Package org.keycloak.authorization.store

Interface PermissionTicketStore

All Known Implementing Classes:

JPAPermissionTicketStore, MapPermissionTicketStore, StoreFactoryCacheSession.PermissionTicketCache

public interface PermissionTicketStore

A PermissionTicketStore is responsible to manage the persistence of PermissionTicket instances.

Author:

Pedro Igor

Method Summary

Modifier and Type	Method	Description
long	count(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes)	Returns count of PermissionTicket, filtered by the given attributes.
PermissionTicket	create(ResourceServer resourceServer, Resource resource, Scope scope, String requester)	Creates a new PermissionTicket instance.
void	delete(RealmModel realm, String id)	Deletes a permission from the underlying persistence mechanism.
List<PermissionTicket>	find(RealmModel realm, ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes, Integer firstResult, Integer maxResults)	Returns a list of PermissionTicket, filtered by the given attributes.
PermissionTicket	findById(RealmModel realm, ResourceServer resourceServer, String id)	Returns a PermissionTicket with the given id
List<PermissionTicket>	findByResource(ResourceServer resourceServer, Resource resource)	Returns a list of PermissionTicket associated with the resource.
List<PermissionTicket>	findByScope(ResourceServer resourceServer, Scope scope)	Returns a list of PermissionTicket associated with the scope.
List<PermissionTicket>	findGranted(ResourceServer resourceServer, String userId)	Returns a list of PermissionTicket granted to the given userId.
List<PermissionTicket>	findGranted(ResourceServer resourceServer, String resourceName, String userId)	Returns a list of PermissionTicket with name equal to resourceName granted to the given userId.
List<Resource>	findGrantedOwnerResources(RealmModel realm, String owner, Integer firstResult, Integer maxResults)	Returns a list of Resource granted by the owner to other users
List<Resource>	findGrantedResources(RealmModel realm, String requester, String name, Integer firstResult, Integer maxResults)	Returns a list of Resource granted to the given requester

Method Detail

count

long count(ResourceServer resourceServer,
           Map<PermissionTicket.FilterOption,String> attributes)

Returns count of PermissionTicket, filtered by the given attributes.

Parameters:

resourceServer - the resource server. Cannot be null.

attributes - permission tickets that do not match the attributes are not included with the count; possible filter options are given by PermissionTicket.FilterOption

Returns:

an integer indicating the amount of permission tickets

Throws:

IllegalArgumentException - when there is an unknown attribute in the attributes map

create

PermissionTicket create(ResourceServer resourceServer,
                        Resource resource,
                        Scope scope,
                        String requester)

Creates a new PermissionTicket instance.

Parameters:

resourceServer - the resource server to which this permission ticket belongs. Cannot be null.

resource - resource. Cannot be null.

scope - scope. Cannot be null

requester - requester of the permission

Returns:

a new instance of PermissionTicket

delete

void delete(RealmModel realm,
            String id)

Deletes a permission from the underlying persistence mechanism.

Parameters:

realm - realm. Cannot be null.

id - the id of the policy to delete

findById

PermissionTicket findById(RealmModel realm,
                          ResourceServer resourceServer,
                          String id)

Returns a PermissionTicket with the given id

Parameters:

realm - the realm. Cannot be null.

resourceServer - the resource server. Ignored if null.

id - the identifier of the permission

Returns:

a permission with the given identifier.

findByResource

List<PermissionTicket> findByResource(ResourceServer resourceServer,
                                      Resource resource)

Returns a list of PermissionTicket associated with the resource.

Parameters:

resourceServer - the resource server. Cannot be null.

resource - the resource. Cannot be null

Returns:

a list of permissions associated with the given resource

findByScope

List<PermissionTicket> findByScope(ResourceServer resourceServer,
                                   Scope scope)

Returns a list of PermissionTicket associated with the scope.

Parameters:

resourceServer - the resource server. Cannot be null.

scope - the scope. Cannot be null.

Returns:

a list of permissions associated with the given scopes

find

List<PermissionTicket> find(RealmModel realm,
                            ResourceServer resourceServer,
                            Map<PermissionTicket.FilterOption,String> attributes,
                            Integer firstResult,
                            Integer maxResults)

Returns a list of PermissionTicket, filtered by the given attributes.

Parameters:

realm - the realm. Cannot be null.

resourceServer - a resource server that resulting tickets should belong to. Ignored if null.

attributes - a map of keys and values to filter on; possible filter options are given by PermissionTicket.FilterOption

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a list of filtered and paginated permissions

Throws:

IllegalArgumentException - when there is an unknown attribute in the attributes map

findGranted

List<PermissionTicket> findGranted(ResourceServer resourceServer,
                                   String userId)

Returns a list of PermissionTicket granted to the given userId.

Parameters:

resourceServer - the resource server. Cannot be null

userId - the user id

Returns:

a list of permissions granted for a particular user

findGranted

List<PermissionTicket> findGranted(ResourceServer resourceServer,
                                   String resourceName,
                                   String userId)

Returns a list of PermissionTicket with name equal to resourceName granted to the given userId.

Parameters:

resourceServer - the resource server. Cannot be null.

resourceName - the name of a resource

userId - the user id

Returns:

a list of permissions granted for a particular user TODO: investigate a way how to replace resourceName with Resource class

findGrantedResources

List<Resource> findGrantedResources(RealmModel realm,
                                    String requester,
                                    String name,
                                    Integer firstResult,
                                    Integer maxResults)

Returns a list of Resource granted to the given requester

Parameters:

realm - realm that is searched. Cannot be null

requester - the requester

name - the keyword to query resources by name or null if any resource

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a list of Resource granted to the given requester

findGrantedOwnerResources

List<Resource> findGrantedOwnerResources(RealmModel realm,
                                         String owner,
                                         Integer firstResult,
                                         Integer maxResults)

Returns a list of Resource granted by the owner to other users

Parameters:

realm -

owner - the owner

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a list of Resource granted by the owner