public static void createClientRoleMappings(ClientModel clientModel, UserModel user, List<String> roleNames) { if (user == null) { throw new RuntimeException("User not found"); } for (String roleName : roleNames) { RoleModel role = clientModel.getRole(roleName.trim()); if (role == null) { role = clientModel.addRole(roleName.trim()); } user.grantRole(role); } }
if (client.getRole(AdminRoles.CREATE_CLIENT) == null) { RoleModel role = client.addRole(AdminRoles.CREATE_CLIENT); role.setDescription("${role_" + AdminRoles.CREATE_CLIENT + "}"); if (client.getRole(AdminRoles.CREATE_CLIENT) == null) { RoleModel role = client.addRole(AdminRoles.CREATE_CLIENT); role.setDescription("${role_" + AdminRoles.CREATE_CLIENT + "}"); role.setScopeParamRequired(false); client.getRole(AdminRoles.REALM_ADMIN).addCompositeRole(role);
@Override public RoleModel getRole(String name) { if (updated != null) return updated.getRole(name); String id = cached.getRoles().get(name); if (id == null) return null; return cacheSession.getRoleById(id, cachedRealm); }
public static Set<RoleModel> getDefaultRoles(RealmModel realm) { Set<RoleModel> set = new HashSet<>(); for (String r : realm.getDefaultRoles()) { set.add(realm.getRole(r)); } for (ClientModel application : realm.getClients()) { for (String r : application.getDefaultRoles()) { set.add(application.getRole(r)); } } return set; } public static void addDefaultRoles(RealmModel realm, UserModel userModel) {
private void initRoles(KeycloakSession session) { LOG.debug("BeerResourceProviderFactory::initRoles"); ClientModel client; List<RealmModel> realms = session.realms().getRealms(); RealmManager manager = new RealmManager(session); for (RealmModel realm : realms) { client = realm.getMasterAdminClient(); if (client.getRole(ROLE_VIEW_BEER) == null && client.getRole(ROLE_MANAGE_BEER) == null) { addMasterAdminRoles(manager, realm); } if (!realm.getName().equals(Config.getAdminRealm())) { client = realm.getClientByClientId(manager.getRealmAdminClientId(realm)); if (client.getRole(ROLE_VIEW_BEER) == null && client.getRole(ROLE_MANAGE_BEER) == null) { addRealmAdminRoles(manager, realm); } } } }
public static void setupRealmRole(RealmModel realm) { if (realm.getName().equals(Config.getAdminRealm())) { return; } // don't need to do this for master realm String realmAdminApplicationClientId = Constants.REALM_MANAGEMENT_CLIENT_ID; ClientModel realmAdminApp = realm.getClientByClientId(realmAdminApplicationClientId); if (realmAdminApp.getRole(IMPERSONATION_ROLE) != null) return; RoleModel impersonationRole = realmAdminApp.addRole(IMPERSONATION_ROLE); impersonationRole.setDescription("${role_" + IMPERSONATION_ROLE + "}"); impersonationRole.setScopeParamRequired(false); RoleModel adminRole = realmAdminApp.getRole(AdminRoles.REALM_ADMIN); adminRole.addCompositeRole(impersonationRole); }
public static void createClientScopeMappings(RealmModel realm, ClientModel clientModel, List<ScopeMappingRepresentation> mappings) { for (ScopeMappingRepresentation mapping : mappings) { ClientModel client = realm.getClientByClientId(mapping.getClient()); if (client == null) { throw new RuntimeException("Unknown client specified in client scope mappings"); } for (String roleString : mapping.getRoles()) { RoleModel role = clientModel.getRole(roleString.trim()); if (role == null) { role = clientModel.addRole(roleString.trim()); } client.addScopeMapping(role); } } }
private void addRealmAdminRoles(RealmManager manager, RealmModel realm) { ClientModel client = realm.getClientByClientId(manager.getRealmAdminClientId(realm)); RoleModel admin = client.getRole(AdminRoles.REALM_ADMIN); addRoles(client, admin); }
public static RoleModel getRoleFromString(RealmModel realm, String roleName) { String[] parsedRole = parseRole(roleName); RoleModel role = null; if (parsedRole[0] == null) { role = realm.getRole(parsedRole[1]); } else { ClientModel client = realm.getClientByClientId(parsedRole[0]); if (client != null) { role = client.getRole(parsedRole[1]); } } return role; }
RoleModel role = client.getRole(roleName.trim()); if (role == null) { role = client.addRole(roleName.trim());
private static void addComposites(RoleModel role, RoleRepresentation roleRep, RealmModel realm) { if (roleRep.getComposites() == null) return; if (roleRep.getComposites().getRealm() != null) { for (String roleStr : roleRep.getComposites().getRealm()) { RoleModel realmRole = realm.getRole(roleStr); if (realmRole == null) throw new RuntimeException("Unable to find composite realm role: " + roleStr); role.addCompositeRole(realmRole); } } if (roleRep.getComposites().getClient() != null) { for (Map.Entry<String, List<String>> entry : roleRep.getComposites().getClient().entrySet()) { ClientModel client = realm.getClientByClientId(entry.getKey()); if (client == null) { throw new RuntimeException("App doesn't exist in role definitions: " + roleRep.getName()); } for (String roleStr : entry.getValue()) { RoleModel clientRole = client.getRole(roleStr); if (clientRole == null) throw new RuntimeException("Unable to find composite client role: " + roleStr); role.addCompositeRole(clientRole); } } } }
RoleModel clientRole = client2.getRole(clientRoleName); if (clientRole == null) { throw new RuntimeException("Unable to find client role referenced in consent mappings of user. Role name: " + clientRole + ", Client: " + clientId2);
RoleModel role = client.getRole(roleRep.getName()); addComposites(role, roleRep, realm);
public static void setupMasterRealmRole(RealmProvider model, RealmModel realm) { RealmModel adminRealm; RoleModel adminRole; if (realm.getName().equals(Config.getAdminRealm())) { adminRealm = realm; adminRole = realm.getRole(AdminRoles.ADMIN); } else { adminRealm = model.getRealmByName(Config.getAdminRealm()); adminRole = adminRealm.getRole(AdminRoles.ADMIN); } ClientModel realmAdminApp = adminRealm.getClientByClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(realm.getName())); if (realmAdminApp.getRole(IMPERSONATION_ROLE) != null) return; RoleModel impersonationRole = realmAdminApp.addRole(IMPERSONATION_ROLE); impersonationRole.setDescription("${role_" + IMPERSONATION_ROLE + "}"); impersonationRole.setScopeParamRequired(false); adminRole.addCompositeRole(impersonationRole); }
@Override public UserAdapter addUser(RealmModel realm, String id, String username, boolean addDefaultRoles, boolean addDefaultRequiredActions) { UserAdapter userModel = addUserEntity(realm, id, username.toLowerCase()); if (addDefaultRoles) { for (String r : realm.getDefaultRoles()) { userModel.grantRole(realm.getRole(r)); } for (ClientModel application : realm.getClients()) { for (String r : application.getDefaultRoles()) { userModel.grantRole(application.getRole(r)); } } for (GroupModel g : realm.getDefaultGroups()) { userModel.joinGroup(g); } } if (addDefaultRequiredActions) { for (RequiredActionProviderModel r : realm.getRequiredActionProviders()) { if (r.isEnabled() && r.isDefaultAction()) { userModel.addRequiredAction(r.getAlias()); } } } return userModel; }