Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-3016

Cascaded user removal docs are outdated

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Critical
    • 3.0.0.GA
    • 3.0.0.GA
    • docs
    • None
    • False
    • None
    • False
    • Not Required
    • Hide
      • Log in to the deployment at least once with each `user` and `admin` accounts
      • Start a workspace for the `user` account
      • Obtain `_oauth_proxy` cookie for the `admin` account
      • Patch checluster
      • Verify that the API returns your profile
      • Search for a specific user and get their ID
      • Call the delete user API
      Show
      Log in to the deployment at least once with each `user` and `admin` accounts Start a workspace for the `user` account Obtain `_oauth_proxy` cookie for the `admin` account Patch checluster Verify that the API returns your profile Search for a specific user and get their ID Call the delete user API

    Description

      The docs are still referencing Authentication header with Bearer token.
      Meanwhile, only thing that's available to us is `_oauth_proxy` cookie (with which the calls seem to work, for the most part.

      https://red-hat-developers-documentation.pages.redhat.com/red-hat-devtools/preview/navigating/devspaces-administration-guide/#removing-user-data

      oc patch checluster devspaces --type merge -p '{ "spec": { "server": {"customCheProperties": {"CHE_SYSTEM_SUPER__PRIVILEGED__MODE": "true"} } }}' -n openshift-devspaces

oc patch checluster devspaces --type merge -p '{ "spec": { "server": {"customCheProperties": {"CHE_SYSTEM_ADMIN__NAME": "admin"} } }}' -n openshift-devspaces

oc patch checluster devspaces --patch "{\"spec\":{\"server\":{\"customCheProperties\": {\"CHE_KEYCLOAK_CASCADE__USER__REMOVAL__ENABLED\": \"true\"}}}}" --type=merge -n openshift-devspaces

curl -ki -X GET --cookie '_oauth_proxy=<cookie>' 'https://devspaces-openshift-devspaces.apps.ocp410-bmakam.crw-qe.com/api/user'

curl -ki -X GET --cookie '_oauth_proxy=<cookie>' 'https://devspaces-openshift-devspaces.apps.ocp410-bmakam.crw-qe.com/api/user/find?name=user'

curl -ki -X DELETE --cookie '_oauth_proxy=<cookie>' 'https://devspaces-openshift-devspaces.apps.ocp410-bmakam.crw-qe.com/api/user/78821e99-9da7-479b-ac82-29d19ba6e53d'

      All the commands above work as intended, except for the last one, but that's described in https://issues.redhat.com/browse/CRW-3017

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. RHDEVDOCS-4119 Cascaded user removal docs are outdated

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          relates to

          Bug - A problem that impairs or prevents the functions of the product. CRW-3017 After cascade removal, the first time approval is not shown to the removed user after login using openshift

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed

          Activity

            People

              ffloreth@redhat.com Fabrice Flore-Thébault
              tdancs Tibor Dancs (Inactive)
              Max Leonov Max Leonov
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: