Examples with MapPermissionTicketEntity org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity used on opensource projects

Example 1 with MapPermissionTicketEntity

use of org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity in project keycloak by keycloak.

the class MapPermissionTicketStore method create.

@Override
public PermissionTicket create(String resourceId, String scopeId, String requester, ResourceServer resourceServer) {
    LOG.tracef("create(%s, %s, %s, %s)%s", resourceId, scopeId, requester, resourceServer, getShortStackTrace());
    String owner = authorizationProvider.getStoreFactory().getResourceStore().findById(resourceId, resourceServer.getId()).getOwner();
    // @UniqueConstraint(columnNames = {"OWNER", "REQUESTER", "RESOURCE_SERVER_ID", "RESOURCE_ID", "SCOPE_ID"})
    DefaultModelCriteria<PermissionTicket> mcb = forResourceServer(resourceServer.getId()).compare(SearchableFields.OWNER, Operator.EQ, owner).compare(SearchableFields.RESOURCE_ID, Operator.EQ, resourceId).compare(SearchableFields.REQUESTER, Operator.EQ, requester);
    if (scopeId != null) {
        mcb = mcb.compare(SearchableFields.SCOPE_ID, Operator.EQ, scopeId);
    }
    if (tx.getCount(withCriteria(mcb)) > 0) {
        throw new ModelDuplicateException("Permission ticket for resource server: '" + resourceServer.getId() + ", Resource: " + resourceId + ", owner: " + owner + ", scopeId: " + scopeId + " already exists.");
    }
    MapPermissionTicketEntity entity = new MapPermissionTicketEntityImpl();
    entity.setResourceId(resourceId);
    entity.setRequester(requester);
    entity.setCreatedTimestamp(System.currentTimeMillis());
    if (scopeId != null) {
        entity.setScopeId(scopeId);
    }
    entity.setOwner(owner);
    entity.setResourceServerId(resourceServer.getId());
    entity = tx.create(entity);
    return entityToAdapter(entity);
}

Example 2 with MapPermissionTicketEntity

use of org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity in project keycloak by keycloak.

the class MapPermissionTicketStore method findGrantedResources.

@Override
public List<Resource> findGrantedResources(String requester, String name, int first, int max) {
    DefaultModelCriteria<PermissionTicket> mcb = criteria();
    mcb = mcb.compare(SearchableFields.REQUESTER, Operator.EQ, requester).compare(SearchableFields.GRANTED_TIMESTAMP, Operator.EXISTS);
    Function<MapPermissionTicketEntity, Resource> ticketResourceMapper;
    ResourceStore resourceStore = authorizationProvider.getStoreFactory().getResourceStore();
    if (name != null) {
        ticketResourceMapper = ticket -> {
            Map<Resource.FilterOption, String[]> filterOptionMap = new EnumMap<>(Resource.FilterOption.class);
            filterOptionMap.put(Resource.FilterOption.ID, new String[] { ticket.getResourceId() });
            filterOptionMap.put(Resource.FilterOption.NAME, new String[] { name });
            List<Resource> resource = resourceStore.findByResourceServer(filterOptionMap, ticket.getResourceServerId(), -1, 1);
            return resource.isEmpty() ? null : resource.get(0);
        };
    } else {
        ticketResourceMapper = ticket -> resourceStore.findById(ticket.getResourceId(), ticket.getResourceServerId());
    }
    return paginatedStream(tx.read(withCriteria(mcb).orderBy(SearchableFields.RESOURCE_ID, ASCENDING)).filter(distinctByKey(MapPermissionTicketEntity::getResourceId)).map(ticketResourceMapper).filter(Objects::nonNull), first, max).collect(Collectors.toList());
}