diff --git a/backend/package-lock.json b/backend/package-lock.json index 006bf2e6..02d5ab29 100644 --- a/backend/package-lock.json +++ b/backend/package-lock.json @@ -15,6 +15,7 @@ "atob": "2.1.2", "axios": "^1.7.4", "body-parser": "^1.19.0", + "clamdjs": "^1.0.2", "config": "^3.3.3", "connect-redis": "^5.1.0", "cron": "^1.8.2", @@ -2576,6 +2577,12 @@ "node": ">=8" } }, + "node_modules/clamdjs": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/clamdjs/-/clamdjs-1.0.2.tgz", + "integrity": "sha512-gVnX5ySMULvwYL2ykZQnP4UK4nIK7ftG6z015drJyOFgWpsqXt1Hcq4fMyPwM8LLsxfgfYKLiZi288xuTfmZBQ==", + "license": "MIT" + }, "node_modules/cliui": { "version": "7.0.4", "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz", diff --git a/backend/package.json b/backend/package.json index 4e5b3dc0..aa35ec4c 100644 --- a/backend/package.json +++ b/backend/package.json @@ -22,6 +22,7 @@ "atob": "2.1.2", "axios": "^1.7.4", "body-parser": "^1.19.0", + "clamdjs": "^1.0.2", "config": "^3.3.3", "connect-redis": "^5.1.0", "cron": "^1.8.2", diff --git a/backend/src/components/eas/eas.js b/backend/src/components/eas/eas.js index 1eb4fae0..03f7fa3d 100644 --- a/backend/src/components/eas/eas.js +++ b/backend/src/components/eas/eas.js @@ -6,7 +6,8 @@ const config = require('../../config'); const cacheService = require('../cache-service'); const { createMoreFiltersSearchCriteria } = require('./studentFilters'); const moment = require('moment'); -const {LocalDate, DateTimeFormatter} = require("@js-joda/core"); +const {LocalDate, DateTimeFormatter} = require('@js-joda/core'); +const log = require('../logger'); async function getAssessmentSessions(req, res) { try { @@ -136,7 +137,6 @@ async function postAssessmentStudent(req, res){ updateDate: null, createDate: null }; - console.log("payload", payload) const result = await utils.postData(`${config.get('server:eas:assessmentStudentsURL')}`, payload); return res.status(HttpStatus.OK).json(result); } catch (e) { @@ -177,6 +177,29 @@ async function deleteAssessmentStudentByID(req, res) { } } +async function uploadAssessmentKeyFile(req, res) { + try { + const userInfo = utils.getUser(req); + let createUpdateUser = userInfo.idir_username; + const payload = { + fileContents: req.body.fileContents, + fileName: req.body.fileName, + fileType: req.body.fileType, + createUser: createUpdateUser, + updateUser: createUpdateUser + }; + let data = await utils.postData(`${config.get('server:eas:assessmentKeyURL')}/${req.params.sessionID}/file`, payload, null, userInfo.idir_username); + return res.status(HttpStatus.OK).json(data); + } catch (e) { + console.log(JSON.stringify(e)); + if (e.status === 400) { + return res.status(HttpStatus.BAD_REQUEST).json(e.data.subErrors[0].message); + } + log.error('uploadAssessmentKeyFile Error', e.stack); + return handleExceptionResponse(e, res); + } +} + function includeAssessmentStudentProps(assessmentStudent) { if(assessmentStudent) { let school = cacheService.getSchoolBySchoolID(assessmentStudent.schoolID); @@ -228,5 +251,6 @@ module.exports = { updateAssessmentStudentByID, deleteAssessmentStudentByID, getAssessmentSpecialCases, - postAssessmentStudent + postAssessmentStudent, + uploadAssessmentKeyFile }; diff --git a/backend/src/components/fileUtils.js b/backend/src/components/fileUtils.js new file mode 100644 index 00000000..f1a0e65d --- /dev/null +++ b/backend/src/components/fileUtils.js @@ -0,0 +1,56 @@ +'use strict'; +const {createScanner} = require('clamdjs'); +const config = require('../config'); +const HttpStatus = require('http-status-codes'); + +async function scanFilePayload(req, res, next) { + const valid = await scanFile(req.body.documentData ? req.body.documentData : req.body.fileContents); + + if (!valid) { + return res.status(HttpStatus.NOT_ACCEPTABLE).json({ + status: HttpStatus.NOT_ACCEPTABLE, + message: 'File has failed the virus scan' + }); + } + + // no virus found in file + next(); +} + +async function scanSecureExchangeDocumentPayload(req, res, next) { + let documents = req.body.secureExchangeDocuments ? req.body.secureExchangeDocuments : []; + for (const document of documents) { + let valid = await scanFile(document?.documentData); + if (!valid) { + return res.status(HttpStatus.NOT_ACCEPTABLE).json({ + status: HttpStatus.NOT_ACCEPTABLE, + message: 'File has failed the virus scan' + }); + } + } + return next(); +} + +async function scanFile(base64File){ + try{ + const ClamAVScanner = createScanner(config.get('clamav:host'), Number(config.get('clamav:port'))); + const clamAVScanResult = await ClamAVScanner.scanBuffer(Buffer.from(base64File, 'base64'), 3000, 1024 * 1024); + if (clamAVScanResult.includes('FOUND')) { + console.log('ClamAV scan found possible virus'); + return false; + } + } catch (e) { + // if virus scan is not to be performed/cannot be performed + console.log('ClamAV Scanner was not found: ' + e); + } + console.log('ClamAV scan found no virus in file, allowing upload...'); + return true; +} + +const utils = { + scanFilePayload, + scanSecureExchangeDocumentPayload, + scanFile +}; + +module.exports = utils; diff --git a/backend/src/config/index.js b/backend/src/config/index.js index ab5077c8..f2d0b14c 100644 --- a/backend/src/config/index.js +++ b/backend/src/config/index.js @@ -157,6 +157,7 @@ nconf.defaults({ assessmentTypeCodeURL: process.env.EAS_API_URL+ '/assessment-types', assessmentSpecialCaseTypeCodeURL: process.env.EAS_API_URL+ '/assessment-specialcase-types', assessmentStudentsURL: process.env.EAS_API_URL+ '/student', + assessmentKeyURL: process.env.EAS_API_URL+ '/assessment-keys', } }, oidc: { @@ -222,6 +223,10 @@ nconf.defaults({ programEligibilityTypeCodesURL: process.env.SDC_API_URL + '/program-eligibility-issue-codes', zeroFteReasonCodesURL: process.env.SDC_API_URL + '/zero-fte-reason-codes', sdcDuplicateURL: process.env.SDC_API_URL + '/sdc-duplicate' + }, + clamav: { + host: process.env.CLAMAV_HOST, + port: process.env.CLAMAV_PORT, } }); module.exports = nconf; diff --git a/backend/src/routes/eas.js b/backend/src/routes/eas.js index 9d797e09..d5c5f647 100644 --- a/backend/src/routes/eas.js +++ b/backend/src/routes/eas.js @@ -1,13 +1,16 @@ const passport = require('passport'); const express = require('express'); const router = express.Router(); -const { postAssessmentStudent, getAssessmentSessions, getAssessmentSessionsBySchoolYear, updateAssessmentSession, getAssessmentStudentsPaginated, getAssessmentStudentByID, updateAssessmentStudentByID, getAssessmentSpecialCases, deleteAssessmentStudentByID } = require('../components/eas/eas'); +const { postAssessmentStudent, getAssessmentSessions, getAssessmentSessionsBySchoolYear, updateAssessmentSession, getAssessmentStudentsPaginated, getAssessmentStudentByID, updateAssessmentStudentByID, getAssessmentSpecialCases, deleteAssessmentStudentByID, + uploadAssessmentKeyFile } = require('../components/eas/eas'); const utils = require('../components/utils'); const extendSession = utils.extendSession(); const permUtils = require('../components/permissionUtils'); const perm = require('../util/Permission'); const validate = require('../components/validator'); -const {putStudentAssessmentSchema, postStudentAssessmentSchema} = require('../validations/eas'); + +const {putStudentAssessmentSchema, postStudentAssessmentSchema, fileUploadSchema} = require('../validations/eas'); +const { scanFilePayload } = require('../components/fileUtils'); const PERMISSION = perm.PERMISSION; @@ -22,6 +25,8 @@ router.put('/assessment-registrations/student/:assessmentStudentID', passport.au router.get('/assessment-registrations/paginated', passport.authenticate('jwt', {session: false}, undefined), permUtils.checkUserHasPermission(PERMISSION.VIEW_EAS_STUDENT_PERMISSION), extendSession, getAssessmentStudentsPaginated); router.delete('/assessment-registrations/student/:assessmentStudentID', passport.authenticate('jwt', {session: false}, undefined), permUtils.checkUserHasPermission(PERMISSION.EDIT_EAS_STUDENT_PERMISSION), extendSession, deleteAssessmentStudentByID); +router.post('/assessment-keys/session/:sessionID/upload-file', passport.authenticate('jwt', {session: false}, undefined), permUtils.checkUserHasPermission(PERMISSION.MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION), extendSession, validate(fileUploadSchema), scanFilePayload, uploadAssessmentKeyFile); + router.get('/assessment-specialcase-types', passport.authenticate('jwt', {session: false}, undefined), permUtils.checkUserHasPermission(PERMISSION.MANAGE_EAS_SESSIONS_PERMISSION), extendSession, getAssessmentSpecialCases); module.exports = router; diff --git a/backend/src/util/Permission.js b/backend/src/util/Permission.js index 5d209527..4cd6de8d 100644 --- a/backend/src/util/Permission.js +++ b/backend/src/util/Permission.js @@ -19,8 +19,8 @@ const PERMISSION = Object.freeze( REPORTS_SDC_HEADCOUNTS_PERMISSION: 'REPORTS_SDC_HEADCOUNTS_PERMISSION', MANAGE_EAS_SESSIONS_PERMISSION:'MANAGE_EAS_SESSIONS_PERMISSION', VIEW_EAS_STUDENT_PERMISSION: 'VIEW_EAS_STUDENT_PERMISSION', - EDIT_EAS_STUDENT_PERMISSION: 'EDIT_EAS_STUDENT_PERMISSION' - + EDIT_EAS_STUDENT_PERMISSION: 'EDIT_EAS_STUDENT_PERMISSION', + MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION:'MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION' } ); diff --git a/backend/src/validations/eas.js b/backend/src/validations/eas.js index 47cada38..8633d969 100644 --- a/backend/src/validations/eas.js +++ b/backend/src/validations/eas.js @@ -38,6 +38,18 @@ const putStudentAssessmentSchema = object({ query: object().noUnknown(), }).noUnknown(); +const fileUploadSchema = object({ + body:object({ + fileName: string().nonNullable(), + fileContents: string().nonNullable(), + fileType: string().nonNullable() + }).concat(baseRequestSchema).noUnknown(), + params: object({ + sessionID: string().nonNullable() + }).noUnknown(), + query: object().noUnknown(), +}).noUnknown(); + const postStudentAssessmentSchema = object({ body: object({ sessionID:string().nonNullable(), @@ -74,5 +86,6 @@ const postStudentAssessmentSchema = object({ module.exports = { putStudentAssessmentSchema, + fileUploadSchema, postStudentAssessmentSchema }; diff --git a/frontend/src/components/assessments/AssessmentDataExchange.vue b/frontend/src/components/assessments/AssessmentDataExchange.vue new file mode 100644 index 00000000..86e18ee6 --- /dev/null +++ b/frontend/src/components/assessments/AssessmentDataExchange.vue @@ -0,0 +1,133 @@ + + + diff --git a/frontend/src/components/assessments/AssessmentSessions.vue b/frontend/src/components/assessments/AssessmentSessions.vue index 78d41efc..0dfb0eea 100644 --- a/frontend/src/components/assessments/AssessmentSessions.vue +++ b/frontend/src/components/assessments/AssessmentSessions.vue @@ -177,7 +177,7 @@ export default { getAllAssessmentSessions() { this.loading = true; ApiService.apiAxios - .get(`${Routes.eas.GET_ASSESSMENT_SESSIONS}`, {}) + .get(`${Routes.eas.EAS_ASSESSMENT_SESSIONS}`, {}) .then((response) => { const formatter = DateTimeFormatter.ISO_LOCAL_DATE_TIME; diff --git a/frontend/src/components/assessments/AssessmentSessionsDetail.vue b/frontend/src/components/assessments/AssessmentSessionsDetail.vue index f06df894..2b1d1a8d 100644 --- a/frontend/src/components/assessments/AssessmentSessionsDetail.vue +++ b/frontend/src/components/assessments/AssessmentSessionsDetail.vue @@ -83,7 +83,7 @@ export default { this.loading = true; ApiService.apiAxios .get( - `${Routes.eas.GET_ASSESSMENT_SESSIONS}/school-year/` + + `${Routes.eas.EAS_ASSESSMENT_SESSIONS}/school-year/` + this.schoolYear, {} ) diff --git a/frontend/src/components/assessments/data-exchange/AssessmentKeyUpload.vue b/frontend/src/components/assessments/data-exchange/AssessmentKeyUpload.vue new file mode 100644 index 00000000..17d685b0 --- /dev/null +++ b/frontend/src/components/assessments/data-exchange/AssessmentKeyUpload.vue @@ -0,0 +1,530 @@ + + + + + diff --git a/frontend/src/components/assessments/sessions/SessionEdit.vue b/frontend/src/components/assessments/sessions/SessionEdit.vue index a083046f..e1ecaa77 100644 --- a/frontend/src/components/assessments/sessions/SessionEdit.vue +++ b/frontend/src/components/assessments/sessions/SessionEdit.vue @@ -103,7 +103,7 @@ export default { this.processing = true; await this.validateForm(); ApiService.apiAxios - .put(`${Routes.eas.GET_ASSESSMENT_SESSIONS}`+'/'+this.editSession.sessionID, this.editSession) + .put(`${Routes.eas.EAS_ASSESSMENT_SESSIONS}`+'/'+this.editSession.sessionID, this.editSession) .then(() => { this.setSuccessAlert( 'Success! The assessment session has been updated.' diff --git a/frontend/src/components/util/NavBar.vue b/frontend/src/components/util/NavBar.vue index 98ed2e76..f027d2c6 100644 --- a/frontend/src/components/util/NavBar.vue +++ b/frontend/src/components/util/NavBar.vue @@ -333,6 +333,11 @@ export default { title: 'Sessions', link: 'assessment-sessions', authorized: this.hasRequiredPermission(this.userInfo, PERMISSION.MANAGE_EAS_SESSIONS_PERMISSION) + }, + { + title: 'Data Exchange', + link: 'assessment-data-exchange', + authorized: this.hasRequiredPermission(this.userInfo, PERMISSION.MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION) } ], } diff --git a/frontend/src/router.js b/frontend/src/router.js index 4d2b35dc..05f2625c 100644 --- a/frontend/src/router.js +++ b/frontend/src/router.js @@ -54,6 +54,7 @@ import CollectionView from '@/components/data-collection/CollectionView.vue'; import PenMatchStudentDetails from '@/components/data-collection/PenMatchStudentDetails.vue'; import AssessmentSessions from '@/components/assessments/AssessmentSessions.vue'; import AssessmentSessionDetail from '@/components/assessments/AssessmentSessionsDetail.vue'; +import AssessmentDataExchange from '@/components/assessments/AssessmentDataExchange.vue'; const router = createRouter({ history: createWebHistory(), @@ -519,6 +520,16 @@ const router = createRouter({ permission: PERMISSION.MANAGE_EAS_SESSIONS_PERMISSION }, }, + { + path: '/assessment-data-exchange', + name: 'assessment-data-exchange', + component: AssessmentDataExchange, + meta: { + pageTitle: PAGE_TITLES.ASSESSMENT_SESSIONS_MANAGEMENT, + requiresAuth: true, + permission: PERMISSION.MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION + }, + }, { path: '/authority/:authorityID', name: 'authorityDetails', diff --git a/frontend/src/utils/constants.js b/frontend/src/utils/constants.js index a0639449..938ff5d0 100644 --- a/frontend/src/utils/constants.js +++ b/frontend/src/utils/constants.js @@ -207,11 +207,13 @@ let object = { }, eas: { BASE_URL: easRoot, - GET_ASSESSMENT_SESSIONS: easRoot + '/assessment-sessions', + EAS_ASSESSMENT_SESSIONS: easRoot + '/assessment-sessions', GET_ASSESSMENT_TYPES: easRoot + '/assessment-types', GET_ASSESSMENT_SPECIALCASE_TYPES: easRoot + '/assessment-specialcase-types', ASSESSMENT_STUDENTS: easRoot + '/assessment-registrations/student', GET_ASSESSMENT_STUDENTS_PAGINATED: easRoot + '/assessment-registrations/paginated', + EAS_ASSESSMENT_KEYS: easRoot + '/assessment-keys', + } }; @@ -602,6 +604,7 @@ export const PAGE_TITLES = Object.freeze( CLOSE_COLLECTION: 'Close Collection', ASSESSMENTS: 'Assessments', ASSESSMENT_SESSIONS_MANAGEMENT: 'Assessment Sessions', + ASSESSMENT_DATA_EXCHANGE: 'Assessment Data Exchange', } ); @@ -748,3 +751,9 @@ export const NOMINAL_ROLL_STUDENT_STATUS_CODES = Object.freeze( ); export const EDX_SAGA_REQUEST_DELAY_MILLISECONDS = 2000; + +export const FILE_UPLOAD_STATUS = Object.freeze({ + PENDING: 'Pending', + UPLOADED: 'Upload Successful', + ERROR: 'Error' +}); diff --git a/frontend/src/utils/constants/Permission.js b/frontend/src/utils/constants/Permission.js index c7027d08..ed1fc0e7 100644 --- a/frontend/src/utils/constants/Permission.js +++ b/frontend/src/utils/constants/Permission.js @@ -42,6 +42,10 @@ export const PERMISSION = Object.freeze( MANAGE_EAS_SESSIONS_PERMISSION: 'MANAGE_EAS_SESSIONS_PERMISSION', + EDIT_EAS_HISTORY_PERMISSION: 'EDIT_EAS_HISTORY_PERMISSION', + + MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION: 'MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION', + EDIT_EAS_STUDENT_PERMISSION: 'EDIT_EAS_STUDENT_PERMISSION' } ); diff --git a/tools/config/update-configmap.sh b/tools/config/update-configmap.sh index 70c2c6e3..02f0812b 100644 --- a/tools/config/update-configmap.sh +++ b/tools/config/update-configmap.sh @@ -591,6 +591,18 @@ editEasHistoryPermissionJson=$(curl -sX GET "https://$SOAM_KC/auth/admin/realms/ -H "Content-Type: application/json" \ -H "Authorization: Bearer $TKN") +echo Creating MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION permission +curl -sX POST "https://$SOAM_KC/auth/admin/realms/$SOAM_KC_REALM_ID/roles" \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer $TKN" \ + -d "{\"name\" : \"MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION\",\"description\" : \"Permission to manage EAS assessment keys\",\"composite\" : false,\"clientRole\" : false,\"containerId\" : \"$SOAM_KC_REALM_ID\"}" + +echo +echo Retrieving MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION permission +manageEasAssessmentKeysPermissionJson=$(curl -sX GET "https://$SOAM_KC/auth/admin/realms/$SOAM_KC_REALM_ID/roles/MANAGE_EAS_ASSESSMENT_KEYS_PERMISSION" \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer $TKN") + echo echo Creating EAS_ADMIN role curl -sX POST "https://$SOAM_KC/auth/admin/realms/$SOAM_KC_REALM_ID/roles" \ @@ -603,7 +615,7 @@ echo Assigning permissions to EAS_ADMIN role curl -sX POST "https://$SOAM_KC/auth/admin/realms/$SOAM_KC_REALM_ID/roles/EAS_ADMIN/composites" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $TKN" \ - -d "[$manageSessionsPermissionJson, $viewEasStudentsPermissionJson, $editEasStudentsPermissionJson, $editEasHistoryPermissionJson]" + -d "[$manageSessionsPermissionJson, $viewEasStudentsPermissionJson, $editEasStudentsPermissionJson, $editEasHistoryPermissionJson, $manageEasAssessmentKeysPermissionJson]" echo echo Retrieving client ID for student-admin-soam @@ -665,14 +677,14 @@ if [[ ("$studentAdminServiceClientSecret" != "" && "$studentAdminServiceClientSe curl -sX POST "https://$SOAM_KC/auth/admin/realms/$SOAM_KC_REALM_ID/clients" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $TKN" \ - -d "{ \"clientId\" : \"student-admin-service\",\"secret\" : \"$studentAdminServiceClientSecret\", \"name\" : \"Student Admin Service Client\", \"description\" : \"Student admin user which logs into SOAM\", \"surrogateAuthRequired\" : false, \"enabled\" : true, \"clientAuthenticatorType\" : \"client-secret\", \"redirectUris\" : [ ], \"webOrigins\" : [ ], \"notBefore\" : 0, \"bearerOnly\" : false, \"consentRequired\" : false, \"standardFlowEnabled\" : false, \"implicitFlowEnabled\" : false, \"directAccessGrantsEnabled\" : false, \"serviceAccountsEnabled\" : true, \"publicClient\" : false, \"frontchannelLogout\" : false, \"protocol\" : \"openid-connect\", \"attributes\" : { \"saml.assertion.signature\" : \"false\", \"saml.multivalued.roles\" : \"false\", \"saml.force.post.binding\" : \"false\", \"saml.encrypt\" : \"false\", \"saml.server.signature\" : \"false\", \"saml.server.signature.keyinfo.ext\" : \"false\", \"exclude.session.state.from.auth.response\" : \"false\", \"saml_force_name_id_format\" : \"false\", \"saml.client.signature\" : \"false\", \"tls.client.certificate.bound.access.tokens\" : \"false\", \"saml.authnstatement\" : \"false\", \"display.on.consent.screen\" : \"false\", \"saml.onetimeuse.condition\" : \"false\" }, \"authenticationFlowBindingOverrides\" : { }, \"fullScopeAllowed\" : true, \"nodeReRegistrationTimeout\" : -1, \"protocolMappers\" : [ ], \"defaultClientScopes\" : [ \"web-origins\", \"role_list\", \"SEND_PEN_REQUEST_EMAIL\", \"WRITE_PEN_REQUEST\", \"profile\", \"roles\", \"email\", \"READ_PEN_REQUEST\", \"READ_PEN_REQUEST_STATUSES\", \"READ_PEN_DEMOGRAPHICS\", \"WRITE_DIGITALID\", \"READ_DIGITALID\", \"WRITE_STUDENT\", \"READ_STUDENT\", \"READ_STUDENT_CODES\", \"READ_DIGITALID_CODETABLE\", \"READ_DOCUMENT\", \"READ_DOCUMENT_TYPES\", \"WRITE_DOCUMENT\", \"READ_SDC_MINISTRY_REPORTS\", \"READ_STUDENT_PROFILE\", \"WRITE_STUDENT_PROFILE\", \"READ_DOCUMENT_STUDENT_PROFILE\", \"WRITE_DOCUMENT_STUDENT_PROFILE\", \"READ_DOCUMENT_TYPES_STUDENT_PROFILE\", \"READ_STUDENT_PROFILE_STATUSES\", \"READ_STUDENT_PROFILE_CODES\", \"SEND_STUDENT_PROFILE_EMAIL\",\"PEN_REQUEST_UNLINK_SAGA\",\"PEN_REQUEST_REJECT_SAGA\",\"READ_SECURE_EXCHANGE_DOCUMENT_REQUIREMENTS\", \"PEN_REQUEST_RETURN_SAGA\",\"PEN_REQUEST_COMPLETE_SAGA\",\"STUDENT_PROFILE_COMPLETE_SAGA\",\"STUDENT_PROFILE_REJECT_SAGA\",\"STUDENT_PROFILE_RETURN_SAGA\", \"READ_PEN_REQUEST_BATCH\", \"READ_PEN_MATCH\", \"WRITE_PEN_REQUEST_BATCH\", \"STUDENT_PROFILE_READ_SAGA\", \"GET_NEXT_PEN_NUMBER\", \"VALIDATE_STUDENT_DEMOGRAPHICS\",\"PEN_REQUEST_BATCH_NEW_PEN_SAGA\",\"PEN_REQUEST_BATCH_USER_MATCH_SAGA\",\"PEN_REQUEST_BATCH_READ_SAGA\", \"READ_VALIDATION_CODES\", \"READ_STUDENT_HISTORY\", \"READ_NICKNAMES\", \"READ_SCHOOL_FUNDING_GROUP_SNAPSHOT\", \"READ_SCHOOL\", \"READ_PEN_TRAX\", \"READ_SLD_STUDENT\",\"WRITE_POSSIBLE_MATCH\",\"DELETE_POSSIBLE_MATCH\",\"READ_POSSIBLE_MATCH\",\"READ_STUDENT_MERGE\" ,\"WRITE_STUDENT_MERGE\",\"READ_STUDENT_MERGE_CODES\",\"STUDENT_MERGE_COMPLETE_SAGA\",\"STUDENT_DEMERGE_COMPLETE_SAGA\",\"PEN_SERVICES_READ_SAGA\",\"READ_PEN_REQUEST_BATCH_BLOB\",\"STUDENT_SPLIT_PEN_SAGA\", \"PEN_REQUEST_BATCH_ARCHIVE_SAGA\", \"PEN_REQUEST_BATCH_REPOST_SAGA\", \"READ_PEN_COORDINATOR\", \"WRITE_PEN_COORDINATOR\", \"READ_PEN_MACRO\", \"WRITE_PEN_MACRO\", \"MACRO_READ_SAGA\",\"READ_PEN_REQUEST_STATS\", \"READ_STUDENT_PROFILE_STATS\", \"STUDENT_MOVE_SLD_SAGA\", \"NOMINAL_ROLL_READ_STUDENT\", \"NOMINAL_ROLL_WRITE_STUDENT\", \"NOMINAL_ROLL_DELETE_STUDENT\", \"NOMINAL_ROLL_UPLOAD_FILE\", \"NOMINAL_ROLL_VALIDATE\", \"NOMINAL_ROLL_POST_DATA_SAGA\", \"NOMINAL_ROLL_READ_SAGA\", \"READ_FED_PROV_CODE\", \"WRITE_FED_PROV_CODE\", \"NOMINAL_ROLL_CREATE_FED_PROV\", \"READ_SECURE_EXCHANGE\", \"WRITE_SECURE_EXCHANGE\", \"READ_SECURE_EXCHANGE_DOCUMENT\", \"WRITE_SECURE_EXCHANGE_DOCUMENT\", \"DELETE_SECURE_EXCHANGE_DOCUMENT\", \"READ_SECURE_EXCHANGE_CODES\", \"READ_SECURE_EXCHANGE_DOCUMENT_TYPES\", \"READ_SECURE_EXCHANGE_STATUSES\", \"READ_MINISTRY_TEAMS\", \"READ_EDX_USER_SCHOOLS\", \"DELETE_SECURE_EXCHANGE\", \"READ_EDX_USERS\", \"READ_PRIMARY_ACTIVATION_CODE\", \"WRITE_EDX_USER_SCHOOL\", \"WRITE_PRIMARY_ACTIVATION_CODE\", \"SCHOOL_USER_ACTIVATION_INVITE_SAGA\", \"CREATE_SECURE_EXCHANGE_SAGA\" , \"DELETE_EDX_USER_SCHOOL\", \"WRITE_EDX_USER_DISTRICT\", \"DELETE_EDX_USER_DISTRICT\", \"CREATE_SECURE_EXCHANGE_COMMENT_SAGA\", \"READ_DISTRICT\", \"WRITE_DISTRICT_CONTACT\", \"DISTRICT_USER_ACTIVATION_INVITE_SAGA\", \"DISTRICT_USER_ACTIVATION_INVITE_SAGA\", \"DELETE_SECURE_EXCHANGE_NOTE\", \"WRITE_SECURE_EXCHANGE_NOTE\", \"READ_SECURE_EXCHANGE_NOTE\", \"DELETE_SECURE_EXCHANGE_COMMENT\", \"WRITE_SECURE_EXCHANGE_COMMENT\", \"READ_SECURE_EXCHANGE_COMMENT\", \"DELETE_SECURE_EXCHANGE_STUDENT\", \"WRITE_SECURE_EXCHANGE_STUDENT\", \"READ_SECURE_EXCHANGE_STUDENT\", \"READ_INSTITUTE_CODES\", \"READ_INDEPENDENT_AUTHORITY\", \"WRITE_INDEPENDENT_AUTHORITY\", \"READ_SCHOOL_NOTE\", \"WRITE_SCHOOL_NOTE\", \"DELETE_SCHOOL_NOTE\", \"WRITE_SCHOOL_CONTACT\", \"WRITE_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_INDEPENDENT_AUTHORITY_NOTE\", \"DELETE_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_SCHOOL\", \"WRITE_DISTRICT\", \"READ_DISTRICT_NOTE\", \"WRITE_DISTRICT_NOTE\", \"DELETE_DISTRICT_NOTE\", \"READ_SCHOOL_HISTORY\",\"MOVE_SCHOOL_SAGA\", \"CREATE_SCHOOL_SAGA\", \"READ_SCHOOL_CONTACT\", \"READ_DISTRICT_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_SCHOOL_FUNDING_GROUP\", \"WRITE_SCHOOL_FUNDING_GROUP\", \"DELETE_SCHOOL_FUNDING_GROUP\", \"READ_SDC_COLLECTION\", \"READ_SDC_DISTRICT_COLLECTION\", \"READ_COLLECTION_CODES\", \"WRITE_COLLECTION_CODES\", \"WRITE_ACTIVATION_CODE\", \"READ_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_DISTRICT_COLLECTION\", \"WRITE_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_COLLECTION\", \"READ_EAS_SESSIONS\", \"WRITE_EAS_SESSIONS\", \"READ_EAS_STUDENT\", \"WRITE_EAS_STUDENT\"], \"optionalClientScopes\" : [ \"address\", \"phone\" ], \"access\" : { \"view\" : true, \"configure\" : true, \"manage\" : true } }" + -d "{ \"clientId\" : \"student-admin-service\",\"secret\" : \"$studentAdminServiceClientSecret\", \"name\" : \"Student Admin Service Client\", \"description\" : \"Student admin user which logs into SOAM\", \"surrogateAuthRequired\" : false, \"enabled\" : true, \"clientAuthenticatorType\" : \"client-secret\", \"redirectUris\" : [ ], \"webOrigins\" : [ ], \"notBefore\" : 0, \"bearerOnly\" : false, \"consentRequired\" : false, \"standardFlowEnabled\" : false, \"implicitFlowEnabled\" : false, \"directAccessGrantsEnabled\" : false, \"serviceAccountsEnabled\" : true, \"publicClient\" : false, \"frontchannelLogout\" : false, \"protocol\" : \"openid-connect\", \"attributes\" : { \"saml.assertion.signature\" : \"false\", \"saml.multivalued.roles\" : \"false\", \"saml.force.post.binding\" : \"false\", \"saml.encrypt\" : \"false\", \"saml.server.signature\" : \"false\", \"saml.server.signature.keyinfo.ext\" : \"false\", \"exclude.session.state.from.auth.response\" : \"false\", \"saml_force_name_id_format\" : \"false\", \"saml.client.signature\" : \"false\", \"tls.client.certificate.bound.access.tokens\" : \"false\", \"saml.authnstatement\" : \"false\", \"display.on.consent.screen\" : \"false\", \"saml.onetimeuse.condition\" : \"false\" }, \"authenticationFlowBindingOverrides\" : { }, \"fullScopeAllowed\" : true, \"nodeReRegistrationTimeout\" : -1, \"protocolMappers\" : [ ], \"defaultClientScopes\" : [ \"web-origins\", \"role_list\", \"SEND_PEN_REQUEST_EMAIL\", \"WRITE_PEN_REQUEST\", \"profile\", \"roles\", \"email\", \"READ_PEN_REQUEST\", \"READ_PEN_REQUEST_STATUSES\", \"READ_PEN_DEMOGRAPHICS\", \"WRITE_DIGITALID\", \"READ_DIGITALID\", \"WRITE_STUDENT\", \"READ_STUDENT\", \"READ_STUDENT_CODES\", \"READ_DIGITALID_CODETABLE\", \"READ_DOCUMENT\", \"READ_DOCUMENT_TYPES\", \"WRITE_DOCUMENT\", \"READ_SDC_MINISTRY_REPORTS\", \"READ_STUDENT_PROFILE\", \"WRITE_STUDENT_PROFILE\", \"READ_DOCUMENT_STUDENT_PROFILE\", \"WRITE_DOCUMENT_STUDENT_PROFILE\", \"READ_DOCUMENT_TYPES_STUDENT_PROFILE\", \"READ_STUDENT_PROFILE_STATUSES\", \"READ_STUDENT_PROFILE_CODES\", \"SEND_STUDENT_PROFILE_EMAIL\",\"PEN_REQUEST_UNLINK_SAGA\",\"PEN_REQUEST_REJECT_SAGA\",\"READ_SECURE_EXCHANGE_DOCUMENT_REQUIREMENTS\", \"PEN_REQUEST_RETURN_SAGA\",\"PEN_REQUEST_COMPLETE_SAGA\",\"STUDENT_PROFILE_COMPLETE_SAGA\",\"STUDENT_PROFILE_REJECT_SAGA\",\"STUDENT_PROFILE_RETURN_SAGA\", \"READ_PEN_REQUEST_BATCH\", \"READ_PEN_MATCH\", \"WRITE_PEN_REQUEST_BATCH\", \"STUDENT_PROFILE_READ_SAGA\", \"GET_NEXT_PEN_NUMBER\", \"VALIDATE_STUDENT_DEMOGRAPHICS\",\"PEN_REQUEST_BATCH_NEW_PEN_SAGA\",\"PEN_REQUEST_BATCH_USER_MATCH_SAGA\",\"PEN_REQUEST_BATCH_READ_SAGA\", \"READ_VALIDATION_CODES\", \"READ_STUDENT_HISTORY\", \"READ_NICKNAMES\", \"READ_SCHOOL_FUNDING_GROUP_SNAPSHOT\", \"READ_SCHOOL\", \"READ_PEN_TRAX\", \"READ_SLD_STUDENT\",\"WRITE_POSSIBLE_MATCH\",\"DELETE_POSSIBLE_MATCH\",\"READ_POSSIBLE_MATCH\",\"READ_STUDENT_MERGE\" ,\"WRITE_STUDENT_MERGE\",\"READ_STUDENT_MERGE_CODES\",\"STUDENT_MERGE_COMPLETE_SAGA\",\"STUDENT_DEMERGE_COMPLETE_SAGA\",\"PEN_SERVICES_READ_SAGA\",\"READ_PEN_REQUEST_BATCH_BLOB\",\"STUDENT_SPLIT_PEN_SAGA\", \"PEN_REQUEST_BATCH_ARCHIVE_SAGA\", \"PEN_REQUEST_BATCH_REPOST_SAGA\", \"READ_PEN_COORDINATOR\", \"WRITE_PEN_COORDINATOR\", \"READ_PEN_MACRO\", \"WRITE_PEN_MACRO\", \"MACRO_READ_SAGA\",\"READ_PEN_REQUEST_STATS\", \"READ_STUDENT_PROFILE_STATS\", \"STUDENT_MOVE_SLD_SAGA\", \"NOMINAL_ROLL_READ_STUDENT\", \"NOMINAL_ROLL_WRITE_STUDENT\", \"NOMINAL_ROLL_DELETE_STUDENT\", \"NOMINAL_ROLL_UPLOAD_FILE\", \"NOMINAL_ROLL_VALIDATE\", \"NOMINAL_ROLL_POST_DATA_SAGA\", \"NOMINAL_ROLL_READ_SAGA\", \"READ_FED_PROV_CODE\", \"WRITE_FED_PROV_CODE\", \"NOMINAL_ROLL_CREATE_FED_PROV\", \"READ_SECURE_EXCHANGE\", \"WRITE_SECURE_EXCHANGE\", \"READ_SECURE_EXCHANGE_DOCUMENT\", \"WRITE_SECURE_EXCHANGE_DOCUMENT\", \"DELETE_SECURE_EXCHANGE_DOCUMENT\", \"READ_SECURE_EXCHANGE_CODES\", \"READ_SECURE_EXCHANGE_DOCUMENT_TYPES\", \"READ_SECURE_EXCHANGE_STATUSES\", \"READ_MINISTRY_TEAMS\", \"READ_EDX_USER_SCHOOLS\", \"DELETE_SECURE_EXCHANGE\", \"READ_EDX_USERS\", \"READ_PRIMARY_ACTIVATION_CODE\", \"WRITE_EDX_USER_SCHOOL\", \"WRITE_PRIMARY_ACTIVATION_CODE\", \"SCHOOL_USER_ACTIVATION_INVITE_SAGA\", \"CREATE_SECURE_EXCHANGE_SAGA\" , \"DELETE_EDX_USER_SCHOOL\", \"WRITE_EDX_USER_DISTRICT\", \"DELETE_EDX_USER_DISTRICT\", \"CREATE_SECURE_EXCHANGE_COMMENT_SAGA\", \"READ_DISTRICT\", \"WRITE_DISTRICT_CONTACT\", \"DISTRICT_USER_ACTIVATION_INVITE_SAGA\", \"DISTRICT_USER_ACTIVATION_INVITE_SAGA\", \"DELETE_SECURE_EXCHANGE_NOTE\", \"WRITE_SECURE_EXCHANGE_NOTE\", \"READ_SECURE_EXCHANGE_NOTE\", \"DELETE_SECURE_EXCHANGE_COMMENT\", \"WRITE_SECURE_EXCHANGE_COMMENT\", \"READ_SECURE_EXCHANGE_COMMENT\", \"DELETE_SECURE_EXCHANGE_STUDENT\", \"WRITE_SECURE_EXCHANGE_STUDENT\", \"READ_SECURE_EXCHANGE_STUDENT\", \"READ_INSTITUTE_CODES\", \"READ_INDEPENDENT_AUTHORITY\", \"WRITE_INDEPENDENT_AUTHORITY\", \"READ_SCHOOL_NOTE\", \"WRITE_SCHOOL_NOTE\", \"DELETE_SCHOOL_NOTE\", \"WRITE_SCHOOL_CONTACT\", \"WRITE_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_INDEPENDENT_AUTHORITY_NOTE\", \"DELETE_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_SCHOOL\", \"WRITE_DISTRICT\", \"READ_DISTRICT_NOTE\", \"WRITE_DISTRICT_NOTE\", \"DELETE_DISTRICT_NOTE\", \"READ_SCHOOL_HISTORY\",\"MOVE_SCHOOL_SAGA\", \"CREATE_SCHOOL_SAGA\", \"READ_SCHOOL_CONTACT\", \"READ_DISTRICT_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_SCHOOL_FUNDING_GROUP\", \"WRITE_SCHOOL_FUNDING_GROUP\", \"DELETE_SCHOOL_FUNDING_GROUP\", \"READ_SDC_COLLECTION\", \"READ_SDC_DISTRICT_COLLECTION\", \"READ_COLLECTION_CODES\", \"WRITE_COLLECTION_CODES\", \"WRITE_ACTIVATION_CODE\", \"READ_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_DISTRICT_COLLECTION\", \"WRITE_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_COLLECTION\", \"READ_EAS_SESSIONS\", \"WRITE_EAS_SESSIONS\", \"READ_EAS_STUDENT\", \"WRITE_EAS_STUDENT\", \"READ_EAS_ASSESSMENT_KEYS\", \"WRITE_EAS_ASSESSMENT_KEYS\"], \"optionalClientScopes\" : [ \"address\", \"phone\" ], \"access\" : { \"view\" : true, \"configure\" : true, \"manage\" : true } }" else echo echo Creating client student-admin-service without secret curl -sX POST "https://$SOAM_KC/auth/admin/realms/$SOAM_KC_REALM_ID/clients" \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $TKN" \ - -d "{ \"clientId\" : \"student-admin-service\", \"name\" : \"Student Admin Service Client\", \"description\" : \"Student admin user which logs into SOAM\", \"surrogateAuthRequired\" : false, \"enabled\" : true, \"clientAuthenticatorType\" : \"client-secret\", \"redirectUris\" : [ ], \"webOrigins\" : [ ], \"notBefore\" : 0, \"bearerOnly\" : false, \"consentRequired\" : false, \"standardFlowEnabled\" : false, \"implicitFlowEnabled\" : false, \"directAccessGrantsEnabled\" : false, \"serviceAccountsEnabled\" : true, \"publicClient\" : false, \"frontchannelLogout\" : false, \"protocol\" : \"openid-connect\", \"attributes\" : { \"saml.assertion.signature\" : \"false\", \"saml.multivalued.roles\" : \"false\", \"saml.force.post.binding\" : \"false\", \"saml.encrypt\" : \"false\", \"saml.server.signature\" : \"false\", \"saml.server.signature.keyinfo.ext\" : \"false\", \"exclude.session.state.from.auth.response\" : \"false\", \"saml_force_name_id_format\" : \"false\", \"saml.client.signature\" : \"false\", \"tls.client.certificate.bound.access.tokens\" : \"false\", \"saml.authnstatement\" : \"false\", \"display.on.consent.screen\" : \"false\", \"saml.onetimeuse.condition\" : \"false\" }, \"authenticationFlowBindingOverrides\" : { }, \"fullScopeAllowed\" : true, \"nodeReRegistrationTimeout\" : -1, \"protocolMappers\" : [ ], \"defaultClientScopes\" : [ \"web-origins\", \"role_list\", \"SEND_PEN_REQUEST_EMAIL\", \"WRITE_PEN_REQUEST\", \"profile\", \"roles\", \"email\", \"READ_PEN_REQUEST\", \"READ_PEN_REQUEST_STATUSES\", \"READ_PEN_DEMOGRAPHICS\", \"WRITE_DIGITALID\", \"READ_DIGITALID\", \"WRITE_STUDENT\", \"READ_STUDENT\", \"READ_STUDENT_CODES\", \"READ_DIGITALID_CODETABLE\", \"READ_DOCUMENT\", \"READ_DOCUMENT_TYPES\", \"WRITE_DOCUMENT\", \"READ_STUDENT_PROFILE\", \"WRITE_STUDENT_PROFILE\", \"READ_SDC_MINISTRY_REPORTS\", \"READ_DOCUMENT_STUDENT_PROFILE\", \"WRITE_DOCUMENT_STUDENT_PROFILE\", \"READ_DOCUMENT_TYPES_STUDENT_PROFILE\", \"READ_STUDENT_PROFILE_STATUSES\", \"READ_STUDENT_PROFILE_CODES\", \"SEND_STUDENT_PROFILE_EMAIL\",\"PEN_REQUEST_UNLINK_SAGA\",\"PEN_REQUEST_REJECT_SAGA\",\"PEN_REQUEST_RETURN_SAGA\",\"PEN_REQUEST_COMPLETE_SAGA\",\"STUDENT_PROFILE_COMPLETE_SAGA\",\"READ_SECURE_EXCHANGE_DOCUMENT_REQUIREMENTS\",\"STUDENT_PROFILE_REJECT_SAGA\",\"STUDENT_PROFILE_RETURN_SAGA\", \"READ_PEN_REQUEST_BATCH\", \"READ_PEN_MATCH\", \"WRITE_PEN_REQUEST_BATCH\", \"STUDENT_PROFILE_READ_SAGA\", \"GET_NEXT_PEN_NUMBER\", \"VALIDATE_STUDENT_DEMOGRAPHICS\",\"PEN_REQUEST_BATCH_NEW_PEN_SAGA\",\"PEN_REQUEST_BATCH_USER_MATCH_SAGA\",\"PEN_REQUEST_BATCH_READ_SAGA\", \"READ_VALIDATION_CODES\", \"READ_STUDENT_HISTORY\", \"READ_NICKNAMES\", \"READ_SCHOOL_FUNDING_GROUP_SNAPSHOT\", \"READ_SCHOOL\", \"READ_PEN_TRAX\", \"READ_SLD_STUDENT\",\"WRITE_POSSIBLE_MATCH\",\"DELETE_POSSIBLE_MATCH\",\"READ_POSSIBLE_MATCH\",\"READ_STUDENT_MERGE\" ,\"WRITE_STUDENT_MERGE\",\"READ_STUDENT_MERGE_CODES\",\"STUDENT_MERGE_COMPLETE_SAGA\",\"STUDENT_DEMERGE_COMPLETE_SAGA\",\"PEN_SERVICES_READ_SAGA\",\"READ_PEN_REQUEST_BATCH_BLOB\",\"STUDENT_SPLIT_PEN_SAGA\", \"PEN_REQUEST_BATCH_ARCHIVE_SAGA\", \"PEN_REQUEST_BATCH_REPOST_SAGA\", \"READ_PEN_COORDINATOR\", \"WRITE_PEN_COORDINATOR\", \"READ_PEN_MACRO\", \"WRITE_PEN_MACRO\", \"MACRO_READ_SAGA\",\"READ_PEN_REQUEST_STATS\", \"READ_STUDENT_PROFILE_STATS\", \"STUDENT_MOVE_SLD_SAGA\", \"NOMINAL_ROLL_READ_STUDENT\", \"NOMINAL_ROLL_WRITE_STUDENT\", \"NOMINAL_ROLL_DELETE_STUDENT\", \"NOMINAL_ROLL_UPLOAD_FILE\", \"NOMINAL_ROLL_VALIDATE\", \"NOMINAL_ROLL_POST_DATA_SAGA\", \"NOMINAL_ROLL_READ_SAGA\", \"READ_FED_PROV_CODE\", \"WRITE_FED_PROV_CODE\", \"NOMINAL_ROLL_CREATE_FED_PROV\", \"READ_SECURE_EXCHANGE\", \"WRITE_SECURE_EXCHANGE\", \"READ_SECURE_EXCHANGE_DOCUMENT\", \"WRITE_SECURE_EXCHANGE_DOCUMENT\", \"DELETE_SECURE_EXCHANGE_DOCUMENT\", \"READ_SECURE_EXCHANGE_CODES\", \"READ_SECURE_EXCHANGE_DOCUMENT_TYPES\", \"READ_SECURE_EXCHANGE_STATUSES\", \"READ_MINISTRY_TEAMS\", \"READ_EDX_USER_SCHOOLS\", \"DELETE_SECURE_EXCHANGE\", \"READ_EDX_USERS\", \"READ_PRIMARY_ACTIVATION_CODE\", \"WRITE_PRIMARY_ACTIVATION_CODE\", \"WRITE_EDX_USER_SCHOOL\", \"SCHOOL_USER_ACTIVATION_INVITE_SAGA\", \"CREATE_SECURE_EXCHANGE_SAGA\", \"DELETE_EDX_USER_SCHOOL\", \"WRITE_EDX_USER_DISTRICT\", \"DELETE_EDX_USER_DISTRICT\", \"CREATE_SECURE_EXCHANGE_COMMENT_SAGA\", \"READ_DISTRICT\", \"WRITE_DISTRICT_CONTACT\", \"DISTRICT_USER_ACTIVATION_INVITE_SAGA\", \"DELETE_SECURE_EXCHANGE_NOTE\", \"WRITE_SECURE_EXCHANGE_NOTE\", \"READ_SECURE_EXCHANGE_NOTE\", \"DELETE_SECURE_EXCHANGE_COMMENT\", \"WRITE_SECURE_EXCHANGE_COMMENT\", \"READ_SECURE_EXCHANGE_COMMENT\", \"DELETE_SECURE_EXCHANGE_STUDENT\", \"WRITE_SECURE_EXCHANGE_STUDENT\", \"READ_SECURE_EXCHANGE_STUDENT\", \"READ_INSTITUTE_CODES\", \"READ_INDEPENDENT_AUTHORITY\", \"WRITE_INDEPENDENT_AUTHORITY\", \"READ_SCHOOL_NOTE\", \"WRITE_SCHOOL_NOTE\", \"DELETE_SCHOOL_NOTE\", \"WRITE_SCHOOL_CONTACT\", \"WRITE_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_INDEPENDENT_AUTHORITY_NOTE\", \"DELETE_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_SCHOOL\", \"WRITE_DISTRICT\", \"READ_DISTRICT_NOTE\", \"WRITE_DISTRICT_NOTE\", \"DELETE_DISTRICT_NOTE\", \"READ_SCHOOL_HISTORY\", \"MOVE_SCHOOL_SAGA\", \"CREATE_SCHOOL_SAGA\", \"READ_SCHOOL_CONTACT\", \"READ_DISTRICT_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_SCHOOL_FUNDING_GROUP\", \"WRITE_SCHOOL_FUNDING_GROUP\", \"DELETE_SCHOOL_FUNDING_GROUP\", \"READ_SDC_COLLECTION\", \"READ_SDC_DISTRICT_COLLECTION\", \"READ_COLLECTION_CODES\", \"WRITE_COLLECTION_CODES\", \"WRITE_SDC_DISTRICT_COLLECTION\", \"WRITE_ACTIVATION_CODE\", \"READ_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_COLLECTION\", \"READ_EAS_SESSIONS\", \"WRITE_EAS_SESSIONS\", \"READ_EAS_STUDENT\", \"WRITE_EAS_STUDENT\"], \"optionalClientScopes\" : [ \"address\", \"phone\" ], \"access\" : { \"view\" : true, \"configure\" : true, \"manage\" : true } }" + -d "{ \"clientId\" : \"student-admin-service\", \"name\" : \"Student Admin Service Client\", \"description\" : \"Student admin user which logs into SOAM\", \"surrogateAuthRequired\" : false, \"enabled\" : true, \"clientAuthenticatorType\" : \"client-secret\", \"redirectUris\" : [ ], \"webOrigins\" : [ ], \"notBefore\" : 0, \"bearerOnly\" : false, \"consentRequired\" : false, \"standardFlowEnabled\" : false, \"implicitFlowEnabled\" : false, \"directAccessGrantsEnabled\" : false, \"serviceAccountsEnabled\" : true, \"publicClient\" : false, \"frontchannelLogout\" : false, \"protocol\" : \"openid-connect\", \"attributes\" : { \"saml.assertion.signature\" : \"false\", \"saml.multivalued.roles\" : \"false\", \"saml.force.post.binding\" : \"false\", \"saml.encrypt\" : \"false\", \"saml.server.signature\" : \"false\", \"saml.server.signature.keyinfo.ext\" : \"false\", \"exclude.session.state.from.auth.response\" : \"false\", \"saml_force_name_id_format\" : \"false\", \"saml.client.signature\" : \"false\", \"tls.client.certificate.bound.access.tokens\" : \"false\", \"saml.authnstatement\" : \"false\", \"display.on.consent.screen\" : \"false\", \"saml.onetimeuse.condition\" : \"false\" }, \"authenticationFlowBindingOverrides\" : { }, \"fullScopeAllowed\" : true, \"nodeReRegistrationTimeout\" : -1, \"protocolMappers\" : [ ], \"defaultClientScopes\" : [ \"web-origins\", \"role_list\", \"SEND_PEN_REQUEST_EMAIL\", \"WRITE_PEN_REQUEST\", \"profile\", \"roles\", \"email\", \"READ_PEN_REQUEST\", \"READ_PEN_REQUEST_STATUSES\", \"READ_PEN_DEMOGRAPHICS\", \"WRITE_DIGITALID\", \"READ_DIGITALID\", \"WRITE_STUDENT\", \"READ_STUDENT\", \"READ_STUDENT_CODES\", \"READ_DIGITALID_CODETABLE\", \"READ_DOCUMENT\", \"READ_DOCUMENT_TYPES\", \"WRITE_DOCUMENT\", \"READ_STUDENT_PROFILE\", \"WRITE_STUDENT_PROFILE\", \"READ_SDC_MINISTRY_REPORTS\", \"READ_DOCUMENT_STUDENT_PROFILE\", \"WRITE_DOCUMENT_STUDENT_PROFILE\", \"READ_DOCUMENT_TYPES_STUDENT_PROFILE\", \"READ_STUDENT_PROFILE_STATUSES\", \"READ_STUDENT_PROFILE_CODES\", \"SEND_STUDENT_PROFILE_EMAIL\",\"PEN_REQUEST_UNLINK_SAGA\",\"PEN_REQUEST_REJECT_SAGA\",\"PEN_REQUEST_RETURN_SAGA\",\"PEN_REQUEST_COMPLETE_SAGA\",\"STUDENT_PROFILE_COMPLETE_SAGA\",\"READ_SECURE_EXCHANGE_DOCUMENT_REQUIREMENTS\",\"STUDENT_PROFILE_REJECT_SAGA\",\"STUDENT_PROFILE_RETURN_SAGA\", \"READ_PEN_REQUEST_BATCH\", \"READ_PEN_MATCH\", \"WRITE_PEN_REQUEST_BATCH\", \"STUDENT_PROFILE_READ_SAGA\", \"GET_NEXT_PEN_NUMBER\", \"VALIDATE_STUDENT_DEMOGRAPHICS\",\"PEN_REQUEST_BATCH_NEW_PEN_SAGA\",\"PEN_REQUEST_BATCH_USER_MATCH_SAGA\",\"PEN_REQUEST_BATCH_READ_SAGA\", \"READ_VALIDATION_CODES\", \"READ_STUDENT_HISTORY\", \"READ_NICKNAMES\", \"READ_SCHOOL_FUNDING_GROUP_SNAPSHOT\", \"READ_SCHOOL\", \"READ_PEN_TRAX\", \"READ_SLD_STUDENT\",\"WRITE_POSSIBLE_MATCH\",\"DELETE_POSSIBLE_MATCH\",\"READ_POSSIBLE_MATCH\",\"READ_STUDENT_MERGE\" ,\"WRITE_STUDENT_MERGE\",\"READ_STUDENT_MERGE_CODES\",\"STUDENT_MERGE_COMPLETE_SAGA\",\"STUDENT_DEMERGE_COMPLETE_SAGA\",\"PEN_SERVICES_READ_SAGA\",\"READ_PEN_REQUEST_BATCH_BLOB\",\"STUDENT_SPLIT_PEN_SAGA\", \"PEN_REQUEST_BATCH_ARCHIVE_SAGA\", \"PEN_REQUEST_BATCH_REPOST_SAGA\", \"READ_PEN_COORDINATOR\", \"WRITE_PEN_COORDINATOR\", \"READ_PEN_MACRO\", \"WRITE_PEN_MACRO\", \"MACRO_READ_SAGA\",\"READ_PEN_REQUEST_STATS\", \"READ_STUDENT_PROFILE_STATS\", \"STUDENT_MOVE_SLD_SAGA\", \"NOMINAL_ROLL_READ_STUDENT\", \"NOMINAL_ROLL_WRITE_STUDENT\", \"NOMINAL_ROLL_DELETE_STUDENT\", \"NOMINAL_ROLL_UPLOAD_FILE\", \"NOMINAL_ROLL_VALIDATE\", \"NOMINAL_ROLL_POST_DATA_SAGA\", \"NOMINAL_ROLL_READ_SAGA\", \"READ_FED_PROV_CODE\", \"WRITE_FED_PROV_CODE\", \"NOMINAL_ROLL_CREATE_FED_PROV\", \"READ_SECURE_EXCHANGE\", \"WRITE_SECURE_EXCHANGE\", \"READ_SECURE_EXCHANGE_DOCUMENT\", \"WRITE_SECURE_EXCHANGE_DOCUMENT\", \"DELETE_SECURE_EXCHANGE_DOCUMENT\", \"READ_SECURE_EXCHANGE_CODES\", \"READ_SECURE_EXCHANGE_DOCUMENT_TYPES\", \"READ_SECURE_EXCHANGE_STATUSES\", \"READ_MINISTRY_TEAMS\", \"READ_EDX_USER_SCHOOLS\", \"DELETE_SECURE_EXCHANGE\", \"READ_EDX_USERS\", \"READ_PRIMARY_ACTIVATION_CODE\", \"WRITE_PRIMARY_ACTIVATION_CODE\", \"WRITE_EDX_USER_SCHOOL\", \"SCHOOL_USER_ACTIVATION_INVITE_SAGA\", \"CREATE_SECURE_EXCHANGE_SAGA\", \"DELETE_EDX_USER_SCHOOL\", \"WRITE_EDX_USER_DISTRICT\", \"DELETE_EDX_USER_DISTRICT\", \"CREATE_SECURE_EXCHANGE_COMMENT_SAGA\", \"READ_DISTRICT\", \"WRITE_DISTRICT_CONTACT\", \"DISTRICT_USER_ACTIVATION_INVITE_SAGA\", \"DELETE_SECURE_EXCHANGE_NOTE\", \"WRITE_SECURE_EXCHANGE_NOTE\", \"READ_SECURE_EXCHANGE_NOTE\", \"DELETE_SECURE_EXCHANGE_COMMENT\", \"WRITE_SECURE_EXCHANGE_COMMENT\", \"READ_SECURE_EXCHANGE_COMMENT\", \"DELETE_SECURE_EXCHANGE_STUDENT\", \"WRITE_SECURE_EXCHANGE_STUDENT\", \"READ_SECURE_EXCHANGE_STUDENT\", \"READ_INSTITUTE_CODES\", \"READ_INDEPENDENT_AUTHORITY\", \"WRITE_INDEPENDENT_AUTHORITY\", \"READ_SCHOOL_NOTE\", \"WRITE_SCHOOL_NOTE\", \"DELETE_SCHOOL_NOTE\", \"WRITE_SCHOOL_CONTACT\", \"WRITE_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_INDEPENDENT_AUTHORITY_NOTE\", \"DELETE_INDEPENDENT_AUTHORITY_NOTE\", \"WRITE_SCHOOL\", \"WRITE_DISTRICT\", \"READ_DISTRICT_NOTE\", \"WRITE_DISTRICT_NOTE\", \"DELETE_DISTRICT_NOTE\", \"READ_SCHOOL_HISTORY\", \"MOVE_SCHOOL_SAGA\", \"CREATE_SCHOOL_SAGA\", \"READ_SCHOOL_CONTACT\", \"READ_DISTRICT_CONTACT\", \"READ_INDEPENDENT_AUTHORITY_CONTACT\", \"READ_SCHOOL_FUNDING_GROUP\", \"WRITE_SCHOOL_FUNDING_GROUP\", \"DELETE_SCHOOL_FUNDING_GROUP\", \"READ_SDC_COLLECTION\", \"READ_SDC_DISTRICT_COLLECTION\", \"READ_COLLECTION_CODES\", \"WRITE_COLLECTION_CODES\", \"WRITE_SDC_DISTRICT_COLLECTION\", \"WRITE_ACTIVATION_CODE\", \"READ_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_SCHOOL_COLLECTION_STUDENT\", \"WRITE_SDC_COLLECTION\", \"READ_EAS_SESSIONS\", \"WRITE_EAS_SESSIONS\", \"READ_EAS_STUDENT\", \"WRITE_EAS_STUDENT\", \"READ_EAS_ASSESSMENT_KEYS\", \"WRITE_EAS_ASSESSMENT_KEYS\"], \"optionalClientScopes\" : [ \"address\", \"phone\" ], \"access\" : { \"view\" : true, \"configure\" : true, \"manage\" : true } }" fi echo Fetching public key from SOAM @@ -768,7 +780,7 @@ RATE_LIMIT_WINDOW_IN_SEC="60" RATE_LIMIT_LIMIT="1000" echo Creating config map $APP_NAME-backend-config-map -oc create -n $PEN_NAMESPACE-$envValue configmap $APP_NAME-backend-config-map --from-literal=IS_RATE_LIMIT_ENABLED="$IS_RATE_LIMIT_ENABLED" --from-literal=DISABLE_EAS_FUNCTIONALITY="$DISABLE_EAS_FUNCTIONALITY" --from-literal=RATE_LIMIT_WINDOW_IN_SEC="$RATE_LIMIT_WINDOW_IN_SEC" --from-literal=RATE_LIMIT_LIMIT="$RATE_LIMIT_LIMIT" --from-literal=WEB_SOCKET_URL="$WEB_SOCKET_URL" --from-literal=BANNER_COLOR="$BANNER_COLOR" --from-literal=BANNER_ENVIRONMENT="$BANNER_ENVIRONMENT" --from-literal=TZ=$TZVALUE --from-literal=UI_PRIVATE_KEY="$UI_PRIVATE_KEY_VAL" --from-literal=SITEMINDER_LOGOUT_ENDPOINT="$siteMinderLogoutUrl" --from-literal=UI_PUBLIC_KEY="$UI_PUBLIC_KEY_VAL" --from-literal=ID=$APP_NAME-soam --from-literal=SECRET=$studentAdminClientSecret --from-literal=SERVICE_CLIENT_ID=$APP_NAME-service --from-literal=SERVICE_CLIENT_SECRET=$studentAdminServiceClientSecret --from-literal=SERVER_FRONTEND=https://$SERVER_FRONTEND --from-literal=ISSUER=STUDENT_ADMIN_APPLICATION --from-literal=SOAM_PUBLIC_KEY="$formattedPublicKey" --from-literal=PEN_REQUEST_EMAIL_API_URL="http://student-profile-email-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/gmp" --from-literal=PEN_REQUEST_API_URL="http://pen-request-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/pen-request" --from-literal=DISCOVERY=https://$SOAM_KC/auth/realms/$SOAM_KC_REALM_ID/.well-known/openid-configuration --from-literal=KC_DOMAIN=https://$SOAM_KC/auth/realms/$SOAM_KC_REALM_ID --from-literal=PEN_DEMOGRAPHICS_URL="http://pen-demographics-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080" --from-literal=DIGITAL_ID_URL="http://digitalid-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/digital-id" --from-literal=STUDENT_API_URL="http://student-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student" --from-literal=LOG_LEVEL=info --from-literal=IDIR_IDP_HINT=keycloak_bcdevexchange_idir --from-literal=REDIS_HOST=redis --from-literal=REDIS_PORT=6379 --from-literal=STUDENT_PROFILE_API_URL="http://student-profile-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student-profile" --from-literal=SCHOOL_API_URL="http://school-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=STUDENT_PROFILE_EMAIL_API_URL="http://student-profile-email-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/ump" --from-literal=PROFILE_REQUEST_SAGA_API_URL="http://student-profile-saga-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student-profile-saga" --from-literal=NATS_URL="$NATS_URL" --from-literal=NATS_CLUSTER="$NATS_CLUSTER" --from-literal=UMP_ROLES="STUDENT_PROFILE_ADMIN,STUDENT_PROFILE_READ_ONLY" --from-literal=GMP_ROLES="STUDENT_ADMIN,STUDENT_ADMIN_READ_ONLY" --from-literal=STUDENT_SEARCH_ADMIN="STUDENT_SEARCH_ADMIN" --from-literal=STUDENT_SEARCH_ROLES="STUDENT_SEARCH_ADMIN,STUDENT_SEARCH_READ_ONLY" --from-literal=STUDENT_ADMIN_ADMINISTRATOR="STUDENT_ADMIN_ADMINISTRATOR" --from-literal=UMP_ROLE_ADMIN="STUDENT_PROFILE_ADMIN" --from-literal=GMP_ROLE_ADMIN="STUDENT_ADMIN" --from-literal=PEN_REQUEST_BATCH_ADMIN="PEN_REQUEST_BATCH_ADMIN" --from-literal=EDX_ADMIN="EDX_ADMIN" --from-literal=EAS_ADMIN="EAS_ADMIN" --from-literal=PEN_REQUEST_BATCH_API_URL="http://pen-reg-batch-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=PEN_MATCH_API_URL="http://pen-match-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/pen-match" --from-literal=SESSION_MAX_AGE=$sessionMaxAge --from-literal=TOKEN_EXPIRES_IN=$tokenExpiresIn --from-literal=SCHEDULER_CRON_STALE_SAGA_RECORD_REDIS="0/30 * * * * *" --from-literal=MIN_TIME_BEFORE_SAGA_IS_STALE_IN_SECONDS=10 --from-literal=PEN_SERVICES_API_URL="http://pen-services-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/pen-services" --from-literal=PEN_TRAX_API_URL="http://pen-trax-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=SLD_API_URL="http://sld-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=QUEUE_GROUP_NAME="student-admin-node-queue-group" --from-literal=STAN_ENABLED="true" --from-literal=NODE_ENV="openshift" --from-literal=SCHEDULER_CRON_DOC_TYPE_MIGRATION="$SCHEDULER_CRON_DOC_TYPE_MIGRATION" --from-literal=ENABLE_PRR_STUDENT_DEMOGRAPHICS="$ENABLE_PRR_STUDENT_DEMOGRAPHICS" --from-literal=NOMINAL_ROLL="NOMINAL_ROLL_EDIT" --from-literal=MACRO_API_URL="http://macro-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/macro" --from-literal=NOMINAL_ROLL_API_URL="http://pen-nominal-roll-api-main.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/nominal-roll" --from-literal=STUDENT_ANALYTICS_STUDENT_PROFILE="STUDENT_ANALYTICS_STUDENT_PROFILE" --from-literal=STUDENT_ANALYTICS_BATCH="STUDENT_ANALYTICS_BATCH" --from-literal=NOMINAL_ROLL_ROLES="NOMINAL_ROLL,NOMINAL_ROLL_EDIT" --from-literal=EDX_API_URL="http://edx-api-master.$EDX_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/edx" --from-literal=EAS_API_URL="http://eas-api-master.$EAS_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/eas" --from-literal=SDC_API_URL="http://student-data-collection-api-master.$EDX_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student-data-collection" --from-literal=INSTITUTE_API_URL="http://institute-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/institute" --from-literal=EDX_PEN_TEAM_ROLES="PEN_TEAM_ROLE" --from-literal=INSTITUTE_ROLES="OFFSHORE_SCHOOLS_ADMIN" --from-literal=DISABLE_SDC_FUNCTIONALITY=$disableSdcFunctionality --from-literal=EDX_URL=$EDUC_EDX_FRONTEND --from-literal=SLD_MIGRATION_DATE="$sldMigrationDate" --dry-run -o yaml | oc apply -f - +oc create -n $PEN_NAMESPACE-$envValue configmap $APP_NAME-backend-config-map --from-literal=IS_RATE_LIMIT_ENABLED="$IS_RATE_LIMIT_ENABLED" --from-literal=DISABLE_EAS_FUNCTIONALITY="$DISABLE_EAS_FUNCTIONALITY" --from-literal=RATE_LIMIT_WINDOW_IN_SEC="$RATE_LIMIT_WINDOW_IN_SEC" --from-literal=RATE_LIMIT_LIMIT="$RATE_LIMIT_LIMIT" --from-literal=WEB_SOCKET_URL="$WEB_SOCKET_URL" --from-literal=BANNER_COLOR="$BANNER_COLOR" --from-literal=BANNER_ENVIRONMENT="$BANNER_ENVIRONMENT" --from-literal=TZ=$TZVALUE --from-literal=UI_PRIVATE_KEY="$UI_PRIVATE_KEY_VAL" --from-literal=SITEMINDER_LOGOUT_ENDPOINT="$siteMinderLogoutUrl" --from-literal=UI_PUBLIC_KEY="$UI_PUBLIC_KEY_VAL" --from-literal=ID=$APP_NAME-soam --from-literal=SECRET=$studentAdminClientSecret --from-literal=SERVICE_CLIENT_ID=$APP_NAME-service --from-literal=SERVICE_CLIENT_SECRET=$studentAdminServiceClientSecret --from-literal=SERVER_FRONTEND=https://$SERVER_FRONTEND --from-literal=ISSUER=STUDENT_ADMIN_APPLICATION --from-literal=SOAM_PUBLIC_KEY="$formattedPublicKey" --from-literal=PEN_REQUEST_EMAIL_API_URL="http://student-profile-email-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/gmp" --from-literal=PEN_REQUEST_API_URL="http://pen-request-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/pen-request" --from-literal=DISCOVERY=https://$SOAM_KC/auth/realms/$SOAM_KC_REALM_ID/.well-known/openid-configuration --from-literal=KC_DOMAIN=https://$SOAM_KC/auth/realms/$SOAM_KC_REALM_ID --from-literal=PEN_DEMOGRAPHICS_URL="http://pen-demographics-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080" --from-literal=DIGITAL_ID_URL="http://digitalid-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/digital-id" --from-literal=STUDENT_API_URL="http://student-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student" --from-literal=LOG_LEVEL=info --from-literal=IDIR_IDP_HINT=keycloak_bcdevexchange_idir --from-literal=REDIS_HOST=redis --from-literal=REDIS_PORT=6379 --from-literal=STUDENT_PROFILE_API_URL="http://student-profile-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student-profile" --from-literal=SCHOOL_API_URL="http://school-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=STUDENT_PROFILE_EMAIL_API_URL="http://student-profile-email-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/ump" --from-literal=PROFILE_REQUEST_SAGA_API_URL="http://student-profile-saga-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student-profile-saga" --from-literal=NATS_URL="$NATS_URL" --from-literal=NATS_CLUSTER="$NATS_CLUSTER" --from-literal=UMP_ROLES="STUDENT_PROFILE_ADMIN,STUDENT_PROFILE_READ_ONLY" --from-literal=GMP_ROLES="STUDENT_ADMIN,STUDENT_ADMIN_READ_ONLY" --from-literal=STUDENT_SEARCH_ADMIN="STUDENT_SEARCH_ADMIN" --from-literal=STUDENT_SEARCH_ROLES="STUDENT_SEARCH_ADMIN,STUDENT_SEARCH_READ_ONLY" --from-literal=STUDENT_ADMIN_ADMINISTRATOR="STUDENT_ADMIN_ADMINISTRATOR" --from-literal=UMP_ROLE_ADMIN="STUDENT_PROFILE_ADMIN" --from-literal=GMP_ROLE_ADMIN="STUDENT_ADMIN" --from-literal=PEN_REQUEST_BATCH_ADMIN="PEN_REQUEST_BATCH_ADMIN" --from-literal=EDX_ADMIN="EDX_ADMIN" --from-literal=EAS_ADMIN="EAS_ADMIN" --from-literal=PEN_REQUEST_BATCH_API_URL="http://pen-reg-batch-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=PEN_MATCH_API_URL="http://pen-match-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/pen-match" --from-literal=SESSION_MAX_AGE=$sessionMaxAge --from-literal=TOKEN_EXPIRES_IN=$tokenExpiresIn --from-literal=SCHEDULER_CRON_STALE_SAGA_RECORD_REDIS="0/30 * * * * *" --from-literal=MIN_TIME_BEFORE_SAGA_IS_STALE_IN_SECONDS=10 --from-literal=PEN_SERVICES_API_URL="http://pen-services-api-master.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/pen-services" --from-literal=PEN_TRAX_API_URL="http://pen-trax-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=SLD_API_URL="http://sld-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1" --from-literal=QUEUE_GROUP_NAME="student-admin-node-queue-group" --from-literal=STAN_ENABLED="true" --from-literal=NODE_ENV="openshift" --from-literal=SCHEDULER_CRON_DOC_TYPE_MIGRATION="$SCHEDULER_CRON_DOC_TYPE_MIGRATION" --from-literal=ENABLE_PRR_STUDENT_DEMOGRAPHICS="$ENABLE_PRR_STUDENT_DEMOGRAPHICS" --from-literal=NOMINAL_ROLL="NOMINAL_ROLL_EDIT" --from-literal=MACRO_API_URL="http://macro-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/macro" --from-literal=NOMINAL_ROLL_API_URL="http://pen-nominal-roll-api-main.$PEN_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/nominal-roll" --from-literal=STUDENT_ANALYTICS_STUDENT_PROFILE="STUDENT_ANALYTICS_STUDENT_PROFILE" --from-literal=STUDENT_ANALYTICS_BATCH="STUDENT_ANALYTICS_BATCH" --from-literal=NOMINAL_ROLL_ROLES="NOMINAL_ROLL,NOMINAL_ROLL_EDIT" --from-literal=EDX_API_URL="http://edx-api-master.$EDX_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/edx" --from-literal=EAS_API_URL="http://eas-api-master.$EAS_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/eas" --from-literal=SDC_API_URL="http://student-data-collection-api-master.$EDX_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/student-data-collection" --from-literal=INSTITUTE_API_URL="http://institute-api-master.$COMMON_NAMESPACE-$envValue.svc.cluster.local:8080/api/v1/institute" --from-literal=EDX_PEN_TEAM_ROLES="PEN_TEAM_ROLE" --from-literal=INSTITUTE_ROLES="OFFSHORE_SCHOOLS_ADMIN" --from-literal=DISABLE_SDC_FUNCTIONALITY=$disableSdcFunctionality --from-literal=EDX_URL=$EDUC_EDX_FRONTEND --from-literal=SLD_MIGRATION_DATE="$sldMigrationDate" --from-literal=CLAMAV_HOST="clamav.$COMMON_NAMESPACE-$envValue.svc.cluster.local" --from-literal=CLAMAV_PORT="3310" --dry-run -o yaml | oc apply -f - echo echo Setting environment variables for $APP_NAME-backend-$SOAM_KC_REALM_ID application oc -n $PEN_NAMESPACE-$envValue set env --from=configmap/$APP_NAME-backend-config-map dc/$APP_NAME-backend-$SOAM_KC_REALM_ID