Search in sources :

Example 1 with PolicyEntity

use of org.keycloak.authorization.jpa.entities.PolicyEntity in project keycloak by keycloak.

the class JPAPolicyStore method findByScopeIds.

@Override
public List<Policy> findByScopeIds(List<String> scopeIds, String resourceServerId) {
    if (scopeIds == null || scopeIds.isEmpty()) {
        return Collections.emptyList();
    }
    // Use separate subquery to handle DB2 and MSSSQL
    TypedQuery<PolicyEntity> query = entityManager.createNamedQuery("findPolicyIdByScope", PolicyEntity.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("scopeIds", scopeIds);
    query.setParameter("serverId", resourceServerId);
    List<Policy> list = new LinkedList<>();
    PolicyStore storeFactory = provider.getStoreFactory().getPolicyStore();
    for (PolicyEntity entity : query.getResultList()) {
        list.add(storeFactory.findById(entity.getId(), resourceServerId));
    }
    return list;
}
Also used : Policy(org.keycloak.authorization.model.Policy) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) PolicyStore(org.keycloak.authorization.store.PolicyStore) LinkedList(java.util.LinkedList)

Example 2 with PolicyEntity

use of org.keycloak.authorization.jpa.entities.PolicyEntity in project keycloak by keycloak.

the class JPAPolicyStore method findByResourceServer.

@Override
public List<Policy> findByResourceServer(Map<Policy.FilterOption, String[]> attributes, String resourceServerId, int firstResult, int maxResult) {
    CriteriaBuilder builder = entityManager.getCriteriaBuilder();
    CriteriaQuery<PolicyEntity> querybuilder = builder.createQuery(PolicyEntity.class);
    Root<PolicyEntity> root = querybuilder.from(PolicyEntity.class);
    List<Predicate> predicates = new ArrayList();
    querybuilder.select(root.get("id"));
    if (resourceServerId != null) {
        predicates.add(builder.equal(root.get("resourceServer").get("id"), resourceServerId));
    }
    attributes.forEach((filterOption, value) -> {
        switch(filterOption) {
            case ID:
            case OWNER:
                predicates.add(root.get(filterOption.getName()).in(value));
                break;
            case SCOPE_ID:
            case RESOURCE_ID:
                String[] predicateValues = filterOption.getName().split("\\.");
                predicates.add(root.join(predicateValues[0]).get(predicateValues[1]).in(value));
                break;
            case PERMISSION:
                {
                    if (Boolean.parseBoolean(value[0])) {
                        predicates.add(root.get("type").in("resource", "scope", "uma"));
                    } else {
                        predicates.add(builder.not(root.get("type").in("resource", "scope", "uma")));
                    }
                }
                break;
            case ANY_OWNER:
                break;
            case CONFIG:
                if (value.length != 2) {
                    throw new IllegalArgumentException("Config filter option requires value with two items: [config_name, expected_config_value]");
                }
                predicates.add(root.joinMap("config").key().in(value[0]));
                predicates.add(builder.like(root.joinMap("config").value().as(String.class), "%" + value[1] + "%"));
                break;
            case TYPE:
            case NAME:
                predicates.add(builder.like(builder.lower(root.get(filterOption.getName())), "%" + value[0].toLowerCase() + "%"));
                break;
            default:
                throw new IllegalArgumentException("Unsupported filter [" + filterOption + "]");
        }
    });
    if (!attributes.containsKey(Policy.FilterOption.OWNER) && !attributes.containsKey(Policy.FilterOption.ANY_OWNER)) {
        predicates.add(builder.isNull(root.get("owner")));
    }
    querybuilder.where(predicates.toArray(new Predicate[predicates.size()])).orderBy(builder.asc(root.get("name")));
    TypedQuery query = entityManager.createQuery(querybuilder);
    List<String> result = paginateQuery(query, firstResult, maxResult).getResultList();
    List<Policy> list = new LinkedList<>();
    for (String id : result) {
        Policy policy = provider.getStoreFactory().getPolicyStore().findById(id, resourceServerId);
        if (Objects.nonNull(policy)) {
            list.add(policy);
        }
    }
    return list;
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) Policy(org.keycloak.authorization.model.Policy) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) Predicate(javax.persistence.criteria.Predicate) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity)

Example 3 with PolicyEntity

use of org.keycloak.authorization.jpa.entities.PolicyEntity in project keycloak by keycloak.

the class JPAPolicyStore method findByScopeIds.

@Override
public void findByScopeIds(List<String> scopeIds, String resourceId, String resourceServerId, Consumer<Policy> consumer) {
    // Use separate subquery to handle DB2 and MSSSQL
    TypedQuery<PolicyEntity> query;
    if (resourceId == null) {
        query = entityManager.createNamedQuery("findPolicyIdByNullResourceScope", PolicyEntity.class);
    } else {
        query = entityManager.createNamedQuery("findPolicyIdByResourceScope", PolicyEntity.class);
        query.setParameter("resourceId", resourceId);
    }
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("scopeIds", scopeIds);
    query.setParameter("serverId", resourceServerId);
    StoreFactory storeFactory = provider.getStoreFactory();
    closing(query.getResultStream().map(id -> new PolicyAdapter(id, entityManager, storeFactory)).filter(Objects::nonNull)).forEach(consumer::accept);
}
Also used : AbstractPolicyRepresentation(org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) StoreFactory(org.keycloak.authorization.store.StoreFactory) NoResultException(javax.persistence.NoResultException) FlushModeType(javax.persistence.FlushModeType) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Predicate(javax.persistence.criteria.Predicate) Map(java.util.Map) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) LinkedList(java.util.LinkedList) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) Root(javax.persistence.criteria.Root) ResourceServer(org.keycloak.authorization.model.ResourceServer) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) StreamsUtil.closing(org.keycloak.utils.StreamsUtil.closing) EntityManager(javax.persistence.EntityManager) PolicyStore(org.keycloak.authorization.store.PolicyStore) Objects(java.util.Objects) Consumer(java.util.function.Consumer) PaginationUtils.paginateQuery(org.keycloak.models.jpa.PaginationUtils.paginateQuery) Policy(org.keycloak.authorization.model.Policy) List(java.util.List) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) LockModeType(javax.persistence.LockModeType) Collections(java.util.Collections) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) Objects(java.util.Objects) StoreFactory(org.keycloak.authorization.store.StoreFactory)

Example 4 with PolicyEntity

use of org.keycloak.authorization.jpa.entities.PolicyEntity in project keycloak by keycloak.

the class JPAPolicyStore method findByResource.

@Override
public void findByResource(String resourceId, String resourceServerId, Consumer<Policy> consumer) {
    TypedQuery<PolicyEntity> query = entityManager.createNamedQuery("findPolicyIdByResource", PolicyEntity.class);
    query.setFlushMode(FlushModeType.COMMIT);
    query.setParameter("resourceId", resourceId);
    query.setParameter("serverId", resourceServerId);
    PolicyStore storeFactory = provider.getStoreFactory().getPolicyStore();
    closing(query.getResultStream().map(entity -> storeFactory.findById(entity.getId(), resourceServerId)).filter(Objects::nonNull)).forEach(consumer::accept);
}
Also used : AbstractPolicyRepresentation(org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation) KeycloakModelUtils(org.keycloak.models.utils.KeycloakModelUtils) StoreFactory(org.keycloak.authorization.store.StoreFactory) NoResultException(javax.persistence.NoResultException) FlushModeType(javax.persistence.FlushModeType) TypedQuery(javax.persistence.TypedQuery) ArrayList(java.util.ArrayList) Predicate(javax.persistence.criteria.Predicate) Map(java.util.Map) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) LinkedList(java.util.LinkedList) AuthorizationProvider(org.keycloak.authorization.AuthorizationProvider) Root(javax.persistence.criteria.Root) ResourceServer(org.keycloak.authorization.model.ResourceServer) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) StreamsUtil.closing(org.keycloak.utils.StreamsUtil.closing) EntityManager(javax.persistence.EntityManager) PolicyStore(org.keycloak.authorization.store.PolicyStore) Objects(java.util.Objects) Consumer(java.util.function.Consumer) PaginationUtils.paginateQuery(org.keycloak.models.jpa.PaginationUtils.paginateQuery) Policy(org.keycloak.authorization.model.Policy) List(java.util.List) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) LockModeType(javax.persistence.LockModeType) Collections(java.util.Collections) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity) Objects(java.util.Objects) PolicyStore(org.keycloak.authorization.store.PolicyStore)

Example 5 with PolicyEntity

use of org.keycloak.authorization.jpa.entities.PolicyEntity in project keycloak by keycloak.

the class JPAPolicyStore method create.

@Override
public Policy create(AbstractPolicyRepresentation representation, ResourceServer resourceServer) {
    PolicyEntity entity = new PolicyEntity();
    if (representation.getId() == null) {
        entity.setId(KeycloakModelUtils.generateId());
    } else {
        entity.setId(representation.getId());
    }
    entity.setType(representation.getType());
    entity.setName(representation.getName());
    entity.setResourceServer(ResourceServerAdapter.toEntity(entityManager, resourceServer));
    this.entityManager.persist(entity);
    this.entityManager.flush();
    Policy model = new PolicyAdapter(entity, entityManager, provider.getStoreFactory());
    return model;
}
Also used : Policy(org.keycloak.authorization.model.Policy) PolicyEntity(org.keycloak.authorization.jpa.entities.PolicyEntity)

Aggregations

PolicyEntity (org.keycloak.authorization.jpa.entities.PolicyEntity)5 Policy (org.keycloak.authorization.model.Policy)5 LinkedList (java.util.LinkedList)4 ArrayList (java.util.ArrayList)3 TypedQuery (javax.persistence.TypedQuery)3 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)3 Predicate (javax.persistence.criteria.Predicate)3 PolicyStore (org.keycloak.authorization.store.PolicyStore)3 Collections (java.util.Collections)2 List (java.util.List)2 Map (java.util.Map)2 Objects (java.util.Objects)2 Consumer (java.util.function.Consumer)2 EntityManager (javax.persistence.EntityManager)2 FlushModeType (javax.persistence.FlushModeType)2 LockModeType (javax.persistence.LockModeType)2 NoResultException (javax.persistence.NoResultException)2 CriteriaQuery (javax.persistence.criteria.CriteriaQuery)2 Root (javax.persistence.criteria.Root)2 AuthorizationProvider (org.keycloak.authorization.AuthorizationProvider)2