mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
keycloak_user_federation: add module arg to make mapper removal optout (#8764)
* add module arg to make mapper removal optout * change parameter name to snake case: remove_unspecified_mappers * add period to parameter description Co-authored-by: Felix Fontein <felix@fontein.de> * use dict indexing to get parameter instead of `.get()` * add changelog fragment * Update changelogs/fragments/8764-keycloak_user_federation-make-mapper-removal-optout.yml Co-authored-by: Felix Fontein <felix@fontein.de> * add `version_added` to argument description Co-authored-by: Felix Fontein <felix@fontein.de> * Update plugins/modules/keycloak_user_federation.py Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
5192ffe5b3
commit
7dc4429c9c
2 changed files with 23 additions and 6 deletions
|
@ -0,0 +1,2 @@
|
||||||
|
minor_changes:
|
||||||
|
- keycloak_user_federation - add module argument allowing users to optout of the removal of unspecified mappers, for example to keep the keycloak default mappers (https://github.com/ansible-collections/community.general/pull/8764).
|
|
@ -85,6 +85,14 @@ options:
|
||||||
- parentId
|
- parentId
|
||||||
type: str
|
type: str
|
||||||
|
|
||||||
|
remove_unspecified_mappers:
|
||||||
|
description:
|
||||||
|
- Remove mappers that are not specified in the configuration for this federation.
|
||||||
|
- Set to V(false) to keep mappers that are not listed in O(mappers).
|
||||||
|
type: bool
|
||||||
|
default: true
|
||||||
|
version_added: 9.4.0
|
||||||
|
|
||||||
config:
|
config:
|
||||||
description:
|
description:
|
||||||
- Dict specifying the configuration options for the provider; the contents differ depending on
|
- Dict specifying the configuration options for the provider; the contents differ depending on
|
||||||
|
@ -808,6 +816,7 @@ def main():
|
||||||
provider_id=dict(type='str', aliases=['providerId']),
|
provider_id=dict(type='str', aliases=['providerId']),
|
||||||
provider_type=dict(type='str', aliases=['providerType'], default='org.keycloak.storage.UserStorageProvider'),
|
provider_type=dict(type='str', aliases=['providerType'], default='org.keycloak.storage.UserStorageProvider'),
|
||||||
parent_id=dict(type='str', aliases=['parentId']),
|
parent_id=dict(type='str', aliases=['parentId']),
|
||||||
|
remove_unspecified_mappers=dict(type='bool', default=True),
|
||||||
mappers=dict(type='list', elements='dict', options=mapper_spec),
|
mappers=dict(type='list', elements='dict', options=mapper_spec),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -849,7 +858,7 @@ def main():
|
||||||
|
|
||||||
# Filter and map the parameters names that apply
|
# Filter and map the parameters names that apply
|
||||||
comp_params = [x for x in module.params
|
comp_params = [x for x in module.params
|
||||||
if x not in list(keycloak_argument_spec().keys()) + ['state', 'realm', 'mappers'] and
|
if x not in list(keycloak_argument_spec().keys()) + ['state', 'realm', 'mappers', 'remove_unspecified_mappers'] and
|
||||||
module.params.get(x) is not None]
|
module.params.get(x) is not None]
|
||||||
|
|
||||||
# See if it already exists in Keycloak
|
# See if it already exists in Keycloak
|
||||||
|
@ -910,6 +919,11 @@ def main():
|
||||||
changeset['mappers'] = list()
|
changeset['mappers'] = list()
|
||||||
changeset['mappers'].append(new_mapper)
|
changeset['mappers'].append(new_mapper)
|
||||||
|
|
||||||
|
# to keep unspecified existing mappers we add them to the desired mappers list, unless they're already present
|
||||||
|
if not module.params['remove_unspecified_mappers'] and 'mappers' in before_comp:
|
||||||
|
changeset_mapper_ids = [mapper['id'] for mapper in changeset['mappers'] if 'id' in mapper]
|
||||||
|
changeset['mappers'].extend([mapper for mapper in before_comp['mappers'] if mapper['id'] not in changeset_mapper_ids])
|
||||||
|
|
||||||
# Prepare the desired values using the existing values (non-existence results in a dict that is save to use as a basis)
|
# Prepare the desired values using the existing values (non-existence results in a dict that is save to use as a basis)
|
||||||
desired_comp = before_comp.copy()
|
desired_comp = before_comp.copy()
|
||||||
desired_comp.update(changeset)
|
desired_comp.update(changeset)
|
||||||
|
@ -965,11 +979,12 @@ def main():
|
||||||
new_mapper['parentId'] = cid
|
new_mapper['parentId'] = cid
|
||||||
updated_mappers.append(kc.create_component(new_mapper, realm))
|
updated_mappers.append(kc.create_component(new_mapper, realm))
|
||||||
|
|
||||||
# we remove all unwanted default mappers
|
if module.params['remove_unspecified_mappers']:
|
||||||
# we use ids so we dont accidently remove one of the previously updated default mapper
|
# we remove all unwanted default mappers
|
||||||
for default_mapper in default_mappers:
|
# we use ids so we dont accidently remove one of the previously updated default mapper
|
||||||
if not default_mapper['id'] in [x['id'] for x in updated_mappers]:
|
for default_mapper in default_mappers:
|
||||||
kc.delete_component(default_mapper['id'], realm)
|
if not default_mapper['id'] in [x['id'] for x in updated_mappers]:
|
||||||
|
kc.delete_component(default_mapper['id'], realm)
|
||||||
|
|
||||||
after_comp['mappers'] = kc.get_components(urlencode(dict(parent=cid)), realm)
|
after_comp['mappers'] = kc.get_components(urlencode(dict(parent=cid)), realm)
|
||||||
if module._diff:
|
if module._diff:
|
||||||
|
|
Loading…
Reference in a new issue