Package org.keycloak.authorization.store
Interface PermissionTicketStore
-
- All Known Implementing Classes:
JPAPermissionTicketStore
,MapPermissionTicketStore
,StoreFactoryCacheSession.PermissionTicketCache
public interface PermissionTicketStore
APermissionTicketStore
is responsible to manage the persistence ofPermissionTicket
instances.- Author:
- Pedro Igor
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description long
count(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes)
Returns count ofPermissionTicket
, filtered by the given attributes.PermissionTicket
create(ResourceServer resourceServer, Resource resource, Scope scope, String requester)
Creates a newPermissionTicket
instance.void
delete(RealmModel realm, String id)
Deletes a permission from the underlying persistence mechanism.List<PermissionTicket>
find(RealmModel realm, ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes, Integer firstResult, Integer maxResults)
Returns a list ofPermissionTicket
, filtered by the given attributes.PermissionTicket
findById(RealmModel realm, ResourceServer resourceServer, String id)
Returns aPermissionTicket
with the givenid
List<PermissionTicket>
findByResource(ResourceServer resourceServer, Resource resource)
Returns a list ofPermissionTicket
associated with theresource
.List<PermissionTicket>
findByScope(ResourceServer resourceServer, Scope scope)
Returns a list ofPermissionTicket
associated with thescope
.List<PermissionTicket>
findGranted(ResourceServer resourceServer, String userId)
Returns a list ofPermissionTicket
granted to the givenuserId
.List<PermissionTicket>
findGranted(ResourceServer resourceServer, String resourceName, String userId)
List<Resource>
findGrantedOwnerResources(RealmModel realm, String owner, Integer firstResult, Integer maxResults)
Returns a list ofResource
granted by the owner to other usersList<Resource>
findGrantedResources(RealmModel realm, String requester, String name, Integer firstResult, Integer maxResults)
Returns a list ofResource
granted to the givenrequester
-
-
-
Method Detail
-
count
long count(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes)
Returns count ofPermissionTicket
, filtered by the given attributes.- Parameters:
resourceServer
- the resource server. Cannot benull
.attributes
- permission tickets that do not match the attributes are not included with the count; possible filter options are given byPermissionTicket.FilterOption
- Returns:
- an integer indicating the amount of permission tickets
- Throws:
IllegalArgumentException
- when there is an unknown attribute in theattributes
map
-
create
PermissionTicket create(ResourceServer resourceServer, Resource resource, Scope scope, String requester)
Creates a newPermissionTicket
instance.- Parameters:
resourceServer
- the resource server to which this permission ticket belongs. Cannot benull
.resource
- resource. Cannot benull
.scope
- scope. Cannot benull
requester
- requester of the permission- Returns:
- a new instance of
PermissionTicket
-
delete
void delete(RealmModel realm, String id)
Deletes a permission from the underlying persistence mechanism.- Parameters:
realm
- realm. Cannot benull
.id
- the id of the policy to delete
-
findById
PermissionTicket findById(RealmModel realm, ResourceServer resourceServer, String id)
Returns aPermissionTicket
with the givenid
- Parameters:
realm
- the realm. Cannot benull
.resourceServer
- the resource server. Ignored ifnull
.id
- the identifier of the permission- Returns:
- a permission with the given identifier.
-
findByResource
List<PermissionTicket> findByResource(ResourceServer resourceServer, Resource resource)
Returns a list ofPermissionTicket
associated with theresource
.- Parameters:
resourceServer
- the resource server. Cannot benull
.resource
- the resource. Cannot benull
- Returns:
- a list of permissions associated with the given resource
-
findByScope
List<PermissionTicket> findByScope(ResourceServer resourceServer, Scope scope)
Returns a list ofPermissionTicket
associated with thescope
.- Parameters:
resourceServer
- the resource server. Cannot benull
.scope
- the scope. Cannot benull
.- Returns:
- a list of permissions associated with the given scopes
-
find
List<PermissionTicket> find(RealmModel realm, ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes, Integer firstResult, Integer maxResults)
Returns a list ofPermissionTicket
, filtered by the given attributes.- Parameters:
realm
- the realm. Cannot benull
.resourceServer
- a resource server that resulting tickets should belong to. Ignored ifnull
.attributes
- a map of keys and values to filter on; possible filter options are given byPermissionTicket.FilterOption
firstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a list of filtered and paginated permissions
- Throws:
IllegalArgumentException
- when there is an unknown attribute in theattributes
map
-
findGranted
List<PermissionTicket> findGranted(ResourceServer resourceServer, String userId)
Returns a list ofPermissionTicket
granted to the givenuserId
.- Parameters:
resourceServer
- the resource server. Cannot benull
userId
- the user id- Returns:
- a list of permissions granted for a particular user
-
findGranted
List<PermissionTicket> findGranted(ResourceServer resourceServer, String resourceName, String userId)
- Parameters:
resourceServer
- the resource server. Cannot benull
.resourceName
- the name of a resourceuserId
- the user id- Returns:
- a list of permissions granted for a particular user TODO: investigate a way how to replace resourceName with Resource class
-
findGrantedResources
List<Resource> findGrantedResources(RealmModel realm, String requester, String name, Integer firstResult, Integer maxResults)
Returns a list ofResource
granted to the givenrequester
- Parameters:
realm
- realm that is searched. Cannot benull
requester
- the requestername
- the keyword to query resources by name or null if any resourcefirstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a list of
Resource
granted to the givenrequester
-
findGrantedOwnerResources
List<Resource> findGrantedOwnerResources(RealmModel realm, String owner, Integer firstResult, Integer maxResults)
Returns a list ofResource
granted by the owner to other users- Parameters:
realm
-owner
- the ownerfirstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a list of
Resource
granted by the owner
-
-