Examples with RolePolicyRepresentation org.keycloak.representations.idm.authorization.RolePolicyRepresentation used on opensource projects

Search in sources :

Example 21 with RolePolicyRepresentation

use of org.keycloak.representations.idm.authorization.RolePolicyRepresentation in project keycloak by keycloak.

the class RolePolicyForm method toRepresentation.

public RolePolicyRepresentation toRepresentation() {
    RolePolicyRepresentation representation = new RolePolicyRepresentation();
    representation.setName(UIUtils.getTextInputValue(name));
    representation.setDescription(UIUtils.getTextInputValue(description));
    representation.setLogic(Logic.valueOf(UIUtils.getTextFromElement(logic.getFirstSelectedOption()).toUpperCase()));
    Set<RolePolicyRepresentation.RoleDefinition> roles = realmRoleSelect.getSelected();
    roles.addAll(clientRoleSelect.getSelected());
    representation.setRoles(roles);
    return representation;
}
Also used : RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation)

Example 22 with RolePolicyRepresentation

use of org.keycloak.representations.idm.authorization.RolePolicyRepresentation in project keycloak by keycloak.

the class AuthzCleanupTest method createRolePolicy.

private static Policy createRolePolicy(AuthorizationProvider authz, ResourceServer resourceServer, String roleName) {
    RolePolicyRepresentation representation = new RolePolicyRepresentation();
    representation.setName(roleName);
    representation.setType("role");
    representation.setDecisionStrategy(DecisionStrategy.UNANIMOUS);
    representation.setLogic(Logic.POSITIVE);
    representation.addRole(roleName, true);
    return authz.getStoreFactory().getPolicyStore().create(representation, resourceServer);
}
Also used : RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation)

Example 23 with RolePolicyRepresentation

use of org.keycloak.representations.idm.authorization.RolePolicyRepresentation in project keycloak by keycloak.

the class PolicyEnforcerTest method initAuthorizationSettings.

private void initAuthorizationSettings(ClientResource clientResource) {
    if (clientResource.authorization().resources().findByName("Resource A").isEmpty()) {
        JSPolicyRepresentation jsPolicy = new JSPolicyRepresentation();
        jsPolicy.setName("Always Grant Policy");
        StringBuilder code = new StringBuilder();
        code.append("$evaluation.grant();");
        jsPolicy.setCode(code.toString());
        clientResource.authorization().policies().js().create(jsPolicy).close();
        RolePolicyRepresentation rolePolicy = new RolePolicyRepresentation();
        rolePolicy.setName("Only User Policy");
        rolePolicy.addRole("user");
        clientResource.authorization().policies().role().create(rolePolicy).close();
        createResource(clientResource, "Resource A", "/api/resourcea");
        ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
        permission.setName("Resource A Permission");
        permission.addResource("Resource A");
        permission.addPolicy(jsPolicy.getName());
        clientResource.authorization().permissions().resource().create(permission).close();
    }
    if (clientResource.authorization().resources().findByName("Resource B").isEmpty()) {
        JSPolicyRepresentation policy = new JSPolicyRepresentation();
        policy.setName("Always Deny Policy");
        StringBuilder code = new StringBuilder();
        code.append("$evaluation.deny();");
        policy.setCode(code.toString());
        clientResource.authorization().policies().js().create(policy).close();
        createResource(clientResource, "Resource B", "/api/resourceb");
        ResourcePermissionRepresentation permission = new ResourcePermissionRepresentation();
        permission.setName("Resource B Permission");
        permission.addResource("Resource B");
        permission.addPolicy(policy.getName());
        clientResource.authorization().permissions().resource().create(permission).close();
    }
    if (clientResource.authorization().resources().findByName("Root").isEmpty()) {
        createResource(clientResource, "Root", "/*");
    }
}
Also used : RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) JSPolicyRepresentation(org.keycloak.representations.idm.authorization.JSPolicyRepresentation) ResourcePermissionRepresentation(org.keycloak.representations.idm.authorization.ResourcePermissionRepresentation)

Example 24 with RolePolicyRepresentation

use of org.keycloak.representations.idm.authorization.RolePolicyRepresentation in project keycloak by keycloak.

the class RolePolicyManagementTest method testRealmAndClientRoles.

@Test
public void testRealmAndClientRoles() throws InterruptedException {
    authorizationPage.navigateTo();
    RolePolicyRepresentation expected = new RolePolicyRepresentation();
    expected.setName("Test Realm And Client Role Policy");
    expected.setDescription("description");
    String clientId = newClient.getClientId();
    expected.addRole("Realm Role A");
    expected.addRole("Realm Role C");
    expected.addClientRole(clientId, "Client Role A");
    expected.addClientRole(clientId, "Client Role B");
    expected.addClientRole(clientId, "Client Role C");
    expected = createPolicy(expected);
    expected.setRoles(expected.getRoles().stream().filter(roleDefinition -> !roleDefinition.getId().contains("Client Role B") && !roleDefinition.getId().contains("Realm Role A")).collect(Collectors.toSet()));
    authorizationPage.navigateTo();
    authorizationPage.authorizationTabs().policies().update(expected.getName(), expected);
    assertAlertSuccess();
    authorizationPage.navigateTo();
    RolePolicy actual = authorizationPage.authorizationTabs().policies().name(expected.getName());
    expected = assertPolicy(expected, actual);
    expected.getRoles().forEach(roleDefinition -> {
        if (roleDefinition.getId().equals("Realm Role C")) {
            roleDefinition.setRequired(true);
        }
    });
    authorizationPage.navigateTo();
    authorizationPage.authorizationTabs().policies().update(expected.getName(), expected);
    assertAlertSuccess();
    expected = assertPolicy(expected, actual);
    expected.getRoles().clear();
    expected.addClientRole(clientId, "Client Role B", true);
    authorizationPage.navigateTo();
    authorizationPage.authorizationTabs().policies().update(expected.getName(), expected);
    assertAlertSuccess();
    assertPolicy(expected, actual);
}
Also used : RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) RolePolicy(org.keycloak.testsuite.console.page.clients.authorization.policy.RolePolicy) Test(org.junit.Test)

Example 25 with RolePolicyRepresentation

use of org.keycloak.representations.idm.authorization.RolePolicyRepresentation in project keycloak by keycloak.

the class RolePolicyManagementTest method testUpdateRealmRoles.

@Test
public void testUpdateRealmRoles() throws InterruptedException {
    authorizationPage.navigateTo();
    RolePolicyRepresentation expected = new RolePolicyRepresentation();
    expected.setName("Test Update Realm Role Policy");
    expected.setDescription("description");
    expected.addRole("Realm Role A");
    expected.addRole("Realm Role B");
    expected.addRole("Realm Role C");
    expected = createPolicy(expected);
    String previousName = expected.getName();
    expected.setName("Changed Test Realm Role Policy");
    expected.setDescription("Changed description");
    expected.setLogic(Logic.NEGATIVE);
    expected.setRoles(expected.getRoles().stream().filter(roleDefinition -> !roleDefinition.getId().equals("Realm Role B")).collect(Collectors.toSet()));
    authorizationPage.navigateTo();
    authorizationPage.authorizationTabs().policies().update(previousName, expected);
    assertAlertSuccess();
    authorizationPage.navigateTo();
    RolePolicy actual = authorizationPage.authorizationTabs().policies().name(expected.getName());
    expected = assertPolicy(expected, actual);
    expected.getRoles().iterator().next().setRequired(true);
    authorizationPage.navigateTo();
    authorizationPage.authorizationTabs().policies().update(expected.getName(), expected);
    assertAlertSuccess();
    expected = assertPolicy(expected, actual);
    expected.getRoles().clear();
    expected.addRole("Realm Role B", true);
    authorizationPage.navigateTo();
    authorizationPage.authorizationTabs().policies().update(expected.getName(), expected);
    assertAlertSuccess();
    assertPolicy(expected, actual);
}
Also used : RolePolicyRepresentation(org.keycloak.representations.idm.authorization.RolePolicyRepresentation) RolePolicy(org.keycloak.testsuite.console.page.clients.authorization.policy.RolePolicy) Test(org.junit.Test)

Aggregations

RolePolicyRepresentation (org.keycloak.representations.idm.authorization.RolePolicyRepresentation)30 Test (org.junit.Test)16 AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)8 RolePoliciesResource (org.keycloak.admin.client.resource.RolePoliciesResource)8 UserPolicyRepresentation (org.keycloak.representations.idm.authorization.UserPolicyRepresentation)7 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)6 RolesResource (org.keycloak.admin.client.resource.RolesResource)5 JSPolicyRepresentation (org.keycloak.representations.idm.authorization.JSPolicyRepresentation)5 RolePolicyResource (org.keycloak.admin.client.resource.RolePolicyResource)4 AggregatePolicyRepresentation (org.keycloak.representations.idm.authorization.AggregatePolicyRepresentation)4 ClientPolicyRepresentation (org.keycloak.representations.idm.authorization.ClientPolicyRepresentation)4 GroupPolicyRepresentation (org.keycloak.representations.idm.authorization.GroupPolicyRepresentation)4 Response (javax.ws.rs.core.Response)3 Before (org.junit.Before)3 PoliciesResource (org.keycloak.admin.client.resource.PoliciesResource)3 Policy (org.keycloak.authorization.model.Policy)3 AbstractPolicyRepresentation (org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation)3 AggregatePolicy (org.keycloak.testsuite.console.page.clients.authorization.policy.AggregatePolicy)3 RolePolicy (org.keycloak.testsuite.console.page.clients.authorization.policy.RolePolicy)3 ResourcesResource (org.keycloak.admin.client.resource.ResourcesResource)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial