Add new module managing keycloak role #2
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
achaussier
reviewed
Mar 28, 2019
lib/ansible/module_utils/keycloak.py
Outdated
| @@ -339,3 +344,129 @@ def delete_client_template(self, id, realm="master"): | |||
| except Exception as e: | |||
| self.module.fail_json(msg='Could not delete client template %s in realm %s: %s' | |||
| % (id, realm, str(e))) | |||
|
|
|||
| def get_role_url(self, role_id, realm='master', client_uuid=None): | |||
lib/ansible/module_utils/keycloak.py
Outdated
| else: | ||
| return None | ||
|
|
||
| def get_json_from_url(self, url): |
| deleting_role(kc, result, realm, given_role_id, client_uuid) | ||
|
|
||
|
|
||
| def attributes_format_is_correct(given_attributes): |
| return True | ||
|
|
||
|
|
||
| def attribute_as_list_format_is_correct(one_value, first_call=True): |
| return True | ||
|
|
||
|
|
||
| def get_initial_role(given_role_id, kc, realm, client_id): |
| return result | ||
|
|
||
|
|
||
| def create_changeset(module): |
| return changeset | ||
|
|
||
|
|
||
| def do_nothing_and_exit(kc, result, realm, given_role_id, client_id, client_uuid): |
| module.exit_json(**result) | ||
|
|
||
|
|
||
| def updating_role(kc, result, realm, given_role_id, client_uuid): |
| module.exit_json(**result) | ||
|
|
||
|
|
||
| def put_attributes_values_in_list(attributes_values): |
| return new_attributes | ||
|
|
||
|
|
||
| def deleting_role(kc, result, realm, given_role_id, client_uuid): |
ndclt
pushed a commit
that referenced
this pull request
May 15, 2019
…nit test (ansible#55643) * remove external grep call and parse with python * use function for repeated code * use module.get_bin_path() for iscsiutil on HPUX * some code opt for HPUX * clean up non-module code, module being defined is a requirement for this code * import get_bin_path() directly and use without module prefix * Add integration tests for AIX and HP-UX * add changelog fragment * Apply suggestions from code review Co-Authored-By: mator <matorola@gmail.com> * Apply suggestions from code review #2 Co-Authored-By: Sam Doran <sdoran@redhat.com> * Remove strict requirement on executable to exist for get_bin_path() as it will allow facts gathering to continue without an error. Almost all other files under facts do not have "required=True" (except 2 files, which should be probably fixed). And check return value for get_bin_path() , before run attempt. * add check for AIX lsattr run_command return code
ndclt
pushed a commit
that referenced
this pull request
Jun 13, 2019
…nit test (ansible#55643) * remove external grep call and parse with python * use function for repeated code * use module.get_bin_path() for iscsiutil on HPUX * some code opt for HPUX * clean up non-module code, module being defined is a requirement for this code * import get_bin_path() directly and use without module prefix * Add integration tests for AIX and HP-UX * add changelog fragment * Apply suggestions from code review Co-Authored-By: mator <matorola@gmail.com> * Apply suggestions from code review #2 Co-Authored-By: Sam Doran <sdoran@redhat.com> * Remove strict requirement on executable to exist for get_bin_path() as it will allow facts gathering to continue without an error. Almost all other files under facts do not have "required=True" (except 2 files, which should be probably fixed). And check return value for get_bin_path() , before run attempt. * add check for AIX lsattr run_command return code
ndclt
pushed a commit
that referenced
this pull request
Sep 5, 2019
…ble#54260) * nxos_interfaces_ospf: fix passive-interface states & check_mode This fix addresses issues ansible#41704 and ansible#45343. The crux of the problem is that `passive-interface` should have been treated as a tri-state value instead of a boolean. The `no` form of the command disables the passive state on an interface (allows it to form adjacencies and send routing updates). It's essentially an override for `passive-interface default` which enables passive state on all OSPF interfaces.\* This `no` config will be present in `running-config`. \**See `router ospf` configuration.* Since both enable and disable states are explicit configs, the proper way to remove either of these is with the `default` syntax. Passive-interface config syntax: ``` ip ospf passive-interface # enable (nvgens) no ip ospf passive-interface # disable (nvgens) default ip ospf passive-interface # default (removes config, does not nvgen) ``` Code changes: * `passive_interface` param changed from boolean to string, restricted to `true`,`false`,`default`. * Several passive-interface specific checks were added because the existing module logic tends to test for true or false and doesn't handle the None case. * Fixed `check_mode`. Sanity verified on: N9K,N7K,N3K,N6K * Fix doc header * Unit tests for passive-interface * doc fix #2 * Fix indent for SA * Remove 'default' keyword, restore bool behavior * remove changes to sanity (cherry picked from commit 20fb77c)
This module allows to create, update and delete roles
This test should not raise an error as before
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
This module (keycloak_user) allows the use of the Keycloak REST API (http://www.keycloak.org/docs-api/3.4/rest-api/index.html) to administrate Keycloak (http://www.keycloak.org) user.
Keycloak is an Open Source Identity and Access Management system spearheaded by Red Hat. It provides OpenID Connect and SAML authentication/authorization services.
Two prior modules in this namespace have been merged (keycloak_client in 31716 and keycloak_clienttemplate in 33419). This module reuses code introduced therein (from module_utils/keycloak.py).
Four other modules currently have new module PRs pending (keycloak_group in 35637 by adamgoossens, keycloak_scope in 35558 by eikef, keycloak_realms in 35844 and keycloak_user in 52327 by myself); they extend module_utils/keycloak.py as well, though it's all strictly additions.
ISSUE TYPE
COMPONENT NAME
keycloak_role