use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class UserManagedPermissionServiceTest method testCreate.
private void testCreate() {
ResourceRepresentation resource = new ResourceRepresentation();
resource.setName("Resource A");
resource.setOwnerManagedAccess(true);
resource.setOwner("marta");
resource.addScope("Scope A", "Scope B", "Scope C");
resource = getAuthzClient().protection().resource().create(resource);
UmaPermissionRepresentation newPermission = new UmaPermissionRepresentation();
newPermission.setName("Custom User-Managed Permission");
newPermission.setDescription("Users from specific roles are allowed to access");
newPermission.addScope("Scope A", "Scope B", "Scope C");
newPermission.addRole("role_a", "role_b", "role_c", "role_d");
newPermission.addGroup("/group_a", "/group_a/group_b", "/group_c");
newPermission.addClient("client-a", "resource-server-test");
if (Profile.isFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS)) {
newPermission.setCondition("$evaluation.grant()");
}
newPermission.addUser("kolo");
ProtectionResource protection = getAuthzClient().protection("marta", "password");
UmaPermissionRepresentation permission = protection.policy(resource.getId()).create(newPermission);
assertEquals(newPermission.getName(), permission.getName());
assertEquals(newPermission.getDescription(), permission.getDescription());
assertNotNull(permission.getScopes());
assertTrue(permission.getScopes().containsAll(newPermission.getScopes()));
assertNotNull(permission.getRoles());
assertTrue(permission.getRoles().containsAll(newPermission.getRoles()));
assertNotNull(permission.getGroups());
assertTrue(permission.getGroups().containsAll(newPermission.getGroups()));
assertNotNull(permission.getClients());
assertTrue(permission.getClients().containsAll(newPermission.getClients()));
assertEquals(newPermission.getCondition(), permission.getCondition());
assertNotNull(permission.getUsers());
assertTrue(permission.getUsers().containsAll(newPermission.getUsers()));
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class UserManagedPermissionServiceTest method testRemovePoliciesOnGroupDelete.
@Test
public void testRemovePoliciesOnGroupDelete() {
ResourceRepresentation resource = new ResourceRepresentation();
resource.setName("Resource A");
resource.setOwnerManagedAccess(true);
resource.setOwner("marta");
resource.addScope("Scope A", "Scope B", "Scope C");
resource = getAuthzClient().protection().resource().create(resource);
UmaPermissionRepresentation newPermission = new UmaPermissionRepresentation();
newPermission.setName("Custom User-Managed Permission");
newPermission.addGroup("/group_remove");
ProtectionResource protection = getAuthzClient().protection("marta", "password");
protection.policy(resource.getId()).create(newPermission);
getTestingClient().server().run((RunOnServer) UserManagedPermissionServiceTest::testRemovePoliciesOnGroupDelete);
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class DefaultAuthorizationSettingsTest method assertDefaultSettings.
private void assertDefaultSettings() {
AuthorizationSettingsForm settings = authorizationPage.settings();
assertEquals(PolicyEnforcerConfig.EnforcementMode.ENFORCING, settings.getEnforcementMode());
assertEquals(true, settings.isAllowRemoteResourceManagement());
assertEquals(DecisionStrategy.UNANIMOUS, settings.getDecisionStrategy());
assertEquals(true, settings.isAllowRemoteResourceManagement());
Resources resources = authorizationPage.authorizationTabs().resources();
ResourceRepresentation resource = resources.resources().findByName("Default Resource");
assertNotNull(resource);
assertEquals("urn:oidc-confidetial:resources:default", resource.getType());
assertEquals("/*", resource.getUri());
assertEquals(newClient.getClientId(), resource.getOwner().getName());
Scopes scopes = authorizationPage.authorizationTabs().scopes();
assertTrue(scopes.scopes().getTableRows().isEmpty());
Permissions permissions = authorizationPage.authorizationTabs().permissions();
PolicyRepresentation permission = permissions.permissions().findByName("Default Permission");
assertNotNull(permission);
assertEquals("resource", permission.getType());
Policies policies = authorizationPage.authorizationTabs().policies();
PolicyRepresentation policy = policies.policies().findByName("Default Policy");
assertNotNull(policy);
assertEquals("js", policy.getType());
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class ResourceManagementTest method createResource.
private ResourceRepresentation createResource() {
ResourceRepresentation expected = new ResourceRepresentation();
expected.setName("Test Resource");
expected.setDisplayName("Test Display Name");
expected.setType("Test Type");
expected.setUri("/test/resource");
authorizationPage.authorizationTabs().resources().create(expected);
assertAlertSuccess();
return expected;
}
use of org.keycloak.representations.idm.authorization.ResourceRepresentation in project keycloak by keycloak.
the class ResourceManagementTest method testDeleteFromList.
@Test
public void testDeleteFromList() {
ResourceRepresentation expected = createResource();
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().resources().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().resources().resources().findByName(expected.getName()));
}
Aggregations