From 587c491b99a14c652220544db9a0150bfe3d0723 Mon Sep 17 00:00:00 2001
From: dcore94 <m.lettere@gmail.com>
Date: Wed, 24 Mar 2021 10:46:28 +0100
Subject: [PATCH] use containerId of role to link client

---
 templates/role_created.json.j2 | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/templates/role_created.json.j2 b/templates/role_created.json.j2
index 443c2a0..ce229b8 100644
--- a/templates/role_created.json.j2
+++ b/templates/role_created.json.j2
@@ -126,7 +126,7 @@
     },
     {
       "name": "LAMBDA_TASK",
-      "taskReferenceName": "build_add_policy_tasks",
+      "taskReferenceName": "reorder_roles",
       "type": "LAMBDA",
       "inputParameters": {
         "role" : "${workflow.input.role}",
@@ -135,6 +135,16 @@
         "scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.vres.length;i++)vre=$.vres[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_policy_'+i}),inputs['create_role_policy_'+i]={url:'${init.input.keycloak_admin}/clients/' + vre.id + '/authz/resource-server/policy/role',body:{name:$.role +'_policy',description:'',type:'role',logic:'POSITIVE',decisionStrategy:'UNANIMOUS',roles:Java.to([{id:$.roles[i].id,required:true}],'java.util.Map[]')},method:'POST',headers:{Authorization:'Bearer ${authorize.output.body.access_token}','Content-Type' : 'application/json',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
       }
     },
+    {
+      "name": "LAMBDA_TASK",
+      "taskReferenceName": "build_add_policy_tasks",
+      "type": "LAMBDA",
+      "inputParameters": {
+        "role" : "${workflow.input.role}",
+        "roles" : "${join_parallel_getting_back.output[*].body}",
+        "scriptExpression": "inputs={},tasks=[];for(var i=0;i<$.roles.length;i++)r=$.roles[i],tasks.push({name:'pyrest',type:'SIMPLE',taskReferenceName:'create_role_policy_'+i}),inputs['create_role_policy_'+i]={url:'${init.input.keycloak_admin}/clients/' + r.containerId + '/authz/resource-server/policy/role',body:{name:$.role +'_policy',description:'Policy for being in ' + $.role,type:'role',logic:'POSITIVE',decisionStrategy:'UNANIMOUS',roles:Java.to([{id:r.id,required:true}],'java.util.Map[]')},method:'POST',headers:{Authorization:'Bearer ${authorize.output.body.access_token}','Content-Type' : 'application/json',Accept:'application/json'}};return {tasks:Java.to(tasks,'java.util.Map[]'),inputs:inputs};"
+      }
+    },
     {
       "name" : "fork_dynamic",
       "type" : "FORK_JOIN_DYNAMIC",