From f8de4880337e5ee99fd198a3b583bfb3fdab4586 Mon Sep 17 00:00:00 2001 From: Benjamin Mwalimu Date: Mon, 7 Oct 2024 23:14:46 +0300 Subject: [PATCH 1/3] =?UTF-8?q?=F0=9F=90=9B=20(Update=20the=20Keycloak=20a?= =?UTF-8?q?dm=20in=20URLs):=20Update=20the=20Keycloak=20admin=20URLs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- importer/csv/setup/roles.csv | 4 +-- importer/importer/users.py | 49 ++++++++++++++++-------------------- 2 files changed, 24 insertions(+), 29 deletions(-) diff --git a/importer/csv/setup/roles.csv b/importer/csv/setup/roles.csv index 6a33ca39..64f37484 100644 --- a/importer/csv/setup/roles.csv +++ b/importer/csv/setup/roles.csv @@ -116,7 +116,7 @@ PUT_STRUCTUREMAP,, PUT_TASK,, WEB_CLIENT,, ANDROID_CLIENT,, -EDIT_KEYCLOAK_USERS,TRUE,manage-users|query-users -VIEW_KEYCLOAK_USERS,TRUE,view-users|query-users|query-groups +EDIT_KEYCLOAK_USERS,TRUE,manage-users|query-users|query-groups +VIEW_KEYCLOAK_USERS,TRUE,view-users|view-groups VIEW_USER_GROUPS,, VIEW_ROLES,, \ No newline at end of file diff --git a/importer/importer/users.py b/importer/importer/users.py index 2585d2a4..d72c5efb 100644 --- a/importer/importer/users.py +++ b/importer/importer/users.py @@ -4,7 +4,7 @@ import uuid from importer.builder import get_base_url -from importer.config.settings import api_service, keycloak_url +from importer.config.settings import api_service, keycloak_url, realm, client_id from importer.request import handle_request dir_path = str(pathlib.Path(__file__).parent.resolve()) @@ -244,18 +244,19 @@ def confirm_practitioner(user, user_id): def create_roles(role_list, roles_max): for role in role_list: current_role = str(role[0]) + _keycloak_url = get_keycloak_url() logging.debug("The current role is: " + current_role) # check if role already exists role_response = handle_request( - "GET", "", keycloak_url + "/roles/" + current_role + "GET", "", _keycloak_url + "/roles/" + current_role ) logging.debug(role_response) if current_role in role_response[0]: logging.error("A role already exists with the name " + current_role) else: role_payload = '{"name": "' + current_role + '"}' - create_role = handle_request("POST", role_payload, keycloak_url + "/roles") + create_role = handle_request("POST", role_payload, _keycloak_url + "/roles") if create_role.status_code == 201: logging.info("Successfully created role: " + current_role) @@ -265,7 +266,7 @@ def create_roles(role_list, roles_max): logging.debug("Role has composite roles") # get roled id full_role = handle_request( - "GET", "", keycloak_url + "/roles/" + current_role + "GET", "", _keycloak_url + "/roles/" + current_role ) json_resp = json.loads(full_role[0]) role_id = json_resp["id"] @@ -275,12 +276,9 @@ def create_roles(role_list, roles_max): available_roles = handle_request( "GET", "", - keycloak_url - + "/admin-ui-available-roles/roles/" - + role_id - + "?first=0&max=" - + str(roles_max) - + "&search=", + _keycloak_url + + "/roles-by-id/" + role_id + + "/composites", ) json_roles = json.loads(available_roles[0]) logging.debug("json_roles: " + str(json_roles)) @@ -288,29 +286,25 @@ def create_roles(role_list, roles_max): rolesMap = {} for jrole in json_roles: - # remove client and clientId, then rename role to name - # to build correct payload - del jrole["client"] - del jrole["clientId"] - jrole["name"] = jrole["role"] - del jrole["role"] rolesMap[str(jrole["name"])] = jrole associated_roles = str(role[2]) - logging.debug("Associated roles: " + associated_roles) associated_role_array = associated_roles.split("|") arr = [] for arole in associated_role_array: - if arole in rolesMap.keys(): - arr.append(rolesMap[arole]) + if arole not in rolesMap.keys(): + role_payload = '{"name": "' + arole + '"}' + arr.append(role_payload) else: - logging.error("Role " + arole + "does not exist") + logging.info("Role " + arole + " exists") + payload_arr = json.dumps(arr) + logging.info("Payload array: " + payload_arr) handle_request( "POST", payload_arr, - keycloak_url + "/roles-by-id/" + role_id + "/composites", + _keycloak_url + "/roles-by-id/" + role_id + "/composites", ) except IndexError: @@ -318,8 +312,9 @@ def create_roles(role_list, roles_max): def get_group_id(group): + _keycloak_url = get_keycloak_url() # check if group exists - all_groups = handle_request("GET", "", keycloak_url + "/groups") + all_groups = handle_request("GET", "", _keycloak_url + "/groups") json_groups = json.loads(all_groups[0]) group_obj = {} @@ -335,11 +330,12 @@ def get_group_id(group): logging.info("Group does not exists, lets create it") # create the group create_group_payload = '{"name":"' + group + '"}' - handle_request("POST", create_group_payload, keycloak_url + "/groups") + handle_request("POST", create_group_payload, _keycloak_url + "/groups") return get_group_id(group) def assign_group_roles(role_list, group, roles_max): + _keycloak_url = get_keycloak_url() group_id = get_group_id(group) logging.debug("The groupID is: " + group_id) @@ -347,9 +343,8 @@ def assign_group_roles(role_list, group, roles_max): available_roles_for_group = handle_request( "GET", "", - keycloak_url - + "/groups/" - + group_id + _keycloak_url + + "/groups/" + group_id + "/role-mappings/realm/available?first=0&max=" + str(roles_max), ) @@ -368,7 +363,7 @@ def assign_group_roles(role_list, group, roles_max): handle_request( "POST", json_assign_payload, - keycloak_url + "/groups/" + group_id + "/role-mappings/realm", + _keycloak_url + "/groups/" + group_id + "/role-mappings/realm", ) From c334d5baaeba1a03e2f5d19731dda0f9ffdf215b Mon Sep 17 00:00:00 2001 From: Benjamin Mwalimu Date: Mon, 7 Oct 2024 23:17:28 +0300 Subject: [PATCH 2/3] =?UTF-8?q?=E2=9E=96=20(Remove=20unused=20imports):=20?= =?UTF-8?q?Remove=20unused=20imports?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- importer/importer/users.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/importer/importer/users.py b/importer/importer/users.py index d72c5efb..ea844666 100644 --- a/importer/importer/users.py +++ b/importer/importer/users.py @@ -4,7 +4,7 @@ import uuid from importer.builder import get_base_url -from importer.config.settings import api_service, keycloak_url, realm, client_id +from importer.config.settings import api_service from importer.request import handle_request dir_path = str(pathlib.Path(__file__).parent.resolve()) From d912f84d71c121174c4015056e6d1417001753ef Mon Sep 17 00:00:00 2001 From: Benjamin Mwalimu Date: Mon, 28 Oct 2024 23:45:39 +0300 Subject: [PATCH 3/3] - Remove unused parameters --- importer/importer/users.py | 2 +- importer/main.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/importer/importer/users.py b/importer/importer/users.py index fd7d6003..c2e54461 100644 --- a/importer/importer/users.py +++ b/importer/importer/users.py @@ -260,7 +260,7 @@ def confirm_practitioner(user, user_id): return True, obj -def create_roles(role_list, roles_max): +def create_roles(role_list): for role in role_list: current_role = str(role[0]) _keycloak_url = get_keycloak_url() diff --git a/importer/main.py b/importer/main.py index e2823132..2f41859a 100644 --- a/importer/main.py +++ b/importer/main.py @@ -194,7 +194,7 @@ def main( logging.info("Processing complete!") elif setup == "roles": logging.info("Setting up keycloak roles") - create_roles(resource_list, roles_max) + create_roles(resource_list) if group: assign_group_roles(resource_list, group, roles_max) logging.info("Processing complete")