New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new module managing keycloak role #2
base: devel
Are you sure you want to change the base?
Conversation
lib/ansible/module_utils/keycloak.py
Outdated
@@ -339,3 +344,129 @@ def delete_client_template(self, id, realm="master"): | |||
except Exception as e: | |||
self.module.fail_json(msg='Could not delete client template %s in realm %s: %s' | |||
% (id, realm, str(e))) | |||
|
|||
def get_role_url(self, role_id, realm='master', client_uuid=None): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
lib/ansible/module_utils/keycloak.py
Outdated
else: | ||
return None | ||
|
||
def get_json_from_url(self, url): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
deleting_role(kc, result, realm, given_role_id, client_uuid) | ||
|
||
|
||
def attributes_format_is_correct(given_attributes): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
return True | ||
|
||
|
||
def attribute_as_list_format_is_correct(one_value, first_call=True): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
return True | ||
|
||
|
||
def get_initial_role(given_role_id, kc, realm, client_id): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
return result | ||
|
||
|
||
def create_changeset(module): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
return changeset | ||
|
||
|
||
def do_nothing_and_exit(kc, result, realm, given_role_id, client_id, client_uuid): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
module.exit_json(**result) | ||
|
||
|
||
def updating_role(kc, result, realm, given_role_id, client_uuid): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
module.exit_json(**result) | ||
|
||
|
||
def put_attributes_values_in_list(attributes_values): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
return new_attributes | ||
|
||
|
||
def deleting_role(kc, result, realm, given_role_id, client_uuid): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing docstring
…nit test (ansible#55643) * remove external grep call and parse with python * use function for repeated code * use module.get_bin_path() for iscsiutil on HPUX * some code opt for HPUX * clean up non-module code, module being defined is a requirement for this code * import get_bin_path() directly and use without module prefix * Add integration tests for AIX and HP-UX * add changelog fragment * Apply suggestions from code review Co-Authored-By: mator <matorola@gmail.com> * Apply suggestions from code review #2 Co-Authored-By: Sam Doran <sdoran@redhat.com> * Remove strict requirement on executable to exist for get_bin_path() as it will allow facts gathering to continue without an error. Almost all other files under facts do not have "required=True" (except 2 files, which should be probably fixed). And check return value for get_bin_path() , before run attempt. * add check for AIX lsattr run_command return code
…nit test (ansible#55643) * remove external grep call and parse with python * use function for repeated code * use module.get_bin_path() for iscsiutil on HPUX * some code opt for HPUX * clean up non-module code, module being defined is a requirement for this code * import get_bin_path() directly and use without module prefix * Add integration tests for AIX and HP-UX * add changelog fragment * Apply suggestions from code review Co-Authored-By: mator <matorola@gmail.com> * Apply suggestions from code review #2 Co-Authored-By: Sam Doran <sdoran@redhat.com> * Remove strict requirement on executable to exist for get_bin_path() as it will allow facts gathering to continue without an error. Almost all other files under facts do not have "required=True" (except 2 files, which should be probably fixed). And check return value for get_bin_path() , before run attempt. * add check for AIX lsattr run_command return code
…ble#54260) * nxos_interfaces_ospf: fix passive-interface states & check_mode This fix addresses issues ansible#41704 and ansible#45343. The crux of the problem is that `passive-interface` should have been treated as a tri-state value instead of a boolean. The `no` form of the command disables the passive state on an interface (allows it to form adjacencies and send routing updates). It's essentially an override for `passive-interface default` which enables passive state on all OSPF interfaces.\* This `no` config will be present in `running-config`. \**See `router ospf` configuration.* Since both enable and disable states are explicit configs, the proper way to remove either of these is with the `default` syntax. Passive-interface config syntax: ``` ip ospf passive-interface # enable (nvgens) no ip ospf passive-interface # disable (nvgens) default ip ospf passive-interface # default (removes config, does not nvgen) ``` Code changes: * `passive_interface` param changed from boolean to string, restricted to `true`,`false`,`default`. * Several passive-interface specific checks were added because the existing module logic tends to test for true or false and doesn't handle the None case. * Fixed `check_mode`. Sanity verified on: N9K,N7K,N3K,N6K * Fix doc header * Unit tests for passive-interface * doc fix #2 * Fix indent for SA * Remove 'default' keyword, restore bool behavior * remove changes to sanity (cherry picked from commit 20fb77c)
This module allows to create, update and delete roles
This test should not raise an error as before
SUMMARY
This module (keycloak_user) allows the use of the Keycloak REST API (http://www.keycloak.org/docs-api/3.4/rest-api/index.html) to administrate Keycloak (http://www.keycloak.org) user.
Keycloak is an Open Source Identity and Access Management system spearheaded by Red Hat. It provides OpenID Connect and SAML authentication/authorization services.
Two prior modules in this namespace have been merged (keycloak_client in 31716 and keycloak_clienttemplate in 33419). This module reuses code introduced therein (from module_utils/keycloak.py).
Four other modules currently have new module PRs pending (keycloak_group in 35637 by adamgoossens, keycloak_scope in 35558 by eikef, keycloak_realms in 35844 and keycloak_user in 52327 by myself); they extend module_utils/keycloak.py as well, though it's all strictly additions.
ISSUE TYPE
COMPONENT NAME
keycloak_role