Reference Data processing
Overview
Capabilities are created from message bus events.
When capability or capability set is created - mod-roles-keycloak
sends application events to the subscriber stream to process the next steps asynchronously:
Populating capabilities and capability sets for loadable roles in reference data
Upgrading keycloak permissions for updated capabilities and capability sets
Loadable Roles event processing
Capability Application Event
Retrieve
permission
fromcapability
Find all
LoadableRoles
with a capability permissionAssign capability to every
LoadableRole
byroleId
usingRoleCapabilityService
Capability Set Application Event
Retrieve
permission
fromcapabilitySet
Find all
LoadableRoles
with a capability set permissionAssign capability set to every
LoadableRole
byroleId
usingRoleCapabilitySetService
Adding new default roles
Define the JSON file with role-permissions relation objects for a Folio module:
{ "roles": [ { "name": "{{roleName}}", "description": "{{role description}}", "permissions": [ {{folio permissions, assigned to a role}} ] } ] }
Place this file into the following folder: https://github.com/folio-org/mod-roles-keycloak/tree/master/src/main/resources/reference-data/roles
Create a pull-request for Eureka team with the new roles
When it’s merged - the new default roles will appear at the next snapshot environment deployed with the latest version of
mod-roles-keycloak