From e179a6b007ef4fb2f425b57c390b25e9666a1062 Mon Sep 17 00:00:00 2001
From: treydock <tdockendorf@osc.edu>
Date: Fri, 3 May 2024 17:59:16 -0400
Subject: [PATCH] Allow mapped_group_attributes to be removed by defaulting to
 absent (#311)

---
 lib/puppet/provider/keycloak_ldap_mapper/kcadm.rb  | 12 ++++++++++--
 lib/puppet/type/keycloak_ldap_mapper.rb            |  1 +
 metadata.json                                      |  2 +-
 spec/acceptance/3_ldap_spec.rb                     |  9 ++++++---
 spec/acceptance/nodesets/el8.yml                   |  4 ++--
 spec/acceptance/nodesets/el9.yml                   |  4 ++--
 spec/unit/puppet/type/keycloak_ldap_mapper_spec.rb |  3 ++-
 7 files changed, 24 insertions(+), 11 deletions(-)

diff --git a/lib/puppet/provider/keycloak_ldap_mapper/kcadm.rb b/lib/puppet/provider/keycloak_ldap_mapper/kcadm.rb
index ee5abb8d..fec7ef98 100644
--- a/lib/puppet/provider/keycloak_ldap_mapper/kcadm.rb
+++ b/lib/puppet/provider/keycloak_ldap_mapper/kcadm.rb
@@ -72,7 +72,10 @@ def self.instances
                 else
                   property.to_s.tr('_', '.')
                 end
-          next unless d['config'].key?(key)
+          unless d['config'].key?(key)
+            component[property.to_sym] = :absent
+            next
+          end
 
           value = d['config'][key][0]
           if !!value == value # rubocop:disable Style/DoubleNegation
@@ -130,6 +133,7 @@ def create
     data[:config] = {}
     type_properties.each do |property|
       next unless resource[property.to_sym]
+      next if resource[property.to_sym].to_s == 'absent'
 
       key = if property == :ldap_attribute && resource[:type] == 'full-name-ldap-mapper'
               'ldap.full.name.attribute'
@@ -194,7 +198,11 @@ def flush
               end
         next unless type_supported_properties(resource[:type]).include?(property.to_sym)
 
-        data[:config][key] = [resource[property.to_sym]]
+        value = [resource[property.to_sym]]
+        if @property_flush[property.to_sym].to_s == 'absent'
+          value = ['']
+        end
+        data[:config][key] = value
       end
 
       t = Tempfile.new('keycloak_component')
diff --git a/lib/puppet/type/keycloak_ldap_mapper.rb b/lib/puppet/type/keycloak_ldap_mapper.rb
index d00e63f5..b45e6645 100644
--- a/lib/puppet/type/keycloak_ldap_mapper.rb
+++ b/lib/puppet/type/keycloak_ldap_mapper.rb
@@ -217,6 +217,7 @@
 
   newproperty(:mapped_group_attributes) do
     desc 'mapped.group.attributes, only for `type` of `group-ldap-mapper`'
+    defaultto(:absent)
   end
 
   newproperty(:groups_ldap_filter) do
diff --git a/metadata.json b/metadata.json
index c508721c..7d3f75aa 100644
--- a/metadata.json
+++ b/metadata.json
@@ -81,5 +81,5 @@
   ],
   "pdk-version": "2.7.1",
   "template-url": "https://github.com/treydock/pdk-templates.git#master",
-  "template-ref": "heads/master-0-g5a59870"
+  "template-ref": "heads/master-0-g15e3149"
 }
diff --git a/spec/acceptance/3_ldap_spec.rb b/spec/acceptance/3_ldap_spec.rb
index b6e4899d..de033c9f 100644
--- a/spec/acceptance/3_ldap_spec.rb
+++ b/spec/acceptance/3_ldap_spec.rb
@@ -32,9 +32,10 @@ class { 'keycloak': }
         roles_ldap_filter => '(!(cn=P*))',
       }
       keycloak_ldap_mapper { 'group for LDAP on test':
-        type               => 'group-ldap-mapper',
-        groups_dn          => 'ou=Groups,dc=example,dc=com',
-        groups_ldap_filter => '(cn=P*)',
+        type                    => 'group-ldap-mapper',
+        groups_dn               => 'ou=Groups,dc=example,dc=com',
+        groups_ldap_filter      => '(cn=P*)',
+        mapped_group_attributes => 'ou',
       }
       PUPPET_PP
 
@@ -92,6 +93,7 @@ class { 'keycloak': }
         expect(d['providerId']).to eq('group-ldap-mapper')
         expect(d['config']['groups.dn']).to eq(['ou=Groups,dc=example,dc=com'])
         expect(d['config']['groups.ldap.filter']).to eq(['(cn=P*)'])
+        expect(d['config']['mapped.group.attributes']).to eq(['ou'])
       end
     end
   end
@@ -174,6 +176,7 @@ class { 'keycloak': }
         expect(d['providerId']).to eq('group-ldap-mapper')
         expect(d['config']['groups.dn']).to eq(['ou=Groups,dc=example,dc=com'])
         expect(d['config']['groups.ldap.filter']).to eq(['(cn=P0*)'])
+        expect(d['config']['mapped.group.attributes']).to be_nil
       end
     end
   end
diff --git a/spec/acceptance/nodesets/el8.yml b/spec/acceptance/nodesets/el8.yml
index cc813a28..8f40f510 100644
--- a/spec/acceptance/nodesets/el8.yml
+++ b/spec/acceptance/nodesets/el8.yml
@@ -1,10 +1,10 @@
 HOSTS:
-  rocky-8:
+  el8:
     roles:
       - agent
     platform: el-8-x86_64
     hypervisor: docker
-    image: almalinux:8
+    image: rockylinux:8
     docker_preserve_image: true
     docker_cmd:
       - '/usr/sbin/init'
diff --git a/spec/acceptance/nodesets/el9.yml b/spec/acceptance/nodesets/el9.yml
index c3cc916f..ab6160b2 100644
--- a/spec/acceptance/nodesets/el9.yml
+++ b/spec/acceptance/nodesets/el9.yml
@@ -1,10 +1,10 @@
 HOSTS:
-  almalinux-9:
+  el9:
     roles:
       - agent
     platform: el-9-x86_64
     hypervisor: docker
-    image: almalinux:9
+    image: rockylinux:9
     docker_preserve_image: true
     docker_cmd:
       - '/usr/sbin/init'
diff --git a/spec/unit/puppet/type/keycloak_ldap_mapper_spec.rb b/spec/unit/puppet/type/keycloak_ldap_mapper_spec.rb
index 972f3287..63f02f50 100644
--- a/spec/unit/puppet/type/keycloak_ldap_mapper_spec.rb
+++ b/spec/unit/puppet/type/keycloak_ldap_mapper_spec.rb
@@ -214,7 +214,8 @@
   end
 
   defaults = {
-    read_only: :true
+    read_only: :true,
+    mapped_group_attributes: :absent
   }
 
   describe 'basic properties' do