Commit 504deb3c authored by redmitry@list.ru's avatar redmitry@list.ru

initial submit

parents
#!/usr/bin/env python3
import sys
import json
import urllib.request
import urllib.parse
OPENEBENCH_COMMUNITY_URL = "https://dev-openebench.bsc.es/api/scientific/access/Community"
KEYCLOAK_TOKEN_ENDPOINT = "https://inb.bsc.es/auth/realms/master/protocol/openid-connect/token"
KEYCLOAK_OPENEBENCH_REALM = "https://inb.bsc.es/auth/admin/realms/openebench/"
def main():
passowrd = None
if (len(sys.argv) > 1):
password = sys.argv[1]
else:
print('password:', end = ' ')
password = str(input())
updateCommunities('admin', password)
# Update OpenEBench communities groups in the Keycloak server
def updateCommunities(user, password):
token = getAdminToken(user, password)
headers = {'Authorization' : 'Bearer ' + token}
root = getKeycloakCommunities(headers)
groups = root['subGroups']
communities = getOpenebenchCommunities()
# update existing communities
for group in groups[:]:
attributes = group['attributes']
print(attributes)
for community in communities[:]:
if (community['_id'] in attributes['community_id']):
attributes['acronym'] = [community['acronym']]
updateGroup(group, headers)
communities.remove(community)
groups.remove(group)
break
# insert new communities
for community in communities:
group = {}
group['name'] = community['name']
group['attributes'] = {'community_id' : [community['_id']], 'acronym' : [community['acronym']]}
addGroup(root, group, headers)
#remove old communities
for group in groups:
deleteGroup(group, headers)
# Update the openebench community ('group')
def updateGroup(group, headers):
print('updating community ' + group['name'])
KC_OEB_SUBGROUP = KEYCLOAK_OPENEBENCH_REALM + 'groups/' + group['id']
group_req = urllib.request.Request(KC_OEB_SUBGROUP, data=json.dumps(group).encode("utf-8"), headers=headers, method='PUT')
group_req.add_header("Content-type", "application/json; charset=UTF-8")
group_res = urllib.request.urlopen(group_req);
if(group_res.getcode() >= 400):
print("error updating openebench community", group_req)
# Insert the openebench community ('group') into the 'Community' group ('root')
def addGroup(root, group, headers):
print('inserting community ' + group['name'])
KC_OEB_SUBGROUP = KEYCLOAK_OPENEBENCH_REALM + 'groups/' + root['id'] + '/children'
group_req = urllib.request.Request(KC_OEB_SUBGROUP, data=json.dumps(group).encode("utf-8"), headers=headers)
group_req.add_header("Content-type", "application/json; charset=UTF-8")
group_res = urllib.request.urlopen(group_req);
if(group_res.getcode() >= 400):
print("error adding openebench community", group_req)
# Remove the openebench community ('group') from the 'Community' root group
def deleteGroup(group, headers):
print('removing community ' + group['name'])
KC_OEB_SUBGROUP = KEYCLOAK_OPENEBENCH_REALM + 'groups/' + group['id']
group_req = urllib.request.Request(KC_OEB_SUBGROUP, method='DELETE')
group_res = urllib.request.urlopen(group_req);
if(group_res.getcode() >= 400):
print("error removing openebench community", group_req)
# Get the 'Community' group with all its subgroups (openebench communities)
def getKeycloakCommunities(headers):
KC_OEB_GROUPS = KEYCLOAK_OPENEBENCH_REALM + 'groups'
groups_req = urllib.request.Request(KC_OEB_GROUPS, headers=headers)
groups_res = urllib.request.urlopen(groups_req);
if(groups_res.getcode() >= 400):
print("error obtaining openebench user groups", groups_req)
data = groups_res.read()
groups = json.loads(data)
for group in groups:
if (group['name'] == 'Community'):
return enhanceGroups(group, headers)
## add Community group
KC_OEB_GROUPS = KEYCLOAK_OPENEBENCH_REALM + 'groups'
root = {'name' : 'Community'}
group_req = urllib.request.Request(KC_OEB_GROUPS, data=json.dumps(root).encode("utf-8"), headers=headers)
group_req.add_header("Content-type", "application/json; charset=UTF-8")
group_res = urllib.request.urlopen(group_req);
if(group_res.getcode() >= 400):
print("error adding Keycloak 'Community' group ", group_req)
# getting GroupRepresentation[] via /groups doesn't return 'attributes'
# update it calling /groups/{id} one by one
def enhanceGroups(root, headers):
for group in root['subGroups']:
group_id = group['id']
KC_OEB_GROUP = KEYCLOAK_OPENEBENCH_REALM + 'groups/' + group_id
group_req = urllib.request.Request(KC_OEB_GROUP, headers=headers)
group_res = urllib.request.urlopen(group_req);
if(group_res.getcode() >= 400):
print("error obtaining openebench user groups", group_req)
data = group_res.read()
subgroup = json.loads(data)
group['attributes'] = subgroup['attributes']
return root
# Get OpenEBench communities via the REST API
def getOpenebenchCommunities():
res = urllib.request.urlopen(OPENEBENCH_COMMUNITY_URL);
if(res.getcode() < 300):
data = res.read()
return json.loads(data)
print("error reading communities", req)
# Get OIDC access token with provided user and password
def getAdminToken(user, password):
params = {'username' : user, 'password' : password, 'grant_type' : 'password', 'client_id' : 'admin-cli'}
token_req = urllib.request.Request(KEYCLOAK_TOKEN_ENDPOINT, urllib.parse.urlencode(params).encode('utf-8'));
token_res = urllib.request.urlopen(token_req)
if(token_res.getcode() < 300):
data = token_res.read()
jwt = json.loads(data)
return jwt['access_token']
print("can't get administration token", req)
if __name__ == "__main__":
main()
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment