diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrap.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrap.groovy
index 19b27dd1c..33d93564c 100644
--- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrap.groovy
+++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrap.groovy
@@ -29,6 +29,13 @@ class UserBootstrap {
@Transactional
@EventListener
void bootstrapUsersAndRoles(ApplicationStartedEvent e) {
+ if (shibUIConfiguration.roles) {
+ log.info("bootstrapping roles")
+ shibUIConfiguration.roles.each { it ->
+ def role = roleRepository.findByName(it).orElse(new Role(name: it))
+ roleRepository.saveAndFlush(role)
+ }
+ }
if (shibUIConfiguration.userBootstrapResource) {
log.info("configuring users from ${shibUIConfiguration.userBootstrapResource.URI}")
new CSVReader(new InputStreamReader(shibUIConfiguration.userBootstrapResource.inputStream)).each { it ->
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java
index 3c85674e9..b109a83f4 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/ShibUIConfiguration.java
@@ -24,7 +24,7 @@ public class ShibUIConfiguration {
* A Resource containing a CSV of users to bootstrap into the system. Currently, this must be in format
*
*
- * username,password,firstName,lastName,role
+ * username,password,firstName,lastName,role,email
*
*
* Note that the password must be encrypted in the file. Ensure that you prepend the encoder to the value, e.g.
@@ -34,4 +34,9 @@ public class ShibUIConfiguration {
*
*/
private Resource userBootstrapResource;
+
+ /**
+ * A list of roles to bootstrap into the system.
+ */
+ private List roles;
}
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrapTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrapTests.groovy
index 74f6df359..29975ca76 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrapTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/UserBootstrapTests.groovy
@@ -44,4 +44,19 @@ class UserBootstrapTests extends Specification {
assert userRepository.findAll().size() == 2
assert roleRepository.findAll().size() == 2
}
+
+ def "bootstrap roles"() {
+ setup:
+ shibUIConfiguration.roles = ['ROLE_ADMIN', 'ROLE_USER']
+ def userbootstrap = new UserBootstrap(shibUIConfiguration, userRepository, roleRepository)
+
+ when:
+ userbootstrap.bootstrapUsersAndRoles(null)
+
+ then:
+ noExceptionThrown()
+ assert roleRepository.findAll().size() == 2
+ assert roleRepository.findByName('ROLE_ADMIN').get()
+ assert roleRepository.findByName('ROLE_USER').get()
+ }
}
diff --git a/pac4j-module/src/test/docker/conf/application.yml b/pac4j-module/src/test/docker/conf/application.yml
index f8c4317ce..54c9c0a6b 100644
--- a/pac4j-module/src/test/docker/conf/application.yml
+++ b/pac4j-module/src/test/docker/conf/application.yml
@@ -1,6 +1,6 @@
spring:
profiles:
- include: dev
+ include:
server:
port: 8443
ssl:
@@ -9,6 +9,8 @@ server:
keyStoreType: "PKCS12"
keyAlias: "tomcat"
shibui:
+ user-bootstrap-resource: file:/conf/users.csv
+ roles: ROLE_ADMIN,ROLE_NONE,ROLE_USER,ROLE_PONY
pac4j:
keystorePath: "/conf/samlKeystore.jks"
keystorePassword: "changeit"