search

CZERTAINLY / CZERTAINLY-Auth

CZERTAINLY - authentication service for the platform
https://www.czertainly.com
MIT License
2 stars 4 forks source link

User roles are only added but not removed #81

Closed semik closed 4 months ago

semik commented 5 months ago

Describe the bug User roles are only added but not removed, when user loses role.

To Reproduce

  1. login into CZERTAINLY and make note of roles of an user
  2. logout from CZERTAINLY
  3. login into Keycloak
  4. locate user, add some other value to groups, for example test
  5. login into CZERTAINLY and check roles of that user, you should see that test was adddes
  6. logout from CZERTAINLY and in Keycloak remove test group
  7. login into CZERTAINLY and check roles of test user, you should see that test is still there

Expected behavior I expect that when I remove group from user in Keycloak it is also removed in CZERTAINLY.

Screenshots

Keycloak screen showing that admin doesn't have test role Keycloak at 2024-04-03 15-29-06

CZERTAINLY showing that admin user have both roles superadmin, test

czertainly at 2024-04-03 15-28-36

Additional context I'm running CZERTAINLY 2.11 and Keycloak 21

3keyroman commented 4 months ago

Will be enhanced by https://github.com/3KeyCompany/CZERTAINLY-Auth/issues/80