Skip to end of banner
Go to start of banner

Reference Data processing

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Overview

Capabilities are created from message bus events.

When capability or capability set is created - mod-roles-keycloak sends application events to the subscriber stream to process the next steps asynchronously:

  1. Populating capabilities and capability sets for loadable roles in reference data

  2. Upgrading keycloak permissions for updated capabilities and capability sets

Loadable Roles event processing

Capability Application Event

  1. Retrieve permission from capability

  2. Find all LoadableRoles with a capability permission

  3. Assign capability to every LoadableRole by roleId using RoleCapabilityService

Capability Set Application Event

  1. Retrieve permission from capabilitySet

  2. Find all LoadableRoles with a capability set permission

  3. Assign capability set to every LoadableRole by roleId using RoleCapabilitySetService

Adding new default roles

  1. Define the JSON file with role-permissions relation objects for a Folio module:

    {
  "roles": [
    {
      "name": "{{roleName}}",
      "description": "{{role description}}",
      "permissions": [
        {{folio permissions, assigned to a role}}
      ]
    }
  ]
}

  2. Place this file into the following folder: https://github.com/folio-org/mod-roles-keycloak/tree/master/src/main/resources/reference-data/roles

  3. Create a pull-request for Eureka team with the new roles

  4. When it’s merged - the new default roles will appear at the next snapshot environment deployed with the latest version of mod-roles-keycloak

  • No labels