# URBANITE Dashboard Controller
This repository contains the docker-compose used by the URBANITE Dashboard Controller (Spring Boot App) secured by Keycloak IDM.

The docker-compose uses as internal components the following: 
- Spring Boot as Controller
- PostgreSQL as meta-data storage DBMS
- Keycloak as IDM



## Table of Contents
1. [Docker](#docker)
1. [Docker-compose](#docker-compose)
1. [RESTFull APIs](#restfull-apis)
1. [Data Model](#data-model)
1. [IDM Configuration](#configuration-changes-on-idm-keycloak)
1. [License](#license)


## Docker

Build docker image:

```bash
$ cd urbanite-dashboard-controller
$ docker build ./ -t dashboardapp
```


## Docker-compose

Run docker image:


```bash
$ cd urbanite-dashboard-controller
$ docker-compose up
```


## RESTFull APIs

An OpenAPI description is available in [dashboardapp-openapi.yaml](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/dashboardapp-openapi.yaml)

The documentation of the REST services can be found when the root context is opened in a browser:
http://localhost:8085/swagger-ui.html

## Data Model

The data model design is available in [data_model.png](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/data_model.png)


Create Database manually:

```bash
$ docker exec -it <id_container_postgres> /bin/bash
$ su - postgres
$ createdb dashboarddb
```





## Configuration changes on IDM Keycloak
- IDM_USER*: Add the view permission to the "urbanite" keycloak user.
- TOKEN_CLAIM: Change "Token Claim Name" on the "urbanite" realm.

Details:
- IDM_USER: Add to the "urbanite" user following this path "Role Mappings", the view permission to reads users, groups and roles 
See [idm_config_1.png](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/src/main/docker/idm_config_1.png). The "urbanite" user is the one enabled to see all users, groups and roles.	
- TOKEN_CLAIM: In the "urbanite" realm, following this path "Client Scopes > roles > Mappers > realm roles" set the "Token Claim Name" equals to "realm_access.roles" See [idm_config_0.png](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/src/main/docker/idm_config_0.png)

<i>Note:</i>
In the [docker-compose.yml](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/docker-compose.yml) the followings properties, in the _dashboardapp.environment_, defines the IDM URI and user's credential of the IDM user enabled with view permission (See IDM_USER*)

```bash
IDM_URI
IDM_USER4VIEW_USERNAME
IDM_USER4VIEW_PASSWORD
```


## License

[Apache License, Version 2.0](LICENSE.md)