Search in sources :

Example 56 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class HardcodedRoleMapper method grantUserRole.

private void grantUserRole(RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel) {
    String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
    RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
    if (role == null)
        throw new IdentityBrokerException("Unable to find role: " + roleName);
    user.grantRole(role);
}
Also used : RoleModel(org.keycloak.models.RoleModel)

Example 57 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class AbstractAttributeToRoleMapper method updateBrokeredUser.

@Override
public void updateBrokeredUser(KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context) {
    RoleModel role = this.getRole(realm, mapperModel);
    String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
    // KEYCLOAK-8730 if a previous mapper has already granted the same role, skip the checks so we don't accidentally remove a valid role.
    if (!context.hasMapperGrantedRole(roleName)) {
        if (this.applies(mapperModel, context)) {
            context.addMapperGrantedRole(roleName);
            user.grantRole(role);
        } else {
            user.deleteRoleMapping(role);
        }
    }
}
Also used : RoleModel(org.keycloak.models.RoleModel)

Example 58 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleContainerResource method addComposites.

/**
 * Add a composite to the role
 *
 * @param roleName role's name (not id!)
 * @param roles
 */
@Path("{role-name}/composites")
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addComposites(@PathParam("role-name") final String roleName, List<RoleRepresentation> roles) {
    auth.roles().requireManage(roleContainer);
    RoleModel role = roleContainer.getRole(roleName);
    if (role == null) {
        throw new NotFoundException("Could not find role");
    }
    addComposites(auth, adminEvent, uriInfo, roles, role);
}
Also used : NotFoundException(javax.ws.rs.NotFoundException) RoleModel(org.keycloak.models.RoleModel) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes)

Example 59 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleContainerResource method setManagementPermissionsEnabled.

/**
 * Return object stating whether role Authorization permissions have been initialized or not and a reference
 *
 * @param roleName
 * @return initialized manage permissions reference
 */
@Path("{role-name}/management/permissions")
@PUT
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@NoCache
public ManagementPermissionReference setManagementPermissionsEnabled(@PathParam("role-name") final String roleName, ManagementPermissionReference ref) {
    auth.roles().requireManage(roleContainer);
    RoleModel role = roleContainer.getRole(roleName);
    if (role == null) {
        throw new NotFoundException("Could not find role");
    }
    AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
    permissions.roles().setPermissionsEnabled(role, ref.isEnabled());
    if (ref.isEnabled()) {
        return RoleByIdResource.toMgmtRef(role, permissions);
    } else {
        return new ManagementPermissionReference();
    }
}
Also used : NotFoundException(javax.ws.rs.NotFoundException) ManagementPermissionReference(org.keycloak.representations.idm.ManagementPermissionReference) RoleModel(org.keycloak.models.RoleModel) AdminPermissionManagement(org.keycloak.services.resources.admin.permissions.AdminPermissionManagement) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) Consumes(javax.ws.rs.Consumes) NoCache(org.jboss.resteasy.annotations.cache.NoCache) PUT(javax.ws.rs.PUT)

Example 60 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleResource method addComposites.

protected void addComposites(AdminPermissionEvaluator auth, AdminEventBuilder adminEvent, UriInfo uriInfo, List<RoleRepresentation> roles, RoleModel role) {
    for (RoleRepresentation rep : roles) {
        if (rep.getId() == null)
            throw new NotFoundException("Could not find composite role");
        RoleModel composite = realm.getRoleById(rep.getId());
        if (composite == null) {
            throw new NotFoundException("Could not find composite role");
        }
        auth.roles().requireMapComposite(composite);
        role.addCompositeRole(composite);
    }
    if (role.isClientRole()) {
        adminEvent.resource(ResourceType.CLIENT_ROLE);
    } else {
        adminEvent.resource(ResourceType.REALM_ROLE);
    }
    adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(roles).success();
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) NotFoundException(javax.ws.rs.NotFoundException) RoleModel(org.keycloak.models.RoleModel)

Aggregations

RoleModel (org.keycloak.models.RoleModel)153 ClientModel (org.keycloak.models.ClientModel)73 RealmModel (org.keycloak.models.RealmModel)69 UserModel (org.keycloak.models.UserModel)36 Path (javax.ws.rs.Path)29 Test (org.junit.Test)29 NotFoundException (javax.ws.rs.NotFoundException)25 NoCache (org.jboss.resteasy.annotations.cache.NoCache)20 KeycloakSession (org.keycloak.models.KeycloakSession)19 Consumes (javax.ws.rs.Consumes)17 List (java.util.List)16 GET (javax.ws.rs.GET)16 Produces (javax.ws.rs.Produces)16 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)15 LinkedList (java.util.LinkedList)14 HashMap (java.util.HashMap)13 ArrayList (java.util.ArrayList)12 GroupModel (org.keycloak.models.GroupModel)12 RoleContainerModel (org.keycloak.models.RoleContainerModel)12 Policy (org.keycloak.authorization.model.Policy)11