use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.
the class ResourcePermissionManagementTest method testCreateResourcePermission.
@Test
public void testCreateResourcePermission() {
AuthorizationResource authorization = getClient().authorization();
ResourcePermissionRepresentation representation = new ResourcePermissionRepresentation();
representation.setName("Resource A Permission");
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
representation.addResource("Resource A");
representation.addPolicy("Only Marta Policy", "Only Kolo Policy");
assertCreated(authorization, representation);
}
use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.
the class ResourcePermissionManagementTest method testDelete.
@Test
public void testDelete() {
AuthorizationResource authorization = getClient().authorization();
ResourcePermissionRepresentation representation = new ResourcePermissionRepresentation();
representation.setName("Test Delete Permission");
representation.setResourceType("test-resource");
representation.addPolicy("Only Marta Policy");
ResourcePermissionsResource permissions = authorization.permissions().resource();
try (Response response = permissions.create(representation)) {
ResourcePermissionRepresentation created = response.readEntity(ResourcePermissionRepresentation.class);
permissions.findById(created.getId()).remove();
ResourcePermissionResource removed = permissions.findById(created.getId());
try {
removed.toRepresentation();
fail("Permission not removed");
} catch (NotFoundException ignore) {
}
}
}
use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.
the class ResourcePermissionManagementTest method failCreateWithSameName.
@Test
public void failCreateWithSameName() {
AuthorizationResource authorization = getClient().authorization();
ResourcePermissionRepresentation permission1 = new ResourcePermissionRepresentation();
permission1.setName("Conflicting Name Permission");
permission1.setResourceType("test-resource");
permission1.addPolicy("Only Marta Policy");
ResourcePermissionsResource permissions = authorization.permissions().resource();
permissions.create(permission1).close();
ResourcePermissionRepresentation permission2 = new ResourcePermissionRepresentation();
permission2.setName(permission1.getName());
try (Response response = permissions.create(permission2)) {
assertEquals(Response.Status.CONFLICT.getStatusCode(), response.getStatus());
}
}
use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.
the class RolePolicyManagementTest method testCreateClientRolePolicy.
@Test
public void testCreateClientRolePolicy() {
ClientResource client = getClient();
AuthorizationResource authorization = client.authorization();
RolePolicyRepresentation representation = new RolePolicyRepresentation();
representation.setName("Realm Client Role Policy");
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
RolesResource roles = client.roles();
roles.create(new RoleRepresentation("Client Role A", "desc", false));
ClientRepresentation clientRep = client.toRepresentation();
roles.create(new RoleRepresentation("Client Role B", "desc", false));
representation.addRole("resource-server-test/Client Role A");
representation.addClientRole(clientRep.getClientId(), "Client Role B", true);
assertCreated(authorization, representation);
}
use of org.keycloak.admin.client.resource.AuthorizationResource in project keycloak by keycloak.
the class RolePolicyManagementTest method testGenericConfig.
@Test
public void testGenericConfig() {
AuthorizationResource authorization = getClient().authorization();
RolePolicyRepresentation representation = new RolePolicyRepresentation();
representation.setName("Test Generic Config Permission");
representation.addRole("Role A", false);
RolePoliciesResource policies = authorization.policies().role();
try (Response response = policies.create(representation)) {
RolePolicyRepresentation created = response.readEntity(RolePolicyRepresentation.class);
PolicyResource policy = authorization.policies().policy(created.getId());
PolicyRepresentation genericConfig = policy.toRepresentation();
assertNotNull(genericConfig.getConfig());
assertNotNull(genericConfig.getConfig().get("roles"));
RoleRepresentation role = getRealm().roles().get("Role A").toRepresentation();
assertTrue(genericConfig.getConfig().get("roles").contains(role.getId()));
}
}
Aggregations