DTSPB-2809: added SAC setup

Author: sanjayparekh-hmcts

bin/ccd-add-all-roles.sh

@@ -43,6 +43,8 @@ binFolder=$($(dirname "$0")/probate-dev-env-realpath)
 (${binFolder}/ccd-add-role.sh caseworker-probate-bulkscan)
 (${binFolder}/xui-add-role.sh pui-case-manager)
 (${binFolder}/xui-add-role.sh pui-user-manager)
+(${binFolder}/ccd-add-role.sh caseworker-caa)
+
 (${binFolder}/xui-add-role.sh caseworker)
 (${binFolder}/xui-add-role.sh caseworker-probate)
 (${binFolder}/xui-add-role.sh caseworker-probate-solicitor)

bin/idam-client-setup.sh

@@ -43,6 +43,12 @@ curl -XPOST \
  -H "Content-Type: application/json" \
  -d '{ "activationRedirectUrl": "", "allowedRoles": [], "description": "ccd_data_store_api", "label": "ccd_data_store_api", "oauth2ClientId": "ccd_data_store_api", "oauth2ClientSecret": "idam_data_store_client_secret", "oauth2RedirectUris": ["http://ccd-data-store-api/oauth2redirect" ], "oauth2Scope": "profile openid roles manage-user", "selfRegistrationAllowed": false}'
 
+echo "Setup aac_manage_case_assignment client"
+$BIN_FOLDER/idam-create-service.sh "aac_manage_case_assignment" "aac_manage_case_assignment" "AAAAAAAAAAAAAAAA" "https://manage-case-assignment/oauth2redirect" "false" "profile openid roles manage-user")
+
+echo "Setup xui_mo_webapp client"
+$BIN_FOLDER/idam-create-service.sh "xui_mo_webapp" "xui_mo_webapp" "AAAAAAAAAAAAAAAA" "http://localhost:3001/oauth2/callback" "false" "profile openid roles manage-user create-user manage-roles")
+
 #Create all the role
 $BIN_FOLDER/idam-role.sh caseworker
 $BIN_FOLDER/idam-role.sh caseworker-probate
@@ -59,23 +65,32 @@ $BIN_FOLDER/idam-role.sh caseworker-probate-scheduler
 $BIN_FOLDER/idam-role.sh caseworker-probate-charity
 $BIN_FOLDER/idam-role.sh payment
 $BIN_FOLDER/idam-role-assignable.sh ccd-import
+$BIN_FOLDER/idam-role.sh caseworker-caa
+$BIN_FOLDER/idam-role.sh pui-caa
+$BIN_FOLDER/idam-role.sh pui-organisation-manager
+$BIN_FOLDER/idam-create-caseworker.sh caseworker,caseworker-caa,pui-case-manager,pui-user-manager [email protected] "Password12" "caa" "caseworker")
+$BIN_FOLDER/idam-create-caseworker.sh caseworker,caseworker-probate,caseworker-probate-solicitor,pui-case-manager,pui-user-manager,pui-organisation-manager,pui-caa [email protected] Probate123 TestOrg3 PBA)
+
 
 # Roles required for XUI
 echo ""
 echo "Setting up Roles required for XUI..."
 $BIN_FOLDER/idam-role.sh pui-case-manager
 $BIN_FOLDER/idam-role.sh pui-user-manager
+$BIN_FOLDER/xui-add-role.sh caseworker-caa
+$BIN_FOLDER/xui-add-role.sh pui-caa
+$BIN_FOLDER/xui-add-role.sh pui-organisation-manager
 
 #Assign all the roles to the ccd_gateway client
 curl -XPUT \
   ${IDAM_URI}/services/ccd_gateway/roles \
  -H "Authorization: AdminApiAuthToken ${authToken}" \
  -H "Content-Type: application/json" \
- -d '["ccd-import", "caseworker", "caseworker-probate", "caseworker-probate", "caseworker-probate-issuer", "caseworker-probate-solicitor", "caseworker-probate-authoriser", "caseworker-probate-systemupdate", "caseworker-probate-caseofficer", "caseworker-probate-caseadmin", "caseworker-probate-registrar", "caseworker-probate-superuser", "caseworker-probate-charity", "caseworker-probate-scheduler", "payment"]'
+ -d '["ccd-import", "caseworker", "caseworker-probate", "caseworker-probate", "caseworker-probate-issuer", "caseworker-probate-solicitor", "caseworker-probate-authoriser", "caseworker-probate-systemupdate", "caseworker-probate-caseofficer", "caseworker-probate-caseadmin", "caseworker-probate-registrar", "caseworker-probate-superuser", "caseworker-probate-charity", "caseworker-probate-scheduler", "payment", "caseworker-caa"]'
 
 #Assign roles to the xui_webapp client
 curl -XPUT \
   ${IDAM_URI}/services/xui_webapp/roles \
  -H "Authorization: AdminApiAuthToken ${authToken}" \
  -H "Content-Type: application/json" \
- -d '["ccd-import", "caseworker", "caseworker-probate", "caseworker-probate-solicitor", "caseworker-probate-superuser", "pui-case-manager", "pui-user-manager"]'
+ -d '["ccd-import", "caseworker", "caseworker-probate", "caseworker-probate-solicitor", "caseworker-probate-superuser", "pui-case-manager", "pui-user-manager", "caseworker-caa"]'

bin/idam-create-service.sh

@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+set -eu
+
+dir=$(dirname ${0})
+
+LABEL=${1}
+CLIENT_ID=${2}
+CLIENT_SECRET=${3}
+REDIRECT_URL=${4}
+SELF_REGISTRATION=${5:-"false"}
+SCOPE=${6:-"openid profile authorities acr roles search-user"}
+
+apiToken=$(${dir}/idam-authenticate.sh "[email protected]" "Ref0rmIsFun")
+
+echo -e "\nCreating service with:\nLabel: ${LABEL}\nClient ID: ${CLIENT_ID}\nClient Secret: ${CLIENT_SECRET}\nRedirect URL: ${REDIRECT_URL}\n"
+
+STATUS=$(curl --silent --output /dev/null --write-out '%{http_code}' -X POST -H 'Content-Type: application/json' -H "Authorization: AdminApiAuthToken ${apiToken}" \
+  ${IDAM_API_BASE_URL:-http://localhost:5000}/services \
+  -d '{
+    "allowedRoles": [],
+    "description": "'${LABEL}'",
+    "label": "'${LABEL}'",
+    "oauth2ClientId": "'${CLIENT_ID}'",
+    "oauth2ClientSecret": "'${CLIENT_SECRET}'",
+    "oauth2RedirectUris": ["'${REDIRECT_URL}'"],
+    "oauth2Scope": "'"${SCOPE}"'",
+    "selfRegistrationAllowed": "'${SELF_REGISTRATION}'"
+}')
+
+if [ $STATUS -eq 201 ]; then
+  echo "Service created sucessfully"
+elif [ $STATUS -eq 409 ]; then
+  echo "Service already exists!"
+else
+  echo "ERROR: HTTPCODE = $STATUS"
+  exit 1
+fi