Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(docker-jans-config-api): remove licenseSpringCredentials from admin-ui jansConfDyn #4125

Merged
merged 1 commit into from
Mar 11, 2023
Merged

fix(docker-jans-config-api): remove licenseSpringCredentials from admin-ui jansConfDyn #4125

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 14 additions & 9 deletions docker-jans-persistence-loader/scripts/upgrade.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -791,20 +791,20 @@ def update_admin_ui_config(self):
break

try:
current_role_mapping = json.loads(entry.attrs["jansConfDyn"])
conf = json.loads(entry.attrs["jansConfDyn"])
except TypeError:
current_role_mapping = entry.attrs["jansConfDyn"]
conf = entry.attrs["jansConfDyn"]

should_update = False

# check for rolePermissionMapping
#
# - compare role permissions for api-admin
for i, api_role in enumerate(current_role_mapping["rolePermissionMapping"]):
for i, api_role in enumerate(conf["rolePermissionMapping"]):
if api_role["role"] == "api-admin":
# compare permissions between the ones from persistence (current) and newer permissions
if sorted(api_role["permissions"]) != sorted(api_admin_perms):
current_role_mapping["rolePermissionMapping"][i]["permissions"] = api_admin_perms
conf["rolePermissionMapping"][i]["permissions"] = api_admin_perms
should_update = True
break

Expand All @@ -816,24 +816,29 @@ def update_admin_ui_config(self):
# determine current permission with index/position
current_perms = {
permission["permission"]: {"index": i}
for i, permission in enumerate(current_role_mapping["permissions"])
for i, permission in enumerate(conf["permissions"])
}

for perm in role_mapping["permissions"]:
if perm["permission"] not in current_perms:
# add missing permission
current_role_mapping["permissions"].append(perm)
conf["permissions"].append(perm)
should_update = True
else:
# add missing defaultPermissionInToken
index = current_perms[perm["permission"]]["index"]
if "defaultPermissionInToken" in current_role_mapping["permissions"][index]:
if "defaultPermissionInToken" in conf["permissions"][index]:
continue
current_role_mapping["permissions"][index]["defaultPermissionInToken"] = perm["defaultPermissionInToken"]
conf["permissions"][index]["defaultPermissionInToken"] = perm["defaultPermissionInToken"]
should_update = True

# licenseSpringCredentials must be removed in favor of SCAN license credentials
if "licenseSpringCredentials" in conf:
conf.pop("licenseSpringCredentials", None)
should_update = True

if should_update:
entry.attrs["jansConfDyn"] = json.dumps(current_role_mapping)
entry.attrs["jansConfDyn"] = json.dumps(conf)
entry.attrs["jansRevision"] += 1
self.backend.modify_entry(entry.id, entry.attrs, **kwargs)

Expand Down