chore: add configuration for provider only roles

Refs: eclipse-tractusx/portal-backend#1254
eclipse-tractusx · Feb 5, 2025 · 4c269cb · 4c269cb
1 parent a40e2c6
commit 4c269cb
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 1 deletion.
diff --git a/charts/portal/templates/deployment-backend-administration.yaml b/charts/portal/templates/deployment-backend-administration.yaml
@@ -480,6 +480,14 @@ spec:
           value: "{{ .Values.centralidp.clients.technicalRolesManagement }}"
         - name: "SERVICEACCOUNT__DIMUSERROLES__0__USERROLENAMES__0"
           value: "{{ .Values.backend.administration.serviceAccount.dimCreationRoles.role0 }}"
+        - name: "SERVICEACCOUNT__USERROLESACCESSIBLEBYPROVIDERONLY__0__CLIENTID"
+          value: "{{ .Values.centralidp.clients.technicalRolesManagement }}"
+        - name: "SERVICEACCOUNT__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__0"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role0 }}"
+        - name: "SERVICEACCOUNT__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__1"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role1 }}"
+        - name: "SERVICEACCOUNT__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__2"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role2 }}"
         - name: "SWAGGERENABLED"
           value: "{{ .Values.backend.administration.swaggerEnabled }}"
         - name: "USERMANAGEMENT__COMPANYUSERSTATUSIDS__0"

diff --git a/charts/portal/templates/deployment-backend-appmarketplace.yaml b/charts/portal/templates/deployment-backend-appmarketplace.yaml
@@ -266,6 +266,14 @@ spec:
           value: "{{ .Values.centralidp.clients.technicalRolesManagement }}"
         - name: "APPMARKETPLACE__DIMUSERROLES__0__USERROLENAMES__0"
           value: "{{ .Values.backend.administration.serviceAccount.dimCreationRoles.role0 }}"
+        - name: "APPMARKETPLACE__USERROLESACCESSIBLEBYPROVIDERONLY__0__CLIENTID"
+          value: "{{ .Values.centralidp.clients.technicalRolesManagement }}"
+        - name: "APPMARKETPLACE__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__0"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role0 }}"
+        - name: "APPMARKETPLACE__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__1"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role1 }}"
+        - name: "APPMARKETPLACE__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__2"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role2 }}"
         - name: "APPMARKETPLACE__BPNDIDRESOLVERURL"
           value: "{{ .Values.bpnDidResolver.directoryApiAddress }}"
         - name: "HEALTHCHECKS__0__PATH"

diff --git a/charts/portal/templates/deployment-backend-services.yaml b/charts/portal/templates/deployment-backend-services.yaml
@@ -261,6 +261,14 @@ spec:
           value: "{{ .Values.centralidp.clients.technicalRolesManagement }}"
         - name: "SERVICES__DIMUSERROLES__0__USERROLENAMES__0"
           value: "{{ .Values.backend.administration.serviceAccount.dimCreationRoles.role0 }}"
+        - name: "SERVICES__USERROLESACCESSIBLEBYPROVIDERONLY__0__CLIENTID"
+          value: "{{ .Values.centralidp.clients.technicalRolesManagement }}"
+        - name: "SERVICES__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__0"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role0 }}"
+        - name: "SERVICES__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__1"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role1 }}"
+        - name: "SERVICES__USERROLESACCESSIBLEBYPROVIDERONLY__0__USERROLENAMES__2"
+          value: "{{ .Values.backend.administration.serviceAccount.userRolesAccessibleByProviderOnly.role2 }}"
         - name: "MAILINGPROCESSCREATION__ENCRYPTIONCONFIGINDEX"
           value: "{{ .Values.backend.processesworker.mailing.encryptionConfigIndex }}"
         - name: "MAILINGPROCESSCREATION__ENCRYPTIONCONFIGS__0__INDEX"

diff --git a/charts/portal/values.yaml b/charts/portal/values.yaml
@@ -49,7 +49,8 @@ bpdm:
   poolAddress: "https://business-partners.example.org"
   # -- Provide bpdm pool api path.
   poolApiPath: "/pool/v6"
-  # -- Provide bpdm portal gate base address.
+  # -- Provide bpdm portal gate base address.467
+
   portalGateAddress: "https://business-partners.example.org"
   # -- Provide bpdm portal gate api path.
   portalGateApiPath: "/companies/test-company/v6"
@@ -464,6 +465,8 @@ backend:
           encryptionKey: ""
       dimCreationRoles:
         role0: "Identity Wallet Management"
+      # -- Configuration for the technical user configuration.
+      # If a technical user profile contains a role which is configured here, it will be only visible for the provider
       userRolesAccessibleByProviderOnly:
         role0: "BPDM Pool Consumer"
         role1: "BPDM Sharing Output Consumer"