From 822ed98ab4b3e5d3bbdd2fe3e0927355b48d8882 Mon Sep 17 00:00:00 2001
From: Evilham <contact@evilham.com>
Date: Thu, 4 Aug 2022 14:05:02 +0200
Subject: [PATCH 1/4] [dd-sso-admin] bugfix and add tracing for 3p cbs

---
 dd-sso/admin/src/admin/lib/admin.py     |  6 ++++++
 dd-sso/admin/src/admin/lib/callbacks.py | 10 +++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/dd-sso/admin/src/admin/lib/admin.py b/dd-sso/admin/src/admin/lib/admin.py
index 4d3de22..da0ab80 100644
--- a/dd-sso/admin/src/admin/lib/admin.py
+++ b/dd-sso/admin/src/admin/lib/admin.py
@@ -116,19 +116,25 @@ class Admin:
 
     def third_party_add_user(self, user_id : str, user : DDUser) -> bool:
         res = True
+        log.warning(f" 3P Callbacks: Add {user_id}")
         for tp in self.third_party_cbs:
+            log.warning(f" 3P Callbacks: Add {user_id} to {tp.tpkeys.their_name}")
             res = res and tp.add_user(user_id, user)
         return res
 
     def third_party_update_user(self, user_id : str, user : DDUser) -> bool:
         res = True
+        log.warning(f" 3P Callbacks: update {user_id}")
         for tp in self.third_party_cbs:
+            log.warning(f" 3P Callbacks: update {user_id} to {tp.tpkeys.their_name}")
             res = res and tp.update_user(user_id, user)
         return res
 
     def third_party_delete_user(self, user_id : str) -> bool:
         res = True
+        log.warning(f" 3P Callbacks: delete {user_id}")
         for tp in self.third_party_cbs:
+            log.warning(f" 3P Callbacks: delete {user_id} to {tp.tpkeys.their_name}")
             res = res and tp.delete_user(user_id)
         return res
 
diff --git a/dd-sso/admin/src/admin/lib/callbacks.py b/dd-sso/admin/src/admin/lib/callbacks.py
index 8f66002..f197910 100644
--- a/dd-sso/admin/src/admin/lib/callbacks.py
+++ b/dd-sso/admin/src/admin/lib/callbacks.py
@@ -19,6 +19,8 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
 import copy
+import logging as log
+import traceback
 from typing import Any, Dict, Tuple
 
 import requests
@@ -77,25 +79,27 @@ class ThirdPartyCallbacks:
 
     @property
     def add_users_url(self) -> str:
-        return f"{self.tpkeys.their_service_domain}{self.endpoint_add_users[1]}"
+        return f"https://{self.tpkeys.their_service_domain}{self.endpoint_add_users[1]}"
 
     @property
     def update_users_url(self) -> str:
-        return f"{self.tpkeys.their_service_domain}{self.endpoint_update_users[1]}"
+        return f"https://{self.tpkeys.their_service_domain}{self.endpoint_update_users[1]}"
 
     @property
     def delete_users_url(self) -> str:
-        return f"{self.tpkeys.their_service_domain}{self.endpoint_delete_users[1]}"
+        return f"https://{self.tpkeys.their_service_domain}{self.endpoint_delete_users[1]}"
 
     def _request(self, method: str, url: str, data: DDUser) -> bool:
         # The endpoints are prepared for batch operations, but the way
         # the admin lib is set up, it is currently not doable.
         prepared_data = [user_parser(data)]
+        log.warning(f"  {method} {url} {data.get('id', '?')}")
         try:
             enc_data = self.tpkeys.sign_and_encrypt_outgoing_json(prepared_data)
             headers = self.tpkeys.get_outgoing_request_headers()
             res = requests.request(method, url, data=enc_data, headers=headers)
         except:
+            log.error(traceback.format_exc())
             # Something went wrong sending the request
             return False
         return res.status_code == 200

From 86baf7bd69e971e32002071bb7a9c19b310baa98 Mon Sep 17 00:00:00 2001
From: Evilham <contact@evilham.com>
Date: Thu, 4 Aug 2022 14:42:17 +0200
Subject: [PATCH 2/4] [sso-admin] Add compatibility keys in outgoing API

---
 dd-sso/admin/src/admin/lib/callbacks.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/dd-sso/admin/src/admin/lib/callbacks.py b/dd-sso/admin/src/admin/lib/callbacks.py
index f197910..3298c20 100644
--- a/dd-sso/admin/src/admin/lib/callbacks.py
+++ b/dd-sso/admin/src/admin/lib/callbacks.py
@@ -36,6 +36,9 @@ def user_parser(dduser: DDUser) -> DDUser:
     user["keycloak_id"] = user.pop("id")
     user["role"] = user["roles"][0] if user.get("roles", []) else None
     user["groups"] = user.get("groups", user.get("keycloak_groups", []))
+    # Compatibility for the API
+    user["first"] = user["firstname"]
+    user["last"] = user["lasttname"]
     return user
 
 

From 77342f6e8a328888b6cf1c6556a14380bc6eefd6 Mon Sep 17 00:00:00 2001
From: elena <elena@tresipunt.com>
Date: Mon, 1 Aug 2022 09:12:55 +0200
Subject: [PATCH 3/4] FIX: role changed on admin and on moodle

---
 dd-sso/admin/src/admin/lib/admin.py  | 33 ++++++++++++++++++++++++++--
 dd-sso/admin/src/admin/lib/moodle.py |  4 ++++
 dd-sso/admin/src/admin/lib/postup.py |  4 +++-
 3 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/dd-sso/admin/src/admin/lib/admin.py b/dd-sso/admin/src/admin/lib/admin.py
index da0ab80..7b79da4 100644
--- a/dd-sso/admin/src/admin/lib/admin.py
+++ b/dd-sso/admin/src/admin/lib/admin.py
@@ -1,6 +1,7 @@
 #
 #   Copyright © 2021,2022 IsardVDI S.L.
 #   Copyright © 2022 Evilham <contact@evilham.com>
+#   Copyright © 2022 Elena Barrios Galán @elena61
 #
 #   This file is part of DD
 #
@@ -1576,6 +1577,9 @@ class Admin:
         ev.update_text("Syncing data from applications...")
         self.resync_data()
 
+        ev.update_text("Removing user role in moodle")
+        self.unassign_moodle_user_role(internaluser["moodle_id"], mdelete)
+
         ev.update_text("Updating user in moodle")
         self.update_moodle_user(internaluser["id"], user, mdelete, madd)
 
@@ -1587,6 +1591,31 @@ class Admin:
 
         ev.update_text("User updated")
         return True
+       
+    def unassign_moodle_user_role(self, user_id, role_name):
+        role_id = 0
+        if not role_name:
+            return True
+        
+        if role_name[0] =='teacher':
+            role_id = 2
+        elif role_name[0] =='manager':
+            role_id = 1
+        
+        if role_id == 0:
+            log.warning("MOODLE: User  is student. no need to be unassigned in moodle.")
+            return True
+        
+        log.warning("MOODLE: lets unassign user role")
+        try:
+            self.moodle.unassign_user_rol(
+                user_id, role_id
+            )
+        except:
+            log.error(
+                    "MOODLE: User has not been able to unassign from role"
+                    )
+        return True
 
     def update_keycloak_user(self, user_id : str, user : DDUser, kdelete : List[Any], kadd : List[Any]) -> bool:
         # pprint(self.keycloak.get_user_realm_roles(user_id))
@@ -1652,8 +1681,8 @@ class Admin:
             )
 
         for group in madd:
-            cohort = [c for c in cohorts if c["name"] == group][0]
-            self.moodle.add_user_to_cohort(internaluser["moodle_id"], cohort["id"])
+            cohort = [c for c in cohorts if c["name"] == group]
+            self.moodle.add_user_to_cohort(internaluser["moodle_id"], cohort[0]["id"])
 
         return True
 
diff --git a/dd-sso/admin/src/admin/lib/moodle.py b/dd-sso/admin/src/admin/lib/moodle.py
index 972b563..20bb1a0 100644
--- a/dd-sso/admin/src/admin/lib/moodle.py
+++ b/dd-sso/admin/src/admin/lib/moodle.py
@@ -1,6 +1,7 @@
 #
 #   Copyright © 2021,2022 IsardVDI S.L.
 #   Copyright © 2022 Evilham <contact@evilham.com>
+#   Copyright © 2022 Elena Barrios Galán @elena61
 #
 #   This file is part of DD
 #
@@ -264,6 +265,9 @@ class Moodle:
             log.warning(
                 "MOODLE:ADDING THE USER TO ADMINS: This needs a purge cache in moodle!"
             )
+    def unassign_user_rol(self, user_id, role_id):
+        unassignments = [{"roleid": role_id, "userid": user_id, "contextlevel": 'system', "instanceid": 0}]
+        return self.call("core_role_unassign_roles", unassignments=unassignments)
 
     # def add_role_to_user(self, user_id, role='admin', context='missing'):
     #     if role=='admin':
diff --git a/dd-sso/admin/src/admin/lib/postup.py b/dd-sso/admin/src/admin/lib/postup.py
index 0e0107f..03e0894 100644
--- a/dd-sso/admin/src/admin/lib/postup.py
+++ b/dd-sso/admin/src/admin/lib/postup.py
@@ -1,6 +1,7 @@
 #
 #   Copyright © 2021,2022 IsardVDI S.L.
 #   Copyright © 2022 Evilham <contact@evilham.com>
+#   Copyright © 2022 Elena Barrios Galán @elena61
 #
 #   This file is part of DD
 #
@@ -46,7 +47,7 @@ class Postup:
         while not ready:
             try:
                 self.pg = Postgres(
-                    "dd-apps-postgresql",
+                    "isard-apps-postgresql",
                     "moodle",
                     app.config["MOODLE_POSTGRES_USER"],
                     app.config["MOODLE_POSTGRES_PASSWORD"],
@@ -190,6 +191,7 @@ class Postup:
             (3,	'core_cohort_search_cohorts'),
             (3,	'core_cohort_update_cohorts'),
             (3,	'core_role_assign_roles'),
+            (3,	'core_role_unassign_roles'),
             (3,	'core_cohort_get_cohorts');"""
             )
 

From 5c3967cbe6eb1dd5a81fe75623eae08a3b497d45 Mon Sep 17 00:00:00 2001
From: elena <elena@tresipunt.com>
Date: Fri, 5 Aug 2022 09:43:58 +0200
Subject: [PATCH 4/4] variable format changed

---
 dd-sso/admin/src/admin/lib/admin.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dd-sso/admin/src/admin/lib/admin.py b/dd-sso/admin/src/admin/lib/admin.py
index 7b79da4..c495b9d 100644
--- a/dd-sso/admin/src/admin/lib/admin.py
+++ b/dd-sso/admin/src/admin/lib/admin.py
@@ -1681,8 +1681,8 @@ class Admin:
             )
 
         for group in madd:
-            cohort = [c for c in cohorts if c["name"] == group]
-            self.moodle.add_user_to_cohort(internaluser["moodle_id"], cohort[0]["id"])
+            cohort = [c for c in cohorts if c["name"] == group][0]
+            self.moodle.add_user_to_cohort(internaluser["moodle_id"], cohort["id"])
 
         return True