CB-6168 map user role by team

server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/SMAuthProviderAssigner.java

@@ -1,6 +1,6 @@
 /*
  * DBeaver - Universal Database Manager
- * Copyright (C) 2010-2024 DBeaver Corp and others
+ * Copyright (C) 2010-2025 DBeaver Corp and others
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
 package io.cloudbeaver.auth;
 
 import org.jkiss.code.NotNull;
+import org.jkiss.code.Nullable;
 import org.jkiss.dbeaver.DBException;
 import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
 import org.jkiss.dbeaver.model.security.SMAuthProviderCustomConfiguration;
@@ -36,6 +37,7 @@
         @NotNull Map<String, Object> authParameters
     ) throws DBException;
 
+    @Nullable
     String getExternalTeamIdMetadataFieldName();
 
 }

server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/SMAutoAssign.java

@@ -1,6 +1,6 @@
 /*
  * DBeaver - Universal Database Manager
- * Copyright (C) 2010-2024 DBeaver Corp and others
+ * Copyright (C) 2010-2025 DBeaver Corp and others
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,11 +17,14 @@
 
 package io.cloudbeaver.auth;
 
+import org.jkiss.code.Nullable;
+
 import java.util.ArrayList;
 import java.util.List;
 
 public class SMAutoAssign {
     private String authRole;
+    private String authRoleAssignReason;
     private List<String> externalTeamIds = new ArrayList<>();
 
     public SMAutoAssign() {
@@ -44,7 +47,16 @@
         return externalTeamIds;
     }
 
     public void addExternalTeamId(String externalRoleId) {
         this.externalTeamIds.add(externalRoleId);
     }
+
+    @Nullable
+    public String getAuthRoleAssignReason() {
+        return authRoleAssignReason;
+    }
+
+    public void setAuthRoleAssignReason(@Nullable String authRoleChangedReason) {
+        this.authRoleAssignReason = authRoleChangedReason;
+    }
 }

server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/provider/AbstractExternalAuthProvider.java

@@ -1,6 +1,6 @@
 /*
  * DBeaver - Universal Database Manager
- * Copyright (C) 2010-2024 DBeaver Corp and others
+ * Copyright (C) 2010-2025 DBeaver Corp and others
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,7 +24,8 @@
 /**
  * Abstract external auth provider
  */
-public abstract class AbstractExternalAuthProvider<SESSION extends SMSession> implements SMAuthProviderExternal<SESSION> {
+public abstract class AbstractExternalAuthProvider<SESSION extends SMSession>
+    implements SMAuthProviderExternal<SESSION> {
 
     public static final String META_AUTH_PROVIDER = "$provider";
     public static final String META_AUTH_SPACE_ID = "$space";

server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java

@@ -1,6 +1,6 @@
 /*
  * DBeaver - Universal Database Manager
- * Copyright (C) 2010-2024 DBeaver Corp and others
+ * Copyright (C) 2010-2025 DBeaver Corp and others
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -2232,6 +2232,9 @@
                 if (activeUserId == null) {
                     activeUserId = userIdFromCreds;
                 }
+                if (autoAssign != null && CommonUtils.isNotEmpty(autoAssign.getAuthRoleAssignReason())) {
+                    log.info(activeUserId + " authenticated with role " + autoAssign.getAuthRole() + ", reason: " + autoAssign.getAuthRoleAssignReason());
+                }
             }
             dbStoredUserData.put(
                 authConfiguration,