aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFiete Ostkamp <Fiete.Ostkamp@telekom.de>2023-08-29 10:30:45 +0200
committerFiete Ostkamp <Fiete.Ostkamp@telekom.de>2023-08-29 10:32:00 +0200
commitd5732759bf7e90076c8fba189ae12a2a46fbb32e (patch)
treedc2a6ee4d4e6fb80a4c482ede5ab54cea5b02f67
parentafe2aaffdd5679e61f27f7b5597b21db6a8db4e0 (diff)
Change role prefix from onap_ to portal_ [bff]
- change the expected role prefix that is used for RBAC from onap_ to portal_ - fix docker-compose file Issue-ID: PORTALNG-32 Change-Id: Ie3d93d5659ce0573c99278afce5e08fc57d442fd Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Diffstat
-rw-r--r--app/src/main/resources/application-access-control.yml36
-rw-r--r--app/src/test/java/org/onap/portalng/bff/BaseIntegrationTest.java4
-rw-r--r--app/src/test/java/org/onap/portalng/bff/users/CreateUserIntegrationTest.java10
-rw-r--r--app/src/test/java/org/onap/portalng/bff/users/GetUserDetailIntegrationTest.java2
-rw-r--r--app/src/test/java/org/onap/portalng/bff/users/ListUsersIntegrationTest.java4
-rw-r--r--app/src/test/resources/application-access-control.yml36
-rw-r--r--development/.env30
-rw-r--r--development/config/onap-realm.json6
-rw-r--r--development/docker-compose.yml14
-rw-r--r--lib/src/main/java/org/onap/portalng/bff/config/clients/PreferencesConfig.java2
10 files changed, 72 insertions, 72 deletions
diff --git a/app/src/main/resources/application-access-control.yml b/app/src/main/resources/application-access-control.yml
index ac83409..4da29f1 100644
--- a/app/src/main/resources/application-access-control.yml
+++ b/app/src/main/resources/application-access-control.yml
@@ -1,21 +1,21 @@
bff.access-control:
- ACTIONS_CREATE: [ onap_admin, onap_designer, onap_operator ]
- ACTIONS_GET: [ onap_admin, onap_designer, onap_operator ]
- ACTIONS_LIST: [ onap_admin, onap_designer, onap_operator ]
- ACTIVE_ALARM_LIST: [onap_admin, onap_designer, onap_operator]
- KEY_ENCRYPT_BY_USER: [onap_admin, onap_designer, onap_operator]
- KEY_ENCRYPT_BY_VALUE: [onap_admin, onap_designer, onap_operator]
- PREFERENCES_CREATE: [onap_admin, onap_designer, onap_operator]
- PREFERENCES_GET: [onap_admin, onap_designer, onap_operator]
- PREFERENCES_UPDATE: [onap_admin, onap_designer, onap_operator]
+ ACTIONS_CREATE: [ portal_admin, portal_designer, portal_operator ]
+ ACTIONS_GET: [ portal_admin, portal_designer, portal_operator ]
+ ACTIONS_LIST: [ portal_admin, portal_designer, portal_operator ]
+ ACTIVE_ALARM_LIST: [portal_admin, portal_designer, portal_operator]
+ KEY_ENCRYPT_BY_USER: [portal_admin, portal_designer, portal_operator]
+ KEY_ENCRYPT_BY_VALUE: [portal_admin, portal_designer, portal_operator]
+ PREFERENCES_CREATE: [portal_admin, portal_designer, portal_operator]
+ PREFERENCES_GET: [portal_admin, portal_designer, portal_operator]
+ PREFERENCES_UPDATE: [portal_admin, portal_designer, portal_operator]
ROLE_LIST: ["*"]
- USER_CREATE: [onap_admin, onap_designer, onap_operator]
- USER_DELETE: [onap_admin, onap_designer, onap_operator]
- USER_GET: [onap_admin, onap_designer, onap_operator]
- USER_LIST_AVAILABLE_ROLES: [onap_admin, onap_designer, onap_operator]
- USER_LIST_ROLES: [onap_admin, onap_designer, onap_operator]
- USER_LIST: [onap_admin, onap_designer, onap_operator]
- USER_UPDATE_PASSWORD: [onap_admin, onap_designer, onap_operator]
- USER_UPDATE_ROLES: [onap_admin, onap_designer, onap_operator]
- USER_UPDATE: [onap_admin, onap_designer, onap_operator]
+ USER_CREATE: [portal_admin, portal_designer, portal_operator]
+ USER_DELETE: [portal_admin, portal_designer, portal_operator]
+ USER_GET: [portal_admin, portal_designer, portal_operator]
+ USER_LIST_AVAILABLE_ROLES: [portal_admin, portal_designer, portal_operator]
+ USER_LIST_ROLES: [portal_admin, portal_designer, portal_operator]
+ USER_LIST: [portal_admin, portal_designer, portal_operator]
+ USER_UPDATE_PASSWORD: [portal_admin, portal_designer, portal_operator]
+ USER_UPDATE_ROLES: [portal_admin, portal_designer, portal_operator]
+ USER_UPDATE: [portal_admin, portal_designer, portal_operator]
diff --git a/app/src/test/java/org/onap/portalng/bff/BaseIntegrationTest.java b/app/src/test/java/org/onap/portalng/bff/BaseIntegrationTest.java
index 8821b76..d90034c 100644
--- a/app/src/test/java/org/onap/portalng/bff/BaseIntegrationTest.java
+++ b/app/src/test/java/org/onap/portalng/bff/BaseIntegrationTest.java
@@ -121,10 +121,10 @@ public abstract class BaseIntegrationTest {
/**
* Object to store common attributes of requests that are going to be made. Adds an Identity
- * header for the <code>onap_admin</code> role to the request.
+ * header for the <code>portal_admin</code> role to the request.
*/
protected RequestSpecification requestSpecification() {
- final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig("onap_admin"));
+ final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig("portal_admin"));
return unauthenticatedRequestSpecification()
.auth()
diff --git a/app/src/test/java/org/onap/portalng/bff/users/CreateUserIntegrationTest.java b/app/src/test/java/org/onap/portalng/bff/users/CreateUserIntegrationTest.java
index 5aab69d..c22f937 100644
--- a/app/src/test/java/org/onap/portalng/bff/users/CreateUserIntegrationTest.java
+++ b/app/src/test/java/org/onap/portalng/bff/users/CreateUserIntegrationTest.java
@@ -67,7 +67,7 @@ class CreateUserIntegrationTest extends BaseIntegrationTest {
.enabled(keycloakRequest.getEnabled());
mockGetUser(userId, keycloakResponse);
- final RoleKeycloakDto onapAdmin = new RoleKeycloakDto().id(randomUUID()).name("onap_admin");
+ final RoleKeycloakDto onapAdmin = new RoleKeycloakDto().id(randomUUID()).name("portal_admin");
mockAddRoles(userId, List.of(onapAdmin));
mockAssignedRoles(userId, List.of(onapAdmin));
mockListRealmRoles(List.of(onapAdmin));
@@ -92,7 +92,7 @@ class CreateUserIntegrationTest extends BaseIntegrationTest {
.firstName(null)
.lastName(null)
.enabled(true)
- .addRolesItem(new RoleApiDto().id(onapAdmin.getId()).name("onap_admin"));
+ .addRolesItem(new RoleApiDto().id(onapAdmin.getId()).name("portal_admin"));
final UserResponseApiDto response =
requestSpecification()
@@ -116,7 +116,7 @@ class CreateUserIntegrationTest extends BaseIntegrationTest {
assertThat(response.getFirstName()).isEqualTo(request.getFirstName());
assertThat(response.getLastName()).isEqualTo(request.getLastName());
assertThat(response.getEnabled()).isEqualTo(request.getEnabled());
- assertThat(response.getRealmRoles()).containsExactly("onap_admin");
+ assertThat(response.getRealmRoles()).containsExactly("portal_admin");
}
@Test
@@ -140,7 +140,7 @@ class CreateUserIntegrationTest extends BaseIntegrationTest {
.enabled(keycloakRequest.getEnabled());
mockGetUser(userId, keycloakResponse);
- final RoleKeycloakDto onapAdmin = new RoleKeycloakDto().id(randomUUID()).name("onap_admin");
+ final RoleKeycloakDto onapAdmin = new RoleKeycloakDto().id(randomUUID()).name("portal_admin");
mockAddRoles(userId, List.of(onapAdmin));
mockListRealmRoles(List.of(onapAdmin));
@@ -157,7 +157,7 @@ class CreateUserIntegrationTest extends BaseIntegrationTest {
.firstName(null)
.lastName(null)
.enabled(true)
- .addRolesItem(new RoleApiDto().id(onapAdmin.getId()).name("onap_admin"));
+ .addRolesItem(new RoleApiDto().id(onapAdmin.getId()).name("portal_admin"));
final ProblemApiDto response =
requestSpecification()
diff --git a/app/src/test/java/org/onap/portalng/bff/users/GetUserDetailIntegrationTest.java b/app/src/test/java/org/onap/portalng/bff/users/GetUserDetailIntegrationTest.java
index e334953..9c620bb 100644
--- a/app/src/test/java/org/onap/portalng/bff/users/GetUserDetailIntegrationTest.java
+++ b/app/src/test/java/org/onap/portalng/bff/users/GetUserDetailIntegrationTest.java
@@ -52,7 +52,7 @@ class GetUserDetailIntegrationTest extends BaseIntegrationTest {
.withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)
.withBody(objectMapper.writeValueAsString(keycloakUser))));
- final RoleKeycloakDto keycloackRole = new RoleKeycloakDto().id(randomUUID()).name("onap_admin");
+ final RoleKeycloakDto keycloackRole = new RoleKeycloakDto().id(randomUUID()).name("portal_admin");
mockAssignedRoles(keycloakUser.getId(), List.of(keycloackRole));
final UserResponseApiDto response =
diff --git a/app/src/test/java/org/onap/portalng/bff/users/ListUsersIntegrationTest.java b/app/src/test/java/org/onap/portalng/bff/users/ListUsersIntegrationTest.java
index 8e675ca..cad6697 100644
--- a/app/src/test/java/org/onap/portalng/bff/users/ListUsersIntegrationTest.java
+++ b/app/src/test/java/org/onap/portalng/bff/users/ListUsersIntegrationTest.java
@@ -41,7 +41,7 @@ import org.springframework.http.MediaType;
class ListUsersIntegrationTest extends BaseIntegrationTest {
private final RoleKeycloakDto ONAP_ADMIN =
- new RoleKeycloakDto().id(randomUUID()).name("onap_admin");
+ new RoleKeycloakDto().id(randomUUID()).name("portal_admin");
private final RoleKeycloakDto OFFLINE_ACCESS =
new RoleKeycloakDto().id(randomUUID()).name("offline_access");
@@ -79,7 +79,7 @@ class ListUsersIntegrationTest extends BaseIntegrationTest {
.firstName("FirstName4t-admin")
.lastName("LastName4t-admin")
.enabled(true)
- .addRealmRolesItem("onap_admin")
+ .addRealmRolesItem("portal_admin")
.addRealmRolesItem("offline_access");
final UserResponseApiDto expectedTDesigner =
new UserResponseApiDto()
diff --git a/app/src/test/resources/application-access-control.yml b/app/src/test/resources/application-access-control.yml
index 0506066..ad470ce 100644
--- a/app/src/test/resources/application-access-control.yml
+++ b/app/src/test/resources/application-access-control.yml
@@ -1,20 +1,20 @@
bff.access-control:
- ACTIONS_CREATE: [ onap_admin, onap_designer, onap_operator ]
- ACTIONS_GET: [ onap_admin, onap_designer, onap_operator ]
- ACTIONS_LIST: [ onap_admin, onap_designer, onap_operator ]
- ACTIVE_ALARM_LIST: [onap_admin, onap_designer, onap_operator]
- KEY_ENCRYPT_BY_USER: [onap_admin, onap_designer, onap_operator]
- KEY_ENCRYPT_BY_VALUE: [onap_admin, onap_designer, onap_operator]
- PREFERENCES_CREATE: [onap_admin, onap_designer, onap_operator]
- PREFERENCES_GET: [onap_admin, onap_designer, onap_operator]
- PREFERENCES_UPDATE: [onap_admin, onap_designer, onap_operator]
+ ACTIONS_CREATE: [ portal_admin, portal_designer, portal_operator ]
+ ACTIONS_GET: [ portal_admin, portal_designer, portal_operator ]
+ ACTIONS_LIST: [ portal_admin, portal_designer, portal_operator ]
+ ACTIVE_ALARM_LIST: [portal_admin, portal_designer, portal_operator]
+ KEY_ENCRYPT_BY_USER: [portal_admin, portal_designer, portal_operator]
+ KEY_ENCRYPT_BY_VALUE: [portal_admin, portal_designer, portal_operator]
+ PREFERENCES_CREATE: [portal_admin, portal_designer, portal_operator]
+ PREFERENCES_GET: [portal_admin, portal_designer, portal_operator]
+ PREFERENCES_UPDATE: [portal_admin, portal_designer, portal_operator]
ROLE_LIST: ["*"]
- USER_CREATE: [onap_admin, onap_designer, onap_operator]
- USER_DELETE: [onap_admin, onap_designer, onap_operator]
- USER_GET: [onap_admin, onap_designer, onap_operator]
- USER_LIST_AVAILABLE_ROLES: [onap_admin, onap_designer, onap_operator]
- USER_LIST_ROLES: [onap_admin, onap_designer, onap_operator]
- USER_LIST: [onap_admin, onap_designer, onap_operator]
- USER_UPDATE_PASSWORD: [onap_admin, onap_designer, onap_operator]
- USER_UPDATE_ROLES: [onap_admin, onap_designer, onap_operator]
- USER_UPDATE: [onap_admin, onap_designer, onap_operator]
+ USER_CREATE: [portal_admin, portal_designer, portal_operator]
+ USER_DELETE: [portal_admin, portal_designer, portal_operator]
+ USER_GET: [portal_admin, portal_designer, portal_operator]
+ USER_LIST_AVAILABLE_ROLES: [portal_admin, portal_designer, portal_operator]
+ USER_LIST_ROLES: [portal_admin, portal_designer, portal_operator]
+ USER_LIST: [portal_admin, portal_designer, portal_operator]
+ USER_UPDATE_PASSWORD: [portal_admin, portal_designer, portal_operator]
+ USER_UPDATE_ROLES: [portal_admin, portal_designer, portal_operator]
+ USER_UPDATE: [portal_admin, portal_designer, portal_operator]
diff --git a/development/.env b/development/.env
index dfc9a4f..2775969 100644
--- a/development/.env
+++ b/development/.env
@@ -1,5 +1,5 @@
# General image repository
-IMAGE_REPOSITORY=tbd
+IMAGE_REPOSITORY=nexus3.onap.org:10001/onap/portal-ng
# Keycloak
KEYCLOAK_IMAGE=quay.io/keycloak/keycloak
@@ -9,8 +9,8 @@ KEYCLOAK_PASSWORD=password
KEYCLOAK_DB=keycloak
KEYCLOAK_DB_USER=keycloak
KEYCLOAK_DB_PASSWORD=password
-KEYCLOAK_URL:http://keycloak-bff:8080
-KEYCLOAK_REALM:ONAP
+KEYCLOAK_URL=http://keycloak-bff:8080
+KEYCLOAK_REALM=ONAP
# Postgres for Keycloak
POSTGRES_IMAGE=postgres
@@ -22,19 +22,19 @@ MONGO_VERSION=latest
# preferences
PREFERENCES_IMAGE_NAME=preferences
-PREFERENCES_IMAGE_TAG=0.1.0-master-faef0c0e
-PORTALPREFS_USERNAME:root
-PORTALPREFS_PASSWORD:password
-PORTALPREFS_DATABASE:Preferences
-PORTALPREFS_HOST:mongo-preferences
-PORTALPREFS_PORT:27017
+PREFERENCES_IMAGE_TAG=latest
+PREFERENCES_USERNAME=root
+PREFERENCES_PASSWORD=password
+PREFERENCES_DATABASE=Preferences
+PREFERENCES_HOST=mongo-preferences
+PREFERENCES_PORT=27017
# history
HISTORY_IMAGE_NAME=history
-HISTORY_IMAGE_TAG=0.1.1-de369ace
-HISTORY_USERNAME:root
-HISTORY_PASSWORD:password
-HISTORY_DATABASE:History
-HISTORY_HOST:mongo-history
-HISTORY_PORT:27017
+HISTORY_IMAGE_TAG=latest
+HISTORY_USERNAME=root
+HISTORY_PASSWORD=password
+HISTORY_DATABASE=History
+HISTORY_HOST=mongo-history
+HISTORY_PORT=27017
diff --git a/development/config/onap-realm.json b/development/config/onap-realm.json
index 8e6ff9c..bc49a76 100644
--- a/development/config/onap-realm.json
+++ b/development/config/onap-realm.json
@@ -167,7 +167,7 @@
} ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
- "realmRoles" : [ "default-roles-onap", "onap_admin" ],
+ "realmRoles" : [ "default-roles-onap", "portal_admin" ],
"notBefore" : 0,
"groups" : [ ]
}, {
@@ -182,7 +182,7 @@
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
- "realmRoles" : [ "default-roles-onap", "onap_designer" ],
+ "realmRoles" : [ "default-roles-onap", "portal_designer" ],
"notBefore" : 0,
"groups" : [ ]
}, {
@@ -197,7 +197,7 @@
"credentials" : [ ],
"disableableCredentialTypes" : [ ],
"requiredActions" : [ ],
- "realmRoles" : [ "default-roles-onap", "onap_operator" ],
+ "realmRoles" : [ "default-roles-onap", "portal_operator" ],
"notBefore" : 0,
"groups" : [ ]
}, {
diff --git a/development/docker-compose.yml b/development/docker-compose.yml
index 465741c..1082419 100644
--- a/development/docker-compose.yml
+++ b/development/docker-compose.yml
@@ -58,20 +58,20 @@ services:
container_name: mongo-preferences
image: "${MONGO_IMAGE}:${MONGO_VERSION}"
environment:
- MONGO_INITDB_ROOT_USERNAME: ${PORTALPREFS_USERNAME}
- MONGO_INITDB_ROOT_PASSWORD: ${PORTALPREFS_PASSWORD}
+ MONGO_INITDB_ROOT_USERNAME: ${PREFERENCES_USERNAME}
+ MONGO_INITDB_ROOT_PASSWORD: ${PREFERENCES_PASSWORD}
preferences:
container_name: preferences
image: "${IMAGE_REPOSITORY}/${PREFERENCES_IMAGE_NAME}:${PREFERENCES_IMAGE_TAG}"
ports:
- 9001:9001
environment:
- PORTALPREFS_USERNAME: ${PORTALPREFS_USERNAME}
- PORTALPREFS_PASSWORD: ${PORTALPREFS_PASSWORD}
- PORTALPREFS_DATABASE: ${PORTALPREFS_DATABASE}
+ PREFERENCES_USERNAME: ${PREFERENCES_USERNAME}
+ PREFERENCES_PASSWORD: ${PREFERENCES_PASSWORD}
+ PREFERENCES_DATABASE: ${PREFERENCES_DATABASE}
KEYCLOAK_URL: ${KEYCLOAK_URL}
KEYCLOAK_REALM: ${KEYCLOAK_REALM}
- PORTALPREFS_HOST: ${PORTALPREFS_HOST}
- PORTALPREFS_PORT: ${PORTALPREFS_PORT}
+ PREFERENCES_HOST: ${PREFERENCES_HOST}
+ PREFERENCES_PORT: ${PREFERENCES_PORT}
depends_on:
- mongo-preferences \ No newline at end of file
diff --git a/lib/src/main/java/org/onap/portalng/bff/config/clients/PreferencesConfig.java b/lib/src/main/java/org/onap/portalng/bff/config/clients/PreferencesConfig.java
index d94eae2..d50835a 100644
--- a/lib/src/main/java/org/onap/portalng/bff/config/clients/PreferencesConfig.java
+++ b/lib/src/main/java/org/onap/portalng/bff/config/clients/PreferencesConfig.java
@@ -60,7 +60,7 @@ public class PreferencesConfig extends AbstractClientConfig<ProblemPreferencesDt
}
@Bean
- public PreferencesApi portalPrefsApi(WebClient.Builder webClientBuilder) {
+ public PreferencesApi preferencesApi(WebClient.Builder webClientBuilder) {
return constructApiClient(webClientBuilder, PreferencesApi::new);
}