Drop UserRole from auth service User domain

Description

Some of the auth service endpoints enforce roles from the auth service user domain (eg. password reset). This shouldn't be the case and user roles should be verified with reference data exclusively (currently I need both role from ref data and admin role in auth service).

Files to look into:
UserController

ResourceServerSecurityConfiguration

Acceptance criteria:

  • UserRole dropped from User domain in Auth Service

  • Users created via UI and assigned user administration roles also via UI can create new users and reset their passwords

  • Auth should use role assignment from referencedata service

Environment

None

Status

Assignee

Paweł Gesek

Reporter

Sebastian Brudziński

Labels

None

Story Points

3

Time tracking

8h

Components

Sprint

None

Fix versions

Priority

Major
Configure