parent
854e00882b
commit
cb3cd05cf2
@ -52,7 +52,11 @@ class RouteUserExtension:
|
||||
if not user_id:
|
||||
return None
|
||||
|
||||
return await userDao.find_by_keycloak_id(user_id)
|
||||
user = await userDao.find_by_keycloak_id(user_id)
|
||||
if user is None:
|
||||
return None
|
||||
|
||||
return user
|
||||
|
||||
@classmethod
|
||||
async def get_dev_user(cls) -> Optional[User]:
|
||||
@ -67,6 +71,50 @@ class RouteUserExtension:
|
||||
user = await cls.get_dev_user()
|
||||
return user
|
||||
|
||||
@classmethod
|
||||
def _flatten_groups(cls, groups):
|
||||
flat_list = []
|
||||
for group in groups:
|
||||
flat_list.append(group)
|
||||
if 'subGroups' in group and group['subGroups']:
|
||||
flat_list.extend(cls._flatten_groups(group['subGroups']))
|
||||
return flat_list
|
||||
|
||||
@classmethod
|
||||
async def _map_keycloak_groups_with_roles(cls, user: User):
|
||||
try:
|
||||
roles = {x.name: x for x in await roleDao.get_all()}
|
||||
groups = cls._flatten_groups(Keycloak.admin.get_groups(full_hierarchy=True))
|
||||
groups_with_role = [x["name"] for x in groups if x["name"] in roles.keys()]
|
||||
|
||||
user_groups_with_role = [
|
||||
x["name"] for x in Keycloak.admin.get_user_groups(user.keycloak_id) if x["name"] in roles.keys()
|
||||
]
|
||||
user_roles = set(x.name for x in await user.roles if x.name in groups_with_role)
|
||||
missing_groups = set(user_groups_with_role) - set(user_roles)
|
||||
missing_roles = set(user_roles) - set(user_groups_with_role)
|
||||
|
||||
if len(missing_groups) > 0:
|
||||
await roleUserDao.create_many(
|
||||
[
|
||||
RoleUser(0, (await roleDao.get_by_name(group)).id, user.id)
|
||||
for group in missing_groups
|
||||
]
|
||||
)
|
||||
|
||||
if len(missing_roles) > 0:
|
||||
await roleUserDao.delete_many(
|
||||
[
|
||||
await roleUserDao.get_single_by([
|
||||
{RoleUser.role_id: roles[role].id},
|
||||
{RoleUser.user_id: user.id},
|
||||
])
|
||||
for role in missing_roles
|
||||
]
|
||||
)
|
||||
except Exception as e:
|
||||
logger.error("Failed to map user groups", e)
|
||||
|
||||
@classmethod
|
||||
async def _create_user(cls, kc_user: KeycloakUser):
|
||||
try:
|
||||
@ -101,8 +149,11 @@ class RouteUserExtension:
|
||||
|
||||
user = await cls.get_user()
|
||||
if user is None:
|
||||
await cls._create_user(KeycloakUser(user_info))
|
||||
u_id = await cls._create_user(KeycloakUser(user_info))
|
||||
await cls._map_keycloak_groups_with_roles(await userDao.get_by_id(u_id))
|
||||
return True
|
||||
else:
|
||||
await cls._map_keycloak_groups_with_roles(user)
|
||||
|
||||
if user.deleted:
|
||||
return False
|
||||
|
@ -150,6 +150,7 @@
|
||||
"update": "Bearbeiten"
|
||||
},
|
||||
"user": {
|
||||
"assign_roles": "Rollen zuweisen",
|
||||
"count_header": "Benutzer",
|
||||
"email": "E-Mail",
|
||||
"user": "Benutzer",
|
||||
|
@ -150,6 +150,7 @@
|
||||
"update": "Update"
|
||||
},
|
||||
"user": {
|
||||
"assign_roles": "Assign roles",
|
||||
"count_header": "User(s)",
|
||||
"email": "E-Mail",
|
||||
"user": "User",
|
||||
|
Loading…
Reference in New Issue
Block a user