240 lines
11 KiB
Django/Jinja
240 lines
11 KiB
Django/Jinja
{
|
|
"ownerApp" : "Orchestrator",
|
|
"name" : "delete-user-account",
|
|
"createBy" : "Marco Lettere",
|
|
"description": "Handle Admin events from Keycloak",
|
|
"version" : 1,
|
|
"ownerEmail" : "m.lettere@gmail.com",
|
|
"inputParameters" : [ "userid" ],
|
|
"tasks" : [
|
|
{
|
|
"name": "INLINE_TASK",
|
|
"taskReferenceName": "init",
|
|
"type": "INLINE",
|
|
"inputParameters": {
|
|
"root_vo": "{{ root_vo }}",
|
|
"keycloak": "{{ keycloak }}/${workflow.input.realm}",
|
|
"keycloak_admin" : "{{ keycloak_admin }}/${workflow.input.realm}",
|
|
"liferay": "{{ liferay }}",
|
|
"liferay_auth": "{{ liferay_auth }}",
|
|
"keycloak_userid" : "${workflow.input.userid}",
|
|
"evaluatorType" : "javascript",
|
|
"expression": "function f(){ return { 'decoded_root_vo' : $.root_vo.replace('%2F','/'), 'encoded_root_vo' : encodeURIComponent($.root_vo)}} f()"
|
|
}
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "authorize",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
|
"method" : "POST",
|
|
"headers" : {
|
|
"Accept" : "application/json"
|
|
},
|
|
"body" : {
|
|
"client_id" : "orchestrator",
|
|
"client_secret" : "{{ keycloak_auth }}",
|
|
"grant_type" : "client_credentials"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "lookup_user",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.keycloak_admin}/users/${init.input.keycloak_userid}",
|
|
"method" : "GET",
|
|
"headers" : {
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "fork_join",
|
|
"taskReferenceName" : "global_delete_user",
|
|
"type" : "FORK_JOIN",
|
|
"forkTasks" : [
|
|
[
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "lookup_lr_company",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.liferay}/company/get-company-by-web-id",
|
|
"method" : "GET",
|
|
"params" : { "webId" : "liferay.com"},
|
|
"headers" : {
|
|
"Authorization" : "Basic ${init.input.liferay_auth}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "lookup_lr_user_by_screenname",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.liferay}/user/get-user-by-screen-name",
|
|
"method" : "GET",
|
|
"params" : {
|
|
"companyId" : "${lookup_lr_company.output.body.companyId}",
|
|
"screenName" : "${lookup_user.output.body.username}"
|
|
},
|
|
"headers" : {
|
|
"Authorization" : "Basic ${init.input.liferay_auth}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "lookup_lr_user_groups",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.liferay}/group/get-user-sites-groups",
|
|
"method" : "GET",
|
|
"params" : {
|
|
"classNames" : "[\"com.liferay.portal.model.Group\"]",
|
|
"userId" : "${lookup_lr_user_by_screenname.output.body.userId}",
|
|
"max" : "-1"
|
|
},
|
|
"headers" : {
|
|
"Authorization" : "Basic ${init.input.liferay_auth}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name": "INLINE_TASK",
|
|
"taskReferenceName": "build_delete_group_tasks",
|
|
"type": "INLINE",
|
|
"inputParameters": {
|
|
"evaluatorType" : "javascript",
|
|
"groups" : "${lookup_lr_user_groups.output.body.*.groupId}",
|
|
"userId" : "${lookup_lr_user_by_screenname.output.body.userId}",
|
|
"expression": "inputs = {}; tasks = []; function f(){ for(var i=0;i<$.groups.length;i++){tasks.push({'name': 'pyrest','type' : 'SIMPLE','taskReferenceName' : 'del-' + i});inputs['del-'+i] = {'url' : '${init.input.liferay}/user/unset-group-users?userIds=' + $.userId + '&groupId=' + $.groups[i],'method' : 'POST','headers' : {'Authorization' : 'Basic ' + '${init.input.liferay_auth}', 'Accept' : 'application/json'}}}; return { 'tasks' : Java.to(tasks, 'java.util.Map[]'), 'inputs' : inputs}} f()"
|
|
}
|
|
},
|
|
{
|
|
"name" : "fork_dynamic",
|
|
"type" : "FORK_JOIN_DYNAMIC",
|
|
"taskReferenceName" : "parallel_delete_group",
|
|
"inputParameters" : {
|
|
"tasks" : "${build_delete_group_tasks.output.result.tasks}",
|
|
"inputs" : "${build_delete_group_tasks.output.result.inputs}"
|
|
},
|
|
"dynamicForkTasksParam": "tasks",
|
|
"dynamicForkTasksInputParamName": "inputs"
|
|
},
|
|
{
|
|
"name" : "join",
|
|
"type" : "JOIN",
|
|
"taskReferenceName" : "join_parallel_group_deletion"
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "delete_lr_user",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.liferay}/user/delete-user",
|
|
"method" : "POST",
|
|
"params" : {
|
|
"userId" : "${lookup_lr_user_by_screenname.output.body.userId}"
|
|
},
|
|
"headers" : {
|
|
"Authorization" : "Basic ${init.input.liferay_auth}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name": "INLINE_TASK",
|
|
"taskReferenceName": "lr_final_task",
|
|
"type": "INLINE",
|
|
"inputParameters" : {
|
|
"evaluatorType" : "javascript",
|
|
"expression" : "1 == 1"
|
|
}
|
|
}
|
|
],
|
|
[
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "get_rootvo",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.keycloak_admin}/clients?clientId=${init.output.result.encoded_root_vo}",
|
|
"method" : "GET",
|
|
"headers" : {
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "get_rootvo_roles",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles",
|
|
"method" : "GET",
|
|
"expect" : [200, 404],
|
|
"headers" : {
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "get_rootvo_infra_managers",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles/Infrastructure-Manager/users",
|
|
"method" : "GET",
|
|
"expect" : [200, 404],
|
|
"headers" : {
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
]
|
|
},
|
|
{
|
|
"name" : "join",
|
|
"type" : "JOIN",
|
|
"taskReferenceName" : "global_delete_user_join",
|
|
"joinOn": [ "lr_final_task", "get_rootvo_infra_managers"]
|
|
},
|
|
{
|
|
"name" : "pyrest",
|
|
"taskReferenceName" : "delete_keycloak_user",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"url" : "${init.input.keycloak_admin}/users/${init.input.keycloak_userid}",
|
|
"method" : "DELETE",
|
|
"headers" : {
|
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
|
"Accept" : "application/json"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name" : "pymail",
|
|
"taskReferenceName" : "notify_infra_managers",
|
|
"type" : "SIMPLE",
|
|
"inputParameters" : {
|
|
"subject" : "User account REMOVAL notification",
|
|
"from" : "noreply@d4science.org",
|
|
"to" : "${get_rootvo_infra_managers.output.body.*.email}",
|
|
"html" : "<html><body><p>Dear ${init.output.result.decoded_root_vo} Infrastructure Manager,</p><p>${lookup_user.output.body.firstName} ${lookup_user.output.body.lastName} (${lookup_user.output.body.username}) removed his/her account from the portal with the following email: ${lookup_user.output.body.email}</p><p>You received this email because you are an Infrastructure Manager.</p><p>WARNING / LEGAL TEXT: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received.</p></body></html>"
|
|
}
|
|
}
|
|
]
|
|
}
|