ready

admin/src/admin/lib/admin.py

@@ -93,6 +93,24 @@ class Admin():
         except:
             log.warning('KEYCLOAK: Seems to be there already')
 
+        try:
+            log.warning('KEYCLOAK: Adding default groups')
+            self.keycloak.add_group('manager')
+            self.keycloak.add_group('teacher')
+            self.keycloak.add_group('student')
+            log.warning('KEYCLOAK: OK')
+        except:
+            log.warning('KEYCLOAK: Seems to be there already')
+
+        try:
+            log.warning('KEYCLOAK: Adding default roles')
+            self.keycloak.add_role('manager','Realm managers')
+            self.keycloak.add_role('teacher','Realm teachers')
+            self.keycloak.add_role('student','Realm students')
+            log.warning('KEYCLOAK: OK')
+        except:
+            log.warning('KEYCLOAK: Seems to be there already')
+
         try:
             log.warning('KEYCLOAK: Adding user ddadmin and adding to group and role admin')
             ## Assign group admin to this dduser for nextcloud

admin/src/admin/lib/keycloak_client.py

@@ -179,9 +179,9 @@ class KeycloakClient():
         self.connect()
         return self.keycloak_admin.get_realm_role(name=name)
 
-    def add_role(self,name):
+    def add_role(self,name,description=''):
         self.connect()
-        return self.keycloak_admin.create_realm_role({"name":name})
+        return self.keycloak_admin.create_realm_role({"name":name, "description":description})
 
     def delete_role(self,name):
         self.connect()

admin/src/moodle_saml.py

@@ -102,7 +102,8 @@ class MoodleSaml():
         except:
             print('Error adding saml on keycloak')
 
-        self.add_client_roles()
+         # SAML clients don't work well with composite roles so disabling and adding on realm
+        # self.add_client_roles()
 
     def activate_saml_plugin(self):
         ## After you need to purge moodle caches: /var/www/html # php admin/cli/purge_caches.php

admin/src/wordpress_saml.py

@@ -96,7 +96,8 @@ class WordpressSaml():
         except:
             print('Error adding saml on keycloak')
 
-        self.add_client_roles()
+        # SAML clients don't work well with composite roles so disabling and adding on realm
+        # self.add_client_roles()
 
     def connect(self):
         self.keycloak= KeycloakClient(url=self.url,
@@ -286,10 +287,10 @@ class WordpressSaml():
 
     def add_client_roles(self):
         self.connect()
-        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','admin','Moodle admins')
-        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','manager','Moodle managers')
-        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','teacher','Moodle teachers')
-        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','student','Moodle students')
+        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','admin','Wordpress admins')
+        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','manager','Wordpress managers')
+        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','teacher','Wordpress teachers')
+        self.keycloak.add_client_role('630601f8-25d1-4822-8741-c93affd2cd84','student','Wordpress students')
         self.keycloak=None
 
 nw=WordpressSaml()