airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From machris...@apache.org
Subject airavata-php-gateway git commit: AIRAVATA-2417 Only show Airavata roles in PGA
Date Mon, 26 Jun 2017 14:30:23 GMT
Repository: airavata-php-gateway
Updated Branches:
  refs/heads/develop 9cd033bde -> dfc40266b


AIRAVATA-2417 Only show Airavata roles in PGA


Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/dfc40266
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/dfc40266
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/dfc40266

Branch: refs/heads/develop
Commit: dfc40266b9633c5165a0a144a7cc019004b8130d
Parents: 9cd033b
Author: Marcus Christie <machrist@iu.edu>
Authored: Mon Jun 26 10:29:41 2017 -0400
Committer: Marcus Christie <machrist@iu.edu>
Committed: Mon Jun 26 10:29:41 2017 -0400

----------------------------------------------------------------------
 app/controllers/AdminController.php | 40 ++++++++++++++++++--------------
 app/libraries/CommonUtilities.php   | 14 +++++++++++
 app/libraries/Keycloak/Keycloak.php |  7 ++++--
 3 files changed, 41 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/dfc40266/app/controllers/AdminController.php
----------------------------------------------------------------------
diff --git a/app/controllers/AdminController.php b/app/controllers/AdminController.php
index c75e0d4..3084b8b 100644
--- a/app/controllers/AdminController.php
+++ b/app/controllers/AdminController.php
@@ -78,9 +78,10 @@ class AdminController extends BaseController {
 		else
 			$users =  Keycloak::listUsers();
 
-	    $roles = Keycloak::getAllRoles();
-        Session::put("admin-nav", "manage-users");
-	    return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
+		$roles = Keycloak::getAllRoles();
+		sort($roles);
+		Session::put("admin-nav", "manage-users");
+		return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
 	}
 
 	public function getUserCountInRole(){
@@ -88,22 +89,22 @@ class AdminController extends BaseController {
 			return count( $users);
 	}
 
-    public function searchUsersView(){
-        if(Input::has("search_val"))
-        {
-            $users =  Keycloak::searchUsers(Input::get("search_val"));
-        }
-        else
-            $users = Keycloak::listUsers();
+	public function searchUsersView(){
+		if(Input::has("search_val"))
+		{
+			$users =  Keycloak::searchUsers(Input::get("search_val"));
+		}
+		else
+			$users = Keycloak::listUsers();
 
 		if(!isset($users) || empty($users)){
 			$users = array();
 		}
-        $roles = Keycloak::getAllRoles();
-        Session::put("admin-nav", "manage-users");
-        return View::make("admin/manage-users", array("users" => $users, "roles" =>
$roles));
-
-    }
+		$roles = Keycloak::getAllRoles();
+		sort($roles);
+		Session::put("admin-nav", "manage-users");
+		return View::make("admin/manage-users", array("users" => $users, "roles" => $roles));
+	}
 
 	private function cmp($a, $b)
 	{
@@ -191,8 +192,9 @@ class AdminController extends BaseController {
 
 	public function rolesView(){
 		$roles = Keycloak::getAllRoles();
-        Session::put("admin-nav", "manage-roles");
-        return View::make("admin/manage-roles", array("roles" => $roles));
+		sort($roles);
+		Session::put("admin-nav", "manage-roles");
+		return View::make("admin/manage-roles", array("roles" => $roles));
 	}
 
 	public function experimentsView(){
@@ -289,7 +291,9 @@ class AdminController extends BaseController {
     }
 
 	public function getRoles(){
-		return json_encode((array)Keycloak::getUserRoles(Input::get("username")));
+		$roles = Keycloak::getUserRoles(Input::get("username"));
+		sort($roles);
+		return json_encode((array)$roles);
 	}
 
 	public function deleteRole(){

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/dfc40266/app/libraries/CommonUtilities.php
----------------------------------------------------------------------
diff --git a/app/libraries/CommonUtilities.php b/app/libraries/CommonUtilities.php
index c90765c..8fb65ca 100644
--- a/app/libraries/CommonUtilities.php
+++ b/app/libraries/CommonUtilities.php
@@ -445,6 +445,20 @@ class CommonUtilities
         return Config::get('pga_config.wsis.initial-role-name', 'user-pending');
     }
 
+    /**
+     * Filter given list of role names to only include Airavata roles.
+     */
+    public static function filterAiravataRoles($roles) {
+        return array_filter($roles, function($role) {
+            return $role == Config::get('pga_config.wsis.admin-role-name')
+                || $role == Config::get('pga_config.wsis.read-only-admin-role-name')
+                || $role == Config::get('pga_config.wsis.user-role-name')
+                || $role == Config::get('pga_config.wsis.initial-role-name')
+                || $role == 'user-pending'
+                || $role == 'gateway-provider';
+        });
+    }
+
     public static function hasAuthPasswordOption() {
         return CommonUtilities::getAuthPasswordOption() != null;
     }

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/dfc40266/app/libraries/Keycloak/Keycloak.php
----------------------------------------------------------------------
diff --git a/app/libraries/Keycloak/Keycloak.php b/app/libraries/Keycloak/Keycloak.php
index 32b7020..969e5f1 100644
--- a/app/libraries/Keycloak/Keycloak.php
+++ b/app/libraries/Keycloak/Keycloak.php
@@ -7,6 +7,8 @@ use Keycloak\API\Roles;
 use Keycloak\API\Users;
 use Keycloak\KeycloakUtil;
 
+use CommonUtilities;
+
 use Exception;
 use Log;
 use Illuminate\Routing\UrlGenerator;
@@ -185,6 +187,7 @@ class Keycloak {
         foreach ($role_mappings as $role_mapping) {
             $roles[] = $role_mapping->name;
         }
+        $roles = CommonUtilities::filterAiravataRoles($roles);
         return array('username'=>$username, 'firstname'=>$firstname, 'lastname'=>$lastname,
'email'=>$email, 'roles'=>$roles);
     }
 
@@ -282,7 +285,7 @@ class Keycloak {
             foreach ($roles as $role) {
                 $role_names[] = $role->name;
             }
-            return $role_names;
+            return CommonUtilities::filterAiravataRoles($role_names);
         } catch (Exception $ex) {
             throw new Exception("Unable to get all roles", 0, $ex);
         }
@@ -304,7 +307,7 @@ class Keycloak {
             foreach ($roles as $role) {
                 $role_names[] = $role->name;
             }
-            return $role_names;
+            return CommonUtilities::filterAiravataRoles($role_names);
         } catch (Exception $ex) {
             throw new Exception("Unable to get User roles.", 0, $ex);
         }


Mime
View raw message