Skip to content

Update tests requiring the auth api #201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 3, 2023
Merged

Update tests requiring the auth api #201

merged 3 commits into from
Aug 3, 2023

Conversation

@FedericoNegri
Copy link
Contributor

@FedericoNegri FedericoNegri commented Aug 2, 2023
edited
Loading

Pull Request Template

Description

Some of our tests were failing due to the latest changes in the Keycloak configuration. They relied on repadmin having the manage-users role, which is not the case anymore.

Now, tests that need to create temporary users directly use the KeycloakAdmin client with our default keycloak admin user.

Checklist

Please complete the following checklist before submitting your pull request:

  • I have tested these changes locally and verified that they work as intended.
  • I have updated any documentation as needed to reflect these changes (if appropriate)
  • I have verified that these changes to the best of my knowledge do not introduce any security vulnerabilities.
  • Unit tests have been added (if appropriate)
  • Test-cases have been added (if appropriate)
  • Testing instructions have been added (if appropriate)

@github-actions github-actions bot added the documentation Improvements or additions to documentation label Aug 2, 2023
@FedericoNegri FedericoNegri added the maintenance Package and maintenance related label Aug 2, 2023
@FedericoNegri FedericoNegri marked this pull request as ready for review August 2, 2023 13:28
@FedericoNegri FedericoNegri requested a review from Buzz1167 August 2, 2023 13:28
@FedericoNegri FedericoNegri changed the title Update auth api Update tests requiring the auth api Aug 2, 2023
Buzz1167
Buzz1167 approved these changes Aug 2, 2023
View reviewed changes
Copy link
Collaborator

@Buzz1167 Buzz1167 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this is fine, Michael had said previously that he was using the keycloak account to create users for Kubernetes already which is why he was ok with my dropping permissions on repadmin. I think in general we need more separation of roles, so I like it to allow this special user the only one to make changes to keycloak config and let repadmin just be the admin of the REP projects/UI.

When we have to deploy at a customer site, its quite likely that the customer wants to do some AD integration and their IT wants to control that, but that their IT knows nothing about REP and they want a power user to manage everything else.

@FedericoNegri FedericoNegri merged commit 716f815 into main Aug 3, 2023
@FedericoNegri FedericoNegri deleted the fnegri/update_auth_api branch August 21, 2023 20:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Buzz1167 Buzz1167 Buzz1167 approved these changes

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation maintenance Package and maintenance related

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@FedericoNegri @Buzz1167