default role (#588)

Author: LioriE

descope/management/role.py

@@ -11,6 +11,7 @@ def create(
         description: Optional[str] = None,
         permission_names: Optional[List[str]] = None,
         tenant_id: Optional[str] = None,
+        default: Optional[bool] = None,
     ):
         """
         Create a new role.
@@ -19,6 +20,8 @@ def create(
         name (str): role name.
         description (str): Optional description to briefly explain what this role allows.
         permission_names (List[str]): Optional list of names of permissions this role grants.
+        tenant_id (str): Optional tenant ID to create the role in.
+        default (bool): Optional marks this role as default role.
 
         Raise:
         AuthException: raised if creation operation fails
@@ -32,6 +35,7 @@ def create(
                 "description": description,
                 "permissionNames": permission_names,
                 "tenantId": tenant_id,
+                "default": default,
             },
             pswd=self._auth.management_key,
         )
@@ -43,6 +47,7 @@ def update(
         description: Optional[str] = None,
         permission_names: Optional[List[str]] = None,
         tenant_id: Optional[str] = None,
+        default: Optional[bool] = None,
     ):
         """
         Update an existing role with the given various fields. IMPORTANT: All parameters are used as overrides
@@ -53,6 +58,8 @@ def update(
         new_name (str): role updated name.
         description (str): Optional description to briefly explain what this role allows.
         permission_names (List[str]): Optional list of names of permissions this role grants.
+        tenant_id (str): Optional tenant ID to update the role in.
+        default (bool): Optional marks this role as default role.
 
         Raise:
         AuthException: raised if update operation fails
@@ -66,6 +73,7 @@ def update(
                 "description": description,
                 "permissionNames": permission_names,
                 "tenantId": tenant_id,
+                "default": default,
             },
             pswd=self._auth.management_key,
         )

tests/management/test_role.py

@@ -44,7 +44,7 @@ def test_create(self):
         # Test success flow
         with patch("requests.post") as mock_post:
             mock_post.return_value.ok = True
-            self.assertIsNone(client.mgmt.role.create("R1", "Something", ["P1"], "t1"))
+            self.assertIsNone(client.mgmt.role.create("R1", "Something", ["P1"], "t1", True))
             mock_post.assert_called_with(
                 f"{common.DEFAULT_BASE_URL}{MgmtV1.role_create_path}",
                 headers={
@@ -58,6 +58,7 @@ def test_create(self):
                     "description": "Something",
                     "permissionNames": ["P1"],
                     "tenantId": "t1",
+                    "default": True,
                 },
                 allow_redirects=False,
                 verify=True,
@@ -92,6 +93,7 @@ def test_update(self):
                     "new-description",
                     ["P1", "P2"],
                     "t1",
+                    True,
                 )
             )
             mock_post.assert_called_with(
@@ -108,6 +110,7 @@ def test_update(self):
                     "description": "new-description",
                     "permissionNames": ["P1", "P2"],
                     "tenantId": "t1",
+                    "default": True,
                 },
                 allow_redirects=False,
                 verify=True,