From 1abe2d835df860995e5bc46ff979bd7924f33a62 Mon Sep 17 00:00:00 2001 From: dcore94 Date: Tue, 23 Mar 2021 13:40:05 +0100 Subject: [PATCH] added workflow for role created event --- templates/role_created.json.j2 | 79 ++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 templates/role_created.json.j2 diff --git a/templates/role_created.json.j2 b/templates/role_created.json.j2 new file mode 100644 index 0000000..f017f2a --- /dev/null +++ b/templates/role_created.json.j2 @@ -0,0 +1,79 @@ +{ + "ownerApp" : "Orchestrator", + "name" : "role_created", + "createBy" : "Marco Lettere", + "description": "Handle workflow related to Portal event role_created", + "version" : 1, + "ownerEmail" : "marco.lettere@nubisware.com", + "inputParameters" : ["role"], + "tasks" : [ + { + "name": "LAMBDA_TASK", + "taskReferenceName": "init", + "type": "LAMBDA", + "inputParameters": { + "root_vo": "{{ root_vo }}", + "keycloak": "{{ keycloak }}/{{ keycloak_realm }}", + "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", + "clientId" : "${workflow.input.group}", + "scriptExpression": "var tree = $.clientId.split('%2F'); return { 'tree' : tree, 'child': tree[tree.length-1], 'append' : tree.slice(0,-1).join('/'), 'name' : tree.join('/')}" + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "authorize", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "{{ keycloak }}/master/protocol/openid-connect/token", + "method" : "POST", + "headers" : { + "Accept" : "application/json" + }, + "body" : { + "client_id" : "orchestrator", + "client_secret" : "{{ keycloak_auth_master }}", + "grant_type" : "client_credentials" + } + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "get_all_vres", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients?clientId=%2F&search=true&first=0&max=500", + "method" : "GET", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + }, + { + "name": "LAMBDA_TASK", + "taskReferenceName": "build_add_role_tasks", + "type": "LAMBDA", + "inputParameters": { + "role" : "${workflow.input.role}", + "vres" : "${get_all_vres.output.body}", + "scriptExpression": "inputs={};tasks=[];for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role'}),inputs['create_role']={url:'${init.input.keycloak_admin}/clients/' + vres.id + '/roles',body:{clientRole:true,name:$.role,description:''},method:'POST',headers:{Authorization:'Bearer ${authorize.output.body.access_token}','Content-Type':'application/json'}},tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'get_back_role'}),inputs['get_back_role']={url:'${create_role.output.headers.location}',method:'GET',headers:{Authorization:'Bearer ${authorize.output.body.access_token}',Accept:'application/json'}},tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_policy'}),inputs['create_role_policy_']={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/authz/resource-server/policy/role',body:{name:$.role+'_policy',description:'',type:'role',logic:'POSITIVE',decisionStrategy:'UNANIMOUS',roles:[{id:${create_role.output.headers.location.split('/').pop()},required:true}]},method:'POST',headers:{Authorization:'Basic ${init.input.liferay_auth}',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};" + } + }, + { + "name" : "fork_dynamic", + "type" : "FORK_JOIN_DYNAMIC", + "taskReferenceName" : "parallel_add_role", + "inputParameters" : { + "tasks" : "${build_add_role_tasks.output.result.tasks}", + "inputs" : "${build_add_role_tasks.output.result.inputs}" + }, + "dynamicForkTasksParam": "tasks", + "dynamicForkTasksInputParamName": "inputs" + }, + { + "name" : "join", + "type" : "JOIN", + "taskReferenceName" : "join_parallel_role_addition" + } + ] +}