# URBANITE Dashboard Controller This repository contains the docker-compose used by the URBANITE Dashboard Controller (Spring Boot App) secured by Keycloak IDM. The docker-compose uses as internal components the following: - Spring Boot as Controller - PostgreSQL as meta-data storage DBMS - Keycloak as IDM ## Table of Contents 1. [Docker](#docker) 1. [Docker-compose](#docker-compose) 1. [RESTFull APIs](#restfull-apis) 1. [Data Model](#data-model) 1. [IDM Configuration](#configuration-changes-on-idm-keycloak) 1. [License](#license) ## Docker Build docker image: ```bash $ cd urbanite-dashboard-controller $ docker build ./ -t dashboardapp ``` ## Docker-compose Run docker image: ```bash $ cd urbanite-dashboard-controller $ docker-compose up ``` ## RESTFull APIs An OpenAPI description is available in [dashboardapp-openapi.yaml](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/dashboardapp-openapi.yaml) The documentation of the REST services can be found when the root context is opened in a browser: http://localhost:8085/swagger-ui.html ## Data Model The data model design is available in [data_model.png](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/data_model.png) Create Database manually: ```bash $ docker exec -it <id_container_postgres> /bin/bash $ su - postgres $ createdb dashboarddb ``` ## Configuration changes on IDM Keycloak - IDM_USER*: Add the view permission to the "urbanite" keycloak user. - TOKEN_CLAIM: Change "Token Claim Name" on the "urbanite" realm. Details: - IDM_USER: Add to the "urbanite" user following this path "Role Mappings", the view permission to reads users, groups and roles See [idm_config_1.png](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/src/main/docker/idm_config_1.png). The "urbanite" user is the one enabled to see all users, groups and roles. - TOKEN_CLAIM: In the "urbanite" realm, following this path "Client Scopes > roles > Mappers > realm roles" set the "Token Claim Name" equals to "realm_access.roles" See [idm_config_0.png](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/src/main/docker/idm_config_0.png) <i>Note:</i> In the [docker-compose.yml](https://git.code.tecnalia.com/urbanite/private/wp5-integration-and-devops/urbanite-dashboard-controller/-/blob/master/docker-compose.yml) the followings properties, in the _dashboardapp.environment_, defines the IDM URI and user's credential of the IDM user enabled with view permission (See IDM_USER*) ```bash IDM_URI IDM_USER4VIEW_USERNAME IDM_USER4VIEW_PASSWORD ``` ## License [Apache License, Version 2.0](LICENSE.md)