diff --git a/keycloak/keycloak_admin.py b/keycloak/keycloak_admin.py index ae443b6..7673d56 100644 --- a/keycloak/keycloak_admin.py +++ b/keycloak/keycloak_admin.py @@ -43,7 +43,7 @@ from .urls_patterns import URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENT_AUTHZ_RESOURC URL_ADMIN_USER_CLIENT_ROLES_AVAILABLE, URL_ADMIN_USERS, URL_ADMIN_CLIENT_SCOPES, \ URL_ADMIN_CLIENT_SCOPES_ADD_MAPPER, URL_ADMIN_CLIENT_SCOPE, URL_ADMIN_CLIENT_SECRETS, \ URL_ADMIN_USER_REALM_ROLES, URL_ADMIN_REALM, URL_ADMIN_COMPONENTS, URL_ADMIN_COMPONENT, URL_ADMIN_KEYS, \ - URL_ADMIN_USER_FEDERATED_IDENTITY, URL_ADMIN_USER_FEDERATED_IDENTITIES + URL_ADMIN_USER_FEDERATED_IDENTITY, URL_ADMIN_USER_FEDERATED_IDENTITIES, URL_ADMIN_REALM_ROLES_ROLE_BY_NAME_USERS class KeycloakAdmin: @@ -999,6 +999,21 @@ class KeycloakAdmin: URL_ADMIN_REALM_ROLES_ROLE_BY_NAME.format(**params_path)) return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) + def get_realm_role_users(self, role_name): + """ + Get a list of users with role_name assigned + + UserRepresentation + https://www.keycloak.org/docs-api/8.0/rest-api/#_userrepresentation + + :param role_name: The role name {'role-name':'name-of-the-role'} + :return Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "role-name": role_name} + data_raw = self.raw_get(URL_ADMIN_REALM_ROLES_ROLE_BY_NAME_USERS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) + def assign_realm_roles(self, user_id, client_id, roles): """ Assign realm roles to a user @@ -1015,6 +1030,21 @@ class KeycloakAdmin: data=json.dumps(payload)) return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[204]) + def get_user_realm_roles(self, user_id): + """ + Get all realm roles on this user + + RoleRepresentation + https://www.keycloak.org/docs-api/8.0/rest-api/index.html#_rolerepresentation + + :param user_id: id of user + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.raw_get(URL_ADMIN_USER_REALM_ROLES.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200]) + def assign_group_realm_roles(self, group_id, roles): """ Assign realm roles to a group diff --git a/keycloak/urls_patterns.py b/keycloak/urls_patterns.py index 3e28de8..e4b7089 100644 --- a/keycloak/urls_patterns.py +++ b/keycloak/urls_patterns.py @@ -79,7 +79,7 @@ URL_ADMIN_REALMS = "admin/realms" URL_ADMIN_REALM = "admin/realms/{realm-name}" URL_ADMIN_IDPS = "admin/realms/{realm-name}/identity-provider/instances" URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}" - +URL_ADMIN_REALM_ROLES_ROLE_BY_NAME_USERS = "admin/realms/{realm-name}/roles/{role-name}/users" URL_ADMIN_FLOWS = "admin/realms/{realm-name}/authentication/flows" URL_ADMIN_FLOWS_EXECUTIONS = "admin/realms/{realm-name}/authentication/flows/{flow-alias}/executions"