Example 11 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class UserTest method groupMembershipPaginated.
@Test
public void groupMembershipPaginated() {
String userId = createUser(UserBuilder.create().username("user-a").build());
for (int i = 1; i <= 10; i++) {
GroupRepresentation group = new GroupRepresentation();
group.setName("group-" + i);
String groupId = createGroup(realm, group).getId();
realm.users().get(userId).joinGroup(groupId);
assertAdminEvents.assertEvent(realmId, OperationType.CREATE, AdminEventPaths.userGroupPath(userId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
}
List<GroupRepresentation> groups = realm.users().get(userId).groups(5, 6);
assertEquals(groups.size(), 5);
assertNames(groups, "group-5", "group-6", "group-7", "group-8", "group-9");
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
Test(org.junit.Test)
Example 12 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class UsersTest method setupTestEnvironmentWithPermissions.
private RealmResource setupTestEnvironmentWithPermissions(boolean grp1ViewPermissions) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, IOException {
String testUserId = createUser(realmId, "test-user", "password", "", "", "");
// assign 'query-users' role to test user
ClientRepresentation clientRepresentation = realm.clients().findByClientId("realm-management").get(0);
String realmManagementId = clientRepresentation.getId();
RoleRepresentation roleRepresentation = realm.clients().get(realmManagementId).roles().get("query-users").toRepresentation();
realm.users().get(testUserId).roles().clientLevel(realmManagementId).add(Collections.singletonList(roleRepresentation));
// create test users and groups
List<GroupRepresentation> groups = setupUsersInGroupsWithPermissions();
if (grp1ViewPermissions) {
AuthorizationResource authorizationResource = realm.clients().get(realmManagementId).authorization();
// create a user policy for the test user
UserPolicyRepresentation policy = new UserPolicyRepresentation();
String policyName = "test-policy";
policy.setName(policyName);
policy.setUsers(Collections.singleton(testUserId));
authorizationResource.policies().user().create(policy).close();
PolicyRepresentation policyRepresentation = authorizationResource.policies().findByName(policyName);
// add the policy to grp1
Optional<GroupRepresentation> optional = groups.stream().filter(g -> g.getName().equals("grp1")).findFirst();
assertThat(optional.isPresent(), is(true));
GroupRepresentation grp1 = optional.get();
ScopePermissionRepresentation scopePermissionRepresentation = authorizationResource.permissions().scope().findByName("view.members.permission.group." + grp1.getId());
scopePermissionRepresentation.setPolicies(Collections.singleton(policyRepresentation.getId()));
scopePermissionRepresentation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
authorizationResource.permissions().scope().findById(scopePermissionRepresentation.getId()).update(scopePermissionRepresentation);
}
Keycloak testUserClient = AdminClientUtil.createAdminClient(true, realm.toRepresentation().getRealm(), "test-user", "password", "admin-cli", "");
return testUserClient.realm(realm.toRepresentation().getRealm());
}
Also used :
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation)
UserPolicyRepresentation(org.keycloak.representations.idm.authorization.UserPolicyRepresentation)
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
Profile(org.keycloak.common.Profile)
Matchers.not(org.hamcrest.Matchers.not)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
KeyStoreException(java.security.KeyStoreException)
PolicyRepresentation(org.keycloak.representations.idm.authorization.PolicyRepresentation)
ArrayList(java.util.ArrayList)
ManagementPermissionRepresentation(org.keycloak.representations.idm.ManagementPermissionRepresentation)
AdminClientUtil(org.keycloak.testsuite.util.AdminClientUtil)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
ProfileAssume(org.keycloak.testsuite.ProfileAssume)
Before(org.junit.Before)
Matchers.empty(org.hamcrest.Matchers.empty)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
ScopePermissionRepresentation(org.keycloak.representations.idm.authorization.ScopePermissionRepresentation)
Test(org.junit.Test)
IOException(java.io.IOException)
DecisionStrategy(org.keycloak.representations.idm.authorization.DecisionStrategy)
KeyManagementException(java.security.KeyManagementException)
CertificateException(java.security.cert.CertificateException)
Keycloak(org.keycloak.admin.client.Keycloak)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
UserPolicyRepresentation(org.keycloak.representations.idm.authorization.UserPolicyRepresentation)
List(java.util.List)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Optional(java.util.Optional)
Collections(java.util.Collections)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
UserPolicyRepresentation(org.keycloak.representations.idm.authorization.UserPolicyRepresentation)
Keycloak(org.keycloak.admin.client.Keycloak)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
ScopePermissionRepresentation(org.keycloak.representations.idm.authorization.ScopePermissionRepresentation)
Example 13 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class UsersTest method setupUsersInGroupsWithPermissions.
private List<GroupRepresentation> setupUsersInGroupsWithPermissions() {
// create two groups
GroupRepresentation grp1 = createGroupWithPermissions("grp1");
GroupRepresentation grp2 = createGroupWithPermissions("grp2");
// create test users
String user1Id = createUser(realmId, "user1", "password", "user1FirstName", "user1LastName", "user1@example.com");
String user2Id = createUser(realmId, "user2", "password", "user2FirstName", "user2LastName", "user2@example.com");
String user3Id = createUser(realmId, "user3", "password", "user3FirstName", "user3LastName", "user3@example.com");
String user4Id = createUser(realmId, "user4", "password", "user4FirstName", "user4LastName", "user4@example.com");
// add users to groups
realm.users().get(user1Id).joinGroup(grp1.getId());
realm.users().get(user2Id).joinGroup(grp1.getId());
realm.users().get(user3Id).joinGroup(grp1.getId());
realm.users().get(user4Id).joinGroup(grp2.getId());
List<GroupRepresentation> groups = new ArrayList<>();
groups.add(grp1);
groups.add(grp2);
return groups;
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
ArrayList(java.util.ArrayList)
Example 14 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class OIDCScopeTest method configureTestRealm.
@Override
public void configureTestRealm(RealmRepresentation testRealm) {
UserRepresentation user = UserBuilder.create().id(userId).username("john").enabled(true).email("john@email.cz").firstName("John").lastName("Doe").password("password").role("account", "manage-account").role("account", "view-profile").addRoles("role-1", "role-2").build();
user.setEmailVerified(true);
MultivaluedHashMap<String, String> attrs = new MultivaluedHashMap<>();
attrs.add("street", "Elm 5");
attrs.add("phoneNumber", "111-222-333");
attrs.add("phoneNumberVerified", "true");
user.setAttributes(attrs);
testRealm.getUsers().add(user);
// Add sample realm roles
RoleRepresentation role1 = new RoleRepresentation();
role1.setName("role-1");
testRealm.getRoles().getRealm().add(role1);
RoleRepresentation role2 = new RoleRepresentation();
role2.setName("role-2");
testRealm.getRoles().getRealm().add(role2);
RoleRepresentation roleParent = RoleBuilder.create().name("role-parent").realmComposite("role-1").build();
testRealm.getRoles().getRealm().add(roleParent);
// Add sample group
GroupRepresentation group = new GroupRepresentation();
group.setName("group-role-1");
group.setRealmRoles(Collections.singletonList("role-1"));
testRealm.getGroups().add(group);
// Add more sample users
user = UserBuilder.create().username("role-1-user").enabled(true).password("password").addRoles("role-1").build();
testRealm.getUsers().add(user);
user = UserBuilder.create().username("role-2-user").enabled(true).password("password").addRoles("role-2").build();
testRealm.getUsers().add(user);
user = UserBuilder.create().username("role-parent-user").enabled(true).password("password").addRoles("role-parent").build();
testRealm.getUsers().add(user);
user = UserBuilder.create().username("group-role-1-user").enabled(true).password("password").addGroups("group-role-1").build();
testRealm.getUsers().add(user);
}
Also used :
MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap)
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Example 15 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupPolicyManagementTest method testDeleteGroupAndPolicy.
@Test
public void testDeleteGroupAndPolicy() {
AuthorizationResource authorization = getClient().authorization();
GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
representation.setName(UUID.randomUUID().toString());
representation.setDescription("description");
representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
representation.setLogic(Logic.NEGATIVE);
representation.setGroupsClaim("groups");
representation.addGroupPath("/Group G", true);
assertCreated(authorization, representation);
GroupsResource groups = getRealm().groups();
GroupRepresentation group = groups.groups("Group G", null, null).get(0);
groups.group(group.getId()).remove();
try {
getClient().authorization().policies().group().findByName(representation.getName());
} catch (NotFoundException e) {
}
representation.getGroups().clear();
representation.addGroupPath("/Group H/Group I/Group K");
representation.addGroupPath("/Group F");
assertCreated(authorization, representation);
group = groups.groups("Group K", null, null).get(0);
groups.group(group.getId()).remove();
GroupPolicyRepresentation policy = getClient().authorization().policies().group().findByName(representation.getName());
assertNotNull(policy);
assertEquals(1, policy.getGroups().size());
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
NotFoundException(javax.ws.rs.NotFoundException)
GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)
AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource)
GroupsResource(org.keycloak.admin.client.resource.GroupsResource)
Test(org.junit.Test)
Aggregations
GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)81
Test (org.junit.Test)62
RealmResource (org.keycloak.admin.client.resource.RealmResource)36
Response (javax.ws.rs.core.Response)24
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)23
List (java.util.List)17
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)17
ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)14
UserResource (org.keycloak.admin.client.resource.UserResource)13
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)12
ArrayList (java.util.ArrayList)10
HashMap (java.util.HashMap)10
IDToken (org.keycloak.representations.IDToken)10
OAuthClient (org.keycloak.testsuite.util.OAuthClient)10
LinkedList (java.util.LinkedList)8
Before (org.junit.Before)8
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)7
Map (java.util.Map)6
NotFoundException (javax.ws.rs.NotFoundException)6
AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)6
