Examples with GroupModel org.keycloak.models.GroupModel used on opensource projects

Search in sources :

Example 1 with GroupModel

use of org.keycloak.models.GroupModel in project keycloak by keycloak.

the class UserResource method joinGroup.

@PUT
@Path("groups/{groupId}")
@NoCache
public void joinGroup(@PathParam("groupId") String groupId) {
    auth.users().requireManageGroupMembership(user);
    GroupModel group = session.groups().getGroupById(realm, groupId);
    if (group == null) {
        throw new NotFoundException("Group not found");
    }
    auth.groups().requireManageMembership(group);
    if (!user.isMemberOf(group)) {
        user.joinGroup(group);
        adminEvent.operation(OperationType.CREATE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(session.getContext().getUri()).success();
    }
}
Also used : GroupModel(org.keycloak.models.GroupModel) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) NoCache(org.jboss.resteasy.annotations.cache.NoCache) PUT(javax.ws.rs.PUT)

Example 2 with GroupModel

use of org.keycloak.models.GroupModel in project keycloak by keycloak.

the class UsersResource method canCreateGroupMembers.

private boolean canCreateGroupMembers(UserRepresentation rep) {
    if (!Profile.isFeatureEnabled(Profile.Feature.ADMIN_FINE_GRAINED_AUTHZ)) {
        return false;
    }
    List<GroupModel> groups = Optional.ofNullable(rep.getGroups()).orElse(Collections.emptyList()).stream().map(path -> findGroupByPath(realm, path)).filter(Objects::nonNull).collect(Collectors.toList());
    if (groups.isEmpty()) {
        return false;
    }
    // an exception is thrown in case the current user does not have permissions to manage any of the groups
    for (GroupModel group : groups) {
        auth.groups().requireManageMembers(group);
        auth.groups().requireManageMembership(group);
    }
    return true;
}
Also used : GroupModel(org.keycloak.models.GroupModel)

Example 3 with GroupModel

use of org.keycloak.models.GroupModel in project keycloak by keycloak.

the class UserAdapter method getGroupsStream.

@Override
public Stream<GroupModel> getGroupsStream() {
    if (updated != null)
        return updated.getGroupsStream();
    Set<GroupModel> groups = new LinkedHashSet<>();
    for (String id : cached.getGroups(modelSupplier)) {
        GroupModel groupModel = keycloakSession.groups().getGroupById(realm, id);
        if (groupModel == null) {
            // chance that role was removed, so just delete to persistence and get user invalidated
            getDelegateForUpdate();
            return updated.getGroupsStream();
        }
        groups.add(groupModel);
    }
    return groups.stream();
}
Also used : LinkedHashSet(java.util.LinkedHashSet) GroupModel(org.keycloak.models.GroupModel)

Example 4 with GroupModel

use of org.keycloak.models.GroupModel in project keycloak by keycloak.

the class LDAPGroupMapper2WaySyncTest method test01_syncNoPreserveGroupInheritance.

@Test
public void test01_syncNoPreserveGroupInheritance() throws Exception {
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel realm = ctx.getRealm();
        ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm, ctx.getLdapModel(), "groupsMapper");
        LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(session, ctx.getLdapModel());
        // Update group mapper to skip preserve inheritance and check it will pass now
        LDAPTestUtils.updateGroupMapperConfigOptions(mapperModel, GroupMapperConfig.PRESERVE_GROUP_INHERITANCE, "false");
        realm.updateComponent(mapperModel);
        // Sync from Keycloak into LDAP
        SynchronizationResult syncResult = new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromKeycloakToFederationProvider(realm);
        LDAPTestAsserts.assertSyncEquals(syncResult, 4, 0, 0, 0);
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel realm = ctx.getRealm();
        // Delete all KC groups now
        removeAllModelGroups(realm);
        Assert.assertNull(KeycloakModelUtils.findGroupByPath(realm, "/group1"));
        Assert.assertNull(KeycloakModelUtils.findGroupByPath(realm, "/group11"));
        Assert.assertNull(KeycloakModelUtils.findGroupByPath(realm, "/group2"));
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel realm = ctx.getRealm();
        ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm, ctx.getLdapModel(), "groupsMapper");
        // Sync from LDAP back into Keycloak
        SynchronizationResult syncResult = new GroupLDAPStorageMapperFactory().create(session, mapperModel).syncDataFromFederationProviderToKeycloak(realm);
        LDAPTestAsserts.assertSyncEquals(syncResult, 4, 0, 0, 0);
    });
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel realm = ctx.getRealm();
        String descriptionAttrName = LDAPTestUtils.getGroupDescriptionLDAPAttrName(ctx.getLdapProvider());
        ComponentModel mapperModel = LDAPTestUtils.getSubcomponentByName(realm, ctx.getLdapModel(), "groupsMapper");
        // Assert groups are imported to keycloak. All are at top level
        GroupModel kcGroup1 = KeycloakModelUtils.findGroupByPath(realm, "/group1");
        GroupModel kcGroup11 = KeycloakModelUtils.findGroupByPath(realm, "/group11");
        GroupModel kcGroup12 = KeycloakModelUtils.findGroupByPath(realm, "/group12");
        GroupModel kcGroup2 = KeycloakModelUtils.findGroupByPath(realm, "/group2");
        Assert.assertEquals(0, kcGroup1.getSubGroupsStream().count());
        Assert.assertEquals("group1 - description1", kcGroup1.getFirstAttribute(descriptionAttrName));
        Assert.assertNull(kcGroup11.getFirstAttribute(descriptionAttrName));
        Assert.assertEquals("group12 - description12", kcGroup12.getFirstAttribute(descriptionAttrName));
        Assert.assertNull(kcGroup2.getFirstAttribute(descriptionAttrName));
        // test drop non-existing works
        testDropNonExisting(session, ctx, mapperModel);
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ComponentModel(org.keycloak.component.ComponentModel) LDAPStorageProvider(org.keycloak.storage.ldap.LDAPStorageProvider) GroupModel(org.keycloak.models.GroupModel) GroupLDAPStorageMapperFactory(org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapperFactory) SynchronizationResult(org.keycloak.storage.user.SynchronizationResult) Test(org.junit.Test)

Example 5 with GroupModel

use of org.keycloak.models.GroupModel in project keycloak by keycloak.

the class LDAPGroupMapper2WaySyncTest method before.

@Before
public void before() {
    testingClient.server().run(session -> {
        LDAPTestContext ctx = LDAPTestContext.init(session);
        RealmModel appRealm = ctx.getRealm();
        String descriptionAttrName = LDAPTestUtils.getGroupDescriptionLDAPAttrName(ctx.getLdapProvider());
        // Add group mapper
        LDAPTestUtils.addOrUpdateGroupMapper(appRealm, ctx.getLdapModel(), LDAPGroupMapperMode.LDAP_ONLY, descriptionAttrName);
        // Remove all LDAP groups
        LDAPTestUtils.removeAllLDAPGroups(session, appRealm, ctx.getLdapModel(), "groupsMapper");
        // Add some groups for testing into Keycloak
        removeAllModelGroups(appRealm);
        GroupModel group1 = appRealm.createGroup("group1");
        group1.setSingleAttribute(descriptionAttrName, "group1 - description1");
        GroupModel group11 = appRealm.createGroup("group11", group1);
        GroupModel group12 = appRealm.createGroup("group12", group1);
        group12.setSingleAttribute(descriptionAttrName, "group12 - description12");
        GroupModel group2 = appRealm.createGroup("group2");
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) GroupModel(org.keycloak.models.GroupModel) Before(org.junit.Before)

Aggregations

GroupModel (org.keycloak.models.GroupModel)72 RealmModel (org.keycloak.models.RealmModel)40 Test (org.junit.Test)26 ComponentModel (org.keycloak.component.ComponentModel)23 UserModel (org.keycloak.models.UserModel)20 LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)18 LDAPStorageProvider (org.keycloak.storage.ldap.LDAPStorageProvider)13 GroupLDAPStorageMapper (org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapper)12 RoleModel (org.keycloak.models.RoleModel)10 ClientModel (org.keycloak.models.ClientModel)9 GroupLDAPStorageMapperFactory (org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapperFactory)9 HashMap (java.util.HashMap)8 List (java.util.List)8 NotFoundException (javax.ws.rs.NotFoundException)7 SynchronizationResult (org.keycloak.storage.user.SynchronizationResult)7 HashSet (java.util.HashSet)6 Map (java.util.Map)6 Collectors (java.util.stream.Collectors)6 Path (javax.ws.rs.Path)6 Policy (org.keycloak.authorization.model.Policy)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial