Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

roles: keycloak role user mgt and kcadm updates #100

Merged
merged 3 commits into from
Sep 27, 2024
Merged

roles: keycloak role user mgt and kcadm updates #100

merged 3 commits into from
Sep 27, 2024

Conversation

spoore1
Copy link
Contributor

@spoore1 spoore1 commented Apr 22, 2024

Adding new methods to KeycloakUser class to extend user management support: delete, modify, set_password

Adding raise_on_error parameter to KeycloakUser methods so that they can be called for expected failure scenarios. This required adding raise_on_error to kcadm exec call.

@spoore1 spoore1 requested a review from danlavu April 22, 2024 13:01
@andreboscatto andreboscatto requested a review from pbrezina April 23, 2024 12:40
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from 6cfcbfa to 828c66f Compare April 23, 2024 16:14
danlavu
danlavu requested changes Apr 23, 2024
View reviewed changes
sssd_test_framework/roles/keycloak.py Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from 828c66f to cf19b68 Compare April 24, 2024 16:17
@spoore1 spoore1 requested a review from danlavu April 24, 2024 16:23
danlavu
danlavu previously approved these changes Apr 24, 2024
View reviewed changes
Copy link

@danlavu danlavu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LG2M

pbrezina
pbrezina requested changes May 9, 2024
View reviewed changes
Copy link
Member

@pbrezina pbrezina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, see comments inside.

By the way, you say you add raise_on_error parameter, but I don't see it anywhere. Did you change your mind?

sssd_test_framework/roles/keycloak.py Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from cf19b68 to 716a5a8 Compare May 30, 2024 18:14
@spoore1 spoore1 force-pushed the keycloak_role_updates branch 2 times, most recently from c24a3d5 to 1306baa Compare July 30, 2024 21:48
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from 1306baa to a4933ef Compare August 26, 2024 19:43
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from a4933ef to eb1463a Compare September 9, 2024 13:24
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from eb1463a to ad3783c Compare September 17, 2024 20:43
@spoore1 spoore1 requested review from pbrezina and danlavu September 17, 2024 20:57
danlavu
danlavu previously approved these changes Sep 17, 2024
View reviewed changes
pbrezina
pbrezina requested changes Sep 18, 2024
View reviewed changes
Copy link
Member

@pbrezina pbrezina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be possible to implement get() also for groups and unify the id property for both objects? I.e.:

@property
def id(self) -> str:
    if self._id is None:
        obj = self.get()
        self._id = obj["id"]

    return self._id

@id.setter
def id(self, value: str) --> None:
    self._id = value

This way, you can avoid calling get() from the user's constructor when it is not needed for new users and both classes would handle it the same way.

sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from ad3783c to 6b5c25a Compare September 19, 2024 17:52
@spoore1
Copy link
Contributor Author

spoore1 commented Sep 19, 2024

@pbrezina I updated the KeycloakGroup to add a get() method and modified the id setting. Let me know what you think.

@spoore1 spoore1 requested a review from pbrezina September 19, 2024 17:56
pbrezina
pbrezina requested changes Sep 20, 2024
View reviewed changes
Copy link
Member

@pbrezina pbrezina left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, now we need one more thing - since you call get() from KeycloackObject, you need to add it as abstract method there. E.g.

from abc import ABC, abstractmethod

class KeycloakObject(ABC, BaseObject[KeycloakHost, Keycloak]):
    @abstractmethod
    def get(self) -> dict[str, list[str]]:
        """docstring"""
        pass

To avoid sssd_test_framework/roles/keycloak.py:100: error: "KeycloakObject" has no attribute "get" [attr-defined]

Remove the commented lines and we can merge.

@spoore1 spoore1 force-pushed the keycloak_role_updates branch 2 times, most recently from eded39c to da39b9a Compare September 25, 2024 19:30
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from da39b9a to c432aef Compare September 26, 2024 13:04
@spoore1
Copy link
Contributor Author

spoore1 commented Sep 26, 2024

@pbrezina, I added abstract get() method to KeycloakObject class and removed comments I found. Anything else for this one? I just pushed a fix for the tox error also.

@spoore1 spoore1 force-pushed the keycloak_role_updates branch from c432aef to 7372cb3 Compare September 26, 2024 13:15
@spoore1 spoore1 requested review from pbrezina and danlavu September 26, 2024 13:45
pbrezina
pbrezina previously approved these changes Sep 26, 2024
View reviewed changes
Copy link
Member

@pbrezina pbrezina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ack, thank you.

danlavu
danlavu requested changes Sep 26, 2024
View reviewed changes
sssd_test_framework/roles/ad.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/ad.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/ad.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/ad.py Outdated Show resolved Hide resolved
sssd_test_framework/hosts/ldap.py Show resolved Hide resolved
sssd_test_framework/roles/ipa.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/ipa.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/ipa.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/ipa.py Outdated Show resolved Hide resolved
sssd_test_framework/roles/keycloak.py Outdated Show resolved Hide resolved
@spoore1
roles: keycloak role user management updates
2dfe186 
Adding new methods to KeycloakUser class to extend user management
support:  delete, modify, set_password

Also update docstrings for kcadm to reflect that it returns
SSHProcessResult.

Also updating keycloak user add to include first and last name
attributes.
@spoore1
roles: Add attributes to IPA|AD|LDAP User methods
9975152 
* first/last name attributes for IPA/AD/LDAP User modify methods.
* password_expiration to IPA User modify method
* external IdP attributes to IPA User modify method
* Do not fail if users OU already exists in LDAP
* add ability to override the rdn user attribute from cn
* add givenName attribute for LDAP users
@spoore1
Add password reset and expire methods to providers
20ec6e5
@spoore1 spoore1 force-pushed the keycloak_role_updates branch from 7372cb3 to 20ec6e5 Compare September 26, 2024 20:26
danlavu
danlavu approved these changes Sep 26, 2024
View reviewed changes
Copy link

@danlavu danlavu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, thanks!

@pbrezina pbrezina merged commit e946304 into SSSD:master Sep 27, 2024
5 checks passed
@spoore1 spoore1 deleted the keycloak_role_updates branch September 27, 2024 18:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danlavu danlavu danlavu approved these changes

@pbrezina pbrezina pbrezina left review comments

Assignees

@danlavu danlavu

@pbrezina pbrezina

Labels
waiting for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@spoore1 @danlavu @pbrezina