Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
anis
anis-server
Commits
c47ecc89
Commit
c47ecc89
authored
Nov 16, 2020
by
François Agneray
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed install (create-db.sh & init-keycloak.sh)
parent
cf3785ce
Pipeline
#3434
passed with stages
in 2 minutes
Changes
8
Pipelines
1
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
128 additions
and
146 deletions
+128
-146
Makefile
Makefile
+1
-0
conf-dev/Dockerfile
conf-dev/Dockerfile
+1
-1
conf-dev/create-db.sh
conf-dev/create-db.sh
+108
-109
conf-dev/init-keycloak.sh
conf-dev/init-keycloak.sh
+15
-0
conf-dev/public_key
conf-dev/public_key
+1
-7
src/Action/GroupAction.php
src/Action/GroupAction.php
+0
-12
src/Action/GroupListAction.php
src/Action/GroupListAction.php
+0
-16
src/Middleware/AuthorizationMiddleware.php
src/Middleware/AuthorizationMiddleware.php
+2
-1
No files found.
Makefile
View file @
c47ecc89
...
...
@@ -58,6 +58,7 @@ phpcs:
-w
/project jakzal/phpqa phpcs
--standard
=
PSR12
--extensions
=
php
--colors
src tests
create-db
:
@
docker-compose
exec
php sh ./conf-dev/init-keycloak.sh
@
docker-compose
exec
php sh ./conf-dev/create-db.sh
remove-pgdata
:
...
...
conf-dev/Dockerfile
View file @
c47ecc89
...
...
@@ -2,7 +2,7 @@ FROM php:7.3-apache
# Install modules
RUN
apt-get update
\
&& apt-get install -y zlib1g zlib1g-dev libpq-dev libpq5 libzip-dev zip unzip \
&& apt-get install -y zlib1g zlib1g-dev libpq-dev libpq5 libzip-dev zip unzip
jq
\
&& docker-php-ext-install pgsql pdo_pgsql zip bcmath
# Install pecl modules
...
...
conf-dev/create-db.sh
View file @
c47ecc89
This diff is collapsed.
Click to expand it.
conf-dev/init-keycloak.sh
0 → 100644
View file @
c47ecc89
#!/bin/sh
set
-e
# Get Keycloak Admin token
admin_token
=
$(
curl
--location
--request
POST
'http://keycloak:8180/auth/realms/master/protocol/openid-connect/token'
--header
'Content-Type: application/x-www-form-urlencoded'
--data-urlencode
'username=admin'
--data-urlencode
'password=admin'
--data-urlencode
'grant_type=password'
--data-urlencode
'client_id=admin-cli'
| jq
-r
'.access_token'
)
# Create cesamsi user
curl
--location
--request
POST
'http://keycloak:8180/auth/admin/realms/anis/users'
--header
'Content-Type: application/json'
--header
"Authorization: Bearer
$admin_token
"
--data-raw
'{"firstName":"cesam-si","lastName":"cesam-si", "email":"cesamsi@lam.fr", "enabled":"true", "emailVerified":"true", "credentials":[{"type":"password","value":"admin","temporary":false}]}'
# Get anis_admin role and id_user
anis_admin_role
=
$(
curl
--location
--request
GET
'http://keycloak:8180/auth/admin/realms/anis/roles/anis_admin'
--header
'Content-Type: application/json'
--header
"Authorization: Bearer
$admin_token
"
)
id_user
=
$(
curl
--location
--request
GET
'http://keycloak:8180/auth/admin/realms/anis/users'
--header
'Content-Type: application/json'
--header
"Authorization: Bearer
$admin_token
"
| jq
-r
'.[0]'
| jq
-r
'.id'
)
# Add anis_admin role to cesamsi user
curl
--location
--request
POST
"http://keycloak:8180/auth/admin/realms/anis/users/
${
id_user
}
/role-mappings/realm"
--header
'Content-Type: application/json'
--header
"Authorization: Bearer
$admin_token
"
--data-raw
"[
${
anis_admin_role
}
]"
conf-dev/public_key
View file @
c47ecc89
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4woW+Tg4L3iGG9osCLi
1TD6vX/fAqX3iMfe9hi+M269FcGCl/1+Ls4gwLs/TqqFpWmg3T3bLuShHkabeGi5
CKr8hrHJMPA0NjPHuH1RUL/QyQpPgKQkmKxyUH9i3hdQtB2REcVZBmB5+JRIcUeh
cTLkpOWrRz9cquv8R7N8xD6OpdLWSFItYnOrKlR4II6EQaY0PBDyNQElXIiqTMLt
aTbXVn1suzT0NUwDTIvcxKpqTCEyM3meuIFsc+ISjff12WY5rLWoadVZHLwkfe/9
7zF3UYPb3ddZkQ/W3jQXYYMVgMHOfskXjstqH9XPkez4ovJUHukPYKsvvWWqiDCo
rwIDAQAB
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmfw644EhXO2QURqqnLucM0qS8iE7l1fgAF44HaE+8NKeM+VaWUmPM5j0hCN9ujcsP9XOynU7t4c06T70f7csrzLVd36EUw35Z5vdLL5gEloW4eOvZYCRhybJSB3ED8qFSn0SvO01GdhUkyzFhqkfjCg0HInnTn+2PPj0x2TNsjPYWJfl9Hf9HZHc0GEZrqjV688Vjo4QlSDzdc0kDg+E7esAQE8125eca1HI6pJXF/eDL+Lg32m7+P9NxO6h3Qppqov+iSSXLF9HO6RnunFRNQgtof0wye4RU4HP9+irPR85vvLMom4THILBD95B8FyHZ8VMBr7KjfKoo7Kt4VBYQIDAQAB
-----END PUBLIC KEY-----
src/Action/GroupAction.php
View file @
c47ecc89
...
...
@@ -89,22 +89,10 @@ final class GroupAction extends AbstractAction
private
function
editGroup
(
Group
$group
,
array
$parsedBody
):
void
{
$group
->
setLabel
(
$parsedBody
[
'label'
]);
$group
->
setUsers
(
$this
->
getUsers
(
$parsedBody
[
'users'
]));
$group
->
setDatasets
(
$this
->
getDatasets
(
$parsedBody
[
'datasets'
]));
$this
->
em
->
flush
();
}
private
function
getUsers
(
array
$listOfUsersIds
)
{
if
(
count
(
$listOfUsersIds
)
<
1
)
{
return
array
();
}
$dql
=
'SELECT u FROM App\Entity\User u WHERE u.id IN ('
.
implode
(
','
,
$listOfUsersIds
)
.
')'
;
$query
=
$this
->
em
->
createQuery
(
$dql
);
return
$query
->
getResult
();
}
private
function
getDatasets
(
array
$listOfDatasetsNames
)
{
if
(
count
(
$listOfDatasetsNames
)
<
1
)
{
...
...
src/Action/GroupListAction.php
View file @
c47ecc89
...
...
@@ -71,7 +71,6 @@ final class GroupListAction extends AbstractAction
private
function
postGroup
(
array
$parsedBody
):
Group
{
$group
=
new
Group
(
$this
->
getUsers
(
$parsedBody
[
'users'
]),
$this
->
getDatasets
(
$parsedBody
[
'datasets'
])
);
$group
->
setLabel
(
$parsedBody
[
'label'
]);
...
...
@@ -82,21 +81,6 @@ final class GroupListAction extends AbstractAction
return
$group
;
}
private
function
getUsers
(
array
$listOfUsersEmails
)
{
if
(
count
(
$listOfUsersEmails
)
<
1
)
{
return
array
();
}
$in
=
implode
(
','
,
array_map
(
function
(
$u
)
{
return
"'"
.
$u
.
"'"
;
},
$listOfUsersEmails
));
$dql
=
'SELECT u FROM App\Entity\User u WHERE u.email IN ('
.
$in
.
')'
;
$query
=
$this
->
em
->
createQuery
(
$dql
);
return
$query
->
getResult
();
}
private
function
getDatasets
(
array
$listOfDatasetsNames
)
{
if
(
count
(
$listOfDatasetsNames
)
<
1
)
{
...
...
src/Middleware/AuthorizationMiddleware.php
View file @
c47ecc89
...
...
@@ -74,7 +74,8 @@ final class AuthorizationMiddleware implements MiddlewareInterface
// Validating token (verifying expiration date and issuer)
$data
=
new
ValidationData
();
$data
->
setIssuer
(
$this
->
settings
[
'issuer'
]);
// TODO: Ajouter une config pour vérifier ou non le issuer
// $data->setIssuer($this->settings['issuer']);
if
(
!
$token
->
validate
(
$data
))
{
return
(
new
NyholmResponse
())
->
withStatus
(
401
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment