use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.
the class GroupPolicyManagementTest method assertCreated.
private void assertCreated(AuthorizationResource authorization, GroupPolicyRepresentation representation) {
GroupPoliciesResource policies = authorization.policies().group();
Response response = policies.create(representation);
GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
GroupPolicyResource policy = policies.findById(created.getId());
assertRepresentation(representation, policy);
}
use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.
the class GroupPolicyManagementTest method testGenericConfig.
@Test
public void testGenericConfig() {
AuthorizationResource authorization = getClient().authorization();
GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
representation.setName("Test Generic Config Permission");
representation.setGroupsClaim("groups");
representation.addGroupPath("/Group A");
GroupPoliciesResource policies = authorization.policies().group();
try (Response response = policies.create(representation)) {
GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
PolicyResource policy = authorization.policies().policy(created.getId());
PolicyRepresentation genericConfig = policy.toRepresentation();
assertNotNull(genericConfig.getConfig());
assertNotNull(genericConfig.getConfig().get("groups"));
GroupRepresentation group = getRealm().groups().groups().stream().filter(groupRepresentation -> groupRepresentation.getName().equals("Group A")).findFirst().get();
assertTrue(genericConfig.getConfig().get("groups").contains(group.getId()));
}
}
use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.
the class GroupPolicyManagementTest method testDelete.
@Test
public void testDelete() {
AuthorizationResource authorization = getClient().authorization();
GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
representation.setName("Delete Group Policy");
representation.setGroupsClaim("groups");
representation.addGroupPath("/Group A/Group B/Group C", true);
representation.addGroupPath("Group F");
GroupPoliciesResource policies = authorization.policies().group();
try (Response response = policies.create(representation)) {
GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
policies.findById(created.getId()).remove();
GroupPolicyResource removed = policies.findById(created.getId());
try {
removed.toRepresentation();
fail("Permission not removed");
} catch (NotFoundException ignore) {
}
}
}
use of org.keycloak.admin.client.resource.GroupPoliciesResource in project keycloak by keycloak.
the class GroupPolicyManagementTest method testUpdate.
@Test
public void testUpdate() {
AuthorizationResource authorization = getClient().authorization();
GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
representation.setName("Update Group Policy");
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
representation.setGroupsClaim("groups");
representation.addGroupPath("/Group A/Group B/Group C", true);
representation.addGroupPath("Group F");
assertCreated(authorization, representation);
representation.setName("changed");
representation.setDescription("changed");
representation.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE);
representation.setLogic(Logic.POSITIVE);
representation.setGroupsClaim(null);
representation.removeGroup("/Group A/Group B");
GroupPoliciesResource policies = authorization.policies().group();
GroupPolicyResource permission = policies.findById(representation.getId());
permission.update(representation);
assertRepresentation(representation, permission);
for (GroupPolicyRepresentation.GroupDefinition roleDefinition : representation.getGroups()) {
if (roleDefinition.getPath().equals("Group F")) {
roleDefinition.setExtendChildren(true);
}
}
permission.update(representation);
assertRepresentation(representation, permission);
representation.getGroups().clear();
representation.addGroupPath("/Group A/Group B");
permission.update(representation);
assertRepresentation(representation, permission);
}
Aggregations