adapted delete user from group to also handle gateways

2022-03-01 15:58:52 +01:00 · 2022-03-01 15:58:52 +01:00 · 24e190c957
parent 3b6c49edce
commit 24e190c957
2 changed files with 67 additions and 52 deletions
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@ -2,11 +2,11 @@
 workflows:
 #   - create-user-add-to-vre
 #   - group_deleted
-   - user-group_created
+#   - user-group_created
 #   - user-group-role_created
 #   - group_created
 #   - invitation-accepted
-#   - user-group_deleted
+   - user-group_deleted
 #   - user-group-role_deleted
 #   - delete-user-account
 #   - role_deleted
--- a/templates/user-group_deleted.json.j2
+++ b/templates/user-group_deleted.json.j2
@ -5,7 +5,7 @@
 	"description": "Handle workflow related to Portal event user-group_deleted",
 	"version" : 1,
 	"ownerEmail" : "m.lettere@gmail.com",
-	"inputParameters" : ["role", "user", "group"],
+	"inputParameters" : ["user", "group"],
 	"tasks" : [
 		{
 		"name": "LAMBDA_TASK",
@ -15,7 +15,8 @@
 			"keycloak": "{{ keycloak }}/{{ keycloak_realm }}",
 			"keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}",
 			"group" : "${workflow.input.group}",
-            "scriptExpression": "var path = $.group.split('%2F').slice(1); return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0]}"
+			"user" : "${workflow.input.user}", 
+            "scriptExpression": "function e(v){ return (v == null || (v.trim && v.trim() === ''))}; if(e($.user) || e($.group)) throw('User and Group must not be empty'); $.group.startsWith('%2F') ? $.group.split('%2F').slice(1) : [$.group]; return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0], search : encodeURIComponent(path.slice(path.length-1)[0])}"
 			}
 		},
 		{
@ -78,6 +79,40 @@
 					}
 				]
 			}
+		},
+		{
+            "name" : "pyrest",
+            "taskReferenceName" : "look_up_groups",
+            "type" : "SIMPLE",
+            "inputParameters" : {
+                "url" : "${init.input.keycloak_admin}/groups?search=${init.output.result.search}",
+                "headers" : {
+                    "Authorization" : "Bearer ${authorize.output.body.access_token}",
+                    "Accept" : "application/json"
+                }
+            }
+        },
+        {
+        "name": "LAMBDA_TASK",
+        "taskReferenceName": "extract_group",
+        "type": "LAMBDA",
+        "inputParameters": {
+            "tree" : "${init.output.result.tree}",
+            "groups" : "${look_up_groups.output.body}",
+            "scriptExpression": "function selectByPath(groups, path, level) { for (var i=0; i < groups.length; i++) {if (groups[i].name === path[level]) {if (level === path.length - 1) return groups[i];return selectByPath(groups[i].subGroups, path, level+1)}} return null; } return { 'group' : selectByPath($.groups, $.tree, 0)}"
+            }
+        },
+        {
+            "name" : "pyrest",
+            "taskReferenceName" : "delete_user_from_group",
+            "type" : "SIMPLE",
+            "inputParameters" : {
+                "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/groups/${extract_group.output.result.group.id}",
+                "method" : "DELETE",
+                "headers" : {
+                    "Authorization" : "Bearer ${authorize.output.body.access_token}"
+                }
+            }
        },
 		{
 			"name" : "pyrest",
@ -100,12 +135,23 @@
 			"inputParameters" : {
 				"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles",
 				"method" : "GET",
+				"expect" : [200, 404],
 				"headers" : {
 					"Authorization" : "Bearer ${authorize.output.body.access_token}",
 					"Accept" : "application/json"
 				}
 			}
 		},
+		{
+			"name" : "check_role_existance",
+			"taskReferenceName" : "check_role_existance",
+			"type" : "DECISION",
+			"inputParameters" :{
+				"previous_outcome" : "${get_client_roles.output.status}"
+			},
+			"caseValueParam" : "previous_outcome",
+			"decisionCases" : {
+				"200" : [
 					{
 						"name" : "pyrest",
 						"taskReferenceName" : "remove_all_roles_from_user",
@ -120,39 +166,8 @@
 								"Content-Type" : "application/json"
 							}
 						}
-		},
-        {
-            "name" : "pyrest",
-            "taskReferenceName" : "look_up_groups",
-            "type" : "SIMPLE",
-            "inputParameters" : {
-                "url" : "${init.input.keycloak_admin}/groups?search=${init.output.result.name}",
-                "headers" : {
-                    "Authorization" : "Bearer ${authorize.output.body.access_token}",
-                    "Accept" : "application/json"
-                }
-            }
-        },
-        {
-        "name": "LAMBDA_TASK",
-        "taskReferenceName": "extract_group",
-        "type": "LAMBDA",
-        "inputParameters": {
-            "tree" : "${init.output.result.tree}",
-            "groups" : "${look_up_groups.output.body}",
-            "scriptExpression": "function selectByPath(groups, path, level) { for (var i=0; i < groups.length; i++) {if (groups[i].name === path[level]) {if (level === path.length - 1) return groups[i];return selectByPath(groups[i].subGroups, path, level+1)}} return null; } return { 'group' : selectByPath($.groups, $.tree, 0)}"
-            }
-        },
-        {
-            "name" : "pyrest",
-            "taskReferenceName" : "assign_user_to_group",
-            "type" : "SIMPLE",
-            "inputParameters" : {
-                "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/groups/${extract_group.output.result.group.id}",
-                "method" : "DELETE",
-                "headers" : {
-                    "Authorization" : "Bearer ${authorize.output.body.access_token}"
 					}
+				]
 			}
 		}
 	]