fixing AIRAVATA-2269 : The gateway admin cannot get access to the gateway even with 'admin' role
There is a bug in WSO2 IS which doest not return the admin role for the default admin user. Hence as a workaround we manually add it here. Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/e84cc14f Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/e84cc14f Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/e84cc14f Branch: refs/heads/dreg-gateway Commit: e84cc14fa4dc2ecc050accbba62bea60b1dac72d Parents: d9cbd6c Author: scnakandala <supun.nakand...@gmail.com> Authored: Fri Jan 27 11:32:01 2017 -0500 Committer: scnakandala <supun.nakand...@gmail.com> Committed: Fri Jan 27 11:32:01 2017 -0500 ---------------------------------------------------------------------- app/controllers/AccountController.php | 7 +++++++ 1 file changed, 7 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/e84cc14f/app/controllers/AccountController.php ---------------------------------------------------------------------- diff --git a/app/controllers/AccountController.php b/app/controllers/AccountController.php index da3a6e7..4b83536 100644 --- a/app/controllers/AccountController.php +++ b/app/controllers/AccountController.php @@ -180,8 +180,15 @@ class AccountController extends BaseController $userProfile = WSIS::getUserProfileFromOAuthToken($accessToken); $username = $userProfile['username']; + $userRoles = $userProfile['roles']; + //FIXME There is a bug in WSO2 IS which doest not return the admin role for the default admin user. + //FIXME Hence as a workaround we manually add it here. + if ($username == Config::get('pga_config.wsis')['admin-username'] ){ + $userRoles[] = Config::get('pga_config.wsis')['admin-role-name']; + } + $authzToken = new Airavata\Model\Security\AuthzToken(); $authzToken->accessToken = $accessToken; $authzToken->claimsMap = array('userName'=>$username, 'gatewayID'=> Config::get('pga_config.airavata')['gateway-id']);