Examples with RoleModel org.keycloak.models.RoleModel used on opensource projects

Example 1 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RolePolicyProviderFactory method postInit.

@Override
public void postInit(KeycloakSessionFactory factory) {
    factory.register(event -> {
        if (event instanceof RoleRemovedEvent) {
            KeycloakSession keycloakSession = ((RoleRemovedEvent) event).getKeycloakSession();
            AuthorizationProvider provider = keycloakSession.getProvider(AuthorizationProvider.class);
            StoreFactory storeFactory = provider.getStoreFactory();
            PolicyStore policyStore = storeFactory.getPolicyStore();
            RoleModel removedRole = ((RoleRemovedEvent) event).getRole();
            RoleContainerModel container = removedRole.getContainer();
            ResourceServerStore resourceServerStore = storeFactory.getResourceServerStore();
            if (container instanceof RealmModel) {
                RealmModel realm = (RealmModel) container;
                realm.getClientsStream().forEach(clientModel -> updateResourceServer(clientModel, removedRole, resourceServerStore, policyStore));
            } else {
                ClientModel clientModel = (ClientModel) container;
                updateResourceServer(clientModel, removedRole, resourceServerStore, policyStore);
            }
        }
    });
}

Example 2 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class KeycloakOIDCClientInstallation method configureAuthorizationSettings.

private void configureAuthorizationSettings(KeycloakSession session, ClientModel client, ClientManager.InstallationAdapterConfig rep) {
    if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION) && new AuthorizationService(session, client, null, null).isEnabled()) {
        PolicyEnforcerConfig enforcerConfig = new PolicyEnforcerConfig();
        enforcerConfig.setEnforcementMode(null);
        enforcerConfig.setLazyLoadPaths(null);
        rep.setEnforcerConfig(enforcerConfig);
        Iterator<RoleModel> it = client.getRolesStream().iterator();
        RoleModel role = hasOnlyOne(it);
        if (role != null && role.getName().equals(Constants.AUTHZ_UMA_PROTECTION)) {
            rep.setUseResourceRoleMappings(null);
        }
    }
}

Example 3 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class ScopeMappedResource method deleteRealmScopeMappings.

/**
 * Remove a set of realm-level roles from the client's scope
 *
 * @param roles
 */
@Path("realm")
@DELETE
@Consumes(MediaType.APPLICATION_JSON)
public void deleteRealmScopeMappings(List<RoleRepresentation> roles) {
    managePermission.require();
    if (scopeContainer == null) {
        throw new NotFoundException("Could not find client");
    }
    if (roles == null) {
        roles = scopeContainer.getRealmScopeMappingsStream().peek(scopeContainer::deleteScopeMapping).map(ModelToRepresentation::toBriefRepresentation).collect(Collectors.toList());
    } else {
        for (RoleRepresentation role : roles) {
            RoleModel roleModel = realm.getRoleById(role.getId());
            if (roleModel == null) {
                throw new NotFoundException("Role not found");
            }
            scopeContainer.deleteScopeMapping(roleModel);
        }
    }
    adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).representation(roles).success();
}

Example 4 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class ScopeMappedResource method addRealmScopeMappings.

/**
 * Add a set of realm-level roles to the client's scope
 *
 * @param roles
 */
@Path("realm")
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addRealmScopeMappings(List<RoleRepresentation> roles) {
    managePermission.require();
    if (scopeContainer == null) {
        throw new NotFoundException("Could not find client");
    }
    for (RoleRepresentation role : roles) {
        RoleModel roleModel = realm.getRoleById(role.getId());
        if (roleModel == null) {
            throw new NotFoundException("Role not found");
        }
        scopeContainer.addScopeMapping(roleModel);
    }
    adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(roles).success();
}

Example 5 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleByIdResource method getRealmRoleComposites.

/**
 * Get realm-level roles that are in the role's composite
 *
 * @param id
 * @return
 */
@Path("{role-id}/composites/realm")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public Stream<RoleRepresentation> getRealmRoleComposites(@PathParam("role-id") final String id) {
    RoleModel role = getRoleModel(id);
    auth.roles().requireView(role);
    return getRealmRoleComposites(role);
}