Admin interface group query, join and unjoin.

Signed-off-by: Georg <georg@lysergic.dev>
2021-09-04 08:17:06 +02:00 · 2021-09-04 08:17:06 +02:00 · 7777e637fd
commit 7777e637fd
parent 4f9b155d66
2 changed files with 96 additions and 1 deletions
--- a/config.py
+++ b/config.py
@ -122,5 +122,12 @@ conf.registerGlobalValue(Keycloak.options, 'ircgroup',
    """
    , private=True
 ))
 conf.registerGlobalValue(Keycloak.options, 'confluencegroup',
    registry.String('',
    """
    Keycloak: Group ID for admin grant: confluencegroup
    """,
    private=True
 ))
 # vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:
--- a/plugin.py
+++ b/plugin.py
@ -32,7 +32,6 @@ import re
 import requests
 import secrets
 import string
 import json
 from supybot import utils, plugins, ircutils, callbacks, ircmsgs
 from supybot.commands import *
 from supybot.ircmsgs import nick
@ -260,6 +259,95 @@ class Keycloak(callbacks.Plugin):
    user = wrap(user, ['anything'])
    def admin(self, irc, msg, args, name, option1, option2, option3):
        """<name> <option> [option]
        Administration Interface"""
        user = name
        server = self.registryValue('backend.server')
        realm = self.registryValue('backend.realm')
        tokenurl = self.registryValue('backend.token')
        usererr = self.registryValue('replies.error')
        tokendl = requests.get(tokenurl)
        tokendata = tokendl.json()
        token = tokendata['access_token']
        url = server + '/auth/admin/realms/' + realm + '/users'
        userdata = requests.get(url, params = {'username': user}, headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
        userresp = userdata.json()
        uid = userresp[0]['id']
        print(user, uid)
        if option1 == 'groups' or option1 == 'group':
            if not option2:
                try:
                    url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups'
                    response = requests.get(
                    url,
                    headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
                    test = "{}"
                    print(url)
                    usergroups = response.json()
                    if usergroups:
                        for group in usergroups:
                            groupname = usergroups[0]['name']
                            irc.reply(groupname)
                    else:
                        irc.reply("No groups.")
                except:
                    print('Operation failed.')
                    irc.reply(usererr)
            if option2 == 'join':
                if not option3:
                    irc.reply('The following group shortcuts are currently joinable: confluence')
                elif option3 == 'confluence':
                    try:
                        gid = self.registryValue('options.confluencegroup')
                        url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
                        response = requests.put(
                        url,
                        headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
                        status = response.status_code
                        print("Keycloak: HTTP Status ", status)
                        if status == 204:
                            print(" SSO user " + user + " has been added to group, if it wasn't already.")
                            irc.reply("Success.")
                        if status != 204:
                            print("ERROR: HTTP request did not succeed. I tried these values:")
                            print("URL: " + url)
                            print("Group: " + gid)
                            print("User: " + uid)
                            irc.error(usererr)
                    except:
                        print('Operation failed.')
                else:
                    irc.error('Unknown group.')
            if option2 == 'unjoin':
                if not option3:
                    irc.reply('The following group shortcuts are currently joinable: confluence')
                elif option3 == 'confluence':
                    try:
                        gid = self.registryValue('options.confluencegroup')
                        url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
                        response = requests.delete(
                        url,
                        headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
                        status = response.status_code
                        print("Keycloak: HTTP Status ", status)
                        if status == 204:
                            print(" SSO user " + user + " has been added to group, if it wasn't already.")
                            irc.reply("Success.")
                        if status != 204:
                            print("ERROR: HTTP request did not succeed. I tried these values:")
                            print("URL: " + url)
                            print("Group: " + gid)
                            print("User: " + uid)
                            irc.error(usererr)
                    except:
                        print('Operation failed.')
        else:
            irc.error('Invalid operation.')
    admin = wrap(admin, ['anything', 'anything', optional('anything'), optional('anything')])
 Class = Keycloak