From a3bce43d01ceca851390e47e797c8139c4b23384 Mon Sep 17 00:00:00 2001
From: Rui Lopes <rgl@ruilopes.com>
Date: Wed, 1 Nov 2017 12:59:48 +0000
Subject: [PATCH] create external role mappings

---
 .../src/main/groovy/provision-ldap.groovy              | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/provision/provision-nexus/src/main/groovy/provision-ldap.groovy b/provision/provision-nexus/src/main/groovy/provision-ldap.groovy
index 7ef4a1e..dc8ff01 100644
--- a/provision/provision-nexus/src/main/groovy/provision-ldap.groovy
+++ b/provision/provision-nexus/src/main/groovy/provision-ldap.groovy
@@ -39,6 +39,16 @@ if (!ldapManager.listLdapServerConfigurations().any { it.name == "dc.example.com
     )
 }
 
+// create external role mappings.
+if (!security.securitySystem.listRoles().any { it.roleId == "Administrators" && it.source == "default" }) {
+    security.addRole(
+        "Administrators",
+        "nx-admin",
+        "Administrator Role (LDAP Administrators)",
+        [],
+        ["nx-admin"])
+}
+
 ldapUsers = security.securitySystem.searchUsers(new UserSearchCriteria(source: 'LDAP'))
 return JsonOutput.toJson([
         ldapUsers: ldapUsers.sort { it.userId },