keycloak-admin 0.7.1 → 0.7.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 39322dd0c0035b30a67644fa401bbe55c835dbf1
-  data.tar.gz: 268b16b6d6e20aac7a44ba993a76114f8d86e1b8
+  metadata.gz: ef2112e82d91e64a41f612eb13dd37bbd6e7b09b
+  data.tar.gz: 66218b9a1051a9d592d236235ddb1ac6e22161cf
 SHA512:
-  metadata.gz: 8f57fe6316a4378bfc8e3c90e6732b5977fc2f14a7871f0b69fb2790bcf60ec047a4a3841e8075eabfdd83d3961d3f1c4bdc38ac2a13a630e8a236e098d877bd
-  data.tar.gz: bb2384c3c9c16d498baade9a2ef02766396ca370724114da3b0136976bca61f6a9a6912d106ef5420f3bbdba65f06c88daa476088e77f28c2eaa73546857e1f6
+  metadata.gz: 8034f148b70ded3b877a486865eadec656bb6a551cc71630d326aa3f81c4bbf2ed87541e6aa7ec5528934cad3d1dab65cc9dbf8adf747e3bf9f5b61531b8a01c
+  data.tar.gz: cd4abc841445b3e73b4ee385b2e0a762c27a927d02a6814752929650fe6ccc37e06c8ec8e1b73552ede40f1e1652571032ed0ede0fc107ca3eec49d69dcd1e36

data/CHANGELOG.md

@@ -5,7 +5,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [0.7.1] - Next version
+## [0.7.2] - 2019-06-17
+
+Thanks to @vlad-ro:
+
+* Get list of client role mappings for a group
+* Save client role mappings for a user/group
+* Save realm-level role mappings for a user/group
+
+## [0.7.1] - 2019-06-11
 
 Thanks to @vlad-ro:
 
@@ -18,7 +26,7 @@ Thanks to @vlad-ro:
 * Support passing rest client options for user save and search
 * Support using gem without ActiveSupport
 
-## [0.7.0] - 2019-06-11
+## [0.7.0] - 2019-06-06
 
 Thanks to @vlad-ro:
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    keycloak-admin (0.7.1)
+    keycloak-admin (0.7.2)
       http-cookie (~> 1.0, >= 1.0.3)
       rest-client (~> 2.0)
 

data/README.md

@@ -12,7 +12,7 @@ This gem *does not* require Rails.
 For example, using `bundle`, add this line to your Gemfile.
 
 ```ruby
-gem "keycloak-admin", "0.7.0"
+gem "keycloak-admin", "0.7.2"
 ```
 
 ## Login
@@ -94,7 +94,9 @@ All options have a default value. However, all of them can be changed in your in
 * Get list of groups, create/save a group
 * Get list of roles, save a role
 * Get list of realms, save/update/delete a realm
-* Get list of client role mappings for a user
+* Get list of client role mappings for a user/group
+* Save client role mappings for a user/group
+* Save realm-level role mappings for a user/group
 
 ### Get an access token
 
@@ -285,7 +287,7 @@ Takes `role`, which must be of type `KeycloakAdmin::RoleRepresentation`.
 KeycloakAdmin.realm("a_realm").roles.save(role)
 ```
 
-### Get list of client role mappings for a user
+### Get list of client role mappings for a user/group
 
 Returns an array of `KeycloakAdmin::RoleRepresentation`.
 
@@ -294,6 +296,42 @@ user_id   = "95985b21-d884-4bbd-b852-cb8cd365afc2"
 client_id = "1869e876-71b4-4de2-849e-66540db3a098"
 KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).list_available
 ```
+or
+```ruby
+group_id  = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
+client_id = "1869e876-71b4-4de2-849e-66540db3a098"
+KeycloakAdmin.realm("a_realm").group(group_id).client_role_mappings(client_id).list_available
+```
+
+### Save list of client role mappings for a user/group
+
+Takes `role_list`, which must be an array of type `KeycloakAdmin::RoleRepresentation`.
+
+```ruby
+user_id   = "95985b21-d884-4bbd-b852-cb8cd365afc2"
+client_id = "1869e876-71b4-4de2-849e-66540db3a098"
+KeycloakAdmin.realm("a_realm").user(user_id).client_role_mappings(client_id).save(role_list)
+```
+or
+```ruby
+group_id  = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
+client_id = "1869e876-71b4-4de2-849e-66540db3a098"
+KeycloakAdmin.realm("a_realm").group(group_id).client_role_mappings(client_id).save(role_list)
+```
+
+### Save list of realm-level role mappings for a user/group
+
+Takes `role_list`, which must be an array of type `KeycloakAdmin::RoleRepresentation`.
+
+```ruby
+user_id   = "95985b21-d884-4bbd-b852-cb8cd365afc2"
+KeycloakAdmin.realm("a_realm").user(user_id).role_mapper.save_realm_level(role_list)
+```
+or
+```ruby
+group_id  = "3a63b5c0-ef8a-47fd-86ed-b5fead18d9b8"
+KeycloakAdmin.realm("a_realm").group(group_id).role_mapper.save_realm_level(role_list)
+```
 
 ## How to execute library tests
 

data/lib/keycloak-admin/client/client_role_mappings_client.rb

@@ -13,8 +13,20 @@ module KeycloakAdmin
       JSON.parse(response).map { |role_as_hash| RoleRepresentation.from_hash(role_as_hash) }
     end
 
+    def save(role_representation_list)
+      execute_http do
+        RestClient::Resource.new(base_url, @configuration.rest_client_options).post(
+          role_representation_list.to_json, headers
+        )
+      end
+    end
+
     def list_available_url
       "#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}/available"
     end
+
+    def base_url
+      "#{@user_resource.resource_url}/role-mappings/clients/#{@client_id}"
+    end
   end
 end

data/lib/keycloak-admin/client/realm_client.rb

@@ -71,6 +71,10 @@ module KeycloakAdmin
       GroupClient.new(@configuration, self)
     end
 
+    def group(group_id)
+      GroupResource.new(@configuration, self, group_id)
+    end
+
     def roles
       RoleClient.new(@configuration, self)
     end

data/lib/keycloak-admin/client/role_mapper_client.rb

@@ -0,0 +1,20 @@
+module KeycloakAdmin
+  class RoleMapperClient < Client
+    def initialize(configuration, user_resource)
+      super(configuration)
+      @user_resource = user_resource
+    end
+
+    def save_realm_level(role_representation_list)
+      execute_http do
+        RestClient::Resource.new(realm_level_url, @configuration.rest_client_options).post(
+          role_representation_list.to_json, headers
+        )
+      end
+    end
+
+    def realm_level_url
+      "#{@user_resource.resource_url}/role-mappings/realm"
+    end
+  end
+end

data/lib/keycloak-admin/resource/base_role_containing_resource.rb

@@ -0,0 +1,26 @@
+module KeycloakAdmin
+  class BaseRoleContainingResource
+    def initialize(configuration, realm_client, resource_id)
+      @configuration = configuration
+      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
+      @realm_client = realm_client
+      @resource_id = resource_id
+    end
+
+    def resources_name
+      raise NotImplementedError.new('must override in subclass')
+    end
+
+    def resource_url
+      "#{@realm_client.realm_admin_url}/#{resources_name}/#{@resource_id}"
+    end
+
+    def client_role_mappings(client_id)
+      ClientRoleMappingsClient.new(@configuration, self, client_id)
+    end
+
+    def role_mapper
+      RoleMapperClient.new(@configuration, self)
+    end
+  end
+end

data/lib/keycloak-admin/resource/group_resource.rb

@@ -0,0 +1,7 @@
+module KeycloakAdmin
+  class GroupResource < BaseRoleContainingResource
+    def resources_name
+      "groups"
+    end
+  end
+end

data/lib/keycloak-admin/resource/user_resource.rb

@@ -1,18 +1,7 @@
 module KeycloakAdmin
-  class UserResource
-    def initialize(configuration, realm_client, id)
-      @configuration = configuration
-      raise ArgumentError.new("realm must be defined") unless realm_client.name_defined?
-      @realm_client = realm_client
-      @id = id
-    end
-
-    def resource_url
-      "#{@realm_client.realm_admin_url}/users/#{@id}"
-    end
-
-    def client_role_mappings(client_id)
-      ClientRoleMappingsClient.new(@configuration, self, client_id)
+  class UserResource < BaseRoleContainingResource
+    def resources_name
+      "users"
     end
   end
 end

data/lib/keycloak-admin/version.rb

@@ -1,3 +1,3 @@
 module KeycloakAdmin
-  VERSION = "0.7.1"
+  VERSION = "0.7.2"
 end

data/lib/keycloak-admin.rb

@@ -7,6 +7,7 @@ require_relative "keycloak-admin/client/client_role_mappings_client"
 require_relative "keycloak-admin/client/group_client"
 require_relative "keycloak-admin/client/realm_client"
 require_relative "keycloak-admin/client/role_client"
+require_relative "keycloak-admin/client/role_mapper_client"
 require_relative "keycloak-admin/client/token_client"
 require_relative "keycloak-admin/client/user_client"
 require_relative "keycloak-admin/client/configurable_token_client"
@@ -21,6 +22,8 @@ require_relative "keycloak-admin/representation/credential_representation"
 require_relative "keycloak-admin/representation/realm_representation"
 require_relative "keycloak-admin/representation/role_representation"
 require_relative "keycloak-admin/representation/user_representation"
+require_relative "keycloak-admin/resource/base_role_containing_resource"
+require_relative "keycloak-admin/resource/group_resource"
 require_relative "keycloak-admin/resource/user_resource"
 
 module KeycloakAdmin

data/spec/client/client_role_mappings_client_spec.rb

@@ -45,4 +45,38 @@ RSpec.describe KeycloakAdmin::ClientRoleMappingsClient do
       expect(roles[0].name).to eq "test_role_name"
     end
   end
+
+  describe "#save" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:client_id)  { "test_client" }
+    let(:role_list) { [
+      KeycloakAdmin::RoleRepresentation.from_hash(
+        "name" => "test_role_name",
+        "composite" => false,
+        "clientRole" => false
+      )
+    ] }
+
+    before(:each) do
+      @client_role_mappings_client = KeycloakAdmin.realm(realm_name).user(user_id).client_role_mappings(client_id)
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
+    end
+
+    it "saves client role mappings" do
+      @client_role_mappings_client.save(role_list)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/clients/test_client", rest_client_options).and_call_original
+
+      @client_role_mappings_client.save(role_list)
+    end
+  end
 end

data/spec/client/role_mapper_client_spec.rb

@@ -0,0 +1,47 @@
+RSpec.describe KeycloakAdmin::RoleMapperClient do
+  describe "#available_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper.realm_level_url
+    end
+
+    it "return a proper url" do
+      expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm"
+    end
+  end
+
+  describe "#save_realm_level" do
+    let(:realm_name) { "valid-realm" }
+    let(:user_id)    { "test_user" }
+    let(:role_list) { [
+      KeycloakAdmin::RoleRepresentation.from_hash(
+        "name" => "test_role_name",
+        "composite" => false,
+        "clientRole" => false
+      )
+    ] }
+
+    before(:each) do
+      @role_mapper_client = KeycloakAdmin.realm(realm_name).user(user_id).role_mapper
+
+      stub_token_client
+      expect_any_instance_of(RestClient::Resource).to receive(:post).with(role_list.to_json, anything)
+    end
+
+    it "saves realm-elevel role mappings" do
+      @role_mapper_client.save_realm_level(role_list)
+    end
+
+    it "passes rest client options" do
+      rest_client_options = {verify_ssl: OpenSSL::SSL::VERIFY_NONE}
+      allow_any_instance_of(KeycloakAdmin::Configuration).to receive(:rest_client_options).and_return rest_client_options
+
+      expect(RestClient::Resource).to receive(:new).with(
+        "http://auth.service.io/auth/admin/realms/valid-realm/users/test_user/role-mappings/realm", rest_client_options).and_call_original
+
+      @role_mapper_client.save_realm_level(role_list)
+    end
+  end
+end

data/spec/resource/group_resource_spec.rb

@@ -0,0 +1,14 @@
+RSpec.describe KeycloakAdmin::GroupResource do
+  describe "#resource_url" do
+    let(:realm_name) { "valid-realm" }
+    let(:group_id)   { "95985b21-d884-4bbd-b852-cb8cd365afc2" }
+
+    before(:each) do
+      @built_url = KeycloakAdmin.realm(realm_name).group(group_id).resource_url
+    end
+
+    it "return a proper url" do
+      expect(@built_url).to eq "http://auth.service.io/auth/admin/realms/valid-realm/groups/95985b21-d884-4bbd-b852-cb8cd365afc2"
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keycloak-admin
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.7.2
 platform: ruby
 authors:
 - Lorent Lempereur
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-06-11 00:00:00.000000000 Z
+date: 2019-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: http-cookie
@@ -96,6 +96,7 @@ files:
 - lib/keycloak-admin/client/group_client.rb
 - lib/keycloak-admin/client/realm_client.rb
 - lib/keycloak-admin/client/role_client.rb
+- lib/keycloak-admin/client/role_mapper_client.rb
 - lib/keycloak-admin/client/token_client.rb
 - lib/keycloak-admin/client/user_client.rb
 - lib/keycloak-admin/configuration.rb
@@ -110,6 +111,8 @@ files:
 - lib/keycloak-admin/representation/role_representation.rb
 - lib/keycloak-admin/representation/token_representation.rb
 - lib/keycloak-admin/representation/user_representation.rb
+- lib/keycloak-admin/resource/base_role_containing_resource.rb
+- lib/keycloak-admin/resource/group_resource.rb
 - lib/keycloak-admin/resource/user_resource.rb
 - lib/keycloak-admin/version.rb
 - spec/client/client_client_spec.rb
@@ -119,11 +122,13 @@ files:
 - spec/client/group_client_spec.rb
 - spec/client/realm_client_spec.rb
 - spec/client/role_client_spec.rb
+- spec/client/role_mapper_client_spec.rb
 - spec/client/token_client_spec.rb
 - spec/client/user_client_spec.rb
 - spec/configuration_spec.rb
 - spec/representation/impersonation_representation_spec.rb
 - spec/representation/user_representation_spec.rb
+- spec/resource/group_resource_spec.rb
 - spec/resource/user_resource_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/looorent/keycloak-admin-ruby