Admin interface group query, join and unjoin.

Signed-off-by: Georg <georg@lysergic.dev>

2 files changed, 96 insertions, 1 deletions

diff --git a/config.py b/config.py
index 9704ca6..74ef8a5 100644
--- a/config.py
+++ b/config.py
@@ -122,5 +122,12 @@ conf.registerGlobalValue(Keycloak.options, 'ircgroup',
     """
     , private=True
 ))
+conf.registerGlobalValue(Keycloak.options, 'confluencegroup',
+    registry.String('',
+    """
+    Keycloak: Group ID for admin grant: confluencegroup
+    """,
+    private=True
+))
 
 # vim:set shiftwidth=4 tabstop=4 expandtab textwidth=79:
diff --git a/plugin.py b/plugin.py
index 23a7f82..cf56129 100644
--- a/plugin.py
+++ b/plugin.py
@@ -32,7 +32,6 @@ import re
 import requests
 import secrets
 import string
-import json
 from supybot import utils, plugins, ircutils, callbacks, ircmsgs
 from supybot.commands import *
 from supybot.ircmsgs import nick
@@ -260,6 +259,95 @@ class Keycloak(callbacks.Plugin):
 
     user = wrap(user, ['anything'])
 
+    def admin(self, irc, msg, args, name, option1, option2, option3):
+        """<name> <option> [option]
+        Administration Interface"""
+
+        user = name
+        server = self.registryValue('backend.server')
+        realm = self.registryValue('backend.realm')
+        tokenurl = self.registryValue('backend.token')
+        usererr = self.registryValue('replies.error')
+        tokendl = requests.get(tokenurl)
+        tokendata = tokendl.json()
+        token = tokendata['access_token']
+        url = server + '/auth/admin/realms/' + realm + '/users'
+        userdata = requests.get(url, params = {'username': user}, headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+        userresp = userdata.json()
+        uid = userresp[0]['id']
+        print(user, uid)
+        if option1 == 'groups' or option1 == 'group':
+            if not option2:
+                try:
+                    url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups'
+                    response = requests.get(
+                    url,
+                    headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+                    test = "{}"
+                    print(url)
+                    usergroups = response.json()
+                    if usergroups:
+                        for group in usergroups:
+                            groupname = usergroups[0]['name']
+                            irc.reply(groupname)
+                    else:
+                        irc.reply("No groups.")
+                except:
+                    print('Operation failed.')
+                    irc.reply(usererr)
+            if option2 == 'join':
+                if not option3:
+                    irc.reply('The following group shortcuts are currently joinable: confluence')
+                elif option3 == 'confluence':
+                    try:
+                        gid = self.registryValue('options.confluencegroup')
+                        url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
+                        response = requests.put(
+                        url,
+                        headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+                        status = response.status_code
+                        print("Keycloak: HTTP Status ", status)
+                        if status == 204:
+                            print(" SSO user " + user + " has been added to group, if it wasn't already.")
+                            irc.reply("Success.")
+                        if status != 204:
+                            print("ERROR: HTTP request did not succeed. I tried these values:")
+                            print("URL: " + url)
+                            print("Group: " + gid)
+                            print("User: " + uid)
+                            irc.error(usererr)
+                    except:
+                        print('Operation failed.')
+                else:
+                    irc.error('Unknown group.')
+            if option2 == 'unjoin':
+                if not option3:
+                    irc.reply('The following group shortcuts are currently joinable: confluence')
+                elif option3 == 'confluence':
+                    try:
+                        gid = self.registryValue('options.confluencegroup')
+                        url = server + '/auth/admin/realms/' + realm + '/users/' + uid + '/groups/' + gid
+                        response = requests.delete(
+                        url,
+                        headers = {'Content-Type': 'application/json', 'Authorization': 'Bearer ' + token})
+                        status = response.status_code
+                        print("Keycloak: HTTP Status ", status)
+                        if status == 204:
+                            print(" SSO user " + user + " has been added to group, if it wasn't already.")
+                            irc.reply("Success.")
+                        if status != 204:
+                            print("ERROR: HTTP request did not succeed. I tried these values:")
+                            print("URL: " + url)
+                            print("Group: " + gid)
+                            print("User: " + uid)
+                            irc.error(usererr)
+                    except:
+                        print('Operation failed.')
+        else:
+            irc.error('Invalid operation.')
+
+    admin = wrap(admin, ['anything', 'anything', optional('anything'), optional('anything')])
+
 Class = Keycloak