RED-8414: create new role admin
If users have only the KNECON_ADMIN role they should be filtered out completely If users have the KNECON_ADMIN role and a RED_x role they should be included in the response, but only the RED_x roles should be listed
This commit is contained in:
parent
dc2a11ac83
commit
c0b98a1bef
@ -1,5 +1,6 @@
|
||||
package com.knecon.fforesight.tenantusermanagement.controller.external;
|
||||
|
||||
import static com.knecon.fforesight.tenantusermanagement.permissions.UserManagementPermissions.DELETE_TENANT;
|
||||
import static com.knecon.fforesight.tenantusermanagement.permissions.UserManagementPermissions.READ_ALL_USERS;
|
||||
import static com.knecon.fforesight.tenantusermanagement.permissions.UserManagementPermissions.READ_USERS;
|
||||
import static com.knecon.fforesight.tenantusermanagement.permissions.UserManagementPermissions.UPDATE_MY_PROFILE;
|
||||
@ -62,7 +63,21 @@ public class UserController implements UserResource, PublicResource {
|
||||
userService.evictUserCache();
|
||||
}
|
||||
|
||||
return userService.getAllUsers();
|
||||
var kneconAdminRole = tenantUserManagementProperties.getKcRoleMapping().getRole("KNECON_ADMIN");
|
||||
|
||||
return userService.getAllUsers().stream().filter(user -> {
|
||||
if(user.getRoles().contains(kneconAdminRole.getName()))
|
||||
{
|
||||
//user should be filtered out because he has only role knecon_admin
|
||||
if(user.getRoles().size() == 1) {
|
||||
return false;
|
||||
}
|
||||
//remove knecon_admin role
|
||||
user.getRoles().remove(kneconAdminRole.getName());
|
||||
return true;
|
||||
}
|
||||
return true;
|
||||
}).toList();
|
||||
}
|
||||
|
||||
|
||||
@ -113,7 +128,15 @@ public class UserController implements UserResource, PublicResource {
|
||||
if (StringUtils.isEmpty(userId)) {
|
||||
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "The userId should not be empty.");
|
||||
}
|
||||
return userService.getUserById(userId).orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND, "User not found"));
|
||||
var kneconAdminRole = tenantUserManagementProperties.getKcRoleMapping().getRole("KNECON_ADMIN");
|
||||
var user = userService.getUserById(userId).orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND, "User not found"));
|
||||
if (user.getRoles().contains(kneconAdminRole.getName())) {
|
||||
if(user.getRoles().size() == 1) {
|
||||
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "User not found");
|
||||
}
|
||||
user.getRoles().remove(kneconAdminRole.getName());
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user