feat: Add endpoints to get/update management permissions on IdP, and

Kevin-Bannier · Kévin BANNIER · commit fe39ad3cfedc · 2023-10-25T14:23:10.000+02:00
delete mapper to IdP
diff --git a/src/keycloak/keycloak_admin.py b/src/keycloak/keycloak_admin.py
@@ -29,7 +29,7 @@
 import copy
 import json
 from builtins import isinstance
-from typing import Optional
+from typing import Any, Dict, Optional
 
 import deprecation
 from requests_toolbelt import MultipartEncoder
@@ -739,6 +739,27 @@ def update_mapper_in_idp(self, idp_alias, mapper_id, payload):
 
         return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[204])
 
+    def delete_mapper_to_idp(self, idp_alias: str, mapper_id: str) -> Dict[str, Any]:
+        """Delete an IDP mapper.
+
+        IdentityProviderRepresentation
+        https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_identityprovidermapperrepresentation
+
+        :param: idp_alias: alias for Idp to add mapper in
+        :type idp_alias: str
+        :param: mapper_id: ID of mapper
+        :type mapper_id: str
+        :returns: Keycloak server response
+        :rtype: dict
+        """
+        params_path = {
+            "realm-name": self.connection.realm_name,  # type:ignore
+            "idp-alias": idp_alias,
+            "mapper-id": mapper_id,
+        }
+        data_raw = self.raw_delete(urls_patterns.URL_ADMIN_IDP_MAPPER_UPDATE.format(**params_path))
+        return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204])
+
     def get_idp_mappers(self, idp_alias):
         """Get IDP mappers.
 
@@ -785,6 +806,57 @@ def delete_idp(self, idp_alias):
         data_raw = self.connection.raw_delete(urls_patterns.URL_ADMIN_IDP.format(**params_path))
         return raise_error_from_response(data_raw, KeycloakDeleteError, expected_codes=[204])
 
+    def get_idp_management_permissions(self, idp_alias: str) -> Dict[str, Any]:
+        """Get management permissions for a client.
+
+        ManagementPermissionReference
+        https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_managementpermissionreference
+
+        :param: idp_alias: idp alias name
+        :type idp_alias: str
+        :returns: Keycloak server response
+        :rtype: dict
+        """
+        params_path = {
+            "realm-name": self.connection.realm_name,  # type:ignore
+            "alias": idp_alias,
+        }
+        data_raw = self.raw_get(
+            urls_patterns.URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS.format(**params_path)
+        )
+        return raise_error_from_response(data_raw, KeycloakGetError, expected_codes=[200])
+
+    def update_idp_management_permissions(
+        self, idp_alias: str, payload: Dict[str, Any]
+    ) -> Dict[str, Any]:
+        """Update management permissions for a client.
+
+        ManagementPermissionReference
+        https://www.keycloak.org/docs-api/22.0.5/rest-api/index.html#_managementpermissionreference
+
+        :param: idp_alias: idp alias name
+        :type idp_alias: str
+        :param payload: ManagementPermissionReference
+        :type payload: dict
+        :returns: Keycloak server response
+        :rtype: dict
+
+        Payload example::
+
+            payload={
+                "enabled": true
+            }
+        """
+        params_path = {
+            "realm-name": self.connection.realm_name,  # type:ignore
+            "alias": idp_alias,
+        }
+        data_raw = self.raw_put(
+            urls_patterns.URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS.format(**params_path),
+            data=json.dumps(payload),
+        )
+        return raise_error_from_response(data_raw, KeycloakPutError, expected_codes=[200])
+
     def create_user(self, payload, exist_ok=False):
         """Create a new user.
 
diff --git a/src/keycloak/urls_patterns.py b/src/keycloak/urls_patterns.py
@@ -147,6 +147,7 @@
 URL_ADMIN_IDP_MAPPERS = "admin/realms/{realm-name}/identity-provider/instances/{idp-alias}/mappers"
 URL_ADMIN_IDP_MAPPER_UPDATE = URL_ADMIN_IDP_MAPPERS + "/{mapper-id}"
 URL_ADMIN_IDP = "admin/realms/{realm-name}/identity-provider/instances/{alias}"
+URL_ADMIN_IDP_MANAGEMENT_PERMISSIONS = URL_ADMIN_IDP + "/management/permissions"
 URL_ADMIN_REALM_ROLES_ROLE_BY_NAME = "admin/realms/{realm-name}/roles/{role-name}"
 URL_ADMIN_REALM_ROLES_COMPOSITE_REALM_ROLE = (
     "admin/realms/{realm-name}/roles/{role-name}/composites"
