kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

Merge branch 'dev' into feature/1058-adminfront-tab-rebac-permissions

Browse Source
This commit is contained in:
조찬영
2026-06-12 20:28:18 +09:00
parent 4d5b010cbc 7abd3069ee
commit 383c6bf7b9
148 changed files with 11895 additions and 2024 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
backend/cmd/adminctl/worksmobile_sync.go
View File

@@ -126,7 +126,8 @@ func runWorksmobileSync(args []string) error {
}
}
if config.AlignBaronFromWorksOutput != "" {
if err := alignBaronNeedsUpdateUsersFromWorks(ctx, db, syncService, userRepo, service.NewKratosAdminService(), root.ID, config.AlignBaronFromWorksOutput, config.AlignBaronFromWorksExclude); err != nil {
identityWriter := service.NewIdentityWriteService(service.NewKratosAdminService(), nil)
if err := alignBaronNeedsUpdateUsersFromWorks(ctx, db, syncService, userRepo, identityWriter, root.ID, config.AlignBaronFromWorksOutput, config.AlignBaronFromWorksExclude); err != nil {
return err
}
}
@@ -987,13 +988,13 @@ func exportWorksmobileNeedsUpdateComparison(ctx context.Context, syncService ser
return nil
}
func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncService service.WorksmobileAdminService, userRepo repository.UserRepository, kratosAdmin service.KratosAdminService, tenantID string, outputPath string, excludeRaw string) error {
func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncService service.WorksmobileAdminService, userRepo repository.UserRepository, identityWriter service.IdentityWriteService, tenantID string, outputPath string, excludeRaw string) error {
comparison, err := syncService.GetComparison(ctx, tenantID, true)
if err != nil {
return err
}
if kratosAdmin == nil {
return fmt.Errorf("kratos admin service is required to align Baron users from WORKS")
if identityWriter == nil {
return fmt.Errorf("identity write service is required to align Baron users from WORKS")
}
excludes := parseWorksmobileAlignExcludes(excludeRaw)
file, err := os.Create(outputPath)
@@ -1082,7 +1083,7 @@ func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncS
if newName == "" {
newName = strings.TrimSpace(user.Name)
}
identity, identityErr := kratosAdmin.GetIdentity(ctx, user.ID)
identity, identityErr := identityWriter.GetIdentity(ctx, user.ID)
if identityErr != nil {
status = "error"
errorMessage = identityErr.Error()
@@ -1091,7 +1092,13 @@ func alignBaronNeedsUpdateUsersFromWorks(ctx context.Context, db *gorm.DB, syncS
traits := copyKratosTraits(identity.Traits)
traits["email"] = newEmail
traits["name"] = newName
if _, updateErr := kratosAdmin.UpdateIdentity(ctx, user.ID, traits, strings.TrimSpace(identity.State)); updateErr != nil {
if _, updateErr := identityWriter.UpdateIdentity(ctx, service.IdentityUpdateRequest{
IdentityID: user.ID,
Traits: traits,
State: strings.TrimSpace(identity.State),
Reason: "worksmobile_align_baron_from_works",
Source: "adminctl_worksmobile_sync",
}); updateErr != nil {
status = "error"
errorMessage = updateErr.Error()
errorsCount++

5
backend/cmd/server/main.go
View File

@@ -386,6 +386,7 @@ func main() {
devHandler := handler.NewDevHandler(redisService, secretRepo, consentRepo, relyingPartyService, ketoService, ketoOutboxRepo, tenantService, developerService, authHandler)
devHandler.HeadlessJWKS = headlessJWKSCache
devHandler.AuditRepo = auditRepo
devHandler.IdentityWriter = service.NewIdentityWriteService(kratosAdminService, redisService)
devHandler.RPUserMetadataRepo = rpUserMetadataRepo
devHandler.RPUsageQueries = rpUsageQueryRepo
tenantHandler := handler.NewTenantHandler(db, tenantService, userRepo, userProjectionRepo, ketoService, ketoOutboxRepo, kratosAdminService, sharedLinkService, hydraService, consentRepo)
@@ -844,6 +845,7 @@ func main() {
dev.Get("/users", devHandler.SearchUsers)
dev.Get("/clients", devHandler.ListClients)
dev.Post("/clients", devHandler.CreateClient)
dev.Put("/clients/:id/users/me/metadata", devHandler.SelfUpdateRPUserMetadata)
dev.Get("/clients/:id/users/:userId/metadata", devHandler.GetRPUserMetadata)
dev.Put("/clients/:id/users/:userId/metadata", devHandler.UpsertRPUserMetadata)
dev.Get("/clients/:id", devHandler.GetClient)
@@ -869,6 +871,9 @@ func main() {
dev.Post("/developer-request/:id/approve", devHandler.ApproveDeveloperRequest)
dev.Post("/developer-request/:id/reject", devHandler.RejectDeveloperRequest)
dev.Post("/developer-request/:id/cancel-approval", devHandler.CancelDeveloperRequestApproval)
dev.Get("/developer-grants", devHandler.ListDeveloperGrants)
dev.Post("/developer-grants", devHandler.CreateDeveloperGrant)
dev.Post("/developer-grants/:id/revoke", devHandler.RevokeDeveloperGrant)
// Webhook for Kratos courier (HTTP delivery)
auth.Post("/webhooks/kratos-courier", authHandler.HandleKratosCourierRelay)