Search in sources :

Example 1 with GroupPoliciesResource

use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method assertCreated.

private void assertCreated(AuthorizationResource authorization, GroupPolicyRepresentation representation) {
    GroupPoliciesResource policies = authorization.policies().group();
    Response response = policies.create(representation);
    GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
    GroupPolicyResource policy = policies.findById(created.getId());
    assertRepresentation(representation, policy);
}
Also used : Response(javax.ws.rs.core.Response) GroupPolicyResource(org.keycloak.admin.client.resource.GroupPolicyResource) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) GroupPoliciesResource(org.keycloak.admin.client.resource.GroupPoliciesResource)

Example 2 with GroupPoliciesResource

use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method testGenericConfig.

@Test
public void testGenericConfig() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName("Test Generic Config Permission");
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group A");
    GroupPoliciesResource policies = authorization.policies().group();
    try (Response response = policies.create(representation)) {
        GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
        PolicyResource policy = authorization.policies().policy(created.getId());
        PolicyRepresentation genericConfig = policy.toRepresentation();
        assertNotNull(genericConfig.getConfig());
        assertNotNull(genericConfig.getConfig().get("groups"));
        GroupRepresentation group = getRealm().groups().groups().stream().filter(groupRepresentation -> groupRepresentation.getName().equals("Group A")).findFirst().get();
        assertTrue(genericConfig.getConfig().get("groups").contains(group.getId()));
    }
}
Also used : Response(javax.ws.rs.core.Response) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation) PolicyResource(org.keycloak.admin.client.resource.PolicyResource) GroupPolicyResource(org.keycloak.admin.client.resource.GroupPolicyResource) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) GroupPoliciesResource(org.keycloak.admin.client.resource.GroupPoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 3 with GroupPoliciesResource

use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method testDelete.

@Test
public void testDelete() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName("Delete Group Policy");
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group A/Group B/Group C", true);
    representation.addGroupPath("Group F");
    GroupPoliciesResource policies = authorization.policies().group();
    try (Response response = policies.create(representation)) {
        GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
        policies.findById(created.getId()).remove();
        GroupPolicyResource removed = policies.findById(created.getId());
        try {
            removed.toRepresentation();
            fail("Permission not removed");
        } catch (NotFoundException ignore) {
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) GroupPolicyResource(org.keycloak.admin.client.resource.GroupPolicyResource) NotFoundException(javax.ws.rs.NotFoundException) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) GroupPoliciesResource(org.keycloak.admin.client.resource.GroupPoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 4 with GroupPoliciesResource

use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.

the class GroupPolicyManagementTest method testUpdate.

@Test
public void testUpdate() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName("Update Group Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group A/Group B/Group C", true);
    representation.addGroupPath("Group F");
    assertCreated(authorization, representation);
    representation.setName("changed");
    representation.setDescription("changed");
    representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
    representation.setLogic(Logic.POSITIVE);
    representation.setGroupsClaim(null);
    representation.removeGroup("/Group A/Group B");
    GroupPoliciesResource policies = authorization.policies().group();
    GroupPolicyResource permission = policies.findById(representation.getId());
    permission.update(representation);
    assertRepresentation(representation, permission);
    for (GroupPolicyRepresentation.GroupDefinition roleDefinition : representation.getGroups()) {
        if (roleDefinition.getPath().equals("Group F")) {
            roleDefinition.setExtendChildren(true);
        }
    }
    permission.update(representation);
    assertRepresentation(representation, permission);
    representation.getGroups().clear();
    representation.addGroupPath("/Group A/Group B");
    permission.update(representation);
    assertRepresentation(representation, permission);
}
Also used : GroupPolicyResource(org.keycloak.admin.client.resource.GroupPolicyResource) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) GroupPoliciesResource(org.keycloak.admin.client.resource.GroupPoliciesResource) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Aggregations

GroupPoliciesResource (org.keycloak.admin.client.resource.GroupPoliciesResource)4 GroupPolicyResource (org.keycloak.admin.client.resource.GroupPolicyResource)4 GroupPolicyRepresentation (org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)4 Response (javax.ws.rs.core.Response)3 Test (org.junit.Test)3 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)3 NotFoundException (javax.ws.rs.NotFoundException)1 PolicyResource (org.keycloak.admin.client.resource.PolicyResource)1 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)1 PolicyRepresentation (org.keycloak.representations.idm.authorization.PolicyRepresentation)1