diff --git a/admin/src/admin/lib/admin.py b/admin/src/admin/lib/admin.py index 3eef1ee..d04f5a1 100644 --- a/admin/src/admin/lib/admin.py +++ b/admin/src/admin/lib/admin.py @@ -32,7 +32,7 @@ import secrets from .events import Events from .exceptions import UserExists, UserNotFound -from .helpers import count_repeated, rand_password, kpath2gids, kpath2kpaths +from .helpers import count_repeated, rand_password, kpath2gids, kpath2kpaths, get_kid_from_kpath, get_group_with_childs MANAGER = os.environ["CUSTOM_ROLE_MANAGER"] TEACHER = os.environ["CUSTOM_ROLE_TEACHER"] @@ -450,11 +450,6 @@ class Admin: theuser["nextcloud_groups"] = [] theuser["quota"] = False theuser["quota_used_bytes"] = False - - # if not len(theuser['roles']): - # log.error(' SKIPPING USER WITHOUT ANY ROLE!!: '+theuser['username']+' . Should be fixed at keycloak level.') - # continue - users.append(theuser) return users @@ -1818,26 +1813,33 @@ class Admin: self.nextcloud.add_group(new_path) def delete_group_by_id(self, group_id): - # TODO: Check if exists (None) - group = self.keycloak.get_group_by_id(group_id) + ev = Events("Deleting group", "Deleting from keycloak") + try: + keycloak_group = self.keycloak.get_group_by_id(group_id) + except Exception as e: + print(e) + ev.update_text("Error deleting group. Not found in keycloak!") + log.error(' KEYCLOAK GROUPS: Could not delete group '+str(group_id)+' as it does not exist!') - to_be_deleted = [] - # Childs - for internalgroup in self.internal["groups"]: - if internalgroup["name"].startswith(group["name"] + "."): - to_be_deleted.append(internalgroup["name"]) - to_be_deleted.append(kpath2gid(group["path"])) + #{'id': '966ad67c-499a-4f56-bd1d-283691cde0e7', 'name': 'asdgfewfwe', 'path': '/asdgfewfwe', 'attributes': {}, 'realmRoles': [], 'clientRoles': {}, 'subGroups': [], 'access': {'view': True, 'manage': True, 'manageMembership': True}} + + subgroups = get_group_with_childs(keycloak_group) try: - self.keycloak.delete_group(group["id"]) + self.keycloak.delete_group(group_id) except: - log.error("KEYCLOAK: Could no delete group " + group["path"]) + log.error("KEYCLOAK GROUPS: Could no delete group " + group["path"]) + return cohorts = self.moodle.get_cohorts() - for gid in to_be_deleted: - cohort = [c["id"] for c in cohorts if c["name"] == gid] + for sg in subgroups: + sg_gid=kpath2gid(sg) + + cohort = [c["id"] for c in cohorts if c["name"] == sg_gid] + ev.update_text("Deleting from moodle cohort "+sg_gid) self.moodle.delete_cohorts(cohort) - self.nextcloud.delete_group(gid) + ev.update_text("Deleting from nextcloud group "+sg_gid) + self.nextcloud.delete_group(sg_gid) def delete_group_by_path(self, path): group = self.keycloak.get_group_by_path(path) diff --git a/admin/src/admin/lib/helpers.py b/admin/src/admin/lib/helpers.py index 554d930..256f71c 100644 --- a/admin/src/admin/lib/helpers.py +++ b/admin/src/admin/lib/helpers.py @@ -3,6 +3,20 @@ import string from collections import Counter from pprint import pprint +def get_recursive_groups(l_groups, l): + for d_group in l_groups: + data = {} + for key, value in d_group.items(): + if key == "subGroups": + get_recursive_groups(value, l) + else: + data[key] = value + l.append(data) + return l + +def get_group_with_childs(keycloak_group): + return [ g["path"] for g in get_recursive_groups([keycloak_group],[])] + def system_username(username): return ( @@ -11,21 +25,19 @@ def system_username(username): else False ) - def system_group(groupname): return True if groupname in ["admin", "manager", "teacher", "student"] else False - def get_group_from_group_id(group_id, groups): return next((d for d in groups if d.get("id") == group_id), None) +def get_kid_from_kpath(kpath, groups): + ids = [g["id"] for g in groups if g["path"] == kpath] + if not len(ids) or len(ids) > 1: return False + return ids[0] def get_gid_from_kgroup_id(kgroup_id, groups): - # print(kgroup_id) - # pprint(groups) - # return get_group_from_group_id(kgroup_id,groups)['path'].replace('/','.')[1:] - return [g["path"].replace("/", ".")[1:] for g in groups if g["id"] == kgroup_id][0] - + return [g["path"].replace("/", ".")[1:] if len(g["path"].split("/")) else g["path"][1:] for g in groups if g["id"] == kgroup_id][0] def get_gids_from_kgroup_ids(kgroup_ids, groups): return [get_gid_from_kgroup_id(kgroup_id, groups) for kgroup_id in kgroup_ids] diff --git a/admin/src/admin/lib/keycloak_client.py b/admin/src/admin/lib/keycloak_client.py index 4260f16..4481a36 100644 --- a/admin/src/admin/lib/keycloak_client.py +++ b/admin/src/admin/lib/keycloak_client.py @@ -11,7 +11,7 @@ from pprint import pprint import yaml from jinja2 import Environment, FileSystemLoader from keycloak import KeycloakAdmin -from .helpers import kpath2kpaths +from .helpers import kpath2kpaths, get_recursive_groups # from admin import app @@ -57,24 +57,6 @@ class KeycloakClient: # from keycloak import KeycloakAdmin # keycloak_admin = KeycloakAdmin(server_url="http://isard-sso-keycloak:8080/auth/",username="admin",password="keycloakkeycloak",realm_name="master",verify=False) - ######## Example create group and subgroup - - # try: - # self.add_group('level1') - # except: - # self.delete_group(self.get_group('/level1')['id']) - # self.add_group('level1') - # self.add_group('level2',parent=self.get_group('/level1')['id']) - # pprint(self.get_groups()) - - ######## Example roles - # try: - # self.add_role('superman') - # except: - # self.delete_role('superman') - # self.add_role('superman') - # pprint(self.get_roles()) - """ USERS """ def get_user_id(self, username): @@ -122,17 +104,6 @@ class KeycloakClient: list_dict_users = [dict(zip(headers, r)) for r in users_with_lists] - # self.connect() - # groups = self.keycloak_admin.get_groups() - - # for user in list_dict_users: - # new_user_groups = [] - # for group_id in user['group']: - # found = [g for g in groups if g['id'] == group_id][0] - # new_user_groups.append({'id':found['id'], - # 'name':found['name'], - # 'path':found['path']}) - # user['group']=new_user_groups return list_dict_users def getparent(self, group_id, data): @@ -290,36 +261,11 @@ class KeycloakClient: self.connect() return self.keycloak_admin.get_groups() - def get_recursive_groups(self, l_groups, l=[]): - for d_group in l_groups: - d = {} - for key, value in d_group.items(): - if key == "subGroups": - self.get_recursive_groups(value, l) - else: - d[key] = value - l.append(d) - return l - def get_groups(self, with_subgroups=True): ## RETURNS ALL GROUPS in root list self.connect() groups = self.keycloak_admin.get_groups() - return self.get_recursive_groups(groups) - subgroups = [] - subgroups1 = [] - # This needs to be recursive function - if with_subgroups: - for group in groups: - if len(group["subGroups"]): - for sg in group["subGroups"]: - subgroups.append(sg) - # for sgroup in subgroups: - # if len(sgroup['subGroups']): - # for sg1 in sgroup['subGroups']: - # subgroups1.append(sg1) - - return groups + subgroups + subgroups1 + return get_recursive_groups(groups,[]) def get_group_by_id(self, group_id): self.connect()