Adding Keycloak To Server #22
Conversation
server/course/router.go
Outdated
| @@ -100,7 +102,7 @@ func createCourse(c *gin.Context) { | |||
| return | |||
| } | |||
|
|
|||
| course, err := CreateCourse(c, newCourse) | |||
| course, err := CreateCourse(c, newCourse, userID) | |||
| if err != nil { | |||
| handleError(c, http.StatusInternalServerError, err) | |||
There was a problem hiding this comment.
I would not return the plain error here. This may leak information to the enduser/attacker. This applies to most errors in this file here.
I would recommend to log the error and return a more generic one
| } | ||
|
|
||
| roleString := fmt.Sprintf("%s-%s-Lecturer", createdCourse.Name, createdCourse.SemesterTag.String) | ||
| err = CourseServiceSingleton.addUserToGroup(ctx, requesterID, roleString) |
There was a problem hiding this comment.
What happens to the database object when this call fails? It should be rolled back, otherwise we have a database entry without its respective roles
There was a problem hiding this comment.
it is rolled back, as it happens within a transaction. If an error occurs, the function exits early and the transaction is never committed.
There was a problem hiding this comment.
I highly doubt that this applies to actions which are executed on the Keycloak Groups and roles. Which my comment was actually referring to
This PR shall be basis for discussion. I would really appreciate your comments @Mtze @robertjndw
The main idea:
My main question: Which roles to create?
We have two possibilities how to solve this
Key changes include:
Keycloak Integration:
server/course/router.go. [1] [2]server/keycloakpackage. [1] [2] [3] [4] [5]server/go.mod. [1] [2] [3] [4]Service Layer:
CreateCoursefunction inserver/course/service.go. [1] [2]