feat(api): add create permission function

2 years ago · b039100f38
1 changed files with 39 additions and 7 deletions
--- a/src/keycloak/keycloak_admin.py
+++ b/src/keycloak/keycloak_admin.py
@ -676,7 +676,7 @@ class KeycloakAdmin:
        )
        raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201])
        _last_slash_idx = data_raw.headers["Location"].rindex("/")
-        return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+        return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203

    def users_count(self, query=None):
        """Count users.
@ -1196,7 +1196,7 @@ class KeycloakAdmin:
        )
        try:
            _last_slash_idx = data_raw.headers["Location"].rindex("/")
-            return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+            return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203
        except KeyError:
            return

@ -1547,7 +1547,7 @@ class KeycloakAdmin:
            data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
        )
        _last_slash_idx = data_raw.headers["Location"].rindex("/")
-        return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+        return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203

    def update_client(self, client_id, payload):
        """Update a client.
@ -1725,7 +1725,7 @@ class KeycloakAdmin:
            data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
        )
        _last_slash_idx = data_raw.headers["Location"].rindex("/")
-        return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+        return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203

    def add_composite_client_roles_to_role(self, client_role_id, role_name, roles):
        """Add composite roles to client role.
@ -1866,7 +1866,7 @@ class KeycloakAdmin:
            data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
        )
        _last_slash_idx = data_raw.headers["Location"].rindex("/")
-        return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+        return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203

    def get_realm_role(self, role_name):
        """Get realm role by role name.
@ -2722,7 +2722,7 @@ class KeycloakAdmin:
            data_raw, KeycloakPostError, expected_codes=[201], skip_exists=skip_exists
        )
        _last_slash_idx = data_raw.headers["Location"].rindex("/")
-        return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+        return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203

    def update_client_scope(self, client_scope_id, payload):
        """Update a client scope.
@ -3087,7 +3087,7 @@ class KeycloakAdmin:
        )
        raise_error_from_response(data_raw, KeycloakPostError, expected_codes=[201])
        _last_slash_idx = data_raw.headers["Location"].rindex("/")
-        return data_raw.headers["Location"][_last_slash_idx + 1 :]  # noqa: E203
+        return data_raw.headers["Location"][_last_slash_idx + 1:]  # noqa: E203

    def get_component(self, component_id):
        """Get representation of the component.
@ -3460,6 +3460,38 @@ class KeycloakAdmin:
        )
        return raise_error_from_response(data_raw, KeycloakGetError)

+    def create_client_authz_scope_permission(self, payload, client_id):
+        """create permissions for a authz scope.
+
+        Payload example::
+
+            payload={
+                "name": "My Permission Name",
+                "type": "scope",
+                "logic": "POSITIVE",
+                "decisionStrategy": "UNANIMOUS",
+                "resources": [some_resource_id],
+                "scopes": [some_scope_id],
+                "policies": [some_policy_id],
+            }
+
+        :param payload: No Document
+        :type payload: dict
+        :param client_id: id in ClientRepresentation
+            https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_clientrepresentation
+        :type client_id: str
+        :param scope_id: No Document
+        :type scope_id: str
+        :return: Keycloak server response
+        :rtype: bytes
+        """
+        params_path = {"realm-name": self.realm_name, "id": client_id}
+        data_raw = self.raw_post(
+            urls_patterns.URL_ADMIN_ADD_CLIENT_AUTHZ_SCOPE_PERMISSION.format(**params_path),
+            data=json.dumps(payload),
+        )
+        return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[201])
+
    def update_client_authz_scope_permission(self, payload, client_id, scope_id):
        """Update permissions for a given scope.