|
@ -23,7 +23,8 @@ from .urls_patterns import \ |
|
|
URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \ |
|
|
URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \ |
|
|
URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS, URL_ADMIN_CLIENT, URL_ADMIN_CLIENT_ROLES, URL_ADMIN_REALM_ROLES, \ |
|
|
URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS, URL_ADMIN_CLIENT, URL_ADMIN_CLIENT_ROLES, URL_ADMIN_REALM_ROLES, \ |
|
|
URL_ADMIN_GROUP, URL_ADMIN_GROUPS, URL_ADMIN_GROUP_CHILD, URL_ADMIN_USER_GROUP, \ |
|
|
URL_ADMIN_GROUP, URL_ADMIN_GROUPS, URL_ADMIN_GROUP_CHILD, URL_ADMIN_USER_GROUP, \ |
|
|
URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_USER_CLIENT_ROLES, URL_ADMIN_USER_STORAGE |
|
|
|
|
|
|
|
|
URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_USER_CLIENT_ROLES, URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, \ |
|
|
|
|
|
URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE, URL_ADMIN_USER_STORAGE |
|
|
|
|
|
|
|
|
from .keycloak_openid import KeycloakOpenID |
|
|
from .keycloak_openid import KeycloakOpenID |
|
|
|
|
|
|
|
@ -645,8 +646,31 @@ class KeycloakAdmin: |
|
|
:param user_id: id of user |
|
|
:param user_id: id of user |
|
|
:return: Keycloak server response (array RoleRepresentation) |
|
|
:return: Keycloak server response (array RoleRepresentation) |
|
|
""" |
|
|
""" |
|
|
|
|
|
return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES, user_id, client_id) |
|
|
|
|
|
|
|
|
|
|
|
def get_available_client_roles_of_user(self, user_id, client_id): |
|
|
|
|
|
""" |
|
|
|
|
|
Get available client role-mappings for a user. |
|
|
|
|
|
|
|
|
|
|
|
:param client_id: id of client (not client-id) |
|
|
|
|
|
:param user_id: id of user |
|
|
|
|
|
:return: Keycloak server response (array RoleRepresentation) |
|
|
|
|
|
""" |
|
|
|
|
|
return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, user_id, client_id) |
|
|
|
|
|
|
|
|
|
|
|
def get_composite_client_roles_of_user(self, user_id, client_id): |
|
|
|
|
|
""" |
|
|
|
|
|
Get composite client role-mappings for a user. |
|
|
|
|
|
|
|
|
|
|
|
:param client_id: id of client (not client-id) |
|
|
|
|
|
:param user_id: id of user |
|
|
|
|
|
:return: Keycloak server response (array RoleRepresentation) |
|
|
|
|
|
""" |
|
|
|
|
|
return self._get_client_roles_of_user(URL_ADMIN_USER_CLIENT_ROLES_COMPOSITE, user_id, client_id) |
|
|
|
|
|
|
|
|
|
|
|
def _get_client_roles_of_user(self, client_level_role_mapping_url, user_id, client_id): |
|
|
params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id} |
|
|
params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id} |
|
|
data_raw = self.connection.raw_get(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path)) |
|
|
|
|
|
|
|
|
data_raw = self.connection.raw_get(client_level_role_mapping_url.format(**params_path)) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
return raise_error_from_response(data_raw, KeycloakGetError) |
|
|
|
|
|
|
|
|
def delete_client_roles_of_user(self, user_id, client_id, roles): |
|
|
def delete_client_roles_of_user(self, user_id, client_id, roles): |
|
|