keycloak_user_federation: add mapper removal (#8695)

* add unwanted mapper removal * check for mapper updates in already fetched data to remove unnecessary API calls * added mock answers and updated request count to match the added delete and fetch after_comp calls * fix sanity issues * add changelog fragment * removed automatic field numbering from format * replace filter expression with list comprehension Co-authored-by: Felix Fontein <felix@fontein.de> * add module name, link to issue and link to PR to changelog Co-authored-by: Felix Fontein <felix@fontein.de> * Use list comprehension. --------- Co-authored-by: Felix Fontein <felix@fontein.de>
2025-07-22 12:50:22 -07:00 · 2024-08-12 07:55:17 +02:00 · 2024-08-12 07:55:17 +02:00 · 2942eda8e0
commit 2942eda8e0
parent 73b54139d6
3 changed files with 98 additions and 35 deletions
--- a/tests/unit/plugins/modules/test_keycloak_user_federation.py
+++ b/tests/unit/plugins/modules/test_keycloak_user_federation.py
@ -144,8 +144,9 @@ class TestKeycloakUserFederation(ModuleTestCase):
                }
            }
        ]
+        # get before_comp, get default_mapper, get after_mapper
        return_value_components_get = [
-            [], []
+            [], [], []
        ]
        changed = True

@ -159,7 +160,7 @@ class TestKeycloakUserFederation(ModuleTestCase):
                with self.assertRaises(AnsibleExitJson) as exec_info:
                    self.module.main()

-        self.assertEqual(len(mock_get_components.mock_calls), 1)
+        self.assertEqual(len(mock_get_components.mock_calls), 3)
        self.assertEqual(len(mock_get_component.mock_calls), 0)
        self.assertEqual(len(mock_create_component.mock_calls), 1)
        self.assertEqual(len(mock_update_component.mock_calls), 0)
@ -228,6 +229,7 @@ class TestKeycloakUserFederation(ModuleTestCase):
                    }
                }
            ],
+            [],
            []
        ]
        return_value_component_get = [
@ -281,7 +283,7 @@ class TestKeycloakUserFederation(ModuleTestCase):
                with self.assertRaises(AnsibleExitJson) as exec_info:
                    self.module.main()

-        self.assertEqual(len(mock_get_components.mock_calls), 2)
+        self.assertEqual(len(mock_get_components.mock_calls), 3)
        self.assertEqual(len(mock_get_component.mock_calls), 1)
        self.assertEqual(len(mock_create_component.mock_calls), 0)
        self.assertEqual(len(mock_update_component.mock_calls), 1)
@ -344,7 +346,47 @@ class TestKeycloakUserFederation(ModuleTestCase):
            ]
        }
        return_value_components_get = [
-            [], []
+            [],
+            # exemplary default mapper created by keylocak
+            [
+                {
+                    "config": {
+                        "always.read.value.from.ldap": "false",
+                        "is.mandatory.in.ldap": "false",
+                        "ldap.attribute": "mail",
+                        "read.only": "true",
+                        "user.model.attribute": "email"
+                    },
+                    "id": "77e1763f-c51a-4286-bade-75577d64803c",
+                    "name": "email",
+                    "parentId": "e5f48aa3-b56b-4983-a8ad-2c7b8b5e77cb",
+                    "providerId": "user-attribute-ldap-mapper",
+                    "providerType": "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
+                },
+            ],
+            [
+                {
+                    "id": "2dfadafd-8b34-495f-a98b-153e71a22311",
+                    "name": "full name",
+                    "providerId": "full-name-ldap-mapper",
+                    "providerType": "org.keycloak.storage.ldap.mappers.LDAPStorageMapper",
+                    "parentId": "eb691537-b73c-4cd8-b481-6031c26499d8",
+                    "config": {
+                        "ldap.full.name.attribute": [
+                            "cn"
+                        ],
+                        "read.only": [
+                            "true"
+                        ],
+                        "write.only": [
+                            "false"
+                        ]
+                    }
+                }
+            ]
+        ]
+        return_value_component_delete = [
+            None
        ]
        return_value_component_create = [
            {
@ -462,11 +504,11 @@ class TestKeycloakUserFederation(ModuleTestCase):
                with self.assertRaises(AnsibleExitJson) as exec_info:
                    self.module.main()

-        self.assertEqual(len(mock_get_components.mock_calls), 2)
+        self.assertEqual(len(mock_get_components.mock_calls), 3)
        self.assertEqual(len(mock_get_component.mock_calls), 0)
        self.assertEqual(len(mock_create_component.mock_calls), 2)
        self.assertEqual(len(mock_update_component.mock_calls), 0)
-        self.assertEqual(len(mock_delete_component.mock_calls), 0)
+        self.assertEqual(len(mock_delete_component.mock_calls), 1)

        # Verify that the module's changed status matches what is expected
        self.assertIs(exec_info.exception.args[0]['changed'], changed)