Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Synchronize user profile with keycloak database #5438

Closed
skabashnyuk opened this issue Jun 22, 2017 · 1 comment
Closed

Synchronize user profile with keycloak database #5438

skabashnyuk opened this issue Jun 22, 2017 · 1 comment
Labels
kind/task Internal things, technical debt, and to-do tasks to be performed. status/open-for-dev An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it.

Comments

@skabashnyuk
Copy link
Contributor

We used such profile attributes in such products

Eclipse Che

  • "email"

Codenvy

  • "firstName"
  • "country"
  • "jobtitle"
  • "phone"
  • "email"
  • "lastName"
  • "employer"

We need to find a way how to map it to keycloak attributes for two use-cases.

  • API to read profile attributes to display it on UI.
    We might just need to implement ProfileDao.getById.
  • API to update profile.
    Either find a way how to implement ProfileDao.update to update profile in keycloak database either made a redirect to profile page on Keycloak application.
@skabashnyuk skabashnyuk added kind/task Internal things, technical debt, and to-do tasks to be performed. status/open-for-dev An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it. team/platform labels Jun 22, 2017
@skabashnyuk skabashnyuk mentioned this issue Jun 22, 2017
Closed
25 tasks
@skabashnyuk skabashnyuk mentioned this issue Jul 24, 2017
Closed
@mshaposhnik
Copy link
Contributor

mshaposhnik commented Aug 15, 2017
edited

Added DAO. By default it always accesses only current user profile.
To make it possible for single user (aka admin) to access the other users profiles, it should be correctly configured into Keycloak console by following steps:

  1. Go to realm-management client, check if authorization switch enabled;

  2. Go to client authorization tab, select policies sub-tab;

  3. In the "Create policy" dropdown at top right, select "User";

  4. Put the username which will have access, and policy name, and save; (pic 1);
    screenshot_20170815_152603

  5. Go to menu users, permissions tab. Enable switch if needed.

  6. Select "view" permission. It allows to view other users.

  7. Paste new created policy name into "Apply policy" field and save.
    kk2
    Result (token from user admin, so logged as admin and viewing profile ur3cma) :
    kkk3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/task Internal things, technical debt, and to-do tasks to be performed. status/open-for-dev An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@skabashnyuk @mshaposhnik