From f3b794fd017b18cc6968f664e7faaf849941d843 Mon Sep 17 00:00:00 2001 From: Michael Parker Date: Thu, 14 Oct 2021 09:45:43 -0700 Subject: [PATCH 1/2] fix: use omitempty for defaultRole in realm json --- keycloak/realm.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keycloak/realm.go b/keycloak/realm.go index 6e936cf29..5396c3174 100644 --- a/keycloak/realm.go +++ b/keycloak/realm.go @@ -133,7 +133,7 @@ type Realm struct { WebAuthnPolicyPasswordlessUserVerificationRequirement string `json:"webAuthnPolicyPasswordlessUserVerificationRequirement"` // Roles - DefaultRole Role `json:"defaultRole"` + DefaultRole *Role `json:"defaultRole,omitempty"` } type BrowserSecurityHeaders struct { From 54fb6538d1c93343008ef90e5e88ad7c630a0c70 Mon Sep 17 00:00:00 2001 From: Michael Parker Date: Thu, 14 Oct 2021 10:09:41 -0700 Subject: [PATCH 2/2] add version constraint to keycloak_default_roles resource --- docs/resources/default_roles.md | 4 ++-- provider/resource_keycloak_default_roles.go | 7 +++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/resources/default_roles.md b/docs/resources/default_roles.md index eea63449f..b72dfc68a 100644 --- a/docs/resources/default_roles.md +++ b/docs/resources/default_roles.md @@ -4,9 +4,9 @@ page_title: "keycloak_default_roles Resource" # keycloak\_default\_roles Resource -Allows managing default roles within Keycloak. +Allows managing default realm roles within Keycloak. -Roles allow you define privileges within Keycloak and map them to users and groups. +Note: This feature was added in Keycloak v13, so this resource will not work on older versions of Keycloak. ## Example Usage (Realm role) diff --git a/provider/resource_keycloak_default_roles.go b/provider/resource_keycloak_default_roles.go index da00a018d..d7d2c1176 100644 --- a/provider/resource_keycloak_default_roles.go +++ b/provider/resource_keycloak_default_roles.go @@ -1,6 +1,7 @@ package provider import ( + "errors" "fmt" "strings" @@ -84,6 +85,12 @@ func resourceKeycloakDefaultRolesRead(data *schema.ResourceData, meta interface{ func resourceKeycloakDefaultRolesReconcile(data *schema.ResourceData, meta interface{}) error { keycloakClient := meta.(*keycloak.KeycloakClient) + if ok, err := keycloakClient.VersionIsGreaterThanOrEqualTo(keycloak.Version_13); !ok && err != nil { + return errors.New("this resource requires Keycloak v13 or higher") + } else if err != nil { + return err + } + defaultRoles := mapFromDataToDefaultRoles(data) realm, err := keycloakClient.GetRealm(defaultRoles.RealmId)