Marmelator/persistence-service
1
0
Fork 0
Code Issues Pull Requests 17 Actions Packages Projects Releases 1.1k Wiki Activity

RED-4644: Enabled to create default users at createTenant

Browse Source
This commit is contained in:
deiflaender 2023-03-27 13:16:21 +02:00
parent e71adaaa37
commit 44ec59c992
5 changed files with 58 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/TenantManagementService.java
View File

@ -9,6 +9,7 @@ import java.net.URI;
import java.net.URISyntaxException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
@ -48,6 +49,7 @@ import com.iqser.red.service.persistence.management.v1.processor.service.persist
import com.iqser.red.service.persistence.management.v1.processor.utils.jdbc.JDBCUtils;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.AzureStorageConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.DatabaseConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.RedUser;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.S3StorageConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.SearchConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.TenantRequest;
@ -174,7 +176,7 @@ public class TenantManagementService {
tenantRepository.save(tenantEntity);
createRealm(tenantRequest.getTenantId());
createRealm(tenantRequest.getTenantId(), tenantRequest.getRedUsers());
var waitTime = 0;
boolean realmReady;
@ -203,8 +205,7 @@ public class TenantManagementService {
}
private void createSchema(TenantRequest tenantRequest){
private void createSchema(TenantRequest tenantRequest) {
var jdbcUrl = JDBCUtils.buildJdbcUrl(tenantRequest.getDatabaseConnection());
try (Connection connection = DriverManager.getConnection(jdbcUrl,
@ -213,7 +214,8 @@ public class TenantManagementService {
DataSource tenantDataSource = new SingleConnectionDataSource(connection, false);
JdbcTemplate jdbcTemplate = new JdbcTemplate(tenantDataSource);
jdbcTemplate.execute((StatementCallback<Boolean>) stmt -> stmt.execute("CREATE SCHEMA " + tenantRequest.getDatabaseConnection().getSchema()));
jdbcTemplate.execute((StatementCallback<Boolean>) stmt -> stmt.execute("GRANT USAGE ON SCHEMA " + tenantRequest.getDatabaseConnection().getSchema() + " TO " + tenantRequest.getDatabaseConnection().getUsername()));
jdbcTemplate.execute((StatementCallback<Boolean>) stmt -> stmt.execute("GRANT USAGE ON SCHEMA " + tenantRequest.getDatabaseConnection()
.getSchema() + " TO " + tenantRequest.getDatabaseConnection().getUsername()));
} catch (Exception e) {
log.info("Could not create schema, ignoring");
}
@ -230,7 +232,7 @@ public class TenantManagementService {
}
private void createRealm(String tenantId) {
private void createRealm(String tenantId, List<RedUser> users) {
var redaction = new RealmRepresentation();
redaction.setId(tenantId);
@ -286,24 +288,37 @@ public class TenantManagementService {
rolesRepresentation.setRealm(List.of(redUserRole, redManagerRole, redAdminRole, redUserAdminRole));
redaction.setRoles(rolesRepresentation);
redaction.setUsers(users.stream().map(this::toUserRepresentation).collect(Collectors.toList()));
keycloak.getAdminClient().realms().create(redaction);
}
private UserRepresentation toUserRepresentation(RedUser redUser) {
var credentialRepresentation = new CredentialRepresentation();
credentialRepresentation.setType("password");
credentialRepresentation.setValue("OsloImWinter!23");
credentialRepresentation.setValue(redUser.getPassword());
var defaultUser = new UserRepresentation();
defaultUser.setUsername("manageradmin");
defaultUser.setCredentials(List.of(credentialRepresentation));
defaultUser.setEmailVerified(true);
defaultUser.setRealmRoles(List.of(RED_USER_ROLE, RED_MANAGER_ROLE, RED_ADMIN_ROLE, RED_USER_ADMIN_ROLE, "uma_authorization", "offline_access"));
var user = new UserRepresentation();
user.setUsername(redUser.getUsername());
user.setCredentials(List.of(credentialRepresentation));
user.setEmailVerified(true);
var roles = new ArrayList<String>();
roles.addAll(redUser.getRedRoles());
roles.add("uma_authorization");
roles.add("offline_access");
user.setRealmRoles(roles);
var clientRoles = new HashMap<String, List<String>>();
clientRoles.put("account", List.of("manage-account", "view-profile"));
defaultUser.setClientRoles(clientRoles);
defaultUser.setEnabled(true);
redaction.setUsers(List.of(defaultUser));
user.setClientRoles(clientRoles);
user.setEnabled(true);
keycloak.getAdminClient().realms().create(redaction);
return user;
}

3
persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/utils/AbstractPersistenceServerServiceTest.java
View File

@ -3,6 +3,7 @@ package com.iqser.red.service.peristence.v1.server.integration.utils;
import static org.mockito.Mockito.when;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.UUID;
@ -92,6 +93,7 @@ import com.iqser.red.service.persistence.service.v1.api.shared.model.CreateUserR
import com.iqser.red.service.persistence.service.v1.api.shared.model.ResetPasswordRequest;
import com.iqser.red.service.persistence.service.v1.api.shared.model.dossiertemplate.configuration.ApplicationConfig;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.DatabaseConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.RedUser;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.S3StorageConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.SearchConnection;
import com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy.TenantRequest;
@ -338,6 +340,7 @@ public abstract class AbstractPersistenceServerServiceTest {
.region("eu")
.endpoint("endpoint")
.build())
.redUsers(List.of(RedUser.builder().username("user").password("password").redRoles(Set.of("RED_MANAGER", "RED_ADMIN")).build()))
.build();
tenantManagementService.createTenant(tenantRequest);

19
persistence-service-v1/persistence-service-shared-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/shared/model/multitenancy/RedUser.java Normal file
View File

@ -0,0 +1,19 @@
package com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy;
import java.util.HashSet;
import java.util.Set;
import lombok.Builder;
import lombok.Data;
@Data
@Builder
public class RedUser {
private String username;
private String password;
@Builder.Default
private Set<String> redRoles = new HashSet<>();
}

5
persistence-service-v1/persistence-service-shared-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/shared/model/multitenancy/S3StorageConnection.java
View File

@ -11,11 +11,6 @@ import lombok.NoArgsConstructor;
@NoArgsConstructor
public class S3StorageConnection {
private String tenantId;
private String displayName;
private String guid;
private String jdbcUrl;
private String user;
private String key;
private String secret;
private String signerType;

6
persistence-service-v1/persistence-service-shared-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/shared/model/multitenancy/TenantRequest.java
View File

@ -1,5 +1,8 @@
package com.iqser.red.service.persistence.service.v1.api.shared.model.multitenancy;
import java.util.ArrayList;
import java.util.List;
import javax.validation.constraints.NotBlank;
import lombok.AllArgsConstructor;
@ -24,4 +27,7 @@ public class TenantRequest {
private AzureStorageConnection azureStorageConnection;
private S3StorageConnection s3StorageConnection;
@Builder.Default
private List<RedUser> redUsers = new ArrayList<>();
}