ansible-role-conductor-work.../templates/delete-user-account.json.j2

240 lines
11 KiB
Django/Jinja

{
"ownerApp" : "Orchestrator",
"name" : "delete-user-account",
"createBy" : "Marco Lettere",
"description": "Handle Admin events from Keycloak",
"version" : 1,
"ownerEmail" : "m.lettere@gmail.com",
"inputParameters" : [ "userid" ],
"tasks" : [
{
"name": "INLINE_TASK",
"taskReferenceName": "init",
"type": "INLINE",
"inputParameters": {
"root_vo": "{{ root_vo }}",
"keycloak": "{{ keycloak }}/${workflow.input.realm}",
"keycloak_admin" : "{{ keycloak_admin }}/${workflow.input.realm}",
"liferay": "{{ liferay }}",
"liferay_auth": "{{ liferay_auth }}",
"keycloak_userid" : "${workflow.input.userid}",
"evaluatorType" : "javascript",
"expression": "function f(){ return { 'decoded_root_vo' : $.root_vo.replace('%2F','/'), 'encoded_root_vo' : encodeURIComponent($.root_vo)}} f()"
}
},
{
"name" : "pyrest",
"taskReferenceName" : "authorize",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
"method" : "POST",
"headers" : {
"Accept" : "application/json"
},
"body" : {
"client_id" : "orchestrator",
"client_secret" : "{{ keycloak_auth }}",
"grant_type" : "client_credentials"
}
}
},
{
"name" : "pyrest",
"taskReferenceName" : "lookup_user",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.keycloak_admin}/users/${init.input.keycloak_userid}",
"method" : "GET",
"headers" : {
"Authorization" : "Bearer ${authorize.output.body.access_token}",
"Accept" : "application/json"
}
}
},
{
"name" : "fork_join",
"taskReferenceName" : "global_delete_user",
"type" : "FORK_JOIN",
"forkTasks" : [
[
{
"name" : "pyrest",
"taskReferenceName" : "lookup_lr_company",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.liferay}/company/get-company-by-web-id",
"method" : "GET",
"params" : { "webId" : "liferay.com"},
"headers" : {
"Authorization" : "Basic ${init.input.liferay_auth}",
"Accept" : "application/json"
}
}
},
{
"name" : "pyrest",
"taskReferenceName" : "lookup_lr_user_by_screenname",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.liferay}/user/get-user-by-screen-name",
"method" : "GET",
"params" : {
"companyId" : "${lookup_lr_company.output.body.companyId}",
"screenName" : "${lookup_user.output.body.username}"
},
"headers" : {
"Authorization" : "Basic ${init.input.liferay_auth}",
"Accept" : "application/json"
}
}
},
{
"name" : "pyrest",
"taskReferenceName" : "lookup_lr_user_groups",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.liferay}/group/get-user-sites-groups",
"method" : "GET",
"params" : {
"classNames" : "[\"com.liferay.portal.model.Group\"]",
"userId" : "${lookup_lr_user_by_screenname.output.body.userId}",
"max" : "-1"
},
"headers" : {
"Authorization" : "Basic ${init.input.liferay_auth}",
"Accept" : "application/json"
}
}
},
{
"name": "INLINE_TASK",
"taskReferenceName": "build_delete_group_tasks",
"type": "INLINE",
"inputParameters": {
"evaluatorType" : "javascript",
"groups" : "${lookup_lr_user_groups.output.body.*.groupId}",
"userId" : "${lookup_lr_user_by_screenname.output.body.userId}",
"expression": "inputs = {}; tasks = []; function f(){ for(var i=0;i<$.groups.length;i++){tasks.push({'name': 'pyrest','type' : 'SIMPLE','taskReferenceName' : 'del-' + i});inputs['del-'+i] = {'url' : '${init.input.liferay}/user/unset-group-users?userIds=' + $.userId + '&groupId=' + $.groups[i],'method' : 'POST','headers' : {'Authorization' : 'Basic ' + '${init.input.liferay_auth}', 'Accept' : 'application/json'}}}; return { 'tasks' : Java.to(tasks, 'java.util.Map[]'), 'inputs' : inputs}} f()"
}
},
{
"name" : "fork_dynamic",
"type" : "FORK_JOIN_DYNAMIC",
"taskReferenceName" : "parallel_delete_group",
"inputParameters" : {
"tasks" : "${build_delete_group_tasks.output.result.tasks}",
"inputs" : "${build_delete_group_tasks.output.result.inputs}"
},
"dynamicForkTasksParam": "tasks",
"dynamicForkTasksInputParamName": "inputs"
},
{
"name" : "join",
"type" : "JOIN",
"taskReferenceName" : "join_parallel_group_deletion"
},
{
"name" : "pyrest",
"taskReferenceName" : "delete_lr_user",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.liferay}/user/delete-user",
"method" : "POST",
"params" : {
"userId" : "${lookup_lr_user_by_screenname.output.body.userId}"
},
"headers" : {
"Authorization" : "Basic ${init.input.liferay_auth}",
"Accept" : "application/json"
}
}
},
{
"name": "INLINE_TASK",
"taskReferenceName": "lr_final_task",
"type": "INLINE",
"inputParameters" : {
"evaluatorType" : "javascript",
"expression" : "1 == 1"
}
}
],
[
{
"name" : "pyrest",
"taskReferenceName" : "get_rootvo",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.keycloak_admin}/clients?clientId=${init.output.result.encoded_root_vo}",
"method" : "GET",
"headers" : {
"Authorization" : "Bearer ${authorize.output.body.access_token}",
"Accept" : "application/json"
}
}
},
{
"name" : "pyrest",
"taskReferenceName" : "get_rootvo_roles",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles",
"method" : "GET",
"expect" : [200, 404],
"headers" : {
"Authorization" : "Bearer ${authorize.output.body.access_token}",
"Accept" : "application/json"
}
}
},
{
"name" : "pyrest",
"taskReferenceName" : "get_rootvo_infra_managers",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles/Infrastructure-Manager/users",
"method" : "GET",
"expect" : [200, 404],
"headers" : {
"Authorization" : "Bearer ${authorize.output.body.access_token}",
"Accept" : "application/json"
}
}
}
]
]
},
{
"name" : "join",
"type" : "JOIN",
"taskReferenceName" : "global_delete_user_join",
"joinOn": [ "lr_final_task", "get_rootvo_infra_managers"]
},
{
"name" : "pyrest",
"taskReferenceName" : "delete_keycloak_user",
"type" : "SIMPLE",
"inputParameters" : {
"url" : "${init.input.keycloak_admin}/users/${init.input.keycloak_userid}",
"method" : "DELETE",
"headers" : {
"Authorization" : "Bearer ${authorize.output.body.access_token}",
"Accept" : "application/json"
}
}
},
{
"name" : "pymail",
"taskReferenceName" : "notify_infra_managers",
"type" : "SIMPLE",
"inputParameters" : {
"subject" : "User account REMOVAL notification",
"from" : "noreply@d4science.org",
"to" : "${get_rootvo_infra_managers.output.body.*.email}",
"html" : "<html><body><p>Dear ${init.output.result.decoded_root_vo} Infrastructure Manager,</p><p>${lookup_user.output.body.firstName} ${lookup_user.output.body.lastName} (${lookup_user.output.body.username}) removed his/her account from the portal with the following email: ${lookup_user.output.body.email}</p><p>You received this email because you are an Infrastructure Manager.</p><p>WARNING / LEGAL TEXT: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received.</p></body></html>"
}
}
]
}