1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

keycloak_user_federation: add module arg to make mapper removal optout (#8764)

* add module arg to make mapper removal optout

* change parameter name to snake case: remove_unspecified_mappers

* add period to parameter description

Co-authored-by: Felix Fontein <felix@fontein.de>

* use dict indexing to get parameter instead of `.get()`

* add changelog fragment

* Update changelogs/fragments/8764-keycloak_user_federation-make-mapper-removal-optout.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* add `version_added` to argument description

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/keycloak_user_federation.py

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
fgruenbauer 2024-08-24 18:59:34 +02:00 committed by GitHub
parent 5192ffe5b3
commit 7dc4429c9c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 23 additions and 6 deletions

View file

@ -0,0 +1,2 @@
minor_changes:
- keycloak_user_federation - add module argument allowing users to optout of the removal of unspecified mappers, for example to keep the keycloak default mappers (https://github.com/ansible-collections/community.general/pull/8764).

View file

@ -85,6 +85,14 @@ options:
- parentId - parentId
type: str type: str
remove_unspecified_mappers:
description:
- Remove mappers that are not specified in the configuration for this federation.
- Set to V(false) to keep mappers that are not listed in O(mappers).
type: bool
default: true
version_added: 9.4.0
config: config:
description: description:
- Dict specifying the configuration options for the provider; the contents differ depending on - Dict specifying the configuration options for the provider; the contents differ depending on
@ -808,6 +816,7 @@ def main():
provider_id=dict(type='str', aliases=['providerId']), provider_id=dict(type='str', aliases=['providerId']),
provider_type=dict(type='str', aliases=['providerType'], default='org.keycloak.storage.UserStorageProvider'), provider_type=dict(type='str', aliases=['providerType'], default='org.keycloak.storage.UserStorageProvider'),
parent_id=dict(type='str', aliases=['parentId']), parent_id=dict(type='str', aliases=['parentId']),
remove_unspecified_mappers=dict(type='bool', default=True),
mappers=dict(type='list', elements='dict', options=mapper_spec), mappers=dict(type='list', elements='dict', options=mapper_spec),
) )
@ -849,7 +858,7 @@ def main():
# Filter and map the parameters names that apply # Filter and map the parameters names that apply
comp_params = [x for x in module.params comp_params = [x for x in module.params
if x not in list(keycloak_argument_spec().keys()) + ['state', 'realm', 'mappers'] and if x not in list(keycloak_argument_spec().keys()) + ['state', 'realm', 'mappers', 'remove_unspecified_mappers'] and
module.params.get(x) is not None] module.params.get(x) is not None]
# See if it already exists in Keycloak # See if it already exists in Keycloak
@ -910,6 +919,11 @@ def main():
changeset['mappers'] = list() changeset['mappers'] = list()
changeset['mappers'].append(new_mapper) changeset['mappers'].append(new_mapper)
# to keep unspecified existing mappers we add them to the desired mappers list, unless they're already present
if not module.params['remove_unspecified_mappers'] and 'mappers' in before_comp:
changeset_mapper_ids = [mapper['id'] for mapper in changeset['mappers'] if 'id' in mapper]
changeset['mappers'].extend([mapper for mapper in before_comp['mappers'] if mapper['id'] not in changeset_mapper_ids])
# Prepare the desired values using the existing values (non-existence results in a dict that is save to use as a basis) # Prepare the desired values using the existing values (non-existence results in a dict that is save to use as a basis)
desired_comp = before_comp.copy() desired_comp = before_comp.copy()
desired_comp.update(changeset) desired_comp.update(changeset)
@ -965,11 +979,12 @@ def main():
new_mapper['parentId'] = cid new_mapper['parentId'] = cid
updated_mappers.append(kc.create_component(new_mapper, realm)) updated_mappers.append(kc.create_component(new_mapper, realm))
# we remove all unwanted default mappers if module.params['remove_unspecified_mappers']:
# we use ids so we dont accidently remove one of the previously updated default mapper # we remove all unwanted default mappers
for default_mapper in default_mappers: # we use ids so we dont accidently remove one of the previously updated default mapper
if not default_mapper['id'] in [x['id'] for x in updated_mappers]: for default_mapper in default_mappers:
kc.delete_component(default_mapper['id'], realm) if not default_mapper['id'] in [x['id'] for x in updated_mappers]:
kc.delete_component(default_mapper['id'], realm)
after_comp['mappers'] = kc.get_components(urlencode(dict(parent=cid)), realm) after_comp['mappers'] = kc.get_components(urlencode(dict(parent=cid)), realm)
if module._diff: if module._diff: