use of org.keycloak.services.resources.admin.permissions.AdminPermissionManagement in project keycloak by keycloak.
the class RoleContainerResource method getManagementPermissions.
/**
* Return object stating whether role Authorization permissions have been initialized or not and a reference
*
* @param roleName
* @return
*/
@Path("{role-name}/management/permissions")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public ManagementPermissionReference getManagementPermissions(@PathParam("role-name") final String roleName) {
auth.roles().requireView(roleContainer);
RoleModel role = roleContainer.getRole(roleName);
if (role == null) {
throw new NotFoundException("Could not find role");
}
AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
if (!permissions.roles().isPermissionsEnabled(role)) {
return new ManagementPermissionReference();
}
return RoleByIdResource.toMgmtRef(role, permissions);
}
use of org.keycloak.services.resources.admin.permissions.AdminPermissionManagement in project keycloak by keycloak.
the class RoleByIdResource method setManagementPermissionsEnabled.
/**
* Return object stating whether role Authoirzation permissions have been initialized or not and a reference
*
* @param id
* @return initialized manage permissions reference
*/
@Path("{role-id}/management/permissions")
@PUT
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@NoCache
public ManagementPermissionReference setManagementPermissionsEnabled(@PathParam("role-id") final String id, ManagementPermissionReference ref) {
RoleModel role = getRoleModel(id);
auth.roles().requireManage(role);
AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
permissions.roles().setPermissionsEnabled(role, ref.isEnabled());
if (ref.isEnabled()) {
return toMgmtRef(role, permissions);
} else {
return new ManagementPermissionReference();
}
}
use of org.keycloak.services.resources.admin.permissions.AdminPermissionManagement in project keycloak by keycloak.
the class IdentityProviderResource method getManagementPermissions.
/**
* Return object stating whether client Authorization permissions have been initialized or not and a reference
*
* @return
*/
@Path("management/permissions")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public ManagementPermissionReference getManagementPermissions() {
this.auth.realm().requireViewIdentityProviders();
AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
if (!permissions.idps().isPermissionsEnabled(identityProviderModel)) {
return new ManagementPermissionReference();
}
return toMgmtRef(identityProviderModel, permissions);
}
use of org.keycloak.services.resources.admin.permissions.AdminPermissionManagement in project keycloak by keycloak.
the class RealmAdminResource method setUsersManagementPermissionsEnabled.
@PUT
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@NoCache
@Path("users-management-permissions")
public ManagementPermissionReference setUsersManagementPermissionsEnabled(ManagementPermissionReference ref) {
auth.realm().requireManageRealm();
AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
permissions.users().setPermissionsEnabled(ref.isEnabled());
if (ref.isEnabled()) {
return toUsersMgmtRef(permissions);
} else {
return new ManagementPermissionReference();
}
}
use of org.keycloak.services.resources.admin.permissions.AdminPermissionManagement in project keycloak by keycloak.
the class ClientResource method setManagementPermissionsEnabled.
/**
* Return object stating whether client Authorization permissions have been initialized or not and a reference
*
* @return initialized manage permissions reference
*/
@Path("management/permissions")
@PUT
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@NoCache
public ManagementPermissionReference setManagementPermissionsEnabled(ManagementPermissionReference ref) {
auth.clients().requireManage(client);
AdminPermissionManagement permissions = AdminPermissions.management(session, realm);
permissions.clients().setPermissionsEnabled(client, ref.isEnabled());
if (ref.isEnabled()) {
return toMgmtRef(client, permissions);
} else {
return new ManagementPermissionReference();
}
}
Aggregations