CMTF, VTA Branch Admin (#13)

container/keycloak/initdb.d/04_accounts.sh

@@ -16,6 +16,8 @@ KEYCLOAK_ROLE_NAME=group2Leaders
 create_role
 KEYCLOAK_ROLE_NAME=group3Leaders
 create_role
+KEYCLOAK_ROLE_NAME=vtaadm
+create_role
 
 echo "----------------"
 echo "| Create Users |"
@@ -75,4 +77,6 @@ create_user
 KEYCLOAK_ROLE_NAME=${KEYCLOAK_RESOURCE}-user
 assign_role
 KEYCLOAK_ROLE_NAME=group3Leaders
+assign_role
+KEYCLOAK_ROLE_NAME=vtaadm
 assign_role

container/oracle/initdb.d/03_default_data.sql

@@ -287,6 +287,7 @@ insert into SRM_OWNER.CATEGORY (CATEGORY_ID, NAME, PARENT_ID, WEIGHT) values (66
 insert into SRM_OWNER.CATEGORY (CATEGORY_ID, NAME, PARENT_ID, WEIGHT) values (665, 'UITF Laser', 663, 1000);
 insert into SRM_OWNER.CATEGORY (CATEGORY_ID, NAME, PARENT_ID, WEIGHT) values (703, 'UITF Beamline Vacuum', 656, 1000);
 insert into SRM_OWNER.CATEGORY (CATEGORY_ID, NAME, PARENT_ID, WEIGHT) values (743, 'HDR', 242, 1000);
+insert into SRM_OWNER.CATEGORY (CATEGORY_ID, NAME, PARENT_ID, WEIGHT) values (900, 'VTA', 0, 16);
 
 DROP SEQUENCE SRM_OWNER.CATEGORY_ID;
 CREATE SEQUENCE SRM_OWNER.CATEGORY_ID

src/main/java/org/jlab/srm/business/session/AbstractFacade.java

@@ -239,6 +239,12 @@ protected boolean isAdminOrBranchAdmin(String username, Category branchRoot) {
           case "Cryo":
             isBranchAdmin = context.isCallerInRole("cryoadm");
             break;
+          case "CMTF":
+            isBranchAdmin = context.isCallerInRole("cmtfadm");
+            break;
+          case "VTA":
+            isBranchAdmin = context.isCallerInRole("vtaadm");
+            break;
         }
       }
       if (isBranchAdmin) {

src/main/webapp/WEB-INF/tags/page.tag

@@ -45,7 +45,7 @@
                                 href="${pageContext.request.contextPath}/links">Links</a></li>
                         <li${fn:startsWith(currentPath, '/reports') ? ' class="current-primary"' : ''}><a
                                 href="${pageContext.request.contextPath}/reports/overall-status">Reports</a></li>
-                        <c:if test="${pageContext.request.isUserInRole('srm-admin') || pageContext.request.isUserInRole('halead') || pageContext.request.isUserInRole('hblead') || pageContext.request.isUserInRole('hclead') || pageContext.request.isUserInRole('hdlead') || pageContext.request.isUserInRole('lerfadm') || pageContext.request.isUserInRole('cryoadm')}">
+                        <c:if test="${pageContext.request.isUserInRole('srm-admin') || pageContext.request.isUserInRole('halead') || pageContext.request.isUserInRole('hblead') || pageContext.request.isUserInRole('hclead') || pageContext.request.isUserInRole('hdlead') || pageContext.request.isUserInRole('lerfadm') || pageContext.request.isUserInRole('cryoadm') || pageContext.request.isUserInRole('cmtfadm') || pageContext.request.isUserInRole('vtaadm')}">
                             <li${fn:startsWith(currentPath, '/setup') ? ' class="current-primary"' : ''}><a
                                     href="${pageContext.request.contextPath}/setup/category-tree">Setup</a></li>
                             </c:if>

src/main/webapp/WEB-INF/web.xml

@@ -80,6 +80,8 @@
             <role-name>hdlead</role-name>
             <role-name>lerfadm</role-name>
             <role-name>cryoadm</role-name>
+            <role-name>vtaadm</role-name>
+            <role-name>cmtfadm</role-name>
         </auth-constraint>
     </security-constraint>
     <login-config>
@@ -106,6 +108,12 @@
     <security-role>
         <role-name>cryoadm</role-name>
     </security-role>
+    <security-role>
+        <role-name>vtaadm</role-name>
+    </security-role>
+    <security-role>
+        <role-name>cmtfadm</role-name>
+    </security-role>
     <security-role>
         <role-name>cc</role-name>
     </security-role>