def create_department_group(keycloak_admin: keycloak.KeycloakAdmin, department: Department, parent_id=None, path="/"): with start_action(action_type="create_department_group", department=department.internal_name, path=path): # Create or update group keycloak_admin.create_group({"name": department.internal_name, "attributes": {"display_name": [department.name]}}, parent=parent_id, skip_exists=True) # Extend path path += department.internal_name # Get group id try: created_group = keycloak_admin.get_group_by_path(path, search_in_subgroups=True) except keycloak.KeycloakGetError as e: log_message(message_type="get_group_failed", exception=e) return # Add slash to group path path += "/" # Create groups for sub departments subgroup_names = [] for sub_department in department.children: create_department_group(keycloak_admin, sub_department, parent_id=created_group["id"], path=path) subgroup_names.append(sub_department.internal_name) # Delete old subgroups for old_group in created_group["subGroups"]: if old_group["name"] not in subgroup_names: keycloak_admin.delete_group(old_group["id"])
# Retrieve client roles of a user. keycloak_admin.get_client_roles_of_user(user_id="user_id", client_id="client_id") # Retrieve available client roles of a user. keycloak_admin.get_available_client_roles_of_user(user_id="user_id", client_id="client_id") # Retrieve composite client roles of a user. keycloak_admin.get_composite_client_roles_of_user(user_id="user_id", client_id="client_id") # Delete client roles of a user. keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles={"id": "role-id"}) keycloak_admin.delete_client_roles_of_user(client_id="client_id", user_id="user_id", roles=[{"id": "role-id_1"}, {"id": "role-id_2"}]) # Create new group group = keycloak_admin.create_group(name="Example Group") # Get all groups groups = keycloak_admin.get_groups() # Get group group = keycloak_admin.get_group(group_id='group_id') # Get group by name group = keycloak_admin.get_group_by_path(path='/group/subgroup', search_in_subgroups=True) # Function to trigger user sync from provider sync_users(storage_id="storage_di", action="action") # Get client role id from name role_id = keycloak_admin.get_client_role_id(client_id=client_id, role_name="test")