This is an automated email from the ASF dual-hosted git repository.
yasithdev pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata.git
The following commit(s) were added to refs/heads/master by this push:
new 2374727927 refactor(iam): rename provisioning roles to
admin-rw/admin-ro/user (#686)
2374727927 is described below
commit 237472792795c5792ce468b47a6c7953d9c77950
Author: Yasith Jayawardana <[email protected]>
AuthorDate: Sat Jun 13 22:32:30 2026 -0400
refactor(iam): rename provisioning roles to admin-rw/admin-ro/user (#686)
Align the Keycloak provisioning code with the renamed realm roles:
createDefaultRoles now defines admin-rw / admin-ro / user (was admin /
admin-read-only / gateway-user) and createTenantAdminAccount grants the
gateway
admin the admin-rw role. Keeps newly-provisioned gateways consistent with
the
dev realm's role vocabulary.
---
.../airavata/iam/service/TenantManagementKeycloakImpl.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git
a/airavata-api/iam-service/src/main/java/org/apache/airavata/iam/service/TenantManagementKeycloakImpl.java
b/airavata-api/iam-service/src/main/java/org/apache/airavata/iam/service/TenantManagementKeycloakImpl.java
index a8496befaa..fd93946ca8 100644
---
a/airavata-api/iam-service/src/main/java/org/apache/airavata/iam/service/TenantManagementKeycloakImpl.java
+++
b/airavata-api/iam-service/src/main/java/org/apache/airavata/iam/service/TenantManagementKeycloakImpl.java
@@ -131,15 +131,15 @@ public class TenantManagementKeycloakImpl implements
TenantManagementInterface {
public static RealmRepresentation createDefaultRoles(RealmRepresentation
realmDetails) {
List<RoleRepresentation> defaultRoles = new
ArrayList<RoleRepresentation>();
RoleRepresentation adminRole = new RoleRepresentation();
- adminRole.setName("admin");
+ adminRole.setName("admin-rw");
adminRole.setDescription("Admin role for PGA users");
defaultRoles.add(adminRole);
RoleRepresentation adminReadOnlyRole = new RoleRepresentation();
- adminReadOnlyRole.setName("admin-read-only");
+ adminReadOnlyRole.setName("admin-ro");
adminReadOnlyRole.setDescription("Read only role for PGA Admin users");
defaultRoles.add(adminReadOnlyRole);
RoleRepresentation gatewayUserRole = new RoleRepresentation();
- gatewayUserRole.setName("gateway-user");
+ gatewayUserRole.setName("user");
gatewayUserRole.setDescription("default role for PGA users");
defaultRoles.add(gatewayUserRole);
RoleRepresentation pendingUserRole = new RoleRepresentation();
@@ -183,9 +183,9 @@ public class TenantManagementKeycloakImpl implements
TenantManagementInterface {
.users()
.get(retrieveCreatedUserList.get(0).getId());
- // Add user to the "admin" role
+ // Add user to the "admin-rw" role
RoleResource adminRoleResource =
-
client.realm(gatewayDetails.getGatewayId()).roles().get("admin");
+
client.realm(gatewayDetails.getGatewayId()).roles().get("admin-rw");
retrievedUser.roles().realmLevel().add(Arrays.asList(adminRoleResource.toRepresentation()));
CredentialRepresentation credential = new
CredentialRepresentation();
