diff --git a/dbrepo-analyse-service/Pipfile.lock b/dbrepo-analyse-service/Pipfile.lock
index c889c651dfd5828dc8f42a3843abf9dbc79634c7..ae160f77733183750c665ce9c9053d76b34a18e0 100644
--- a/dbrepo-analyse-service/Pipfile.lock
+++ b/dbrepo-analyse-service/Pipfile.lock
@@ -175,20 +175,20 @@
},
"boto3": {
"hashes": [
- "sha256:83e560faaec38a956dfb3d62e05e1703ee50432b45b788c09e25107c5058bd71",
- "sha256:e0abd794a7a591d90558e92e29a9f8837d25ece8e3c120e530526fe27eba5fca"
+ "sha256:159898f51c2997a12541c0e02d6e5a8fe2993ddb307b9478fd9a339f98b57e00",
+ "sha256:d0ca7a58ce25701a52232cc8df9d87854824f1f2964b929305722ebc7959d5a9"
],
"index": "pypi",
"markers": "python_version >= '3.8'",
- "version": "==1.35.99"
+ "version": "==1.36.0"
},
"botocore": {
"hashes": [
- "sha256:1eab44e969c39c5f3d9a3104a0836c24715579a455f12b3979a31d7cde51b3c3",
- "sha256:b22d27b6b617fc2d7342090d6129000af2efd20174215948c0d7ae2da0fab445"
+ "sha256:0232029ff9ae3f5b50cdb25cbd257c16f87402b6d31a05bd6483638ee6434c4b",
+ "sha256:b54b11f0cfc47fc1243ada0f7f461266c279968487616720fa8ebb02183917d7"
],
"markers": "python_version >= '3.8'",
- "version": "==1.35.99"
+ "version": "==1.36.0"
},
"certifi": {
"hashes": [
@@ -268,7 +268,7 @@
"sha256:f7f5baafcc48261359e14bcd6d9bff6d4b28d9103847c9e136694cb0501aef87",
"sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b"
],
- "markers": "python_version >= '3.8'",
+ "markers": "platform_python_implementation != 'PyPy'",
"version": "==1.17.1"
},
"charset-normalizer": {
@@ -412,7 +412,7 @@
},
"dbrepo": {
"hashes": [
- "sha256:28a29c2681b4391dcb93c118165874ca69fd004ff1ecb96e6a0ed402e8c5c697"
+ "sha256:0d11a0e0ec942d5b0ddfadd9e9007ce6dab9c5b9cc433e0f53b4fafcfc597bef"
],
"path": "./lib/dbrepo-1.6.1.tar.gz"
},
@@ -1553,11 +1553,11 @@
},
"s3transfer": {
"hashes": [
- "sha256:244a76a24355363a68164241438de1b72f8781664920260c48465896b712a41e",
- "sha256:29edc09801743c21eb5ecbc617a152df41d3c287f67b615f73e5f750583666a7"
+ "sha256:6563eda054c33bdebef7cbf309488634651c47270d828e594d151cd289fb7cf7",
+ "sha256:f43b03931c198743569bbfb6a328a53f4b2b4ec723cd7c01fab68e3119db3f8b"
],
"markers": "python_version >= '3.8'",
- "version": "==0.10.4"
+ "version": "==0.11.0"
},
"setuptools": {
"hashes": [
@@ -1877,7 +1877,7 @@
"sha256:f7f5baafcc48261359e14bcd6d9bff6d4b28d9103847c9e136694cb0501aef87",
"sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b"
],
- "markers": "python_version >= '3.8'",
+ "markers": "platform_python_implementation != 'PyPy'",
"version": "==1.17.1"
},
"charset-normalizer": {
diff --git a/dbrepo-analyse-service/lib/dbrepo-1.6.1.tar.gz b/dbrepo-analyse-service/lib/dbrepo-1.6.1.tar.gz
index 31bddc845dae9869a11c7b87110262bea8e98e12..5ce8fdab038ca28aa52e5c8544ce3bcfee7ca3fa 100644
Binary files a/dbrepo-analyse-service/lib/dbrepo-1.6.1.tar.gz and b/dbrepo-analyse-service/lib/dbrepo-1.6.1.tar.gz differ
diff --git a/dbrepo-auth-service/init/app.py b/dbrepo-auth-service/init/app.py
index 75f291da10243eaff0b69dfb51757002e804e183..948ed9fe2c16124367d0bb206177128310d45e5e 100644
--- a/dbrepo-auth-service/init/app.py
+++ b/dbrepo-auth-service/init/app.py
@@ -1,4 +1,6 @@
+import logging
import os
+import sys
import mariadb
from keycloak import KeycloakAdmin
@@ -10,9 +12,23 @@ admin = KeycloakAdmin(server_url=os.getenv('AUTH_SERVICE_ENDPOINT', 'http://loca
password=os.getenv('AUTH_SERVICE_ADMIN_PASSWORD', 'admin'),
verify=True)
keycloak_user_id = admin.get_user_id(username=system_username)
-print(f'Successfully fetched keycloak user id: {keycloak_user_id}')
-ldap_user_id = admin.get_user(user_id=keycloak_user_id).get('attributes')['LDAP_ID'][0]
-print(f'Successfully fetched ldap user id: {ldap_user_id}')
+logging.info(f'Successfully fetched keycloak user id: {keycloak_user_id}')
+ldap_user = admin.get_user(user_id=keycloak_user_id)
+if ldap_user is None:
+ logging.error(f'Failed to obtain user')
+ sys.exit(1)
+ldap_user_attrs = ldap_user.get('attributes')
+if ldap_user_attrs is None:
+ logging.error(f'Failed to obtain user attributes')
+ sys.exit(1)
+if 'LDAP_ID' not in ldap_user_attrs:
+ logging.error(f'Failed to obtain ldap id: LDAP_ID not in attributes {ldap_user_attrs}')
+ sys.exit(1)
+if len(ldap_user_attrs['LDAP_ID']) != 1:
+ logging.error(f'Failed to obtain ldap id: wrong length {len(ldap_user_attrs["LDAP_ID"])} != 1')
+ sys.exit(1)
+ldap_user_id = ldap_user_attrs['LDAP_ID'][0]
+logging.info(f'Successfully fetched ldap user id: {ldap_user_id}')
try:
conn = mariadb.connect(user=os.getenv('METADATA_USERNAME', 'root'),
@@ -27,8 +43,8 @@ try:
conn.commit()
conn.close()
except mariadb.Error as e:
- print(f"Error connecting to MariaDB Platform: {e}")
+ logging.info(f"Error connecting to MariaDB Platform: {e}")
exit(1)
-print(f'Successfully inserted user')
+logging.info(f'Successfully inserted user')
exit(0)
diff --git a/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java b/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java
index 68c0b13d6c59f1441efbe847e4ebbcd83e7ce26d..f30251a5ff09e895a7324a9857134c789f6b3c03 100644
--- a/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java
+++ b/dbrepo-data-service/rest-service/src/main/java/at/tuwien/endpoints/SubsetEndpoint.java
@@ -72,7 +72,7 @@ public class SubsetEndpoint extends AbstractEndpoint {
@GetMapping
@Observed(name = "dbrepo_subset_list")
@Operation(summary = "Find subsets",
- description = "Finds subsets in the query store. When the database schema is marked as hidden, the user needs to be authorized, have at least read-access to the database and have the role `list-queries`. The result can be optionally filtered by setting `persisted`. When set to *true*, only persisted queries are returned, otherwise only non-persisted queries are returned.",
+ description = "Finds subsets in the query store. When the database schema is marked as hidden, the user needs to be authorized, have at least read-access to the database. The result can be optionally filtered by setting `persisted`. When set to *true*, only persisted queries are returned, otherwise only non-persisted queries are returned.",
security = {@SecurityRequirement(name = "basicAuth"), @SecurityRequirement(name = "bearerAuth")})
@ApiResponses(value = {
@ApiResponse(responseCode = "200",
@@ -104,7 +104,6 @@ public class SubsetEndpoint extends AbstractEndpoint {
log.debug("endpoint find subsets in database, databaseId={}, filterPersisted={}", databaseId, filterPersisted);
final PrivilegedDatabaseDto database = credentialService.getDatabase(databaseId);
endpointValidator.validateOnlyPrivateSchemaAccess(database, principal);
- endpointValidator.validateOnlyPrivateSchemaHasRole(database, principal, "list-queries");
final List<QueryDto> queries;
try {
queries = subsetService.findAll(database, filterPersisted);
@@ -119,7 +118,7 @@ public class SubsetEndpoint extends AbstractEndpoint {
@GetMapping("/{subsetId}")
@Observed(name = "dbrepo_subset_find")
@Operation(summary = "Find subset",
- description = "Finds a subset in the data database. When the database schema is marked as hidden, the user needs to be authorized, have at least read-access to the database and have the role `find-query`. Requests with HTTP header `Accept=application/json` return the metadata, requests with HTTP header `Accept=text/csv` return the data as downloadable file.",
+ description = "Finds a subset in the data database. When the database schema is marked as hidden, the user needs to be authorized, have at least read-access to the database. Requests with HTTP header `Accept=application/json` return the metadata, requests with HTTP header `Accept=text/csv` return the data as downloadable file.",
security = {@SecurityRequirement(name = "basicAuth"), @SecurityRequirement(name = "bearerAuth")})
@ApiResponses(value = {
@ApiResponse(responseCode = "200",
@@ -167,7 +166,6 @@ public class SubsetEndpoint extends AbstractEndpoint {
subsetId, accept, timestamp);
final PrivilegedDatabaseDto database = credentialService.getDatabase(databaseId);
endpointValidator.validateOnlyPrivateSchemaAccess(database, principal);
- endpointValidator.validateOnlyPrivateSchemaHasRole(database, principal, "find-query");
final QueryDto subset;
try {
subset = subsetService.findById(database, subsetId);
diff --git a/dbrepo-data-service/rest-service/src/test/java/at/tuwien/endpoint/SubsetEndpointUnitTest.java b/dbrepo-data-service/rest-service/src/test/java/at/tuwien/endpoint/SubsetEndpointUnitTest.java
index 83d660ef5e2107cc615b5f4435d5350da4fd6cc2..22099eafae1353d6061fc881812078ff212382f4 100644
--- a/dbrepo-data-service/rest-service/src/test/java/at/tuwien/endpoint/SubsetEndpointUnitTest.java
+++ b/dbrepo-data-service/rest-service/src/test/java/at/tuwien/endpoint/SubsetEndpointUnitTest.java
@@ -107,7 +107,7 @@ public class SubsetEndpointUnitTest extends AbstractUnitTest {
}
@Test
- @WithMockUser(username = USER_3_USERNAME, authorities = {"list-queries"})
+ @WithMockUser(username = USER_3_USERNAME)
public void list_publicDataPrivateSchema_succeeds() throws DatabaseUnavailableException, NotAllowedException,
QueryNotFoundException, DatabaseNotFoundException, RemoteUnavailableException, SQLException,
MetadataServiceException {
@@ -147,7 +147,7 @@ public class SubsetEndpointUnitTest extends AbstractUnitTest {
}
@Test
- @WithMockUser(username = USER_3_USERNAME, authorities = {"list-queries"})
+ @WithMockUser(username = USER_3_USERNAME)
public void list_publicDataAndPrivateSchemaUnavailable_fails() throws SQLException, QueryNotFoundException,
DatabaseNotFoundException, RemoteUnavailableException, MetadataServiceException {
@@ -197,7 +197,7 @@ public class SubsetEndpointUnitTest extends AbstractUnitTest {
}
@Test
- @WithMockUser(username = USER_3_USERNAME, authorities = {"find-query"})
+ @WithMockUser(username = USER_3_USERNAME)
public void findById_publicDataPrivateSchema_succeeds() throws DatabaseNotFoundException, SQLException,
RemoteUnavailableException, UserNotFoundException, DatabaseUnavailableException, NotAllowedException,
StorageUnavailableException, QueryMalformedException, QueryNotFoundException,
@@ -332,7 +332,7 @@ public class SubsetEndpointUnitTest extends AbstractUnitTest {
}
@Test
- @WithMockUser(username = USER_3_USERNAME, authorities = {"find-query"})
+ @WithMockUser(username = USER_3_USERNAME)
public void findById_publicDataAndPrivateSchemaUnavailable_fails() throws DatabaseNotFoundException, RemoteUnavailableException,
MetadataServiceException, SQLException, UserNotFoundException, QueryNotFoundException {
diff --git a/dbrepo-metadata-service/test/src/main/java/at/tuwien/test/BaseTest.java b/dbrepo-metadata-service/test/src/main/java/at/tuwien/test/BaseTest.java
index b2cbfda2a7a38133317d2fd110161fcbd54ad9ae..368b1d182c3b4d4289426673804bab23ccd8c0e1 100644
--- a/dbrepo-metadata-service/test/src/main/java/at/tuwien/test/BaseTest.java
+++ b/dbrepo-metadata-service/test/src/main/java/at/tuwien/test/BaseTest.java
@@ -190,8 +190,8 @@ public abstract class BaseTest {
"modify-identifier-metadata", "update-foreign-identifier", "create-foreign-identifier"};
public final static String[] DEFAULT_QUERY_HANDLING = new String[]{"default-query-handling", "view-table-data",
- "execute-query", "view-table-history", "list-database-views", "list-queries", "view-database-view-data",
- "export-query-data", "find-query", "create-database-view", "delete-database-view", "delete-table-data",
+ "execute-query", "view-table-history", "list-database-views", "view-database-view-data",
+ "export-query-data", "create-database-view", "delete-database-view", "delete-table-data",
"export-table-data", "persist-query", "re-execute-query", "insert-table-data", "find-database-view"};
public final static String[] ESCALATED_QUERY_HANDLING = new String[]{"escalated-query-handling"};
diff --git a/dbrepo-search-service/Pipfile.lock b/dbrepo-search-service/Pipfile.lock
index 61aa4d87a10403d16a1cebd9cb4922ebe0b29dc3..e700161ce55394f4a9edf485b4f10c7c00c49572 100644
--- a/dbrepo-search-service/Pipfile.lock
+++ b/dbrepo-search-service/Pipfile.lock
@@ -216,7 +216,7 @@
"sha256:f7f5baafcc48261359e14bcd6d9bff6d4b28d9103847c9e136694cb0501aef87",
"sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b"
],
- "markers": "python_version >= '3.8'",
+ "markers": "platform_python_implementation != 'PyPy'",
"version": "==1.17.1"
},
"charset-normalizer": {
@@ -360,7 +360,7 @@
},
"dbrepo": {
"hashes": [
- "sha256:28a29c2681b4391dcb93c118165874ca69fd004ff1ecb96e6a0ed402e8c5c697"
+ "sha256:0d11a0e0ec942d5b0ddfadd9e9007ce6dab9c5b9cc433e0f53b4fafcfc597bef"
],
"path": "./lib/dbrepo-1.6.1.tar.gz"
},
@@ -602,7 +602,7 @@
"sha256:f406b22b7c9a9b4f8aa9d2ab13d6ae0ac3e85c9a809bd590ad53fed2bf70dc79",
"sha256:f6ff3b14f2df4c41660a7dec01045a045653998784bf8cfcb5a525bdffffbc8f"
],
- "markers": "python_version >= '3.7'",
+ "markers": "python_version < '3.14' and (platform_machine == 'aarch64' or (platform_machine == 'ppc64le' or (platform_machine == 'x86_64' or (platform_machine == 'amd64' or (platform_machine == 'AMD64' or (platform_machine == 'win32' or platform_machine == 'WIN32'))))))",
"version": "==3.1.1"
},
"gunicorn": {
@@ -901,7 +901,7 @@
"sha256:f9b57eaa3b0cd8db52049ed0330747b0364e899e8a606a624813452b8203d5f7",
"sha256:fce4f615f8ca31b2e61aa0eb5865a21e14f5629515c9151850aa936c02a1ee51"
],
- "markers": "python_version >= '3.10'",
+ "markers": "python_version == '3.11'",
"version": "==2.2.1"
},
"opensearch-py": {
@@ -1585,7 +1585,7 @@
"sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df",
"sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"
],
- "markers": "python_version >= '3.9'",
+ "markers": "python_version >= '3.10'",
"version": "==2.3.0"
},
"werkzeug": {
@@ -2009,7 +2009,7 @@
"sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df",
"sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"
],
- "markers": "python_version >= '3.9'",
+ "markers": "python_version >= '3.10'",
"version": "==2.3.0"
}
}
diff --git a/dbrepo-search-service/init/Pipfile.lock b/dbrepo-search-service/init/Pipfile.lock
index fbd0e261feaa1d20c0d8335a37b03b46fe4b1ff3..a8257b53df3cc300043d7aeb6412481708b9b1ff 100644
--- a/dbrepo-search-service/init/Pipfile.lock
+++ b/dbrepo-search-service/init/Pipfile.lock
@@ -254,7 +254,7 @@
},
"dbrepo": {
"hashes": [
- "sha256:28a29c2681b4391dcb93c118165874ca69fd004ff1ecb96e6a0ed402e8c5c697"
+ "sha256:0d11a0e0ec942d5b0ddfadd9e9007ce6dab9c5b9cc433e0f53b4fafcfc597bef"
],
"path": "./lib/dbrepo-1.6.1.tar.gz"
},
@@ -634,7 +634,7 @@
"sha256:f9b57eaa3b0cd8db52049ed0330747b0364e899e8a606a624813452b8203d5f7",
"sha256:fce4f615f8ca31b2e61aa0eb5865a21e14f5629515c9151850aa936c02a1ee51"
],
- "markers": "python_version >= '3.10'",
+ "markers": "python_version == '3.11'",
"version": "==2.2.1"
},
"opensearch-py": {
@@ -1038,7 +1038,7 @@
"sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df",
"sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d"
],
- "markers": "python_version >= '3.9'",
+ "markers": "python_version >= '3.10'",
"version": "==2.3.0"
},
"werkzeug": {
diff --git a/dbrepo-search-service/init/lib/dbrepo-1.6.1.tar.gz b/dbrepo-search-service/init/lib/dbrepo-1.6.1.tar.gz
index 31bddc845dae9869a11c7b87110262bea8e98e12..5ce8fdab038ca28aa52e5c8544ce3bcfee7ca3fa 100644
Binary files a/dbrepo-search-service/init/lib/dbrepo-1.6.1.tar.gz and b/dbrepo-search-service/init/lib/dbrepo-1.6.1.tar.gz differ
diff --git a/dbrepo-search-service/lib/dbrepo-1.6.1.tar.gz b/dbrepo-search-service/lib/dbrepo-1.6.1.tar.gz
index 31bddc845dae9869a11c7b87110262bea8e98e12..5ce8fdab038ca28aa52e5c8544ce3bcfee7ca3fa 100644
Binary files a/dbrepo-search-service/lib/dbrepo-1.6.1.tar.gz and b/dbrepo-search-service/lib/dbrepo-1.6.1.tar.gz differ
diff --git a/dbrepo-ui/layouts/default.vue b/dbrepo-ui/layouts/default.vue
index 2311be0e05324cfe47896afcbf31137f2cfdc5ea..ad00d8117309a83844d42d2c52faa44c34a55a0b 100644
--- a/dbrepo-ui/layouts/default.vue
+++ b/dbrepo-ui/layouts/default.vue
@@ -269,13 +269,13 @@ export default {
if (!this.user) {
return null
}
- if (this.table && !this.table.is_public && !this.table.is_schema_public && !this.table.owner.id !== this.user.id) {
+ if (this.table && !this.table.is_public && !this.table.is_schema_public && this.table.owner.id !== this.user.id) {
return makeError(403, null, null)
}
- if (this.view && !this.view.is_public && !this.view.is_schema_public && !this.view.owner.id !== this.user.id) {
+ if (this.view && !this.view.is_public && !this.view.is_schema_public && this.view.owner.id !== this.user.id) {
return makeError(403, null, null)
}
- if (this.subset && !this.subset.is_public && !this.subset.is_schema_public && !this.subset.owner.id !== this.user.id) {
+ if (this.subset && !this.subset.is_public && !this.subset.is_schema_public && this.subset.owner.id !== this.user.id) {
return makeError(403, null, null)
}
return null
diff --git a/dbrepo-ui/nuxt.config.ts b/dbrepo-ui/nuxt.config.ts
index 4bce6ec5c5b3dc7f025734d9bf15d8e914123f79..b8e55da8023daf790048ab9bfd5f48a0b82d2ba3 100644
--- a/dbrepo-ui/nuxt.config.ts
+++ b/dbrepo-ui/nuxt.config.ts
@@ -75,8 +75,8 @@ export default defineNuxtConfig({
}
},
api: {
- client: 'http://localhost',
- server: 'http://gateway-service',
+ client: 'https://s155.datalab.tuwien.ac.at',
+ server: 'https://s155.datalab.tuwien.ac.at',
},
upload: {
client: 'http://localhost/api/upload/files',
diff --git a/dbrepo-ui/utils/index.ts b/dbrepo-ui/utils/index.ts
index 694a9258e98df3ffc203fa96d77fc72c90628a7c..5876f4ec2d456d5d4d96d52ecb054e8e51d9ed9b 100644
--- a/dbrepo-ui/utils/index.ts
+++ b/dbrepo-ui/utils/index.ts
@@ -28,7 +28,9 @@ export function notFile(files: [File[]]) {
export function makeError(status: number, code: string | null, message: string | null ): AxiosError {
const config: InternalAxiosRequestConfig = {}
const response: AxiosResponse = {
- data: {},
+ data: {
+ status: getStatusText(status).toUpperCase()
+ },
status,
statusText: getStatusText(status).toUpperCase(),
config,
diff --git a/helm/dbrepo/templates/auth-configmap.yaml b/helm/dbrepo/templates/auth-configmap.yaml
index 83530ee108bd0c444dbf04d071454f6c3d04aab1..9a237767cce39c2b3ad2cdb9c307f858ae158224 100644
--- a/helm/dbrepo/templates/auth-configmap.yaml
+++ b/helm/dbrepo/templates/auth-configmap.yaml
@@ -83,7 +83,7 @@ data:
"description" : "${default-system-roles}",
"composite" : true,
"composites" : {
- "realm" : [ "delete-database-view", "update-semantic-unit", "export-query-data", "check-foreign-database-access", "default-data-steward-roles", "execute-query", "default-user-handling", "delete-table-data", "find-query", "list-database-views", "persist-query", "update-search-index", "delete-database-access", "view-table-history", "create-ontology", "update-ontology", "modify-user-theme", "default-system-roles", "create-semantic-concept", "default-container-handling", "create-container", "create-table", "default-broker-handling", "default-maintenance-handling", "execute-semantic-query", "uma_authorization", "table-semantic-analyse", "list-containers", "check-database-access", "escalated-query-handling", "delete-identifier", "modify-database-owner", "list-tables", "export-table-data", "create-database-access", "delete-container", "re-execute-query", "create-semantic-unit", "escalated-identifier-handling", "system", "update-table-statistic", "escalated-semantics-handling", "default-database-handling", "delete-ontology", "find-database", "find-database-view", "update-semantic-concept", "find-user", "import-database-data", "publish-identifier", "default-roles-dbrepo", "find-foreign-user", "create-database", "create-maintenance-message", "find-maintenance-message", "escalated-container-handling", "default-researcher-roles", "default-identifier-handling", "escalated-user-handling", "modify-user-information", "create-database-view", "update-maintenance-message", "delete-foreign-table", "offline_access", "modify-foreign-table-column-semantics", "delete-maintenance-message", "find-container", "insert-table-data", "modify-identifier-metadata", "modify-database-image", "escalated-broker-handling", "modify-table-column-semantics", "escalated-database-handling", "default-semantics-handling", "update-database-access", "default-query-handling", "find-table", "list-queries", "default-developer-roles", "create-identifier", "escalated-table-handling", "find-identifier", "view-table-data", "list-licenses", "default-table-handling", "list-identifiers", "create-foreign-identifier", "list-databases", "list-ontologies", "modify-database-visibility", "list-maintenance-messages", "delete-table" ]
+ "realm" : [ "delete-database-view", "update-semantic-unit", "export-query-data", "check-foreign-database-access", "default-data-steward-roles", "execute-query", "default-user-handling", "delete-table-data", "find-query", "list-database-views", "persist-query", "update-search-index", "delete-database-access", "view-table-history", "create-ontology", "update-ontology", "modify-user-theme", "default-system-roles", "create-semantic-concept", "default-container-handling", "create-container", "create-table", "default-broker-handling", "default-maintenance-handling", "execute-semantic-query", "uma_authorization", "table-semantic-analyse", "list-containers", "check-database-access", "escalated-query-handling", "delete-identifier", "modify-database-owner", "list-tables", "export-table-data", "create-database-access", "delete-container", "re-execute-query", "create-semantic-unit", "escalated-identifier-handling", "system", "update-table-statistic", "escalated-semantics-handling", "default-database-handling", "delete-ontology", "find-database", "find-database-view", "update-semantic-concept", "find-user", "import-database-data", "publish-identifier", "default-roles-dbrepo", "find-foreign-user", "create-database", "create-maintenance-message", "find-maintenance-message", "escalated-container-handling", "default-researcher-roles", "default-identifier-handling", "escalated-user-handling", "modify-user-information", "create-database-view", "update-maintenance-message", "delete-foreign-table", "offline_access", "modify-foreign-table-column-semantics", "delete-maintenance-message", "find-container", "insert-table-data", "modify-identifier-metadata", "modify-database-image", "escalated-broker-handling", "modify-table-column-semantics", "escalated-database-handling", "default-semantics-handling", "update-database-access", "default-query-handling", "find-table", "list-queries", "default-developer-roles", "create-identifier", "escalated-table-handling", "find-identifier", "view-database-view-data", "view-table-data", "list-licenses", "default-table-handling", "list-identifiers", "create-foreign-identifier", "list-databases", "list-ontologies", "modify-database-visibility", "list-maintenance-messages", "delete-table" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -156,11 +156,19 @@ data:
"description" : "${default-table-handling}",
"composite" : true,
"composites" : {
- "realm" : [ "modify-table-column-semantics", "list-tables", "update-table-statistic", "find-table", "create-table", "delete-table", "update-table" ]
+ "realm" : [ "modify-table-column-semantics", "list-tables", "update-table-statistic", "find-table", "create-table", "delete-table" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
+ }, {
+ "id" : "b0d66d3d-59b4-4aae-aa66-e3d5a49f28e3",
+ "name" : "view-database-view-data",
+ "description" : "${view-database-view-data}",
+ "composite" : false,
+ "clientRole" : false,
+ "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
+ "attributes" : { }
}, {
"id" : "f5ea431a-9b2c-4195-bcb4-9511f38e4b44",
"name" : "create-database-view",
@@ -221,7 +229,7 @@ data:
"description" : "${default-researcher-roles}",
"composite" : true,
"composites" : {
- "realm" : [ "default-table-handling", "default-semantics-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-broker-handling", "default-identifier-handling", "default-view-handling" ]
+ "realm" : [ "default-table-handling", "default-semantics-handling", "default-container-handling", "default-query-handling", "default-user-handling", "default-database-handling", "default-broker-handling", "default-identifier-handling" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -266,14 +274,6 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
- }, {
- "id" : "22449528-00c9-4e86-9400-4b8ae6fd8f4d",
- "name" : "modify-view-visibility",
- "description" : "${modify-view-visibility}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
}, {
"id" : "c12c1f4e-186f-4153-a795-26e79fb623d6",
"name" : "create-ontology",
@@ -306,17 +306,6 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
- }, {
- "id" : "d75e7938-9d5e-4cb3-8c57-18a446867d3a",
- "name" : "default-view-handling",
- "description" : "${default-view-handling}",
- "composite" : true,
- "composites" : {
- "realm" : [ "delete-database-view", "update-database-view", "create-database-view", "modify-view-visibility", "find-database-view", "list-database-views" ]
- },
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
}, {
"id" : "535f1484-4514-4d24-8d97-e3f6c11a426b",
"name" : "create-container",
@@ -411,21 +400,13 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
- }, {
- "id" : "6ae766b0-b8b4-4067-a95d-c8576bc4ac77",
- "name" : "update-table",
- "description" : "${update-table}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
}, {
"id" : "64c16bfb-2015-48ad-a23f-637ff24419cb",
"name" : "default-query-handling",
"description" : "${default-query-handling}",
"composite" : true,
"composites" : {
- "realm" : [ "delete-database-view", "export-query-data", "execute-query", "delete-table-data", "export-table-data", "list-queries", "find-query", "list-database-views", "persist-query", "view-table-data", "re-execute-query", "view-table-history", "create-database-view", "find-database-view", "insert-table-data" ]
+ "realm" : [ "delete-database-view", "export-query-data", "execute-query", "delete-table-data", "export-table-data", "list-queries", "find-query", "list-database-views", "persist-query", "view-database-view-data", "view-table-data", "re-execute-query", "view-table-history", "create-database-view", "find-database-view", "insert-table-data" ]
},
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
@@ -446,14 +427,6 @@ data:
"clientRole" : false,
"containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
"attributes" : { }
- }, {
- "id" : "df20b7d1-8d30-4a99-80eb-e8195fab0e76",
- "name" : "update-database-view",
- "description" : "${update-database-view}",
- "composite" : false,
- "clientRole" : false,
- "containerId" : "82c39861-d877-4667-a0f3-4daa2ee230e0",
- "attributes" : { }
}, {
"id" : "88f82262-be80-4d18-9fb4-5529da031f33",
"name" : "system",
@@ -1248,13 +1221,12 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "false",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
"fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "d3c4a04e-39ce-4549-a34a-11e25774cd96",
@@ -1279,7 +1251,6 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "false",
"post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
@@ -1294,7 +1265,7 @@ data:
"consentRequired" : false,
"config" : { }
} ],
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "81ef0f59-a5ca-4be4-a1d1-0c32edf1cfd6",
@@ -1317,14 +1288,12 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
+ "fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
}, {
"id" : "88694c91-753d-4c44-9740-ec9ac06bba45",
@@ -1347,7 +1316,6 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "true",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
@@ -1381,7 +1349,6 @@ data:
"frontchannelLogout" : true,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "false",
"oidc.ciba.grant.enabled" : "false",
"client.secret.creation.time" : "1680085365",
"backchannel.logout.session.required" : "true",
@@ -1412,11 +1379,11 @@ data:
"protocolMapper" : "oidc-hardcoded-claim-mapper",
"consentRequired" : false,
"config" : {
+ "claim.value" : "dbrepo",
+ "userinfo.token.claim" : "true",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "aud",
- "claim.value" : "dbrepo",
- "userinfo.token.claim" : "true",
"access.tokenResponse.claim" : "false"
}
}, {
@@ -1435,7 +1402,7 @@ data:
"claim.name" : "uid"
}
} ],
- "defaultClientScopes" : [ "roles", "attributes", "basic" ],
+ "defaultClientScopes" : [ "roles", "attributes" ],
"optionalClientScopes" : [ "rabbitmq.read:*/*", "web-origins", "acr", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
}, {
"id" : "25741f6b-4867-4138-8238-6345c6ba8702",
@@ -1463,7 +1430,6 @@ data:
"frontchannelLogout" : true,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "false",
"oidc.ciba.grant.enabled" : "false",
"client.secret.creation.time" : "1680000860",
"backchannel.logout.session.required" : "true",
@@ -1481,12 +1447,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "false",
"user.attribute" : "username",
"id.token.claim" : "false",
"access.token.claim" : "true",
"claim.name" : "client_id",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "false"
+ "jsonType.label" : "String"
}
}, {
"id" : "f1afc22d-f595-403b-ba2e-6ab19d98205e",
@@ -1495,15 +1461,15 @@ data:
"protocolMapper" : "oidc-hardcoded-claim-mapper",
"consentRequired" : false,
"config" : {
+ "claim.value" : "rabbitmq",
+ "userinfo.token.claim" : "false",
"id.token.claim" : "false",
"access.token.claim" : "true",
"claim.name" : "aud",
- "claim.value" : "rabbitmq",
- "userinfo.token.claim" : "false",
"access.tokenResponse.claim" : "false"
}
} ],
- "defaultClientScopes" : [ "web-origins", "acr", "rabbitmq.tag:management", "basic" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "rabbitmq.tag:management" ],
"optionalClientScopes" : [ "rabbitmq.read:*/*", "rabbitmq.write:*/*", "address", "phone", "offline_access", "profile", "roles", "microprofile-jwt", "email", "rabbitmq.configure:*/*" ]
}, {
"id" : "cfffd5d0-aa19-4057-8ca0-f2c51ca0e930",
@@ -1526,7 +1492,6 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "true",
"post.logout.redirect.uris" : "+"
},
"authenticationFlowBindingOverrides" : { },
@@ -1557,13 +1522,11 @@ data:
"frontchannelLogout" : false,
"protocol" : "openid-connect",
"attributes" : {
- "realm_client" : "false",
- "client.use.lightweight.access.token.enabled" : "true",
"post.logout.redirect.uris" : "+",
"pkce.code.challenge.method" : "S256"
},
"authenticationFlowBindingOverrides" : { },
- "fullScopeAllowed" : true,
+ "fullScopeAllowed" : false,
"nodeReRegistrationTimeout" : 0,
"protocolMappers" : [ {
"id" : "c4d54410-3f22-4259-9571-94da2c43b752",
@@ -1572,15 +1535,15 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ],
- "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "basic", "email" ],
+ "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
"optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
} ],
"clientScopes" : [ {
@@ -1601,8 +1564,8 @@ data:
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${emailScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${emailScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "782819fe-ba5d-4ddb-9f95-cabb69d79c8d",
@@ -1611,12 +1574,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "emailVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email_verified",
- "jsonType.label" : "boolean",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "boolean"
}
}, {
"id" : "ca613fc8-bbf2-4240-8b33-a1874f1559f3",
@@ -1625,12 +1588,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "email",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "email",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ]
}, {
@@ -1640,8 +1603,8 @@ data:
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${profileScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${profileScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "84f0487a-1d7d-470c-9b8e-5835294ae235",
@@ -1650,12 +1613,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "preferred_username",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "bbdcdb36-3ec0-443d-b1af-9993d40f0567",
@@ -1664,12 +1627,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "gender",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "gender",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "9faa870b-5491-4ce9-b27d-c9ce07d6a95e",
@@ -1678,12 +1641,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "birthdate",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "birthdate",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "f0e3c012-9523-4076-83ae-e466e2d08220",
@@ -1703,12 +1666,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "profile",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "profile",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "18cfbf4b-0a8e-45c7-a832-c0f72c92f3f3",
@@ -1717,12 +1680,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "updatedAt",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "updated_at",
- "jsonType.label" : "long",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "long"
}
}, {
"id" : "841ea785-26ab-429a-a420-09ce3948924d",
@@ -1731,12 +1694,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "lastName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "family_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "bfba13ff-f952-4e89-bbb1-a693fdebfae8",
@@ -1745,12 +1708,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "website",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "website",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "475f071d-5149-4379-b928-76482f5f519c",
@@ -1759,12 +1722,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "zoneinfo",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "zoneinfo",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "b8bebfed-b5e9-4604-a0ee-9817f7d439ac",
@@ -1773,12 +1736,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "middleName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "middle_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "445232c8-6830-476c-a6f1-8bbef167595a",
@@ -1787,12 +1750,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "picture",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "picture",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "65f2e474-6ede-4872-86e4-e49504dd0f2a",
@@ -1801,12 +1764,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "locale",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "locale",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "16cd5a27-ccf3-453c-ae1e-8621813ab73c",
@@ -1815,12 +1778,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "firstName",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "given_name",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "f9efedfc-3388-457c-b10a-1dff4525ff9b",
@@ -1829,12 +1792,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "nickname",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "nickname",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ]
}, {
@@ -1868,12 +1831,12 @@ data:
"protocolMapper" : "oidc-usermodel-property-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "username",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "upn",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
} ]
}, {
@@ -1915,8 +1878,8 @@ data:
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${phoneScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${phoneScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "dae802fb-9138-408a-b80e-a40eb0f56814",
@@ -1925,12 +1888,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "phoneNumber",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number",
- "jsonType.label" : "String",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "String"
}
}, {
"id" : "feb06a8d-b0eb-4911-8464-368d93f566fa",
@@ -1939,12 +1902,12 @@ data:
"protocolMapper" : "oidc-usermodel-attribute-mapper",
"consentRequired" : false,
"config" : {
+ "userinfo.token.claim" : "true",
"user.attribute" : "phoneNumberVerified",
"id.token.claim" : "true",
"access.token.claim" : "true",
"claim.name" : "phone_number_verified",
- "jsonType.label" : "boolean",
- "userinfo.token.claim" : "true"
+ "jsonType.label" : "boolean"
}
} ]
}, {
@@ -1954,8 +1917,8 @@ data:
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
- "consent.screen.text" : "",
- "display.on.consent.screen" : "false"
+ "display.on.consent.screen" : "false",
+ "consent.screen.text" : ""
},
"protocolMappers" : [ {
"id" : "c6411e3b-6478-453d-b530-5fe175a4d786",
@@ -2051,8 +2014,8 @@ data:
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "true",
- "consent.screen.text" : "${addressScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${addressScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "8d4ffe4d-1d01-4ca1-8ff4-44eacca61b30",
@@ -2083,41 +2046,6 @@ data:
"gui.order" : "",
"consent.screen.text" : ""
}
- }, {
- "id" : "ba11267a-478b-4b32-872f-4eb2d125d116",
- "name" : "basic",
- "description" : "OpenID Connect scope for add all basic claims to the token",
- "protocol" : "openid-connect",
- "attributes" : {
- "include.in.token.scope" : "false",
- "display.on.consent.screen" : "false"
- },
- "protocolMappers" : [ {
- "id" : "1445e14f-49b0-4666-8ddc-691493c24ad9",
- "name" : "sub",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-sub-mapper",
- "consentRequired" : false,
- "config" : {
- "introspection.token.claim" : "true",
- "access.token.claim" : "true"
- }
- }, {
- "id" : "846f1ef0-2b86-4e07-9d25-691d25af5fce",
- "name" : "auth_time",
- "protocol" : "openid-connect",
- "protocolMapper" : "oidc-usersessionmodel-note-mapper",
- "consentRequired" : false,
- "config" : {
- "user.session.note" : "AUTH_TIME",
- "introspection.token.claim" : "true",
- "userinfo.token.claim" : "true",
- "id.token.claim" : "true",
- "access.token.claim" : "true",
- "claim.name" : "auth_time",
- "jsonType.label" : "long"
- }
- } ]
}, {
"id" : "37f61543-dad7-4a82-8e10-77acdd1eefdc",
"name" : "roles",
@@ -2125,8 +2053,8 @@ data:
"protocol" : "openid-connect",
"attributes" : {
"include.in.token.scope" : "false",
- "consent.screen.text" : "${rolesScopeConsentText}",
- "display.on.consent.screen" : "true"
+ "display.on.consent.screen" : "true",
+ "consent.screen.text" : "${rolesScopeConsentText}"
},
"protocolMappers" : [ {
"id" : "3b6b6914-8ad1-4a71-88ec-444f754aaacb",
@@ -2163,7 +2091,7 @@ data:
}
} ]
} ],
- "defaultDefaultClientScopes" : [ "rabbitmq.tag:administrator", "rabbitmq.tag:management", "basic" ],
+ "defaultDefaultClientScopes" : [ "rabbitmq.tag:administrator", "rabbitmq.tag:management" ],
"defaultOptionalClientScopes" : [ "rabbitmq.write:*/*", "offline_access", "rabbitmq.configure:*/*", "roles", "role_list", "address", "phone", "acr", "microprofile-jwt", "email", "attributes", "profile", "rabbitmq.read:*/*", "web-origins" ],
"browserSecurityHeaders" : {
"contentSecurityPolicyReportOnly" : "",
@@ -2225,7 +2153,7 @@ data:
"subType" : "anonymous",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "oidc-full-name-mapper", "saml-role-list-mapper", "saml-user-property-mapper", "oidc-address-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "saml-user-attribute-mapper", "oidc-usermodel-attribute-mapper" ]
+ "allowed-protocol-mapper-types" : [ "saml-user-attribute-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-address-mapper", "saml-user-property-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-role-list-mapper" ]
}
}, {
"id" : "1849e52a-b8c9-44a8-af3d-ee19376a1ed1",
@@ -2251,15 +2179,7 @@ data:
"subType" : "authenticated",
"subComponents" : { },
"config" : {
- "allowed-protocol-mapper-types" : [ "saml-user-property-mapper", "oidc-full-name-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-usermodel-property-mapper", "oidc-address-mapper", "saml-role-list-mapper", "oidc-usermodel-attribute-mapper", "saml-user-attribute-mapper" ]
- }
- } ],
- "org.keycloak.userprofile.UserProfileProvider" : [ {
- "id" : "a407a1d6-a7f6-4a72-ba3a-149de03d5a43",
- "providerId" : "declarative-user-profile",
- "subComponents" : { },
- "config" : {
- "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
+ "allowed-protocol-mapper-types" : [ "saml-role-list-mapper", "oidc-sha256-pairwise-sub-mapper", "oidc-full-name-mapper", "oidc-usermodel-property-mapper", "oidc-usermodel-attribute-mapper", "saml-user-property-mapper", "saml-user-attribute-mapper", "oidc-address-mapper" ]
}
} ],
"org.keycloak.storage.UserStorageProvider" : [ {
@@ -2321,19 +2241,19 @@ data:
"providerId" : "group-ldap-mapper",
"subComponents" : { },
"config" : {
- "mode" : [ "LDAP_ONLY" ],
"membership.attribute.type" : [ "DN" ],
- "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
"group.name.ldap.attribute" : [ "cn" ],
"preserve.group.inheritance" : [ "false" ],
+ "membership.user.ldap.attribute" : [ "uid" ],
+ "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
+ "mode" : [ "LDAP_ONLY" ],
+ "user.roles.retrieve.strategy" : [ "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE" ],
"ignore.missing.groups" : [ "false" ],
"membership.ldap.attribute" : [ "member" ],
- "membership.user.ldap.attribute" : [ "uid" ],
"memberof.ldap.attribute" : [ "memberOf" ],
- "groups.dn" : [ "ou=users,dc=dbrepo,dc=at" ],
"group.object.classes" : [ "groupOfNames" ],
- "drop.non.existing.groups.during.sync" : [ "false" ],
- "groups.path" : [ "/" ]
+ "groups.path" : [ "/" ],
+ "drop.non.existing.groups.during.sync" : [ "false" ]
}
}, {
"id" : "b6ff3285-35af-4e86-8bb4-d94b8e0d70bb",
@@ -2343,8 +2263,8 @@ data:
"config" : {
"ldap.attribute" : [ "modifyTimestamp" ],
"is.mandatory.in.ldap" : [ "false" ],
- "always.read.value.from.ldap" : [ "true" ],
"read.only" : [ "true" ],
+ "always.read.value.from.ldap" : [ "true" ],
"user.model.attribute" : [ "modifyTimestamp" ]
}
}, {
@@ -2357,15 +2277,15 @@ data:
"is.mandatory.in.ldap" : [ "true" ],
"attribute.force.default" : [ "false" ],
"is.binary.attribute" : [ "false" ],
- "always.read.value.from.ldap" : [ "false" ],
"read.only" : [ "false" ],
+ "always.read.value.from.ldap" : [ "false" ],
"user.model.attribute" : [ "username" ]
}
} ]
},
"config" : {
- "pagination" : [ "false" ],
"fullSyncPeriod" : [ "-1" ],
+ "pagination" : [ "false" ],
"startTls" : [ "false" ],
"usersDn" : [ "ou=users,{{ .Values.identityservice.global.ldapDomain }}" ],
"connectionPooling" : [ "true" ],
@@ -2393,6 +2313,14 @@ data:
"validatePasswordPolicy" : [ "false" ]
}
} ],
+ "org.keycloak.userprofile.UserProfileProvider" : [ {
+ "id" : "a407a1d6-a7f6-4a72-ba3a-149de03d5a43",
+ "providerId" : "declarative-user-profile",
+ "subComponents" : { },
+ "config" : {
+ "kc.user.profile.config" : [ "{\"attributes\":[{\"name\":\"username\",\"displayName\":\"${username}\",\"validations\":{\"length\":{\"min\":3,\"max\":255},\"username-prohibited-characters\":{},\"up-username-not-idn-homograph\":{}},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"email\",\"displayName\":\"${email}\",\"validations\":{\"email\":{},\"length\":{\"max\":255}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"firstName\",\"displayName\":\"${firstName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false},{\"name\":\"lastName\",\"displayName\":\"${lastName}\",\"validations\":{\"length\":{\"max\":255},\"person-name-prohibited-characters\":{}},\"required\":{\"roles\":[\"user\"]},\"permissions\":{\"view\":[\"admin\",\"user\"],\"edit\":[\"admin\",\"user\"]},\"multivalued\":false}],\"groups\":[{\"name\":\"user-metadata\",\"displayHeader\":\"User metadata\",\"displayDescription\":\"Attributes, which refer to user metadata\"}],\"unmanagedAttributePolicy\":\"ENABLED\"}" ]
+ }
+ } ],
"org.keycloak.keys.KeyProvider" : [ {
"id" : "2f53ccf3-37b0-4d34-83e7-ed497499ee51",
"name" : "rsa-enc-generated",
@@ -3007,7 +2935,7 @@ data:
"clientSessionMaxLifespan" : "0",
"shortVerificationUri" : ""
},
- "keycloakVersion" : "26.0.0",
+ "keycloakVersion" : "24.0.5",
"userManagedAccessAllowed" : false,
"clientProfiles" : {
"profiles" : [ ]
@@ -3016,4 +2944,4 @@ data:
"policies" : [ ]
}
}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index 6628068f0a8133632975b9a88b968f83a98d0c8a..4d9376c06ea315e13a615477b4b618cbe1e5afad 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -112,7 +112,7 @@ authservice:
init:
image:
## @skip authservice.init.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.6.1rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.6.1rc4
## @param authservice.init.resourcesPreset The container resource preset
resourcesPreset: "nano"
## @param authservice.init.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
@@ -383,7 +383,7 @@ analyseservice:
enabled: true
image:
## @skip analyseservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/analyse-service:1.6.1rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/analyse-service:1.6.1rc4
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param analyseservice.podSecurityContext.enabled Enable pods' Security Context
@@ -444,7 +444,7 @@ metadataservice:
enabled: true
image:
## @skip metadataservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.6.1rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/metadata-service:1.6.1rc4
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param metadataservice.podSecurityContext.enabled Enable pods' Security Context
@@ -541,7 +541,7 @@ dataservice:
endpoint: http://data-service
image:
## @skip dataservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/data-service:1.6.1rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/data-service:1.6.1rc4
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param dataservice.podSecurityContext.enabled Enable pods' Security Context
@@ -627,7 +627,7 @@ searchservice:
endpoint: http://search-service
image:
## @skip searchservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/search-service:1.6.1rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/search-service:1.6.1rc4
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param searchservice.podSecurityContext.enabled Enable pods' Security Context
@@ -674,7 +674,7 @@ searchservice:
init:
image:
## @skip searchservice.init.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/search-service-init:1.6.1rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/search-service-init:1.6.1rc4
## @param searchservice.init.resourcesPreset The container resource preset
resourcesPreset: "nano"
## @param searchservice.init.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
@@ -735,7 +735,7 @@ storageservice:
init:
image:
## @skip storageservice.init.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/storage-service-init:1.6.1rc0rc0
+ name: registry.datalab.tuwien.ac.at/dbrepo/storage-service-init:1.6.1rc4
s3:
## @param storageservice.init.s3.endpoint The S3-capable endpoint the microservice connects to.
endpoint: http://storage-service-s3:8333
@@ -844,7 +844,7 @@ ui:
enabled: true
image:
## @skip ui.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/ui:1.6.1rc0rc1
+ name: registry.datalab.tuwien.ac.at/dbrepo/ui:1.6.1rc4
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param ui.podSecurityContext.enabled Enable pods' Security Context
@@ -962,6 +962,9 @@ dashboardservice:
## @skip dashboardservice.ldap.secretName
secretName: dashboard-service-secret
grafana:
+ updateStrategy:
+ ## @skip dashboardservice.grafana.updateStrategy.type
+ type: Recreate
## @skip dashboardservice.grafana.extraEnvVarsSecret
extraEnvVarsSecret: dashboard-service-secret
## @skip dashboardservice.grafana.extraConfigmaps
diff --git a/lib/python/dbrepo/api/dto.py b/lib/python/dbrepo/api/dto.py
index d485942f024d8696176c44706566f5f276bf9a14..dc7f0e191210b70978ec7b26834293705d3012e9 100644
--- a/lib/python/dbrepo/api/dto.py
+++ b/lib/python/dbrepo/api/dto.py
@@ -916,7 +916,6 @@ class ViewColumn(BaseModel):
database_id: int
internal_name: str
type: ColumnType
- is_public: bool
is_null_allowed: bool
alias: Optional[str] = None
size: Optional[int] = None