Adds keycloak_realm_events resource. (#211)

docs/resources/keycloak_realm_events.md

@@ -0,0 +1,43 @@
+# keycloak_realm_events
+
+Allows for managing Realm Events settings within Keycloak.
+
+### Example Usage
+
+```hcl
+resource "keycloak_realm" "realm" {
+  realm = "test"
+}
+
+resource "keycloak_realm_events" "realm_events" {
+  realm_id = "${keycloak_realm.realm.id}"
+
+  events_enabled       = true
+  events_expiration    = 3600
+
+  admin_events_enabled         = true
+  admin_events_details_enabled = true
+
+  # When omitted or left empty, keycloak will enable all event types
+  enabled_event_types = [
+    "LOGIN",
+    "LOGOUT",
+  ]
+
+  events_listeners = [
+    "jboss-logging", # keycloak enables the 'jboss-logging' event listener by default.
+  ]
+}
+```
+
+### Argument Reference
+
+The following arguments are supported:
+
+- `realm_id` - (Required) The name of the realm the event settings apply to.
+- `admin_events_enabled` - (Optional) When true, admin events are saved to the database, making them available through the admin console. Defaults to `false`.
+- `admin_events_details_enabled` - (Optional) When true, saved admin events will included detailed information for create/update requests. Defaults to `false`.
+- `events_enabled` - (Optional) When true, events from `enabled_event_types` are saved to the database, making them available through the admin console. Defaults to `false`.
+- `events_expiration` - (Optional) The amount of time in seconds events will be saved in the database. Defaults to `0` or never.
+- `enabled_event_types` - (Optional) The event types that will be saved to the database. Omitting this field enables all event types. Defaults to `[]` or all event types.
+- `events_listeners` - (Optional) The event listeners that events should be sent to. Defaults to `[]` or none. Note that new realms enable the `jboss-logging` listener by default, and this resource will remove that unless it is specified.

keycloak/realm_events.go

@@ -0,0 +1,27 @@
+package keycloak
+
+import "fmt"
+
+type RealmEventsConfig struct {
+	AdminEventsDetailsEnabled bool     `json:"adminEventsDetailsEnabled"`
+	AdminEventsEnabled        bool     `json:"adminEventsEnabled"`
+	EnabledEventTypes         []string `json:"enabledEventTypes"`
+	EventsEnabled             bool     `json:"eventsEnabled"`
+	EventsExpiration          int      `json:"eventsExpiration"`
+	EventsListeners           []string `json:"eventsListeners,omitempty"`
+}
+
+func (keycloakClient *KeycloakClient) GetRealmEventsConfig(realmId string) (*RealmEventsConfig, error) {
+	var realmEventsConfig RealmEventsConfig
+
+	err := keycloakClient.get(fmt.Sprintf("/realms/%s/events/config", realmId), &realmEventsConfig, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return &realmEventsConfig, nil
+}
+
+func (keycloakClient *KeycloakClient) UpdateRealmEventsConfig(realmId string, realmEventsConfig *RealmEventsConfig) error {
+	return keycloakClient.put(fmt.Sprintf("/realms/%s/events/config", realmId), realmEventsConfig)
+}

mkdocs.yml

@@ -11,6 +11,7 @@ nav:
   - keycloak_role: data_sources/keycloak_role.md
 - Resources:
   - keycloak_realm: resources/keycloak_realm.md
+  - keycloak_realm_events: resources/keycloak_realm_events.md
   - keycloak_user: resources/keycloak_user.md
   - keycloak_role: resources/keycloak_role.md
   - keycloak_group: resources/keycloak_group.md

provider/provider.go

@@ -18,6 +18,7 @@ func KeycloakProvider() *schema.Provider {
 		},
 		ResourcesMap: map[string]*schema.Resource{
 			"keycloak_realm":                                           resourceKeycloakRealm(),
+			"keycloak_realm_events":                                    resourceKeycloakRealmEvents(),
 			"keycloak_required_action":                                 resourceKeycloakRequiredAction(),
 			"keycloak_group":                                           resourceKeycloakGroup(),
 			"keycloak_group_memberships":                               resourceKeycloakGroupMemberships(),

provider/resource_keycloak_realm_events.go

@@ -0,0 +1,152 @@
+package provider
+
+import (
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/mrparkers/terraform-provider-keycloak/keycloak"
+)
+
+func resourceKeycloakRealmEvents() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceKeycloakRealmEventsCreate,
+		Read:   resourceKeycloakRealmEventsRead,
+		Delete: resourceKeycloakRealmEventsDelete,
+		Update: resourceKeycloakRealmEventsUpdate,
+		Schema: map[string]*schema.Schema{
+			"realm_id": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"admin_events_details_enabled": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				ForceNew: false,
+			},
+			"admin_events_enabled": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				ForceNew: false,
+			},
+			"enabled_event_types": {
+				Type:     schema.TypeSet,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Optional: true,
+				ForceNew: false,
+			},
+			"events_enabled": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				ForceNew: false,
+			},
+			"events_expiration": {
+				Type:     schema.TypeInt,
+				Optional: true,
+				ForceNew: false,
+			},
+			"events_listeners": {
+				Type:     schema.TypeSet,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+				Optional: true,
+				ForceNew: false,
+			},
+		},
+	}
+}
+
+func getRealmEventsConfigFromData(data *schema.ResourceData) *keycloak.RealmEventsConfig {
+	enabledEventTypes := make([]string, 0)
+	eventsListeners := make([]string, 0)
+
+	if v, ok := data.GetOk("enabled_event_types"); ok {
+		for _, enabledEventType := range v.(*schema.Set).List() {
+			enabledEventTypes = append(enabledEventTypes, enabledEventType.(string))
+		}
+	}
+
+	if v, ok := data.GetOk("events_listeners"); ok {
+		for _, eventsListener := range v.(*schema.Set).List() {
+			eventsListeners = append(eventsListeners, eventsListener.(string))
+		}
+	}
+
+	realmEventsConfig := &keycloak.RealmEventsConfig{
+		AdminEventsDetailsEnabled: data.Get("admin_events_details_enabled").(bool),
+		AdminEventsEnabled:        data.Get("admin_events_enabled").(bool),
+		EnabledEventTypes:         enabledEventTypes,
+		EventsEnabled:             data.Get("events_enabled").(bool),
+		EventsExpiration:          data.Get("events_expiration").(int),
+		EventsListeners:           eventsListeners,
+	}
+
+	return realmEventsConfig
+}
+
+func setRealmEventsConfigData(data *schema.ResourceData, realmEventsConfig *keycloak.RealmEventsConfig) {
+	data.Set("admin_events_details_enabled", realmEventsConfig.AdminEventsDetailsEnabled)
+	data.Set("admin_events_enabled", realmEventsConfig.AdminEventsEnabled)
+	data.Set("events_enabled", realmEventsConfig.EventsEnabled)
+	data.Set("events_expiration", realmEventsConfig.EventsExpiration)
+	data.Set("events_listeners", realmEventsConfig.EventsListeners)
+
+	if _, ok := data.GetOk("enabled_event_types"); ok {
+		data.Set("enabled_event_types", realmEventsConfig.EnabledEventTypes)
+	}
+}
+
+func resourceKeycloakRealmEventsCreate(data *schema.ResourceData, meta interface{}) error {
+	realmId := data.Get("realm_id").(string)
+	data.SetId(realmId)
+
+	err := resourceKeycloakRealmEventsUpdate(data, meta)
+	if err != nil {
+		return err
+	}
+
+	return resourceKeycloakRealmEventsRead(data, meta)
+}
+
+func resourceKeycloakRealmEventsRead(data *schema.ResourceData, meta interface{}) error {
+	keycloakClient := meta.(*keycloak.KeycloakClient)
+
+	realmId := data.Get("realm_id").(string)
+
+	realmEventsConfig, err := keycloakClient.GetRealmEventsConfig(realmId)
+	if err != nil {
+		return handleNotFoundError(err, data)
+	}
+
+	setRealmEventsConfigData(data, realmEventsConfig)
+
+	return nil
+}
+
+func resourceKeycloakRealmEventsDelete(data *schema.ResourceData, meta interface{}) error {
+	keycloakClient := meta.(*keycloak.KeycloakClient)
+	realmId := data.Get("realm_id").(string)
+
+	// The realm events config cannot be deleted, so instead we set it back to its "zero" values.
+	realmEventsConfig := &keycloak.RealmEventsConfig{}
+
+	err := keycloakClient.UpdateRealmEventsConfig(realmId, realmEventsConfig)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func resourceKeycloakRealmEventsUpdate(data *schema.ResourceData, meta interface{}) error {
+	keycloakClient := meta.(*keycloak.KeycloakClient)
+
+	realmId := data.Get("realm_id").(string)
+	realmEventsConfig := getRealmEventsConfigFromData(data)
+
+	err := keycloakClient.UpdateRealmEventsConfig(realmId, realmEventsConfig)
+	if err != nil {
+		return err
+	}
+
+	setRealmEventsConfigData(data, realmEventsConfig)
+
+	return nil
+}