mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-24 13:04:00 -07:00 
			
		
		
		
	[PR #8979/658637dc backport][stable-9] keycloak_group: fix subgroup creation in Keycloak ≥23 (#9041)
keycloak_group: fix subgroup creation in Keycloak ≥23 (#8979)
* keycloak_group: fix subgroup creation in Keycloak ≥23
* Add changelog fragment
* Include issue and pull request in changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Use new way to get subgroups when getting a subgroup chain
* Fix indent
---------
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 658637dc70)
Co-authored-by: Victor Gaudard <victor.gaudard@gmail.com>
	
	
This commit is contained in:
		
					parent
					
						
							
								0d4d3f6b73
							
						
					
				
			
			
				commit
				
					
						5112994fd4
					
				
			
		
					 2 changed files with 21 additions and 2 deletions
				
			
		|  | @ -1499,6 +1499,23 @@ class KeycloakAPI(object): | |||
|             self.module.fail_json(msg="Could not fetch group %s in realm %s: %s" | ||||
|                                       % (gid, realm, str(e))) | ||||
| 
 | ||||
|     def get_subgroups(self, parent, realm="master"): | ||||
|         if 'subGroupCount' in parent: | ||||
|             # Since version 23, when GETting a group Keycloak does not | ||||
|             # return subGroups but only a subGroupCount. | ||||
|             # Children must be fetched in a second request. | ||||
|             if parent['subGroupCount'] == 0: | ||||
|                 group_children = [] | ||||
|             else: | ||||
|                 group_children_url = URL_GROUP_CHILDREN.format(url=self.baseurl, realm=realm, groupid=parent['id']) | ||||
|                 group_children = json.loads(to_native(open_url(group_children_url, method="GET", http_agent=self.http_agent, headers=self.restheaders, | ||||
|                                                                timeout=self.connection_timeout, | ||||
|                                                                validate_certs=self.validate_certs).read())) | ||||
|             subgroups = group_children | ||||
|         else: | ||||
|             subgroups = parent['subGroups'] | ||||
|         return subgroups | ||||
| 
 | ||||
|     def get_group_by_name(self, name, realm="master", parents=None): | ||||
|         """ Fetch a keycloak group within a realm based on its name. | ||||
| 
 | ||||
|  | @ -1519,7 +1536,7 @@ class KeycloakAPI(object): | |||
|                 if not parent: | ||||
|                     return None | ||||
| 
 | ||||
|                 all_groups = parent['subGroups'] | ||||
|                 all_groups = self.get_subgroups(parent, realm) | ||||
|             else: | ||||
|                 all_groups = self.get_groups(realm=realm) | ||||
| 
 | ||||
|  | @ -1568,7 +1585,7 @@ class KeycloakAPI(object): | |||
|             return None | ||||
| 
 | ||||
|         for p in name_chain[1:]: | ||||
|             for sg in tmp['subGroups']: | ||||
|             for sg in self.get_subgroups(tmp): | ||||
|                 pv, is_id = self._get_normed_group_parent(p) | ||||
| 
 | ||||
|                 if is_id: | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue