debugging participation issue

mp-access · Feb 22, 2024 · f1b7515 · f1b7515
1 parent 2063931
commit f1b7515
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 4 deletions.
diff --git a/src/main/kotlin/ch/uzh/ifi/access/config/SecurityConfig.kt b/src/main/kotlin/ch/uzh/ifi/access/config/SecurityConfig.kt
@@ -147,10 +147,8 @@ class AuthenticationSuccessListener(
     override fun onApplicationEvent(event: AuthenticationSuccessEvent) {
         val username = event.authentication.name
         roleService.getUserRepresentationForUsername(username)?.let { user ->
-            if (user.attributes?.containsKey("roles_synced_at") != true) {
-                logger.debug { "syncing $username to courses" }
-                courseService.updateStudentRoles(username)
-            }
+            logger.debug { "syncing $username to courses" }
+            courseService.updateStudentRoles(username)
         }
     }
 }
diff --git a/src/main/kotlin/ch/uzh/ifi/access/service/CourseService.kt b/src/main/kotlin/ch/uzh/ifi/access/service/CourseService.kt
@@ -663,6 +663,7 @@ exit ${'$'}exit_code;
         CacheEvict(value = ["getUserRoles"], key = "#username")
     ])
     fun updateStudentRoles(username: String) {
+        logger.debug { "CourseService updating ${username} roles for ${getCourses().size} courses" }
         getCourses().forEach { course ->
             logger.debug { "syncing to ${course.slug}"}
             roleService.updateStudentRoles(course, course.registeredStudents, username)

diff --git a/src/main/kotlin/ch/uzh/ifi/access/service/RoleService.kt b/src/main/kotlin/ch/uzh/ifi/access/service/RoleService.kt
@@ -96,6 +96,8 @@ class RoleService(
         val matchByAffiliationID = user.attributes?.get("swissEduIDLinkedAffiliationUniqueID")?.any { it == student } == true
         val matchByPersonID = user.attributes?.get("swissEduPersonUniqueID")?.any { it == student } == true
         val matchByEmail = user.email == student
+        if (matchByUsername) { logger.debug { "X: matchByUsername: ${student} -> username: ${user.username}, email: ${user.email}"} }
+        if (matchByEmail) { logger.debug { "X: matchByEmail: ${student} ->  username: ${user.username}, email: ${user.email}"} }
         return (matchByUsername || matchByAffiliationID || matchByPersonID || matchByEmail)
     }
 
@@ -143,6 +145,7 @@ class RoleService(
         val role = accessRealm.roles()[Role.STUDENT.withCourse(course.slug)]
         val rolesToAdd = listOf(role.toRepresentation())
         logger.debug { "B: updating roles for ${username} (roles to add: ${rolesToAdd})"}
+        logger.debug { "Searching if ${username} is in ${role.getUserMembers(0, -1).size} members of ${role} in keycloak" }
         role.getUserMembers(0, -1)
             .filter {
                 studentMatchesUser(username, it)
@@ -151,12 +154,16 @@ class RoleService(
                 logger.debug { "B: removing ${rolesToAdd} from ${username}"}
                 accessRealm.users()[it.id].roles().realmLevel().remove(rolesToAdd)
             }
+        logger.debug { "Comparing $username to ${accessRealm.users().list(0, -1).size} users in keycloak" }
         accessRealm.users().list(0, -1).forEach {
             if (studentMatchesUser(username, it) && userRegisteredForCourse(it, registrationIDs)) {
                 logger.debug { "B: adding roles ${rolesToAdd} to ${it.username}" }
                 accessRealm.users()[it.id].roles().realmLevel().add(rolesToAdd)
                 accessRealm.users()[it.id].update(updateRoleTimestamp(it))
             }
+            else if  (studentMatchesUser(username, it)) {
+                logger.debug { "Y: matching user ${username} to ${it.username} did not register for course ${course.slug}" }
+            }
         }
     }