From 4b6b076f55f5c9940de068b91e6dae208d39928c Mon Sep 17 00:00:00 2001 From: Joerg Schaarschmidt Date: Wed, 9 Jun 2021 18:11:23 +0200 Subject: [PATCH 1/2] add delete_realm_roles_of_user function --- docs/source/index.rst | 3 +++ keycloak/keycloak_admin.py | 16 ++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/docs/source/index.rst b/docs/source/index.rst index 0cd6e2f..0f61b50 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -262,6 +262,9 @@ Main methods:: # Assign realm roles to user. Note that BOTH role_name and role_id appear to be required. keycloak_admin.assign_realm_roles(client_id="client_id", user_id="user_id", roles=[{"roles_representation"}]) + # Delete realm roles of user. Note that BOTH role_name and role_id appear to be required. + keycloak_admin.deletes_realm_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"roles_representation"}]) + # Create new group group = keycloak_admin.create_group(name="Example Group") diff --git a/keycloak/keycloak_admin.py b/keycloak/keycloak_admin.py index ffb5968..34c1919 100644 --- a/keycloak/keycloak_admin.py +++ b/keycloak/keycloak_admin.py @@ -1189,6 +1189,22 @@ class KeycloakAdmin: data=json.dumps(payload)) return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) + def delete_realm_roles_of_user(self, user_id, client_id, roles): + """ + Deletes realm roles of a user + + :param user_id: id of user + :param client_id: id of client containing role (not client-id) + :param roles: roles list or role (use RoleRepresentation) + :return Keycloak server response + """ + + payload = roles if isinstance(roles, list) else [roles] + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.raw_delete(URL_ADMIN_USER_REALM_ROLES.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) + def get_realm_roles_of_user(self, user_id): """ Get all realm roles for a user. From 93b9991dc84f5a62a2eabd0c348afd5a1292ab25 Mon Sep 17 00:00:00 2001 From: Joerg Schaarschmidt Date: Wed, 9 Jun 2021 18:34:20 +0200 Subject: [PATCH 2/2] Remove unused client_id from delete_realm_roles_of users --- docs/source/index.rst | 2 +- keycloak/keycloak_admin.py | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/source/index.rst b/docs/source/index.rst index 0f61b50..3b3007b 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -263,7 +263,7 @@ Main methods:: keycloak_admin.assign_realm_roles(client_id="client_id", user_id="user_id", roles=[{"roles_representation"}]) # Delete realm roles of user. Note that BOTH role_name and role_id appear to be required. - keycloak_admin.deletes_realm_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"roles_representation"}]) + keycloak_admin.deletes_realm_roles_of_user(user_id="user_id", roles=[{"roles_representation"}]) # Create new group group = keycloak_admin.create_group(name="Example Group") diff --git a/keycloak/keycloak_admin.py b/keycloak/keycloak_admin.py index 34c1919..2afd1e2 100644 --- a/keycloak/keycloak_admin.py +++ b/keycloak/keycloak_admin.py @@ -1189,12 +1189,11 @@ class KeycloakAdmin: data=json.dumps(payload)) return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) - def delete_realm_roles_of_user(self, user_id, client_id, roles): + def delete_realm_roles_of_user(self, user_id, roles): """ Deletes realm roles of a user :param user_id: id of user - :param client_id: id of client containing role (not client-id) :param roles: roles list or role (use RoleRepresentation) :return Keycloak server response """