Examples with RoleModel org.keycloak.models.RoleModel used on opensource projects

Example 91 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleMapperResource method deleteRealmRoleMappings.

/**
 * Delete realm-level role mappings
 *
 * @param roles
 */
@Path("realm")
@DELETE
@Consumes(MediaType.APPLICATION_JSON)
public void deleteRealmRoleMappings(List<RoleRepresentation> roles) {
    managePermission.require();
    logger.debug("deleteRealmRoleMappings");
    if (roles == null) {
        roles = roleMapper.getRealmRoleMappingsStream().peek(roleModel -> {
            auth.roles().requireMapRole(roleModel);
            roleMapper.deleteRoleMapping(roleModel);
        }).map(ModelToRepresentation::toBriefRepresentation).collect(Collectors.toList());
    } else {
        for (RoleRepresentation role : roles) {
            RoleModel roleModel = realm.getRole(role.getName());
            if (roleModel == null || !roleModel.getId().equals(role.getId())) {
                throw new NotFoundException("Role not found");
            }
            auth.roles().requireMapRole(roleModel);
            try {
                roleMapper.deleteRoleMapping(roleModel);
            } catch (ModelException | ReadOnlyException me) {
                logger.warn(me.getMessage(), me);
                throw new ErrorResponseException("invalid_request", "Could not remove user role mappings!", Response.Status.BAD_REQUEST);
            }
        }
    }
    adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).representation(roles).success();
}

Example 92 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleMapperResource method addRealmRoleMappings.

/**
 * Add realm-level role mappings to the user
 *
 * @param roles Roles to add
 */
@Path("realm")
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addRealmRoleMappings(List<RoleRepresentation> roles) {
    managePermission.require();
    logger.debugv("** addRealmRoleMappings: {0}", roles);
    try {
        for (RoleRepresentation role : roles) {
            RoleModel roleModel = realm.getRole(role.getName());
            if (roleModel == null || !roleModel.getId().equals(role.getId())) {
                throw new NotFoundException("Role not found");
            }
            auth.roles().requireMapRole(roleModel);
            roleMapper.grantRole(roleModel);
        }
    } catch (ModelException | ReadOnlyException me) {
        logger.warn(me.getMessage(), me);
        throw new ErrorResponseException("invalid_request", "Could not add user role mappings!", Response.Status.BAD_REQUEST);
    }
    adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(roles).success();
}

Example 93 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class ScopeMappedClientResource method addClientScopeMapping.

/**
 * Add client-level roles to the client's scope
 *
 * @param roles
 */
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addClientScopeMapping(List<RoleRepresentation> roles) {
    managePermission.require();
    for (RoleRepresentation role : roles) {
        RoleModel roleModel = scopedClient.getRole(role.getName());
        if (roleModel == null) {
            throw new NotFoundException("Role not found");
        }
        scopeContainer.addScopeMapping(roleModel);
    }
    adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(roles).success();
}

Example 94 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class ScopeMappedClientResource method deleteClientScopeMapping.

/**
 * Remove client-level roles from the client's scope.
 *
 * @param roles
 */
@DELETE
@Consumes(MediaType.APPLICATION_JSON)
public void deleteClientScopeMapping(List<RoleRepresentation> roles) {
    managePermission.require();
    if (roles == null) {
        roles = KeycloakModelUtils.getClientScopeMappingsStream(scopedClient, scopeContainer).peek(scopeContainer::deleteScopeMapping).map(ModelToRepresentation::toBriefRepresentation).collect(Collectors.toList());
    } else {
        for (RoleRepresentation role : roles) {
            RoleModel roleModel = scopedClient.getRole(role.getName());
            if (roleModel == null) {
                throw new NotFoundException("Role not found");
            }
            scopeContainer.deleteScopeMapping(roleModel);
        }
    }
    adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).representation(roles).success();
}

Example 95 with RoleModel

use of org.keycloak.models.RoleModel in project keycloak by keycloak.

the class RoleByIdResource method updateRole.

/**
 * Update the role
 *
 * @param id id of role
 * @param rep
 */
@Path("{role-id}")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public void updateRole(@PathParam("role-id") final String id, final RoleRepresentation rep) {
    RoleModel role = getRoleModel(id);
    auth.roles().requireManage(role);
    updateRole(rep, role);
    if (role.isClientRole()) {
        adminEvent.resource(ResourceType.CLIENT_ROLE);
    } else {
        adminEvent.resource(ResourceType.REALM_ROLE);
    }
    adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri()).representation(rep).success();
}