## ---------------------------------------------------------------------------
## Licensed to the Apache Software Foundation (ASF) under one or more
## contributor license agreements.  See the NOTICE file distributed with
## this work for additional information regarding copyright ownership.
## The ASF licenses this file to You under the Apache License, Version 2.0
## (the "License"); you may not use this file except in compliance with
## the License.  You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
## ---------------------------------------------------------------------------
## CUSTOMCONFIG

# syntax is role = list of users

# ADMIN ROLE MAPPING
{{- $admins := list -}}
{{- $admins = printf "%s" $.Values.admin.user | append $admins -}}
{{- range $currentUser := $.Values.users }}
{{- if has ($.Values.admin.role) $currentUser.roles }}
{{- $admins = printf "%s" (toString $currentUser.name) | append $admins -}}
{{- end }}
{{- end }}
{{ $.Values.admin.role }} = {{ $admins | join "," }}

{{- $declared_roles := list }}
{{- range .Values.users }}
{{- range .roles }}
  {{- if and (not (has (toString .) $declared_roles)) (not (eq (toString .) ($.Values.admin.role))) }}
    {{- $declared_roles = printf "%s" (toString .) | append $declared_roles }}
  {{- end }}
{{- end }}
{{- end }}

# ADDITIONAL ROLE MAPPING
{{- range $current_role := $declared_roles }}
  {{- $users_in_role := list -}}
  {{- range $currentUser := $.Values.users }}
    {{- if has $current_role $currentUser.roles }}
      {{- $users_in_role = printf "%s" (toString $currentUser.name) | append $users_in_role -}}
    {{- end }}
  {{- end }}
{{ $current_role }} = {{ $users_in_role | join "," }}
{{- end }}