ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-06-29 19:50:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

[PR #9391/49ed3d4a backport][stable-10] k*.py: normalize docs (#9407)

Browse source 
k*.py: normalize docs (#9391)

* k*.py: normalize docs

* Update plugins/modules/keycloak_realm_keys_metadata_info.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/kibana_plugin.py

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 49ed3d4acf)

Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
This commit is contained in:
patchback[bot] 2024-12-26 14:01:16 +01:00 committed by GitHub
parent d3badc6d43
commit 11ba71c802
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
34 changed files with 4402 additions and 4882 deletions
Download patch file Download diff file Expand all files Collapse all files

228
plugins/modules/keycloak_user_rolemapping.py
View file

@ -7,8 +7,7 @@
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: keycloak_user_rolemapping
short_description: Allows administration of Keycloak user_rolemapping with the Keycloak API
@ -16,110 +15,93 @@ short_description: Allows administration of Keycloak user_rolemapping with the K
version_added: 5.7.0
description:
- This module allows you to add, remove or modify Keycloak user_rolemapping with the Keycloak REST API.
It requires access to the REST API via OpenID Connect; the user connecting and the client being
used must have the requisite access rights. In a default Keycloak installation, admin-cli
and an admin user would work, as would a separate client definition with the scope tailored
to your needs and a user having the expected roles.
- The names of module options are snake_cased versions of the camelCase ones found in the
Keycloak API and its documentation at U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
- Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will
be returned that way by this module. You may pass single values for attributes when calling the module,
and this will be translated into a list suitable for the API.
- When updating a user_rolemapping, where possible provide the role ID to the module. This removes a lookup
to the API to translate the name into the role ID.
- This module allows you to add, remove or modify Keycloak user_rolemapping with the Keycloak REST API. It requires access to the REST API using
OpenID Connect; the user connecting and the client being used must have the requisite access rights. In a default Keycloak installation, admin-cli
and an admin user would work, as would a separate client definition with the scope tailored to your needs and a user having the expected roles.
- The names of module options are snake_cased versions of the camelCase ones found in the Keycloak API and its documentation at
U(https://www.keycloak.org/docs-api/8.0/rest-api/index.html).
- Attributes are multi-valued in the Keycloak API. All attributes are lists of individual values and will be returned that way by this module.
You may pass single values for attributes when calling the module, and this will be translated into a list suitable for the API.
- When updating a user_rolemapping, where possible provide the role ID to the module. This removes a lookup to the API to translate the name
into the role ID.
attributes:
check_mode:
support: full
diff_mode:
support: full
action_group:
version_added: 10.2.0
check_mode:
support: full
diff_mode:
support: full
action_group:
version_added: 10.2.0
options:
state:
description:
- State of the user_rolemapping.
- On V(present), the user_rolemapping will be created if it does not yet exist, or updated with the parameters you provide.
- On V(absent), the user_rolemapping will be removed if it exists.
default: 'present'
type: str
choices:
- present
- absent
state:
description:
- State of the user_rolemapping.
- On V(present), the user_rolemapping will be created if it does not yet exist, or updated with the parameters you provide.
- On V(absent), the user_rolemapping will be removed if it exists.
default: 'present'
type: str
choices:
- present
- absent
realm:
realm:
type: str
description:
- They Keycloak realm under which this role_representation resides.
default: 'master'
target_username:
type: str
description:
- Username of the user roles are mapped to.
- This parameter is not required (can be replaced by uid for less API call).
uid:
type: str
description:
- ID of the user to be mapped.
- This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of API calls required.
service_account_user_client_id:
type: str
description:
- Client ID of the service-account-user to be mapped.
- This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of API calls required.
client_id:
type: str
description:
- Name of the client to be mapped (different than O(cid)).
- This parameter is required if O(cid) is not provided (can be replaced by O(cid) to reduce the number of API calls that must be made).
cid:
type: str
description:
- ID of the client to be mapped.
- This parameter is not required for updating or deleting the rolemapping but providing it will reduce the number of API calls required.
roles:
description:
- Roles to be mapped to the user.
type: list
elements: dict
suboptions:
name:
type: str
description:
- They Keycloak realm under which this role_representation resides.
default: 'master'
target_username:
- Name of the role representation.
- This parameter is required only when creating or updating the role_representation.
id:
type: str
description:
- Username of the user roles are mapped to.
- This parameter is not required (can be replaced by uid for less API call).
uid:
type: str
description:
- ID of the user to be mapped.
- This parameter is not required for updating or deleting the rolemapping but
providing it will reduce the number of API calls required.
service_account_user_client_id:
type: str
description:
- Client ID of the service-account-user to be mapped.
- This parameter is not required for updating or deleting the rolemapping but
providing it will reduce the number of API calls required.
client_id:
type: str
description:
- Name of the client to be mapped (different than O(cid)).
- This parameter is required if O(cid) is not provided (can be replaced by O(cid)
to reduce the number of API calls that must be made).
cid:
type: str
description:
- ID of the client to be mapped.
- This parameter is not required for updating or deleting the rolemapping but
providing it will reduce the number of API calls required.
roles:
description:
- Roles to be mapped to the user.
type: list
elements: dict
suboptions:
name:
type: str
description:
- Name of the role representation.
- This parameter is required only when creating or updating the role_representation.
id:
type: str
description:
- The unique identifier for this role_representation.
- This parameter is not required for updating or deleting a role_representation but
providing it will reduce the number of API calls required.
- The unique identifier for this role_representation.
- This parameter is not required for updating or deleting a role_representation but providing it will reduce the number of API calls
required.
extends_documentation_fragment:
- community.general.keycloak
- community.general.keycloak.actiongroup_keycloak
- community.general.attributes
- community.general.keycloak
- community.general.keycloak.actiongroup_keycloak
- community.general.attributes
author:
- Dušan Marković (@bratwurzt)
'''
- Dušan Marković (@bratwurzt)
"""
EXAMPLES = '''
EXAMPLES = r"""
- name: Map a client role to a user, authentication with credentials
community.general.keycloak_user_rolemapping:
realm: MyCustomRealm
@ -189,49 +171,37 @@ EXAMPLES = '''
- name: role_name2
id: role_id2
delegate_to: localhost
'''
"""
RETURN = '''
RETURN = r"""
msg:
description: Message as to what action was taken.
returned: always
type: str
sample: "Role role1 assigned to user user1."
description: Message as to what action was taken.
returned: always
type: str
sample: "Role role1 assigned to user user1."
proposed:
description: Representation of proposed client role mapping.
returned: always
type: dict
sample: {
clientId: "test"
}
description: Representation of proposed client role mapping.
returned: always
type: dict
sample: {clientId: "test"}
existing:
description:
- Representation of existing client role mapping.
- The sample is truncated.
returned: always
type: dict
sample: {
"adminUrl": "http://www.example.com/admin_url",
"attributes": {
"request.object.signature.alg": "RS256",
}
}
description:
- Representation of existing client role mapping.
- The sample is truncated.
returned: always
type: dict
sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
end_state:
description:
- Representation of client role mapping after module execution.
- The sample is truncated.
returned: on success
type: dict
sample: {
"adminUrl": "http://www.example.com/admin_url",
"attributes": {
"request.object.signature.alg": "RS256",
}
}
'''
description:
- Representation of client role mapping after module execution.
- The sample is truncated.
returned: on success
type: dict
sample: {"adminUrl": "http://www.example.com/admin_url", "attributes": {"request.object.signature.alg": "RS256"}}
"""
from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, \
keycloak_argument_spec, get_token, KeycloakError