Merge pull request #5423 from bcgov/feat/5382

chore(5382): add new role Finance Manager

Author: junminahn

sandbox/keycloak-provision/main.ts

@@ -130,6 +130,7 @@ async function main() {
 
   await kc.createClientRole(AUTH_REALM_NAME, authClient?.id as string, `billing-reviewer`);
   await kc.createClientRole(AUTH_REALM_NAME, authClient?.id as string, `billing-reader`);
+  await kc.createClientRole(AUTH_REALM_NAME, authClient?.id as string, `finance-manager`);
   await kc.createClientRole(AUTH_REALM_NAME, authClient?.id as string, `private-reviewer`);
   await kc.createClientRole(AUTH_REALM_NAME, authClient?.id as string, `public-reviewer`);
   await kc.createClientRole(AUTH_REALM_NAME, authClient?.id as string, `user-reader`);

sandbox/mock-users.json

@@ -107,6 +107,18 @@
     "jobTitle": "billing-reader",
     "officeLocation": ""
   },
+  {
+    "id": "a008b857-36c8-4a17-a79a-518e33effed1",
+    "extension_85cc52e9286540fcb1f97ed86114a0e5_bcgovGUID": "a008b85736c84a17a79a518e33effed1",
+    "onPremisesSamAccountName": "FINANCE_MANAGER_SYSTEM",
+    "userPrincipalName": "finance.manager.system@gov.bc.ca",
+    "mail": "finance.manager.system@gov.bc.ca",
+    "displayName": "System, Finance Manager CITZ:EX",
+    "givenName": "Finance Manager",
+    "surname": "System",
+    "jobTitle": "finance-manager",
+    "officeLocation": ""
+  },
   {
     "id": "a008b857-36c8-4a17-a79a-518e33effec8",
     "extension_85cc52e9286540fcb1f97ed86114a0e5_bcgovGUID": "a008b85736c84a17a79a518e33effec8",

terraform/keycloak/dev/roles.tf

@@ -118,6 +118,14 @@ resource "keycloak_role" "pltsvc_billing_reader" {
   description = "Registry Billing Reader"
 }
 
+resource "keycloak_role" "pltsvc_finance_manager" {
+  realm_id  = data.keycloak_realm.pltsvc.id
+  client_id = keycloak_openid_client.pltsvc.id
+
+  name        = "finance-manager"
+  description = "Registry Finance Manager"
+}
+
 resource "keycloak_role" "pltsvc_private_reviewer" {
   realm_id  = data.keycloak_realm.pltsvc.id
   client_id = keycloak_openid_client.pltsvc.id

terraform/keycloak/prod/roles.tf

@@ -118,6 +118,14 @@ resource "keycloak_role" "pltsvc_billing_reader" {
   description = "Registry Billing Reader"
 }
 
+resource "keycloak_role" "pltsvc_finance_manager" {
+  realm_id  = data.keycloak_realm.pltsvc.id
+  client_id = keycloak_openid_client.pltsvc.id
+
+  name        = "finance-manager"
+  description = "Registry Finance Manager"
+}
+
 resource "keycloak_role" "pltsvc_private_reviewer" {
   realm_id  = data.keycloak_realm.pltsvc.id
   client_id = keycloak_openid_client.pltsvc.id

terraform/keycloak/test/roles.tf

@@ -118,6 +118,14 @@ resource "keycloak_role" "pltsvc_billing_reader" {
   description = "Registry Billing Reader"
 }
 
+resource "keycloak_role" "pltsvc_finance_manager" {
+  realm_id  = data.keycloak_realm.pltsvc.id
+  client_id = keycloak_openid_client.pltsvc.id
+
+  name        = "finance-manager"
+  description = "Registry Finance Manager"
+}
+
 resource "keycloak_role" "pltsvc_private_reviewer" {
   realm_id  = data.keycloak_realm.pltsvc.id
   client_id = keycloak_openid_client.pltsvc.id