Metadata-Version: 2.4
Name: pas.plugins.kimug
Version: 1.4.3
Summary: A PAS plugin to set roles to imio keycloak users
Home-page: https://github.com/imio/pas.plugins.kimug
Author: iMio
Author-email: devops@imio.be
License: GPL version 2
Project-URL: PyPI, https://pypi.org/project/pas.plugins.kimug
Project-URL: Source, https://github.com/imio/pas.plugins.kimug
Project-URL: Tracker, https://github.com/imio/pas.plugins.kimug/issues
Keywords: Python Plone CMS
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Web Environment
Classifier: Framework :: Plone
Classifier: Framework :: Plone :: Addon
Classifier: Framework :: Plone :: 6.0
Classifier: Framework :: Plone :: 6.1
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Operating System :: OS Independent
Classifier: License :: OSI Approved :: GNU General Public License v2 (GPLv2)
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE.GPL
License-File: LICENSE.md
Requires-Dist: setuptools
Requires-Dist: Products.CMFPlone
Requires-Dist: plone.api
Requires-Dist: pas.plugins.oidc>=2.0.0b4
Requires-Dist: python-keycloak
Provides-Extra: test
Requires-Dist: ipdb; extra == "test"
Requires-Dist: zest.releaser[recommended]; extra == "test"
Requires-Dist: zestreleaser.towncrier; extra == "test"
Requires-Dist: plone.app.testing; extra == "test"
Requires-Dist: plone.classicui; extra == "test"
Requires-Dist: plone.restapi[test]; extra == "test"
Requires-Dist: pytest; extra == "test"
Requires-Dist: pytest-cov; extra == "test"
Requires-Dist: pytest-plone>=0.5.0; extra == "test"
Requires-Dist: pytest-docker; extra == "test"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: keywords
Dynamic: license
Dynamic: license-file
Dynamic: project-url
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary


# pas.plugins.kimug

A PAS plugin to set roles to imio keycloak users

Kimug is a acronym for "Keycloak IMio User & Group"

## Installation

### Install pas.plugins.kimug:

```shell
make build
```

### Create the Plone site:

```shell
make create-site
```

## Test environment

### export imio realm

```shell
cd tests && docker compose exec keycloak /opt/keycloak/bin/kc.sh export --file /opt/keycloak/data/import/realm-imio.json --realm imio

docker compose exec keycloak /opt/keycloak/bin/kc.sh export --file /opt/keycloak/data/import/realm-plone.json --realm plone
```

### Tests credentials

- login : kimug

- email : kimug@imio.be

- password : kimug

### Run test

```shell
.venv/bin/tox -e test -s
```

or only one class

```shell
.venv/bin/pytest tests -s -k TestMigration
```

## Contribute

- [Issue Tracker](https://github.com/imio/pas.plugins.kimug/issues)
- [Source Code](https://github.com/imio/pas.plugins.kimug/)

## License

The project is licensed under GPLv2.


# Contributors

- iMio [devops@imio.be]


## 1.4.3 (2026-03-24)


- DEVOPS-339 : Fix ConflictError when multiple Zope instances start simultaneously and commit OIDC settings
  [remdub]


## 1.4.2 (2025-12-10)

- Set administrator role for users in group iA.Smartweb-admin with an imio address.
  [bsuttor]


## 1.4.1 (2025-11-25)

- WEB-4331 : Set Allowed Groups with environment variable
  [remdub]


## 1.4.0 (2025-11-04)

- Upgrade dev environment to Plone 6.1.3
  [remdub]

- Override views related to user management
  We no longer create or modify users in Plone
  This is now handled by Keycloak
  [remdub]

- Remove deprecated methods related to redirect uris
  We are not using those methods anymore since 1.3.0
  [remdub]


## 1.3.1 (2025-09-30)

- Do not gave administrator role for users in group iA.Smartweb.
  [bsuttor]


## 1.3.0 (2025-09-25)

- Skip OIDC settings configuration when Plone site or OIDC plugin is unavailable
  [remdub]

- Set "came_from" session variable from HTTP_REFERER instead of came_from request.
  [bsuttor]

- In controlpanel status, check if the redirect_uris set in Keycloak match the ones set in the OIDC plugin.
  [remdub]

- Set OIDC settings from environment variables on instance boot
  [remdub, bsuttor]


## 1.2.0 (2025-09-16)

- Add controlpanel
  [remdub]

- Add a view to set OIDC settings
  [remdub]

- Add a view to import Keycloak users to Plone.
  [bsuttor]


## 1.1.5 (2025-09-09)


- Add upgrade-step to clean authentic users
  [remdub]


## 1.1.4 (2025-08-28)


- You should rerun migration as many times as you want.
  [bsuttor]


## 1.1.3 (2025-08-28)


- Check if realm exists and environment variables are set before migration
  [remdub]


## 1.1.2 (2025-08-27)


- Add forgot local roles on migration to Keycloak.
  [bsuttor & remdub]

## 1.1.1 (2025-08-26)


- Migrate users form Authentic to Keycloal OIDC plugin.
  [bsuttor]


## 1.1.0 (2025-07-10)


- Migrate authentic to keycloak


## 1.0.0 (2025-03-31)


