[];function f(){for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_'+i}),inputs['create_role_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/roles',body:{clientRole:true,name:$.role,description: $.role + ' role'},method:'POST',headers:{Authorization:'Bearer ${authorize2.output.body.access_token}','Content-Type':'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs}} f();"
} }
}, },
{ {
@ -108,12 +110,13 @@
} }
}, },
{ {
"name": "LAMBDA_TASK", "name": "INLINE_TASK",
"taskReferenceName": "build_get_back_role_tasks", "taskReferenceName": "build_get_back_role_tasks",
"type": "LAMBDA", "type": "INLINE",
"inputParameters": { "inputParameters": {
"evaluatorType" : "javascript",
"roleurls" : "${join_parallel_role_addition.output[*]..location}", "roleurls" : "${join_parallel_role_addition.output[*]..location}",
"scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.roleurls.length;i++)u=$.roleurls[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'get_back_'+i}),inputs['get_back_'+i]={url:u,method:'GET',headers:{Authorization:'Bearer ${authorize3.output.body.access_token}',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};" "expression": "inputs={},tasks=[];function f(){for(var i=0;i<$.roleurls.length;i++)u=$.roleurls[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'get_back_'+i}),inputs['get_back_'+i]={url:u,method:'GET',headers:{Authorization:'Bearer ${authorize3.output.body.access_token}',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs}} f();"
} }
}, },
{ {
@ -133,12 +136,13 @@
"taskReferenceName" : "join_parallel_getting_back" "taskReferenceName" : "join_parallel_getting_back"
}, },
{ {
"name": "LAMBDA_TASK", "name": "INLINE_TASK",
"taskReferenceName": "build_policy_permission_tasks", "taskReferenceName": "build_policy_permission_tasks",
"type": "LAMBDA", "type": "INLINE",
"inputParameters": { "inputParameters": {
"evaluatorType" : "javascript",
"roles" : "${join_parallel_getting_back.output[*].body}", "roles" : "${join_parallel_getting_back.output[*].body}",
"scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.roles.length;i++)r=$.roles[i],tasks.push({name:'sub_workflow_task',type:'SUB_WORKFLOW',taskReferenceName:'call_policy_workflow_'+i, subWorkflowParam:{ name:'add_role_policy_permission'}}),inputs['call_policy_workflow_'+i]={role:r};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};" "expression": "inputs={},tasks=[];function f(){for(var i=0;i<$.roles.length;i++)r=$.roles[i],tasks.push({name:'sub_workflow_task',type:'SUB_WORKFLOW',taskReferenceName:'call_policy_workflow_'+i, subWorkflowParam:{ name:'add_role_policy_permission'}}),inputs['call_policy_workflow_'+i]={role:r};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs}} f();"
} }
}, },
{ {

14
templates/role_deleted.json.j2
View File

@ -8,13 +8,14 @@
"inputParameters" : ["role"], "inputParameters" : ["role"],
"tasks" : [ "tasks" : [
{ {
"name": "LAMBDA_TASK", "name": "INLINE_TASK",
"taskReferenceName": "init", "taskReferenceName": "init",
"type": "LAMBDA", "type": "INLINE",
"inputParameters": { "inputParameters": {
"keycloak": "{{ keycloak }}/{{ keycloak_realm }}", "keycloak": "{{ keycloak }}/{{ keycloak_realm }}",
"keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}",
"scriptExpression": "1 == 1" "evaluatorType" : "javascript",
"expression": "1 == 1"
} }
}, },
{ {
@ -48,13 +49,14 @@
} }
}, },
{ {
"name": "LAMBDA_TASK", "name": "INLINE",
"taskReferenceName": "build_delete_role_tasks", "taskReferenceName": "build_delete_role_tasks",
"type": "LAMBDA", "type": "INLINE_TASK",
"inputParameters": { "inputParameters": {
"role" : "${workflow.input.role}", "role" : "${workflow.input.role}",
"vres" : "${get_all_vres.output.body}", "vres" : "${get_all_vres.output.body}",
"scriptExpression": "inputs={};tasks=[];for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'delete_role_'+i}),inputs['delete_role_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/roles/' + $.role,method:'DELETE', expect:Java.to([204,404],'int[]'),headers:{Authorization:'Bearer ${authorize.output.body.access_token}'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};" "evaluatorType" : "javascript",
"expression": "inputs={};tasks=[];function f(){for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'delete_role_'+i}),inputs['delete_role_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/roles/' + $.role,method:'DELETE', expect:Java.to([204,404],'int[]'),headers:{Authorization:'Bearer ${authorize.output.body.access_token}'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs}} f();"
} }
}, },
{ {