From 25bf4e537d76499ead503774fd2b5b311306a150 Mon Sep 17 00:00:00 2001 From: dcore94 Date: Tue, 23 Mar 2021 12:31:22 +0100 Subject: [PATCH] switched to dynamic fork --- templates/group_created.json.j2 | 805 +++++++------------------------- 1 file changed, 173 insertions(+), 632 deletions(-) diff --git a/templates/group_created.json.j2 b/templates/group_created.json.j2 index 0338025..bb4dc01 100644 --- a/templates/group_created.json.j2 +++ b/templates/group_created.json.j2 @@ -12,6 +12,7 @@ "taskReferenceName": "init", "type": "LAMBDA", "inputParameters": { + "root_vo": "{{ root_vo }}", "keycloak": "{{ keycloak }}/{{ keycloak_realm }}", "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", "clientId" : "${workflow.input.group}", @@ -36,114 +37,157 @@ } }, { - "name" : "pyrest", - "taskReferenceName" : "create_client", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients", - "body" : { - "clientId": "${init.input.clientId}", - "name": "${init.output.result.name}", - "description": "Client representation for ${init.output.result.name} context", - "rootUrl": "http://localhost${init.output.result.name}", - "enabled": true, - "serviceAccountsEnabled": true, - "standardFlowEnabled": true, - "authorizationServicesEnabled": true, - "publicClient": false, - "fullScopeAllowed" : false, - "protocol": "openid-connect" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name": "LAMBDA_TASK", - "taskReferenceName": "extract_client_id", - "type": "LAMBDA", - "inputParameters": { - "client_location" : "${create_client.output.headers.location}", - "scriptExpression": "var client_id = $.client_location.split('/').pop(); return {'client_id' : client_id}" - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_default_policies", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" + "name" : "fork_join", + "taskReferenceName" : "preliminary_fork", + "type" : "FORK_JOIN", + "forkTasks" : [ + [ + { + "name" : "pyrest", + "taskReferenceName" : "create_client", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients", + "body" : { + "clientId": "${init.input.clientId}", + "name": "${init.output.result.name}", + "description": "Client representation for ${init.output.result.name} context", + "rootUrl": "http://localhost${init.output.result.name}", + "enabled": true, + "serviceAccountsEnabled": true, + "standardFlowEnabled": true, + "authorizationServicesEnabled": true, + "publicClient": false, + "fullScopeAllowed" : false, + "protocol": "openid-connect" + }, + "method" : "POST", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Content-Type" : "application/json" + } + } + }, + { + "name": "LAMBDA_TASK", + "taskReferenceName": "extract_client_id", + "type": "LAMBDA", + "inputParameters": { + "client_location" : "${create_client.output.headers.location}", + "scriptExpression": "var client_id = $.client_location.split('/').pop(); return {'client_id' : client_id}" } - } + }, + { + "name" : "pyrest", + "taskReferenceName" : "get_default_policies", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy", + "method" : "GET", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "get_default_resource", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/resource", + "method" : "GET", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "delete_default_policy1", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/${get_default_policies.output.body[0].id}", + "method" : "DELETE", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "delete_default_policy2", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/${get_default_policies.output.body[1].id}", + "method" : "DELETE", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "create_permission", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/permission/resource", + "body" : { + "name": "Default Permission", + "description": "", + "type" : "resource", + "logic": "POSITIVE", + "decisionStrategy": "AFFIRMATIVE", + "resources" : ["${get_default_resource.output.body[0]._id}"] + }, + "method" : "POST", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Content-Type" : "application/json", + "Accept" : "application/json" + } + } + } + ], + [ + { + "name" : "pyrest", + "taskReferenceName" : "get_rootvo", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients?clientId=${workflow.input.root_vo}", + "method" : "GET", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + }, + { + "name" : "pyrest", + "taskReferenceName" : "get_rootvo_roles", + "type" : "SIMPLE", + "inputParameters" : { + "url" : "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles", + "method" : "GET", + "headers" : { + "Authorization" : "Bearer ${authorize.output.body.access_token}", + "Accept" : "application/json" + } + } + } + ] + ] }, { - "name" : "pyrest", - "taskReferenceName" : "get_default_resource", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/resource", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } + "name" : "join", + "type" : "JOIN", + "taskReferenceName" : "preliminary_fork_join", + "joinOn": [ "create_permission", "get_rootvo_roles"] }, - { - "name" : "pyrest", - "taskReferenceName" : "delete_default_policy1", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/${get_default_policies.output.body[0].id}", - "method" : "DELETE", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "delete_default_policy2", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/${get_default_policies.output.body[1].id}", - "method" : "DELETE", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_permission", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/permission/resource", - "body" : { - "name": "Default Permission", - "description": "", - "type" : "resource", - "logic": "POSITIVE", - "decisionStrategy": "AFFIRMATIVE", - "resources" : ["${get_default_resource.output.body[0]._id}"] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - }, { "name" : "fork_join", "taskReferenceName" : "fork_role_creation", @@ -304,526 +348,31 @@ ], [ { - "name" : "pyrest", - "taskReferenceName" : "create_role_accountingmanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "Accounting-Manager", "description" : "Accounting-Manager for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, + "name": "LAMBDA_TASK", + "taskReferenceName": "build_add_role_tasks", + "type": "LAMBDA", + "inputParameters": { + "roles" : "${get_rootvo_roles.output.body[?(@.name != \"uma_protection\" && @.name != \"Member\")]}", + "scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.roles.length;i++)r=$.roles[i],k='add-'+r.name,tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_'+k}),inputs['create_'+k]={url:'${create_client.output.headers.location}/roles',body:{clientRole:true,name:r.name,description:r.description},method:'POST',headers:{Authorization:'Bearer ${authorize.output.body.access_token}','Content-Type':'application/json'}},tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'get_back'+k}),inputs['get_back_'+k]={url:'${create_role_accountingmanager.output.headers.location}',method:'GET',headers:{Authorization:'Bearer ${authorize.output.body.access_token}',Accept:'application/json'}},tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_policy_'+k}),inputs['create_role_policy_'+k]={url:'${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role',body:{name:r.name+'_policy',description:'',type:'role',logic:'POSITIVE',decisionStrategy:'UNANIMOUS',roles:[{id:r.id,required:true}]},method:'POST',headers:{Authorization:'Basic ${init.input.liferay_auth}',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};" + } + }, { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_accountingmanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_accountingmanager.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_accountingmanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "Accounting-Manager_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_accountingmanager.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_catalogueadmin", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "Catalogue-Admin", "description" : "Catalogue-Admin for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_catalogueadmin", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_catalogueadmin.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_catalogueadmin", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "Catalogue-Admin_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_catalogueadmin.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_catalogueeditor", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "Catalogue-Editor", "description" : "Catalogue-Editor for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_catalogueeditor", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_catalogueeditor.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_catalogueeditor", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "Catalogue-Editor_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_catalogueeditor.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_datamanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "Data-Manager", "description" : "Data-Manager for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_datamanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_datamanager.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_datamanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "Data-Manager_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_datamanager.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_dataminermanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "Dataminer-Manager", "description" : "Dataminer-Manager for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_dataminermanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_dataminermanager.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_dataminermanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "DataMiner-Manager_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_dataminermanager.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_voadmin", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "VO-Admin", "description" : "VO-Admin for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_voadmin", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_voadmin.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_voadmin", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "VO-Admin_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_voadmin.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_vredesigner", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "VRE-Designer", "description" : "VRE-Designer for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_vredesigner", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_vredesigner.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_vredesigner", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "VRE-Designer_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_vredesigner.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_vremanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "VRE-Manager", "description" : "VRE-Manager for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_vremanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_vremanager.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_vremanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "VRE-Manager_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_vremanager.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ], - [ - { - "name" : "pyrest", - "taskReferenceName" : "create_role_infrastructuremanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_client.output.headers.location}/roles", - "body" : { - "clientRole" : true, "name" : "Infrastructure-Manager", "description" : "Infrastructure-Manager for ${init.output.result.name}" - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "get_back_role_infrastructuremanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${create_role_infrastructuremanager.output.headers.location}", - "method" : "GET", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Accept" : "application/json" - } - } - }, - { - "name" : "pyrest", - "taskReferenceName" : "create_role_policy_infrastructuremanager", - "type" : "SIMPLE", - "inputParameters" : { - "url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role", - "body" : { - "name": "Infrastructure-Manager_policy", - "description": "", - "type" : "role", - "logic": "POSITIVE", - "decisionStrategy": "UNANIMOUS", - "roles" : [ - { - "id" : "${get_back_role_infrastructuremanager.output.body.id}", - "required" : true - } - ] - }, - "method" : "POST", - "headers" : { - "Authorization" : "Bearer ${authorize.output.body.access_token}", - "Content-Type" : "application/json", - "Accept" : "application/json" - } - } - } - ] + "name" : "fork_dynamic", + "type" : "FORK_JOIN_DYNAMIC", + "taskReferenceName" : "parallel_add_role", + "inputParameters" : { + "tasks" : "${build_add_role_tasks.output.result.tasks}", + "inputs" : "${build_add_role_tasks.output.result.inputs}" + }, + "dynamicForkTasksParam": "tasks", + "dynamicForkTasksInputParamName": "inputs" + }, + { + "name" : "join", + "type" : "JOIN", + "taskReferenceName" : "join_parallel_role_addition" + } + ] ] }, { @@ -831,15 +380,7 @@ "taskReferenceName" : "join_role_creation", "type" : "JOIN", "joinOn" : [ - "create_role_policy_accountingmanager", - "create_role_policy_catalogueadmin", - "create_role_policy_catalogueeditor", - "create_role_policy_datamanager", - "create_role_policy_dataminermanager", - "create_role_policy_voadmin", - "create_role_policy_vredesigner", - "create_role_policy_vremanager", - "create_role_policy_infrastructuremanager", + "join_parallel_role_addition", "assign_client_member_role_to_kc_group" ] },