addition of policies for roles
This commit is contained in:
dcore94
parent
7658af52f8
commit
c007896a55
|
|
@ -157,7 +157,7 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name" : "pyrest",
|
"name" : "pyrest",
|
||||||
"taskReferenceName" : "create_kc_group",
|
"taskReferenceName" : "create_kc_group",
|
||||||
"type" : "SIMPLE",
|
"type" : "SIMPLE",
|
||||||
"inputParameters" : {
|
"inputParameters" : {
|
||||||
|
|
@ -173,7 +173,7 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name" : "pyrest",
|
"name" : "pyrest",
|
||||||
"taskReferenceName" : "list_kc_groups",
|
"taskReferenceName" : "list_kc_groups",
|
||||||
"type" : "SIMPLE",
|
"type" : "SIMPLE",
|
||||||
"inputParameters" : {
|
"inputParameters" : {
|
||||||
|
|
@ -238,7 +238,7 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name" : "pyrest",
|
"name" : "pyrest",
|
||||||
"taskReferenceName" : "assign_client_member_role_to_kc_group",
|
"taskReferenceName" : "assign_client_member_role_to_kc_group",
|
||||||
"type" : "SIMPLE",
|
"type" : "SIMPLE",
|
||||||
"inputParameters" : {
|
"inputParameters" : {
|
||||||
|
|
@ -253,22 +253,59 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
[{
|
[
|
||||||
"name" : "pyrest",
|
{
|
||||||
"taskReferenceName" : "create_role_accountingmanager",
|
"name" : "pyrest",
|
||||||
"type" : "SIMPLE",
|
"taskReferenceName" : "create_role_accountingmanager",
|
||||||
"inputParameters" : {
|
"type" : "SIMPLE",
|
||||||
"url" : "${create_client.output.headers.location}/roles",
|
"inputParameters" : {
|
||||||
"body" : {
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
"clientRole" : true, "name" : "Accounting-Manager", "description" : "Accounting-Manager for ${init.output.result.name}"
|
"body" : {
|
||||||
},
|
"clientRole" : true, "name" : "Accounting-Manager", "description" : "Accounting-Manager for ${init.output.result.name}"
|
||||||
"method" : "POST",
|
},
|
||||||
"headers" : {
|
"method" : "POST",
|
||||||
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
"headers" : {
|
||||||
"Content-Type" : "application/json"
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
}
|
"Content-Type" : "application/json"
|
||||||
}
|
}
|
||||||
}],
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "extract_accountimgmanager_role_id",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"role_location" : "${create_role_accountingmanager.output.headers.location}",
|
||||||
|
"scriptExpression": "var role_id = $.role_location.split('/').pop(); return {'role_id' : role_id}"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_policy_accountingmanager",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients/${extract_client_id.output.result.client_id}/authz/resource-server/policy/role",
|
||||||
|
"body" : {
|
||||||
|
"name": "Accounting-Manager_policy",
|
||||||
|
"description": "",
|
||||||
|
"type" : "role",
|
||||||
|
"logic": "POSITIVE",
|
||||||
|
"decisionStrategy": "UNANIMOUS",
|
||||||
|
"roles" : [
|
||||||
|
{
|
||||||
|
"id" : "${extract_accountimgmanager_role_id.output.result.role_id}",
|
||||||
|
"required" : true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
[{
|
[{
|
||||||
"name" : "pyrest",
|
"name" : "pyrest",
|
||||||
"taskReferenceName" : "create_role_catalogueadmin",
|
"taskReferenceName" : "create_role_catalogueadmin",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue