PyPI - cardo-python-utils - Versions diffs - 0.5.dev1__tar.gz → 0.5.dev4__tar.gz - Mend

cardo-python-utils 0.5.dev1tar.gz → 0.5.dev4tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

{cardo_python_utils-0.5.dev1/cardo_python_utils.egg-info → cardo_python_utils-0.5.dev4}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cardo-python-utils
-Version: 0.5.dev1
+Version: 0.5.dev4
 Summary: Python library enhanced with a wide range of functions for different scenarios.
 Author-email: CardoAI <hello@cardoai.com>
 License: MIT
@@ -37,6 +37,9 @@ Requires-Dist: PyJWT; extra == "drf"
 Provides-Extra: django-admin-auth
 Requires-Dist: Django; extra == "django-admin-auth"
 Requires-Dist: mozilla-django-oidc>=4.0.1; extra == "django-admin-auth"
+Provides-Extra: django-keycloak-groups
+Requires-Dist: Django; extra == "django-keycloak-groups"
+Requires-Dist: python-keycloak>=5.8.1; extra == "django-keycloak-groups"
 Provides-Extra: all
 Requires-Dist: Django; extra == "all"
 Provides-Extra: dev

{cardo_python_utils-0.5.dev1 → cardo_python_utils-0.5.dev4/cardo_python_utils.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cardo-python-utils
-Version: 0.5.dev1
+Version: 0.5.dev4
 Summary: Python library enhanced with a wide range of functions for different scenarios.
 Author-email: CardoAI <hello@cardoai.com>
 License: MIT
@@ -37,6 +37,9 @@ Requires-Dist: PyJWT; extra == "drf"
 Provides-Extra: django-admin-auth
 Requires-Dist: Django; extra == "django-admin-auth"
 Requires-Dist: mozilla-django-oidc>=4.0.1; extra == "django-admin-auth"
+Provides-Extra: django-keycloak-groups
+Requires-Dist: Django; extra == "django-keycloak-groups"
+Requires-Dist: python-keycloak>=5.8.1; extra == "django-keycloak-groups"
 Provides-Extra: all
 Requires-Dist: Django; extra == "all"
 Provides-Extra: dev

{cardo_python_utils-0.5.dev1 → cardo_python_utils-0.5.dev4}/cardo_python_utils.egg-info/SOURCES.txt RENAMED Viewed

@@ -22,4 +22,7 @@ python_utils/django/utils.py
 python_utils/django/auth/__init__.py
 python_utils/django/auth/admin.py
 python_utils/django/auth/drf.py
-python_utils/django/auth/ninja.py
+python_utils/django/auth/ninja.py
+python_utils/django/keycloak/admin.py
+python_utils/django/keycloak/models.py
+python_utils/django/keycloak/service.py

{cardo_python_utils-0.5.dev1 → cardo_python_utils-0.5.dev4}/cardo_python_utils.egg-info/requires.txt RENAMED Viewed

@@ -15,6 +15,10 @@ Django
 Django
 mozilla-django-oidc>=4.0.1
+[django-keycloak-groups]
+Django
+python-keycloak>=5.8.1
 [django-ninja]
 Django
 django-ninja

{cardo_python_utils-0.5.dev1 → cardo_python_utils-0.5.dev4}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "cardo-python-utils"
-version = "0.5.dev1"
+version = "0.5.dev4"
 description = "Python library enhanced with a wide range of functions for different scenarios."
 readme = "README.rst"
 requires-python = ">=3.8"
@@ -48,6 +48,10 @@ django-admin-auth = [
     "Django",
     "mozilla-django-oidc>=4.0.1",
 ]
+django-keycloak-groups = [
+    "Django",
+    "python-keycloak>=5.8.1",
+]
 all = [
     "Django",
 ]

cardo_python_utils-0.5.dev4/python_utils/django/keycloak/admin.py ADDED Viewed

@@ -0,0 +1,86 @@
+from django.contrib import admin, messages
+from django.core.cache import cache
+from django.urls import path
+from django.shortcuts import redirect
+from .service import KeycloakService
+class UserGroupAdmin(admin.ModelAdmin):
+    list_display = ("path",)
+    search_fields = ("id", "path")
+    readonly_fields = ("id", "path")
+    # To show ManyToMany fields with a horizontal filter widget
+    # filter_horizontal = ("allowed_entities",)
+    change_list_template = "user_groups_changelist.html"
+    # To show fields in this order in the detail view
+    # fieldsets = (
+    #     (
+    #         None,
+    #         {
+    #             "fields": (
+    #                 "id",
+    #                 "path",
+    #                 "allow_all_entities",
+    #                 "allowed_entities",
+    #             )
+    #         },
+    #     ),
+    # )
+    def has_add_permission(self, request):
+        # Manual addition of user groups is not allowed
+        return False
+    def has_delete_permission(self, request, obj=None):
+        # Manual deletion of user groups is not allowed
+        return False
+    # To show annotated fields in the list view
+    # def get_queryset(self, request):
+    #     return (
+    #         super()
+    #         .get_queryset(request)
+    #         .annotate(allowed_job_configs_count=Count("allowed_job_configs"))
+    #     )
+    def get_urls(self):
+        return [
+            path("sync-with-keycloak/", self.sync_groups_with_keycloak),
+            *super().get_urls(),
+        ]
+    @staticmethod
+    def sync_groups_with_keycloak(request):  # noqa
+        """Syncs user groups with Keycloak"""
+        try:
+            KeycloakService().sync_user_groups(raise_exceptions=True)
+            messages.success(request, "User groups synced successfully.")
+        except Exception as e:
+            messages.error(request, f"Error syncing user groups: {e}")
+        return redirect("..")
+    # To allow sorting by annotated fields
+    # @admin.display(
+    #     description="Allowed Job Configs", ordering="allowed_job_configs_count"
+    # )
+    # def allowed_job_configs_count(self, obj):
+    #     return obj.allowed_job_configs_count
+    def changelist_view(self, request, extra_context=None):
+        """
+        When the list view is accessed, sync the user groups from Keycloak.
+        Cache the sync for 10 minutes to avoid excessive requests.
+        """
+        cache_key = "keycloak_group_sync_lock"
+        if cache.get(cache_key) is None:
+            KeycloakService().sync_user_groups()
+            cache.set(cache_key, "true", 60 * 10)
+        return super().changelist_view(request, extra_context)

cardo_python_utils-0.5.dev4/python_utils/django/keycloak/models.py ADDED Viewed

@@ -0,0 +1,19 @@
+from django.db import models
+class UserGroupBase(models.Model):
+    """
+    Abstract base model for Keycloak user groups.
+    """
+    id = models.UUIDField(
+        primary_key=True,
+        help_text="The ID of the group, as coming from Keycloak.",
+    )
+    path = models.CharField(
+        max_length=255,
+        help_text="The full path of the group, as coming from Keycloak.",
+        db_index=True,
+    )
+    class Meta:
+        abstract = True

cardo_python_utils-0.5.dev4/python_utils/django/keycloak/service.py ADDED Viewed

@@ -0,0 +1,100 @@
+from django.apps import apps
+from django.conf import settings
+from keycloak import KeycloakAdmin
+from keycloak import KeycloakOpenIDConnection
+from keycloak.exceptions import KeycloakGetError
+class KeycloakService:
+    def __init__(self):
+        self._user_group_model = self._get_user_group_model()
+        self._keycloak_admin = self._get_keycloak_admin()
+    def sync_user_groups(self, raise_exceptions: bool = False):
+        print("Syncing user groups from Keycloak...")
+        try:
+            groups = self._keycloak_admin.get_groups(full_hierarchy=True)
+        except KeycloakGetError as e:
+            print(f"Failed to fetch groups from Keycloak: {str(e)}")
+            if raise_exceptions:
+                raise e
+            return
+        # Process existing and new groups
+        existing_groups = self._user_group_model.objects.all()
+        existing_groups_by_id = {str(group.id): group for group in existing_groups}
+        reported_group_ids = set()
+        for group in groups:
+            self._process_group_recursively(
+                group, existing_groups_by_id, reported_group_ids
+            )
+        # Identify deleted groups
+        deleted_groups = self._user_group_model.objects.exclude(
+            id__in=reported_group_ids
+        )
+        if deleted_groups.exists():
+            print(
+                f"Deleting groups no longer present in Keycloak: {list(deleted_groups.values_list('path', flat=True))}"
+            )
+            deleted_groups.delete()
+    def _get_keycloak_admin(self):
+        keycloak_connection = KeycloakOpenIDConnection(
+            server_url=settings.KEYCLOAK_SERVER_URL,
+            realm_name=settings.KEYCLOAK_REALM,
+            user_realm_name=settings.KEYCLOAK_REALM,
+            client_id=settings.KEYCLOAK_ADMIN_CLIENT_ID,
+            client_secret_key=settings.KEYCLOAK_ADMIN_CLIENT_SECRET,
+            verify=True,
+        )
+        return KeycloakAdmin(connection=keycloak_connection)
+    def _get_user_group_model(self):
+        """
+        Dynamically get the UserGroup model.
+        Attempts to use the model specified in settings.KEYCLOAK_USER_GROUP_MODEL.
+        Returns:
+            The UserGroup model class.
+        Raises:
+            LookupError: If the model cannot be found.
+        """
+        try:
+            model_string = getattr(settings, "KEYCLOAK_USER_GROUP_MODEL")
+        except AttributeError:
+            raise LookupError(
+                "Please set KEYCLOAK_USER_GROUP_MODEL in your Django settings "
+                "(e.g., 'myapp.UserGroup')."
+            )
+        return apps.get_model(model_string)
+    def _process_group_recursively(
+        self, group, existing_groups_by_id, reported_group_ids
+    ):
+        group_id = str(group["id"])
+        reported_group_ids.add(group_id)
+        if group_id in existing_groups_by_id:
+            existing_group = existing_groups_by_id[group_id]
+            if existing_group.path != group["path"]:
+                print(
+                    f"Updating group path from {existing_group.path} to {group['path']}..."
+                )
+                existing_group.path = group["path"]
+                existing_group.save()
+        else:
+            print(f"Creating new group with path {group['path']}...")
+            self._user_group_model.objects.create(id=group_id, path=group["path"])
+        if subgroups := group.get("subGroups"):
+            for subgroup in subgroups:
+                self._process_group_recursively(
+                    subgroup, existing_groups_by_id, reported_group_ids
+                )