Package org.keycloak.services.resources.admin

Class RoleContainerResource

java.lang.Object

org.keycloak.services.resources.admin.RoleResource

org.keycloak.services.resources.admin.RoleContainerResource

public class RoleContainerResource
extends RoleResource

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field	Description
protected AdminPermissionEvaluator	auth
protected org.keycloak.models.RoleContainerModel	roleContainer

Constructor Summary

Constructors

Constructor	Description
RoleContainerResource(org.keycloak.models.KeycloakSession session, javax.ws.rs.core.UriInfo uriInfo, org.keycloak.models.RealmModel realm, AdminPermissionEvaluator auth, org.keycloak.models.RoleContainerModel roleContainer, AdminEventBuilder adminEvent)

Method Summary

Modifier and Type	Method	Description
void	addComposites(String roleName, List<org.keycloak.representations.idm.RoleRepresentation> roles)	Add a composite to the role
javax.ws.rs.core.Response	createRole(org.keycloak.representations.idm.RoleRepresentation rep)	Create a new role for the realm or client
void	deleteComposites(String roleName, List<org.keycloak.representations.idm.RoleRepresentation> roles)	Remove roles from the role's composite
void	deleteRole(String roleName)	Delete a role by name
Stream<org.keycloak.representations.idm.RoleRepresentation>	getClientRoleComposites(String roleName, String clientUuid)	Get client-level roles for the client that are in the role's composite
Stream<org.keycloak.representations.idm.GroupRepresentation>	getGroupsInRole(String roleName, Integer firstResult, Integer maxResults, boolean briefRepresentation)	Returns a stream of groups that have the specified role name
org.keycloak.representations.idm.ManagementPermissionReference	getManagementPermissions(String roleName)	Return object stating whether role Authorization permissions have been initialized or not and a reference
Stream<org.keycloak.representations.idm.RoleRepresentation>	getRealmRoleComposites(String roleName)	Get realm-level roles of the role's composite
org.keycloak.representations.idm.RoleRepresentation	getRole(String roleName)	Get a role by name
Stream<org.keycloak.representations.idm.RoleRepresentation>	getRoleComposites(String roleName)	Get composites of the role
Stream<org.keycloak.representations.idm.RoleRepresentation>	getRoles(String search, Integer firstResult, Integer maxResults, boolean briefRepresentation)	Get all roles for the realm or client
Stream<org.keycloak.representations.idm.UserRepresentation>	getUsersInRole(String roleName, Integer firstResult, Integer maxResults)	Returns a stream of users that have the specified role name.
org.keycloak.representations.idm.ManagementPermissionReference	setManagementPermissionsEnabled(String roleName, org.keycloak.representations.idm.ManagementPermissionReference ref)	Return object stating whether role Authorization permissions have been initialized or not and a reference
javax.ws.rs.core.Response	updateRole(String roleName, org.keycloak.representations.idm.RoleRepresentation rep)	Update a role by name

Methods inherited from class org.keycloak.services.resources.admin.RoleResource

addComposites, deleteComposites, deleteRole, getClientRoleComposites, getRealmRoleComposites, getRole, updateRole

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

auth

protected AdminPermissionEvaluator auth

roleContainer

protected org.keycloak.models.RoleContainerModel roleContainer

Constructor Detail

RoleContainerResource

public RoleContainerResource(org.keycloak.models.KeycloakSession session,
                             javax.ws.rs.core.UriInfo uriInfo,
                             org.keycloak.models.RealmModel realm,
                             AdminPermissionEvaluator auth,
                             org.keycloak.models.RoleContainerModel roleContainer,
                             AdminEventBuilder adminEvent)

Method Detail

getRoles

@GET
@Produces("application/json")
public Stream<org.keycloak.representations.idm.RoleRepresentation> getRoles(@QueryParam("search") @DefaultValue("")
                                                                            String search,
                                                                            @QueryParam("first")
                                                                            Integer firstResult,
                                                                            @QueryParam("max")
                                                                            Integer maxResults,
                                                                            @QueryParam("briefRepresentation") @DefaultValue("true")
                                                                            boolean briefRepresentation)

Get all roles for the realm or client

Returns:

createRole

@POST
@Consumes("application/json")
public javax.ws.rs.core.Response createRole(org.keycloak.representations.idm.RoleRepresentation rep)

Create a new role for the realm or client

Parameters:

rep -

Returns:

getRole

@Path("{role-name}")
@GET
@Produces("application/json")
public org.keycloak.representations.idm.RoleRepresentation getRole(@PathParam("role-name")
                                                                   String roleName)

Get a role by name

Parameters:

roleName - role's name (not id!)

Returns:

deleteRole

@Path("{role-name}")
@DELETE
public void deleteRole(@PathParam("role-name")
                       String roleName)

Delete a role by name

Parameters:

roleName - role's name (not id!)

updateRole

@Path("{role-name}")
@PUT
@Consumes("application/json")
public javax.ws.rs.core.Response updateRole(@PathParam("role-name")
                                            String roleName,
                                            org.keycloak.representations.idm.RoleRepresentation rep)

Update a role by name

Parameters:

roleName - role's name (not id!)

rep -

Returns:

addComposites

@Path("{role-name}/composites")
@POST
@Consumes("application/json")
public void addComposites(@PathParam("role-name")
                          String roleName,
                          List<org.keycloak.representations.idm.RoleRepresentation> roles)

Add a composite to the role

Parameters:

roleName - role's name (not id!)

roles -

getRoleComposites

@Path("{role-name}/composites")
@GET
@Produces("application/json")
public Stream<org.keycloak.representations.idm.RoleRepresentation> getRoleComposites(@PathParam("role-name")
                                                                                     String roleName)

Get composites of the role

Parameters:

roleName - role's name (not id!)

Returns:

getRealmRoleComposites

@Path("{role-name}/composites/realm")
@GET
@Produces("application/json")
public Stream<org.keycloak.representations.idm.RoleRepresentation> getRealmRoleComposites(@PathParam("role-name")
                                                                                          String roleName)

Get realm-level roles of the role's composite

Parameters:

roleName - role's name (not id!)

Returns:

getClientRoleComposites

@Path("{role-name}/composites/clients/{clientUuid}")
@GET
@Produces("application/json")
public Stream<org.keycloak.representations.idm.RoleRepresentation> getClientRoleComposites(@PathParam("role-name")
                                                                                           String roleName,
                                                                                           @PathParam("clientUuid")
                                                                                           String clientUuid)

Get client-level roles for the client that are in the role's composite

Parameters:

roleName - role's name (not id!)

clientUuid -

Returns:

deleteComposites

@Path("{role-name}/composites")
@DELETE
@Consumes("application/json")
public void deleteComposites(@PathParam("role-name")
                             String roleName,
                             List<org.keycloak.representations.idm.RoleRepresentation> roles)

Remove roles from the role's composite

Parameters:

roleName - role's name (not id!)

roles - roles to remove

getManagementPermissions

@Path("{role-name}/management/permissions")
@GET
@Produces("application/json")
public org.keycloak.representations.idm.ManagementPermissionReference getManagementPermissions(@PathParam("role-name")
                                                                                               String roleName)

Return object stating whether role Authorization permissions have been initialized or not and a reference

Parameters:

roleName -

Returns:

setManagementPermissionsEnabled

@Path("{role-name}/management/permissions")
@PUT
@Produces("application/json")
@Consumes("application/json")
public org.keycloak.representations.idm.ManagementPermissionReference setManagementPermissionsEnabled(@PathParam("role-name")
                                                                                                      String roleName,
                                                                                                      org.keycloak.representations.idm.ManagementPermissionReference ref)

Return object stating whether role Authorization permissions have been initialized or not and a reference

Parameters:

roleName -

Returns:

initialized manage permissions reference

getUsersInRole

@Path("{role-name}/users")
@GET
@Produces("application/json")
public Stream<org.keycloak.representations.idm.UserRepresentation> getUsersInRole(@PathParam("role-name")
                                                                                  String roleName,
                                                                                  @QueryParam("first")
                                                                                  Integer firstResult,
                                                                                  @QueryParam("max")
                                                                                  Integer maxResults)

Returns a stream of users that have the specified role name.

Parameters:

roleName - the role name.

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a non-empty Stream of users.

getGroupsInRole

@Path("{role-name}/groups")
@GET
@Produces("application/json")
public Stream<org.keycloak.representations.idm.GroupRepresentation> getGroupsInRole(@PathParam("role-name")
                                                                                    String roleName,
                                                                                    @QueryParam("first")
                                                                                    Integer firstResult,
                                                                                    @QueryParam("max")
                                                                                    Integer maxResults,
                                                                                    @QueryParam("briefRepresentation") @DefaultValue("true")
                                                                                    boolean briefRepresentation)

Returns a stream of groups that have the specified role name

Parameters:

roleName - the role name.

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

briefRepresentation - if false, return a full representation of the GroupRepresentation objects.

Returns:

a non-empty Stream of groups.