Skip to content

Add subGroup as managed properties #1294

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add subGroup as managed properties #1294

wants to merge 2 commits into from

Conversation

@gdelbos
Copy link

@gdelbos gdelbos commented Apr 1, 2025
edited
Loading

What this PR does / why we need it:

Currently, only the groups attribute is managed. However, it can be interesting to allow the subGroups to be managed in the same way. This will allow the usage of multiple file containing specific subGroup configuration.

For instance, you can have a federation that is retrieving groups from an LDAP directory. Some on those groups must be updated to provided some specific roles. However, for lisibility, you want the groups from LDAP to be subgroups of a global container group. Additionaly, for maintenance purpose, you prefer to have one configuration file per LDAP group.

File 1:

{
  "realm": "my-realm",
  "groups": [
    {
      "name": "LDAPSync",
      "path": "/LDAPSync",
      "subGroups": [
        {
          "name": "GROUP_1",
          "path": "/LDAPSync/GROUP_1",
          "subGroups": [],
          "realmRoles": [
            "user"
          ],
          "clientRoles": {
            "my-user-service": [
              "user_read",
              "user_search"
            ]
          }
        }
      ]
    }
  ]
}

File 2:

{
  "realm": "my-realm",
  "groups": [
    {
      "name": "LDAPSync",
      "path": "/LDAPSync",
      "subGroups": [
        {
          "name": "GROUP_2",
          "path": "/LDAPSync/GROUP_2",
          "subGroups": [],
          "realmRoles": [
            "admin"
          ],
          "clientRoles": {
            "my-user-service": [
              "user_read",
              "user_search",
              "user_update",
              "user_create",
              "user_delete"
            ]
          }
        }
      ]
    }
  ]
}

After the import of those two file, with the modification of the subGroup managed propertie value, we will have 1 container group (LDAPSync) containing two sub group: GROUP_1 and GROUP_2

PR Readiness Checklist:

Complete these before marking the PR as ready to review:

  • the CHANGELOG.md release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR

@sonarqubecloud
Copy link

sonarqubecloud bot commented Apr 1, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@gdelbos gdelbos marked this pull request as ready for review April 1, 2025 16:06
@AssahBismarkabah AssahBismarkabah added bug enhancement java Pull requests that update Java code labels Sep 18, 2025
@AssahBismarkabah AssahBismarkabah mentioned this pull request Nov 6, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug enhancement java Pull requests that update Java code

Projects

os-competence-center-board
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gdelbos @AssahBismarkabah