Examples with GroupPolicyRepresentation org.keycloak.representations.idm.authorization.GroupPolicyRepresentation used on opensource projects

Search in sources :

Example 1 with GroupPolicyRepresentation

use of org.keycloak.representations.idm.authorization.GroupPolicyRepresentation in project keycloak by keycloak.

the class UMAPolicyProviderFactory method onUpdate.

@Override
public void onUpdate(Policy policy, UmaPermissionRepresentation representation, AuthorizationProvider authorization) {
    PolicyStore policyStore = authorization.getStoreFactory().getPolicyStore();
    Set<Policy> associatedPolicies = policy.getAssociatedPolicies();
    for (Policy associatedPolicy : associatedPolicies) {
        AbstractPolicyRepresentation associatedRep = ModelToRepresentation.toRepresentation(associatedPolicy, authorization, false, false);
        if ("role".equals(associatedRep.getType())) {
            RolePolicyRepresentation rep = RolePolicyRepresentation.class.cast(associatedRep);
            rep.setRoles(new HashSet<>());
            Set<String> updatedRoles = representation.getRoles();
            if (updatedRoles != null) {
                for (String role : updatedRoles) {
                    rep.addRole(role);
                }
            }
            if (rep.getRoles().isEmpty()) {
                policyStore.delete(associatedPolicy.getId());
            } else {
                RepresentationToModel.toModel(rep, authorization, associatedPolicy);
            }
        } else if ("js".equals(associatedRep.getType())) {
            JSPolicyRepresentation rep = JSPolicyRepresentation.class.cast(associatedRep);
            if (representation.getCondition() != null) {
                rep.setCode(representation.getCondition());
                RepresentationToModel.toModel(rep, authorization, associatedPolicy);
            } else {
                policyStore.delete(associatedPolicy.getId());
            }
        } else if ("group".equals(associatedRep.getType())) {
            GroupPolicyRepresentation rep = GroupPolicyRepresentation.class.cast(associatedRep);
            rep.setGroups(new HashSet<>());
            Set<String> updatedGroups = representation.getGroups();
            if (updatedGroups != null) {
                for (String group : updatedGroups) {
                    rep.addGroupPath(group);
                }
            }
            if (rep.getGroups().isEmpty()) {
                policyStore.delete(associatedPolicy.getId());
            } else {
                RepresentationToModel.toModel(rep, authorization, associatedPolicy);
            }
        } else if ("client".equals(associatedRep.getType())) {
            ClientPolicyRepresentation rep = ClientPolicyRepresentation.class.cast(associatedRep);
            rep.setClients(new HashSet<>());
            Set<String> updatedClients = representation.getClients();
            if (updatedClients != null) {
                for (String client : updatedClients) {
                    rep.addClient(client);
                }
            }
            if (rep.getClients().isEmpty()) {
                policyStore.delete(associatedPolicy.getId());
            } else {
                RepresentationToModel.toModel(rep, authorization, associatedPolicy);
            }
        } else if ("user".equals(associatedRep.getType())) {
            UserPolicyRepresentation rep = UserPolicyRepresentation.class.cast(associatedRep);
            rep.setUsers(new HashSet<>());
            Set<String> updatedUsers = representation.getUsers();
            if (updatedUsers != null) {
                for (String user : updatedUsers) {
                    rep.addUser(user);
                }
            }
            if (rep.getUsers().isEmpty()) {
                policyStore.delete(associatedPolicy.getId());
            } else {
                RepresentationToModel.toModel(rep, authorization, associatedPolicy);
            }
        }
    }
    Set<String> updatedRoles = representation.getRoles();
    if (updatedRoles != null) {
        boolean createPolicy = true;
        for (Policy associatedPolicy : associatedPolicies) {
            if ("role".equals(associatedPolicy.getType())) {
                createPolicy = false;
            }
        }
        if (createPolicy) {
            for (String role : updatedRoles) {
                createRolePolicy(policy, policyStore, role, policy.getOwner());
            }
        }
    }
    Set<String> updatedGroups = representation.getGroups();
    if (updatedGroups != null) {
        boolean createPolicy = true;
        for (Policy associatedPolicy : associatedPolicies) {
            if ("group".equals(associatedPolicy.getType())) {
                createPolicy = false;
            }
        }
        if (createPolicy) {
            for (String group : updatedGroups) {
                createGroupPolicy(policy, policyStore, group, policy.getOwner());
            }
        }
    }
    Set<String> updatedClients = representation.getClients();
    if (updatedClients != null) {
        boolean createPolicy = true;
        for (Policy associatedPolicy : associatedPolicies) {
            if ("client".equals(associatedPolicy.getType())) {
                createPolicy = false;
            }
        }
        if (createPolicy) {
            for (String client : updatedClients) {
                createClientPolicy(policy, policyStore, client, policy.getOwner());
            }
        }
    }
    Set<String> updatedUsers = representation.getUsers();
    if (updatedUsers != null) {
        boolean createPolicy = true;
        for (Policy associatedPolicy : associatedPolicies) {
            if ("user".equals(associatedPolicy.getType())) {
                createPolicy = false;
            }
        }
        if (createPolicy) {
            for (String user : updatedUsers) {
                createUserPolicy(policy, policyStore, user, policy.getOwner());
            }
        }
    }
    String condition = representation.getCondition();
    if (condition != null) {
        boolean createPolicy = true;
        for (Policy associatedPolicy : associatedPolicies) {
            if ("js".equals(associatedPolicy.getType())) {
                createPolicy = false;
            }
        }
        if (createPolicy) {
            createJSPolicy(policy, policyStore, condition, policy.getOwner());
        }
    }
}
Also used : Policy(org.keycloak.authorization.model.Policy) RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) ClientPolicyRepresentation(org.keycloak.representations.idm.authorization.ClientPolicyRepresentation) HashSet(java.util.HashSet) Set(java.util.Set) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) AbstractPolicyRepresentation(org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation) UserPolicyRepresentation(org.keycloak.representations.idm.authorization.UserPolicyRepresentation) PolicyStore(org.keycloak.authorization.store.PolicyStore) HashSet(java.util.HashSet)

Example 2 with GroupPolicyRepresentation

use of org.keycloak.representations.idm.authorization.GroupPolicyRepresentation in project keycloak by keycloak.

the class GroupPolicyProviderFactory method toRepresentation.

@Override
public GroupPolicyRepresentation toRepresentation(Policy policy, AuthorizationProvider authorization) {
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setGroupsClaim(policy.getConfig().get("groupsClaim"));
    try {
        representation.setGroups(getGroupsDefinition(policy.getConfig()));
    } catch (IOException cause) {
        throw new RuntimeException("Failed to deserialize groups", cause);
    }
    return representation;
}
Also used : IOException(java.io.IOException) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)

Example 3 with GroupPolicyRepresentation

use of org.keycloak.representations.idm.authorization.GroupPolicyRepresentation in project keycloak by keycloak.

the class GroupPolicyManagementTest method testDeleteGroupAndPolicy.

@Test
public void testDeleteGroupAndPolicy() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName(UUID.randomUUID().toString());
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group G", true);
    assertCreated(authorization, representation);
    GroupsResource groups = getRealm().groups();
    GroupRepresentation group = groups.groups("Group G", null, null).get(0);
    groups.group(group.getId()).remove();
    try {
        getClient().authorization().policies().group().findByName(representation.getName());
    } catch (NotFoundException e) {
    }
    representation.getGroups().clear();
    representation.addGroupPath("/Group H/Group I/Group K");
    representation.addGroupPath("/Group F");
    assertCreated(authorization, representation);
    group = groups.groups("Group K", null, null).get(0);
    groups.group(group.getId()).remove();
    GroupPolicyRepresentation policy = getClient().authorization().policies().group().findByName(representation.getName());
    assertNotNull(policy);
    assertEquals(1, policy.getGroups().size());
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) NotFoundException(javax.ws.rs.NotFoundException) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) GroupsResource(org.keycloak.admin.client.resource.GroupsResource) Test(org.junit.Test)

Example 4 with GroupPolicyRepresentation

use of org.keycloak.representations.idm.authorization.GroupPolicyRepresentation in project keycloak by keycloak.

the class GroupPolicyManagementTest method testCreate.

@Test
public void testCreate() {
    AuthorizationResource authorization = getClient().authorization();
    GroupPolicyRepresentation representation = new GroupPolicyRepresentation();
    representation.setName("Group Policy");
    representation.setDescription("description");
    representation.setDecisionStrategy(DecisionStrategy.CONSENSUS);
    representation.setLogic(Logic.NEGATIVE);
    representation.setGroupsClaim("groups");
    representation.addGroupPath("/Group A/Group B/Group C", true);
    representation.addGroupPath("Group F");
    assertCreated(authorization, representation);
}
Also used : GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) AuthorizationResource(org.keycloak.admin.client.resource.AuthorizationResource) Test(org.junit.Test)

Example 5 with GroupPolicyRepresentation

use of org.keycloak.representations.idm.authorization.GroupPolicyRepresentation in project keycloak by keycloak.

the class GroupPolicyManagementTest method assertCreated.

private void assertCreated(AuthorizationResource authorization, GroupPolicyRepresentation representation) {
    GroupPoliciesResource policies = authorization.policies().group();
    Response response = policies.create(representation);
    GroupPolicyRepresentation created = response.readEntity(GroupPolicyRepresentation.class);
    GroupPolicyResource policy = policies.findById(created.getId());
    assertRepresentation(representation, policy);
}
Also used : Response(javax.ws.rs.core.Response) GroupPolicyResource(org.keycloak.admin.client.resource.GroupPolicyResource) GroupPolicyRepresentation(org.keycloak.representations.idm.authorization.GroupPolicyRepresentation) GroupPoliciesResource(org.keycloak.admin.client.resource.GroupPoliciesResource)

Aggregations

GroupPolicyRepresentation (org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)28 Test (org.junit.Test)13 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)6 GroupPoliciesResource (org.keycloak.admin.client.resource.GroupPoliciesResource)4 GroupPolicyResource (org.keycloak.admin.client.resource.GroupPolicyResource)4 Policy (org.keycloak.authorization.model.Policy)4 ClientPolicyRepresentation (org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)4 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)4 RolePolicyRepresentation (org.keycloak.representations.idm.authorization.RolePolicyRepresentation)4 UserPolicyRepresentation (org.keycloak.representations.idm.authorization.UserPolicyRepresentation)4 HashSet (java.util.HashSet)3 Response (javax.ws.rs.core.Response)3 GroupModel (org.keycloak.models.GroupModel)3 AbstractPolicyRepresentation (org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation)3 WebElement (org.openqa.selenium.WebElement)3 IOException (java.io.IOException)2 List (java.util.List)2 NotFoundException (javax.ws.rs.NotFoundException)2 Drone (org.jboss.arquillian.drone.api.annotation.Drone)2 Page (org.jboss.arquillian.graphene.page.Page)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial