chore: implement get_realm_role_groups method (marcospereirampj#464)

NoDataIsAvailable · Jan 8, 2024 · 6885ada · 6885ada
1 parent a724051
commit 6885ada
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 0 deletions.
diff --git a/src/keycloak/keycloak_admin.py b/src/keycloak/keycloak_admin.py
@@ -2369,6 +2369,34 @@ def get_realm_roles(self, brief_representation=True, search_text=""):
         data_raw = self.connection.raw_get(url.format(**params_path), **params)
         return raise_error_from_response(data_raw, KeycloakGetError)
 
+    def get_realm_role_groups(self, role_name, query=None, brief_representation=True):
+        """Get role groups of realm by role name.
+
+        :param role_name: Name of the role.
+        :type role_name: str
+        :param query: Additional Query parameters
+            (see https://www.keycloak.org/docs-api/18.0/rest-api/index.html#_parameters_226)
+        :type query: dict
+        :param brief_representation: whether to omit role attributes in the response
+        :type brief_representation: bool
+        :return: Keycloak Server Response (GroupRepresentation)
+        :rtype: list
+        """
+        query = query or {}
+
+        params = {"briefRepresentation": brief_representation}
+
+        query.update(params)
+
+        params_path = {"realm-name": self.connection.realm_name, "role-name": role_name}
+
+        url = urls_patterns.URL_ADMIN_REALM_ROLES_GROUPS.format(**params_path)
+
+        if "first" in query or "max" in query:
+            return self.__fetch_paginated(url, query)
+
+        return self.__fetch_all(url, query)
+
     def get_realm_role_members(self, role_name, query=None):
         """Get role members of realm by role name.
 

diff --git a/src/keycloak/urls_patterns.py b/src/keycloak/urls_patterns.py
@@ -147,6 +147,7 @@
 URL_ADMIN_REALM_ROLES = "admin/realms/{realm-name}/roles"
 URL_ADMIN_REALM_ROLES_SEARCH = URL_ADMIN_REALM_ROLES + "?search={search-text}"
 URL_ADMIN_REALM_ROLES_MEMBERS = URL_ADMIN_REALM_ROLES + "/{role-name}/users"
+URL_ADMIN_REALM_ROLES_GROUPS = URL_ADMIN_REALM_ROLES + "/{role-name}/groups"
 URL_ADMIN_REALMS = "admin/realms"
 URL_ADMIN_REALM = "admin/realms/{realm-name}"
 URL_ADMIN_IDPS = "admin/realms/{realm-name}/identity-provider/instances"

diff --git a/tests/test_keycloak_admin.py b/tests/test_keycloak_admin.py
@@ -1259,6 +1259,14 @@ def test_realm_roles(admin: KeycloakAdmin, realm: str):
     res = admin.get_composite_realm_roles_of_role(role_name=composite_role)
     assert len(res) == 0
 
+    # Test realm role group list
+    res = admin.get_realm_role_groups(role_name="test-realm-role-update")
+    assert len(res) == 1
+    assert res[0]["id"] == group_id
+    with pytest.raises(KeycloakGetError) as err:
+        admin.get_realm_role_groups(role_name="non-existent-role")
+    assert err.match('404: b\'{"error":"Could not find role"}\'')
+
     # Test delete realm role
     res = admin.delete_realm_role(role_name=composite_role)
     assert res == dict(), res