Examples with GroupRepresentation org.keycloak.representations.idm.GroupRepresentation used on opensource projects

Example 36 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class UserStorageTest method testEntityRemovalHooksCascade.

@Test
@Ignore
public void testEntityRemovalHooksCascade() {
    testingClient.server().run(session -> {
        UserMapStorage.realmRemovals.set(0);
        UserMapStorage.groupRemovals.set(0);
        UserMapStorage.roleRemovals.set(0);
    });
    GroupRepresentation g1 = new GroupRepresentation();
    g1.setName("group1");
    GroupRepresentation g2 = new GroupRepresentation();
    g2.setName("group2");
    String gid1 = ApiUtil.getCreatedId(testRealmResource().groups().add(g1));
    String gid2 = ApiUtil.getCreatedId(testRealmResource().groups().add(g2));
    RoleRepresentation role1 = new RoleRepresentation();
    role1.setName("role1");
    RoleRepresentation role2 = new RoleRepresentation();
    role2.setName("role2");
    testRealmResource().roles().create(role1);
    testRealmResource().roles().create(role2);
    // remove realm with groups and roles in it
    testRealmResource().remove();
    testingClient.server().run(session -> {
        Assert.assertEquals(1, UserMapStorage.realmRemovals.get());
        // check if group removal hooks were called
        Assert.assertEquals(2, UserMapStorage.groupRemovals.get());
        // check if role removal hooks were called
        Assert.assertEquals(2, UserMapStorage.roleRemovals.get());
    });
}

Example 37 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class UserStorageTest method testEntityRemovalHooks.

@Test
public void testEntityRemovalHooks() {
    testingClient.server().run(session -> {
        UserMapStorage.realmRemovals.set(0);
        UserMapStorage.groupRemovals.set(0);
        UserMapStorage.roleRemovals.set(0);
    });
    // remove group
    GroupRepresentation g1 = new GroupRepresentation();
    g1.setName("group1");
    GroupRepresentation g2 = new GroupRepresentation();
    g2.setName("group2");
    String gid1 = ApiUtil.getCreatedId(testRealmResource().groups().add(g1));
    String gid2 = ApiUtil.getCreatedId(testRealmResource().groups().add(g2));
    testRealmResource().groups().group(gid1).remove();
    testRealmResource().groups().group(gid2).remove();
    testingClient.server().run(session -> {
        Assert.assertEquals(2, UserMapStorage.groupRemovals.get());
        UserMapStorage.realmRemovals.set(0);
    });
    // remove role
    RoleRepresentation role1 = new RoleRepresentation();
    role1.setName("role1");
    RoleRepresentation role2 = new RoleRepresentation();
    role2.setName("role2");
    testRealmResource().roles().create(role1);
    testRealmResource().roles().create(role2);
    testRealmResource().roles().get("role1").remove();
    testRealmResource().roles().get("role2").remove();
    testingClient.server().run(session -> {
        Assert.assertEquals(2, UserMapStorage.roleRemovals.get());
        UserMapStorage.realmRemovals.set(0);
    });
    // remove realm
    RealmRepresentation testRealmRepresentation = testRealmResource().toRepresentation();
    testRealmResource().remove();
    testingClient.server().run(session -> {
        Assert.assertEquals(1, UserMapStorage.realmRemovals.get());
        UserMapStorage.realmRemovals.set(0);
    });
    // Re-create realm
    RealmRepresentation repOrig = testContext.getTestRealmReps().get(0);
    adminClient.realms().create(repOrig);
}

Example 38 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class GroupResource method getGroup.

/**
 * @return
 */
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public GroupRepresentation getGroup() {
    this.auth.groups().requireView(group);
    GroupRepresentation rep = ModelToRepresentation.toGroupHierarchy(group, true);
    rep.setAccess(auth.groups().getAccess(group));
    return rep;
}

Example 39 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class CustomAuthFlowOTPTest method conditionalOTPRoleForceViaGroup.

@Test
public void conditionalOTPRoleForceViaGroup() {
    // prepare config - role, default to skip
    Map<String, String> config = new HashMap<>();
    config.put(FORCE_OTP_ROLE, "otp_role");
    config.put(DEFAULT_OTP_OUTCOME, SKIP);
    setConditionalOTPForm(config);
    // create otp group with role included
    GroupRepresentation group = getOrCreateOTPRoleInGroup();
    // add group to user
    testRealmResource().users().get(testUser.getId()).joinGroup(group.getId());
    // test OTP is required
    testRealmAccountManagementPage.navigateTo();
    testRealmLoginPage.form().login(testUser);
    assertTrue(loginConfigTotpPage.isCurrent());
    configureOTP();
    testRealmLoginPage.form().login(testUser);
    // verify that the page is login page, not totp setup
    assertCurrentUrlStartsWith(testLoginOneTimeCodePage);
}

Example 40 with GroupRepresentation

use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.

the class RolePolicyTest method testUserWithGroupRole.

@Test
public void testUserWithGroupRole() throws InterruptedException {
    AuthzClient authzClient = getAuthzClient();
    PermissionRequest request = new PermissionRequest();
    request.setResourceId("Resource C");
    String ticket = authzClient.protection().permission().create(request).getTicket();
    assertNotNull(authzClient.authorization("alice", "password").authorize(new AuthorizationRequest(ticket)));
    UserRepresentation user = getRealm().users().search("alice").get(0);
    GroupRepresentation groupB = getRealm().groups().groups().stream().filter(representation -> "Group B".equals(representation.getName())).findFirst().get();
    getRealm().users().get(user.getId()).leaveGroup(groupB.getId());
    try {
        authzClient.authorization("alice", "password").authorize(new AuthorizationRequest(ticket));
        fail("Should fail because user is not granted with expected role");
    } catch (AuthorizationDeniedException ignore) {
    }
    request.setResourceId("Resource A");
    ticket = authzClient.protection().permission().create(request).getTicket();
    try {
        authzClient.authorization("alice", "password").authorize(new AuthorizationRequest(ticket));
        fail("Should fail because user is not granted with expected role");
    } catch (AuthorizationDeniedException ignore) {
    }
    GroupRepresentation groupA = getRealm().groups().groups().stream().filter(representation -> "Group A".equals(representation.getName())).findFirst().get();
    getRealm().users().get(user.getId()).joinGroup(groupA.getId());
    assertNotNull(authzClient.authorization("alice", "password").authorize(new AuthorizationRequest(ticket)));
}