304 lines
11 KiB
Django/Jinja
304 lines
11 KiB
Django/Jinja
{
|
|
"ownerApp": "Orchestrator",
|
|
"createTime": 1712929588891,
|
|
"updateTime": 1712930905661,
|
|
"accessPolicy": {},
|
|
"name": "keycloak_delete_account",
|
|
"description": "Handle Admin events from Keycloak",
|
|
"version": 1,
|
|
"tasks": [
|
|
{
|
|
"name": "INLINE_TASK",
|
|
"taskReferenceName": "init",
|
|
"inputParameters": {
|
|
"root_vo": "{{ root_vo }}",
|
|
"keycloak": "{{ keycloak }}/${workflow.input.realm}",
|
|
"keycloak_admin": "{{ keycloak_admin }}/${workflow.input.realm}",
|
|
"liferay": "{{ liferay }}",
|
|
"liferay_auth": "{{ liferay_auth }}",
|
|
"keycloak_username": "${workflow.input.username}",
|
|
"evaluatorType": "javascript",
|
|
"expression": "function f(){ return { 'decoded_root_vo' : $.root_vo.replace('%2F','/'), 'encoded_root_vo' : encodeURIComponent($.root_vo)}} f()"
|
|
},
|
|
"type": "INLINE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "authorize",
|
|
"inputParameters": {
|
|
"url": "${init.input.keycloak}/protocol/openid-connect/token",
|
|
"method": "POST",
|
|
"headers": {
|
|
"Accept": "application/json"
|
|
},
|
|
"body": {
|
|
"client_id": "orchestrator",
|
|
"client_secret" : "{{ keycloak_auth }}",
|
|
"grant_type": "client_credentials"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "fork_join",
|
|
"taskReferenceName": "global_delete_user",
|
|
"inputParameters": {},
|
|
"type": "FORK_JOIN",
|
|
"forkTasks": [
|
|
[
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "lookup_lr_company",
|
|
"inputParameters": {
|
|
"url": "${init.input.liferay}/company/get-company-by-web-id",
|
|
"method": "GET",
|
|
"params": {
|
|
"webId": "liferay.com"
|
|
},
|
|
"headers": {
|
|
"Authorization": "Basic ${init.input.liferay_auth}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "lookup_lr_user_by_screenname",
|
|
"inputParameters": {
|
|
"url": "${init.input.liferay}/user/get-user-by-screen-name",
|
|
"method": "GET",
|
|
"params": {
|
|
"companyId": "${lookup_lr_company.output.body.companyId}",
|
|
"screenName": "${init.input.keycloak_username}"
|
|
},
|
|
"headers": {
|
|
"Authorization": "Basic ${init.input.liferay_auth}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "lookup_lr_user_groups",
|
|
"inputParameters": {
|
|
"url": "${init.input.liferay}/group/get-user-sites-groups",
|
|
"method": "GET",
|
|
"params": {
|
|
"classNames": "[\"com.liferay.portal.model.Group\"]",
|
|
"userId": "${lookup_lr_user_by_screenname.output.body.userId}",
|
|
"max": "-1"
|
|
},
|
|
"headers": {
|
|
"Authorization": "Basic ${init.input.liferay_auth}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "INLINE_TASK",
|
|
"taskReferenceName": "build_delete_group_tasks",
|
|
"inputParameters": {
|
|
"evaluatorType": "javascript",
|
|
"groups": "${lookup_lr_user_groups.output.body.*.groupId}",
|
|
"userId": "${lookup_lr_user_by_screenname.output.body.userId}",
|
|
"expression": "inputs = {}; tasks = []; function f(){ for(var i=0;i<$.groups.length;i++){tasks.push({'name': 'pyrest','type' : 'SIMPLE','taskReferenceName' : 'del-' + i});inputs['del-'+i] = {'url' : '${init.input.liferay}/user/unset-group-users?userIds=' + $.userId + '&groupId=' + $.groups[i],'method' : 'POST','headers' : {'Authorization' : 'Basic ' + '${init.input.liferay_auth}', 'Accept' : 'application/json'}}}; return { 'tasks' : Java.to(tasks, 'java.util.Map[]'), 'inputs' : inputs}} f()"
|
|
},
|
|
"type": "INLINE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "fork_dynamic",
|
|
"taskReferenceName": "parallel_delete_group",
|
|
"inputParameters": {
|
|
"tasks": "${build_delete_group_tasks.output.result.tasks}",
|
|
"inputs": "${build_delete_group_tasks.output.result.inputs}"
|
|
},
|
|
"type": "FORK_JOIN_DYNAMIC",
|
|
"dynamicForkTasksParam": "tasks",
|
|
"dynamicForkTasksInputParamName": "inputs",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "join",
|
|
"taskReferenceName": "join_parallel_group_deletion",
|
|
"inputParameters": {},
|
|
"type": "JOIN",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "delete_lr_user",
|
|
"inputParameters": {
|
|
"url": "${init.input.liferay}/user/delete-user",
|
|
"method": "POST",
|
|
"params": {
|
|
"userId": "${lookup_lr_user_by_screenname.output.body.userId}"
|
|
},
|
|
"headers": {
|
|
"Authorization": "Basic ${init.input.liferay_auth}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "INLINE_TASK",
|
|
"taskReferenceName": "lr_final_task",
|
|
"inputParameters": {
|
|
"evaluatorType": "javascript",
|
|
"expression": "1 == 1"
|
|
},
|
|
"type": "INLINE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
}
|
|
],
|
|
[
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "get_rootvo",
|
|
"inputParameters": {
|
|
"url": "${init.input.keycloak_admin}/clients?clientId=${init.output.result.encoded_root_vo}",
|
|
"method": "GET",
|
|
"headers": {
|
|
"Authorization": "Bearer ${authorize.output.body.access_token}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "get_rootvo_roles",
|
|
"inputParameters": {
|
|
"url": "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles",
|
|
"method": "GET",
|
|
"expect": [
|
|
200,
|
|
404
|
|
],
|
|
"headers": {
|
|
"Authorization": "Bearer ${authorize.output.body.access_token}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pyrest",
|
|
"taskReferenceName": "get_rootvo_infra_managers",
|
|
"inputParameters": {
|
|
"url": "${init.input.keycloak_admin}/clients/${get_rootvo.output.body[0].id}/roles/Infrastructure-Manager/users",
|
|
"method": "GET",
|
|
"expect": [
|
|
200,
|
|
404
|
|
],
|
|
"headers": {
|
|
"Authorization": "Bearer ${authorize.output.body.access_token}",
|
|
"Accept": "application/json"
|
|
}
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
}
|
|
]
|
|
],
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "join",
|
|
"taskReferenceName": "global_delete_user_join",
|
|
"inputParameters": {},
|
|
"type": "JOIN",
|
|
"startDelay": 0,
|
|
"joinOn": [
|
|
"lr_final_task",
|
|
"get_rootvo_infra_managers"
|
|
],
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
},
|
|
{
|
|
"name": "pymail",
|
|
"taskReferenceName": "notify_infra_managers",
|
|
"inputParameters": {
|
|
"subject": "User account REMOVAL notification",
|
|
"from": "noreply@d4science.org",
|
|
"to": "${get_rootvo_infra_managers.output.body.*.email}",
|
|
"html": "<html><body><p>Dear ${init.output.result.decoded_root_vo} Infrastructure Manager,</p><p>'${lookup_lr_user_by_screenname.output.body.firstName} ${lookup_lr_user_by_screenname.output.body.lastName} (${lookup_lr_user_by_screenname.output.body.screenName})' removed his/her account from the IAM</p><p>You received this email because you are an Infrastructure Manager.</p><p>WARNING / LEGAL TEXT: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received.</p></body></html>"
|
|
},
|
|
"type": "SIMPLE",
|
|
"startDelay": 0,
|
|
"optional": false,
|
|
"asyncComplete": false,
|
|
"permissive": false
|
|
}
|
|
],
|
|
"inputParameters": [
|
|
"userid"
|
|
],
|
|
"outputParameters": {},
|
|
"schemaVersion": 2,
|
|
"restartable": true,
|
|
"workflowStatusListenerEnabled": false,
|
|
"ownerEmail": "mauro.mugnaini@nubisware.com",
|
|
"timeoutPolicy": "ALERT_ONLY",
|
|
"timeoutSeconds": 0,
|
|
"variables": {},
|
|
"inputTemplate": {}
|
|
}
|