#6420 - Allow better bot role binding (#15966)

* #6420 - Allow better bot role binding * format * Add bot user role in data file * Add bot user role in data file * Trigger Build * Trigger Build
2025-09-25 08:50:18 +00:00 · 2024-04-25 18:27:45 +02:00 · 2024-04-25 18:27:45 +02:00 · 7db1612c13
commit 7db1612c13
parent 39dde222b2
5 changed files with 35 additions and 27 deletions
--- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/bots/BotResource.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/bots/BotResource.java
@ -13,7 +13,7 @@

 package org.openmetadata.service.resources.bots;

-import static org.openmetadata.service.util.UserUtil.getRoleForBot;
+import static org.openmetadata.common.utils.CommonUtil.listOrEmpty;

 import io.swagger.v3.oas.annotations.ExternalDocumentation;
 import io.swagger.v3.oas.annotations.Operation;
@ -64,8 +64,10 @@ import org.openmetadata.service.jdbi3.BotRepository;
 import org.openmetadata.service.jdbi3.CollectionDAO.EntityRelationshipRecord;
 import org.openmetadata.service.jdbi3.EntityRepository;
 import org.openmetadata.service.jdbi3.ListFilter;
+import org.openmetadata.service.jdbi3.UserRepository;
 import org.openmetadata.service.resources.Collection;
 import org.openmetadata.service.resources.EntityResource;
+import org.openmetadata.service.resources.teams.RoleResource;
 import org.openmetadata.service.security.Authorizer;
 import org.openmetadata.service.security.SecurityUtil;
 import org.openmetadata.service.util.EntityUtil;
@ -91,18 +93,31 @@ public class BotResource extends EntityResource<Bot, BotRepository> {

  @Override
  public void initialize(OpenMetadataApplicationConfig config) throws IOException {
-    // Load system bots
-    List<Bot> bots = repository.getEntitiesFromSeedData();
    String domain = SecurityUtil.getDomain(config);
+    // First, load the bot users and assign their roles
+    UserRepository userRepository = (UserRepository) Entity.getEntityRepository(Entity.USER);
+    List<User> botUsers = userRepository.getEntitiesFromSeedData(".*json/data/botUser/.*\\.json$");
+    for (User botUser : botUsers) {
+      User user =
+          UserUtil.user(botUser.getName(), domain, botUser.getName())
+              .withIsBot(true)
+              .withIsAdmin(false);
+      user.setRoles(
+          listOrEmpty(botUser.getRoles()).stream()
+              .map(entityReference -> RoleResource.getRole(entityReference.getName()))
+              .toList());
+      // Add or update User Bot
+      UserUtil.addOrUpdateBotUser(user);
+    }
+
+    // Then, load the bots and bind them to the users
+    List<Bot> bots = repository.getEntitiesFromSeedData();
    for (Bot bot : bots) {
      String userName = bot.getBotUser().getName();
-      User user = UserUtil.user(userName, domain, userName).withIsBot(true).withIsAdmin(false);
-
-      // Add role corresponding to the bot to the user
-      // we need to set a mutable list here
-      user.setRoles(getRoleForBot(bot.getName()));
-      user = UserUtil.addOrUpdateBotUser(user);
-      bot.withBotUser(user.getEntityReference());
+      bot.withBotUser(
+          userRepository
+              .getByName(null, userName, userRepository.getFields("id"))
+              .getEntityReference());
      repository.initializeEntity(bot);
    }
  }
--- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java
@ -110,7 +110,6 @@ import org.openmetadata.schema.type.EntityHistory;
 import org.openmetadata.schema.type.EntityReference;
 import org.openmetadata.schema.type.Include;
 import org.openmetadata.schema.type.MetadataOperation;
-import org.openmetadata.schema.type.ProviderType;
 import org.openmetadata.schema.type.Relationship;
 import org.openmetadata.schema.type.csv.CsvImportResult;
 import org.openmetadata.service.Entity;
@ -147,7 +146,6 @@ import org.openmetadata.service.util.PasswordUtil;
 import org.openmetadata.service.util.RestUtil.PutResponse;
 import org.openmetadata.service.util.ResultList;
 import org.openmetadata.service.util.TokenUtil;
-import org.openmetadata.service.util.UserUtil;

@Slf4j
@Path("/v1/users")
@ -1440,8 +1438,6 @@ public class UserResource extends EntityResource<User, UserRepository> {
              create.getAuthenticationMechanism(),
              original.getAuthenticationMechanism());
      user.setRoles(original.getRoles());
-    } else if (bot != null && ProviderType.SYSTEM.equals(bot.getProvider())) {
-      user.setRoles(UserUtil.getRoleForBot(botName));
    }
    // TODO remove this
    addAuthMechanismToBot(user, create, uriInfo);
--- a/openmetadata-service/src/main/java/org/openmetadata/service/util/UserUtil.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/util/UserUtil.java
@ -13,7 +13,6 @@

 package org.openmetadata.service.util;

-import static org.openmetadata.common.utils.CommonUtil.listOf;
 import static org.openmetadata.common.utils.CommonUtil.listOrEmpty;
 import static org.openmetadata.common.utils.CommonUtil.nullOrEmpty;
 import static org.openmetadata.schema.entity.teams.AuthenticationMechanism.AuthType.JWT;
@ -48,7 +47,6 @@ import org.openmetadata.service.Entity;
 import org.openmetadata.service.exception.EntityNotFoundException;
 import org.openmetadata.service.jdbi3.EntityRepository;
 import org.openmetadata.service.jdbi3.UserRepository;
-import org.openmetadata.service.resources.teams.RoleResource;
 import org.openmetadata.service.security.auth.CatalogSecurityContext;
 import org.openmetadata.service.security.jwt.JWTTokenGenerator;
 import org.openmetadata.service.util.EntityUtil.Fields;
@ -232,17 +230,6 @@ public final class UserUtil {
    }
  }

-  public static List<EntityReference> getRoleForBot(String botName) {
-    String botRole =
-        switch (botName) {
-          case Entity.INGESTION_BOT_NAME -> Entity.INGESTION_BOT_ROLE;
-          case Entity.QUALITY_BOT_NAME -> Entity.QUALITY_BOT_ROLE;
-          case Entity.PROFILER_BOT_NAME -> Entity.PROFILER_BOT_ROLE;
-          default -> throw new IllegalArgumentException("No role found for the bot " + botName);
-        };
-    return listOf(RoleResource.getRole(botRole));
-  }
-
  public static EntityReference getUserOrBot(String name) {
    EntityReference userOrBot;
    try {
--- a/openmetadata-service/src/main/resources/json/data/bot/ingestionBot.json
+++ b/openmetadata-service/src/main/resources/json/data/bot/ingestionBot.json
@ -1,5 +1,6 @@
 {
  "name": "ingestion-bot",
+  "displayName": "IngestionBot",
  "description": "Bot used for ingesting metadata.",
  "fullyQualifiedName": "ingestion-bot",
  "botUser": {
--- a/openmetadata-service/src/main/resources/json/data/botUser/ingestionBot.json
+++ b/openmetadata-service/src/main/resources/json/data/botUser/ingestionBot.json
@ -0,0 +1,9 @@
+{
+  "name": "ingestion-bot",
+  "roles": [
+    {
+        "name": "IngestionBotRole",
+        "type": "role"
+    }
+  ]
+}