From b1e27b9891b0f1d6648f44c00388466b80fc8731 Mon Sep 17 00:00:00 2001 From: "m.lettere" Date: Thu, 12 Oct 2023 15:32:32 +0200 Subject: [PATCH] modernize group_add/delete and invitation accepted --- defaults/main.yaml | 8 ++-- templates/invitation-accepted.json.j2 | 7 +-- templates/user-group_created.json.j2 | 62 ++++++++++++++------------- templates/user-group_deleted.json.j2 | 51 ++++++++++++---------- 4 files changed, 69 insertions(+), 59 deletions(-) diff --git a/defaults/main.yaml b/defaults/main.yaml index 45c6c13..6a042f4 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -2,11 +2,11 @@ workflows: # - create-user-add-to-vre # - group_deleted - # - user-group_created - - user-group-role_created + - user-group_created + # - user-group-role_created # - group_created - # - invitation-accepted - # - user-group_deleted + - invitation-accepted + - user-group_deleted # - user-group-role_deleted # - delete-user-account # - role_deleted diff --git a/templates/invitation-accepted.json.j2 b/templates/invitation-accepted.json.j2 index fc09ff8..fe8b0de 100644 --- a/templates/invitation-accepted.json.j2 +++ b/templates/invitation-accepted.json.j2 @@ -8,13 +8,14 @@ "inputParameters" : ["user", "first-name", "last-name", "email", "password"], "tasks" : [ { - "name": "LAMBDA_TASK", + "name": "INLINE_TASK", "taskReferenceName": "init", - "type": "LAMBDA", + "type": "INLINE", "inputParameters": { "keycloak": "{{ keycloak }}/{{ keycloak_realm }}", "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", - "scriptExpression": "1" + "evaluatorType" : "javascript", + "expression": "1" } }, { diff --git a/templates/user-group_created.json.j2 b/templates/user-group_created.json.j2 index b923e70..5837bfe 100644 --- a/templates/user-group_created.json.j2 +++ b/templates/user-group_created.json.j2 @@ -8,15 +8,16 @@ "inputParameters" : ["user", "group"], "tasks" : [ { - "name": "LAMBDA_TASK", + "name": "INLINE_TASK", "taskReferenceName": "init", - "type": "LAMBDA", + "type": "INLINE", "inputParameters": { "keycloak": "{{ keycloak }}/{{ keycloak_realm }}", "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", "user" : "${workflow.input.user}", "group" : "${workflow.input.group}", - "scriptExpression": "function e(v){ return (v == null || (v.trim && v.trim() === ''))}; if(e($.user) || e($.group)) throw('User and Group must not be empty'); var path = $.group.startsWith('%2F') ? $.group.split('%2F').slice(1) : [$.group]; return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0], 'search' : encodeURIComponent(path.slice(path.length-1)[0])}" + "evaluatorType" : "javascript", + "expression": "function e(v){ return (v == null || (v.trim && v.trim() === ''))}; if(e($.user) || e($.group)) throw('User and Group must not be empty'); var path = $.group.startsWith('%2F') ? $.group.split('%2F').slice(1) : [$.group]; return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0], 'search' : encodeURIComponent(path.slice(path.length-1)[0])}" } }, { @@ -50,35 +51,37 @@ } }, { - "name": "LAMBDA_TASK", + "name": "INLINE_TASK", "taskReferenceName": "select_user", "inputParameters": { "foundusers": "${lookup_user.output.body}", "username": "${workflow.input.user}", - "scriptExpression": "for(var i=0; i < $.foundusers.length;i++){if($.foundusers[i]['username'] == $.username) return Java.to([$.foundusers[i]], 'java.lang.Object[]')}" + "evaluatorType" : "javascript", + "expression": "function f(){for(var i=0; i < $.foundusers.length;i++){if($.foundusers[i]['username'] == $.username) return $.foundusers[i]}} f()" }, - "type": "LAMBDA" + "type": "INLINE" }, { - "name": "check_user_existance", - "taskReferenceName": "check_user_existance", - "inputParameters": { - "user": "${select_user.output.result[0]}" - }, - "type": "DECISION", - "caseExpression": "($.user == null ? 'true' : 'false')", - "decisionCases": { - "true": [ - { - "name" : "terminate", - "taskReferenceName" : "terminate_when_no_user", - "type" : "TERMINATE", - "inputParameters" : { - "terminationStatus" : "COMPLETED" - } - } - ] - } + "name": "check_user_existance", + "taskReferenceName": "check_user_existance", + "inputParameters": { + "user": "${select_user.output.result[0]}" + }, + "type": "SWITCH", + "evaluatorType" : "javascript", + "expression": "($.user == null ? 'true' : 'false')", + "decisionCases": { + "true": [ + { + "name" : "terminate", + "taskReferenceName" : "terminate_when_no_user", + "type" : "TERMINATE", + "inputParameters" : { + "terminationStatus" : "COMPLETED" + } + } + ] + } }, { "name" : "pyrest", @@ -93,9 +96,9 @@ } }, { - "name": "LAMBDA_TASK", + "name": "INLINE_TASK", "taskReferenceName": "extract_group", - "type": "LAMBDA", + "type": "INLINE", "inputParameters": { "tree" : "${init.output.result.tree}", "groups" : "${look_up_groups.output.body}", @@ -105,11 +108,12 @@ { "name" : "check_group_existance", "taskReferenceName" : "check_group_existance", - "type" : "DECISION", + "type" : "SWITCH", + "evaluatorType" : "javascript", "inputParameters" :{ "group" : "${extract_group.output.result.group}" }, - "caseExpression": "(($.group != null) ? 'assign' : 'skip')", + "expression": "(($.group != null) ? 'assign' : 'skip')", "decisionCases" : { "assign" : [ { diff --git a/templates/user-group_deleted.json.j2 b/templates/user-group_deleted.json.j2 index 7e06ddd..f5791ab 100644 --- a/templates/user-group_deleted.json.j2 +++ b/templates/user-group_deleted.json.j2 @@ -8,15 +8,16 @@ "inputParameters" : ["user", "group"], "tasks" : [ { - "name": "LAMBDA_TASK", + "name": "INLINE_TASK", "taskReferenceName": "init", - "type": "LAMBDA", + "type": "INLINE", "inputParameters": { "keycloak": "{{ keycloak }}/{{ keycloak_realm }}", "keycloak_admin" : "{{ keycloak_admin }}/{{ keycloak_realm }}", "group" : "${workflow.input.group}", "user" : "${workflow.input.user}", - "scriptExpression": "function e(v){ return (v == null || (v.trim && v.trim() === ''))}; if(e($.user) || e($.group)) throw('User and Group must not be empty'); var path = $.group.startsWith('%2F') ? $.group.split('%2F').slice(1) : [$.group]; return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0], search : encodeURIComponent(path.slice(path.length-1)[0])}" + "evaluatorType" : "javascript", + "expression": "function e(v){ return (v == null || (v.trim && v.trim() === ''))}; if(e($.user) || e($.group)) throw('User and Group must not be empty'); var path = $.group.startsWith('%2F') ? $.group.split('%2F').slice(1) : [$.group]; return { 'tree' : Java.to(path, 'java.lang.Object[]'), 'name' : path.slice(path.length-1)[0], search : encodeURIComponent(path.slice(path.length-1)[0])}" } }, { @@ -49,23 +50,25 @@ } } }, - { - "name": "LAMBDA_TASK", - "taskReferenceName": "select_user", - "inputParameters": { - "foundusers": "${lookup_user.output.body}", - "username": "${workflow.input.user}", - "scriptExpression": "for(var i=0; i < $.foundusers.length;i++){if($.foundusers[i]['username'] == $.username) return Java.to([$.foundusers[i]], 'java.lang.Object[]')}" - }, - "type": "LAMBDA" - }, + { + "name": "INLINE_TASK", + "taskReferenceName": "select_user", + "inputParameters": { + "foundusers": "${lookup_user.output.body}", + "username": "${workflow.input.user}", + "evaluatorType" : "javascript", + "expression": "function f(){for(var i=0; i < $.foundusers.length;i++){if($.foundusers[i]['username'] == $.username) return $.foundusers[i]}} f()" + }, + "type": "INLINE" + }, { "name": "check_user_existance", "taskReferenceName": "check_user_existance", "inputParameters": { - "user": "${select_user.output.result[0]}" + "user": "${select_user.output.result}" }, - "type": "DECISION", + "type": "SWITCH", + "evaluatorType" : "javascript", "caseExpression": "($.user == null ? 'true' : 'false')", "decisionCases": { "true": [ @@ -93,23 +96,25 @@ } }, { - "name": "LAMBDA_TASK", + "name": "INLINE_TASK", "taskReferenceName": "extract_group", - "type": "LAMBDA", + "type": "INLINE", "inputParameters": { "tree" : "${init.output.result.tree}", "groups" : "${look_up_groups.output.body}", - "scriptExpression": "function selectByPath(groups, path, level) { for (var i=0; i < groups.length; i++) {if (groups[i].name === path[level]) {if (level === path.length - 1) return groups[i];return selectByPath(groups[i].subGroups, path, level+1)}} return null; } return { 'group' : selectByPath($.groups, $.tree, 0)}" + "evaluatorType" : "javascript", + "expression": "function selectByPath(groups, path, level) { for (var i=0; i < groups.length; i++) {if (groups[i].name === path[level]) {if (level === path.length - 1) return groups[i];return selectByPath(groups[i].subGroups, path, level+1)}} return null; } return { 'group' : selectByPath($.groups, $.tree, 0)}" } }, { "name" : "check_group_existance", "taskReferenceName" : "check_group_existance", - "type" : "DECISION", + "type" : "SWITCH", "inputParameters" :{ "group" : "${extract_group.output.result.group}" }, - "caseExpression": "(($.group != null) ? 'delete' : 'skip')", + "evaluatorType" : "javascript", + "expression": "(($.group != null) ? 'delete' : 'skip')", "decisionCases" : { "skip" : [ { @@ -128,7 +133,7 @@ "taskReferenceName" : "delete_user_from_group", "type" : "SIMPLE", "inputParameters" : { - "url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/groups/${extract_group.output.result.group.id}", + "url" : "${init.input.keycloak_admin}/users/${select_user.output.return.id}/groups/${extract_group.output.result.group.id}", "method" : "DELETE", "headers" : { "Authorization" : "Bearer ${authorize.output.body.access_token}" @@ -166,7 +171,7 @@ { "name" : "check_role_existance", "taskReferenceName" : "check_role_existance", - "type" : "DECISION", + "type" : "SWITCH", "inputParameters" :{ "previous_outcome" : "${get_client_roles.output.status}" }, @@ -178,7 +183,7 @@ "taskReferenceName" : "remove_all_roles_from_user", "type" : "SIMPLE", "inputParameters" : { - "url" : "${init.input.keycloak_admin}/users/${select_user.output.result[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}", + "url" : "${init.input.keycloak_admin}/users/${select_user.output.result.id}/role-mappings/clients/${lookup_client.output.body[0].id}", "expect" : 204, "method" : "DELETE", "body" : "${get_client_roles.body}",