public CachedGroup(RealmModel realm, GroupModel group) { this.id = group.getId(); this.realm = realm.getId(); this.name = group.getName(); this.parentId = group.getParentId(); this.attributes.putAll(group.getAttributes()); for (RoleModel role : group.getRoleMappings()) { roleMappings.add(role.getId()); } Set<GroupModel> subGroups1 = group.getSubGroups(); if (subGroups1 != null) { for (GroupModel subGroup : subGroups1) { subGroups.add(subGroup.getId()); } } }
@Override public void moveGroup(RealmModel realm, GroupModel group, GroupModel toParent) { if (toParent != null && group.getId().equals(toParent.getId())) { return; } if (group.getParentId() != null) { group.getParent().removeChild(group); } group.setParent(toParent); if (toParent != null) toParent.addChild(group); else session.realms().addTopLevelGroup(realm, group); }
public static GroupMovedEvent create(GroupModel group, GroupModel toParent, String realmId) { GroupMovedEvent event = new GroupMovedEvent(); event.realmId = realmId; event.groupId = group.getId(); event.oldParentId = group.getParentId(); event.newParentId = toParent==null ? null : toParent.getId(); return event; }
public static String resolveFirstAttribute(GroupModel group, String name) { String value = group.getFirstAttribute(name); if (value != null) return value; if (group.getParentId() == null) return null; return resolveFirstAttribute(group.getParent(), name); }
@Override public void preRemove(RealmModel realm, GroupModel group) { em.createNamedQuery("deleteUserGroupMembershipsByGroup").setParameter("groupId", group.getId()).executeUpdate(); }
private static void addGroupRoles(GroupModel group, Set<RoleModel> roleMappings) { roleMappings.addAll(group.getRoleMappings()); if (group.getParentId() == null) return; addGroupRoles(group.getParent(), roleMappings); }
public static GroupRepresentation toRepresentation(GroupModel group, boolean full) { GroupRepresentation rep = new GroupRepresentation(); rep.setId(group.getId()); rep.setName(group.getName()); rep.setPath(buildGroupPath(group)); if (!full) return rep; // Role mappings Set<RoleModel> roles = group.getRoleMappings(); List<String> realmRoleNames = new ArrayList<>(); Map<String, List<String>> clientRoleNames = new HashMap<>(); for (RoleModel role : roles) { if (role.getContainer() instanceof RealmModel) { realmRoleNames.add(role.getName()); } else { ClientModel client = (ClientModel)role.getContainer(); String clientId = client.getClientId(); List<String> currentClientRoles = clientRoleNames.get(clientId); if (currentClientRoles == null) { currentClientRoles = new ArrayList<>(); clientRoleNames.put(clientId, currentClientRoles); } currentClientRoles.add(role.getName()); } } rep.setRealmRoles(realmRoleNames); rep.setClientRoles(clientRoleNames); Map<String, List<String>> attributes = group.getAttributes(); rep.setAttributes(attributes); return rep; }
parent = topLevelGroups.stream().filter(groupModel -> groupModel.getName().equals(part)).findFirst().orElseThrow(() -> new RuntimeException("Top level group with name [" + part + "] not found")); } else { group = parent.getSubGroups().stream().filter(groupModel -> groupModel.getName().equals(part)).findFirst().orElseThrow(() -> new RuntimeException("Group with name [" + part + "] not found")); parent = group; definition.setId(group.getId()); definition.setPath(null);
@Override public boolean removeGroup(RealmModel realm, GroupModel group) { session.users().preRemove(realm, group); realm.removeDefaultGroup(group); for (GroupModel subGroup : group.getSubGroups()) { removeGroup(realm, subGroup); } moveGroup(realm, group, null); return getMongoStore().removeEntity(MongoGroupEntity.class, group.getId(), invocationContext); }
public static List<String> resolveAttribute(GroupModel group, String name) { List<String> values = group.getAttribute(name); if (values != null && !values.isEmpty()) return values; if (group.getParentId() == null) return null; return resolveAttribute(group.getParent(), name); }
default Set<GroupModel> getGroups(String search, int first, int max) { return getGroups().stream() .filter(group -> search == null || group.getName().toLowerCase().contains(search.toLowerCase())) .skip(first) .limit(max) .collect(Collectors.toCollection(LinkedHashSet::new)); }
private static GroupModel findSubGroup(String[] path, int index, GroupModel parent) { for (GroupModel group : parent.getSubGroups()) { if (group.getName().equals(path[index])) { if (path.length == index + 1) { return group; } else { if (index + 1 < path.length) { GroupModel found = findSubGroup(path, index + 1, group); if (found != null) return found; } else { return null; } } } } return null; }
/** * * @param groups * @param targetGroup * @return true if targetGroup is in groups (directly or indirectly via parent child relationship) */ public static boolean isMember(Set<GroupModel> groups, GroupModel targetGroup) { if (groups.contains(targetGroup)) return true; for (GroupModel mapping : groups) { GroupModel child = mapping; while(child.getParent() != null) { if (child.getParent().equals(targetGroup)) return true; child = child.getParent(); } } return false; }
public static GroupRepresentation toGroupHierarchy(GroupModel group, boolean full) { GroupRepresentation rep = toRepresentation(group, full); List<GroupRepresentation> subGroups = new LinkedList<>(); for (GroupModel subGroup : group.getSubGroups()) { subGroups.add(toGroupHierarchy(subGroup, full)); } rep.setSubGroups(subGroups); return rep; }
@Override public String getParentId() { if (updated != null) return updated.getParentId(); return cached.getParentId(); }
/** * Checks whether the {@code targetRole} is contained in the given group or its parents * (if requested) * @param group Group to check role for * @param targetRole * @param checkParentGroup When {@code true}, also parent group is recursively checked for role * @return true if targetRole is in roles (directly or indirectly via composite role) */ public static boolean hasRoleFromGroup(GroupModel group, RoleModel targetRole, boolean checkParentGroup) { if (group.hasRole(targetRole)) return true; if (checkParentGroup) { GroupModel parent = group.getParent(); return parent != null && hasRoleFromGroup(parent, targetRole, true); } return false; }
@Override public void addTopLevelGroup(RealmModel realm, GroupModel subGroup) { subGroup.setParent(null); }
@Override public Set<RoleModel> getRoleMappings() { if (updated != null) return updated.getRoleMappings(); Set<RoleModel> roles = new HashSet<RoleModel>(); for (String id : cached.getRoleMappings()) { RoleModel roleById = keycloakSession.realms().getRoleById(id, realm); if (roleById == null) { // chance that role was removed, so just delegate to persistence and get user invalidated getDelegateForUpdate(); return updated.getRoleMappings(); } roles.add(roleById); } return roles; }